The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Saturday, January 01, 2005

Big Fat Hairy Deal

HAPPY NEW YEAR!

Sunday, January 02, 2005

Rocket vehicles

This auction (found by Spring reminds me of The Rocket Car Legend, a long article about a “real life rocket car:”

I've been trying to figure out a way to put it into words, but the sight is almost impossible to describe. Think of this: You know what it looks like when you shoot a paper clip with a rubber band? One second the clip is between your fingers, and the next it's just … gone. You can't track it with your eyes, because it moves too fast. All you can do is hope to shift your eyes to where it was going, so you can see where it hits.

Think of the same thing happening with a 1500-pound car.

The Rocket Car Legend

I don't know of the story presented above is actually true or not (to me it rings true, but you never know). But this truck … sure, it's a truck cab stuck in front of a jet engine, but Does that mean it could actually work? Where's the air intake? Where's the fuel tanks? Jet engines aren't exactly known for their gas mileage. And as the article above points out, you are going to have a heck of a time controlling the vehicle and forget about brakes—they'll burn out long before you hit that mountain side.

Interesting auction though.

---

Cuts both ways

American multinational companies outsource manufacturing to China. Why can't a Chinese company outsource management to the United States?

Via Mises Economic Blog, Chinese Buyer of PC Unit Is Moving to I.B.M.'s Hometown

Now this is a twist—China outsourcing to us, and what they're outsourcing is interesting—management! I've often heard jokes about US companies to outsource CEOs as a way to cut costs, but here we have a Chinese company that's outsourcing their CEO operations to us.

I'm not sure what to make of this. Ironic, in a way sure.

So does this doom us as a country of middle to high management?

Monday, January 03, 2005

No, no, I told you to set the alarm clock!

Ah, nothing like waking up to the sounds of the house alarm going off.

I don't think I ever mentioned the house alarm here at the Facility in the Middle of Nowhere, but we have one. And from what I understood, it was inactive (but for some extra money a month it could be, maybe—never really looked into it). But here it was, this morning, going off like a banshee.

Spring called up The Office to no avail—they didn't know anything about the alarm and were amazed that we had one.

Yes, we have one. A loud one. One that won't shut up.

After a continuous twenty minutes, it finally shut up.

Tuesday, January 04, 2005

No, no, the alarm clock! The alarm clock!

Ah, nothing like waking up to the sound of a cell phone call at 8:00 am (and when one normally gets up at 11:00 am—this would be like getting a call at 4:00 in the morning).

It wasn't unexpected, but it was definitely unwelcome.

See, one of the projects I'm working on at work is “Project White Elephant” (customer's name, not ours!†) a long and involved project where we're somewhat, but not entirely, involved with the day to day operations of a particular site. Communications involve a form of the telephone game, mostly through email (and occasional phone call)—need I say that what is actually wanted is not what is often asked for.

Much fun.

This morning's call started with events going back a week or so. The customer, MB, has a few old servers that are being decomissioned and donated to a university somewhere in Outer Mongolia. But before being shipped off MB wanted to ensure that any customer data (read: porn, and a lot of it, along with some other accounts and websites) be “scrubbed.”

I was picked to do the “scrubbing.” Not something that is terribly hard on a Unix-like system, provided one has the login information to the administration account on said systems. I sent emails last week asking for such information but had not heard back yet.

Until yesterday—when I learned that the machines in question were being turned off this morning and had to be scrubbed by that time.

I had yet to receive the login information. Heck, I had yet to receive a list of servers to log into!

Seven hours of emails and phone calls and I still couldn't log into all the requested machines to “scrub” them. I was able to gain access to one of the servers and “scrub” it, but not the other … unknown quanity of machines (yes, where were questions as to the exact count of machines being shipped). It wasn't until around 11:00 pm yesterday that I got the information required to scrub the other machines.

Except one.

I could not get into that machine remotely.

So, around 8:00 am or so I get the expected call from the person physically powering off the machines and packing them. I then had to walk this person through “scrubbing” the machine—someone unfamiliar with a Unix-like operating system.

Fortunately, he took directions quite well.

But man, am I tired right now.

Wednesday, January 05, 2005

It lured me in

Sigh.

I should know better than to walk into a bookstore with a wallet full of money.

Especially a really good used/new book store near a college campus.

Fortunately for my wallet, I went after work, giving me less than an hour before the store closed. That tends to limit the amount of monetary damage that I can sustain.

But since the place does sell used books, there are some good deals to be had if you don't mind digging, and I don't mind digging. One of the books I picked up (used) was The Connection Machine by Danny Hillis, creator of the massively parallel computer from the mid-80s. Sure, the architecture is twenty years old and the company that made it, Thinking Machines Corporation, is now defunct, but just wait, another few years and you'll start seeing the home computer become more and more parallel. It's a common theme in Computer Science—stuff done two or three decades past in super computers works its way to the home computer (multitasking? 60s. GUIs? 70s. Networks? 80s. Microsoft just repackages these things as “innovations”).

And speaking of architecture, I also picked up Norm Abram's New House by Norm Abram, and House-Dreams by Hugh Howard, fueling my interest in building architecture of the more homely type. I've had this interest in architecture for some time now, and back when we had cable HGTV was one of the regular stops on the TV dial (hey, they were used books! They were cheap!).

Fortunately for me, the store was closing so I only ended up with those three books.

Now only if I can avoid going by there tomorrow evening …

Friday, January 07, 2005

Help! I'm drowning in a sea of control panels

I'm up to my eyeballs in control panels.

I'm going to have to create pseudonyms for these just to keep them straight while taking about them here.

The control panel we use here, Insipid, I've gone on and on about. “Project White Elephant” (which, as a pseudonym, is really apt) uses Blech which has the misfortune of being available for both Unix and Windows.

I've just been insructed to install Badminton on the “Project White Elephant” systems. In addition to keeping Blech on those system.

Yes, there is method to this madness, although the method itself is madness.

Blech supports Bind 9x. Only Bind 9x does not (yet) support the rrset-order option of Bind 8x. “Project White Elephant” needs the rrset-order option, so we need to use Bind 8x, which Blech currently doesn't support (Blech provides custom compiled versions of services, so of course you can't just upgrade (or downgrade) independantly of the control panel—sigh). But apparently there's no plan to convert entirely over to Badminton (not to mention it would probably be a horribly painful process) so for this one service, we're installing another whole control panel on the systems.

Madness I say! Madness!

But then again, this is “Project White Elephant.”

Sigh.

Saturday, January 08, 2005

Happy Birthday Milton Supman

Today is Soupy Sales' 79^th birthday.

Happy Birthday Soupy!

Oddly enough, although I like his work, I'm too young to have ever seen his children's show live, and his asking kids to send him little green pieces of paper from their parents' wallets was several years before my time.

And for some odd reason, I find this joke he never told to be really funny:

What starts with “F” and ends with ”UCK?”

A “firetruck.”

---

We have a winner!

Wow!

I won!

Okay, it wasn't the iPod, but either a $20 iTunes gift card or a $20 Amazon gift card, my choice. Wasn't hard—since I still don't have an iPod, I decided to go with the Amazon gift card. But I still have a chance of winning an iPod though.

Now, only if I had something, you know, to auction off …

Sunday, January 09, 2005

“Hi! I'm Charley Foxtrot!”

Between control panels and “Project White Elephant” it may appear that my new job sucks.

It doesn't really. Aside from the control panels and “Project White Elephant” the job is quite easy really, and gives me time to do my own thing.

But like my other job (managing several servers) when it sucks it sucks.

I'm spending this fine Sunday evening dealing with the current lunacy that is “Project White Elephant.” The particular lunancy I'm talking about would probably be helped with UCARP but sadly, not only do we not have the time to get this installed and tested, but we (myself and C) are not in full control of the project (there's apparently a third name server that's running Bind 9x which is causing all sorts of fun) so we're stuck with the current solution.

Blah.

---

More Server Madness

This site contains information relating to the development of Linux kernel-based virtual servers running on a single piece of hardware. This particular virtual server model is implemented through a combination of “security contexts”, segmented routing, chroot, extended quotas and some other standard tools.

Linux-VServer

Mark sent me that link, saying it could help with some of the control panel madness around here and even allow C to sell a virtual server for the more advanced customers (instead of a dedicated host) I don't think it will really solve the problems I have with the control panels.

I don't want to use the control panels.

But our customers do.

Generally, C only uses Insipid for his control panels, and it's not like the customers are clamoring to use other ones like Blech or Badminton—Insipid works well enough for them (and if they are advanced enough to want something else, they're advanced enough for a dedicated server).

“Project White Elephant” is the anomaly here, running both Blech and Badminton. It's running Blech because you can get support up the wazoo, and Badminton only because the other admin working on the project can't configure DNS using the command line (okay, there's also the issue that Blech comes with Bind 9x, and there's a feature we need that's only available for Bind 8x but that's another rant).

Using a virtual server won't really fix that problem.

It's a nice idea though (and yes, I will keep this link in mind for the future).

Monday, January 10, 2005

Composites and annotations

I came across these photos (via lemonodor) and little did I realize that there's a whole Flickr community devoted to such “composite photos” (well, maybe “community” is too strong a word here—more like a group of people who tag such work with “composite”).

Reminds me of the one I did.

Another interesting feature of Flickr is the annotations one can add, although it's done through Flash. Surely, I thought, there must be a way to do that through CSS and maybe some Javascript. So last night (well, technically this morning) I played around a bit. Yes there is a way, I thought. And I need to stop calling myself Shirly.

It's not perfect, but as a “proof-of-concept” it's not bad.

---

Boston Diaries 2004 Year End Mash-up

Take the first sentence of the first entry of each month in 2004 and smoosh them into a paragraph to see what you get.

Spring Dew: 2004 in a Paragraph

Sure it's silly. But hey, why not? Sounds like the results could be interesting, so here goes—the first ever, the Boston Diaries 2004 Year End Mash-up:

And I feel fine. I am so far behind on entries it's not even funny. For any of this to make any sense, I have to explain my current job situation. Yes, I haven't updated here in a while. Yet more Internet outtages this week. You may notice the ad at the top of my sidebar to the left (and if you are reading this not on my site—now you have a reason to stop by). Through Spring's church, we obtained tickets to a minor- league baseball game at Roger Dean Stadium, which is located at the north campus of FAU. Remember kids, never swallow liquid nitrogen! When Mom and I moved down here in 1979, we were immediately greeted with the spectacle of Hurricane David bearing down on us. This is incredible news and I wish the scientists luck in applying this to humans. And thus it starts: National Novel Writing Month. It's been over a year, and we're still not quite there with the “virtual gaming table” that Bob wants.

Now, I had to take some liberties—for instance, some of the entries the first literal sentance was from something I quoted, so I opted instead of grab the first sentance I wrote (which gives us the wonderful “Remember kids, never swallow liquid nitrogen!”), which, I think, is more in the spirit of what was intended, if not the letter.

Although, if you are curious enough to see what this would read if you pulled the first literal sentance, be my guest …

Tuesday, January 11, 2005

today

All I have to say about today is: “Project White Elephant” and South Florida drivers.

Oh, and homework for tonight (for “Project White Elephant”) is to learn qmail, which is unlike any other Unix MTA out there.

Sigh.

Wednesday, January 12, 2005

Dumbfounded

From: [some customer]
To: [support at The Company]

http://www.XXXXXXXXXXX/subscribe.html

I tested this page with my own email address and did not do what it's suppose to do. Please check.

That's it. No indication of what it's supposed to do or what was wrong with it, just that this random script on this site didn't work. At least I got a link to the script in question.

From: [support at The Company]
To: [some customer]

What is it supposed to do, and what did it actually do?

From: [some customer]
To: [support at The Company]

Anyone who wanted to get on our mailing list could enter their email address on that webpage. Anytime we update our webpage, the people on the mailing list are supposed to be notified via email automatically.

Okay, so I now know what it's supposed to do, but not what it actually does right now. I took an educated guess:

From: [support at The Company]
To: [some customer]

So it's not mailing out notifications when the website is modified? Was it working at one point?

From: [some customer]
To: [support at The Company]

Yes, it was.

Yes, it's not mailing out notifications or yes, it was working at one point? I assumed “yes” to both questions, then checked the page listed:

<form method="post" action="/cgi-bin/cgiemail/mail_list.txt">

Basically, it's trying to run a text file as the script. I then checked /cgi-bin/cgiemail/mail_list.txt and it didn't exist. Oh, there was a mail_list.txt file, but it wasn't in the /cgi-bin directory, nor was it a script, but a literal text file.

Sigh.

I suppose I could have avoided the little back-and-forth there had I immediately checked into this, but I just hate being told, “It's broke, fix it.” What's broken? Where? What is it supposed to do?

There was some more back and forth clarifying a few issues (“no, you cannot execute a text file”) and this is where we currently stand:

From: [some customer]
To: [support at The Company]

Unfortunately, the one who originally built the website left our office. There's got to be a way to make it work. During the past year or so our ftp folders with you changed several times. Somehow the subscribe webpage got affected. Is there anything you can do on your end to fix it?

It's now a contest to see what's harder, my forehead, or the desk.

---

Oh, so that's why the mail server blew up

Backing Up and Restoring Your Mail Queue

The bad news about backing up and restoring your mail queue in /var/qmail/queue is that it's nearly impossible.

qmail by John R. Levine

So, looks what what we were attempting to do for “Project White Elephant” can't work.

So far, I think the desk is winning.

Friday, January 14, 2005

Pressure

I do not handle stress well.

Wednesday was bad.

Yesterday wasn't that bad, but I fell asleep almost immediately upon coming home, and still managed to get up late.

Today is bad.

As if osCommerce wasn't bad enough (that site … how can anybody use that site? It's the most horribly designed site I've come across) I now get to debug the Dansie Shopping Cart.

Woot!

Only 102 warnings when run with /usr/bin/perl -w (and since perl spits out those warnings when the script runs, it confuses Apache).

Running it without the warnings option gives me:

": No such file or directory

I also like this bit:

 # May not be used without purchasing a license. Do not attempt to run this
 # script on a site other than which it was licensed for.
 # Modification of this script other than:
 # 1. Adjusting the perl path in the first line above.
 # 2. Or setting the $vars variable below.
 # May void your right to technical support and subject you to legal action.

And the customer is upset because she paid for this and she doesn't understand it worked on four other servers and why can't I fix it and … and … and … and …

According to this, I can't debug their 4,000 line script (technically, it was one line; all the formatting had been removed to protect the guilty) without subjecting her to possible legal liability and voiding her warrentee.

The conversation went downhill from there.

The upshot: the customer doesn't care—she wants it working.

So I get the job of debugging some wonderful perl code.

---

I'm ready to run screaming towards the hills

I'm attempting to debug the shopping cart from hell. I finally got rid of the warnings, and the script is generating the following:

Set-Cookie: shopper_id=91548; path=/;
Content-type: text/html

<HTML> …

But Apache still doesnt' like it. I poke around and fine a test.pl script:

#!/usr/bin/perl

print "Hello world\n";

Okay. I can build on this, adding stuff to see what Apache might be complaing about. I run this script from the command line and get “: bad interpreter: No such file or directory”.

Excuse me?

# which perl
/usr/bin/perl
# more test.pl
#!/usr/bin/perl

print "Hello world\n";

Huh?

I write my own version of this:

#!/usr/bin/perl

print "Hello world\n";

And it worked.

Me: 0. Desk 2:

Okay, probably some invisible character in test.pl that's giving the perl interpreter fits. Delete #!/usr/bin/perl and retype it.

: bad interpreter: No such file or directory

Me: 0. Desk 3:

Much mucking around later (and remember, this is a side trek from what I'm supposed to be doing—debugging some comercial perl script) I find out that not only is test.pl in the Microsoft text format, but that the version of vi (vi!) I'm using is “smart” enough to deal with the Microsoft text format and keep the file in that format!

Me: 0. Desk 4:

XXXX this, I'm going home.

---

I ran screaming towards the hills, only I didn't get so far

I should have stayed at work.

Weather wise it was a horrible day—raining and cold. The roads were slick and by the time I left the office, it was dark outside. And along Yamato Road, between Congress and I-95 is an infamous railroad crossing. As I was approaching the crossing guards decided to come down a second time, thus causing me to stop short, least the car get smacked across the top.

Only I got smacked across the rear by the person behind me.

I wasn't in a good mood to begin with; this certainly didn't help matters any.

After collecting my dark thoughts, and making a few calls to let some friends know I might either be late, or not arrive at all (it was, after all, the weekly D&D game) depending upon how things went.

Lake Lumina, being the large American car that it is, suffered no ill effects (except for the license plate, which now has a noticible dent in it). The car that hit me … well … it was hard to tell how much damage it received since it was pretty much beat up to begin with. The other driver and I discussed things for a bit and it was decided that there was no real reason to call the cops.

All things considered, it could have been worse.

The D&D game was a wash, but lately, it's been a wash every session, but since I rarely pay attention to it anyway, it was a nice way to relax (without the clamour of kids).

Saturday, January 15, 2005

And even in the hills, I can't escape

Never did figure out why the Dansie Shopping Cart doesn't like our server.

C called today (during dinner in fact) asking if I had gotten anywhere with it. After yesterday I didn't care to get anywhere close to a computer (in fact, dinner consisted of Thai curry, whereas everybody else went with the squid eyeball sushi—sigh) but once home from dinner, I started looking into the problem a bit more.

After a few hours, I called Blech tech support to figure out why the simple perl-based CGI script wouldn't work.

After a few more hours, I found out some things:

1. CGI scripts have to be owned by the account owner and group, not by root or any other user. I was unaware that Blech used the suexec option of Apache—an option I've never used before.
2. The Blech tech support call center is not in India, but in Russia, some twelve hours away.
3. Neither I nor the Russian tech support could get the Dansie Shopping Cart to run under Bleck. I suspect that it runs under an older version of perl and/or an older version of Apache.

Guess that means the customer will have to switch shopping carts.

Wheee!

Sunday, January 16, 2005

Nope, still can't escape

The server this site is hosted on went down.

Again.

It wasn't that unexpected (it went down twice unexpectedly), but it could have picked some other time than 11:00 am on a Sunday to go down.

Oh wait—Murphy's Law Finagle's Law.

Anyway, preparations where made for such an emergency (after the last debacle) and the transition of sites to a new server went, for the most part, smoothly. Started the backup. Went back to sleep for an hour. Checked, went back to sleep for another half hour. Sites finally restored on the other server, schlep over the configurations and everything was pretty much up and running.

A small digression. On each server, I have the Apache configuration file broken up into pieces, which are then patched together to make the final configuration file—there's a section for the base configuration, another section listing the IP addresses and then sections for websites and websites with a secure certificate. I just had to patch these pieces into the configuration file on the other server.

The only small problem were a few scripts that had some very old paths hardcoded in that had to be modified (could have been fixed with a symlink, but that would have broken about a hundred other sites that used said symlink to work—but it was only about six sites that needed fixing).

Now we just need to retrieve the server and see what failed (I'm guessing the harddrive, given how it was serving up webpages quite slow, yet there was no load and the network was not saturated at all).

I'm hoping tomorrow is quiet.

Monday, January 17, 2005

Koyaanisqatsi

Today was quiet.

It was sunny and cool; a very nice day today.

We lost the client with the troublesome shopping cart, but those things happen (on the bright side, we don't have to deal with the Dansie Shopping Cart).

And now to go watch Koyaanisqatsi.

Tuesday, January 18, 2005

An 88 minute New Age Music video

In the mid-80s I remember watching Siskel and Ebert review Koyannisqatsi and each giving it a good recomendation (their trademark “thumbs up/thumbs down” started a few years later). The clip they showed looked intriguing but it wasn't until about five or six years later in college that I got to see the film.

Or rather I somewhat saw it.

My friend Bill and I were taking Music Appreciation at FAU and towards the end of the semester the instructor had us watch “Koyaanisqatsi” because the score was done by Philip Glass. Now, it's hard to say if it was the actual film itself or the setting, but I certainly don't remember much of the film as I fell asleep. I think the entire class, with the execption of the instructor, fell asleep watching the film. The Philip Glass score is … mellowing (for lack of a better term). New Age moderism on steroids.

Fast forward over ten years. Spring has signed up for Netflix and given access to her account, I slipped it into the queue. Why not give it another try? It had arrived the other day and was sitting on my desk waiting to be watched (primarily by me alone—Spring wasn't sure of the viability of this film).

It's hard to say what the film is about, other than contrasting the structures of man and nature, along with the droning Philip Glass score. But this time (perhaps frame of mind, perhaps setting) I was able to sit through the 88 minute film without once falling asleep. It's visually stunning with some inovative camera work, although at times it does seem to flow slower than 2001: A Space Odyssey. And certainly not everyone's cup of tea.

Not by a long shot.

Although the previews for the sequels, Powaqqatsi and Naqoyqatsi were enough to get Spring interested in seeing those.

Wednesday, January 19, 2005

It's hard to be politically correct when the world starts to look like “Monty Python's flying Circus.”

It isn't that any US oil company would say “no” to Iraq contracts if the situation shaped up there and contracts came their way. But Iraq is a mess right now, and is there is no security—political, legal or physical—to guarantee a return on a multi- billion dollar investment. It's unlikely that any of these companies asked for this invasion because they all prize stability—the stability of contractual arrangements, of a regular return on capital, of not getting their employees killed and their equipment blown up—above nearly anything else. Even the stability guaranteed by very nasty governments. Dealing with the “devil,” whatever headgear it wears, is pretty common in the oil business.

But there is an oil component to the invasion and occupation, and I believe it is this: the United States, through invading and occupying a nation with significant oil reserves, would show the world especially the up-and-coming consuming nations of China and India—that in the event that push comes to shove, and this resource gets scarce, Americans come first.

The Myth of “Peak Oil”

A very interesting article on oil production and the predicted “oil peak,” which is that peak oil production after which it's all downhill, may be a myth after all. There are differing types of crude oil—some are easier to obtain gasoline from (and when you hear the price of a barrel of oil quoted, it's that type of oil—the most expensive, sought after type) than others (which are cheaper by barrel, but more expensive to extract gasoline from).

It also goes into some details about oil refinery and NIMBYism of the US that I was unaware of:

Recently, Aramco offered to build and pay for two brand new refineries in the US to help meet that demand on the condition that someone else obtain all the necessary environmental permits first or that the federal, state and local governments involved fast-track the process and protect it from legal challenges. It was a generous, unrealizable, and extremely cynical, offer.

The Myth of “Peak Oil”

But this bit (funny in and of itself):

(Does anyone remember how funny it was 20 years ago when we all learned that Cuban soldiers fighting on behalf of the Marxist government of Angola were guarding the Chevron concession—the concession that earned Angola the hard currency to pay for those troops?)

The Myth of “Peak Oil”

Reminded me that I have a similar bit in my personal quotes file:

A few years ago the left-wing government of Angola employed Cuban troops to defend US oil refineries against a Maoist revolutionary supported by the Reagan Administration. It's hard to be politically correct when the world starts to look like “Monty Python's flying Circus.”

R. Shweder, NYT, 9/27/93

So that was Chevron! How about that.

Anyway, I'm bullish on energy futures and the resourcefulness (or despiration, take your pick) of us humans. I for one would like to see nuclear energy used more here (the pebble bed reactor design is quite safe actually) with less dependance on oil for energy production.

---

This is different

I've never hid the fact that I have an online journal (or blog—I'm not entirely sure of the difference myself) but I've never really gone out of my way to announce it at work, given some of the stories I've read about (even Mark was affected by a previous job—that's why he no longer blogs).

“Sean,” C, my boss, said, “about your blog … ”

Uh oh, I thought.

“Could you change my pseudonym?”

“Excuse me?”

“I don't want to be known as simply ‘C,’” said C. “I'd rather you use ‘Smirk.’”

“Oh.” Certainly wasn't expecting that. “Okay.”

“Great,” said Smirk. “Keep up the good work.”

---

“Speaker of the House recognizes the Senator from Disney”

Congress extended copyright an additional twenty-five hundred years. Spike Greenbaum owed every dollar she had made to Israel, because St. Jerome's translation was based on Hebrew sacred texts. To use the Bible, all Catholics became Jewish, and Disney bought the rights to the Iliad and the Odyssey.

And everyone was content, except for the storytellers who had to buy a Disney license or prove that their work did not owe anything to any story that had ever been part of human civilization.

Via isen.blog, The People Who Owned the Bible

As I was leaving for work yesterday, Smirk asked if I still had the Electric King James Bible up and running. “Yes,” I said. “but the server crashed and I had yet to install mod_litbook on the backup server.”

Talk then turned towards having other translations available, and I said that yes, I wanted to have multiple versions, but I've yet to come across another translation that was in the public domain. Talk then turned towards intellectual property issues in general, and copyright in specifics and how things are going crazy here.

To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;

The Constitution of the United States, Article I, Section 8, clause 8

“Limited time.” Yeah, that's a good one.

And if things keep going they way they are, this little story might just end up being true.

I personally wouldn't mind seeing copyright terms being the original 14 years, plus an optional 14 year extension (and if that was the case today, my humor column would now be in the public domain instead of the pseudo- copyright-limbo that it's in right now) but short of the total collapse of Disney I don't see that happening any time soon.

---

“Meet the new boss, same as the old boss”

After writing my last entry I was curious to see if FAU still had a school newspaper. The one I wrote for, the Atlantic Sun, imploded due to a scandal involving funding from the Student Government—basically, the administration became critical of the solely run student newspaper and forced it from campus; the Student Government then turned around and gave the equipment (which belonged to FAU) and lots of money (which belonged to FAU or the students, depending on who you believe) to the former editorial staff so they could open up an student run newspaper off campus. There was a lot of controversey whether the Student Government had the right to do that.

This was also around the time that the Student Government nearly imploded—the Student President resigned under somewhat suspicious activities along with the Student Senate Speaker. Then the Judial Branch declared the recently held elections invalid which prompted the Sentate to start impeachment proceedings against all the Justices. So if the election was held to be invalid and the Justices were all impeached, then the Student Government would have ended up being a Vice President (who would have been the President at that point), three Senators and no Judical Branch at all.

Well, it's over ten years later, and I see nothing much has changed except for the name of the newspaper.

Thursday, January 20, 2005

All that's left is the name

My friend Gregory sent a link to an aerial view of Andytown, Florida. Andytown doesn't exist anymore, having been demolished to make way for a hyperspace bypass highway back in 1979, but it's amusing to think that you can still locate it on Terraserver.

Friday, January 21, 2005

The squealing fanboy in me

As a kid, my absolute favorite comic book was “Uncle Scrooge” (although I read a slew of others, like “Donald Duck,” “Bugs Bunny” or even the occasional “Richie Rich”) but for some reason some issues just weren't that great. I couldn't exactly pin down why some of the issues were lackluster but just a quick glance through a comic and I could just tell, by look, if it was worth buying or not. The artwork alone was clue enough if a particular issue of “Uncle Scrooge” was worth it or not—if the artwork was good, then the story was good too.

Now, what my 36 year old self knows that my 9 year old self didn't know, is that the “good” issues (and therefore why “Uncle Scrooge” is my favorite comic book) were all done by Carl Barks.

I just love his work.

But the thought never occured to me that “Uncle Scrooge” would be available through Amazon. That is, until I read InstaPundit.

Oh, now this is exciting.

Well, at least to me, Scrooge fanboy that I am (and I'm amazed that I haven't written more about Uncle Scrooge or Carl Barks).

---

Notes on a conversation between myself and my Boss who understands blogs and won't fire me

“Ah, come on Sean, you know you like Frontpage.”

“Okay Smirk, what drugs are you on and can I get some?”

“If I give you some, will you take them?”

“Oh sure. I'll take them; down to the corner to sell them.”

“To me?”

“Yeah, I'll take your drugs and sell them back to you.”

“You're going to blog this, right?”

“Of course.”

Monday, January 24, 2005

Thirty-plus inches

Way back in mid 1999, I had a job prospect up in Boston—a contract job for six months or so and I figured that if I got the job, I would maintain a journal so I could keep my friends (and family) up to date. The name I came up with was, obviously enough, “The Boston Diaries.”

Only I didn't get the job.

But I liked the name, even though I never cared for Boston the few times I've been there (and each time was in late November—yeah, I sure picked the right season to visit Boston).

And it's pictures like these that make me glad I'm not living there.

Thirty-plus inches.

Brrrrrrrr

Wednesday, January 26, 2005

Six Degrees of Flickr

Wait. Let me get this straight.

A guy from Scotland goes 5490 miles to Tokyo and takes a picture of a girl taking a picture. She turns out to be from England, 413 miles away from him.

Impressive, but not all that weird.

UNTIL!

He posts the picture he took on a Website (in Canada, irrelevantly) and within 6 weeks the girl in the photo finds it?

That is truly amazing. I am deeply impressed. Any one care to calculate the odds?

Via Jason Kottke, Harajuku on Flickr

This is mostly for Spring, who's such a big fan of Flickr.

---

Frontline on the Internet

Another link, again mostly for Spring but others may find this of interest as well, Frontline has several episodes available for viewing online (link via Jason Kottke).

Thursday, January 27, 2005

The Chili Incident

I made a lot of chili tonight.

As I was assembling the ingredients it became apparent that with the amount of stuff I was using that my largest pot wasn't going to hold everything. Or if it did it would be right up to the brim, threatening to overflow once the heat hit it.

So I brought in my second largest pot and split the ingredients between the two pots.

Did I mention it was a lot of chili?

So, several hours later the two pots of chili are cool enough to refridgerate. I open the refridgerator and start clearing space on the bottom shelf to hold two large pots of chili. It was then that I started playing Sokoban with the contents of the bottom shelf. It wasn't working until I figured that I could take the large industrial size jar of ketchup and move it up a few shelves. One pot of chili was wedged in the back, and the other one was mostly sitting on the bottom shelf next to it.

Only it wasn't sitting far enough back.

As I was moving the ketchup jar up, the one large pot of chili started listing towards me, and downward towards the kitchen floor.

Usually, such events have the appearance of happening r-e-a-l s-l-o-w-l-y when in reality they take like5microsecondsandbam! Only the pot of chili didn't take like5microsecondsandbam!—it fell r-e-a-l s-l-o-w-l-y, first into my lap (as I was crouched down in front of the refridgerator playing Sokoban, remember?) then fell r-e-a-l s-l-o-w-l-y, turning such that the lid was now facing my stomache and I watched in horror as r-e-a-l s-l-o-w-l-y the pot puked half its contents over me and the kitchen floor before I could stop it.

On the bright side, I now had enough chili to fit into a single pot.

Friday, January 28, 2005

So long to the Facility in the Middle of Nowhere

I am amazed.

I am amazed that Spring was able to pull this off—finding a house and getting a mortgage in under a month.

She signed today.

We have housage.

The middle of next month we're moving in to Casa New Jersey (I originally called it “New Jersey House” partly as a joke, but Spring liked the name so it stuck).

Finally, we get to leave the bees and the fire prone water heater behind …

Monday, January 31, 2005

A thus a month closes

After Friday's craziness (which wasn't all that crazy really), the weekend was pretty quiet, mostly spent sleeping and relaxing (well, except The Kids). I did a bit of work on a project (although not the one I should be working on alas, but a neat diversion). And today at work was pretty calm too. No control panels or crazy customer requests to deal with.

It was after I got home that things were rough (sigh).

Thankfully the house is now quiet.

Tuesday, February 01, 2005

Identity, Authentication and Trust

I'm reading about LID (first at Burningbird, then on Flutterby) and while a decentalized lightweight identification (with authentication and trust) system seems like a nice idea it comes across as being a bit clunky in actual implementation.

First, there is identity. Second, there is authentication. Third is trust. They're related, but not the same.

My identity is me. For instance:

• Name:
  • First: Sean
  • Middle: Patrick
  • Last: Conner
• Email: sean@conman.org
• URL: http://www.conman.org/people/spc/
• Public Key: 0123456789ABCDEF…
• Address:
  • Living:
    • Street: 123 Main St. #9
    • City: Boca Raton
    • State: Florida
    • ZIP: 33431
    • Country: US
  • Billing:
    • Street: 123 Main St. #9
    • City: Coral Springs
    • State: Florida
    • ZIP: 33065
    • Country: US
  • Shipping: (same as billing)
• Telephone:
  • Home: 555-555-1212
  • Cell: 555-555-1213
  • Work: 555-555-2121
• Credit Card:
  • Type: ACME
  • Number: 1234567890
  • Expiration: 12/09

Basic information about me that websites typically are interested in (but not all websites want all this information about me). This is the type of information that could be stored in the browser and if a website wants any of it, it can query the browser for it (of course, I can configure the webbrowser to, say, always serve up my name, URL and email address, but ask me if a website wants anything more, like shipping address or credit card number). But LID (and most other digital identity schemes) always place this data on a server somewhere. While LID is decentralized (I can run my own LID server) it's still information that needs to be protected on a server. I personally would feel a bit better if such personal information were “closer” to me, like on the computer I'm sitting in front of. Then again … having this information on a server elsewhere means I can use reference it (use it) from any computer I happen to be using (say, one at a library).

My authentication is something that others bestow on my identity. If I want to post to Slashdot (for instance) I have to present my identity (or only that portion of my identity that Slashdot actually needs) and they have to check to see if I'm allowed. Nothing outrageous here, but I still have to be checked out by each site I'm interested in, like kuro5hin, Techdirt, Flutterby and others, but once credentialed by each site, I can then use it without having to remember (or write down) scores of userids and passwords (like I have now).

Trust is a way of saying that the identity I presented above is me and not made up or the identity of someone else. When you get a secure certificate for a website from VeriSign or Thawte you present verifiable information to them, pay them quite a bit of money and they'll give you an electronic certificate that basically says “Yup, we trust that this is the company you are communicating with.” But LID is similar to using certificates from ACME. Who's ACME and why would I trust them? At least I've heard of VeriSign and Thawte so I'm more likely to trust them more than ACME. I haven't seen anything in LID that would enable me to confer trust; it just seems to be a way to keep the number of different userids and passwords to a usable number (like one pair).

The clunkiness I see partly comes from some of the URLs used to request various bits of information. A URL like http://lid.netmesh.org/liddemouser/?xpath=/VCARD/EMAIL/USERID;action=text/xml is normally not seen—semicolons are for path parameters, not query parameters. And checking the code I see:

# this is the list of all URL parameters that will be evaluated by this script.
# The CGI:: module messes up POST vs. URL args, so some of those are accessed as url_param
my $action     = $q->url_param('action');
my $clientid   = $q->url_param('clientid');
my $credential = $q->url_param('credential');
my $credtype   = $q->url_param('credtype');
my $help       = $q->url_param('help');
my $login      = $q->param('login');
my $meta       = $q->url_param('meta');
my $target     = $q->url_param('target');
my $ticket     = $q->url_param('ticket');
my $ts         = $q->url_param('ts');
my $path       = $q->url_param('xpath');
my $url = determineUrl( $q );

# this is the list of all URL POST arguments that will be evaluated by this script
my $username = $q->param( 'username' );
my $password = $q->param( 'password' );

To me, it looks like the author got confused as to how queries are passed to CGI scripts using the GET method (the name/values pairs are supposed to be separated by ‘&’, not a semicolon, which is used for something else in URLs). To me, this doesn't bode well.

Also, playing around and signing up (using the demo account provided) to the two sites that support LID wasn't smooth.

Given time though, this may work out.

Wednesday, February 02, 2005

Whirr.

Over the past few days there's been this almost near constant whirring noise in the office. It sounds like it's just on the other side of my cubicle with that neat Zen-like emptiness to it (and yes, it still has that neat Zen-like emptiness to it, dispite sharing it with a new tech support person).

Whirr. Whirr.

Finally, curiousity got the better of me, and I decided to track down the source of the whirring.

Whirr. Whirr.

The person on the other side of my cubicle with that neat Zen-like emptiness to it has what looks like a very short cattle prod but is instead a massage unit that is currently in use.

Whirr. Whirr.

Okay.

Whirr. Whirr.

Back to work.

Whirr. Whirr.

At least it has a beat you can dance to.

Oh, it stopped.

---

URLs, Identity, Authentication and Trust

The other day I mentioned LID and the problems I saw with the URLs they were using as part of the processing. I wrote to Johannes Ernst, who is the principle architect of LID about the problem and after an exchange, I wrote the following, which explains part of the problem:

To: Johannes Ernst < XXXXXXXXXXXXXXXXX>
From: <sean@conman.org>
Subject: Re: Question about the code for LID
Date: Wed, 2 Feb 2005 21:56:15 -0500 (EST)

It was thus said that the Great Johannes Ernst once stated:

Good catch. I recall we had a discussion on that and couldn't quite figure out which way was the right way …

If you are trying to send parameters both as part of the URL and with a POST, the URL should be of the form:

http://lid.netmesh.org/liddemouser/;xpath=...;action=...

You seem to be the person to ask: where is it defined that URL parameters and POST parameters in combination should be used that way? I recall we looked and couldn't find anything, but maybe you would know?

Well, I've checked RFC-1808, RFC-2396 and RFC-3986, and as I interpret these, the general scheme of a URL is (and skipping the definitions of parts not germain to this—stuff in [] is optional, “*” means 0 or more, “+” is 1 or more, parenthesis denote groupings, etc):

<url>     ::= <scheme> ':' [<net>] [<path>] ['?' <query>] ['#' <fragment>]
<net>     ::= '//' [<userinfo> '@'] <host> [ ':' <port> ]
<path>    ::= <segment> *( '/' <segment> )
<segment> ::= *<character> *( ';' *<param> )
<param>   ::= *<character>
<query>   ::= *<character>

No structure is defined for <param> or <query> in the RFCs. By convention, the <query> portion is defined as:

<query>      ::= <namevalue> *( '&' <namevalue> )
<namevalue>  ::= +<qchar> '=' *<qchar>
<qchar>      ::= <unreserved> | <escape>
<unreserved> ::= <alpha> | <digit> | "$" | "-" | "_" | "." | "+" | "!"
                   | "*" | "'" | "(" | ")" | ","
<escape>     ::= '%' <hexdigit> <hexdigit>

(there are also some restrictions on what can appear in a <segment> and <param>, but those are covered in the various RFCs, but note that the semicolon needs to be escaped in the query string, fancy that!)

The upshot is that you can have a URL of the form:

http://www.example.net/path;1/to;type=b/file.ext;v4.4?foo=a&bar=b (note)

(note—when giving a URL in an HTML document, the '&' needs to be escaped to pass HTML validation)

where the parameters “;1”, “type=b” and “v4.4” apply to “path”, “to” and “file.ext” respectively (according to RFCs 2396 and 3986—as I read RFC-1808 it says that the <param> can only appear once, and that at the end of the <path> portion—but given that RFCs 2396 and 3986 are newer, I'll take those as correct).

Now, how this all relates to LID?

It's not pretty I'm afraid.

Apache doesn't parse the path params correctly [as I found out today in playing around with this stuff –Sean]—or to be more precise, it doesn't parse them at all and passes them directly through to the filesystem. So while what you have is a decent workaround, it will probably only work for the perl CGI:: module; I can't say for any CGI modules in other languages (and I know the one I wrote would have to be modified to support LID URLs).

I haven't had time to really look through the LID code to see all what it does, but as I have time, I'll do that. But feel free to keep asking questions—I'd like to help.

Basically, what they're trying to do is pass parameters as part of the URL, as well as pass parameters as part of a form (primarily using the POST method for certain actions). And what they're trying to do isn't so much illegal (in the “this type of stuff is not allowed in the protocol” sense) as it is unspecified. I created a simple test page of forms with various combinations of path parameters and query parameters using both GET and POST methods to see what information is passed through Apache to the simple script I was referencing. The results are mixed:

Results of URL parameters with <FORM> parameters

Method	Script URL	Paramters obtained from URL	Paramters obtained from <FORM>
Method	Script URL	Paramters obtained from URL	Paramters obtained from <FORM>
GET	script.cgi;n1=v1;n2=v2	Requested URL script.cgi;n1=v1;n2=v2 was not found on this server
GET	script.cgi/;n1=v1;n2=v2	YES, in $PATH_INFO as “/;n1=v1;n2=v2”	YES
GET	script.cgi?n1=v1;n2=v2	NO	YES
GET	script.cgi/?n1=v1;n2=v2	NO	YES
GET	script?n1=v1&n2=v2	NO	YES
POST	script.cgi;n1=v2;n2=v2	Requested URL script.cgi;n1=v1;n2=v2 was not found on this server
POST	script.cgi/;n1=v1;n2=v2	YES, in $PATH_INFO as “/;n1=v1;n2=v2”	YES
POST	script.cgi?n1=v1;n2=v2	YES, in $QUERY_STRING as “n1=v1;n2=v2”	YES
POST	script.cgi/?n1=v1;n2=v2	YES, in $REQUEST_URI as “script.cgi/?n1=v1;n2=v2”	YES
POST	script.cgi?n1=v1&n2=v2	YES	YES

I'm beginning to think that the way LID works is about the only way for it to realistically work across webservers, seeing how path parameters are rarely used and that mixing parameters from the URL and <FORM> is unspecified for the most part.

Lovely.

Thursday, February 03, 2005

Mozart was a Red

CARSON (quickly): That's all right. That doesn't matter. Your taste reveals your musical premises.

KEITH (puzzled): Oh? Well, I like Beethoven, Bach, Mozart, the standard …

GRETA: Oh!

CARSON: Keith, how could you? I, who know the depth of depravity to which most men sink, even I have to ask myself, how can they? Beethoven, Mozart, who reek of naturalism, whose whole work tramples on values, whose every note displays the malevolent universe premise.

KEITH (stunned): Malev … ?

CARSON: Oh, Keith, can't you see the hatred of life in every bar of their music?

Via the Mises Economics Blog, Mozart was a Red

I do like a good satire.

About a decade ago I read Atlas Shrugged because a friend of mine became enamored with her works and I wanted to understand what exactly happened to him (it was an okay book but could have seriously been edited). But the more I read about Ayn Rand and Objectivism, the more silly it became (and like any good religion, it split—into the Peikoffian and Kelleyist camps—and I am not making that up).

And what's with Ayn Rand's lucky gold watch?

Anyway, the one act play Mozart was a Red is quite the amusing read, especially if you know Ayn Rand and Objectivist history.

Friday, February 04, 2005

From Amazon—only $19,999.95

First eBay has a selection of odd items for sale (okay, technically “for bid”) but now Amazon? (link via InstaPundit) It looks like something from Jabba's sail barge, or something that would transport Daleks.

How odd!

Saturday, February 05, 2005

This is a HAMFest?

We got a good parking spot.

Not a good sign.

Kelly, Wlofie and I had gone to the 45^th Tropical Hamboree and unlike previous years, we got an excellent parking spot near the front. And no, we did not show up at 7:00 am for this—no, we ended up pulling into the parking spot around 11:00 am. The parking lot was relatively empty this year.

Walking up to the main building, we saw something I hadn't seen before in my years of attendance—an outdoor flea market. Nothing huge, but as a sign goes, this could be good (way too many exhibitors inside) or bad (it's so bad inside these people didn't want the hassle of obtaining a table).

But our fears were confirmed when we entered the main hall.

It was practically empty.

This was worse than the previous two times (has it really been three years since the last trip? Wow … ). Worse, the number of booths dealing with cheap tools, crafts and leatherworks easily outnumbered the booths about HAM radios, computers or electrical components.

Sad really.

I'm beginning to think that the Miami International Map Fair may be in order next year.

---

Nothing more than asphalt and grass

On the way back from the non-event that was the 45^th Tropical Hamboree, Kelly (who was driving) decided that it would be interesting to drive by what was once Andytown, Florida, but is now the intersection of US-27 and I-75.

Nothing else but asphalt and grass remains.

Sunday, February 06, 2005

Art of seeing without sight

So, we ask, how do you know how long these poles should be as they recede? I was taught, he says. Not by any formal teacher, but by casual comments by friends and acquaintances. How do you know about shadows? He learned that too. He confides that for a long time he figured that if an object was red, its shadow would be red too. “But I was told it wasn't,” he says. But how do you know about red? He knows that there's an important visual quality to seen objects called “colour” and that it varies from object to object. He's memorised what has what colour and even which ones clash.

Via Jason Kottke, Senses special: The art of seeing without sight

An artist who can draw complicated scenes upon request, despite the rather small handicap of being blind—a very interesting article indeed.

Monday, February 07, 2005

Kludge works

The server that this site was being hosted on. The one that went down last month? Well, last week it was retrieved and left behind my cubicle with that neat Zen-like emptiness to it. I trotted it down to the data center at The Company, powered it up, and set it to constantly read from the harddrives as I suspected those were the failure point.

Today I checked in on the server and found spewed all over the console window:

eth0: command 0x5800 did not complete! Status=0xffff
eth0: Resetting the Tx ring pointer.
NETDEV WATCHDOG: eth0: transmit timed out
eth0: transmit timed out, tx_status ff status ffff.
  diagnostics: net ffff media ffff dma ffffffff.
eth0: Transmitter encountered 16 collisions -- network cable problem?
eth0: Interrupt posted but not delivered -- IRQ blocked by another device?
  Flags; bus-master 1, dirty 47985(1) current 48001(1)
  Transmit list ffffffff vs. f7cea240.
eth0: command 0x3002 did not complete! Status=0xffff
  0: @f7cea200  length 8000002a status 8000002a
  1: @f7cea240  length 8000002a status 0000002a
  2: @f7cea280  length 8000002a status 0000002a
  3: @f7cea2c0  length 8000002a status 0000002a
  4: @f7cea300  length 8000002a status 0000002a
  5: @f7cea340  length 8000002a status 0000002a
  6: @f7cea380  length 8000002a status 0000002a
  7: @f7cea3c0  length 8000002a status 0000002a
  8: @f7cea400  length 8000002a status 0000002a
  9: @f7cea440  length 8000002a status 0000002a
  10: @f7cea480  length 8000002a status 0000002a
  11: @f7cea4c0  length 8000002a status 0000002a
  12: @f7cea500  length 8000002a status 0000002a
  13: @f7cea540  length 8000002a status 0000002a
  14: @f7cea580  length 8000002a status 0000002a
  15: @f7cea5c0  length 8000002a status 8000002a

wait_on_irq, CPU 0:
irq:  0 [ 0 0 ]
bh:   1 [ 0 1 ]
Stack dumps:
CPU 1:00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 
       00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 
       00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 
Call Trace:   

CPU 0:c1f31f2c 00000000 00000000 ffffffff 00000000 c0109a5d c029d094 00000000 
       f6a2c000 c0108d22 00000000 c02c5ce4 c02001a4 ecf7a000 c1f31f98 c0115621 
       ecf7a000 f6a2c368 c02c5ce4 c1f31f8c c1f30664 c1f30000 c011c5cf f6a2c000 
Call Trace:    [<C0109A5D>] [<C0108D22>] [<C02001A4>] [<C0115621>] [<C011C5CF>]
  [<C0125234>] [<C0125070>] [<C0105000>] [<C010588B>] [<C0125070>]

eth0, by the way, is the network interface.

The harddrives were still running the test I left them to, and no errors whatsoever. Dan, the network engineer, did admit to borrowing the network cable that was plugged into that server earlier this morning, and that was enough to trigger the slew of errors I saw (and I did thank him for doing that—otherwise I don't think I would have ever found what the problem might have been).

Well (and it's here I wished I remembered to take pictures).

The rack mounted case the system is in is not very tall, and certainly not tall enough to house a PCI card. So in one of the PCI slots was special card with PCI slots on it, such that you could now mount cards parallel to the motherboard (instead of perpendicular). Only you couldn't use the existing mounting bracket on the PCI card in question. So the mounting bracket on the network card had been removed, and only held in place by the friction between the card and the slot itself.

Not a stable connection.

Problems with this server only really started when some equipment was removed from the cabinet it was in, and I'm guessing the network cable was bumped just enough to make life interesting.

On the plus side, that means the server doesn't need to be replaced or even rebuilt (thankfully!).

Tuesday, February 08, 2005

My life in a bad Star Trek episode

Ah, “Project White Elephant.” Haven't talked about that in a while, but then, I haven't had much involvement with it for a while.

Until today.

The current sub-project is pretty straight forward. We have two machines, let's call them chip and dale (again, the names have been changed to protect the guilty me, but thematically, the pseudonyms are close enough). chip is the primary machine, which handles email, the websites, DNS, what have you, for “Project White Elephant.” dale is there solely to pick up if (or when) chip dies.

Now, chip has an IP address of C, and dale has an IP address of D. The services, DNS, SMTP, POP, IMAP and HTTP (among others), are not bound to address C or D, but to V. chip's network card is programmed to listen to V, but in the event that chip goes down, dale will then configure its card to listen on V and take over DNS, SMTP, POP, IMAP and HTTP (among others).

Not trivial, but doable and the details can be a bit tedious. Simplifying things a bit, you need to make sure that the configuration of all the services on chip are copied over to dale and that you can start the services on dale without error. Oh, you also need to replicate any datafiles (websites, email, etc) from chip to dale.

But …

Sadly, we're using Blech, a … <shudder> … control panel (yes, yes, I know … I said we weren't going to use a control panel for “Project White Elephant”—that order has since been rescinded—sigh).

Sure, a control panel makes simple yet tedious operations, such as configuring a new site on the system, easy and relatively painless. But attempt to do anything out of a proscribed set of procedures and basically, it ends up either being too difficult or outright impossible, that otherwise would be possible without the contraints of a control panel.

Today's particular problem had to do with site replication from chip to dale. We could configure the site on chip, and it even got pushed out to dale but the configuration of the webserver (Apache) wasn't replicated properly and sites pushed out to dale would end up with an IP address of D and not V.

I was on the phone with one of our contacts in “Project White Elephant” and I swear, the phone conversation was straight out of a bad Star Trek episode:

“Okay, we can set up the routers to preferentially route V to chip and then if it goes down, switch over to dale.”

“Wouldn't that require the configuation of RIP on the servers to initiate the router switch from chip to dale?”

“Yes, you're right. We can't do that. How about creating a special instance of DNS on dale such that if chip goes down, dale picks up, and—”

“Terrible idea. Each DNS change on chip requires tracking that and updating the private copy on dale”

“Sure, but it can be scripted.”

“But Doctor, you miss the point. Zone A has a serial number of N. chip goes down. dale takes over, making sure to update the serial number of A to N plus 1. chip then comes back up and starts serving out zone A with a serial number of N.”

“And of course, other DNS servers would ignore that since it's an older serial number, meaning—”

“We'd have to update the zones back into chip such that Blech will accept it, and remember, Blech stores everything in a database and overwrites the DNS configuration files—”

“Meaning we'd have to script the changes back into the database or manually update the information through Blech.”

“Exactly.”

“Okay, what about not running Blech on dale? Then just copy the sites, email and zones over?”

“Then you would have to either translate the configuration from chip to the non-Blech configuration we set up on dale, which means that K [being the admin who is responsible for running these boxes and can't use the command line—don't ask] won't be able to handle that box. Or we set it up just like Blech.”

“Dash it all! Okay, what about reversing the polarity of the flux capacitor and letting the backwash flow into the Jeffries Tubes?”

“Nice in theory, but you know what they say about theory and practice, right?”

“ ‘In theory, there is no difference between theory and practice, but in practice, there is.’ ”

“Exactly. Do that, and you run a risk of the back pressure rupturing the Jeffries Tubes, and let's not even get into the problem of stuck bits on the condensor plate if you reverse the polarity of the flux capacitor.”

“You're right! I forgot about that!”

Only the conversation was much longer. And not as interesting.

In the end, the only real sticking point was the websites. DNS isn't a problem if we can assign the services to address V. SMTP isn't a problem since you can set the MX records for incoming email to do the right thing. And since we did find a way to replicate the existing mailboxes between the two machines (which doesn't impinge on any configurations) and assuming we can get the IP address switch over working, then POP and IMAP aren't real issues (and in that reguard, Blech does seem replicate most of the site data between chip and dale, stuff like users and what not). That leaves HTTP. And a quick test of simplying copying the web server configuration and the ability to start and stop the webserver via the command line (which amazingly enough is a standard command!) I think we can pull this off.

Now only if we could do something about those stuck bits on the condensor plate …

Wednesday, February 09, 2005

Twice

Captain Napalm was only mentioned twice in the entire 10-year run of Calvin and Hobbes.

Cause confusion in the marketplace indeed … (link sent to me from my friend craniac)

Thursday, February 10, 2005

There actually is a control panel I like

I know I've mentioned plenty of times how I hate control panels, but driving to work today I realized that there was one control panel I actually liked and would love to use again. As I thought of this control panel, I had to think why I liked it so much, besides the obvious fact that it made such odious tasks like partitioning drives dead simple, and I figured out why I liked this particular control panel.

Unlike Insipid, Blech, Badminton or Torture Rack which tend to operate in a “black box” mode, this control panel gives you the option to actually view the commands it is about to run before you run them. A wonderful option so that if you need to know how it does something, you can see how it does something.

While there are other features I would love to see with Insipid, Blech, Badminton or Torture Rack (more on this below), this one feature would more than make up for all the missing features.

And the control panel?

SMIT

Written by IBM for AIX, it is perhaps the best interface I've seen to system administration and I love the ability to see what commands are being run. Sad that no other control panel has this feature.

So yes, I don't hate all control panels, just anything that isn't SMIT.

Friday, February 11, 2005

Now what?

Ah, “Project White Elephant.” Just when we thought we were safe …

K (the administrator) calls, informing us that he is currently talking with someone else logged in as root on the system.

Sigh.

We found out how the person got in—8,500 login attempts and they got lucky (hey, I didn't pick the password; nor did Smirk, my boss). The person breaking in also didn't bother to wipe out the root shell history or even mask that they had logged in (heck, they initiated the conversation asking if we would allow them to run an IRC bot); fortunately, this was all the person did.

Still, quite annoying.

Saturday, February 12, 2005

Various types of bugs

For the past week or so, we've been fighting a loosing battle with a flea invasion fleet—given the three cats we have, it's no wonder. So today was the day we dropped “The Bomb.”

Or rather, two large bug bombs, Fat Man and Little Boy (one upstairs, one downstairs), guarenteed to remove our flat six legged blood suckers.

In order to pass the time while Fat Man and Little Boy did their work, we went to the Spy Café (which happens to be a McDonalds and a spy museum). Amazingly enough they have an actual Enigma Machine on display, along with plenty of movie posters and in each booth, a small TV screen showing spy related movies.

It just seems so strange that a museum would be in a fast food restaurant.

Upon returning home, Fat Man and Little Boy did their number on the flea population as well as the Palmetto Bug population—clustered around the door we found a number of former Palmetto Bug Gang members upsidedown, legs spastically twitching. Now all that remains is a mop-up operation on any fleas and Palmetto bugs that may have survived.

Sunday, February 13, 2005

It's Neal Stephenson, people! Neal Stephenson!

We are in a position akin to that of early physicians who could see that people were getting sick but couldnt do anything about it, because they didnt understand the underlying causes. They knew of a few tricks that seemed to work. For example, nailing up plague houses tended to limit the spread of plague. But even the smart doctors tended to fall under the sway of pet theories that were wrong, such as the idea that diseases were caused by imbalanced humors or bad air. Once that happened, they ignored evidence that contradicted their theory. They became so invested in that theory that they treated any new ideas as threats. But from time to time youd see someone like John Snow, who would point out, Look, everyone who draws water from Well X is getting cholera. Then he went and removed the pump handle from Well X and people stopped getting cholera. They still didnt understand germ theory, but they were getting closer.

We can make a loose analogy to the way that people have addressed the problem of power disorders. We dont really understand them. We know that there are a couple of tricks that seem to help, such as the rule of law and separation of powers. Beyond that, people tend to fall under the sway of this or that pet theory. And so youll get perfectly intelligent people saying, All of our problems would be solved if only the workers controlled the means of production, or what have you. Once theyve settled on a totalizing political theory, they see everything through that lens and are hostile to other notions.

Via InstaPundit, Neal Stephenson's Past, Present, and Future

It's an interview with Neal Stephenson.

Need I say more?

---

An insane number of bricks

As a kid, I had little say in the attendance of church—I had to go. I never did like attending it—it was too long, and the sermons I found boring (or scary if the Baptist minister did a sermon from the Revelation of St. John the Divine); the only things I enjoyed about church was the architecture and the music (I love church music—but it has to be sans vocals, or the vocals in a language other than English).

Overall, I would have rather stayed home and played with my Lego bricks.

But this Lego-built church (link from Spring) is just … just … words aren't enough to describe it. A 7′ by 5½′ by 30″ church, minifig scale, is incredible.

Architecturally, the design is wonderful and I would love to see a church in real life based on this design, although it would be a bitch to heat and cool, given the volume of the main room and the large amount of glass used.

And the acoustics, and the organ that takes up the entire back wall …

Whoah!

Incredible!

Monday, February 14, 2005

One of these days, I'll get a new graphic

Tuesday, February 15, 2005

We have moveage!

Took a call from our realtor—the previous owners will be out of the house by midnight, and after that, we can commence moving into Casa New Jersey.

Woot!

One of the first things we'll be doing tomorrow is taking extensive pictures of the house while empty, and I'm sure I'll be posting a few here later on tomorrow.

Wednesday, February 16, 2005

Casa New Jersey

Before going to work, we stopped by Casa New Jersey so I could take pictures of the “empty” house (it wasn't completely empty—the previous owners left a few “things” behind, where “things” can be read as “stuff we now classify as garbage”).

Most of the junk left behind was upstairs in the Kids' Room, although The Kids were more than happy to keep it.

Too bad. It's junk. And what wasn't junk (like the large pieces of plywood used to cover the windows during a hurricane) is too useful to let them have at it.

One of the more dangerous items found was a rusty machete in a stand of bamboo at the far corner of the lot, which I jokingly called our own little slice of Southeast Asia.

The next few days will be spent cleaning up the remaining “stuff” and the actual move will happen next week.

Thursday, February 17, 2005

Uh oh …

My other boss, R, wanted a new site added to the server down in Miami. No problem, it's not something I haven't done before. So I go through the steps needed to add the site, and in this case, the site requires its own IP address (because of the group its in). Not a problem—just pick one of the currently unused addresses, add it to the network interface and there we go. Done, I log out to do other things (like post pictures of Casa New Jersey).

Well, there's a slight problem. The Miami server is also the one that my sites are stored on, and when I went to log back in when trying to post the previous entry, I got an error I've never seen before:

ssh_exchange_identification: Connection closed by remote host

Uh oh.

I can pull up websites, so that's fine. But ssh? FTP?

Nope. Can't log in.

I make multiple attempts, from several different locations across the Internet, trying to log in but the server is not letting me log in.

I do a Google search on the error, and it's heartening to see that this isn't a rare problem at all. But further reading doesn't reveal a solution to my particular problem. No, I didn't change /etc/hosts.allow or /etc/hosts.deny and it was working earlier when I added the site and IP address—

IP address. I added an IP address to the network interface.

And I'm guessing that was enough to throw sshd into suspicious mode and refuse logins.

Well, fine. I knew the solution—restart sshd (and the FTP server—apparently that was having fits too). But how? I can't log in.

Ah, but there is the power pole. Log in to the power pole (through a <cough> <cough>control panel<cough> <cough>) and power cycle the outlet the server is on. Not a great solution, but hey, it'll save me a trip down to Miami.

So I call C, who is responsible for the power pole setup. But well … there's a snag. Since the last debacle the IP address of the power pole was supposed to be updated, but he wasn't sure if it was.

Great.

But C needs to get with our network engineer to actually determine that, so until tomorrow (well, later today) no one will be able to log in to the server.

Sigh.

---

So that didn't work

Yes, the powerbar was recofigured with a new IP address.

No, we're not sure which outlet the server is plugged into.

Well, not 100% sure.

The first time I used the power pole to remotely power cycle a server I brought down the entire cabinet down in Miami. The power pole <cough> <cough>control panel<cough> <cough> gives you several options, immediately shut off an outlet, immediately turn on an outlet, immediately reboot an outlet. I was told the server in question was in outlet 1, so I immediately shut off that outet.

And turned off the network switch.

The network switch that the power pole was plugged into.

No way to turn on outlet 1.

Well …

Live and learn (always use the “reboot” option).

C was “pretty sure” that the server was in either outlets 2 or 3, but not 1. Nor 4. Half an hour of going round and round, my final instructions were to “reboot” outlet 2, and if that didn't reboot the server, then try outlet 3. If that didn't work, then I was facing a long drive to Miami.

So I started pinging the server.

64 bytes from XXX.XXX.XXX.XXX: icmp_seq=1 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=2 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=3 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=4 ttl=51 time=36.0 ms

And rebooted outlet 2. The <cough> <cough>control panel<cough> <cough> showed the outlet as “Off” and about ten seconds later, the outlet was back on. But during the “reboot” I kept getting pings from the server.

64 bytes from XXX.XXX.XXX.XXX: icmp_seq=15 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=16 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=17 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=18 ttl=51 time=36.0 ms

Okay, that wasn't it. Try outlet 3.

64 bytes from XXX.XXX.XXX.XXX: icmp_seq=22 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=23 ttl=51 time=36.0 ms

Okay, that seems to have been the right outlet. Okay, power restored to the outlet. Wait about a minute for the server to come back up.

Okay, I don't recall it taking this long …

Three minutes?

64 bytes from XXX.XXX.XXX.XXX: icmp_seq=22 ttl=51 time=36.0 ms
64 bytes from XXX.XXX.XXX.XXX: icmp_seq=23 ttl=51 time=36.0 ms

Not good.

Look at the time.

4:52 pm.

Sigh.

I get to drive to Miami, during rush hour traffic.

---

Drive. Punch. Drive.

What's there to say about the drive to Miami? An hour and a half in heavy traffic to the NAP of the Americas, getting there just as the sun was setting (in an “economically challenged neighborhood” as the politically correct would say), ten minutes to get to the cabinet, press the power switch. Ten minutes to get back to the car, and an hour in (still) heavy traffic to get home.

Friday, February 18, 2005

Free lunch

There's an interesting phenomenon thats known as “Andy giveth, and Bill taketh away.” No matter how fast processors get, software consistently finds new ways to eat up the extra speed. Make a CPU ten times as fast, and software will usually find ten times as much to do (or, in some cases, will feel at liberty to do it ten times less efficiently). Most classes of applications have enjoyed free and regular performance gains for several decades, even without releasing new versions or doing anything special, because the CPU manufacturers (primarily) and memory and disk manufacturers (secondarily) have reliably enabled ever- newer and ever-faster mainstream systems …

CPU performance growth as we have known it hit a wall two years ago. Most people have only recently started to notice …

Quick: Whats the clock speed on the CPU(s) in your current workstation? Are you running at 10GHz? On Intel chips, we reached 2GHz a long time ago (August 2001), and according to CPU trends before 2003, now in early 2005 we should have the first 10GHz Pentium-family chips. A quick look around shows that, well, actually, we dont. Whats more, such chips are not even on the horizonwe have no good idea at all about when we might see them appear.

The Free Lunch Is Over: A Fundamental Turn Toward Concurrency in Software

Moore's Law never stated that CPU speed would double every year—no, it in fact stated that transistor densities would double every 18 months. It was a side effect that processors doubled in speed each time (and in recent times, about every 12 months or so). But this article stipulates that raw CPU speed has pretty much capped out so traditional software methodologies are ill- suited to the new reality of stagnating CPU speeds (Hah! looks like Microsoft is in trouble now) and that programmers now need to learn concurrent programming if they're going to take advantage of multiprocessor systems (which are becoming more prevelent; if CPUs won't get much faster, put in more CPUs).

Concurrent programming isn't easy. It's hard. Harder than you think.

And I expect because of that, just as most languages adapted some form of object-oriented programming over the past fifteen years, that programming languages will adapt some form of functional programming over the coming years.

Tuesday, March 01, 2005

I'm alive and well on Ganymede

We have finally moved from the Facility in the Middle of Nowhere to Casa New Jersey. All I will say about the move: next time, even if I end up declaring bankruptcy, I will hire profession movers to pack, load, ship, unload and unpack everything. And professional cleaners to clean up afterwards.

We have DSL at Casa New Jersey, but nothing is set up yet. We haven't had any Internet connection since Saturday so I'm afraid that any emails have been unanswered or bounced. I just tried collecting our email on the server this website is on, but somehow it's being sent to the previous admin of this system (who is kind enough to collect it for us) and I can't figure out why.

It's a right mess.

And if our moving last week was bad enough, The Company (where I work) has also been moving all of last week. I lost my cubicle with that neat Zen-like emptiness to it and am now sitting at a work surface along one wall of the new office. I do have a window seat though.

Anyway, I need to get back to finding out why all my email is being sent elsewhere …

---

Scientific legends and lore of the lost age of the 80s

I made the first home improvement here at Casa New Jersey. There was (“was” being the operative word there) this … overly ornate light switch cover in the master bathroom and the first order of business was to get that replaced. It was difficult to find the actual switch due to the intricate relief work of the switch cover. There's now a plain white switch cover and The Kids have a new, overly ornate light switch cover for their room.

I also unpacked lots and lots of small boxes of books (if they were large boxes of books, they would have been “hideously way too heavy” instead of the merely “ludicrously heavy” they were) and managed to make some room. As it stands, I'm having to play a form of Sokoban since I have so much stuff. I only have one shelf unit (fortunately it's the insanely large one) in its final place so I was able to load it up with books, revealing some floor space with which to shift some of the other shelves into place, which I can use to unload some more boxes to reveal more floor space with which to shift other shelves …

We're still without Internet access—we have it, it's just that we need to set up some computer to actually activate the connection, and I'm still a ways away from having enough floor space to layout the table in the bedroom (unfortunately, there is no separate Comptuer Room here at Casa New Jersey). But now that the living room is unpacked, there may be space to temporarily set up the computers there until I get my room squared away.

Oh, and the title to this entry? That's the comment Spring wrote on the box of encyclopedias.

Wednesday, March 02, 2005

Soviet-era grossly outdated 1980s knowledge

Well, I found out why my email is going to Outer Mongolia but I can't change it unless I want my email to start bouncing; for some reason local delivery of email on the server is borked.

Sigh.

Thursday, March 03, 2005

A computer ate my baby!

Five pictures I have were broken during the move (technically, they were broken during the move to the Facility in the Middle of Nowhere; I never bothered to get them fixed three years ago because the Facility in the Middle of Nowhere was only a “temporary” move—heh) so this morning I took them to an art store to get repaired—three needed new frames and two the glass replaced.

Fortunately for me, I was the only customer for the framing department. As I placed each picture up on the counter and explained what I wanted, the counter person would make measurements and write notes up on the computer, using some custom written software for the management of a framing department in an art store.

Things were going slowly due to the software—while it may have been beautifully written, the user interface was poorly designed and it was obvious to me (and I couldn't even seen the screen) that the programmers who wrote the software never actually used the software, or even had an understanding of what was required to run a framing department in an art store; it would have been faster for the counter person to take down written notes and hand print the work order than to use the computer.

Then, upon entry of the fifth and final picture the software crashed. All five orders were gone. Meanwhile someone had arrived to pick up some artworked with finished framing. The counter person decided to take care of that person (since all they needed was a receipt to take to the counter) when the printer stopped functioning.

At this point, I had to seriously consider the benefits of the use of a computer at all in this store. Sure, it could keep track of inventory and with some clever queries can puzzle out odd relationships where the arrival of rain causes an increase in sales of recycled polyester paint brushes, but when a mildly complex order like “these three pictures need new frames; these two I want that frame with this matting, this one that frame with no matting, and these two just need new glass” takes over an hour to complete it's clear that the people responsible for the software need to be taken out and shot.

Or at least forced to use their own software for a week.

In any case, the work order was submitted, and in two weeks I'll have the fixed pieces back in my hands.

Friday, March 04, 2005

Amusing Unix installs

The current project at work is to convert a Cobalt RaQ4 into a firewall for the new office. On the plus side, it's an x86 based system, 450MHz with two ethernet ports, 256MB of memory and a 30G of disk space—more than enough to act as a firewall system.

On the down side, it comes with no CD drive, no floppy drive and no video or keyboard ports.

On the scale of Unix installation difficulty, this rates around a 6 (the NetBSD install I did rated about an 8, and a Unix install I did on an old laptop was about a 9). And while there are some instructions on installing a new distribution of Linux on the Cobalt RaQ4, they all are somewhat involved.

I was able to get a Linux 2.4 kernel on the system (albeit it's a custom kernel for the Cobalt systems) so that's good (it also involved an upgrade to the BIOS to support the larger Linux 2.4 kernel). And it seems that all you have to do is put the kernel into a specific location with a specific name and it will automatically boot that kernel, which is good, since that means I can put the drive into another Linux system and do the install of whatever distribution we want on that, and put the drive back into the Cobalt RaQ—in theory. I'll find out if that works on Monday.

Saturday, March 05, 2005

We finally have Internetage! Woot!

Finally! After playing Sokoban for a few days, the bedroom is finally settled enough for me to get the network setup and running. Of course the phone line is on the other side of the room. I could have set up the computers over by the phone jack, but that would have disrupted the path to the dryer.

So I live with a cable across the middle of the floor.

Still have quite a bit of unpacking to do, but now my email is no longer being routed to Outer Mongolia.

Woot!

Monday, March 07, 2005

A note to myself

Work is still being done on the new office space at The Company, with today's work being electrical in nature. What I must remember in the future is to make sure that the computer is plugged into the battery backed up outlets, and not the surge protection only outlets on the UPS.

How embarrassing.

---

The amusing Linux install just got more amusing

The difficulty rating of the Cobalt RaQ4 Linux install just went up.

It's not quite as simple as installing the Cobalt RaQ4 harddrive in another PC and installing Linux. I took the drive out (easy enough to do, just one screw to remove the case, then another to remove the harddrive assembly) and installed it on another PC (easy enough to do, as there was no cover what so ever on the PC). The BIOS saw the harddrive. Linux (which was installed on the PC) saw the harddrive during bootup, but after that, it refused to even recognize the drive.

So copying an existing distribution (Fedora Core) to the harddrive is out of the question.

I did, however, get iptables installed on the Cobalt RaQ4 and have it work. So I'll see if that's good enough for what Smirk wants it to do.

Tuesday, March 08, 2005

Even more amusing

New approach to installing a more modern Linux on the Cobalt RaQ4—getting another harddrive, doing the install on that, and putting that harddrive in the Cobalt RaQ4.

More on this as details become available.

---

I'd hate to think of what PHP would look like if Larry Wall got his hands on it …

Popular opinion about PHP is polarized. Language purists tend not to like the somewhat haphazard implementation of many features and some of the inconsistencies that have emerged over the years. At the same time, pragmatic problem solvers tend to love how PHP seems to almost read your mind and present itself as the perfect Web problem solving tool.

What it all boils down to is that PHP was never meant to win any beauty contests. It wasn't designed to introduce any new revolutionary programming paradigms. It was designed to solve a single problem: the Web problem. That problem can get quite ugly, and sometimes you need an ugly tool to solve your ugly problem. Although a pretty tool may, in fact, be able to solve the problem as well, chances are that an ugly PHP solution can be implemented much quicker and with many fewer resources. That generally sums up PHP's stubborn function-over-form approach throughout the years.

Do you PHP?

I still don't like PHP (it's the “language purist” in me) but at least this sheds some light on some of the oddities in the language (although it still doesn't explain what Rasmus Lerdorf was on when he created variable variables or superglobals—<shudder>)

Wednesday, March 09, 2005

The future is back that-a-way.

Núñez now believes that he has definitive evidence that the Aymara have a sense of the passage of time that is the mirror image of his own: the past is in front of them, the future behind.

Thirty years ago, Miracle and Yapita pointed to the often incredulous responses of Aymara to some written texts: “‘Columbus discovered America&rsquo—was the author actually there?” In a language so reliant on the eyewitness, it is not surprising that the speaker metaphorically faces what has already been seen: the past. It is even logical, says Lakoff.

H ow time flies

A very interesting article about a group of people in Chile who view time differently than we Westerns do. Of course the past is in front of them— they've seen the past. And the future? You can't see behind you, so of course the future is back that-a-way.

---

I've got those Linux Installation Blues

It wasn't that easy, just putting a harddrive into another computer, copying the installation to that, copying the Cobalt RaQ4 kernel, and booting from there.

Nope.

Didn't work.

Looks like I may have to do one of the more involved installations, or Smirk is just going to have to learn to live with what I've got.

Somehow, I'm guessing I'm going to be doing one of the more involved installations.

On the other hand, I've narrowed down why the PC didn't like the Cobalt RaQ4 drive, and it didn't have anything to do with the drive itself—I'm not sure if it was the cable or the controller. The IDE cable in the PC is an 80-wire cable (where every other wire is ground). One drive plugged in works. Two, the second one isn't recognized at all. I tried a traditional 40-wire cable and again, one drive worked, two didn't.

I'm not sure what to make of that. I ended up hooking power to the two drives from the PC, and using the 40-pin cable to hook the two drives to the Cobalt RaQ4. That was rather amusing but it worked.

What wasn't rather amusing was one of the fans on the Cobalt RaQ4—it sounded like I was working next to a jet engine. That will definitely have to be replaced.

More on this as details become available.

Thursday, March 10, 2005

Lovely … I get to debug code in PHP

I made a test order and when I clicked confirm order the next page said page cannot be displayed or error page, I am not sure. Please place a test order and let us know if it is working properly.

Trouble ticket I recieved this afternoon.

And thus I started my descent into osCommerce, written in PHP of course.

It took long enough, but I was able to finally track the problem down to the following bit of code:

function tep_href_link(
	$page = '', 
	$parameters = '', 
	$connection = 'NONSSL', 
	$add_session_id = true, 
	$search_engine_safe = true
) 
{
  global $request_type, $session_started, $SID;

  if (!tep_not_null($page)) {
    die( error message with embedded HTML code, of course );
  }

  if ($connection == 'NONSSL') {
    $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
  } elseif ($connection == 'SSL') {
    if (ENABLE_SSL == true) {
      $link = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG;
    } else {
      $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
    }
  } else {
    die( yet another error message with embedded HTML code );
  }
  // rest of function deleted 
}

catalog/includes/functions/html_output.php

The checkout code is running under a secure server (secure.example.net) while the actual site itself is under a different domain (www.example.com) and for some reason, the code, in generating the link, is getting things mixed up and the link is being generated incorrectly. It's getting the secure server name (HTTPS_SERVER) but tacking on the location on the non-secure site (DIR_WS_HTTP_CATALOG) and thus leading to the dreaded 404 Not Found error.

I'm not really keen on trying to debug this any futher than I have to (the osCommerce package comprises over 500 files), I basically changed the code to look like:

if ($connection == 'NONSSL') {
  $link = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG; // XXX - spc hack
} elseif ($connection == 'SSL') {
// rest snipped

It works (even if it is a hack). Customer is happy. I'm happy (that I no longer have to dig into this program).

Now back to the salt mines—the customer is now wondering why he isn't getting his email …

---

'tis to be expected I guess

I forgot about this. A few days the NAP of the Americas sent out a message about an upcoming maintenance window.

In Microsoft Word format.

Of course everybody uses Microsoft Windows.

Of course.

This would seem to explain their rather odd stance of not having a crash cart anywhere in the six story data center.

Because, you know, everybody uses Microsoft Windows. For everything. Including servers.

I'm getting less and less impressed with the NAP of the Americas.

Because, you know, everybody uses Microsoft Windows.

Friday, March 11, 2005

The New Office Digs

I figure it's about time for a picture of my new working digs—this time it's the non-cubicle with that neat Zen-like window that looks out onto the walkway (we're on the second floor) which looks out onto the parking lot.

On the down side, my fellow cow-orker is such a dog …

Saturday, March 12, 2005

You have company!

Spring's father, sister and niece are here for a week or so. On the down side, that's three more people in the house, one of which is three years old.

On the plus side, Spring's father, sister, niece and The Kids will be spending a day or two experiencing It's A Small World some two hundred miles to the north (and I won't be able to make it—gosh darn it).

Sunday, March 13, 2005

No place like home

Clump clump clump clump clump—

Nothing—

Clump clump clump clump clump—

quite like—

Clump clump clump clump clump—

a three year old—

Clump clump clump clump clump—

girl in ruby shoes with—

Clump clump clump clump clump—

large heels walking around—

Clump clump clump clump clump—

upstairs.

Clump clump clump clump clump.

Sigh.

---

Too many emails

Email.

Or rather, an abundance of email.

Smirk called, saying that one of our servers was dying under a severe server load, and asked if I could write a script to clean out the sendmail queues.

So I spent some time writing some Perl code to do just that.

I don't like Perl. To me, it represents the worst of /bin/sh, awk, sed and grep (among other throat clearing noises that represent Unix commands). But for one off stuff like this, it was probably quicker than trying to do this purely under /bin/sh or even C.

In retrospect, I think I could have written it faster in C.

First off, I write my Perl using “strict”; it's enough that Perl will gladly accept simple typos (unless in “strict” mode). But that lead to problem number one: I couldn't figure out how to use Getopt::Std (Perl code to parse the command line) in “strict” mode. I had to spend some time figuring out that the correct incantation to use would be:

use Getopt::Std;
use strict;
  
use vars qw($opt_h $opt_b $opt_d $opt_t $opt_D);

getopts('h:b:d:t:D');

(in this code, -h is to scan the headers, -b to scan the body, -d to specify the queue directory and -t to specify where any email matching should be copied to, and -D to output debugging messages)

Okay, next problem: it's not finding anything. I grep through the headers, find something like “Subject: AdD Thr33 IncHes 2 ur MOrtgAge” then run the script:

./movequeue.pl -h 'Subject: .*[Mm][0Oo][Rr][Tt\?][Gg][Aa@][Gg][Ee3]' -D'

And nothing shows up.

Debug debug debug.

Turns out I'm a bit overzealous with using “my” (which is used to declare which variables I'm using in “strict” mode). Each instance of “my $variable” causes it create a whole new variable. So of course:

foreach my $entry (@queue)
{
  if (my $entry =~ /[dqx](.*)/)
  {
	# blah blah blah
  }
}

isn't going to work, since I effectively get two new variables by the name of $entry.

Okay, declare all the variables I use in one spot. That fixes that problem, and a whole slew of other problems related to scoped variables.

But at least the code is working.

Why yes, I'm still learning Perl.

And I still don't like it.

Monday, March 14, 2005

We're drowning in emails!

I found out why the server had an abundance of emails today—the primary resolving nameserver crashed.

There are four name servers running at The Company—two for people outside our network to look up domains we host, and two internally just for resolving DNS queries inside The Office. And one of the resolving name servers crashed hard. Totally offline.

And that threw everything out of whack.

I'm not sure why a name server (which isn't a single point of failure) crashing should throw the email system out of whack, but when I did get that server up and running (no idea yet as to why it crashed) things seemed to return to normal.

Odd, yes.

The email server in question should have queried the name server still running. And had we been running a stock installed system I might have actually attempted to figure out the root cause. But we run Insipid on that email server, with a (possible) custom installation of sendmail (configured (and possibly patched) to run under the control panel).

And I'm not about to debug that (Smirk isn't paying me that much money).

And that's not counting our spam firewall (which is a separate system), which also seemed to have problems when the primary resolving name server crashed. And I'm not about to debug why that didn't bother to use the secondary name server either.

The upshot was, a bunch of mail simply queued up (thousands—-we're talking thousands of email) because of domain resolution issues.

And that caused our customers to bitch complain that they couldn't get their email.

Now, what I can debug is why that particular server crashed. I may have to disable any hardware screen blankers, since when I plugged in a crash cart nothing was visible on the screen, and it was D-E-A-D to the point where the keyboard wouldn't register (which normally unblanks the screen). There wasn't anything obvious in the system logs, but I didn't have much of a chance to pour through them though.

Tuesday, March 15, 2005

I'm surprised I haven't already done this …

Beware the Ides of March …

---

Beware the Ides of March

I should have listened to my own advice.

Things were slow at The Office. Quite slow. So slow that P (one of the other tech support guys) decided to leave early. Smirk was out sick (the flu) and the other remaining tech support guy, C, has had his hours cut back and wasn't in The Office today.

Leaving me.

Of course, once P left, the phone started ringing off the hook.

Okay, it wasn't that bad …

But I was kept busy today. When I wasn't requeing emails I was answering customers questions about why they weren't getting emails, downloading a new customer's site to our server (and finding out it wasn't so critical to be done today—sigh), talking to a customer that talked wouldn't stop talking—I knew what he wanted about thirty seconds into the conversation, but he just … wouldn't … stop … talking … and I couldn't even get a word in edgewise … just … okay … ye— … ok— … let— … me— … ye— … I'll— … I'll— … yes— … yes— … ok— … I'll— … ye— … I'llgiveSmirkthemessagegoodbye!click.

Sheesh.

And then …

Another customer (who's actually next door to The Company) wants some modifications done to his osCommerce site—the same one I was working on last week. There are “too many clicks.” Wants me to remove a few of the check-out steps as the site only has two products.

There are over five hundred files in the typical osCommerce installation. Five hundred files written in PHP. And he wants me to remove a few steps.

Heh.

Heh heh.

Oh, my side!

“Yes, just give me an estimate. If it'll take a few minutes, just say that. If it'll take three hours, good enough.”

“Um … how about days?”

I think the desk is going to win.

---

… it's around here somewhere …

Spring's father wanted to eat at a steak house tonight. Not a problem if we were still living at Condo Conner or the Facility in the Middle of Nowhere. Having lived in that area for almost twenty years one gets to know the types and locations of a variety of restuarants that can match almost any need.

But here at Casa New Jersey?

Heck, it took me an hour to find the Home Depot that's just around the corner last week. And I've yet to locate an actual branch of my bank (heh—down in north Broward/south Palm Beach counties every other building contains a branch of my bank).

Gary (Spring's father) and I ended up driving for over half an hour looking for a Roadhouse Grill I glimpsed … last week? Yesterday? Somewhere … sometime …

Finally found it next door. I knew it was close by somewhere!

Wednesday, March 16, 2005

Decisions, decisions

I had a choice at work today—either deal with a Blech/qmail/Microsoft Outlook problem (basically, the customer couldn't send out email using Microsoft Outlook, and the server in question is running qmail under Blech) or to assemble a computer desk.

No contest, even though I did have to attach the keyboard tray twice, otherwise the back of the desk wouldn't fit, and the bolt nuts where just a tad tight and there was no room to work with.

Thursday, March 17, 2005

The Tax Man cometh

Tax time is just around the corner and I'm not sure if everyone knows that you can electronically file your Federal taxes for free (link via Jason Kottke).

---

Verbatim transcript of a telephone conversation I had with someone who didn't identify themselves

Ring.

Ring.

Ring.

“Hello?”

“Hello?”

“Hello.”

“Is [Spring's real name] there?”

“I'm sorry, she's sleeping right now. Can I take a message?”

“Is Mr. Dew there?”

“No.”

“Then I guess this is Mr. Don't.” Click.

Um … okay …

Friday, March 18, 2005

That darned Peg Game

On each table at the Cracker Barrel, there's this peg game—a triangular piece of wood with 15 holes, 14 of which are filled with a golf tee. The object of the puzzle is to remove the golf tees by jumping one tee over another and removing the tee jumped over (much like making jumps in checkers) and end up with one tee.

I was never able to do that. Sure, I could reliably get three tees left. Occasionally two. But never one (and the one time I did that I did it backwards, starting with one tee and working the puzzle out backwards).

I even came across a computerized version where I could waste my time only getting three pegs.

Sigh.

I remakred to wlofie a few months ago about writing a program to play the game and find a solution to the problem, and a few weeks ago I finally got around to writing the program.

I don't consider it cheating because one has to have an understanding of the problem to instruct a computer to solve the problem. And it's an interesting problem to find a representation that can be modelled in the computer. A typical representation would be to use a two dimentional array to represent the board but in thinking about it, the programming required to implement a move got rather hairy quickly.

It turns out that of the fifteen spaces, twelve only have two possible moves, and three four moves and here I was looking at a mountain of code to express this with a 2D array.

I quickly abandoned that and went for a more abstract representation of the board. In the new representation, it's a linear array of spots, labeled A–O, with each spot having a list of valid moves, which spot one jumps over and the destination. Each spot also has an flag denoting the presence or absence of a peg. From there, it was relatively easy to write the code to play the game.

Also interesting to note is that, discouting rotations and reflections of the puzzle board, there are only four distinct solutions required.

Peg Game Board—Bold spots represent unique position

				A
			B		C
		D		E		F
	G		H		I		J
K		L		M		N		O

And the solutions?

Well … I'm not giving the answers away here …

Monday, March 21, 2005

I'm a sell-out

About two weeks ago, I received the following email:

From: “XXXXXXX XXXXX” <XXXXXX@google.com>
To: <sean@conman.org>
Subject: Google partnership
Date: Wed, 9 Mar 2005 14:50:48 -0500

Hello Sean,

Google is interested in advertising on your website, the Boston Diaries. Please contact me at your earliest convenience to discuss further.

Below is an example of two of our current blog related sites.

http://www.engadget.com/entry/1234000073035159/ (text ads running vertically)

www.tommcmahon.net (text ads running at bottom of page.)

I look forward to hearing from you soon.

Best regards,

XXXXXXX

---

XXXXXXX XXXXX
Google Inc.
1440 Broadway
New York, NY 10018
(212)XXX-XXXX

Um … Google?

Asking to advertise here?

I reply, and yes, it's legit.

Google wants to have advertising space here.

Well then …

Buried deep in the main template was a small, commented out section for the “Obligatory Text Ad” in the sidebar to the left. Now that Google wants to advertise, that section has been uncommented, rechristened “Obligatory Google AdSense” and away we go.

It's nice that Google allows you integrate their adversiting to match the style of your site so they're less obtrusive than they could be, but I'm hearing rumbles now as people are finding out that the filtering and matching technology used to serve up ads is less than optimal, and are removing the ads altogether.

I guess one way to look at that is that I'm late to the show and all the cool kids are no longer using Google AdSense.

Another way, that means less competition for me.

There is nothing in the AdSense policies or terms and conditions that forbid one of being critical of AdSense while using AdSense which is good (and if it seems I'm biting the hand that feeds me, the only investment I have is time, not monetary so if AdSense goes, big deal). It will be interesting to see how much this actually brings in for about two hours worth of work so far (most of that spent talking with a Google represenative about this program).

Tuesday, March 22, 2005

… is “die” with a “t”

I've sold out for twenty-four hours or so, and the majority of the Google ads I've seen are for diet plans.

I'm wondering if Google is trying to tell me something …

---

Reduced Configurations

I made mention of the RISCesque approach to service configuration in relation to control panels and I figured it was about time I expound on it, if only because P, a fellow cow-orker, is now having to deal with both Insipid and Blech.

I don't like control panels (that much should be obvious by now) because, among other things, they take control of the machine away and hide it behind an abstraction; they also make certain operations down right painful, if not outright impossible due to these abstractions. And the more I thought about them, the more they reminded me of arguments I've heard before, years ago. They sounded much like the arguments people used in heated debates between Assembly language and C (or other higher-level languages).

Dare we write “non-portable” code? Horror of horrors! What next? The liberal use of goto's? Slipping back into Assembly? Aaaaaah! Hell, if we allow that to happen, we might even get a Real-Time Unix kernal that's under 64K in size! Can't allow that to happen, ho sir. AT&T might kill us. BSD might kill us. Dijkstra might kill us. The whole XXXXXXX industry might blackball us for providing the customer with something that actually performs reasonably well.

Me, probably about 1991

As you can see from the above quote, you can see where I fell during that time (and for the record, I have since changed my stance on portable code since I had the opportunity to program under a variety of architectures). And now, here I am, sounding like my old self, only instead of programming exclusively in Assembly, I'm wanting to configure systems by the command line.

Now, at the time (late 80s/learly 90s) a very competent Assembly language programmer could write code that outperformed what a compiler could spit out, but times, they changed. First, compilers would always get better as more research was done; for instance the ANSI C compiler I used on the SGI machine at FAU could do optimizations across entire directories of source code (although it took a long time).

Second, research into what instructions compilers typically used lead to RISC—Reduced Instruction Set Computers. The idea behind RISC is that instead of wasting silicon on complex instructions rarely used (by compilers), instead make the instructions simple and then waste silicon on making those instructions fast (with the result that writing in Assembly on those systems is even more tedious than their CISC ancestors).

Third, programmer time kept getting more and more expensive while hardware kept getting both faster and cheaper so who cares if compilers produce less than optimal code? It's not execution time that needs to be optimized for anymore (well, there are still a few instances but if the code runs fast enough, that's good enough).

So it is with control panels.

First, the argument can be made that control panels can only get better. At least, I would hope so. The third point—the expense of humans will always be true—the less humans you have, the cheaper it is. And as with compilers, which means you can employ less experienced programmers (or fewer experienced programmers), control panels mean you can get by with less experienced sysadmins (or fewer experienced programmers). Not that this is a bad thing mind you—at one point it looked like everyone in the US would have to become telephone operators to handle the growth of phone calls and to a point, that's what AT&T did—it turned everybody into their own operator.

It's the second point that's the problem. The success that compilers (and RISC architectures) have had in recent years is due to a large amount of blood, sweat and tears in making it work well (CPU designs changed to make compiled code run faster, and compiler designs changed to adapt to the new CPUs). Now, does that mean that configurations will have to get simpler? Well … perhaps. As it stands, control panels do make certain tedious operations easier, as long as the tedious operation is something the programmers planned for. But I don't think simplification of configuration files is the answer. What may need to happen is a decoupling of the configuration from the service. Or a way to feed the configuration to (and from!) the service from different sources.

But what I see happening is a reduction in the ability to configure services, and not even a consistent set of reductions either! (for instance, Insipid has the concept of an “alias” for a site, where the same website comes up under two different names, but Blech doesn't—you can physically host a site, or have the request for a webpage forwarded to another server, but there didn't seem to be the option to setup an “alias” like you can under Insipid—on the flip side, under Insipid you can't set up forwarding like you can under Blech) And I prefer to edit files over using a GUI.

And I still like programming in Assembly from time to time.

Wednesday, March 23, 2005

Forget disturbing search requests, how about “Disturbing Ad Requests?”

Third day, and already I'm leary about Google's AdSense.

Earlier today it wasn't serving up ads. At first, I thought they took exception to my critical stance towards them, or of the disclaimer I have just below their ads and dropped me. But no, I was still signed up. It's just that for a period of time, Google just … couldn't serve up ads.

How odd.

Then, when it was working again, what do I see? An add for “Diary Of An Anorexic Girl” followed by an ad for “Fleming's Steakhouse” (at least the steakhouse is in Florida and not Massachusetts).

What is it with Google?

I've set up my site so that Google will index each individual entry, and yes, the Googlebot is pulling up individual entries, so why can't Google match the advertising better? I thought the whole point of AdSense was targetted text based ads.

---

Genres of advertising

From: “Ken Maier” <XXXXXXXXXXXXXXXX>
To: “Sean ‘Captain Napalm’ Conner” <sean@conman.org>
Subject: Google advertiser exclusion
Date: Wed, 23 Mar 2005 21:22:17 -0500

Not sure if you know, but you can go into your AdSense account and enter exclusions for the advertisers you don't want to see on your site.

—ken

I know you can excluse particular advertisers through AdSense, but not genres of advertising. So, while I could exclude ads from Weight-Watchers, that still means I get ads for FatBurners-‘Backwards-R’-Us. And if I go down the path of nuking individual advertisers, then I run into the set limit of 200 excluded advertisers. It was more of a way to exclude competitors.

Thursday, March 24, 2005

Now THAT would be cool!

I know that transparent screens (link via kisrael.com) don't exist yet, but I want one. I really want one.

Friday, March 25, 2005

More like a foolish inconsitency

A foolish consistency is the hobgoblin of little minds.

Ralph Waldo Emerson

You want to use a database for a PHP project. Okay, PHP supports several different types of databases, like PostgreSQL and MySQL among others, and being SQL, there shouldn't be much difference bewtween SELECT statements, right? (wrong I know—there can be huge differences between SQL implementations, but like Alan Kay said, the simple stuff should be simple). So, I would expect something like:

$db = db_use('mysql');
db_connect($db,"mysql.example.net","db_user","soopersecretpassword");
db_table($db,"warehouse");
$result = db_query($db,"SELECT widgets FROM parts WHERE color = 'red'");
db_close($db);

$db = db_use('postgresql');
db_connect($db,"pgsql.example.net","db_user","donttellanyone");
db_table($db,"shops");
$result = db_query($db,"SELECT price FROM catalog WHERE parts='widgets'");
db_close($db);

You select the type of database you want to use, and PHP automagically handles the details for you. The simple stuff should be simple, right?

But not in PHP. No. In PHP you get a show bunch of functions that work only on MySQL, and another set for PostgreSQL, and yet another set for Oracle. It's not like once you select a database that you'll end up changing it any time soon, right? Who changes databases? So chances are, once you select a database, that's it and who cares if there's a specific set of functions for this database and a different set for another database?

Well, unless you make it available for other people to use (open source or not) and they want to use one of those other databases? Heaven forbid that happening.

But hey, it could happen, right?

Which gets me to some PHP code I had the pleasure of dealing with today (and no, it wasn't osCommerce):

$result = $system_query("SELECT * FROM sometable$name");

Hello! $system_query? That's a variable! Hmmm … that's … interesting. Poke around some more …

$list=file("../SQLcalls.txt");
$system_connect = $list[0];
$system_affected_rows = $list[1];
$system_error = $list[2];
$system_insert_id = $list[3];
$system_fetch_row = $list[4];
$system_num_fields = $list[5];
$system_num_rows = $list[6];
$system_query = $list[7];
$system_result = $list[8];
$system_select_db = $list[9];
$system_field_name = $list[10];

$system_connect = ereg_replace("\n","","$system_connect");
$system_affected_rows = ereg_replace("\n","","$system_affected_rows");
$system_error = ereg_replace("\n","","$system_error");
$system_insert_id = ereg_replace("\n","","$system_insert_id");
$system_fetch_row = ereg_replace("\n","","$system_fetch_row");
$system_num_fields = ereg_replace("\n","","$system_num_fields");
$system_num_rows = ereg_replace("\n","","$system_num_rows");
$system_query = ereg_replace("\n","","$system_query");
$system_result = ereg_replace("\n","","$system_result");
$system_select_db = ereg_replace("\n","","$system_select_db");
$system_field_name = ereg_replace("\n","","$system_field_name");

$system_connect = ereg_replace(13,"","$system_connect");
$system_affected_rows = ereg_replace(13,"","$system_affected_rows");
$system_error = ereg_replace(13,"","$system_error");
$system_insert_id = ereg_replace(13,"","$system_insert_id");
$system_fetch_row = ereg_replace(13,"","$system_fetch_row");
$system_num_fields = ereg_replace(13,"","$system_num_fields");
$system_num_rows = ereg_replace(13,"","$system_num_rows");
$system_query = ereg_replace(13,"","$system_query");
$system_result = ereg_replace(13,"","$system_result");
$system_select_db = ereg_replace(13,"","$system_select_db");
$system_field_name = ereg_replace(13,"","$system_field_name");

Um … okay … what's in SQLcalls.txt?

mysql_connect
mysql_affected_rows
mysql_error
mysql_insert_id
mysql_fetch_row
mysql_num_fields
mysql_num_rows
mysql_query
mysql_result
mysql_select_db
mysql_field_name

Okay.

A list of the MySQL function calls in PHP are read in, then the trailing line ending characters are stripped. Never mind that could be done as:

$list                 = file("../SQLcalls.txt");
$system_connect       = rtrim($list[ 0]);
$system_affected_rows = rtrim($list[ 1]);
$system_error         = rtrim($list[ 2]);
$system_insert_id     = rtrim($list[ 3]);
$system_fetch_row     = rtrim($list[ 4]);
$system_num_fields    = rtrim($list[ 5]);
$system_num_rows      = rtrim($list[ 6]);
$system_query         = rtrim($list[ 7]);
$system_result        = rtrim($list[ 8]);
$system_select_db     = rtrim($list[ 9]);
$system_field_name    = rtrim($list[10]);

which not only would be slightly faster, but a bit more maintainable and portable (and I don't even know PHP that well and already I'm writing better code in it—sheesh!). But besides, that, the intent of the programmer seems to be a way to isolate the name of the function so that the code can be quickly “ported” to use different databases. Laudable, except for one small little detail—

IT WON'T WORK!

Let's try using PostgreSQL. Well, let's see if we can map the MySQL functions listed to their PostgreSQL or Oracle counterparts:

PHP function equivalents between MySQL, PostgreSQL and Oracle

MySQL	PostgreSQL	Oracle
mysql_connect()	pg_connect()	ora_logon() or ora_plogon()
mysql_affected_rows()	pg_affected_rows()	ora_numrows()
mysql_error()	pg_last_error()	ora_error()
mysql_insert_id()	pg_last_oid() (guess)	?
mysql_fetch_row()	pg_fetch_row()	ora_fetch()
mysql_num_fields()	pg_num_fields()	ora_numcols()
mysql_num_rows()	pg_num_rows()	ora_numrows()
mysql_query()	pg_query()	ora_parse() + ora_exec()
mysql_result()	pg_get_result()	?
mysql_select_db()	?	?
mysql_field_name()	pg_field_name()	?

It's beginning to look pretty bad, but that's not the worse of it. Let's just concentrate on the connect functions. mysql_connect() looks like:

$mysql = mysql_connect("mysql.example.net","db_user","soopersekrit");

But that just connects you to the MySQL server. You still have to select which database you want to use. Then you have pg_connect():

$pg = pg_connect("host=pgsql.example.net port=5432 dbmame=warehouse user=db_user password=donttellanyone");

In which you can specify the database. Now there's ora_plogon():

$oracle = ora_plogon("db_user@oracle.example.net","shhhh");

Which supposedly will hook you up with the database in question. I guess. Because I couldn't locate the PHP Oracle equivalent to mysql_select_db(). But aside from that, notice anything about the three calls? Like how they're all completely different? mysql_connect() takes three parameters (well, there are more, but they're optional), pg_connect() takes just one, but the single string argument contains name/value pairs, some of which are optional! And ora_plogon() takes two.

Nice try, but a wasted effort.

---

How many variables changed? Let me count the ways …

The previous rant was brought to you by a site that moved from a Linux 2.4 system running Insipid, Apache 1.3 with PHP 4.2 and MySQL 3.23.x to a Linux 2.6 system running Blech, Apache 2.0 with PHP 4.3 and MySQL 3.23.y and wasn't working properly on the new system.

I can't say for certain that the problem isn't Apache, PHP, MySQL or Linux, but each piece works, and they seem to be working together, but given that PHP is the scripting language du jour it's not out of the question that the code which works (for the most part) under PHP 4.2 doesn't work under PHP 4.3.

Or it may be that it works under PHP 4.3 but only under Apache 1.3 and not Apache 2.0.

Or it may be that the database replication from one server to another one didn't work (but all 322 tables have been replicated).

Or it could be that it's a weird interaction with Apache 2.0 and PHP 4.3 and Linux 2.6

And let's not even get into the environmental differences between Insipid and Blech.

Today was not a fun day (and I never did figure out why the code doesn't work—I may leave that up to the customer to figure out).

Tuesday, March 29, 2005

The principle of Varnasrama Vindaloo Dharma

I reached one more branch out to her, in the form of misspelling the name of the god of destruction as a liquor brand. But it wasn't enough to get her to tell me to fuck myself, so I started making up my plan. Which was real simple: Take her money and cut and paste a paper together from the internet that was so obviously plagiarised that she'd be guaranteed to get caught. And then, if I was able to get the information out of her, I'd report her to whatever her school was, and who knows, maybe even pump her for double money in exchange for not turning her in. Either way, I'd eventually be writing the story up in this blog, and sending her the link to it.

Is this harsh? Eh, I don't think so. She got the syllabus saying she'd be kicked out of school for plagiarism, so she shouldn't be surprised. Plus, I have a nice little English degree that I did all the work for myself, so I find it a little offensive that this girl for whom money is no object is buying papers like that.

Via theferrett , Laura K. Krishna is a Plagiarist

The paper read like something I might try to get away with, but at least I would be the one doing the writing, not a professional comedy writer out to destroy my college career (I can do that perfectly well on my own thank you very much).

I also don't think Nate was out of line for what he did—he did give Laura several clues that he himself was clueless about Hinduism (the given topic of the paper) but Laura never clued in and continued pestering him about writing the paper (and willing to pay for it, money being no object). Such actions, if left unpunished, will only devalue college degrees (and they're pretty low as it is). And besides, it's not like colleges never mention “Don't plagiarize” to students—I recall that coming up every class I took.

Wednesday, March 30, 2005

… but her Mom is nice

About the principle of Varnasrama Vindaloo Dharma, my friend Steve Crane (on a mailing list we're both on) send a link to BoingBo ing, saying it's a hoax, an April Fools hoax, but yet, according to the original site, it's not:

So it became Monday, and instead of finishing off my nice prank I was going to share with two or three dozen real-life friends, I was faced with all of you people looking for blood. I didn't want blood. What I wanted was irony. Perhaps to facilitate the founding of a scholarship at her school, or get her to donate Hinduism books to the library, or even just to get her to actually write the damn paper. But it was all happening way too fast, and I knew at that point that the site would come around to her way faster than my timeline had projected.

So the e-mail revealing the link went out Tuesday afternoon instead of Wednesday morning, while I still thought there was a slim chance of warning her. Hours later, she found me on im. There was lots I wanted to ask her, and lots I wanted to shame her about. At this point, I figured that the internet had punished her, and she's already an example even if she doesn't get expelled.

Laura K. Krishna is Just a Dumb Kid With a Nice Mom

So, is it a hoax? Is the BoingBoing notice a hoax? Hard to say about this one (and if either is an April Fools hoax, they're still a few days early).

But, reguardless, it has brought up a nice debate about plagiarism and whether the punishment (of public ridicule on the Internet) fits the crime (of paying someone to write a college paper). I'm siding with the “not a hoax” theory myself and that Laura K. Krishna (not her real name) is learning a hard hard lesson.

Thursday, March 31, 2005

The magic switch

I called another hacker over to look at it. He had never seen the switch before either. Closer examination revealed that the switch had only one wire running to it! The other end of the wire did disappear into the maze of wires inside the computer, but it's a basic fact of electricity that a switch can't do anything unless there are two wires connected to it. This switch had a wire connected on one side and no wire on its other side.

It was clear that this switch was someone's idea of a silly joke. Convinced by our reasoning that the switch was inoperative, we flipped it. The computer instantly crashed.

A Story About ‘Magic’

The machine was incommunicado anyway.

We couldn't ping it, and it didn't respond when we plugged a keyboard into the machine. Dan, the network engineer had been wanting to move the machine anyway, since a colocated server shouldn't really be in the core router room (it was there because at the time, that was the only space for it). I figured why not? We'll be rebooting it anyway. Dan noted the phone number on the front of the computer (not a bad idea actually) and said I should notify the customer about the situation.

“Hello, this is Sean from—”

“I don't speak English,” said the woman's voice on the other end of the phone number. Perfect English, a slight hint of an accent I couldn't quite place.

Instinctively I raised my voice, because, you know, an increase in volume always brings about an increase in language comprehension. “Is there anyone there that speaks English?”

“I don't speak English.” Click.

Um …

Right.

Smirk's on vacation for the week, and only he knows his accounting system enough to plumb customer phone numbers from it. All I had to work with was the one scrawled on the front of the computer, and hey, I gave it a shot. This machine needs to be moved, then restarted. The move itself went quickly, even though the machine was an ungainly large tower based system. Plugged in the network cable, power, monitor and keyboard from the crash cart, and hit the power switch. Power supply fan started, then stopped—nothing. Hit the switch again. Power supply fan started, then stopped nothing. Went around to the front of the machine to see what might be going on. Hit the switch. Power light went green, the CD-ROM light flashed briefly, as did the floppy drive. Then all went dark.

XXXX!

Checking the machine, I found a switch on the back of the machine. So for several minutes I tried various combinations of switches. Then I unplugged the network card. Then the keyboard. The machine finally powered up.

Whew!

Um … maybe.

The machine came up with this overly large Hewlet-Packard logo and just sat there. I wanted to nervously tap the Caps Lock key, but then remembered, the keyboard wasn't plugged in. So I just stood there nervously tapping the keyboard anyway. After three or so minutes I saw the familiar “Lilo” prompt, followly quickly by Linux booting.

I then stood there watching disk partition after disk partition being scanned. Two disks, each appeared to have seven or eight partitions. After about ten minutes the screen blanker kicked in.

Okay, I unplugged the monitor and put the crash cart away—there wasn't much I could do at that point and I figured it was another few minutes it would be up and chugging away serving whatever it was it served.

A bit later the customer called, saying his machine was down. I should have come up by now. Hooked the crash cart back up to it, keyboard still wouldn't respond and the screen was still blanked. Nothing much else to do but reboot it.

Okay, wait for three minutes looking at the Hewlet-Packard logo, then Linux is booting and Oh! fsck needed to be run manually on one of the partitions and it's asking for a root password.

I don't have a root password.

Okay, let's try booting into single user mode.

Nope, wait three minutes for the Hewlet-Packard logo, boot into single user mode and still need a password.

Okay, let's try using a rescue CD and manually check the partition.

Yes, waited three minutes and the CD worked.

Okay, take out said CD, and reboot the machine. Wait three minutes, see Linux boot, and the network interface failed to initialize.

XXXXXXXXXXXX!

Put the CD back in, then shut the machine down and try initializing the network interface using the rescue CD to see if it's a hardware or software issue.

Note, this time, instead of just resetting the machine, I power cycled.

Well, power downed. It wouldn't power back up.

And by now the customer was on the phone asking what had happened.

I told him, and asked him if there was any special procedure I needed to follow to get the machine up and running.

He wasn't aware of anything special, other than making sure the switch in the back was in the “On” position, and toggling the front button.

This was not good.

Customer suggested I unplug the CD-ROM. Which meant I had to open the computer. Which meant I had to remove the top to remove the side to remove the power from the CD-ROM. The side of the computer case had to slide all the way out. Not just back a bit then fall to the side. Nope, it had to sliiiiiiiiiiiiide all the way off. Not an easy thing to do while it was still in the rack.

Still wouldn't power up.

So, remove power to the floppy drive.

Still wouldn't power up.

By this time, I had both P and Dan crowded around the machine, and Dan noticed that the power supply for this huge system with dual harddrives and a CPU the size of Rhode Island only had a 250W power supply.

Okay. Swap in a larger power supply.

Now, mind you, I was on the phone with the customer while all this was going on—I had a mobile phone with a headset.

Take the machine back to the rack, power up.

Hallelujah that worked!

Machine powered up, sat there at the Hewlet-Packard logo for three minutes, booted into Linux and still refused to initialize the network interface. And now, I realized that the CD I wanted to boot was stuck in the still unpowered CD-ROM (the new power supply didn't have enough connectors on it to supply power to the CD-ROM).

Next scramble, new network card, in a different slot than the old card.

Now the wait was five minutes, and it still didn't work.

Next scramble, found a network card that was the same model as the one that was originally in the machine.

Wait five minutes, boot and hallelujah it initalized the network.

Only the machine was in the middle of the floor, with its cover off.

So the customer logged in, shut it down, so we could put the covers back on and slap it into the rack.

Wait five minutes—

—and the network card didn't work.

At the customer suggestion, I removed the covers, took out the replacement card, held it for a few moments, then put it back in. Powered on, waited five minutes, saw the system boot and—

—the network card was working.

“I'm not putting the covers back on. I don't want to touch the machine,” I said.

“I don't blame you,” said the customer.

I'm not touching that machine again.

Friday, April 01, 2005

The unfortunate results of adding a stock phrase to Chinese fortune cookie fortunes

Catch on fire with enthusiasm and people will come for miles to watch you burn …

… in bed.

Saturday, April 02, 2005

All that for something barely anyone saw

One of the problems of providing an RSS feed is that most of my readers read it and not the site here, thus the format change I did for April 1^st was lost, along with most of my AdSense revenue (one of the few things I can report about is my gross earnings from Google, which to the nearest cent is $0.00)—I suppose I may get more revenue if I inline the ads, such as:

But I don't really want to do that (nor add ads to my RSS feed, so don't worry—well, except possibly for this entry but that depends on if your RSS agregator filters out the <SCRIPT> tag (it'll be interesting to see).

Anyway …

Last year's April Fools theme was greenbar printer paper, where (through the wonders of CSS) it appeared as if this was being printed out (in all caps no less) and it took me quite a while to find an appropriate image of greenbar paper for the background. This years idea was to do an old fasion monochrome monitor (green on black) with a slight resync problem (you can see a bright green line of the electron gun being swept across the screen). A bit easier to munge up than last year's imagry and one I could make myself.

At first I tried a paint program, but it was a rather primitive paint program and I had problems trying to do the 2048x100 image (2048 pixels wide to make sure it was wide enough not to repeat for anyone). Too many problems using the program, leading it to taking way too long.

It was then I remembered I had the GD library installed.

Trivial!

How trivial?

#include <stdio.h>
#include <stdlib.h>
#include "gd.h"

int main(void)
{
  FILE       *fpout;
  gdImagePtr  imout;
  int         background;
  int         line[3];

  imout = gdImageCreate(2048,100);

  background = gdImageColorAllocate(imout,16, 32,16);
  line[0]    = gdImageColorAllocate(imout,16, 64,16);
  line[1]    = gdImageColorAllocate(imout,16, 96,16);
  line[2]    = gdImageColorAllocate(imout,16,128,16);

  gdImageLine(imout,0,13,2047,23,line[0]);
  gdImageLine(imout,0,14,2047,24,line[1]);
  gdImageLine(imout,0,15,2047,25,line[2]);
  gdImageLine(imout,0,16,2047,26,line[1]);
  gdImageLine(imout,0,17,2047,27,line[0]);

  fpout = fopen("vidline.png","wb");
  gdImagePng(imout,fpout);
  fclose(fpout);
  gdImageDestroy(imout);
  return(EXIT_SUCCESS);
}

A crude attempt at anti-aliasing a beam across the page. Very poor results no matter how I did it. It was then I remembered my Foley-van Dam book (Computer Graphics: Principles and Practice by Foley, van Dam, Feiner and Hughes, 2^nd Edition)—surely it must have a section on anti-aliasing lines. Indeed, § 3.17 had just what I wanted—code for drawing anti-aliased lines. A few minutes typing in the code (a page's worth) and I had myself one nice anti-aliased beam across the page.

int g_brightness[100];

/********************/

void init_colors(gdImagePtr img)
{
  int i;
  
  for (i = 0 ; i < 100 ; i++)
    g_brightness[i] = gdImageColorAllocate(img,16,132-i,16);
}

/******************/

void pset(gdImagePtr img,int x,int y,double dist)
{
  int    intensity;
  
  intensity = (int)(fabs(dist) / 1.5 * 100.0);
  gdImageSetPixel(img,x,y,g_brightness[intensity]);
}

/***********************/

void line(gdImagePtr img,int x1,int y1,int x2,int y2)
{
  int    dx;
  int    dy;
  int    incrE;
  int    incrNE;
  int    d;
  int    x;
  int    y;
  int    two_v_dx;
  double invDenom;
  double two_dx_invDenom;
  
  dx              = x2 - x1;
  dy              = y2 - y1;
  d               = 2 * dy - dx;
  incrE           = 2 * dy;
  incrNE          = 2 * (dy - dx);
  two_v_dx        = 0;		
  invDenom        = 1.0 / (2.0 * sqrt(dx*dx + dy+dy));
  two_dx_invDenom = 2.0 * (double)dx * invDenom;
  x               = x1;
  y               = y1;
  
  pset(img,x,y    ,0.0);
  pset(img,x,y + 1,two_dx_invDenom);
  pset(img,x,y - 1,two_dx_invDenom);
  
  while(x < x2)
  {
    if (d < 0)
    {
      two_v_dx = d + dx;
      d += incrE;
      x++;
    }
    else
    {
      two_v_dx = d - dx;
      d += incrNE;
      x++;
      y++;
    }
  
    pset(img,x,y    ,two_v_dx * invDenom);
    pset(img,x,y + 1,two_dx_invDenom - two_v_dx * invDenom);
    pset(img,x,y - 1,two_dx_invDenom + two_v_dx * invDenom);
  }
}

See what I go through for stuff nobody will see?

Sigh.

(If you are curious to see the styles, and you are using Firefox, you can use the menu View/Page Style to select which style you want).

---

Science in action

Another unexplained phenomenon: Do you know of anyone who can explain why I can hold my car's remote keyless entry fob to my chin and have its range tripled, or even quadrupled? Try it. Yeah, it works. Really!

There's the challenge for this week, folks. A cavity-resonance, antenna effect, or just what? Let us know your theories … !

An Interesting Phenomenon—The James Randi Educational Foundation Newsletter

I don't have a theory, but I did decide to test the phenomenon (do doo de do do!) to see if it really happens. Casa New Jersey is at the end of a dead- end street with very little traffic, so it was a simple matter to park Lake Lumina (my car—there's a long story attached to the name) at the end of the street and using a 300′ tape measure, mark off the distances.

The tape measure was tucked underneath the front driver wheel (a convenient anchor point), but given that I don't really know where the keyless entry fob antenna is on the car, the measurements I did take could be anywhere from +4′ to -15′. So, with that in mind …

At certain intervals, I held the keyless entry fob five different ways:

I'm sure I looked silly to the neighbors, but it's silliness in the name of science! Undaunted, and with the help of wlofie (who was standing by Lake Lumina) who used hand signals to indicate if the doors locked or unlocked, I proceeded to look silly while seeing how far I could lock and unlock my car.

The keyless entry fob is the original unit that came with my car and as such is seven years old, still with the original battery. Also, the fifth stance, the so called “Don Martin” pose, was suggested halfway through the experiment and I neglected to take samples at the shorter distances. I started out going 20 feet per attempt, then as the signal appeared to drop out, started shortening the distances to locate where the signal dropped.

Now, onto the results:

The range of a keyless entry fob under different holding techniques

20′	Yes	No	Yes	Yes	(not tested)
40′	Yes	No	Yes	Yes	(not tested)
50′	No	Yes	Yes	Yes	(not tested)
55′	No	No	Yes	No	Yes
60′	No	No	No	No	Yes
70′	No	No	Yes	Yes	Yes (sporadic)
80′	No	No	Yes	Yes	Yes
90′	No	No	Yes (sporadic)	No	No
100′	No	No	No	No	No

Holding the keyless entry fob to my chin did extend the range to twice that of just pointing towards the car, but nowhere three or four times the claimed distance. Also, the “Don Martin” pose also extended the range about twice the distance. So it's hard to say if it's due to a cavity-resonance atenna effect, or just the higher altitude the fob was held at increased the range (and there is that spurious result at 90′—perhaps the signal reflected oddly?). Who knows? I just generated some data that can be used in coming up with a theory.

Now, off to email the results to the James Randi Educational Foundation …

Sunday, April 03, 2005

Spring forward!

This “springing forward” time change always catches me unaware.

Sigh.

On the plus side, I will now start getting home before dark, which is always a nice change.

---

House Chillin Party

Okay, Spring just announced the House Chillin' Party, Saturday, April 16^th starting at noon.

All are invited to come and since this is a House Chillin' party, so no gifts other than the gift of company is required (oh, and a bit of wisdom on a scrap of paper).

Hope to see you here.

---

Is there some wierd bug in my code?

I might have a bug in this code.

Wednesday, April 06, 2005

What a cut-up

I'd just like to note that the method for cutting up chicken explained at Cooking for Engineers is not only fast, but simple too! It's a much nicer method than the total lack of a method I was using before.

I still have to work on getting the breast meat off the bone though (which I typically use to make Chinese chicken nuggets sweet-n-sour chicken—one of the few dishes that I make that The Kids like).

---

“He who controls the router, controls the network.”

The Kids were noisy. Well, they're kids, they're inherently noisy.

But they supposed to be sleeping.

On a hunch, I logged into the firewall system (an old 486 running Linux) and ran monnet, a network monitor I wrote a few years ago as an educational exercise and sure enough, there was quite a bit of traffic from The Kids' computer upstairs.

Sure enough, they were playing Rune Scape.

Buy why yell when instead, I can have a bit of fun …

route add 10.0.1.161 reject

It suddenly got very quiet upstairs …

Heh heh heh.

Thursday, April 07, 2005

Odd Bug of the Day

Okay, this is a wierd bug.

If you visit the page for April 3^rd you'll see three entries (the final one added today in trying to track down this bug). Now, if you go to the first entry of that day, then click “Next” you'll actually skip over the second entry (which doesn't show up at all) to the third entry. And from there, clicking “Previous” will either take you to the first entry for that day (which is what happens on my test server) or it take you back to the third entry (which is what is happening on the live server). On the plus side, it's happening on both systems. On the minus side, it's exibiting different behavior.

I don't know what it is about that second entry (which is about the House Chillin' Party) that mod_blog doesn't like …

---

Um … sure … this is easier …

I truely don't understand how control panels make life any easier.

I truely don't.

We have a customer with a dedicated server running Fedora Core 2 with Blech. Okay, fine. The customer wants to install a PHP script. Of course. The script requires a PHP function mhash():

However, you need to verify that the required PHP MHASH extension is available; otherwise, you will not be able to generate the required fingerprint.

The required MHASH extension comes with PHP and requires no additional cost.

Most web hosting providers install this extension along with PHP; however, in some circumstances, you may have to enable it yourself or ask your web host to enable it for you.

Lies! All lies!

It may very well come by default with PHP 4.3.10 but we're not running PHP 4.3.10 on this system, we're running PHP 4.3.4 and while the configure command (presented by phpinfo() is over 20 lines long, it doesn't contain --with-mhash.

There does, however, exist RPMs I can install. The mhash-0.9.1-2.i386.rpm installed fine, but php-mhash-4.3.10-2.4.2.i386.rpm failed because it needs PHP 4.3.10 or higher and like I said, we're only running PHP 4.3.4.

And what the XXXX does version “4.3.10-2.4.2” even mean? It's like the Linux Kernel Version Numbering Mess, only worse.

It's even more incredible that RedHat failed to include this module with PHP; it has every other conceivable module configured.

Grrrrr.

I suppose we could upgrade to PHP 4.3.10, but would that break Blech?

Oh wait … just found out the latest version of Blech can support PHP 4.3.10, but we're not running the latest version of Blech, so we'll need to upgrade that …

Aaaaaaaaaaaaaaaaaaah!

So tell me, in what way do control panels make life easier?

XXXX, in what ways do RPMs (or any other pre-compiled form of installation) make life easier? It's not like ./configure ; make ; make install is all that difficult …

Friday, April 08, 2005

A possible theory

Last Friday the James Randi Educational Foundation mentioned an odd phenomenon (do doo de do do!) and last Saturday I did some tests to see if it actually worked (kind of). This week the James Randi Educational Foundation followed up with some more information, as well as a possible theory (which fits in with my observations).

Sadly, my contributions weren't noted.

Monday, April 11, 2005

Updating servers

There's an interesting project lumbering down the pike (I do hope we get it) but it involves a large number of machines acting as one—I think the marketing term would be “enterprise cluster.” One of the interesting challenges involves updating each of the servers (did I mention there being a large number of them?) with content. There will be one master control processor (the MCP and N slaves. If the MCP copies the files out to each slave, then it's O(n) as an upper bound. However, if in addition to the MCP copying files, each slave starts copying as soon as it receives a copy, then it drops to O(log n) which is much better.

But is there a faster way?

Ideally, the files will be coped to each node, but is there a way to broadcast the file …

Broadcast.

IP has the concept of broadcasting.

Unfortunately, while IP can send broadcast packets, the reliable byte-oriented TCP protocol (built on top of IP) doesn't. TCP is meant to be a reliable data stream between two processes—a “one-to-one” type of communication. No, a broadcast copy will require the use of UDP, a connectionless protocol that is, unfortunately, unreliable (well, so is IP, but TCP includes mechanisms for reliability). But if it can be made to work, the time to copy a file to N nodes drops from O(log N) to O(1)—as fast as you can get.

And it seems like I'm not the only one to latch onto this idea.

[root unix]# ./mdp
mdp: Error! Must pick "client" mode (-D <cache/archive directory>),
       "server mode" (i.e. supply file(s) to transmit), or both.
       Use "-h" option for usage help.
mdp: error starting mdp
[root unix]# ./mdp -h
CmdMdpApp::ProcessCommands() invalid flag
mdp: error processing command-line options
[root unix]# 

(Sigh.)

Aside from programs that don't understand their own options, another aspect we're facing is adminstrating a large number of machines (and not the few dozen we have now). Towards that end, I've been reading all the articles at Infrastructures.org—a type of “best practices” in adminstrating a large number of systems.

The enterprise cluster concept simplifies how we maintain individual hosts. Upon adopting this mindset, it immediately becomes clear that all nodes in an enterprise cluster infrastructure need to be generic, each providing a commodity resource to the infrastructure. It becomes a relatively simple operation to add, delete, or replace any node.

Infrastructure Thinking

The one bit I do have problems with is the “Push vs. Pull” argument:

We swear by a pull methodology for maintaining infrastructures, using a tool like SUP, CVSup, an rsync server, or cfengine. Rather than push changes out to clients, each individual client machine needs to be responsible for polling the gold server at boot, and periodically afterwards, to maintain its own rev level.

Push vs. Pull

I'm not a fan of polling—the majority of polls won't return any new information and is just extra work on the part of the poller (and in this case, the extra network traffic). Also unspecified is how to handle the spike in traffic when there is an update. I'm sure in practice that each machine is set to semi-randomly poll the “gold server” least it suffer a network interface meltdown when hundreds—nay, thousands, of clients hit it at once for an update.

But their arguments about overly convoluted distribution scripts are compelling too. But in looking at broadcast copying (or multicast copying, take your pick) I'm wondering if a metter approach to the strict polling would be periodic broadcasting that an update is ready, and each server that receives the broadcast then contact the “gold server” for updates (and I'm talking about system updates, not just content being sent out).

Much to think about …

---

When multicast is slower than unicast

So I'm playing around with MDP and I am underwhelmed by its performance. I have it installed on five machines. The file I'm transfering is about 4.5MB in size and can be transferred in under 30 seconds using scp (and that's including the time it takes for me to type in a password), so to transfer the file to four machines (the fifth is doing the sending) should take around two minutes.

The first test I stopped after twelve minutes. Okay, so one of the machines is a bit flaky, so I decided to drop that one from the test and run the test again.

Ten minutes.

Also, because of the way multicast works, the sending process doesn't exactly end when the clients have the data just in case another process joins to receive the broadcast (I'm guessing, the documentation for MDP is scant and the help feature doesn't work) so this may not work for what we want to do.

Monday, April 25, 2005

The past two weeks

From: "Ken Maier" <KMAIER@JKAUGUST.COM> <XXXXXXXXXXXXXXXXXXX>
To: "'Sean 'Captain Napalm' Conner'" <SEAN@CONMAN.ORG>
Subject: RE: FW: The Boston Diaries Update Notification
Date: Mon, 4 Apr 2005 08:41:22 -0400

but as an aside, I'd like to thank you for keeping your blog updated and not falling into the category of people who start something and don't post to it anymore. I'm never sure what to read on your blog Sean and I'm always entertained. Keep up the good work! ;-)

Note that Ken sent that earlier this month. And what do I do in response?

Not update for two weeks.

Sigh.

Since my last update I've:

Tuesday April 12^th

Sometime in January I tried renewing my driver's license and renew my car's registration online but while it looked like it worked, I had yet to receive my driver's license or registration. So I set aide this day to look into this matter at the DMV office.

Or rather, offices. The closest office to handle driver licenses is in Lantana (only a couple of miles from Casa New Jersey) but they don't handle car registrations; that office is in Lake Worth (again, only a couple of miles away from Casa New Jersey, but in the other direction). No big deal, just take the day off from work (of course) and hit both offices.

My mistake was in not hitting the driver license office at 7:30 am.

When I arrived around noon, there was a mob of people outside. Pushing my way inside I found another mob of people waiting in line to get permission to wait in line. This convinced me that I might be better off trying to do this by phone. Only (after I got home) the phone was busy (imagine that) so I tried the online thang again. Seemed to work this time around.

Friday, April 15^th

Taxes.

Ouch.

Just … ouch.

I've heard cries about simplifying the tax code, possibly going with a flat tax to make things simpler. Only it's not the actual tax calculation which is hard (if it's less than US$100,000.00 you look up the amount on a table, and if it's over that it's 25–35% of your income, depending upon how much it is and what your filing status is—but the worksheet for that is simple)—it's the definition of “income” which is hard. Lines six through fourty-two of Form 1040 exist just to figure out your taxable income (that's 36 lines and up to six schedules and four forms).

Having a flat tax won't make that go away.

Saturday, April 16^th

The House Chillin' Party.

It was great! Most of the people invited showed up, and much food, drink and conversation was had. The rocket launch (The Kids found a model rocket when we moved in) was successful (once we figured out that the launch key had to be shoved way into the launch control unit), and the parachute deployment was successful, but the winds carried the rocket away to a private golf course an inaccessible area—I just hope we didn't scare any golfers indigenous populations with its landing.

By the way, the Words of Wisdom we asked people to bring where strung up across the living room.

Last week at work

At the House Chillin' Party I managed to talk to Mark and Rob about the broadcast copy idea I was working on (Rob is now a senior Unix administrator for Negiyo and they're responsible to updating and managing hundreds of servers across two dozen or so groups so any insight he has is great) and both didn't like the idea of multicast or broadcasting changes around. They also weren't keen on the idea of polling for updates. So I may just go with the O(log n) method of pushing files out.

So I slipped into another related project—that of monitoring a large number of servers. I do know that SNMP is used here to monitor the various routers and switches, but it seems that since I last looked at it (late 90s) it's been extended (since it is extensible) to include host information (you can even monitor processes! And installed packages! Wow!). So not only have I been installing NTP on all the servers (slowly, working my way through the list) but also SNMP.

Smirk also wants to use Cobalt RaQs for various infrastructure hosts, like DNS, since they use very little power (about 35W vs. 250W for a typical server). I've already set one up as a firewall, but more about this in the next entry.

That pretty much brings us up to date.

---

Installing Debian on a MIPS-based Cobalt RaQ

There are two major types of Cobalt RaQs, those based on the MIPS chip (RaQs 1 and 2, plus the Qubes) and those based upon the Intel Pentium chips (RaQs 3 and 4). They come with a version of Linux preinstalled, but they're an older kernel (2.0 or 2.2) and due to the limited nature of the firmware, it's not easy to upgrade them with a more modern Linux kernel.

It can be done.

But it takes some work.

This entry is about upgrading a Cobalt RaQ 1 or 2 (the MIPS based machines).

I had intended to install NetBSD but the install instructions seem to assume you have a bootable Cobalt RaQ to begin with. I didn't, since the unit I was given lacked a harddrive (as I found out); I didn't have the luxury of a booting Cobalt RaQ (it came without a harddrive).

Debian has a port to the Cobalt RaQ (MIPS, not the Intel). The instructions I initially found mentioned the “woody” release (a few years old now) and that distribution failed miserably. Poking around the Debian site lead to the “sarge” release, which worked wonderfully, but in getting it going you need to do quite a bit of work.

I'm not sure if RARP is required for this or not (the NetBSD instructions seemed to indicate it was) but since I had RARP support for a previous NetBSD install a few years ago it didn't hurt to use it. Getting the MAC address of the machine was a simple matter of a forced network based boot and sniffing the network traffic and then rarp -s 10.0.0.15 00:10:e0:00:68:10. In any case, you will need the MAC address of the Cobalt RaQ.

Then it's configuring of NFS. Easy enough to export the /nfsroot directory (yes, I had to create it) and to keep the potential problems down added the following to /etc/exports:

/nfsroot *(rw,no_root_squash,async)

Now, the final DHCP configuration that worked:

host kobold
{
  hardware      ethernet 00:10:E0:00:68:10;
  fixed-address 10.0.0.15;
  filename      "/boot/vmlinux.gz";
  option        root-path "/nfsroot";
  option        domain-name             "kobold.groomlake.area51";
  option        domain-name-servers     10.0.0.1;
  option        routers                 10.0.0.1;
  option        subnet-mask             255.255.255.0;
  option        broadcast-address       10.0.0.255;
  next-server   10.0.0.3;
  server-name   "10.0.0.3";
}

(yes, I know that .area51 is not a valid TLD; it's one I created a few years ago when playing with DNS and it's only used for the private network at Casa New Jersey).

Next step, getting the files that are needed to boot the Cobalt RaQ. If you don't mind Debian, these work. You'll need initrd.gz, vmlinux.gz and vmlinux_raq-2800.gz—while I did get default.colo it didn't seem to actually work but hey, it can't hurt to get it. All the files are placed in /nfsroot/boot/ on the NFS server, and marked executable (I also placed a copy in /nfsroot but that shouldn't matter).

Next step, getting those files loaded. Hook up to the serial console on the Cobalt RaQ (baud rate 115200, parity 8n1 and if that doesn't work, take a paper clip and hold in the button in the hole just to the right of the LCD screen while powering up; that will reset the serial console to 115200 8n1). While powering it on, hit the space bar to get the boot prompt, and type:

bfd /boot/vmlinuz.gz root=/dev/nfs nfsroot=/nfsroot

What you are loading is not Linux, but yet another boot loader that doesn't have the same restrictions as the one built in (it's CoLo, which can be used to replace the existing boot loader, or used in this chaining method). That will boot and if it fails to load the actual Linux kernel (which in my case it always did) you can simply (hah!) type:

ColoPrompt> nfs {dhcp-next-server} {dhcp-root-path} vmlinux-2.4.27-r5k-cobalt initrd.gz
ColoPrompt> execute rd_start=0x{initrd-start} rd_size=0x{initrd-size} console=ttyS0,{console-speed}

(and if that doesn't work, power cycle the Cobalt RaQ and try again—I had to do this twice to get the Debian Intaller running)

You are then running the Debian Installer and from there on out it's just like any other Linux installation. You partition the drives (for this system it's recommended you let it partition the drives), select the type of install and let it go. You'll end up with a usable, if rather bare, Linux system (right now it's compiling MySQL).

Tuesday, April 26, 2005

… and the cops go wizzing by …

The last time I saw this many cops was a few years ago when the bank our company was above was being robbed.* This time however, about two dozen cop cars (at least, maybe more) just flew by our office, sirens blaring and turned right at the corner into one of the many commercial parks in this section of Boca Raton, Florida. I figure we'll hear about it on the news later tonight, tomorrow at the latest.

---

Waiting … waiting … waiting.

Compiling on the Cobalt RaQ2 isn't fast. It's actually rather sluggish when you come right down to it. Now whether that is a function of the MIPS chip, a slow bus speed, or a slow IDE drive, I can't say, although I suspect it may be a slow bus speed (the MIPS based SGI system I used at FAU, while only 33 MHz, was fast—the only things faster were the newer MIPS based SGIs).

Time it took to compile various packages on a 250MHz MIPS based Cobalt RaQ2

Package	Real time	User time	System time
MySQL 4.1.11	312m, 31.074s	288m, 52.820s	20m, 32.900s
Bind 9.3.1	51m,  0.245s	47m,  2.640s	3m, 20.260s
Apache 2.0.54	84m, 26.658s	66m,  6.710s	16m, 45.680s
PHP 4.3.11	56m, 17.193s	45m, 44.070s	9m, 52.470s

These were just the packages I kept the compile times for—the rest (like OpenSSL or NTP were just as slow to compile.

I wonder though … if there is a way to tune the IDE drivers to get some better throughput …

Wednesday, April 27, 2005

… and the cops are still wizzing by …

Again with the cops, about two dozen or so screaming past our office and heading to the same place as yesterday (and nothing about it in the news). On the way home yesterday I did notice that the company they went to is a security related company, so perhaps this is some training mission.

Very wierd …

---

Taking away the spam filter's Little Orphan Annie Secret Decoder Ring

A few months ago I wrote about some character encoding problems I was having, namely that it was a real mess under the web. But apparently, it's not a mess with email.

We have a dedicated computer that does nothing but filter spam (and the statistics from that are depressing); you can add additional fitering via regular expressions. Smirk has been receiving quite a bit of foreign spam, stuff in Russian, Korean, Chinese, which he can't even read since it's in Cyrillic, Wansung and Hangul. But (for instance) some (if not most) of the email had subject lines like:

Subject: =?Windows-1251?B?amFlQGxlZWhvbS5uZXQg?=

where the character set is encoded within the subject line. So Smirk thought a regular expression like ^Subject: .*Windows-1251.* would work and filter out the spam in Cyrillic (with appropriate regular expressions for Wansung and Hangul).

Only it didn't work.

It caught subject lines that had “Windows-1251” as part of the legitimate subject line (I sent him a test message with the subject of “Did you get Windows-1251 yet?”) but not if it was part of an encoding. Which meant only one thing: the spam filtering system was applying the regular expressions to the decoded characters!

Well … that's certainly a surprise.

But it doesn't help the current problem. We're now waiting to hear back from the company if that “feature” can be turned off.

---

All I want to do is install Linux …

I finally received the go-ahead to convert my workstation from Microsoft Windows to Linux (well technically, I can install Linux on another workstation and swap it out for the Windows system I'm using now, but that's just an implementation detail).

Woot!

But I've been at this for five hours now and I've yet to even start installing Linux.

Boo!

First, I had to copy any important data off the machines (mine, and the current Windows system I will be installing Linux on). At first, I thought I could mount the office file server (which Smirk had finally finished setting up) but after spending almost an hour trying to get my machine to see that machine we gave up and used tar and scp (we have Cygwin installed on all the Windows systems here). Of course the machine I'll be using had a 10Mb network card which meant it took a long time to copy all the data to another computer.

Then it was time to install. The nearest distribution CDs available were for CentOS, a Linux distribution based off Red Hat's Fedora Core. P has it on his workstation, and at this point, I'm not particularly picky about my Linux distributions, just that can use one. So after swapping the network card for a 100Mb one, I put the CD in, and power up.

The Linux kernel is loaded, but that's it.

For about fifteen minutes.

Until I realize that P mentioned that he had made a CentOS boot disk that uses a serial console, not the video console.

Well then …

I found some Fedore Core 2 disks and boot that. It loads, but as it's loading up, I realize that I'm missing CD #2.

Okay, I can burn a CD while that's loading. Smirk has the disk images on his computer, so it's a simple matter of burning disc #2.

Ha ha, only if it were so easy.

I probably wasted close to another hour trying to figure out how to burn a CD on his computer. Which is running Windows. All I wanted to do was burn a file, which is a bit-for-bit image of a CD onto a blank CD. Under Unix, it's dd if=diskimage.iso of=/dev/cdrom. Under Windows … it's … a XXXXXXX nightmare. I “burned” three copies before I realized they weren't actually burned—the software just “simulated” the “burn” (only I didn't “notice” the “scare quotes” when it “burned” the “disk”). By then I noticed that the install program had just … stopped.

Bad CD?

Bad hardware?

The spectre of Bill Gates?

Hard to tell, but I decided to assume the CD was bad and burn a new disc #1, just as soon as I could figure out how to burn a disc on Smirk's computer.

I called Smirk, and he walked me though the process.

Only the computer refused to boot from the burned discs.

I then stepped the burn speed down and attempted another time.

I then stepped the burn speed down yet again to the slowest setting (4x) and am now waiting for the current burn to finish. If that doesn't work, I'll burn effigies of Bill Gates and Steve Ballmer and try again tomorrow.

Oooh! CD is finally done burning. Gotta go …

---

All I wanna do is burn Bill Gates and Steve Ballmer in effigy

Sigh

Thursday, April 28, 2005

A comfortable environment

I think burning Bill Gates and Steve Ballmer in effigy worked to remove any bad karma from the system (that, and changing the CD-ROM in the computer). I was able to finally get my Linux-based workstation going, and the first thing I did was install Fvwm (my window manager of choice—yes, I am old school).

Now I have a very comfortable environment with which to work in, and all is right with the world (and it doesn't hurt that it's been a quiet day at the office).

---

Again with the cops

It must be a training exercise.

Friday, April 29, 2005

Don't Panic

Wlofie and I saw The Hitchhiker's Guide to the Galaxy today. I kept my expectations lows and generally, when I do that, the result is usually better than coming in with too high expectations. Overall, the movie was good but there were the obvious bits of Hollywoodization to the story (some chase scenes, a silly love interest story). The thing to remember about H2G2 is that the story isn't faithful to itself in any of the mediums it's been translated to. The radio version is different than the book is different than the TV series is different than the play(s) (there were two) were different than the computer game and this movie is consistent in that it isn't consistent at all, which (given that the book trilogy is five books long) fits H2G2.

The cast (mainly of unknown actors) is spot on perfect (and I absolutely adored Zooey Deschanel (Zooey—what a cool name) as Trillian). The visuals (especially the Magrathea factory floor) are just wonderfully done. And the new bits done specifically for the film are inventive (one involves a rescue (I won't say who) by filling out the proper release forms of the proper color, in triplicate and signed by the proper party with the only injury being a rather nasty paper cut (although to be honest, any type of paper cut is rather nasty) and another one involving the Point-of-View gun).

If you are a fan of H2G2 don't expect something that slavishly follows any of the previous versions of H2G2 that have come before and just enjoy the ride. If you aren't a particular fan of the work, it may be worth to view this once it hits DVD.

Also, stick around for the the credits. There's an amusing bit from the Guide itself during the final credits (of the several animated segments in the movie, they all look to be animated with Macromedia Flash; the sequences in the TV series were I think more innovative even if they weren't done by an actual computer. It's not to say the sequences were bad—they weren't, but I think I preferred the TV sequences which had so much going on you couldn't get it all at once).

Monday, May 02, 2005

Anyone up for hyperlinked network maps?

Along with setting up NTP and SNMP on all the servers here, I've also been documenting the network here at The Company (not that Dan hasn't done that, but he's responsible for the overall network and tends to focus on the switches and routers—I've been concentrating on the hosts I manage plus the switches they're hooked into). In doing this, I came across a drawing program for Unix called Tgif, an Xlib based (woo hoo! no huge external libraries to worry about! Yea! No insanely large amount of dependencies! Woo hoo!) interactive 2-D drawing program.

I've spent the past few days with it, drawing the network—the rounded rectangles are network switches (the one in the upper left has two VLANs, one with 18 ports in green, and a second one with 6 ports in blue), the larger black squares are computers. Red squares designate off-page (as it were) connections. Red lines designate switch-to-switch connections. The purple square encloses the office machines and the turquoise squares are some comments about the two upper switches (yes, the image is shrunk).

But it was only when I was writing this entry did I realize that Tgif has hypertext capability (has since 1994! Ken! Why didn't you find this program?) and I've been going through the demo pages with the Tgif program since (and want to go back actually … so … um … end of entry).

Thursday, May 05, 2005

Syncing the Mayo!

Woah! I just realized that today is

5/5/5

Also, I've had several people just walk up to me and say, “Sync the mayo!” At first, I found it odd, but after the third time or so, I thought that maybe it was some sort of code, and I tried replying “I have a red pencil,” but that just made the person saying “sync the mayo” get a confused look on their face so I gave up on that phrase. I also tried replying “the sandals are very comfortable,” but again I got a glassy look.

I'm not even sure how to respond to “sync the mayo!”

---

Because the Scooby Gang have yet to unmask Sergei Brin

I came across this rather forgettable article about Google's Web Accelerator. Normally, I would simply skip this and move on, but since Amanda (in a private post on her LiveJournal) asked about this, I figured I could answer her questions here (and entertain you people).

So anyway, here's a (nearly) point-by-point rebuttle to Think before you Worship:

There's a hardcore group of folks on the Internet who assume Google can do no wrong.

Yes, and they all work for Google.

To their credit, Google has spent years and millions upon millions of dollars cultivating this image, so I can understand where it comes from. The average Internet user seems to believe if they can't personally see a direct connection between ad revenue and a provided service, then the company responsible for such a product is some blameless, holy creature sent down by the good lord himself. “Well gee, Google offers all these services which don't cost me a thing, therefore they've got to be an unquestionable, infallible entity in my book!” the greasy nerd with 10-pound glasses exclaims while typing “MICROSOFT SUCKS” into his Google search bar. “Clearly this company only produces things for the good of all humanity! They aren't concerned with trivial things such as making money, dominating the marketplace, or boosting their stock prices!”

No, they are. If they weren't, they wouldn't be around for long. Any company that doesn't make money won't be around for long, and I'm sure that many companies would love to dominate the marketplace. Also, it's only public companies that want to boost their stock prices, and Google has only been a public company for about a year, if that.

This type of idiotic, blind fanboy mentality has led to where we are today: the Google Web Accelerator.

Funny, I thought that argument lead to us being in Iraq.

Millions of drooling bandwagoneers across the globe salivated at the thought of using yet another Google-produced product, once again passing over the fact that every business decision in Google's headquarters—and I repeat every business decision—is made with the bottom line of earning more money.

Since when is this news? Every business decision is made with the bottom line of earning more money—that's what a company does! It's what it exists for. Now, private companies have a bit more leeway in how they go about making money and what they can do with that money; public companies less so, since by law, they must incrase shareholder value, and that generally means anything to boost the stock price or dividends paid out.

True, bad decisions do come about (like the merger of HP and Compac) but even then it can still be traced back to the bottom line of earning more money, only in some cases, it's best to ask who's bottom is earning more money.

Google doesn't give a shit about you or me, unless you or me has the ability to give them money in some way. This is how every corporation is; they don't care about anything except making a buck.

Well, technically, a public company doesn't care about anything except for increasing shareholder value—they can't care about anything else by law! Private companies (like I said) have a bit more leeway since they aren't under public scrutiny (and that can be a Good Thing™ or a Bad Thing®).

Yet Google's history, their expensive team of lawyers, PR people, and viral advertising, has allowed them to ascend past the image of a generic corporate entity with the same bottom line as every generic corporate entity in the world. Such grace and good fortune has allowed them to release the Google Web Accelerator without facing a single shred of public scrutiny. So what does this incredible free new service accomplish?

Really? This isn't a publically viewable page? Wait a second … am I using the Google Web Accelerator? Oh wait … I'm getting ahead of myself here …

Google claims it magically speeds up your Internet connection, and for the average user, it does. This is done by caching entire websites on Google's servers, passing copies of any page a user visits and sending them to Google HQ.

Two points here—one, Google has already cached sites for their other major operation (search, remember? Also, anyone can view their cached version of a page by clicking on a link from their results page, and that fact could be used to survive a slashdotting) and two, they fetch the page on your behalf; you don't send them a copy at all. Does the author not understand basic web caching strategies? Or is he exagerating for effect?

Basically they're just creating carbon copies of everything you read, every site you visit, every image you load, and storing them on their servers, under the idea that you will have a faster connection to their servers than you would to whatever website you're visiting.

Well here's the problem, folks: everything you view is now owned by Google.

And if that is true, then you don't have to worry about this as the likes of CNN, the New York Times, Time, the RIAA, the MPAA, Playboy, Hustler and scores of other companies will nuke Google (from orbit—that's the only way to make sure) for even attempting to assert ownership of anything that is viewed by users of its service.

Do you read email? Well now Google reads your email, and now the entire world can read your email.

Yes I read email, but no, Google doesn't read my email—at least, it doesn't read any email not addressed to sean.conner@gmail.com (and frankly, while I have a GMail account, I don't bother using it at all).

But that's besides the point—even if I did use GMail, that doesn't mean that the entire world can now read my email (security incidents aside, and even then, everybody in the world would have to actively exploit any hypothetical security hole in order to read my email at Gmail).

Do you use private messages through a website? Well they aren't private any more; now anybody using Google's Web Accelerator can read them. Every single page you read, every single website you visit, every single cookie you use, every single thing you do on the Internet is now owned by Google and is viewable to anybody using their program. I hope you're completely comfortable with the entire world being able to see every single webpage you read and every single website you visit, because thanks to Google, it's now happening. Check out their privacy policy if you don't believe me.

I'd like to know how, say, Dad, could get my web viewing habits from the Google Web Accelerator (assuming I used said Google Web Accelerator, and if he were interested in reading what I read). Again, the author either doesn't know how the web works, or is simply trying to scare people from using the Google Web Accelerator.

I'm having to pay a coder just to figure out how to prevent Google from caching all the webpages on our forums.

There are a number of ways to prevent Google from caching your webpages, and what method you use depends upon how much you trust Google. You could try setting the Cache-Control: header. If Google uses a unique agent string (and Google already uses a unique agent string when crawling a website for indexing) you could check for that. The Google Web Accelerator may also come from a set of known IP addresses and you could certainly block on that (from within your webserver program, on the server itself or even at your site's main router). If the coder you hired hasn't come up with this, then you're wasting your money.

Why is this a problem? Well first of all, it's a giant security hole, as private forums for mods and admins can now be viewed by anybody. Thanks Google, thank you very much for sharing our sensitive information with the entire Internet, without even giving warning or notice to any parties involved!

Again, how?

Secondly, our forums offer a private messaging feature, where users can send messages to each other which can only be read by them. It's like AIM or ICQ, but through a webpage. If you're using Google's Web Accelerator—guess what?—now anybody can read your private messages! Cookies, logins, sensitive information, private messages—they're all stored on Google's servers now, and they're all available for anybody on the Internet to read.

I hate to break it to you, but if you think for a second that your AIM or ICQ traffic is private then I have some nice swamp land to sell you. AIM and ICQ go through centralized servers and I'm sure that the technicians there get off on reading chat logs of the rich and famous. So again, nothing new there.

But again, I fail to see how (short of an exploit or some random Google engineer giving this out) this allows me to read your cookies, logins and other sensitive information.

So how can a company like Google get away with this?

Because the Scooby Gang have yet to unmask Sergei Brin?

If Microsoft had released something similar, you can damn well be sure millions of angry, greasy Lunix zealots would be carrying torches and pitchforks to Bill Gates' house. The reason Google can so brazenly trample over the entire Internet is because people let them. They spent so long carefully crafting their pristine Internet image and reputation that all their actions are now seen as faultless, for the good of all humanity. Google surely wouldn't do anything bad or evil! After all, their company's motto says so! You know, that company motto they paid a legal and creative team to come up with.

From what I understand, Sergei Brin and Larry Page wrote their company motto, and insisted that go into the SEC filings prior to their IPO (they also pissed off many brokers on Wall Street by making them do actual work—eeeeeeeeeeeevil company that Google).

For the company that makes millions upon millions of dollars. For a business fueled by capitalism, just like every other corporation in the history of the universe.

Making money isn't bad. The pursuit of money isn't bad. Money isn't bad. Failing to question companies that prey on you is bad. Google doesn't care about you or me or the Internet as a whole, unless one or all of these things can somehow make them another dollar. They are just like every other company and should be treated as such. Microsoft receives strict scrutiny for every move they make, which is a damn good thing because it keeps their company in check.

I wish, but I digress …

Google doesn't, and this is what led to the release of their Web Accelerator program. Bending over to worship at the feet of a company just gives them a better chance to step on your back and boost themselves higher. Google is just another Microsoft without the bad reputation.

–Rich “Lowtax” Kyanka

I can see what Mr. Kyanka is worried about though—Google gaining access to content that it otherwise normally would not be able to see, and he's obviously worried about it be indexed into Google's search results and that is a cause for concern, but not for running about screaming “the sky is falling!” I think the engineers at Google are smart enough not to mix the content they get through their Web Accellerator with their search engine caches—so far, Google seems to “get” the web.

Sunday, May 15, 2005

I for one welcome our new robotic babysitters …

Although it's fine at sucking up dirt, finding its way around the room and returning to its charging station, its real achievement is in not only getting the children to clean up their toys first but also tiring them out before bed.

This works with three magic phrases:

1. “Roomba's coming out tonight. Clean up your toys or Roomba will eat them!”
2. “If you can clean them up fast you can stay up to watch Roomba!”
3. “Here goes Roomba. Don't let him touch you!”

Robot Child-herders

Hmmm …

---

For Spring, who loves these films …

Via The Long Tail, Masala, Bollywood films on demand … (also Bollywood's Distributed Demand)

Wednesday, May 18, 2005

Why yes, I haven't updated in a while …

Yes, I've been rather lax in the updates here recently. Most of the time I don't have really anything to talk about, or the desire to talk about anything. And the rare case when I do have something I want to write about, well, it's at a time when I can't (not near an Internet capable computer or involved with some work) and when I do get the chance, I don't feel like updating.

I've written about this before (and yes, I stopped and spent a few minutes tracking down the relevant entry, making me loose some steam in the writing process—sigh). I guess that if it were even easier for me to write an entry, I would be more inclined to write more often, but I'm still waiting for that “Perfect HTML Editor” that will do The Right Thing™.

Then there's the whole “not having anything to write about” bit, but that's not entirely true. There's (and here I go, tracking down the relevant entries again—XXXX brick wall—not to mention actual work—yet more sighage; now, where was I? … oh yes) the fact that you do indeed require RARP to install Debian on a Cobalt RaQ2 (only Linux dropped support for RARP in the 2.3 timeframe and now you need a userland program—and it was fun getting that to compile); I finished the network diagram for The Company (and have been keeping it up to date) and now that I've finished the physical layer, I have to now work on the IP layer (which is a bit of a mess, although I'm not sure how much of that is due to BGP issues, and how much of it is legacy issues). And I haven't had to deal with a control panel issue in nearly a month (but even I am bored with detailing the control panel issues) (as a further note, making that sidebar took a good ten minutes, and yes, I have no idea what I was going to write about next).

So … well … um … there we are.

---

I'll find out just how good the next George Lucas film is tonight

The general opinion of “Revenge of the Sith” seems to be that it marks a distinct improvement on the last two episodes, “The Phantom Menace” and “Attack of the Clones.” True, but only in the same way that dying from natural causes is preferable to crucifixion.

Via too many sites to mention, “St ar Wars: Episode III.”

Ah, Star Wars.

And George Lucas bashing.

Just like in May 1999 when Smirk treated the entire office to Star Wars: The Phantom Menace, he is once again taking the entire office (although this time around it's a much smaller office) to see Star Wars: The Revenge of the Sith—the midnight showing tonight (well, technically, tomorrow morning).

I've written quite a bit on Star Wars in the past (and my friend Hoade and I have gone on for hours about the films and how Luke should have fallen to the Dark Side and Han (WHO SHOT FIRST! … ahem) should have been the next Jedi Knight; from cynic to believer in three films), but now … I don't think I can even muster the energy to write about it (and it's not because of the previous entry—but because I feel George Lucas blew the whole story arc). I know Smirk is really looking forward to “Revenge of the Sith,” and from the previews I've seen, it looks good.

But then again, previews are supposed to look good.

Thursday, May 19, 2005

Revenge of the Jedi^H^H^HSith

“Revenge of the Jedi Sith” was definitely better than “The Phantom Menance” and “Attack of the Clones” but it still wasn't quite up there with “Star Wars” or “The Empire Strikes Back.”

The Bad? Well, it wasn't made clear up front that General Grievous wasn't a robot (or not entirely a robot), so the first time you see him he's walking with a limp and coughing. My initial reaction—a coughing robot. Cute (blech). Also, R2-D2 got on my nerves, fighting and rocketing his way through the first half of the film (really—apparently by the time “Star Wars” happens, he's run out of rocket fuel and has to be manually lifted into Luke's X-wing fighter). The rather quick conversion of Anakin Skywalker from Jedi Knight to Sith Lord (although the moments leading up to it were wonderfully done). Natalie Portman—C-3PO had more presence in this film than she did. And I'm having a hard time rationalizing why Darth Sidious had Count Dooku kidnap Senator Palpatine (if you've seen the film, or don't mind spoilers, I do go into some more depth).

Several of the fight sequences head off into woosia territory (woosia is the term applied to martial arts film where the participants in a fight run up walls, jump between buildings, walk along tops of trees, leap tall buildings in a single bound, that type of silliness) and in some cases, it just seems way over the top, especially given the participants.

Darth Vader's first Frankensteinian steps.

And the midi-chlorian issue is raised yet again in a conversation between Senator Palpatine and Anakin.

The Good? Ewan McGregor and Hayden Christensen (a bit less whiny than in “Attack of the Clones”), especially their duel on the volcanic planet of Musatafar. The scenery and special effects were wonderful (with a few exceptions, like the giant lizard Obi-Wan rides in the second half of the film). Ian McDiarmid as Palpatine.

The Eh? Yoda. Sadly, Samual L. Jackson as Mace “Jules Winnfield” Windu (if only!). The fight between Yoda and Darth Sidious (starts out good, then goes woosia). The fight between Darth Sidious and Mace “Jules Winnfield” Windu (starts out woosia, then gets better). The chemistry between Anakin and Padmé. And Bail Organa's ship, which was the original ship being attack in “Star Wars” (they recreated the sets which just looked so anachronistic compared to the rest of the computer generated sets it was jarring).

Overall, I liked the film, and I agree with the placement of it in the Canonical List of Star Wars Ordering. And hopefully, this will put to rest “Star Wars.”

I can only hope.

And younglings? Younglings? George, they're called “children!”

Saturday, May 21, 2005

Switch

Perhaps I should sign up for Autoblogger (link via theferrett). Then I wouldn't feel so bad about not updating all the time …

Sunday, May 22, 2005

Electric vegetables

A while ago the light in the short hallway between my room and the rest of the house blew out. When I went to change it, the bulb came out, but not the metal portion that actually screws into the receptacle—it was stuck. And not knowing which circuit breaker went to which circuit, we left it until we could determine what went where (not that we trusted the labeling on the circuit breaker box, but as any programmer will tell you, comments can be misleading).

Then last week a couple of the ceiling lights in my room blew out and when replacing one of them, the bulb came out, but not the metal portion. And again, not knowing which circuit breaker to switch, I put off changing the light bulb until I got a few hours of daylight to work with.

You see, in order to get the metal bases out of the sockets, it required the use of a potato—you jam the potato into the socket and use that to unscew the light bulb base. But before you resort to such tactics, it would be wise to shut off power to the lights—I'm not sure about you, but I'd rather not hold a frying potato in my hand.

So wlofie and I spent over an hour mapping out the circuits in Casa New Jersey. Results were quite amusing—one circuit has branches to my room, the living room and the kitchen; another circuit has another branch to my room and the living room; yet a third services the hall bathroom, the other bedroom and a living room light (now you begin to see why it took so long to map this out). There were four circuit breakers that didn't seem to be used, so I left them off and as we find stuff that doesn't work, we can turn them back on (in fact, later on, we found that one of the turned off circuit breakers serviced an outlet in the kitchen).

Once we had things mapped out, it was then time to change the light bulbs.

The potato thing didn't quite work out.

So I tried carrots.

The carrots worked much better.

---

Through A Telescope Darkly

Monday, May 23, 2005

A brisk discovery

It was during the shower this morning that I realized what one of the turned off circuit breakers was for.

On the plus side, this is Florida—the water never does get that cold.

Wednesday, May 25, 2005

People today kept telling me I should take deep breaths

For the past two days I've been fighting software. Yesterday was Bit Torrent, one of those peer-to-peer file sharing programs. Wlofie asked me if I could burn a copy of Slackware 10. A cursory glace at the website showed that the only way to get CD-ROM images (so-called “isos” due to their file extention .iso) was through this thing called Bit Torrent.

I think I made the mistake of using the clients listed, and a second mistake by using the GUI client provided. I'm pretty minimal when it comes to GUIs, and I absolutely refuse to use the Gnome or KDE desktops (they tend to make a 1GHz machine feel sluggish).

I was much displeased when, by mistake, a stray click on the graphical Bit Torrent client launched this … monstrosity … of a desktop that took over the system (more or less). My background changed, thousands of extraneous programs started up, the beeping, the buzzing, the sluggishness of a Windows system … just horrible.

I ended up pulling the power cable in self defense.

Well, that was yesterday.

Today … today was worse.

There was the fight with Twiki (which we use as a company wide knowledge base)—who would have thought updating some graphics would be so XXXXXXX difficult? (all I wanted was to update the network maps, but … no … must stop before my head explodes on that problem)

Then Firefox. Granted, it was version 1.0 so most of the annoyances are fixed in a later version. Getting that later version? Leads us to the next piece of software I was fighting—yum—the RedHat package manager (as if RPMs weren't bad enough). I could never get yum to work on my system here at The Company because it complained about PGP keys not being configured or something like that. It took P about ten minutes to untable that mess, then it was off to install all 137,000 megabytes of webbrowser and email client.

Meanwhile, I've been fighting to get this webcam installed in the datacenter. It's one of those stand-alone units that plugs right into the network, with a controlpanel (cough cough) and it can be configured to upload images to another computer either by FTP or SMTP.

It's been a huge mess—networking issues, apt-get (Debian's package manager) problems (to say that the MIPS based RaQs are a niche market is a bit of an understatement), FTP problems (the webcam apparently supports FTP in name only), cabling issues (the network cable I crimped for the webcam was marginal and I had to recrimp it) and DNS issues (which involved some other Cobalt RaQs and the Cobalt RaQ's wonderful controlpanels (cough cough) and parsing of e-mail (since the webcam's FTP is obviously borked, have to use SMTP to send the images—lovely—but that, unlike FTP, works).

But (thankfully) is now working, and managed to catch this joker trying to sneak off with some computer equipment:

So that's one thing off the to-do list.

And I'm finally calming down.

The one thing that did go right today? Burning CD-ROMs. As long as I finally got the Slackware .iso images, I might as well tempt fate and burn some CDs. Oddly enough, with an external DVD burner hooked up via USB to my Linux workstation, I managed to make a bootable Slackware CD with one command:

cdrecord dev=0,0,0 speed=4 slackware-10.1-install-d1.iso

(okay, there were three more CDs to burn, and yes, it wasn't the fastest of operations, but I wasn't looking for fast, I was looking for it works! And yes, it works)

So I am happy that worked.

Hopefully, tomorrow will be a bit better …

Thursday, May 26, 2005

A recipe for disaster?

It's thundering outside, and I see the occasional flash of lightning off in the distance. There's an electrician installing some circuits in the data center (I'm watching on the webcam).

I've got a bad feeling about this …

Friday, May 27, 2005

Dogs: Devoted Carnivores

Spring is homeschooling the Kids, and as such, she's been buying (or being given) used textbooks (of various grade levels) for use in teaching. She just now brought home a metric butt-load (a technical term for “a lot”) of books. And it's not like we can afford to be all that picky.

One book she handed me, Investigating God's World (a Beka Book) has a very interesting chapter—“Dogs: Devoted Carnivores.”

As Dave Barry says, I am not making this up.

Turning to the “Dogs: Devoted Carnivores” section, I read:

The dogs on the Ark.

How many kinds of dogs can you name in one minute? All dogs, domestic or wild, are called canines by scientists. Did you know that all dogs—whether domestic dogs like poodles, cocker spaniels, Irish setters, collies, and Great Danes, or wild dogs, such as wolves, coyotes, jackals, and dingoes [dĭng″ gōz]—may have descened from just one pair of dogs that Noah took with him on the Ark? At Creation God gave dogs the ability to bear young possessing a wide variety of characteristics. Through the years, the different types of wild and domestic dogs that we see today have developed. No dog has ever turned into any other kind of animal, however. Dogs always produce dogs, never cats, mice, or monkeys.

This book is heavy with a literal interpretation of the Bible. For instance, in a section on “Men Who Saw Dinosaurs:”

Perhaps the most interesting story in the Bible about a man who saw a dinosaur is found in the book of Job. In chapters 40 and 41, God Himself describes two magnificent creatures that Job knew about and had probably seen. The first creature is called behemoth [bĭ ‧ hē′ məth]. In Job 40:14-21, we read that behemoth eats grass like an ox, moves his large tail like a giant cedar tree, has bones as strong as iron bars, can drink up a river, and “is the chief of the ways of God,” probably the largest animal on land. The word behemoth means a “gigantic beast,” possibly like the huge Brachiosaurus [brā″ kĭ ‧ ə ‧ sô′ rəs] or Apatosaurus [ăp″ ə ‧ tə ‧ sô′ rəs].

The second creature God describes in the book of Job is leviathan [lə ‧ vī′ ə thən]. Chapter 41 says that leviathan lives in the water, has terrible teeth and scales, and is very strong and fearless. Everyone that sees him is afraid. Verses 20 and 21 say that smoke comes out of his mouth! Leviathan sounds a lot like the stories you've heard about fire-breathing dragons, doesn't he? Maybe some of those “dragon” stories are really true. Scientists have found certain dinosaur skulls that have a strange “bump” on the top of the head. These bumps or crests were hollow and were joined to the dinosaur's nose by tubes. Some scientists believe the bumps could have been used to mix together gases which burst into flames when they were beathed out into the air by the dinosaur. Leviathan must have been some sort of large, powerful, fire-breathing “sea monster,” maybe like the huge Kronosaurus [krō″ nə ‧ sô′ rəs].

And here I thought those “bumps” on the top of the “dinosaurs” were “breathing tubes” since these “creatures” lived under “water.”

Silly me.

And oddly enough, they don't mention by name any of the scientists that believe in these “fire breathing dinosaurs.” Odd how that works.

Then there's the other book she handed me, Matter & Motion in God's Universe (also a Beka Book). This one has an entire chapter on “Science vs. Evolution” and has a section on (and I swear I wish I was making this up) “The Fossil Record Supports Creation, Not Evolution.”

Sigh.

As if Kansas wasn't bad enough.

Remove the pro-Christian messages (and really, these are books on science, not religion or philosophy) and they're are all that bad. I do like how they provide pronunciation guides for possibly tough words and they do cover a range of topics. But it's hard to get past stuff like:

2. How might the Flood have caused the extinction of the dinosaurs?

I mean, the answer is—it shouldn't have! As God said to Noah, “of every living thing of all flesh” (by twos, or by sevens, depending). So the dinosaurs shouldn't have perished in the Flood, unless you want to consider that the Bible is, in fact, infallible and God really didn't mean “every living thing of all flesh” but I'm not going there.

Satire just can't compete in today's world.

Monday, May 30, 2005

Ah, that explains it …

Oh, and in case you're baffled because the robot dinosaurs are going to laugh about pinhead scientists and their extinction theories, then talk about how they got on the ark with Noah, two by two, then say they died because of the great flood, just so you don't have to look it up: the global climate changed drastically after the floodwaters subsided to one that specifically targeted dinosaurs for death. That's right: God made Noah and his family carry umpteen dinosaur couples on the ark for a year and feed them bales of hay and whole cows and shovel their massive turds, and then he killed them all right after they stepped off the boat.

Gotta love that God!

Oh Man, I Have To Go Here When It Opens …

Robot dinosaurs? Noah? What gives? Well, Robert Lee is talking about The Creation Museum, which supposedly, explains why dinosaurs went extinct after The Flood …

Tuesday, May 31, 2005

Chess influence II

It's been awhile since I last wrote about this program, and in the time since it's seen a bit of work (it hasn't been a real high priority as you can tell). The color scheme has changed a bit since I last wrote, with green denoting white's influence over the board, and a red border now showing conflicting influence; the squares that are both blue and green show what percentage of influence each side has. I also highlight the movement of the piece that's under the mouse cursor (here the mouse was over the white bishop in the penultimate row) although sometimes it's somewhat hard to tell (without using totally garish colors).

On the chessboard shown, the black king is in check (easily seen since it's on a contested square) by the white bishop, which itself is in a contested square. The two gray squares in the top middle of the board are not under the influence of either side, even though the two white pawns can easily move into those squares, which leads me to the next thing I've discovered as I've been working on this: the pawns are the hardest to deal with.

Pawns move straight in one direction, but capture on the diagonal (except for en passant which I don't even want to deal with at this point) so calculating the influence of a pawn over the board isn't quite that easy, but I think I got it down.

I think.

And yes, I do need to rotate the board clockwise to match the orientation used in chess documentation.

Thursday, June 02, 2005

Start of the Wet Season

When it rains, it pours.

Spring hands me a book on Creationism, with a section about dinosaurs during The Flood. Then a few days later, I come across Robert Lee's entry about The Creation Museum, which has a section on the dinosaurs during The Flood. And now a few days after that, we have theferrett, who also had a book about the dinosaurs and The Flood (only in that illustrated book, the dinosaurs perished because the Fallen Angels goaded them into a futile attack of Noah's Ark).

And since I posted about dinosaurs and The Flood, it's been raining like you wouldn't believe! My drive to work each day has been like this:

only with less visibility.

Sunday, June 05, 2005

Sign found while walking around the neighborhood one Sunday afternoon

Monday, June 06, 2005

… but here it's bulk wholesale!

Spring suggested we become members of Costco, a wholesale warehouse grocery store type place were not only do you pay wholesale prices, but you buy in bulk.

And when I say bulk, I'm not talking about 10 pound pags of sugar either—more like 25 to 50 pound bags.

I can't even begin to find words to describe my reaction to Costco. Whereas food shopping at Wal★Mart was shocking on the price, at Costco, where I realized the prices would be cheaper (per unit price, not per package price—cans of Coke went for a bit under 25¢ per can) but I wasn't prepared for the sheer amount you end up buying (sure, you can get cans of Coke for a bit under 25¢ but you end up buying 32 cans at a time). The smallest box of Ritz crackers was huge—turns out it contained four regular boxes of crackers.

Eggs? Two dozen.

Cheese? Six pound blocks of the stuff.

Tuna? Three (or was it four?) pound cans.

TVs? 72″ HDTV units down isle 8 (and you think I'm kidding).

Just … wah! (Oh! Look at that! A five gallon bucket of hamburger pickles)

Tuesday, June 07, 2005

Me on cold medication

We were somewhere around Barstow on the edge of the desert when the drugs began to take hold. I remember saying something like “I feel a bit lightheaded; maybe you should drive … ” And suddenly there was a terrible roar all around us and the sky was full of what looked like huge bats, all swooping and screeching and diving around the car, which was going about a hundred miles an hour with the top down to Las Vegas. And a voice was screaming: “Holy Jesus! What are these goddamn animals?”

Then it was quiet again. My attorney had taken his shirt off and was pouring beer on his chest, to facilitate the tanning process. “What the hell are you yelling about?” he muttered, staring up at the sun with his eyes closed and covered with wraparound Spanish sunglasses. “Never mind,” I said. “It's your turn to drive.” I hit the brakes and aimed the Great Red Shark toward the shoulder of the highway. No point mentioning those bats, I thought. The poor bastard will see them soon enough.

It was almost noon, and we still had more than a hundred miles to go. They would be tough miles. Very soon, I knew, we would both be completely twisted. But there was no going back, and no time to rest. We would have to ride it out.

Fear and Loathing in Las Vegas
–Hunter S. Thompson

Pretty much sums up today.

Thursday, June 09, 2005

“… but I wouldn't mind being on ‘1970s House’”

After watching Frontier House, a “reality TV” show about three American families that have to live as if they were in 1883 Montana—all I have to say is that I was never under the impression that times were simpler and better in the past. I appreciate the conviences of modern life like, oh, hot-n-cold running water, electricity, central air and Coca-cola, not to mentions things like Band-aids and the Internet.

But I will say that the families, after spending five months living a frontier experience, looked much healthier. Granted, if they lived like that for five years (which is what it took to get the full claim to a homestead in the 19^th century) they wouldn't look nearly as good, but five months of hard labor exercise and healthy eating certainly did wonders.

Saturday, June 11, 2005

Pictures taken at night in the yard of Casa New Jersey

Tuesday, June 14, 2005

help me i'm melting

It's a good thing I have a refrigerator full of ice cold Coca-cola here at The Office, because there's a problem with the A/C and it's a sauna in here. I have the front door wide open because it's actually cooler outside than it is inside.

And we're taking Florida in June!

So now it's back to slowly melting …

Wednesday, June 15, 2005

Gold fever

Many years ago while I was working in college, working part time at IBM and living at home (meaning: having fun, making an insane amount of money for a college student with no real expenses) I was invited to a poker game by some friends of a friend. The fact that I had (and still don't have) a mind for cards nor what hands beat what hands in poker was no deterrent (mistake numero uno)—in fact, I was made quite welcome.

So I arrived at the game with quite a bit of my weekly paycheck in the form of liquid cash (mistake number two). I bought into the relatively low stakes game and off we went.

And for my first poker game, I was quite lucky with the cards (mistake number three). Made some profit and quickly stuff it into my wallet (mistake number four) and continued playing.

Of course as the game ran on I ran out of money on the table. Not a problem, I thought. I'll just take some of the money I just made at poker and use that (mistake number five, and of all the mistakes, this was the biggest one).

Time passes. Money passes from my side of the table. Money passes from my wallet (it's still won money) onto the table. Time passes. Money passes from my side of the table. Money passes from my wallet (it's still won money). Lather, rince, repeat. Reach into my wallet to find a lone $5 bill.

It was not a pleasant feeling knowing one has just increased the liquidity of others, especially when those others are people I don't even know.

From that point on, I made a conscience decision never to gamble, especially poker. It's an expensive vice, and frankly, there are other vices that are just as expensive but more pleasurable (just as long as you can keep your kidneys).

Of course, of everybody I know, I'm the one that's been to Las Vegas the most.

Of course.

And I'm headed there again next month.

My friend Hoade is writing yet another novel, a good portion of which takes place in Las Vegas, so he's going out there for research. And he wants a guide, having never been there. And as the only person he knows that's been there, I get to be his guide and mentor to the experience that is

VIVA LOST WAGES!

During the planning of the trip the topic of a tax break for the smart gambling came up and where the only two games one can make money are blackjack (but only if you count cards and take a risk of being politely thrown off the roof by casino security if they catch you) and poker (where, since you're playing against other players, not the house). And then roulette.

A wheel with 38 slots (American—European has 37) numbered 1 through 36, half of which are red, the other half black, with 0 and 00 (both of which are green). The payoff is based around a wheel with 36 slots, so the addition of two slots (0 and 00) give the house a 5.26% edge over the long term (although there is one bet you can make that gives the house a 7.89% edge).

And there are more systems to play roulette than any other house table game, trying to get around that house edge (the European wheel, with only 37 numbers, has a house advantage of 2.63%).

I know this.

I got enough of this from my Dad (who works in a casino) and from several general math books to know this.

And yet, that didn't stop me from spending the past few days coming up with a roulette system and testing it against a roulette simulator I wrote.

I'm not exactly sure what prompted me to do this, but I did, and I came up with a system that my simulator showed as giving me an edge over the house. A long term edge over the house.

Not only did I come up with the Holy Grail of roulette systems, but a Holy Grail roulette system with a

13.16% edge over the house!

Of course I looked for flaws in the code.

Sure, I found a few, but that 13.16% edge was still there.

Hoade was skeptical—heck, I was skeptical and asked around a bit for help, but no one here knows 1) enough statistics and probability to point out the error, 2) enough programming to point out the error and 3) enough about roulette to point out the error (other than “there's a house edge—you've really beat it?”). Hoade ended up playing a free online version of the system I came up with, and between clarifications in email, reported back that he wasn't seeing the expected payouts.

Meanwhile, I was busy with the simulator, generating data and making numerous graphs (gnuplot rocks) of expected payouts and bankroll over time and testing the simulator.

I'd run, say, 1,000,000 spins betting black, and sure enough, there's the house edge of 5.26% (give or take a tenth of a percent). Another million runs betting column 3 (house edge of 5.26%). Or the five number bet (house edge of 7.89%). Then I do my system and see that magical edge of 13.16% towards me, and the bankroll reaching skyward.

It was very hard not to get caught up in this. I mean, people are happy with a 10% ROI with regular investing, here I'm getting a bit over 13% for just sitting in a noisy casino, placing bets for black, odd, 1-18, column 3 and the Five Number bet per spin of the wheel for hours on end. How can you not get caught up?

By knowing my system doesn't work, that's how (but I get ahead of myself).

I eventually talked to my Dad, given that he works at a casino and all. I found out that I know a bit more about roulette than Dad does, but he did give me some valuable hints (“Roulette is an old game, and if there was any way to beat the house, it would have been exploited by now,” was one. “Roulette wheels always have a bias—you're not taking that into account in your simulator, are you?” was another).

It was the hint to include some bias into the wheel that shed light onto my system. I added a slight bias to the area of the wheel that has the lowest payout in my system (the numbers 32 and 34 are the only two numbers where I loose all five of my bets) and I still come out ahead.

Okay, increase the bias, and I still come out ahead.

Okay, increase the bias such that the ball will always land on a spot where I should loose the perverbial skin off my back.

I'm still coming out ahead.

Other bets like black, or odd, you can see the bias.

So I went through the code more carefully this time. Okay, the bet for odd was actually an even bet (but the payouts are the same, so I didn't notice). And the bet for column 3 was for column 1 (but again, the payouts are the same, so it was hard to notice). And the bet for low would always add to the winnings, dispite what happened (and not too surprisingly, this was one bet I didn't bother testing, and of course, always adding to the winnings would give one an edge).

Once fixed, I saw the Holy Grail of roulette systems come crashing down to an edge of 5.79%.

In favor of the house.

Sigh.

But it does explain one bit. Earlier in an email exchange with Hoade, I drew up a table of wins vs. loss for every possible combination of bet and number (38 numbers, five bets each). But when I first tabulated the results, it didn't jibe with what my (at the time, incorrect) simulator said (and I know realize that my initial tabulation by hand was correct), so I did what any self-respecting person would do—I fugded the results until it at least jibed in the general direction of my simulator (in fact, my jibes overstated the winnings by a factor or two, but).

So much for wealth at the expense of casinos.

And this time, I swear I'm giving up gambling.

---

The Secret Google Sauce is revealed!

How many years did you register your domain name for?

If it's only one then that's a point against you in Google's eyes.

Why?

Because the majority of Spam websites only register a domain name for one year. A domain registered for a longer period implies that the owner is more likely to be legitimate and serious about their web site.

This is just one of the unusual factors now considered by Google when indexing and ranking a website. Factors you could never even have guessed at in some cases.

How do I know this?

Google have recently filed United States Patent Application 20050071741 on March 31, 2005.

In which many of the search giants secret ranking criteria is revealed and it makes very interesting reading. You have got to read this if you're serious about ranking well in Google. The days of Spaming Google are drawing to a close. With this patent they reveal just how hard they're coming down on Spam sites. You Do Not want to get caught out.

Via Robot Wisdom, Great Site Ranking in Google The Secrets Out

I suspect Google is doing this to help stem the tide of Google spam. By giving the search engine optimizers the guts of their Page Rank algorithm (or a good portion of it) they may be trying to say “Hey! Stop playing around with links and pages with loaded words—they won't work and here's why!”

But the suggestions made in the article are ones I pretty much already follow and has been common sense for quite a while now.

But those search engine optimizers—I suspect they needed a swift kick in the rear to get with the plan …

Thursday, June 16, 2005

“Oh, I see the problem—you're trying to add a pterodactyl to a gluon and you just can't do that … ”

I spent most of my time at The Office today working on the web-based security cam for our data center. The actual camera is working fine and the images are accumulating on a server—the stuff I was working on today involves browsing the ever accumulating pictures.

The first major decision I had to make (and this is a project I've been working on for the past couple of weeks) is whether to generate static pages (as the images are mailed in) or do a completely dynamic site. There are arguments for both ways; the pages won't change all that much—during the day only the main index page for the current day, then at midnight the index page for the current month, then once a month the current page for the year and while I personally like this idea (a form of early binding if you will) there are a few downsides: one) it's even more files to store and two) if there's ever a design change, all the pages will have to be regenerated.

A dynamic site, however, only requires a few additional files for the program, and changes to the site take effect immediately, but the page(s) have to be built (and built and built) for each request, which involves quite a bit of disk I/O (to get image filenames namely).

I ended up going the dynamic route—Smirk wants to store the images for as long as possible so the less overhead (in this case, static web pages) the better. Also, it's not like we have to support heavy network traffic—only one, maybe two people at a time may be viewing these, and only if there's a problem with missing tools.

Also, since Smirk is a fan of PHP (Why? I don't know … ) so I figured this would be a good chance to get a feel for programming in that … language.

I do not like it, Sam I am. I do not like PHP and ham.

The whole global variable thing I'm ambivilent about. PHP is unusual (for the languages I've used) in that you have to declare which variables are global every time you use them, like:

$g_base = "/some/random/path";

function display_file($template)
{
  global $g_base;

  for ($this->m_i = 0 ; $this->m_i < count($this->m_files) ; $this->m_i++)
    load_template($g_base,$template);
}

(why yes, I am using objects in PHP, and yes, the looping variable is part of the current object so I can support templates, but that's not important right now)

Unlike most languages I've experienced, if you do:

$g_base = "/some/random/path";

function display_file($template)
{
  for ($this->m_i = 0 ; $this->m_i < count($this->m_files) ; $this->m_i++)
    load_template($g_base,$template);
}

the language looks first to see if $g_base is defined within the function, and if not, looks to see if it's been defined outside of the function and if so, uses that. PHP, on the other hand, will just assume you want a new local variable named $g_base and not even bother looking elsewhere, hense the need to declare $g_base as being global within display_file().

Not something I'm used to.

But I can see why it's done that way and can't really argue with it, but I keep forgetting about that, expecting PHP to handle lexical scoping.

I also find the gratuitous use of dollar signs annoying, but at least PHP uses it in a consistent manner:

var $scalar;
var $array = Array();
var $hash  = Array();

$scalar            = 0;
$array[0]          = 1;
$array[1]          = 2;
$hash ['brownies'] = "are good";
$hash ['hashish']  = "is illegal";

unlike Perl, where the declarations of scalars, arrays and hashes use different symbols:

my $scalar;
my @array;
my %hash;

so I would expect Perl to work like:

$scalar   = 0;
@array[0] = 1;
@array[1] = 2;

# NOTE---Perl uses {} instead of [] for hashes!

%hash{'brownies'} = "are good";
%hash{'hashish'}  = "is illegal";

but nooooooooooooooooooo! It's back to the dollar signs:

$scalar           = 0;
$array[0]         = 1;
$array[1]         = 2;
$hash{'brownies'} = "are good";
$hash{'hashish'}  = "is illegal";

But I come to bury PHP, not Perl.

The biggest sticking point I have with PHP (and I have the same issue with Perl as well) is the lack of type checking—a variable could be a number, or a string, or an array, or an associative array (aka hash table) or a pterodactyl. This means you can do stuff like:

$fourscore = "80"; //note-this is A STRING
$seven     = 7;    //note-this is A NUMBER
$yearsago  = $fourscore + $seven; //Do you get 87 as
                                  //A STRING or as
                                  //A NUMBER?  It's BOTH!
                                  //It's Hiesenburg programming!
                                  //Wheeeeeeeeeee!

But something like:

$bills   = Array();	      //note-this is AN ARRAY
$account = 400;		      //note-this is A NUMBER
$money   = $account - $bills; //What now?

will most likely blow up.

At run time.

And while it's clear what's wrong with the code above, it's not quite so clear in the following:

$bills   = get_the_bills();
$account = 400;
$money   = $account - $bills;

Hope get_the_bills() returns something that can be subtracted from a number. Or was it sum_the_bills() that returns the number? (certainly ignore_the_bills() is not the right thing, although that is tempting, and I'm digressing).

I suppose I'm too used to strongly typed langauges where the compiler nickel and dimes you to death about types so I don't have to keep all those details in my head (the computer is more capable of keeping track of details like so I don't have to).

So I'm having to constantly remind myself that $g_baseobj->m_subobj is a “month object” (not a “day object”) in this portion of the code, and that find_entry() returns a number (the index into an array), not the entry itself (although perhaps I could rename that function find_index() instead … ).

Object support in PHP isn't that bad—certainly nicer than Perl, but again, the serious lack of type checking makes it difficult to track down problems, and the error messages it gives could be more informative (“Okay, it's nice that I didn't call parent::init() with the correct number of parameters, but which call to parent::init() was incorrect—who or where was the call made from you XXXXXXX piece of XXXX?”).

It's always nice to know that “PRINT debugging” will always be alive and well.

---

“We gots an offer you can probably refuse … ”

Well, that was fast.

Not one day since I wrote about roulette and Google's page ranking algorithm, and I get:

From: "Norman" <norman@1-gambling.us>
To: sean@conman.org
Subject: Links exchange with http://boston.conman.org.
Date: Fri, 17 Jun 2005 02:55:56 +0400 (MSD)

Hello Webmaster,

We have been looking for partners to exchange links with our sites. Our sites have good traffic, and make quick market penetration, so, I hope our positions in lead search engines will be rising very fast.

If you decide to link to our websites,please use the following linking details:

and send us the exact location, and your site information:
Title, Description, and URL
We'll add your resource to our sites shortly.

URL: http://www.1-baccarat.us [yeah—like I'm going to link to these sites! –Sean]
Link Title: Baccarat
Description: All about Online Baccarat For YOU!

URL: http://www.1-black-jack.us
Link Title: Black Jack
Description: Blackjack is one of the most popular table games in the casino.

URL: http://www.1-gambling.us
Link Title: Gambling
Description: 1 Gambling US—Welcome to your complete online source for gambling information and links!

URL: http://www.1-internet-casino.us
Link Title: Internet Casino.
Description: The best online directory of casinos!

URL: http://www.1-poker-game.us
Link Title: Poker Game
Description: You will find information on how to play the game of poker, information about the types of poker, and what you can expect in an online poker casino.

URL: http://www.1-craps.us
Link Title: Craps
Description: 1 CRAPS US—Online Craps for YOU!

URL: http://www.1-poker-online.us
Link Title: Poker Online
Description: 1 Poker Online—the best online directory of where you can find many links to poker games!

URL: http://www.1-poker.us
Link Title: Poker
Description: 1 Poker US—The Best Online Poker.

URL: http://www.1-roulette.us
Link Title: Roulette
Description: 1 Roulette US—Roulette Online.

URL: http://www.1-slot.us
Link Title: Slots
Description: 1 Slot US is the best online source for online slot machines, poker slots, fruit slots and money slots like you have never seen before!

Best regards,
Norman Robbins
norman@1-gambling.us

I'd be wary of actually visiting any of these sites—redirects to hell and back and there's no telling how many popups or malware might be lurking there.

But Norman sure was quick …

Friday, June 17, 2005

Dvorak Card Game: The Time Cube Deck

Dvorak is a card game where all of the cards start out blank; players choose a theme, make up enough cards to get started, shuffle and deal, then add further cards to the game as the game progresses. It provides you with enough rules to start a game, but leaves the theme and the depth up to you.

You can use it as a skeleton for making a solid and standalone card game, you can play it as an experimental or cut-throat Nomic, you can use it to kill half an hour drawing silly pictures and forcing your friends to make drinks, you can throw together an amusing card game based on your favourite film or sport or in-joke—it's blank cardboard, it's fairly multipurpose.

Dvorak—A Nomic Card Game

Sounds a lot like 1000 Blank White Cards only there is a structure and the decks have a more coherent theme to them than your typical 1000 Blank White Card deck (well, as “typical” as a 1000 Blank White Card deck can ever be), but like all Nomic based games, the rules are fluid enough to change—if you so want.

The Time Cube Deck looks fun, although it won't make much since unless you read the site it's based on (warning: Crank Dot Net labels that site as “illucid”—and for good reason!).

Tuesday, June 21, 2005

You know he got paid by the word, right?

7. David Copperfield by Charles Dickens

Unknown novel by little read author. (This could also have been Great Expectations or Oliver Twist, but Copperfield is the one where, for me, the disparate elements that make up the wonder of Dickens come together.)

Via Robot Wisdom, Wesley Stace's top 10 books about children aimed at adults

Unknown novel?

Little read author?

I'm not sure what they teach for literature across the pond, but here we got Dickens up the wazoo! I remember reading A Christmas Carol by Charles Dickens (at 100+ pages, this would be a “short story” by Mr. Dickens) and finding it okay, but I was also forcefed Great Expectations in 9^th grade and hated it (and at 500+ pages, this would be a “novella” for Mr. Dickens). But “little read author?”

I can only hope that Wesley Stace was being droll …

---

“So why don't they kiss already?”

For Spring, the Bollywood FAQ (via kisrael.com). Included are explainations for ear tugging and pinky wagging.

Friday, June 24, 2005

Because all the other cool kids are doing it …

Saturday, June 25, 2005

A summer samhain

The grass had basically collapsed under its own weight, creating a frightening black hole in the thick green expanse of the backyard. “It might be time to mow the lawn,” said Stephen Hawking, making an impromptu visit to study the phenomenon (ba dee bedebe).

“I think you're right,” I said.

Not up to the task of dealing with the back yard, I decided to first tackle the front yard—besides, that's the first thing anyone sees and frankly, I don't want to have to explain Maximilian Schell and his zombie army to passing motorists. Besides, the grass in the front yard has yet to reach critical height, being only three feet or so high (the section of backyard that had collapsed had reached four feet in height).

So I spent the next few hours in the afternoon as Samhain, only an American-mongrel Samhain with an electric weed eater, not a Celtic Samhain with a particularly large scyth.

Back and forth, back and forth, back and forth. Stop to remove foot long strands of grass blades from the weed eater. Then back and forth, back and forth. Stop to rake the dead grass out of the way. Couple of hours, leaving, not craters, but pits in the grass as I step my way across the yard.

But at six inches, the front lawn looks lush.

And at the rate I was going, it might take days to get the backyard finished. That is, if I can avoid falling into the event horizon.

Tuesday, June 28, 2005

Poetic Justice

Weare, New Hampshire (PRWEB) Could a hotel be built on the land owned by Supreme Court Justice David H. Souter? A new ruling by the Supreme Court which was supported by Justice Souter himself itself might allow it. A private developer is seeking to use this very law to build a hotel on Souter's land.

Justice Souter's vote in the “Kelo vs. City of New London” decision allows city governments to take land from one private owner and give it to another if the government will generate greater tax revenue or other economic benefits when the land is developed by the new owner.

The proposed development, called “The Lost Liberty Hotel” will feature the “Just Desserts Café” and include a museum, open to the public, featuring a permanent exhibit on the loss of freedom in America. Instead of a Gideon's Bible each guest will receive a free copy of Ayn Rand's novel Atlas Shrugged.

From Always Low Prices— Always? and via The Volokh Conspriacy, this press release

I can only hope this actually goes through …

Wednesday, June 29, 2005

The Band Du Jour

Not that it matters—Gorillaz is a virtual band. It doesn't quite exist. Its four members (2D, Murdoc Niccals, Russel Hobbs, and Noodle), designed and drawn by Hewlett, are fictional. The group inhabits Kong Studios, high on a mountain in Essex, northeast of London. There are no mountains in Essex. The band exists enough to make music, to produce videos, to remix, and to be remixed.

Albarn (music) and Hewlett (art) are the spirit behind Gorillaz. Their first outing, five years ago, remixed the whole idea of what a band could be. The iconography was grabbed from everywhere—sci-fi, anime, rock videos— while the music was a hip hop-based cut-and-paste of poppy melodies, old horror movie themes, and any sonic style available. The debut album, Gorillaz, sold an impressive 6 million copies worldwide, making it the most successful album ever by a virtual group.

Via metaphorge , Keeping it (Un)real

Like I keep saying, satire just can't keep up in today's world …

---

Reminds me of Sesame Street

Spell with flickr (via Vestal Design Blog).

---

Exploding cans

Yesterday, I brought a 32-can case of Coca-cola to the office and unfortunately, I left it in the trunk for an extended period of time.

I had my hands full when I first got to the office, so I meant to go back and get the Coke from the trunk, only I got involved with stuff and didn't get around to it for a few hours (round to'its are hard to find).

Two of the cans had “exploded” like this. The rest were fine.

Thursday, June 30, 2005

I then remembered … I hate Internet Explorer

Six months ago I whipped up a Flickr-in-CSS proof of concept page. Since then, Flickr has actually converted to using CSS and JavaScript where before they were using Flash and doing an incredible job. But when I saw Dan Lyke doing a variation on it, I decided to upgrade the “proof-of-concept.”

So, between answering support tickets and attempting to install Linux on a Cobalt RaQ4 (don't ask—it's not pretty) I sat there hacking away at improving the page.

Unfortunately, if you are using IE, don't bother checking it. I gave up after spending way too much time trying to support both Mozilla (which supports the latest standard for JavaScript ECMAScript) and IE (which is in a different ballpark altogether).

What I didn't want to do is:

if (document.getElementById)
{
  popUpWinStyles = document.getElementById(id).style;
}
else
{
  popUpWinStyles = eval('document.' + id);
}

everywhere (basically, if you support the standard document.getElementById() function, use it, otherwise use the Microsoft way. That adds just tons of if statements all over the code and tends to make debugging rather difficult.

I thought that maybe doing:

if (document.all) // are we Microsoft?
{
  document.getElementById = function(id)
	{
	  var obj = eval('document.' + id);
	  return(obj);
	};
}

would work.

And it would have too, had it not been for those meddling programmers!

I mean, it worked as far as adding the getElementById() method to the document object if it's Microsoft, but what I forgot was that in the standard, to set the color of an element is:

obj.style.color = 'blue';

whereas under Microsoft it's:

obj.color = 'blue';

The standard has all the CSS attributes under obj.style where as Microsoft just sticks them under obj—one layer up, as it were.

Grrrr.

But then … even adding all the if statments (which I wanted to avoid in the first place) was problematic as IE's support of CSS is … maddening.

So, I decided it was easier to just forget about IE for this.

It's not like I use it.

Monday, July 04, 2005

Light fuse, go boom

Just like two years ago, we were again invited to Smirk's house for Forth of July fireworks. And just like two years ago, Smirk had again obtained a few boxes of the “slightly questionable” mortar-type fireworks.

Unlike two years ago though, there were a bit more pre-show safety lectures about the correct method of loading and lighting the fireworks—as exciting as it was last time, no one really wanted to be within 50′ of a live firework mortar as it explodes.

And this year, there were no ground-based explosions.

Granted, there were two that only made it (at max) 100′ into the air before exploding—-spectacular yes! Picture, no (out of frame). But no ground-based explosions.

And we were all happy that we were able to yet again celebrate our freedom by blowing stuff up!

Tuesday, July 05, 2005

No one in my family ever did anything like that …

My grandfather calmly bent down and pulled up the leg of his pants, rolling the hem in a tube toward the knee, while he watched my Mother (who was, honestly, holding her own and not in need of aid.) He then unbuckled his artificial knee and hopped the two steps over to Mr. PinchyFingers and proceeded to beat him down with the damned thing.

Via theferrett , Gramps

Friday, July 08, 2005

Bugs in Apache

I think I found a bug in Apache 2.0.

I wanted to try a new look for the blog and while I have a test blog at home, I can't really reach the webserver since it's behind the firewall web traffic isn't forwarded, I thought it would be easier to get my blog running on my workstation at The Office. I already have Apache 2.0 installed on the machine, and getting the blog up and running only took a few minutes, even including the time to make a few test entries.

Now, one of the things about mod_blog is that I make use of Apache's mod_rewrite to make the external URLs decent. Also, because I want to handle errors correctly, I need to actually output the HTTP response header, so mod_blog uses a feature of Apache's mod_cgi that allows the CGI to output the response code. So, within the Apache configuration I have something like:

RewriteEngine on
RewriteBase   /
RewriteRule   ^([0-9][0-9])(.*) nph-blog.cgi/$1$2 [L]

Basically, a URL of http://boston.conman.org/2005/07/08.1 is, internally to Apache, turned into http://boston.conman.org/nph-boston.cgi/2005/07/08.1 which does the actual parsing of the date to bring you the appropriate entries (the nph- part of the name tells Apache not to generate any headers for this script).

That works fine under Apache 1.3.

Under Apache 2.0, things are slightly different.

The same setup, and I get the page, but at the very bottom I get:

HTTP/1.1 200 OK Date: Sat, 09 Jul 2005 05:44:15 GMT Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.3.11 Content-Length: 0 Connection: close Content-Type: text/plain

At first, I thought it might be a problem with mod_blog, since intially I had the test blog as http://www.example.net/~spc/blog/ and that the problem could be an interaction between Apache's mod_rewrite, mod_userdir and mod_cgi using a CGI script that generates the headers. Moving the blog to http://www.example.net/ didn't improve things, so now it's down to an interaction between mod_rewrite and mod_cgi and a CGI script that generates the headers.

So, if I go to http://www.example.net/2005/07/08.1, I get the spurious output, but if I go to http://www.example.net/nph-boston.cgi/2005/07/08.1 (go through the CGI script directly) the page renders correctly and without the extraneous stuff at the end.

I am running the latest version of Apache 2.0, and a rather quick query of Google didn't come up with any known issues with mod_cgi using “Non-Header Parsing” scripts and mod_rewrite. Guess it's time to dig into the code …

Saturday, July 09, 2005

On the bright side … at least it's not inside the walls

There was bad news last night after getting home from the weekly D&D game—the A/C wasn't working. And if you live in Lower Sheol, there isn't much worse than not having A/C in the middle of July (I suppose it could be non-working A/C in August but let's not go there).

The outside portion of the A/C has a small fuse-box on the side of the house and when I went to check it after the game, I found what could have been the problem—there was a wasp nest inside the fuse box, behind a plastic plate with holes to the inside.

Wundervoll!

Today was spent trying to get rid of the unwanted houseguests.

I will admit to being a complete baby when it comes to the flying, stinging insects, namely because I've never been stung so I have no idea if I'm actually allergic to them or not. And I'm not really keen on finding out any time soon either. It was worth it to me to wear a heavy leather jacket, leather gloves and a large hankerchef over my head in 90° weather as I was spraying insecticide; I much prefer to melt into a puddle of water than to get stung.

But alas, even after chemically evicting our Polistes friends, removing the nest and testing the fuses (they were good), the A/C still didn't work. Which means we may have to call in the professionals …

---

“We regret to inform you … ”

It's always nerveracking when one receives a letter from the IRS, especially since this years tax-bill was a bit on the large side. As I was opening it, I kept expecting to see something like:

Dear Mr. Conner:

Congratulations!

You have been randomly selected to recieve a full audit of your taxes for the past five (5) years, starting with the 1997 tax year (and remember, we never make mistakes). Please call the number below to schedule time for your audit at our convenience.

And thank you for using the IRS. Have a nice day.

So I was rather surprising to read:

Dear Mr. Conner:

Re regret to inform you that you have overpaid your taxes for the 2004 tax year and are therefore entitled to receive money back. We calculated that your income as [some amount lower than I calculated] and therefore your tax liability should have been [about 80% of what I actually calculated]. If this is okay, do nothing and you should receive a check from us for the difference. If however, you think we are in error, please feel free to contact us so we can flag you for a full audit.

And thank you for using the IRS. Have a nice day.

I certainly wasn't expecting that!

The second letter from them was the actual refund check.

Sweet!

Sunday, July 10, 2005

I'm melting

My GOD is it hot!

And I've never seen cats pant before.

Monday, July 11, 2005

“But it's a wet heat … ”

The reason the updates have been delayed is due to heat. In order to save some money, we decided to wait until today (Monday) to call in the professionals.

They're busy with work, so the next available slot is tomorrow (Tuesday).

Melt.

Tuesday, July 12, 2005

Hot times at the homestead

The A/C guys turned out earlier than expected, which is good. They found the problem with the A/C, which is even better. The condenser unit shorted out and needs replacing, which is bad (sigh—there goes my refund). And they might not get the part until tomorrow, which is horrible!

Aaaaaaaahhhhh!

---

Cool times at the homestead

But the good news is, they got the new condenser unit installed!

Woot!

We have coolage!

Thursday, July 14, 2005

Love Your Job

I XXXXXXX hate these XXXXXXX Cobalt RaQ4s.

Hate.

XXXXXXX hate.

How long now? A two weeks? Three?

They are XXXXXXX impossible to upgrade or install.

Let's see …

Trying to seek past end of device—maybe run.

Can't find init—kernel panic.

Spends three days running fsck—crash.

Symbolic links that aren't—nothing runs.

Need to run fsck manually—crash.

Hate.

Rage.

Love Your Job!

---

A snippit of an overheard conversation at a small company in Lower Sheol

“Sean, take a breath. It's just a stupid computer. It's nothing more than plastic, circuits and a few chips. It's dumb—it's a dumb device.”

“Yeah, and I'm still its bitch … ”

Friday, July 15, 2005

Drool

I want one of these keyboards! (link via Jason Kottke)

---

Postmortem on a Cobalt RaQ4 install/upgrade

Oddly enough, installing Linux on a Cobalt RaQ 1 or 2 is easier than installing Linux on a Cobalt RaQ 3 or 4, dispite the 1/2 not being an Intel based machine.

But yesterday, as I was lying face down on my bloodied keyboard, I suddenly realized that Smirk was telling me something. “Sean,” he said. “you don't have to get Apache running on the firewall.”

I had gotten close yesterday—with Wlofie's help the night before, we were able to recover one of the RaQ4s with it's initial distribution, and I had gotten a Linux 2.4 kernel and iptables installed and running. It was only getting Apache running that I did a horrible mistake: I mounted the working drive in my workstation! That right there was a monumental mistake.

You see, the Cobalt RaQ firmware (which is responsible for loading Linux off the disk) only supports an ext2 revision 0 file system and the fact of my just mounting said drive (for write access no less) “fixed” it so that it was no longer a revision 0 file system. In fact, I'm not sure what exactly happened, but the upshot of mounting a filesystem formatted under Linux 2.2 onto a Linux 2.6 system munged every symbolic link on the file system. Move the drive back to the Cobalt RaQ, and attempt to load Apache, I kept getting stuff like: Apache: libfoo.so not found. I then check to see what's up:

-rw-r--r-- 1 root root 120184 Mar 28 2000  libfoo.a
lrwxrwxrwx 1 root root     11 Jul 14 14:44 libfoo.so
-rw-r--r-- 1 root root 120528 Mar 28 2000  libfoo.so.1

Well, libfoo.so is there, but it should look like:

-rw-r--r-- 1 root root 120184 Mar 28 2000  libfoo.a
lrwxrwxrwx 1 root root     11 Jul 14 14:44 libfoo.so -> libfoo.so.1
-rw-r--r-- 1 root root 120528 Mar 28 2000  libfoo.so.1

And it wasn't just one or two symbolic links, but (at least in /usr/lib) every symbolic link was borked in this manner.

What I did next only made things worse (resulted in the “kernel panic: counldn't find init” error) so I won't bother going into detail about that.

No, what eventually worked was the following:

• One Cobalt RaQ 3 or 4 that can still boot of its drive
• One Cobalt RaQ 3 or 4 Rescue CD
• One PC (A) with
  • One (1) CD-ROM drive
  • One (1) Harddrive
  • One (1) 3Com-509B network card (there are three or four others that work, but I don't have that list handy right now)
• One PC (B) with
  • Serial port capable of 115,200bps and 8n1
  • Software capable of running said serial port at said settings
• NULL serial cable
• Network switch
• At least two network cables

1. Hook NULL serial cable between Cobalt RaQ and PC B
2. Start serial software on PC B and configure serial port to 115,200bps 8n1
3. Hook Cobalt RaQ up to switch using network cable.
4. Turn on Cobalt RaQ, and make sure it will use the serial console (you may have to shove a paper clip into the small hole next to the LCD screen as you power up to enable the serial console).
5. Log into the Cobalt RaQ as root.
6. Configure the network to something usable (ifconfig, route, etc).
7. Download the latest version of the firmware (2.10 works fine in both RaQ3s and RaQ4s).
8. Install new firmware.
9. Shutdown Cobalt RaQ.
10. Hook up PC A to network.
11. Install rescue CD into CD-ROM.
12. Reboot PC A from rescue CD.
13. Accept license agreement.
14. Turn on Cobalt RaQ holding down the “S” button, select “boot net” option.
15. Play Solitare, Tetris, or eat lunch for the next half hour or so.
16. Power cycle Cobalt RaQ.
17. Power cycle Cobalt RaQ when it asks.
18. Log into Cobalt RaQ as root.
19. Run passwd and install a root password.
20. Download special Linux 2.4 kernel for Cobalt RaQ.
21. Install Linux 2.4 kernel and kernel modules.
22. Reboot.
23. Reconfigure as required.

That last step, “reconfigure as required” may take a while. It may include stuff like downloading the source for such packages as ssh, Apache, MySQL, extracting the files, and doing the magical incantation:

./configure
make
make install

a few times over the next few days (since I had already done this step before a few months ago, I could just copy the existing binaries).

Friday, July 22, 2005

Viva Lost Wages

Sorry for the lack of posts this past week, but I've been out in Las Vegas, all 115°F of heat, hanging out with Hoade as he did research for his new novel. We were lead to believe that the Hôtel San Rémo had free wireless, but as we found out, nothing in Las Vagas is free, and the Hôtel San Rémo was no exception; it also didn't have wireless but ethernet so I was out of luck in using my laptop (which only has wireless).

It'll be a few days before I work through the 350 plus photos and get the write-up written. It's got chills (“Man, this hotel room is cold!”) and spills (“Ouch! Oof! Umph! Ow! Yikes!”). It's got action (“Come on—baby needs a new pair of shoes!” “This is a slot machine, not craps, and you don't even have a baby!”) and romance (“So … how much you got? For five hundred I can give you an excellent time.”). Intrigue (“What are you taking pictures of?”) and conspriacy (“Bob Lazar was forced to move to Mexico because of his exposé of Area 51.”). And the unexpected (“Dude, the power just went out!” “Watch out for the slot zombies!”).

But first, I have to finish reading Harry Potter and the Half-Blood Prince.

Sorry.

Tuesday, July 26, 2005

Bubbles in Florida

Land that could be bought for $800,000 could, within a year, be resold for 4 million before crashing back down to pre-boom levels. The prices were so inflated that to buy a condo-style property in XXXX, you would've had to pay the same as you would now have to pay for a luxury home in the guard-gated communities in Miami ($4,500,000)—without adjusting for inflation!

Via Florida Real Estate Bubble from The Mess That Greenspan Made: Money Magazine on “Cashing Out”, The Florida Real Estate Craze

This is not a speculative article “written” from the perspective of say, 2011, but is instead about a real estate bubble that actually happened in the state of Florida a while ago.

How long ago?

The $4,500,000 price, adjusted for inflation, would be $494,500,000—nearly half a billion dollars today.

Too bad for the gentleman that actually spent $4,500,000 dollars back in 1926 for the property.

---

How much service can you get for $700?

Speaking of inflation, when Mom and I moved here to South Florida, no longer could my Grandma (Dad's mom) drive drive and pick me up for a summer spent in the suburbs of Detroit. So starting in 1980, I would fly north for the summer. This was before Reagan fired all the air traffic controllers and the airline industry was still heavily regulated; because the prices were fixed, the various airlines had to compete with the only weapon they had left: service.

I remember flights as a kid being not that all unpleasant. Granted, I was much smaller then so I could easily fit in the seats. And they still fed us meals. And I remember that between my Mom and grandparents, they paid around $300 for a round trip ticket.

Adjusted for inflation, $300 1980 dollars equals $708 2005 dollars.

And yes, for $700 dollars you could probably get wonderful service from the airline industry, unlike the cattle car mentality you get now (“be grateful you even get water you ingrates!”).

---

Fun with Zip+4

Hmm … I could have sworn I wrote about this before, but since I can't find an entry about it, I guess not. Anyway … a few months ago I was playing around with zip codes, and I found out that the zip+4 code for Casa New Jersey only has one address—ours! Sure, it's meant for houses within a certain address range on our side of the street, but as far as I can tell, we're the only house within that range on our side of the street.

I made a comment about this to a few people (Hoade among them) and wanted to do an experiement where I addressed I postcard to:

Occupant
Florida, 33461-XXXX

And see if it gets to us.

Well, when I was in Las Vegas last week, I did just that.

I sent four postcards, addressed as:

1. Occupant
   Florida, 33461-XXXX

2. To the Happy Family That Lives There
   Lake Worth, Florida 33461-XXXX

3. Spring Dew Conner Stenbock Schmidt
   [street address] 33461-XXXX

4. Frau Dew
   [street address]
   Lake Worth, Florida 33461-XXXX

#2 and #4 were mailed from Rachel, Nevada. #1 and #3 from the Hôtel San Rémo.

So far, two have arrived, #3 and #4.

Sadly, the one mailed from Rachel came with a Las Vegas postmark (Rachel doesn't have a postoffice, unless you count a blue US Postal Service mailbox a “postoffice”). And the one mailed from Las Vegas came with two postmarks—one from Las Vegas on the 18^th, and one from West Palm Beach on the 23^rd.

We are still expecting two more.

Thursday, July 28, 2005

Connections

Mayer and Sinai's study also identified the real culprit: the deliberate overscheduling of flights at peak periods by major airlines trying to increase the amount of connecting traffic at their hub airports. Major airlines like United, Delta, and American use a hub-and-spoke model as a way to offer consumers more flight choices and to save money by centralizing operations. Most of the traffic they send through a hub is on the way to somewhere else. (Low-cost carriers, on the other hand, typically carry passengers from one point to another without offering many connections.)

Via Jason Kottke, Tragedy of the Airport: Why you get stuck for hours at O'Hare

Hoade and I flew Northwest Airlines to Las Vegas, with a conection in Detroit—Detroit being a major (if not the major) hub for Northwestern, and the terminal is huge—so huge that it has light rail running from one end of the terminal to the other.

THOUGHT: Airlines will always fly you through a connection flight.

notes taken during the trip

I'm convinced that had I decided to fly Northwestern to Detroit, I would have a connecting flight through Atlanta. Airlines seem incapable of flying one directly to a destination.

Saturday, July 30, 2005

Reminds me of Google

Google Logo Maker (via Amygdala).

Monday, August 01, 2005

I think I'm turning into jwz

So I have to download a customer's site from their old server, because the wget I did a few weeks ago missed some “private” files.

Why did I use wget a few weeks ago?

Because of FTP, that's why (and yes, I did forget that wget can do FTP—grrrr).

Now, I'm used to using FTP. Been using it since, oh, 1989 or there abouts. But the standard FTP client that comes with Unix doesn't handle directories very well, in that you can't just “get” a directory and have it download all the files in said directory—no, you have to change into each directory and grab the files.

Well, there is ncftp but I hate ncftp. I'd rather use a Windows FTP client like CuteFTP or WS-FTP than ncftp and that says something.

So I end up using ncftp.

Under Windows no less.

Sigh.

I don't have ncftp installed on my workstation, because apparently, it isn't installed by default with this Linux distribution (which is based off a RedHat distribution—funnily enough, my system at home, which started out as a RedHat 5.0 system, has ncftp installed, even though I never use it). And I'm not about to install it, given the oh so wonderful experiences I've had with package managers that fail to actually install the packages I want because I use the common name, like foobar instead of the more precise name like foobar-2.4.2-snap-dragon-on-speed.Beta-release.

So I figure I'd use Windows, since every Windows GUI FTP client can at least deal with recursively downloading files.

Only the GUI-based FTP clients we have installed on the Windows system are well past their “evaluation” period and is now in the “register now or we trash your system” period. And the default Windows FTP command line program is even more pathetic than the default Unix FTP command line program, so using that is out of the question.

But …

The Windows systems have Cygwin installed, which includes an install of ncftp.

So that's why I'm using ncftp under Windows.

But why do I hate ncftp?

Because it does things on my behalf that I don't want it doing. I'm used:

GenericUnixPrompt> ftp ftp.example.net
Connected to ftp.example.net
220 Foobar 2.4.2 Snap-Dragon-On-Speed Alpha Release
Name (ftp.example.net:spc): 
331 Password required for spc.
Password:
230 User spc logged in.
ftp>

You know, the FTP program asking me for the userid and password.

ncftp? Oh, it tries to be “helpful” and unless otherwise stated on the command line, will automatically anonymously log me in. You know, to save me from having to type A N O N Y M O U S (or even F T P which became the other default anonymous user login because I guess, typing A N O N Y M O U S proved to be too difficult for most users).

That is not the behavior I expect from an FTP client—especially a command line FTP client, and I know I'm in the minority on this (since nearly every one of my friends seems to like, or at least, tolerate, ncftp as the current state of affairs, much like Medival peasants tolerated the Black Death as the current state of affairs).

Once past that problem, next was downloading the entire site. Started the recursive GET, only to have it time out on a particularly large file. Okay, try it again.

At least ncftp was smart enough to realize what it had already downloaded, but a few of the files apparently “changed” between the two attempts, and I was given the chance to “[O]verwrite” or “[!O]verwrite All.” My mistake here was assuming that “[!O]verwrite All” meant that any files that it would otherwise ask me about it would just overwrite.

Hah!

No, selecting “[!O]verwrite All” really meant: “re-download every file and oh, crap out on the really large ones.”

A couple of hours of fighting this crap, I found out that what I really wanted was set auto-resume yes.

To really drive home the friendliness point—as I was trying to quit ncftp it noticed that I had not “bookmarked” the site. No, just quit—I don't need to be asked to “bookmark” it—if I want to “bookmark” it, I'll tell you.

Sheesh.

God, I just love software that knows better than I about what I want done.

Wednesday, August 03, 2005

My life as a Chinese Fortune Cookie

Today was an interesting day, in the old Chinese way. I'm in my car, pulling out of the driveway and noticing a significant list to starboard and the steering is a bit wonky. I have my suspicions and it does indeed turn out correct: the passenger front tire is flat.

I'm already running a bit late to work, but hey, what's another hour or so? Jack up the car, remove the airless tire and slap on the rather pathetic excuse for a spare, causing my car to transcend the look of silliness into the realm of ridiculousness. Once the donut is secured to the wheelbase and the flat secured in the trunk, I head out in search of the nearest Tire Kingdom, a few miles away.

There, I am informed that it would take at least two hour for them to patch the tire. Not wanting to stick around in a waiting room with a blaring TV and decade old car trade magazines, I head back home. I inform The Office that I will be even later than expected.

My job at The Company can mostly be performed at home; even if a server needs to be rebooted I can call a partnering company with access to the datacenter and have a warm body go in and perform the necessary button pushing if it comes to that. Email and checking the trouble ticket system can be done from home. The only thing I can't do is answer The Office phone. For now (as one of the longer range goals of Smirk is to have The Office phone forwarded as needed).

Two and a half hours later, I call back to Tire Kingdom and yes, my tire has been patched and ready to pick up. An hour later, after finishing up with a hysterical client that's having email problems and can't get anyone at the office (well, no wonder—Smirk having jury duty, P studying for exams and I with a donut for a tire) I retrieve the now patched tire. Since it is so late by this time I figured it's of no use to actually go into the office and instead just go back home and swap the patched tire for the donut.

On the way home, I pass a gentleman riding an adult tricycle whose tire fell off in a most comical way, and I am reminded that it could have been worse.

Friday, August 05, 2005

Lost opportunities

What's sad is that at one time, I had enough monitors to make an arch, and I could have probably sold it on eBay, as art, for quite a bit of money.

Sigh.

Monday, August 08, 2005

The Hunt for 928

Something that occurred to me goes back to one of the original stupid reasons for chasing after this. There are any number of stories out there of crashed UFOs. If you buy all of them, then the damn things must be falling out of the sky everywhere. Something that's always been in the back of my mind (and probably many others) is “Wouldn't it be fun to try and track down one of these things?” Well, after investing all this effort into searching for a terrestrial (although very spacey looking) craft, I'm pretty skeptical that any remnants of an actual saucer crash (assuming one really occurred) could be found. I was dealing here with an event I knew had occurred, which had a reasonable amount of documentation, was in favorable, open terrain, and proved nearly impossible to find. If a saucer ever did plop down somewhere, I suspect not a trace would remain. Still, it would be more fun than hunting snipe …

The Hunt for 928

Quite a long article about trying to find a crashed A-12, the precursor to the SR-71 (it's a bit shorter, only room for a single pilot and a smaller flight range, but faster and can fly higher than the SR-71).

Briefly, Tom Mahood heard about the A-12 crash, and decided to test Merlin's Laws:

1. There is always something left (Applies to UFO crashes only if there's a real crash!)
2. There is almost always a road to the crash site.
3. Newspaper information is not to be trusted.

If he could find evidence of a top-secret CIA spy plane (even if it did crash some 35 years previously to his searching for it) then it might be possible to find an actual UFO crash site. But given that he spent not only two years but:

• Personal trips out there: About 20
• Money spent on aerial photos: $500
• Additional money to replace sunk truck: $6,000
• Cumulative searchers involved over entire hunt: 9
• Other wrecks found during the search: 3

The chances of finding a possible UFO crash are very slim indeed.

And the article is well worth reading (even if it is a bit on the long side).

---

It's about time!

Amazing!

Smirk came in, saying that once again, a website on a shared IP address needed its own separate address. And since the website in question is under the Insipid control panel, that means moving the site to a new server under a different plan because Insipid is too stupid to readdress a site.

That is, it was too stupid.

Seems that since the last time, Insipid was hit with a big ol' clue-by-four and now you can easily change the IP address of a site.

Simply amazing.

---

Nice try, but that's an abandoned site

One reason for my journal is to document some pretty arcane technical information, like … oh … surviving a DDoS attack. Good thing too, because one of the servers I manage—the ones that typically get hacked and attacked, was under attack today.

Annoying, but nothing that I couldn't handle.

After blocking some 3,100 IP addresses, I was of the opinion that the source addresses were forged. While it's possible that some hacker or hackers had control of thousands of zombie boxes, it was curious as to why they were attacking the particular sites—just small marketing sites that, as it turned out, were no longer used.

Once I found out the sites under attack (all under the same IP address) were no longer needed, it was a simple matter to take down the IP address under attack.

Tuesday, August 09, 2005

Why do people insist on using PHP? Why?

You just have to love informative error messages.

One of our clients is getting the following error on a PHP (of course) driven website:

Warning: file_exists(): open_basedir restriction in effect. File(XXXX) is not within the allowed path(s): (XXXX/htdocs:/tmp) in XXXX on line 531

Okay, I read that as “file not found” but according to the customer, if the file really didn't exist, she would get “file not found” instead of “File … is not within the allowed path(s).” Which is frustrating because the file in question does not exist!

Aaaaaarrrg!

So okay, humor the customer. Go ahead, try to do a search on “PHP File is not within the allowed path” … go ahead … I'll wait …

See the problem?

A lot of sites seem to have that problem.

Searching the PHP site doesn't seem to be helping any either.

Does anyone have a clue? It appears that PHP is refusing to search for files past a certain depth, but I can't say for sure that is the problem, nor even what to look for to see if this is the problem.

Sigh.

---

Perspective

“How was your day?” asked Spring.

“Bad.”

“Oh … ”

“But in the grand scheme of things,” I said, “it wasn't that bad, and it could have been worse. I could have been a guard during a prison riot.”

“Yes, when you put it that way … ”

Wednesday, August 10, 2005

Clickity click

Sure, it was easy enough to stop the SYN attack on Monday by just turning off the IP address under attack. But the owner of the sites on that IP address want to know which site was the one being attacked.

So, how do you determine which of fifty-plus sites was the victim of a SYN attack?

By giving each of the fifty-plus sites their own IP address and seeing which one gets SYN attacked, that's how.

Clickity clickity clickity clickity clickity

Apparently, not all the sites were abandoned alas …

Clickity clickity clickity clickity clickity

Thursday, August 11, 2005

Random quote spewed forth from my computer

Whom computers would destroy, they must first drive mad.

---

Oh, so they were used after all

So apparently the sites where in actual use, hence the query for which site was under attack. Also, it turned out that the traffic spike I saw might not have been an actual SYN attack, but instead legitimate traffic.

It seems that the company that owns the sites have a domain that has nothing but advertising banners for gambling sites (since that's what they do) for which they bought advertising space on a bunch of porn sites (I'm sure on the theory of “in for a penny, in for a pound” but in this case, “in for a vice, in for a whole slew of vices”) and it caught our server unaware.

It's not like the server can't handle the load, but that Apache wasn't configured for such a spike in traffic. Now that I've tweaked the operating system (Linux):

sysctl -w net.ipv4.tcp_syncookies=1
sysctl -w net.ipv4.tcp_max_syn_backlog=2048
sysctl -w net.ipv4.tcp_syn_retries=2

But also tweaked KeepAliveTimeout, MinSpareServers, MaxSpareServers, StartServers and MaxClients in the Apache configuration (doubled each except for KeepAliveTimeout which I decreased) the server is having no problem keeping up with the traffice (I also copied the site to the second server and round-robinning requests between the two).

Friday, August 12, 2005

Scenes from a fast food drivethough

“Chzzzzzzzzzzzzzzzzzbrzzzzzzzzzelp you?”

“Yes, I'd like a number one—”

“Chzzzzzzo?”

“Number one!”

“Bzzzzzzzoke?”

“Yes, with a Coke.”

“Crzzzzuperduper size it?”

“No, I'll just take it the regular ludicrous size.”

“Bzzzzzzzour fourty-seven. Drive around please.”

“Thank you.”

I drove to the first window and hand over a $10 bill. The cashier makes change, and hands it and the receipt over. I scan the receipt and notice that it's not for the number one I order, but a number seven, megaduper humongous size. “I'm sorry, but this isn't my order,” I said, handing back the change and recept. The cashier looked puzzled. “I ordered a number one, regular ludicrous size.”

“Oh,” she said. She called over another worker, and both started talking in a patrois that I did not understand. The second one then started slamming on the cash register and by the tone of her voice, I could only assume that she was swearing in whatever langauge she natively spoke. She then called over a manager.

He walked up, and between all three of them, in somewhat hushed tones and slightly broken English, an explanation of what happened transpired. The cars were backing up behind me. The manager furiously punched buttons on the formerly abused cash register, recounted out my change, and handed it to me. “Next window please,” he said.

At the next window, the fast-food worker held a bag towards me. “Number one, regular ludicrous size with a Coke?”

“Yes, that's my order,” I said, taking the bag and Coke from her.

At least I didn't end up with a hamless ham and cheese without the cheese sandwich.

---

The server platform that can not run unattended

A customer calls up, and asks if we can reboot his colocated server because he can't “PCAnywhere in.” Windows box. Of course. “It's XXXXXXXXXXXXXXXX.com, in a tall tower case,” he said.

“So all I need to do is hit Ctrl-Alt-Del and shutdown then, right?” I wanted to make sure here.

“Yes.”

So I go into the server room, and hook up the crashcart to the system in question. The few mice I try don't work, but the keyboard does, so at least I have that much going for me. The screen is, for the most part, blank, and the task bar at the bottom looks like it has an outbreak of the Chicken Pox. I hit Ctrl-Alt-Del, a few windows flash, then the infamous “I can't stop this task” message box comes up.

By now, I can see that there are at least a few dozen message boxes from some application complaining that it can't send email and to try again. And it's this application that Windows is having difficulty killing, since the message boxes are apparently keeping the program alive until I click Okay to dismiss it.

And each message box is backed up with its own process.

Which is filling up the task bar with so many programs, making it look like the aformentioned Chicken Pox.

So for a solid five minutes I'm there alternating between killing tasks from the task-killing message box (which doesn't seem to go away) and hitting Okay on the “I can't send email” message boxes, and I swear the number of tasks is not decreasing. I'd like to shut down this server cleanly because, well … it's Windows (turns out it's Windows NT 4.0 release 1381—circa 1996 I believe).

But there's no way I'm going to play button-monkey to Windows, and I hit the Big Red Switch.

It's a server! I shouldn't have to hit Okay on a message box to get it to continue. It should run unattended.

Bloody Windows.

Tuesday, August 16, 2005

Apples to Oranges

G, a consultant that we do business with (he was the one that got us involved in Project White Elephant, which is actually going quite well now that the servers are configured correctly) dropped off a Mac mini (at a price just a bit lower than the going street price) with the idea that we might be able to use it as a low-cost server platform. it's small, low power (although not as low as a Cobalt RaQ) and underneath the Mac exterior is BSD Unix.

I have the unit at home right now, playing around with it, and I must say, the software is slick and the GUI is nice (although I've already come across one quirk, and the fact that you have to drag the CD to the trash to eject is a bit … disconcerting to one not used to it).

The dock (the Apple equivilent of Window's Task Bar) is better behaved when hidden—there's a crucial half-second or so pause before it will pop up, unlike the Window's Task Bar which will pop up if you get anywhere near it. Although having to look for the little arrow at the bottom of the dock icon to see which programs are running is a pain. Small price I guess.

And the keyboard sucks! I have an actual, honest-to-God Mac keyboard for the thing, and what I wouldn't give to use an actual, honest-to-God IBM keyboard on this thing—the stupid Mac keyboard lies flat!

Gah!

In fact, as I was typing this up (using this XXXXXXXX XXXXXXX Mac keyboard) Spring was admiring (or rather, drooling over) the Mac mini—

HOLY COW!

HOW COOL IS THAT?

(Forgive me—I'm not used to Macs as you might be able to tell). Pressing F9 shrinks all the windows on the desktop, giving you a thumbnail view of everything, F10 shrinks the windows of the current application in focus, and F11 hides all the open windows on the desk top.

Okay, I'm beginning to drool over this thing now.

Get a decent keyboard for this thing, and a development system, and I just might keep this thing for myself …

Thursday, August 18, 2005

Just here to remind me

Ask and ye shall receive.

Thursday, August 25, 2005

Punks from middle Asia

This post is dedicated to my ex-roommate Rob, who like punk music, and to Spring, who likes international music. I give you: Yat-Kha, a Tuvan throat-singing punk band (link via Marginal Revolution).

Friday, August 26, 2005

I had a decent title for this when I thought of making the post, but I've lost the thought since then …

Well, Hurricane Katrina was certainly anti-climatic. I first heard about it ealier this week, but unlike the past few hurricanes, it was still a tropical storm and would only become a hurricane just prior to landfall. I was expecting some bad weather very late Thursday and throughout Friday, but the timing was a bit off.

The worst came throughout late Thursday, and given that Hurricane Katrina hit land just south of Ft. Lauderdale, a good fourty miles to the south, we just got some stiff breezes and some light rain here at Casa New Jersey. That's the good news.

The bad news—I was hoping to get Friday off from work, but seeing how Hurricane Katrina was already offshore by the time I got up, workbound I was.

Fortunately, the office is very quiet today and it appears that most people have today off anyway. Now it's just a regular muggy Auguest afternoon in South Florida.

---

In looking over the satellite loops of Hurricane Katrina, I'm struck by the fact that as a hurricane, it was a rather poorly defined one (at least, as it went over South Florida)—no real eye developed and except for possibly some hurricane force winds (sustained 74 mph) between Ft. Lauderdale and Miami, it was nothing more than a really bad storm. I do wonder if conditions in the mid-Atlantic are less favorable to hurricane formation now. We're almost half-way through the season and Katrina is the 11^th storm so far. Is there still enough energy in the mid-Atlantic to sustain more hurricanes this season? (for comparrison, back in 1992, the first storm of the season, Hurricane Andrew, formed in mid-August).

It takes quite a bit of energy to feed a hurricane, and while there's another storm that might get named in the mid-Atlantic, it's been that way for a few days now (with the National Hurricane Center labelling it a “possibility in 36 hours” for the past three days) and I have to wonder if there's anything left in the mid-Atlantic to give, energy wise.

Then again, I'm not a meterologist …

---

Google is acting like a female dog, and I don't mean that in a good way either

Google is being annoying today.

I'm used to doing a search (like, for Miami, Florida) and being able to copy a link directly from the results page. Occasionally Google will link to the result through itself, like:

http://www.google.com/url?sa=t&ct=res&cd=1&url=http%3A//www.ci.miami.fl.us/&ei=ZXcPQ62OKY78sQH2qfmsCg

Annoying when it happens, but if I do the search over again, the results page will have the links going directly to the results, as in:

http://www.ci.miami.fl.us/

But not today.

Today, no matter how many times I restart my search, clear the cookies, click on the munged link or what have you, Google is insistent upon returning the annoying links that are useless to blogging. And to make matters worse, there's JavaScript in the results page to munge the status bar at the bottom of the browser (in Firefox, hoving over a link will show the URL in the status bar) so it's not readily apparent what's going on.

Come on Google, cut it out! You, of all companies, are supposed to be above such things …

---

Quiet time

Yes, I've been quiet for the past week or so. For two reasons:

1. I have a new toy to play with.
2. I've been cleaning up the code to mod_blog.

Both items have been sucking up vast amounts of time, but in a good way.

That's why I've been rather quiet here.

---

A little bit about a little Mac

Smirk misunderstood an entry I made last week, thinking that I wanted to keep the Mac mini I was testing for work. He went ahead and ordered the PS/2 to USB adaptor (and a few extras for the office) so I could use a real keyboard (along with DoubleCommand since the IBM keyboards I use don't have Windows keys).

At that point, I figured I was having so much fun with the Mac that I might as well keep it, seeing how it was below steet price to begin with.

But that wasn't my intent with the entry. At the time, I was cursing the keyboard I was using and wishing I could use an IBM PS/2 keyboard. It was then I decided to search Google for a “PS/2 to USB adaptor” and lo'—there it was.

So I really meant: “Ask Google, and ye shall receive.” Not “ask Smirk, and ye shall keep.”

But I kept the Mac mini anyway.

Monday, August 29, 2005

Thankful for satellite backed weather prediction

The Gulf of Mexico is hot; hot enough to to turn H urricane Katrina from a Catagory 1 to Catagory 5 in three days, just in time to wipe southern Louisiana off the map (although it was downgraded to a Catagory 4 just prior to landfall, understandable as hurricanes feed on water and Hurricane Katrina's northern edge is getting starved of fuel).

But you know, if this had happened in the 1920s? Nobody would have had a clue that this was on the way—there would have been no satellite tracking, no way of predicting which way the big wind would have shifted, and precious few ways of getting the word out ahead of the storm even if they had known. If Katrina turns out even half as bad as people say, it would have erupted out of nowhere to lay the smackdown with no warning whatsoever. A lot of people probably would have died.

theferrett: New Orleans, Yadda Yadda

My thoughts go out to those stuck in Louisiana and I hope that the death toll (last reported: three, but those happened during evacuation) does not rise at all. We do live in an incredible age where we are able to get significant warnings and save lives that might have otherwise been lost.

When all of this is over, the religious leaders will be calling everyone to thank God that everything is okay. No mention of the well-trained scientists and disaster experts who worked so tirelessly.

purplkat, in reply to theferrett

---

The mid-Atlantic running out of steam? I can only hope …

After I had written about the mid-Atlantic running out of steam for hurricanes, the National Hurricane Center started issuing reports for Tropical Depression Thirteen, which seemed to deflate my `mid-Atlantic running out of steam” theory. But I notice that Tropical Depression Thirteen is smaller than it was on Saturday when I last checked, so there may be something yet …

Then again, I'm not a meterologist.

---

Hmmmmmmmm …

Unless you have a REALLY high end sine wave UPS, get rid of it for all your audio gear, it doesn't have the balls to save you anyway. UPSs by thier nature inject all kinds of horrible hash onto the mains power. I mean get rid of ALL of them on the same phase as your audio gear. Don't even have'em plugged in in the same house if possible.

Repeat after me, as often as it takes,

One path to ground.
  One path to ground.
    One path to ground.
      One path to ground.
        One path to ground.

Mike Taht: One path to ground!!

Of the people that read me, Smirk and Wlofie may find this interesting. Mike Taht has a whole bunch of posts about power and audio systems.

Tuesday, August 30, 2005

But I gotta wonder at the overdue fees …

For Wlofie: I didn't know you could check out people from the Malmö (Sweeden) City Library (link via Jason Kottke)! That's pretty cool.

---

Notes on a phone conversation as the dark clouds roll in

“What type of server is my site currently on? Because I need to use an Access database,” said the customer.

“Well, it's currently on our Unix server,” I replied, “so we'll need to—” KA-KRAAAAAAACK-BOOOM! “—oh holy sweet Mother of God we're all going to die! Aieeeeeeeeeeeeeeeeeeeeeeeeee!” It's amazing the small amount of space an adult human can occupy under the desk when the proper motivation is applied.

“Sir,” said the customer, “are you okay?”

Slowly peek my head out. “Yes … just a lightning strike across the street.”

Coincidentally enough, the customer's domain has the word “lightning” in it.

Wednesday, August 31, 2005

A fiendish plot

For Spring, a cute Flash cartoon.

Thursday, September 01, 2005

The negligence correspondence

I must be speaking Elbonian or something.

Dropped in my lap is the configuration of a router and firewall for a customer site. The firewall, no problem there (well, except for modprobe being completely borked on the firewall and spending an hour or so trying to untable the Linux kernel module dependencies by hand to get iptables working, but that's a different issue). No, I'm trying to figure out what IP addresses I can use for this.

“What we've got here is … failure to communicate,” as the Captain of Road Prison 36 says.

And this isn't a failure between myself and Dan the Network engineer here—no, it's between myself, Dan, Smirk and G. Smirk told me, in the immortal words of Captain Picard, “Make it so.” Both Dan the Network engineer and G are giving me advice on how to setup the network, but they have completely different worldviews. And the terminology I know isn't the terminology that Dan or G uses (for instance, Dan uses “loopback address” to mean any IP address bound to a router on the loopback device, not just 127.0.0.1, which is a usage I, a programmer who's done networking programming, is not used to).

It's been rather frustrating asking (through email) what seems to me a straightforward question and getting an answer back that has nothing to do with what I asked. Or frustrating giving some information only to get a reply back asking for the information which was in the email I sent (and quoted, in full, back to me).

Perhaps I would be understood better if I translate what I want through Babelfish a few dozen times:

I certainly speak Elbonian or something.

Drop in a mine knee department router and firewall disposition for consumer locus. The firewall, does not have question there (to be very good, is completely borked and passed for a hour except modprobe in firewall or so attempts to untable Linux kind module dependency obtains the iptables operation with hand, but that is an other question). No, I try to extrapolate any IP address I can use for this.

“any we have here are … the negligence correspondence,” like go the same way jail 36 captains to say.

And this is not the defeat and Dan network Engineer here does not have between I, it is in I, between Dan, Smirk and G. Smirk tells me, in Captain Picard immortal word, “makes it so.” Engineer Dan network and G raise me to suggest how about establishes the network, but they have completely different worldviews. And I knew the terminology is not Dan or the G use terminology (for example, Dan uses “to return delivers address” to mean any IP address certainly is returning to a router delivers equipment, not only 127.0.0.1, is usage I, is programmer which completes network programming, is not used).

It rather frustrates the request (through email) any and lets to an I direct question with the answer to return to any to have nothing to do with as if I to ask. Or which frustrated provides some information have to arrive request for reply information is I has delivered in the email (and has quoted, in was full, returns to me).

Perhaps I can understand well if I translate any me to want to pass Babelfish several 12:

[The translation reduces translation.]

Yea, good.

Yea, much better.

Sunday, September 04, 2005

Competative oil

Since 1981, Shell researchers at the company's division of “unconventional resources” have been spending their own money trying to figure out how to get usable energy out of oil shale. Judging by the presentation the Rocky Mountain News heard this week, they think they've got it.

Shell's method, which it calls “in situ conversion,” is simplicity itself in concept but exquisitely ingenious in execution. Terry O'Connor, a vice president for external and regulatory affairs at Shell Exploration and Production, explained how it's done (and they have done it, in several test projects):

Drill shafts into the oil-bearing rock. Drop heaters down the shaft. Cook the rock until the hydrocarbons boil off, the lightest and most desirable first. Collect them.

They don't need subsidies; the process should be commercially feasible with world oil prices at $30 a barrel. The energy balance is favorable; under a conservative life-cycle analysis, it should yield 3.5 units of energy for every 1 unit used in production. The process recovers about 10 times as much oil as mining the rock and crushing and cooking it at the surface, and it's a more desirable grade. Reclamation is easier because the only thing that comes to the surface is the oil you want.

Via Instapundit, SHELL'S INGENIOUS APPROACH TO OIL SHALE IS PRETTY SLICK

I've said before I'm bullish on energy futures, and it's nice to know that we have a few more years yet to perfect oil from garbage (which I personally would like to see, if only to reduce the amount of landfills in use).

Tuesday, September 06, 2005

“What's the frequency, Kenneth?”

I don't handle stress well (as if that wasn't apparent) and again, today was no exception.

I get this way because of deadlines.

Normally, as I approach headbanging time, I simply stop doing what I'm doing and put it on the back burning for a period of time (could be days, could be months) until it suddenly strikes me what I might have been doing wrong. But when I can't follow my own timeline for these things, that's when I get irritable.

It also doesn't help my mood when things that should (there's that word) work don't, and in the process of troubleshooting the things that don't work, the processes I'm using to troubleshoot have to be troubleshot because the stuff that I'm using to troubleshoot should (there's that word again) work, but aren't.

Ouch, my brain hurts.

Today I found two wireless units on my desk to configure (as part of the firewall/router thing that was dumped on my lap nearly two weeks ago)—an access unit (with a serial port—more on that in a bit) and a bridge (without a serial port, just power and ethernet). The wireless bridge should (there's that word again) have been on 192.168.200.1 (why that address? I don't question why, I just do and die) but no response at all. After half an hour I'm told that that unit might be bad, so try this one.

Four hours later with the “new” unit (handed to me encased in plastic) was just as uncommunicative as the “bad” unit. And don't think I didn't try. Let's see … couldn't see it at all from the router it's supposed to be plugged into … couldn't see it from the office switch (and having to place my workstation into the 192.168.200.0 network). Couldn't see it from a separate switch the wireless bridge and workstation were plugged into (bascially because this switch didn't work at all) … and couldn't see it from a second switch I found (that took about half an hour to get configured to ensure that the port the wireless bridge was plugged into was 10Mbps half duplex no auto negotiation (basically, troubleshooting the switch to attempt to troubleshoot the wireless bridge) since the office switch can't be configured).

All this in a vain attempt to configure the wireless bridge. It should (there's that word again) either grab an address via DHCP or failing that, default to 192.168.200.1 (ah, that's why that address) but the documentation, it lies! It lies! (turns out it wasn't factory set, even though I came wrapped in plastic—thanks wlofie!)

Now, the wireless access point? It has that serial port on it.

Ah, I'm brought back to the days of yore when men were men, women were women, and getting any two random pieces of equipment with serial ports communicating was indeed a Black Art™ of the darkest sort—arcane incantations, sacrificing small furry animals to the Great Computer Gods, and an ungodly number of cables, adaptors, frobs and gender changers were required. Along with knowing such arcana as DCE, DTE, CD, XMIT, RECV, CTS, RTS, DB-25, DB-9 (which technically is incorrect—it's DE-9 but everybody just calls it DB-9), RJ-45 (if you're lucky, otherwise, you get DEC's unholy abomination of RJ-45, which requires heaps of gold to use), XON, XOFF, NULL modems, breakout boxes, jumpers, UARTs, male ends, female ends and RS-232 (which isn't).

Just shoot me now.

I didn't get to the wireless access point because I didn't have a gender changer (or a female to female connector). It was bad enough having to crawl under the desk to continuously swap out the DE-9 NULL modem cable (normally used to congfigure the Cobalt RaQs but today used in a vain attempt to configure the one switch while trying to troubleshoot the wireless bridge) for the RJ-45 to DE-9 adaptor cable (for the router that's being configured).

On the bright side, I didn't have to deal with any control panels today.

Wednesday, September 07, 2005

Wizards too, were scorned by those they served

I could only wonder at the though processes that lead to a customer leaving over 6,500 messages in their incoming email account, and then complaining about how long it took to list all the messages therein. I suppose they might be surprised to find out they have that many messages.

“But I check my email everyday!” said a hypothetical customer in a hypothetical conversation I'm making up on the spot. “Now you're telling me I have 6,500 new messages⁈”

“No,” I said, “but you neglected to delete the messages off the server.”

“But I don't want to delete the messages! And what's this server you speak of?”

“No, you misunderstand me—”

“But you said I have 6,500 new messages! Where did they come from?”

“They're not new messages—”

“So what are they then?”

“Messages you left on the ser—”

“AND WHAT'S THIS SERVER THING YOU KEEP TALKING ABOUT?” I can hear the capitals clearly. “Are you talking about this ‘mail.example.net’ you had me type into this obscure … thingy … in my … Lookout?” And yes, they inevitably always use Microsoft Outlook in checking email.

A disconnect this big … how can one even begin to explain?

“Think of the server being your physical mailbox. You don't leave your mail in your physical mailbox, do you?”

“No,” the customer said, sounding a bit suspicious.

“You remove it from the mailbox, right?”

“Yes … ”

“Well, you neglected to remove these 6,500 messages from your mailbox, so that's why it's taking so long to list all the messages.”

But only if it were only email. It's even worse when people are this clueless about their websites. Their commercial websites, that supposedly bring in money (and I won't even mention a certain website reseller with a website development process where “Byzantine” is an understatement and we're stuck with debugging the sites). I can only assume these people are also the type who don't care about their finances and just dump shoe boxes filled with receipts on their accountant's desk, saying “Fix it.”

Sigh.

---

What? No gas masks? What gives?

I've checked the Google AdSense™ Terms and Conditions and I don't see anything about not making editorial comments about the advertising appearing in the sidebar there (I can't however, force anyone reading this to click the links, or otherwise attempt to influence the vast amounts of money Google is sending my way, but I can mention that I've made a whopping $1.35 since April). So, with that aside, I just noticed an ad for RVs durring hurricanes (hurry, over 8,000 RVs available nationwide, about $40,000 a pop) and below that lovely ad, another one for sandbags.

Sandbags (overnight shipping available).

And RVs.

I'm beginning to wonder if the Google AdSense program is really worth it.

Thursday, September 08, 2005

I finally know the way to San Jose

It took awhile but the router and firewall are finally installed in the customer site with the help of G.

Okay, basically, without G's help, I would have been unable to do it. The customer had two connections to us, a wireless connection (at 10Mbps) and a T-1 (at 1.5Mbps). The connection should handle all the traffic but if it goes down, the T-1 should take over. Such a configuration can't be done using static routes (which is what I'm familiar with) but requires something like OSPF, which is beyond my ability.

Sure, it took longer than expected, but then again, the current configuration was rather “interesting” (and not in a good way). Also, the configuration in the old customer router didn't survive a power cycle (whoever configured the old router forgot to save the configuration into non-volatile memory—one momentary lapse of power and it's hand-configuration time again) but since we were already connected using the new router it wasn't much of an issue.

G also left behind some light reading in the form of several feet of documentation on Cisco routers (stuff like Everything you Wanted To Know About Cisco Routers But Were Too Ignorant to Ask and Teach Yourself Cisco Routers In a Thousand and One Days) which was kind of him.

Friday, September 09, 2005

Crash course in surviving free fall

Let's say your jet blows apart at 35,000 feet. You exit the aircraft, and you begin to descend independently. Now what?

Via Jason Kottke, Unplanned Freefall? Some Survival Tips

What now indeed! But the upbeat article does describe several methods one can use to (hopefully) survive an unplanned free fall from at least 15,000 feet. I'm not sure if any of the suggestions would actually work but hey, if you're falling from 35,000 feet it wouldn't hurt to try.

Saturday, September 10, 2005

The Story of the Vivian Girls, in What is Known as the Realms of the Unreal, of the Glandeco-Angelinnian War Storm, as caused by the Child Slave Rebellion

My Netflix queue was getting a bit low, so I started looking for more films to add. Okay, more documentaries, as I haven't been in a mood to watch fiction for some time now. During my search, I came across In the Realms of the Unreal, a documentary on Henry Darger, a recluse that lived in Chicago, working as a janitor who in his spare time wrote a 15,000 page novel The Story of the Vivian Girls, in What is Known as the Realms of the Unreal, of the Glandeco-Angelinnian War Storm, as caused by the Child Slave Rebellion (the book takes place on a different plant, larger than Earth, about a war that is lead by seven little girls (the Vivian Girls) leading a rebellion against the Glandelinians, who enslave children just for the fun of it). Along with the book he painted over 300 images (may not be work safe as they include nudity) that is considered some of the best examples of outsider art.

He also wrote a 5,000 page autobiography (about 200 pages cover his life—after that it goes non-linear into wild flights of fancy) and an 8,000 page sequel to The Story of the Vivian Girls, in What is Known as the Realms of the Unreal, of the Glandeco-Angelinnian War Storm, as caused by the Child Slave Rebellion nominally named Further Adventures in Chicago: Crazy House which continue the adventures of the Vivian Girls in Darger's native Chicago (it was never given a title by Darger).

It's not clear if Henry Darger was insane or not—clearly he didn't fit in with society, living along in a one room apartment with his only employment being as a janitor, with no friends at all. His childhood was horrible—his mother died during childbirth when he was three or four (and the sister that was born was given immediately up for adaption—he never saw her again) and at eight, his father sent him to live in an orphanage since he was unable to take care of Henry. He then lived at orphanages and mental institutions until he escaped at 16 or 17. From then on, he worked as a janitor and at night, wrote what is considered the longest novel ever written (I mean, fifteen thousand pages for a single novel—Ayn Rand didn't write a novel that long, and even L. Ron Hubbard's Mission Earth Series is only about half the length of The Story of the Vivian Girls, in What is Known as the Realms of the Unreal, of the Glandeco-Angelinnian War Storm, as caused by the Child Slave Rebellion).

And all of this might have gone unnoticed except his landlord, famed photographer Nation Lerner recognized what he had after his tennent Hanry Darger died (in 1972 or '73). It was clear that Darger never intended anyone to see any of this, and because of that, it has an emotional truthfulness to it (enough such that most that see his artwork feel uncomfortable) and that makes him all the more interesting.

After all that, I just had to see “In the Realms of the Unreal” and added it to my Netflix queue.

Sunday, September 11, 2005

What a cut-up

Instead of watching horror unfolding on TV, I spend most of the morning (between midnight and 7:30 am) making a cake for The Younger. His birthday is later this week but he'll be in Colorado with his Dad so we figured we'd celebrate his birthday today.

I have a copy of Baker's Cut-Up Cake Party Book that's about as old as I am (and apparently, very rare and going for anywhere between $30 to $120 from what I can see) and I thought it might be fun to try to make one of the cakes from the book (I'd make some scans from the book, but I can't locate the power supply for my scanner). I should note that I've never actually made a cake from scratch before. But hey, it can't be that hard, can it?

Famous last words.

The recipe calls for 2½ cups of sifted flour, and I wasn't sure if that was 2½ cups before sifting, or after sifting, so I assumed before sifting. It was quite a pile of flour after sifting and it took on the consistency of dough rather than batter. I did manage to get the stuff wrangled into the cake pan and into the oven for about five minutes before I realized I forgot the most important ingredient—sugar!

See, the recipe said:

Sift flour with baking powder, salt, and sugar.

But in cooking terms, sugar is considered a “wet” ingredient and it's never sifted into the flour but added with the rest of the wet ingredients (or so says Alton Brown); then again, I actually didn't see that I was to sift in the sugar with the flour. In any case, that batch was ruined.

And I was also out of vanilla extract and eggs.

And it's after midnight.

An hour later, after a trip to the nearest Wal★Mart Supercenter I had my missing ingredients. By this time, Spring was home from work, and she informed me that sifted flour was always measured after sifting.

The second attempt went much better.

Once out of the oven, it was time to let it cool for an hour or so before the next stage.

The frosting was uneventful (even if I did have to substitute honey for light corn syrup), but the end result was a metric butload of frosting. Way more than I evern ended up using.

And then the cutting and construction.

In theory, it looked easy. But like all theories, things tend to get messier in practice and this was no different. In the book, the airplane was supposed to have four jet engines, but the actual bits of engine pieces were too small in practice to use. And the tail setion was too heavy to actually stay up without the help of multiple toothpicks (and even then, I had to lob off the top half of the tail). The frosting was thick and sticky and a hellacious pain to spread over the cake.

Now, one of the curious things about the book was the use of shredded coconut in every recipe. I remember as a kid, when Mom would make my birthday cakes they were always slathered in shredded coconut. In fact, I don't recall a single cake made in the 70s that didn't have shredded coconut slathered over the outside. I always wondered about that.

But no more. Shredded coconut plays the same role as plaster popcorn for ceilings—it hides the shoddy application of frosting (or in the case of ceilings—plaster). And the final results weren't that bad, considering it was my first cake and all (and The Younger certainly loved it).

I did end up with enough leftovers to make a rather shapeless mound of cake that The Kids promptly joked was a “crashed airplane.”

Still tastes good though.

Monday, September 12, 2005

Clickity-click

Li Zhuang, Feng Zhou, and Doug Tygar have an interesting new paper showing that if you have an audio recording of somebody typing on an ordinary computer keyboard for fifteen minutes or so, you can figure out everything they typed. The idea is that different keys tend to make slightly different sounds, and although you don't know in advance which keys make which sounds, you can use machine learning to figure that out, assuming that the person is mostly typing English text. (Presumably it would work for other languages too.)

Via Robot Wisdom, Acoustic Snooping on Typed Information

I may have to rethink the keyboards I use …

Wednesday, September 14, 2005

Paths

I just noticed something that at first seemed very odd, but as I think on it, it does make sense, but it's not intuitive at first (at least to me).

I did three traceroutes from Casa New Jersey. The first to my workstation (in one network block), the second to the office firewall/router (in a second network block) and the third to the company router (in yet a different network block). I would have expected all three to take a similar path through the Internet, but the practice was different than theory. In the diagram below, the top circle represents my computer at home, and the blue path goes to my workstation, the black path to the firewall and the red path to the company router:

Why the (in one case, wildly) different routes?

Because each destination is in a different block of IP address, each of which is handled differently in different carriers due to different peering arrangements—the office block is owned by one of our providers, the firewall block is owned by Smirk (he managed to snag a Class-C network block a long time ago) and the company firewall block is owned by another of our providers.

But that still doesn't explain this though:

The blue one is again from my home computer to my workstation (and yes, there are two additional hops in this one—perhaps some routing changed between the time I made the two images) but the other one, the red one, is to another machine here at the office—the IP address of my workstation is XXX.YYY.224.11 and the other machine is XXX.YYY.227.9, so while technically they're in different Class-C networks (a “/24”) they're routed to us as a “superblock” (a technical networking term) of /20. But as to why the wildly diverging paths, I don't know.

---

More Paths

We control IP addresses XXX.YYY.224.0 through XXX.YYY.239.255 and as I mentioned, not all the addresses in that range follow the same path from my home computer to the office. I was curious so I decided to map the paths:

This image shows the overall paths, with the double circles the termination points of the various IPs and as far as I can tell, it looks like the “/20” we have is being routed as 16 individual “/24” networks (aka “Class-C”) through out different providers (some through one, some through the other).

Curiouser and curiouser …

Friday, September 16, 2005

“We wouldn't want anything ta happen ta da network, now would we”

“I would like to thank you for not keeping your end of the deal and making this upcoming weekend an enjoyable one for me.” The extortionists demanded $75,000, but then seemed to disregard the money. “I do not care how long I have to destroy your business and I will. You will learn the hard way that you do not make a deal and then f*** around with us … Let the games begin.”

Richardson would soon learn they were not bluffing. They could destroy his business, and they were going to try. For BetCris to survive, Lyon's slapdash system in Phoenix, which was just starting to find its purchase, would have to stand up to the biggest DDoS attack any of them had ever seen.

The DNS servers that had overloaded in Phoenix were brought back online in a couple of hours, after Lyon and Wilson adapted some filtering scripts and increased the size of their network pipes.

Lyon then spent Thanksgiving and Friday eating leftover turkey his girlfriend delivered and tweaking his system to absorb bigger DDoS attacks. On Friday, he believed it could handle a 1Gb attack, and he felt good about that. He assured a frayed Richardson that he'd never see an attack that big. It would take tens of thousands of zombie computers.

Which is exactly what happened. It turns out the extortionists had more than 20,000 zombies. PureGig's data center suffered badly, which affected several of its ISP customers. PureGig decided to take Lyon's system offline to fix it.

“The attack went to 1.5Gb, with bursts up to 3Gb. It wasn't targeted at one thing. It was going to routers, DNS servers, mail servers, websites. It was like a battlefield, where there's an explosion over here, then over there, then it's quiet, then another explosion somewhere else,” says Lyon. “They threw everything they had at us. I was just in shock.”

How a Bookmaker and a Whiz Kid Took On an Extortionist

I've dealt with this type of attack before, but not to this extent. It's scary to think that not only are these attacks getting more sophisticated, but larger in scope, with twenty, thirty, fourty thousand zombie machines (machines the crackers control) sending bogus traffic to a target site.

Smirk is having me do more network related jobs here at The Company with an eye to prevent such attacks (or suvive such attacks) but it looks like it takes a huge infrastructure to fend off these things. G has mentioned that Cisco has configuration options in their routers to help fend off this stuff, and I suspect it's within the several feet of documentation he left behind. Looks like I'll be spending quite a bit of time reading up on this.

Monday, September 19, 2005

Crisis over, God forgotten

Ah, nothing like an unplanned test of the backup generator this fine Monday afternoon. But better now than during an actual hurricane.

---

Another story about backup generators

I'm actually surprised I didn't write about this, but I can't find it, so I must not have.

Back in 2000, when I worked for Negiyo on third shift, the power goes out and the backup generator kicks in. That's all fine and good, but the fact that the power went out caused all the sysadmins to scury around trying to figure out what caused the power outage. The weather wasn't bad and as far as anyone knew, FPL wasn't having any problems in the area.

Turns out that it was a planned outage to test the backup generators. The management company of the property had sent notice to Negiyo about the planned outage, but the secretary who received the notification promptly discarded it, forgot about it, or lost it, so no one else in Negiyo had a clue.

It was an amusing night.

Thursday, September 22, 2005

An overheard technical support phone call conversation, including sound effects

“Welcome to The Monopolistic Phone Company Technical Support. [They actually never said the company name—my bad. —Editor] Your call may be monitored for quality assurance. The expected hold time is currently 1 minute. Please wait for the next available—”

“Hello, this is Bob, how may—” click.

“Hello? Hello? Bob? Are you there Bob? Bob?”

“Welcome to The Monopolistic Phone Company Technical Support. Your call may be monitored for quality assurance. The expecte—”

“Hello, this is Bob, how may I help you?”

“One of our clients is trying to send email to mpc.example.net and your email servers are rejecting the traffic from our customer's machine. ”

“So you can't get your email?”

“No. One of our clients is trying to send email to one of your customers and the connection is being dropped. I checked from another one of our servers on a different block of IP addresses, and was able to send a message sucessfully. I then checked from a machine I have access to in Boston, and I was able to sucessfully send a message. But not from our client's machine.”

“So your client can't get his email?”

“No. Our client. Wants to. Send. Email. To one of. Your customers!” (cue FX of Star Trek fight music) “Your. Email server. Refusing. Connections.”

“Let me check something.” (cue FX of Girl from Ipanema) “Tell your customer to check his firewall or viral software configuration and have it pass through the traffic.”

“It's not a firewall or viral software because there isn't a firewall or viral software to check the configuration on, but if you like, I'll lie and say that I've already checked that and that's not the issue. The issue is that The Monopolistic Phone Company's mail servers are refusing the connection from our client's email server.”

“Hold on.” (cue FX of more Girl from Ipanema) “The Monopolistic Phone Company does not block any traffic of any of our clients—”

“It's connections to your network!”

“Oh. Um. Please hold.” (cue FX of 70s porn music) “Sir?”

“Yes, I'm here. We were discussing The Monopolistic Phone Company blocking network traffic.”

“The Monopolistic Phone Company does not block incoming network traffic.”

“Okay.”

“And if your client is having troubles with email—”

“Could you please repeat back the problem then?”

“Um … ”

“Humor me. Please.”

“Your client cannot send email to our client.”

“Basically yes. I'm trying to find out if you have implemented anti-spam measures, one of which is blocking IP address, and if so, have our client's IP address removed from the anti-spam block.”

“Well, I just read that our company is starting to roll out such a feature so I'll have to investigate to see if it's in affect. So can I have your name?”

“Yes. It's Sean Conner. I work for The Company and our phone number is 515-555-1234. My email address is ‘sean@conman.org’.”

“Thank you sir. We'll contact you in a few hours.”

“Can I get the ticket number for this?”

“The what?”

“Ticket number. So when I call back, I can say this is in reference to ticket number so-n-so.”

“When you call back, just say you talked to Bob at Dialup Support. I'm afraid we're using a new ticket system and I get the ticket number.”

“Oh.”

“Oh wait … please hold.” (cue FX of theme from The God Father) “Sorry, here's the ticket number. In just. A. Second. It's TMPC000666000FU.”

“That's ‘tango mike papa charlie zero zero zero six six six zero zero zero foxtrot uniform,’ right?”

“Yes.”

“Thank you.”

“I'll look into this and email you a report in a few hours. And thank you for calling The Monopolistic Phone Company Dialup Technical Support Line.”

“You're welcome.”

Click.

Friday, September 23, 2005

Ping-pong by phone

There have been some “issues” with the T-1 to one of our customers—basically, every 8 to 15 seconds it gets a burst of errors, thus degrading the actual bandwith of the circuit. It's less of an issue since the wireless connection there is working (redundant paths) but still, it's an issue that needs to be resolved.

Over the past two weeks it's been phone ping-pong. I call The Monopolistic Phone Company Business Technical Support Repair line to have the line tested. The Monopolistic Phone Company does a line test on the T-1 and says it's clear. I call back saying no it's not. They return the call saying yes it is. No it isn't. Yes it is, can you test out to the DSU? Ohhh look, we get errors, we'll do some more testing tomorrow (this was said yesterday).

So starting at about 8:00 this morning, and every half our or so thereafter until 10:30 The Monopolistic Phone Company called me (on my cell—yes, I gave them that number) with status updates which basically boils down to: “we can't actually seem to locate the error.” It could be between the DSU and the DMARK (on the customer side), the DMARK and the CO (on the customer side), somewhere within the CO, or between the CO and the DMARK (on our side) or the DMARK and the DSU (on our side).

Note: I usually don't get up until 11:00 am.

Ick.

They're supposed to call in a few minutes with an update, but I'll give them another fifteen minutes or so before calling them.

---

More overheard technical support phone call conversations

“Your call may be monitored for quality assurance. The expected hold time is currently 1 minute. Please wait for the next available represenative.”

“Hello, this is Bob. Not the same Bob as you called yesterday, but still, just call me Bob. [I should mention this was a very perky Bob. —Editor] How may I help you?”

“I'm calling in reference to ticket number ‘tango mike papa charlie zero zero zero six six six zero zero zero foxtrot uniform.’”

“And whom am I speaking to today?”

“This is Sean.”

“Okay, Mr. Sean, if you can please hold while I review your ticket.”

“Okay.” (cue FX of Girl from Ipanema)

“Thank you for holding, Mr. Sean. I didn't understand a word that Bob wrote yesterday but I gather it has something to do with sending email.”

“That's the gist of it.”

“Can you please send an email message to [garbled]?”

“What was that?”

“[garbled]”

(cue montage of Sean roaming around the office looking for a quiet place to write down the email message—many minutes go by while this happens)

“Oh! It's testmyemail@mpc.example.net!”

“Yes Mr. Sean. From that the email company department can diagnose what happens.”

“Please hold on a second, I can test this right now.”

“Okay.”

“Yup, just like I said, it won't get through because your The Monopolistic Phone Company's email server is dropping the connection from this particular server.”

“So it's a networking issue?”

“No, because I can get to The Monopolistic Phone Company's email server from other computers.”

“Oh. Well then, just send a message to testmyemail@mpc.example.net explaining the situation and they'll be able to handle it.”

“Okay, can I include the ticket number?”

“Yes.”

“Okay, thank you.”

“You're welcome Mr. Sean! Thank you for calling The Monopolistic Phone Company Dialup Support Line.”

Click.

---

You know … like James Bond.

“Hi! This is Michelle from 97.3 WKRP The Party-Hearty Hip-Hop Happening Radio Station! Who am I speaking to?”

“Hello. This is Sean.”

“Sean. Is that S-H-A-U-N?”

“No, it's S-E-A-N.”

“Oh.” I could hear the disappointment in her voice. The call went downhill from there. No big deal—it was a marketing call anyway.

Saturday, September 24, 2005

The Law of Barnum

“There's a sucker born every minute.”

—David Hannum (and not P. T. Barnum)

I'm looking at the Million Dollar Home Page, where each of one million pixels are for sale for $1 a piece ($100 minimum in a 10×10 block) and I'm simply appalled. The student has so far sold over 120,000 pixels.

I'm not appalled that people are stupid enough to buy pixels for a buck a pop. I'm not appalled that Alex Tew (the student running the site) has made over $120,000 since August 26^th. I'm not even appalled by the garish looking picture of the million pixels.

No, I'm appalled that I didn't think of this first!

---

Director's Commentary for “More overheard technical support phone call conversations”

Hi. This is Sean Conner, director of “More overheard technical support phone call conversations” and you are listening … well … reading actually, the director's commentary.

The intent was to start in medias res with a tech support call I had to make to The Monopolistic Phone Company. The situation is that The Monopolistic Phone Company was blocking one of our client's email servers from sending email to their customers at mpc.example.net. There was every indication that The Monopolistic Phone Company was simply dropping the traffic as an anti-spam measure, since other servers we had could send mail to users of The Monopolistic Phone Company. This is my second attempt at resolving the situation.

We begin after I placed the call and the phone is answered.

Compuer: “Your call may be monitored for quality assurance. The expected hold time is currently 1 minute. Please wait for the next available represenative.”

Bob: “Hello, this is Bob. Not the same Bob as you called yesterday, but still, just call me Bob. [I should mention this was a very perky Bob. —Editor] How may I help you?”

For this version, I'm including who's doing the speaking. Originally (in my conceit) I had thought that who was speaking would be apparent, but if you scan the entry too fast it might not be apparent.

Also, the “Bob” I spoke to was female and very chipper.

Why are tech support reps called “Bob?”

All tech support personal are called “Bob”. (Female support personnel have an option on “Bobette”, as they feel appropriate). This has nothing to do with “Bob”, the Divine Drilling Equipment Salesman and the Church of the SubGenius. Nor it is “Brother Of BOFH” (although that's smart sidewise thinking, which is good). The real story of Bob can finally be revealed …

The time: August 1995. The place: Demon Internet, Support Department. A large number of new victims|Wrecruits were due to arrive, and it was observed that there would be much duplication of names. To ease the confusion, it was decided that all support techs would henceforth be known as “Bob”, and identity badges were created labelled “Bob 1” and “Bob 2”. (No, we never got any further).

The reason for “Bob” rather than anything else is due to a luser calling and asking to speak to “Bob”, despite the fact that no “Bob” was currently working for Tech Support. Since we all know “the customer is always right”, there had to be at least one “Bob”, just in case.

Just a little sillyness, but it snowballed. Shift leaders and managers began to refer to their groups of ‘bobs’. Whole ranks of support machines were set up (and still exist in the DNS) as bob1 through bob[lots].

Then came a.t-s.r, and it was filled with Demon support personnel. They all referred to themselves, and to others, as ‘bob’, and after a while it caught on.

Just one of those strange things, I guess …

alt.tech- support.recovery FAQ (acronym expansion and links added)

Anyway, back to the film entry …

Me: “I'm calling in reference to ticket number ‘tango mike papa charlie zero zero zero six six six zero zero zero foxtrot uniform.’”

Bob: “And whom am I speaking to today?”

Me: “This is Sean.”

Bob: “Okay, Mr. Sean, if you can please hold while I review your ticket.”

Yes, she kept calling me “Mr. Sean” throughout the rest of the conversation. It weirded me out a bit as “Sean” is my first name, and it just sounds wierd to be called “Mr. Sean.”

Me: “Okay.” (cue FX of Girl from Ipanema)

Bob: “Thank you for holding, Mr. Sean. I didn't understand a word that Bob wrote yesterday but I gather it has something to do with sending email.”

Me: “That's the gist of it.”

Bob: “Can you please send an email message to [garbled]?”

Me: “What was that?”

At this point in the conversation I was in the Data Center near the back where the three A/C units are stored. I am unable to log into the server from my desk, due to the say sshd is configured on this particular server so in order to at least half-heartedly carry out her instructions, I need to be logged in. It's quite loud in the back of the Data Center room, and the headset isn't making matters better.

She's trying to spell out the email address and for the life of me, I couldn't tell if she was saying “tee” or “dee” or “Zimbabwe.” I kept having to ask her to start over.

Bob: “[garbled]”

(cue montage of Sean roaming around the office looking for a quiet place to write down the email message—many minutes go by while this happens)

I ended up leaving both the office and Data Center before I could decypher what she was trying to spell. Now, remember, in the original version, I didn't include who was saying what, hoping that it would be self-evident.

Guess not.

Me: “Oh! It's testmyemail@mpc.example.net!”

Bob: “Yes Mr. Sean. From that the email company department can diagnose what happens.”

In reality, the “Bob” of yesterday made this mistake, not today's “Bob.” I know for a fact that The Monopolistic Phone Company's business webhosting is outsourced to Negiyo, so it's not a far stretch to assume that their dialup support is also outsourced.

I should also note that my short term memory is very bad and that I have taken some liberties with the conversation here.

Me: “Please hold on a second, I can test this right now.”

Bob: “Okay.”

Me: “Yup, just like I said, it won't get through because your The Monopolistic Phone Company's email server is dropping the connection from this particular server.”

Bob: “So it's a networking issue?”

Me: “No, because I can get to The Monopolistic Phone Company's email server from other computers.”

I think I actually said something like “there's no connection made, so therefore the email isn't sent and therefore it makes it a moot point to ask the email department [at The Monopolistic Phone Company] to check the email for an error.” I think she was realizing that the scope of the problem was way beyond her abilities to handle.

Bob: “Oh. Well then, just send a message to testmyemail@mpc.example.net explaining the situation and they'll be able to handle it.”

Me: “Okay, can I include the ticket number?”

Bob: “Yes.”

Me: “Okay, thank you.”

Bob: “You're welcome Mr. Sean! Thank you for calling The Monopolistic Phone Company Dialup Support Line.”

Click.

And thus the end of the call.

As Spring and I were discussing this last night, she asked of the email I sent to testmyemail@mpc.example.net included traceroute output and I said no, why should it? The Monopolistic Phone Company is obviously blocking the server as an anti-spam measure. But Spring said that the admins at Negiyo would turn this case down due to lack of evidence. You apparently need not only a smoking gun, finger prints and a bullistics match, but a signed confession to boot before they would grudgingly work on the case. So why would the admins at The Monopolistic Phone Company be any different?

“More overheard technical support phone call conversations”

Producer

Sean Conner

Director

Sean Conner

…

Oh, I see the credits are rolling. I'd like to thank Spring for the inspiration to do this commentary track and for feedback, and you, for taking the time to listen read this.

---

Director's Commentary for “You know … like James Bond”

Hi. This is Sean Conner, director of “You know … like James Bond” and you are listening reading the director's commentary. I'm doing this commentary because Spring found this entry rather confusing. In retrospect, I can see why.

The title of this is an oblique reference to Sean Connery, perhaps best known as the original James Bond. We also have a very similar name, only difference being a lack of an ending ‘Y’ on my name. And in 36 years, it's been surprising how few people make that connection, and persist in mispelling my name (S-H-A-W-N for instance) or mispronouning it (“sē‧awn” perhaps the worst botching of it—by a Drama Teacher no less!).

Anyway, the scene opens in medias res after I had answered the phone with “Technical Support, how may I help you?” (which is were the confusion starts)

Michelle: “Hi! This is Michelle from 97.3 WKRP The Party-Hearty Hip-Hop Happening Radio Station! Who am I speaking to?”

It was a marketing call from some radio station here in Lower Sheol—I honest don't recall which one, so I made one up. There is (I hope) no radio signal on 97.3—surprising given just how crowded our radio spectrum is with Clear Channel drone stations.

Me: “Hello. This is Sean.”

Michelle: “Sean. Is that S-H-A-U-N?”

Me: “No, it's S-E-A-N.”

Michelle: “Oh.” I could hear the disappointment in her voice. The call went downhill from there. No big deal—it was a marking call anyway.

See? Almost no one gets the Sean Connery connection. Okay, granted, here I didn't give my last name, but what with Sean Connery, Sean Penn, Sean Austin (who played Sam Gamgee in the freaking Lord of the Rings Trilogy), Sean Bean (who was also in the freaking Lord of the Rings Trilogy), Sean Combs (okay, granted, he changes his name more often than Madonna changes her persona but still!) and Sean Young (okay, so her heyday was 1982's Blade Runner but she's still active) you'd think people would know how to spell Sean.

Sheesh!

Oh, and yes, there was a glitch. This wasn't a “marking” call, but a “marketing call.” How that one got past the test audience I'll never know.

“You know … like James Bond”

Producer

Sean Conner

Director

Sean Conner

…

Whoops! Credits are rolling! Gotta go. Hope you enjoyed the director's commentary for this film entry.

Monday, September 26, 2005

“You can't handle the request!”

I wish there was some magic word or phrase that would inform the tech support Bob that they are unable to handle my request and that I should be escalated up the tech support food chain. I realize they have a script to follow, but when the caller (me) says things like “Can you repeat the problem back to me? … No, that is not the issue,” that should be a big 'ol clue-by-four that things need to be escalated.

Yes, I'm still trying to resolve the email issue and today's round involved four (4) people across two battling business units (and I think my call ended up in Jamaca—the phone quality was horrible) at The Monopolistic Phone Company. It got to the point where, at one point, I actually screamed at Bob “It has nothing to do with XXXXXXX email configurations! I'll tell you why! Because I log into their server directly. I then check the MX record for mpc.example.net. Oh, it's mx00.mail.example.net and mx01.mail.example.net. I then pick one, say, mx00.mail.example.net and do a telnet mx00.mail.example.net 25, which is the SMTP port. No connection is made. There's no configuration to worry about at this point because the email servers for mpc.example.net are refusing connection.”

It was very quiet on the other end of the phone line after that.

I hated doing it, but the sheer level of … bullheadedness on the other end was just phenomenal. Smirk was feeling guilty about his attacks of schadenfreude, but he's dealt with The Monopolistic Phone Company one too many times.

The final Bob I talked to informed me that I should send email to abuse@mpc.example.net but I kept insisting on some other phone number I could call. Bob⁴ balked at first, but I guess the screaming match I had with Bob³ clued him in and I got both a voice and FAX number.

Smirk however, had dug up other numbers, and those proved more useful. Bob⁵ (of The Monopolistic Phone Company Tech Support Business Email Department) at least asked the right questions.

Curiously enough, when I called back to The Monopolistic Phone Company Dialup Support (the first number I was given) to close out ticket number “tango mike papa charlie zero zero zero six six six zero zero zero foxtrot uniform” Bob⁶ got horribly confused by my request. Apparently no trouble tickets are ever closed at The Monopolistic Phone Company Dialup Support.

Scary.

Tuesday, September 27, 2005

She's leaving on a jet plane

Well, Spring is on her way to Colorado. She'll be there a week before returning with The Younger, who's been spending time with his Dad (who lives in Colorado). The trip to the airport was mostly uneventful (if extreamly early—blech). We did attempt to find a bookstore on the way there, so Spring could pick up A Breath of Snow and Ashes (book umteen of a series Spring got sucked into) but by the time we actually found the store, we were running late and had to skip it.

On the way back, wlofie and The Older decided to stick with me at The Company to save me a trip of driving all the way back home, then back to work. The day at the office was uneventful and once getting home, I had a most refreshing nap.

Wednesday, September 28, 2005

On T-1s, routing and email

The T-1 situation is solved—seems that for the past 5 millions years (according to Smirk, who has done something like 47 million of these things) The Monopolistic Phone Company has always provided the timing signal, so of course our DSU were set to use the timing signal provided by The Monopolistic Phone Company, but for some reason, in the recent past (read: a few weeks ago, possibly to spite us) no longer provide a timing signal for a point-to-point T-1.

The upshot: we now have to provide the timing signal. No big deal, once we figured out that The Monopolistic Phone Company no longer does that.

The company with the T-1 also has a wireless shot with us, and today they wrote in saying it was slow—only 1.1Mpbs to some random speed-testing site deep out into the Internet. I did a test more locally, from their side of the network to our side, using iperf and got a consistent 3.4Mbps—pretty much the maximum through the wireless connection.

Another customer with a wireless called in and he too, reported sub-optimal speeds, again, deep into the Internet. He wasn't in a position to run iperf but a few test pings throughout our network showed no problems. Once he started pinging outside our network to targets deep into the Internet, the speed drop was dramatic. I'm beginning to wonder if some of our routing peers are … problematic.

I'm still trying to resolve the email situation—we're now waiting for a response back from abuse@mpc.example.net and postmaster@mpc.example.net. Last time I checked, Lower Sheol was still hot.

Thursday, September 29, 2005

The Sulfuric Acid Dump Tank

Driving to work this afternoon I saw a sign that said “4-Kids by Kids Carnival” and my initial reaction was if I had kids, there is no way I'd send them to this carnival! I remember being a kid (although Spring might argue that I was never a kid—heck, even my Mom (if she were still alive) might argue that I was never a kid, but I digress) and had I and my friends run a carnival … shudder.

Scene: 7^th grade Gifted™ science class, working on chemestry that quarter. My best friend Hoade and I are sitting in the back of the room, killing ourselves over juvenile science jokes as Ms. Absten (Abston? Abstract? Heck, it's almost twenty-five years since this scene occured) gives us the Evil Eye™.

“Fill a pool up with sulfuric acid,” said Hoade, choking back tears of laughter. “And then the mother-in-law dives in,” I said, also chocking back tears of laughter. “SPLOOSH! Yaaaaaaah!” said Hoade and the both of us would collapse on the floor, convulsing in laughter.

Okay, it wasn't great science humor, like MC Hawking's “All my Shootings be Drivebys” but hey, we were twelve. Twelve year olds have sick humor (remind me to forget about Hoade's “Thumper The Bunny Cartoon” series). Like the time, again in 7^th grade Gifted™ science class Ms. Absten actually let us work with chemicals. There we were, all at a lab station working away. I had to turn away from what I was doing to read something, and as I was looking away, Hoade dumps a test tube full of some liquid on my hand.

Remember, all year we did nothing but make sick jokes about sulfuric acid.

I screamed like a five year old girl and spazzed out trying to work the sink quickly enough to keep my hand from disolving into a puddle of melted flesh. Hoade was on the floor convulsing in laughter and managed to spit out that he dumped plain old water on my hand.

The fact that I'm still friends with him testifies that had I thought of doing that to him first, I would have.

So had my friends and I designed a carnival for other kids (and I should mention, we were in the Gifted Program™—read: social rejects from the rest of the school) we would have a great time watching all the other kids screaming and yelling from say, the Sulfuric Acid Dump Tank, the Burst the Hydrogen Filled (not helium—it's inert) Balloons Tacked to A Stone backboard with Flint Darts or the ever popular Slide of a Thousand Razor Blades (coated with Lemon Juice of course).

Which explains why we never did have a carnival for kids, designed by us kids. Our teachers knew better. And I know better.

---

“You see, we lease this back from the company we sold it to, and that way, it comes under the monthly current budget and not the capital account.”

There was an amusing conversation yesterday between Smirk, G and I, concerning The Monopolistic Phone Company and The Monopolistic Phone Company Union. Smirk mentioned that The Monopolistic Phone Company Union only allowed their technicians six roll-outs per day (basically, six jobs per day) even though one technician admitted to Smirk that they could easily do twice that number of jobs. G explained that the “six roll outs” policy was not mandated by the union, but by The Monopolistic Phone Company to the union, which then told The Monopolistic Phone Company that their employees could only do six roll outs per day (it comes down to a safety issue—The Monopolistic Phone Company does not want their employees rushing between jobs in those white and gray vans, hitting little old ladies or the Boy Scouts leading them across and thus opening them up for litigation).

So The Monopolistic Phone Company told the union to tell them that their own employees could only do six jobs a day.

Okay.

But, as G went on, the union's executives receive their paychecks not from union dues, but from The Monopolistic Phone Company itself. It's not that the union executives have one job with The Monopolistic Phome Company and they do the union executive thing on the side, no. The Monopolistic Phone Company pays the union executives to run the union.

So if you work for The Monopolistic Phone Company, the union you belong to is paid for by The Monopolistic Phone Company.

And as if that weren't surreal enough, the union executives belong not to the union they work for, but for a Monopolistic Phone Company union executive union. Yes, the executives have their own exclusive union. Run and paid for, by—you guessed it—-The Monopolistic Phone Company.

If this sounds like something from Monty Python's Meaning of Life, well … yes. It does.

Except The Monopolistic Phone Company doesn't have a machine that goes “ping.”

---

“If you are having problems with your email, please email us … ”

Still trying to resolve the email issue. I sent email to abuse@mpc.example.net and postmaster@mpc.example.net and this is what I got back:

From: <abuse-bounce@mpc.example.net>
To: <XXXXXXXXXXXX
Subject: Re: Deblock our customer's email server please
Date: Thu, 29 Sep 2005 14:25:17 -0500

Dear Sir or Madam:

This is an AUTO-REPLY to acknowledge that your mail to the Abuse Department of The Monopolistic Phone Company Internet Services has been received and to provide some information on our abuse policies and procedures. Please DO NOT REPLY to this message.

The Monopolistic Phone Company Internet Services does not allow or condone any abuse of our Acceptable Use Policies, and we maintain a “zero tolerance” policy towards spam and network abuse of any kind. Because we take your complaints seriously …

Blah blah blah … okay. Scan past the broiler plate:

Block List issues:

Okay, here we go …

• If you are a Monopolistic Phone Company subscriber and have been listed on a block list, please send an email with the following information to abuse@mpc.example.net : your name, email address, who is blocking you and your contact information. Please put the following in the subject line “Block Request Removal Assistance”, and we will assist you with this matter.

Okay, that's not me. Reading further:

• If you are not a Monopolistic Phone Company subscriber and you believe that The Monopolistic Phone Company Internet Services is blocking your email, please contact your ISP.

Yes! Okay! Only … I'm the bloody ISP! What do I do?

Hacking Complaints:

If you are reporting "hacking" or scans/probes by a Monopolistic Phone Copmany Internet Services subscriber that your firewall is detecting, we need the following …

Aaaaaaah! There's no information for the ISP!

Sigh.

Thank you for taking the time to submit your report to the Abuse Team.

XXXXXXX!

---

“I don't care if you have nothing to do with this, I still want my money!”

The tech support phone rings. I answer it.

“Yes, this is Joe,” said the person. “I just bought a CPU from XXXXXXXXXXXXXX for $105 and I never got it. I tried emailing and calling but no one has responded. I spent a lot of money and I either want the CPU or my money back.”

I felt for the guy, but we're not XXXXXXXXXXXXXX and we don't even host the website in question.

Small digression: The Company partners with another web hosting company (other side of the building) and the data center is jointly run between the two. Yes, we host web sites, but the markets are different so there's little if any competition between us and the other company. Calls to the “data center company” come here.

So while the site is hosted here in the data center, it's actually a customer of the other company, not us. Okay, so back to the story.

“Yes,” said Joe, “I used [a traceroute-like program] and I got XXXXXXXXXXXX [the data center company]. I want my $105 back.” And on and on and on. Joe wouldn't stop talking.

By now, Smirk noticed I was on the phone and not saying much and asked what was up. Muting the phone, I told Smirk what was going on. “Hand me the phone,” he said. I unmuted the phone, broke into Joe's monologing and told him I was transferring him to my manager.

“Hello sir,” said Smirk. “How can I help you?”

Several minutes go by as Joe monologes at Smirk.

“Sir,” said Smirk. “We're a data center. One of our customer's hosts this website—” Smirk is cut short; several minutes go by. “Yes, but we're not … no, sir! Are you listening to me? … We're a data center, and one of our customers is hosting … no, we're just a data center … if you just … let … me … I'll give you a phone number you can call … data center … we have nothing to do with XXXXXXXXXXXXXX … it's a site our customer is hosting … I'm sorry about your $105 but … sir … aw XXXX this,” Smirk said, hanging up the phone.

For Joe, if you ever read this: we tried to help you, but in your anger, you didn't listen to what we were saying as we were trying to steer you in the right direction. Sorry about your money, but tracking people down on the Internet sometimes takes time. Look how long it's taking me to track down someone helpful at The Monopolistic Phone Company …

---

Muntzed the car to death

And how did Muntz get his circuits designed to be so inexpensive? He had several smart design engineers. The story around the industry was that he would wander around to an engineer's workbench and ask, “How's your new circuit coming?”

After a short discussion, Earl would say, “But, you seem to be over- engineering this—I don't think you need this capacitor.” He would reach out with his handy nippers (insulated) that he always carried in his shirt- pocket, and snip out the capacitor in question.

Well, doggone, the picture was still there! Then he would study the schematic some more, and SNIP… SNIP… SNIP. Muntz had made a good guess of how to simplify and cheapen the circuit. Then, usually, he would make one SNIP too many, and the picture or the sound would stop working. He would concede to the designer, “Well, I guess you have to put that last part back in,” and he would walk away. THAT was “Muntzing”—the ability to delete all parts not strictly essential for basic operation. And Muntz took advantage of this story, to whatever extent it may have been true, and he publicized his “uncanny” ability to cut his costs—in yet more televised advertisements.

What's All This Muntzing Stuff, Anyhow?

Reminds me of my friend Bill's father. Bill got the old family car once he got his license (hey, it was a 'Vette … okay, a Che“vette”). Over the years as the car broke down, Bill's father would repair it, and rip out more and more of the engine block. “Don't need this hose,” he'd say, “since it doesn't snow.” Or “don't need this belt, since it never snows.”

Slowly, over time, the engine became more sparse as Bill's Dad work the engine over. Eventually though, the engine became too spare and it broke down just outside of FAU and never ran again.

Bill's Dad might have muntzed the car to death.

Friday, September 30, 2005

Saucers seen over Hollywood

Greetings, my friends. We are all interested in the future, for that is where you and I are going to spend the rest of our lives. And remember, my friends, future events such as these will affect you in the future.

Nothing much here, other than a quote and a screen capture of one of the most well known movies ever made. These two clues should me more than enough (either one alone is more than enough) to figure out which movie. And even if you haven't seen the movie, much like Citizen Kane, you've probably heard of it (and yes, that's an actual quote from the film, my friends).

Monday, October 03, 2005

Ho ho ho

Something I've been meaning to blog about since September 12^th (I think—it may have been since September 5^th). Mondays I do the weekly grocery shopping and while at Costco saw the (sadly) obligatory Christmas decorations on sale.

Sigh.

(meanwhile, I couldn't find any Christmas decorations to link to at the online Costco store, I did however, come across some I wouldn't expect from a warehouse grocery store but then again, Costco doesn't really limit themselves to just groceries)

Tuesday, October 04, 2005

She's arriving on a jet plane

Woot! Spring has returned! She's back from her weeklong vacation doing nothing (and it was all it was cracked up to be) and with her was The Younger, done visiting his Dad for three weeks or so.

It's certainly gotten less quiet all of a sudden.

Wednesday, October 05, 2005

It's squid eyeballs I tell ya!

For Spring, because I know she'll like it (via Flutterby).

---

I could have been worse

“I've got some bad news,” I said to Smirk.

“You know the rules,” he said. “You have to make it sound like good news.”

I thought for a few moments. “We can save electricity by turning off this server,” I said, pointing to one of the boxes in the office.

“It doesn't work?”

“No,” I said.

“It was hacked?” asked Smirk.

“'Fraid so,” I said.

---

I only noticed because the network to the office went down. I could ping other boxes in the office, but couldn't get past the firewall. I then went into the data center, logged onto one of the servers and yes, I could still get out to the Internet (relief there). But I couldn't ping the firewall from outside.

I then checked the firewall, and it was still up and running. If I unplug the office network, I could ping the firewall from the outside. Plug the office network in, and it gets swamped.

So something on our network was spamming the network.

Spent the next few minutes plugging and unplugging various bits of the office network until I isolated the culprit—the system that monitors the servers and network.

Of course!

It was at that point that I broke the news to Smirk.

---

Once it was unplugged, I start poking the machine and yup, there was this odd process: “./s 202.XXX.XXX.XXX”. It was pretty easy to locate the actual executable under /dev/shm/http/, which is normally not a place for executables. The process was running as the apache user, and the files under /dev/shm/http were owned by apache, which to me, is a rather obvious clue that it was Apache was the vector of the exploit.

Among the files in /dev/shm/http/ were configuration files to a hacked IRC bot (which was named s) and some other program (named httpd—not sure what that was) and a few scripts to start things up and to clean the log files (which the cracker had not bothered to run). The hacked up IRC bot would just sit there until commanded to participate in a DDoS attack, which obviously was the cause of the sudden network activity, aimed at a site in Japan.

But how? How did this person get in?

More poking around the system lead to a rather curious request just a few minutes before I lost network connectivity (due to the firewall being swamped)—it was a request to Cacti, a data storage and graphic package with a web based interface written in PHP (why does that not surprise me?). It seems we had fallen prey to a Raxnet Cacti graph_image.php Remote Command Execution Exploit, which basically means the cracker was able to send a command to the server, in this case, a command that would download a perl script and execute it, opening up a shell to a remote connection. It was through this that the hacked programs were uploaded and started.

Fortunately, this is the only system running Cacti, and second, there was no trust mechanism to any other machine on the network from this machine. And third, this is a machine that we only log in to, never log in from, so any damage was limited to just this machine.

On the bright side, it could have been worse.

---

Tracking Spam Stock

On May 5th, 2005 (05/05/05 spooky!) I set out to determine just how much money I could lose by trusting SPAM.

What if I purchased 1000 shares of stock from EVERY stock tip mentioned in a SPAM email? Could we all really be missing out on a great opportunity?

Of course, I don't have the money to actually waste on an experiment like this. I made this little web site to keep track of the value of those stocks … without my actually purchasing anything.

Via Jason Kottke, Spam Stock Tracker

I did a bit of stock trading back during the Internet Boom (and made enough to get a car and take it easy for a while, more due to timing than skill) so it's pretty easy to see the scam here (and yes, I get these stock spams too). A scammer buys a penny stock (a large volume of penny stock), hawks it like there's no tomorrow (because, really, there isn't) and sells it as soon as it upticks a few cents.

One thing to note: I thought that I would realize temporary windfalls on all penny stocks, but then see big losses. Instead almost ALL of those stocks I added went up a few cents max, then dropped like flies the next day. So much for short term gains.

Spam Stock Tracker

One thing to consider—these are cheap! Picking one from his list, HTSC.PK. Purchase price was 19¢ per share. Even if it goes up 3¢, for 20,000 shares ($3,800) that's still $600 profit, and two such trades per week isn't that bad a take (and the Spam Stock Tracker “bought” it at 19¢ the spammer probably got it for a cent or two less).

An interesting strategy might be to “buy” the stock early in the morning, then “sell” just before the markets close the same day, and see how well one does.

Thursday, October 06, 2005

Tracking Spam Stock II

When I wrote about the stock spams last night, I had absolutely no examples to give. But lo', I didn't have to wait long—over night I received sixteen examples, most of them reading like:

From: cristi Astley <hroxy@abrobrinha.com>
To: (one of my domain contact email addresses)
Subject: H0t Pick Witth Results!_unsprayed
Date: Thu, 06 Oct 2005 01:41:50 -0600

cristi_dryad

WallStreet Profit Picks IGTS . PK
For This Weeks Mover!

First we would like to say Thank You to all of our avid readers! We have had great success over the last few months and have become one of the most wide|y read investment newsletters in the wor|d. We have accomplished this by providing timely, accurate financial information with proven results and great returns 250 to 600 percent on every pick!

Ticker:_IGTS. Pk
Last_Trade:_. O1
Projected_Price:_. 20
Return_Level:_Very_High

Intelligent Sports taps into national franchise company, LMM Group, Inc., to set the framework for expanding nationally …

Watch IGTS . PK trade All Week Long Starting today, Be sure to get in on it and have a great payday with our other members, before the company launches a huge promotion at the end of the week! This Friday coming up the company will be launchig a massive marketing campaign with more great news to be released and next week should be over 15 to 25 cents so get in now at one cent and have a great return!

xeroxed worthier starving free
painless,

pierce undoubted thinnish nonzero
peruvian.

Lots of hype. Lots of spammy influences too.

So, out of these sixteen spams I got today, only four different stocks were being hawked. I checked them out and made a few guesses as to when the spammers may have bought the stock (I assumed the lowest price during the past five days).

Spam Stocks being hawked this week

Symbol	# spams received	Price quoted in spam	Closing price today	Possible Spammer price	High over past five days
CWTD.OB	7	2.03	2.10	1.95	2.15
ASCE.PK	2	0.80–0.90	0.85	0.75	0.90
CEOA.PK	6	3.00	3.05	2.75	4.10
IGTS.PK	1	0.010	0.021	0.006	0.024
				0.016	0.021

That last stock, IGTS.PK, had two spikes in the past five days, so for that one, I'm including both spikes. Also, it's that last one that offers the most profit of all the stocks, simply because of the sheer volume of stock one can get cheaply.

Hypothetical profits from each stock, buying at most $1,000.00 worth of each

Symbol	# Shares	Buy cost	Sell amount	Profit
CWTD.OB	512	998.40	1,100.80	102.40
ASCE.PK	1,333	999.75	1,199.70	199.95
CEOA.PK	363	998.25	1,488.30	490.05
IGTS.PK	166,666	1,000.00	3,999.98	2,999.98
	62,500	1,000.00	1,312.50	312.50

So, buy some cheap penny stocks, send out a few million spams and wait a day or so for the price to rise, then sell. Two or three trades a week and you can make a decent living it looks like.

Until that is, the SEC comes knocking. Or the IRS. Or the net.cops.

I'll be interesting to watch these stocks over the next few days to see what happens.

Friday, October 07, 2005

More tracking stock spam

Since yesterday, I've recieved yet another 9 stock spams, three for GBIC.PK, three for AXCP.PK, two for TOTG.OB and one still hawking for CEOA.PK. The ones I started tracking yesterday have pretty much flatlined, while the new ones today appear to have picked up a bit, but I expect them too, to level off.

Looking at the graphs over the past five days, you can almost get a feel for when the spammer may have bought the stock (usually a large volume with a good price inrease) but what's not so easy to pick out is when the spammer sold the stock (and for the case of CEOA.PK, I suspect the spammer is still trying to get movement on that, or this spamming engine is way behind).

I'm guessing that even if one where to try to outguess the stock spammers at their own game, it won't be easy. Another thought I had, in relation to the obscenely cheap penny stocks—wouldn't the very act of buying, say, 200,000 shares cause the price to raise? At which point, sell. Even if the act may only rise the price ½¢ it's still a $1,000 profit. But, in thinking more about this, if that were true, wouldn't more people engage in that? Or am I discounting the amount of greed in stock traders?

Saturday, October 08, 2005

The Good with The Bad

The Good Thing™ about the Internet: there are no editors to get in the way.

The Bad Thing™ about the Internet: there are no editors to get in the way (via Eric Burns, so blame him).

Monday, October 10, 2005

Oh. Today was a holiday.

Tuesday, October 11, 2005

The Better-Half of my Day Yesterday

Gah.

At least today is turning out to be a much better day than yesterday.

Yesterday, I had the distinct pleasure of learning just how braindead a Riverstone Networks RS 3000 switch/router can be (and that is a post unto itself).

I also had the distinct pleasure of renumbering (assigning new IP addresses) a thousand sites (literally—I ended up renumbering 1,200 websites), a process that didn't go quite as smoothly as I had wished. This mess started about two weeks ago when R (I manage a few servers for him) informed me that his largest customer (who has the aformentioned 1,200 websites) wanted distinct IP addresses for each one. That meant I first had to secure enough IP addresses and get them routed to the server, which took most of the time.

Meanwhile, I was sent a list of sites from the customer, which was smaller (by about oh … 300 or so) than the actual list of sites on the webserver. So now I had to reconsile both my list and the customer list. I ended up with five lists:

1. sites that were in both lists
2. sites that I need to add
3. sites that I had, but the customer didn't list
4. sites that had expired (domain registration expired)
5. sites that were no longer hosted with us (found via DNS queries)

Then there was the back-and-forth exchange with the customer that boiled down to: keep all sites (even expired and those that no longer point to the server) and give as many sites their own IP address as possible (I ended up giving the first two lists their own IP, with the last three lists sharing a few addresses).

Then last night was the Great Renumbering.

One thousand (plus) sites. Five lists. Making sure I keep a record of which site gets which address. And yes, it was rough. I started at 2:00 am (technically very early this morning) and ended at around 3:30 am, spending the hour and a half running custom Perl scripts, generating DNS zone files and an Apache configuration file. Messed up a few times—mixing up two lists, forgetting to update the serial number in a zone file, simple mistakes like that.

Then at 7:30 am I get a call from the customer. A couple of domains seem to be down. Stumble over to the computer, log into the server, and find out that I forgot to run one of the lists (no wonder the new configuration file seemed a bit small). Oh, and DNS for a few domains was borked (about six zones out of 1,200 had some custom records). I was surprised at how few sites got broken during the process (and given that the customer was confused about what sites where active, it's even more amazing).

But man, am I tirezzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

---

Riverstone Networks RS 3000 sucks!

See, yesterday, all I wanted to do was assign an unused port on the Riverstone Networks RS 3000 from one VLAN to another. Actually, two unused ports, but it's something that, for a switch, should be rather uncomplicated.

Now, the Riverstone Networks RS 3000 works much like a Cisco router—you log in and can type commands at the command line prompt, and even change the configuration through the command line. It will even walk you through the command lines, showing you which options are valid at any point in the command line.

It will even allow you to group ports together into a command. For instance, on our Riverstone Networks RS 3000, a default setting for all the ports are set with one command:

port set et.(1-2).(1-16) speed 100mbps duplex full auto-negotiation off

This sets all 16 ports on the two Ethernet modules to a known setting. And if you need to set a port differently, well …

port set et.(1-2).(1-16) speed 100mbps duplex full auto-negotiation off
port set et.2.8 speed 10mbps duplex half auto-negotiation off
port set et.1.3 auto-negotiation on

So you can set a default, then override later on in the configuration.

The same is true for the port descriptions:

port description et.(1-2).(1-16) "UNUSED"
port description et.1.1 "ns1.example.net"
port description et.1.2 "LINK to switch FOO"
port description et.1.3 "ns2.example.net"

Pretty simple so far (but our hero is walking through an empty house, and finds the stairs to the basement—the audience is shouting at the hero not to go down the stairs. Of course he does).

And the creation of a VLAN is also straight forward:

vlan create TheCompanyVLAN1 port-based id 500
vlan create TheCompanyVLAN2 port-based id 501

This associates a human readable name to a numeric ID that VLANs use. Again, straightforward. You can even assign a block of IP addresses to a VLAN quite simply:

interface create ip TheCompanyVLAN1 address-netmask 10.10.10.1/24 vlan TheCompanyVLAN1
interface create ip TheCompanyVLAN2 address-netmask 10.10.20.1/24 vlan TheCompanyVLAN2

This will automagically set up routing between the two VLANs so far thus defined.

Now, here's where things get interesting. You can assign ports to a VLAN simply enough:

vlan add ports et.(1-2).(1-16) to TheCompanyVLAN1

This assigns all the ports on the Riverstone Networks RS 3000 to VLAN TheCompanyVLAN1. So just like the port speeds and descriptions, it so far looks like you can assign a default VLAN to each port, and then override it futher down in the configuation:

vlan add ports et.(1-2).(1-16) to TheCompanyVLAN1
vlan add ports et.1.4 to TheCompanyVLAN2
vlan add ports et.2.4 to TheCompanyVLAN2

One would think that, but one would be horribly wrong! Muahahahahahahahahahahahahahahaha! YOU CAN'T DO THAT! Muahahahahahahahahahaha! (and here the hero has his face eaten off by a zombie—the audience is going “told you so! Told you not to go into that basement!”)

Try to do that, and the Riverstone Networks RS 3000 will complain bitterly about ports et.1.4 and et.2.4 belonging to VLAN TheCompanyVLAN1. You just can't assigned a default VLAN, then reassign it later (unless it's a trunk port, but then a a trunked port can be assigned to multiple VLANs, and I didn't want that). No, you have to assign each port once to a VLAN.

So, one may then attempt:

comment out vlan add ports et.(1-2).(1-16) to TheCompanyVLAN1
vlan add ports et.(1-2).(1-3) to TheCompanyVLAN1
vlan add ports et.(1-2).(5-16) to The CompanyVLAN1
vlan add ports et.1.4 to TheCompanyVLAN2
vlan add ports et.2.4 to TheCompanyVLAN2

BUT YOU'RE SCREWED! The Riverstone Networks RS 3000 will complain about the ports already being part of TheCompanyVLAN1 so it'll ignore the reassignments of the ports to the same VLAN, it'll bitch about ports et.1.4 and et.2.4 being reassigned, but since you commented out the line that assigns all the ports to TheCompanyVLAN1, it'll then nock the ports out of that VLAN (and here, the hero is now a shambling zombie, stalking his girlfriend to eat her face off).

And if you're unlucky, you'll do this on a live network.

And then all the phones on your desk will start ringing off the hook.

And your cell phone will start ringing.

And you're running around, trying to figure out why the network suddenly took a dump when all you're doing to trying to reconfigure two unused ports to a new VLAN.

Did I mention the part about being screwed?

No, apparently, what you have to do is

comment out vlan add ports et.(1-2).(1-16) to TheCompanyVLAN1
vlan add ports et.(1-2).(1-3) to TheCompanyVLAN1
vlan add ports et.(1-2).(5-16) to The CompanyVLAN1
vlan add ports et.1.4 to TheCompanyVLAN1
vlan add ports et.2.4 to TheCompanyVLAN1

And ignore any warnings that the Riverstone Networks RS 3000 may throw at you, and then check to see if all the ports are set correctly:

RS3000BrainDeathRouter# vlan show
VID VLAN Name       Used For                     Ports
--- --------------- ---------------------------- -----------------------
1   DEFAULT         IP,IPX,ATALK,DEC,SNA,IPv6,L2
500 TheCompanyVLAN1 IP,IPX,ATALK,DEC,SNA,IPv6,L2 et.1.(1-16),et.2.(1-16)

Then go back into the configuration and comment out the two ports:

comment out vlan add ports et.1.4 to TheCompanyVLAN1
comment out vlan add ports et.2.4 to TheCompanyVLAN1

And check to see if that took:

RS3000BrainDeathRouter# vlan show
VID VLAN Name       Used For                     Ports
--- --------------- ---------------------------- -----------------------
1   DEFAULT         IP,IPX,ATALK,DEC,SNA,IPv6,L2 et.1.4,et.2.4
500 TheCompanyVLAN1 IP,IPX,ATALK,DEC,SNA,IPv6,L2 et.1.(1-3,5-16),et.2.(1-3,5-16)

Then bounce back into the configuation, and add the two ports to the other VLAN:

vlan add ports et.1.4 to TheCompanyVLAN2
vlan add ports et.2.4 to TheCompanyVLAN2

And if you're lucky:

RS3000BrainDeathRouter# vlan show
VID VLAN Name       Used For                     Ports
--- --------------- ---------------------------- -----------------------
1   DEFAULT         IP,IPX,ATALK,DEC,SNA,IPv6,L2
500 TheCompanyVLAN1 IP,IPX,ATALK,DEC,SNA,IPv6,L2 et.1.(1-3,5-16),et.2.(1-3,5-16)
501 TheCompanyVLAN2 IP,IPX,ATALK,DEC,SNA,IPv6,L2 et.1.4,et.2.4

And if you're not, all the phones on your desk will start ringing off the hook.

And your cell phone will start ringing.

And you're running around, trying to figure out why the network suddenly took a dump when all you're doing to trying to reconfigure two unused ports to a new VLAN (mmmmmmmmmm—brains).

So, the lesson I'm trying to impart here?

Riverstone Networks RS 3000s suck!

But, if you are in the position of having to use them, then you might want to think ill of grouping ports as part of a command and apply each command to each port separately. Then you stand less of a chance of knocking multiple ports off a VLAN.

Oh, and one more thing. Riverstone Networks RS 3000s are not known to boot fast. Oh no. They take their time. They take at least three minutes to fully boot. Three minutes may not seem like a long time, but when all the phones on your desk are ringing and your cell phone is ringing, three minutes is a XXXXXXX ETERNITY! It's even worse if you have to run to the other side of the building to find a computer you can use to log into the Riverstone Networks RS 3000.

Me? Bitter?

Did I mention that the Riverstone Networks RS 3000 sucks?

[Note to Smirk: I'm not saying we should replace the Riverstone Networks RS 3000, since it's there, it runs, and can otherwise handle the traffic we're throwing at it. I'm just venting a bit at the sheer braindeathness of the software running the darned thing.]

---

Cool accessories for your cellphone

What a cool accessory for when your cellphone is ringing off the hook (link via jwz).

Wednesday, October 12, 2005

It's not at all like the Bonnie Situation

Just got a bit closer to resolving the email situation (yes, it's still in the process of being resolved two weeks after it started). I just now received a call from AbuseBob, who works for the Abuse Department at The Monopolistic Phone Company. Nice guy, and he confirmed that not only is the one server being blocked, but that another server our customer has has also sent spam. He would like to work with us, but we need to make sure we're filtering spam before it gets sent to The Monopolistic Phone Company email servers.

But more importantly—I have AbuseBob's phone number!

Monday, October 17, 2005

Star Wreck in the Pirkinning

Spring recieved a copy of Star Wreck in the Pirkinning, a fan-made film parodying both Star Trek and Babylon 5 and answers, once and for all, in a contest between the Federation and the Earth Alliance, who would win.

And for a fan based film, made over the past six years or so, the quality is surprisingly good (especially the special effects, which rival those found on both Star Trek and Babylon 5) and the battle sequence is suspenseful right up until the very end.

Wednesday, October 19, 2005

As much as I hate Debtember, I can't wait for it to come this year

AGREEMENT AMONG THE TRACK GUIDANCE MODELS...WHICH HAD BEEN VERY GOOD
OVER THE PAST COUPLE OF DAYS...HAS COMPLETELY COLLAPSED TODAY. THE
06Z RUNS OF THE GFS...GFDL...AND NOGAPS MODELS ACCELERATED WILMA
RAPIDLY TOWARD NEW ENGLAND UNDER THE INFLUENCE OF A LARGE LOW
PRESSURE SYSTEM IN THE GREAT LAKES REGION. ALL THREE OF THESE
MODELS HAVE BACKED OFF OF THIS SOLUTION...WITH THE GFDL SHOWING AN
EXTREME CHANGE...WITH ITS 5-DAY POSITION SHIFTING A MERE 1650 NMI
FROM ITS PREVIOUS POSITION IN MAINE TO THE WESTERN TIP OF CUBA.
THERE IS ALMOST AS MUCH SPREAD IN THE 5-DAY POSITIONS OF THE 12Z
GFS ENSEMBLE MEMBERS...WHICH RANGE FROM THE YUCATAN TO WELL EAST OF
THE DELMARVA PENINSULA. WHAT THIS ILLUSTRATES IS THE EXTREME
SENSITIVITY OF WILMA'S FUTURE TRACK TO ITS INTERACTION WITH THE
GREAT LAKES LOW. OVER THE PAST COUPLE OF DAYS...WILMA HAS BEEN
MOVING SLIGHTLY TO THE LEFT OR SOUTH OF THE MODEL GUIDANCE...AND
THE LEFT-MOST OF THE GUIDANCE SOLUTIONS ARE NOW SHOWING WILMA
DELAYING OR MISSING THE CONNECTION WITH THE LOW. I HAVE SLOWED THE
OFFICIAL FORECAST JUST A LITTLE BIT AT THIS TIME...BUT IF WILMA
CONTINUES TO MOVE MORE TO THE LEFT THAN EXPECTED...SUBSTANTIAL
CHANGES TO THE OFFICIAL FORECAST MAY HAVE TO BE MADE DOWN THE LINE.
NEEDLESS TO SAY...CONFIDENCE IN THE FORECAST TRACK...ESPECIALLY THE
TIMING...HAS DECREASED CONSIDERABLY.

HUR RICANE WILMA DISCUSSION NUMBER 18

Or in other words … “We have no clue where this thing is going.”

Lovely.

Thursday, October 20, 2005

No, I didn't watch Shaolin Soccer at all …

I stepped into the living room to see what everyone was watching. On the screen, one Chinese guy was jabbering (in Chinese, with English sub-titles) about the applications of Kung-fu on everyday life. “If she knew Kung-fu,” said the guy, pointing to a girl slipping on a banana peel in exagerated slow motion, “she wouldn't fall down.” The other guy, a older man, half drunk and staggering around, wasn't convinced.

I wasn't convinced either, so I stood around, not watching the rest of the film about Shaolin monks playing soccer (see, if I don't sit down, I'm not watching a film, even if I do end up standing around not watching the film to the very end).

It had this quirky humor to it and while the plot was very predictable (a film, about a group of misfits, forming a team, to play some form of sport—not hard to see how this ends) but with such films, it's how the subject matter is presented, and it was good enough to have me stand around not watching the film (okay, I was amused when the two Shaolin Monks were singing at a bar).

Monday, October 24, 2005

“It's … it's headed right for us!”

WILMA IS MOVING TOWARD THE NORTHEAST NEAR 18 MPH...30 KM/HR. A
CONTINUED NORTHEASTWARD MOTION... WITH A GRADUAL INCREASE IN FORWARD
SPEED... IS EXPECTED TONIGHT AND MONDAY. ON THIS TRACK...THE CENTER
OF WILMA IS FORECAST TO MAKE LANDFALL ALONG THE SOUTHWESTERN COAST
OF THE FLORIDA PENINSULA EARLY MONDAY MORNING.  HOWEVER... WILMA IS
A LARGE HURRICANE AND TROPICAL STORM FORCE WINDS WILL REACH THE
FLORIDA PENINSULA WELL BEFORE THE EYE MAKES LANDFALL. THE EASTERN
PORTION OF THE EYEWALL... ACCOMPANIED BY THE STRONGEST WINDS...
WILL REACH THE SOUTHWESTERN COAST OF FLORIDA ABOUT 2 HOURS BEFORE
THE CENTER OF THE LARGE EYE MAKES LANDFALL.

MAXIMUM SUSTAINED WINDS ARE NEAR 115 MPH...185 KM/HR...WITH HIGHER
GUSTS. WILMA IS A CATEGORY THREE HURRICANE ON THE SAFFIR-SIMPSON
SCALE. LITTLE CHANGE IN STRENGTH IS EXPECTED UNTIL LANDFALL OCCURS
...AND WILMA WILL LIKELY MAKE LANDFALL AS A CATEGORY 3 HURRICANE.
SOME SLOW WEAKENING IS FORECAST AS WILMA CROSSES THE SOUTHERN
FLORIDA PENINSULA... BUT THE HURRICANE IS FORECAST TO STILL BE A
SIGNIFICANT CATEGORY TWO HURRICANE BY THE TIME THE CENTER REACHES
THE FLORIDA EAST COAST EARLY MONDAY AFTERNOON.

HURRICANE FORCE WINDS EXTEND OUTWARD UP TO  85 MILES...140 KM...
FROM THE CENTER...AND TROPICAL STORM FORCE WINDS EXTEND OUTWARD UP
TO 230 MILES...370 KM. SUSTAINED TROPICAL STORM-FORCE WINDS ARE
OCCURRING OVER THE YUCATAN CHANNEL... WESTERN CUBA... AND THE LOWER
AND MIDDLE FLORIDA KEYS. THESE WINDS SHOULD REACH THE SOUTHWESTERN
FLORIDA COAST BY MIDNIGHT... WITH HURRICANE-FORCE WINDS REACHING
THE LOWER KEYS AND SOUTHWESTERN FLORIDA COAST BEFORE SUNRISE.

Hur ricane WILMA Public Advisory

The eye of Hurricane Wilma is about 40 miles across. This is one huge storm. And the only thing that comes to mind is “Looks like I picked the wrong week to quit amphetamines.”

---

We survived

We survived Hurricane Wilma. Casa New Jersey weathered the storm nicely (if a bit leaky around two uncaucked windows). In fact, the only thing that took damage were trees and a small ding in my car—from what, I don't know.

We have no power at the moment. I'm at the office right now, making sure everything is running smoothly (Smirk picked me up on the way). Oh, and it's nice and cool now.

More on this (and pictures) once I have more time.

Tuesday, October 25, 2005

Survival, Day 1

There is no need to call to report your outage at this time.

FPL's first full day of restoration gets underway

I supose that if you have read the above, then there is no need to call about your power outage in the first place. But on the first day of restoring power, FPL still has two million customers without power, mainly due to down tramission lines (the huge powerlines running down the middle of the state that power substations).

We're still without power at Casa New Jersey, along with 663,500 other FPL customers. The only reason you're seeing this is because I'm at the data center, which has its own generator. I'm on one of the few Windows servers here, sharing it with P. The Office itself is without power and phone, making for (the most part) a quiet day here, other than the stray office worker asking if they can install a server or have critical people set up a workstation so they can work (three companies so far). The problem is that we're near capacity with the generator and have only two days worth of fuel and we're having to shutdown down non- critical machines. Smirk and J (the other partner in the data center) are off to North Florida on a quest for diesel fuel just in case FPL are unable to restore power to the office building in two days.

So, other than the severe lack of power, a severe shortage of open gas stations and a bazillion trees littering the streets of Boca Raton, things are pretty good.

Wednesday, October 26, 2005

Survival, Day 2

The serious lack of power is really annoying, and not just because I can't get my daily net fix …

Okay, it's because I can't get my daily net fix.

But when the official word from FPL is November 11^th for 95% of customers in Palm Beach County, it's disheartening. Worse still, where we live, we don't have FPL, we have Lake Worth Power which probably just probably resells power from FPL. When I called (and their main number refered me to an 800 number, which when called, just transfered me back to their main number—sigh) they said anywhere from two to six weeks to have power restored. I don't have high hopes to have power back any time soon.

Hopefully the weather will remain nice and cool as it has been since Hurricane Wilma passed.

But we're doing fine so far. Wlofie was able to cobble up a make-shift stove with bricks and the inner rim of a wheel and the stainless carbon steel wok he has is incredibly versatile in what it can do (not only stir fry, but Wlofie was able to cook rice in the thing).

Wlofie is also amazed at the number of people trying to buy charcoal, when all around us is a huge amount of free fuel for the taking. Sure, the wood is still green, but it's usuable (if a bit smokey).

He also had the forsight to buy several lanterns for use as light. They work quite well.

I also kept myself occupied last night by playing around with coroutines on paper. Yes, even without power I'm a power geek.

---

Just passing through

During the first half of the storm:

Our biggest problem durring the first half of the storm were leaks around a few windows—one upstairs and one in the master bedroom. Other than that, nothing horrible happened to the house.

Durring the eye of the hurricane (yes yes, I know, we're not supposed to leave the house durring the eye):

And here's the bamboo in our backyard durring the eye of the storm:

And after the second half of the storm:

There aren't any pictures durring the second half of the storm since I elected at that point to just sleep through the rest. As it happened, the second half had less rain but the wind kicked it up a notch and more damage happened during the second half than the first, with Boca Raton (where I work) getting ravaged:

So that's just a little bit of what we went through.

And the season's not over yet!

Thursday, October 27, 2005

Survival, Day 3

P and I are trading off days to conserve fuel and frankly, with the phone system down at the office (not that I'm complaining about that, but I'm sure our customers are) and the notice that support has been cut back due to Hurricane Wilma, it's been rather quiet in the office.

I've got a power cord running from the data center into the Office so I can use my workstation. I did use a Windows system in the data center on Monday, but given the power situtation, it's dark, noisy, cold and dude! Windows! And since it is cool outside, the temperature inside the office is rather nice. So no real complaints here.

I got into the office around 10 am (yearly yes, but hey, given that there's very little to do at night but sleep … ) and across the street was a line of cars stretching waaaaaaaay back all waiting for free ice.

The company that shares space in our data center has set up operations in the hall outside the data center, since that's still the only room with power and our Office can barely hold three people much less a dozen. It looks remarkably like a blogging conference out there, with temporary tables and everybody busily working away on laptops.

Smirk returned with over 200 gallons of diesel fuel for the generator so we're good as far as fuel goes, but the generator is being watched closely to prevent it from overheating. Smirk also got food for everyone here as he found an open McDonald's across the street from his house (even though his house is still without power).

So things are looking up.

Just wish the power would be restored.

Note: The line for free ice is only now clearning up, at 3:45 pm.

---

Boundless optimism

Found the following email in the support account today. I found it rather amusing.

Stay Safe During Hurricane Wilma

If you are up as early as I am preparing for Wilma … Good Morning!

First and foremost, let me please ask everyone to stay safe and take the necessary precautions to protect your family and property.

The Florida Power Team cares very much about you; we send our warmest wishes to you and your family during this time.

We are all looking for Wilma to blow through quickly so we may all get on with our outstanding, fantastic, passionate, loving, joyful, prosperous, challenging, balanced and fulfilling lives (obviously the list could go on)!

Nice to know someone is being optimistic about this.

Friday, October 28, 2005

Survival, Day 4

Non-office day today.

Earlier Wlofie asked if I liked eggs and could we do something with the dozen and a half we had socked away in the freezer temporary ice chest. I'm not a big egg fan but I do like the occastional omlette or sunny-side up, but not 18 eggs worth of omlette or sunny-side up.

So I suggested Deviled Eggs. Hard boil, cut lengthwise, scoop out the now cooked yoke, mix with mayonnaise and dill, scoop the mixture back into the cut eggs, dust with paprika, eat. It's the only form of egg that I can just keep on eating and with our crew, it didn't last the night.

The kids are going through batteries like you wouldn't believe, what with their various variations on the Game Boy and what not. I found one of their units in the mailbox—apparently they were too lazy to actually take the thing inside while they rode their bicycles.

I'm still working on co-routines to keep myself occupied, keeping the midnight oil burning (in this case, literally—kerosene lamp right on my deskd) as I work through an implementation. It's an interesting concept, a routine that is almost, but not entirely like, a thread but where multiple calls result in the co-routine picking up where it left off and not starting over again. Once we get power back I'll write up a longer entry explaining what I've been working on (since my notes are on my desk at home, and right now I'm at work writing up the past few days).

On Monday night, after Hurricane Wilma blew past, the sky was clear and for the first time since I can remember, the night sky was ablaze with stars, and even the faint Milky Way could be seen stretching across the sky. It was a beautiful sight and one that was repeated Tuesday night. But since Wednesday, the stars are slowly being washed out with the dawn of civilization as power is slowly restored to South Florida.

Saturday, October 29, 2005

Survival, Day 5

For a change of pace, we all got out of the house.

Spring, Wlofie and The Kids went to Negiyo (she to work, they to hang out someplace with power and more importantly, Internet) and I elected to hang out in the office.

Net fix, you see.

Only I didn't get much of a fix.

About an hour later, Smirk and I went out in search of food and petrol and that alone took the better part of two hours. And back at the office, Mark was looking to hang out, so the three of us spent hours talking about various topics, including generators, Negiyo and war stories from FAU. By the time Mark left, it was time to pick up Spring & Co. from Negiyo.

Sunday, October 30, 2005

Survival, Day 6

Still without power.

Sent more bottles out into the open sea, but still, no replies nor ships in sight.

Beginning to hate the taste of coconut.

Spent night with family and friends playing D&D. Fun was had by all.

Monday, October 31, 2005

Survival, Day 7

Got the office machines up and running, then answered the remaining support tickets, and have spent the rest of the day surfing the Internet and really beinging to hate Lake Worth Power. You can tell the border between Lake Worth Power and FPL because on the FPL side it's all lit nice and bright, and on the Lake Worth Power side it's still North Korea.

Sigh.

For Hallow'een this year, Spring (dressed as a drag queen) is taking The Kids (Death and an unemployed Jawa) to the Mall for Trick-or-Treating.

---

Two hurricanes and three lefts

One hurricane knocks a tree down.

Another one knocks it back up.

(links via Sean Tevis)

Tuesday, November 01, 2005

Survival, Day 8

The weater is warming up (Boo! Hiss!). It's also overcast and raining today (Boo! Hiss!).

We're still without power and it's hard to see ever growing glow of civilization and wonder when are we going to get power? Why have you forsaken us? Smirk though, still has no power, and yet has to endure the Vegasequse glare of power from the next street over.

The Kids got bucketfulls of smack candy from Trick-or-Treating last night at the Mall, so we have a week or so of dealing with sugar fueled kids.

Did I mention we still have no power?

Also, it's National Novel Writing Month but given the events of the past week, and the fact that we're still without power at Casa New Jersey, I don't think I'll be signing up for it this year (not like I ever finished the previous years I signed up).

Other than that … not much else to report.

---

Hacks

Oh, I did receive email from an old friend of mine, Bill Lefler, someone I've known since middle school (the only friend I've known longer is Hoade). He wasn't hit so hard this year from Hurricane Wilma, but he did get hit from last year's Four Horsemen of the Hurricanes.

He related this story from last year:

We were out for about a week and and half last year and because we're on a well we had no water flow either. The water in the kiddie pool that we were bathing in was getting kind of nasty by the time my father-in-law showed up with a generator.

Then I decided to contribute to the injury stats by trying to cut my leg off with the chainsaw. I felt like a complete doofus at the emergency room because all they were getting were chainsaw and saw injuries from people not used to doing the that kind of work. It took me a few years of chainsaw experience to get to an injury like that dammit!

What happened is that I let myself get overtired cutting up all the limbs. I was cutting and stepping over the cut branches and had let up on the saw trigger so that it was going from full speed to stop and brought the saw down just when I was stepping forward over a branch. By the way, I was wearing shorts.

I felt the saw hit my leg and I remember a thought process something like this …

“Something just hit my leg.”

“That was the chainsaw hitting my leg.”

“I just hit my leg with the chainsaw.”

“My leg doesn't hurt … so I guess the chain was stopped.”

“I better take a look at my leg to make sure it's ok.” Takes a look at leg in question. “That doesn't look good.”

“Is that what the inside of my leg looks like?”

“Oh crap. I better do something about that leg.”

It was very strange as there was really no pain at all and it wasn't really bleeding, but I had had cut my leg right above the knee about three inches wide and about an inch deep.

To top this all off nobody was home but me and the kids and they were over at the house (luckily outside) several hundred feet away. I called the kids and pinched my leg together to keep everything inside while I hobbled to the barn. I had one of them go get the neighbor and another go get the phone and a washcloth. I was sitting on a chair in the barn when the phone and neighbor arrived (I just wanted an adult there in case I keeled over, but like I said there was really very little bleeding and no pain). Amusingly, one of the kids asked me if was feeling dizzy. “No,” I said. “Well, I am,” he replied.

Anyway, the oldest [kid] called [my wife] (I was still holding my leg closed) and told her that I had cut my leg with the chainsaw. “I'm all right,” I called to the phone several times as he didn't offer her any further explanation. “Tis only a flesh wound,” I added.

I think she set the land-speed record getting home to take me to the emergency room. Incidentally, she had been in the middle of a hair cut which I'm sure made us quite an interesting couple showing up to the hospital.

I got a nice ego boost at the emergency waiting room when I sat down beside some eight year olds holding still holding my own leg shut. “Whoa …” they exclaimed when they found out that I'd chainsawed myself. But in their head I'm sure they were finishing the thought. “… what a doofus!”

Other than that, his family is doing well, and they're in the process of adapoting two girls from Liberia. They were planning on vacationing down here in the Keys, but as Bill relates:

We heard news from the condo on [Key] Marathon. Apparently they had an eight foot surge go through which flattened the condos not on stilts (ours was), did the same for the office, and somehow burned down the clubhouse. (What kind of water-reactive chemical were they storing in there?)

So, I guess they need to rebuild and get occupancy permits again, so that kills our vacation next week.

My guess is that they were storing sodium. But as to why, I don't know.

---

This wouldn't be so bad …

It's been raining all day today.

Which means that the likelyhood of power being restored to Casa New Jersey today has been reduced to about a thousandfold.

And the phone here at The Company has been ringing off the hook, only there's this annoying “beep … beep” at the other end. Not sure what that is, but it's getting about as annoying as the lack of power (okay, I'll shut up about that now).

I've also concluded that while I'm not going to participate in this years National Novel Writing Month, I should however, set the goal of actually writing about my trip to Las Vegas back in July. I have the layout I want to use. And the notes. And the pictures. But none of the actual text. I started to write it, back in late July, early August, but I was approaching the material in a voice not my own and it really showed (awful … just awful stuff).

So screw it. Write it the way I write (and lately, I'm not very enamored with the way I write) and get the thing done this month.

Just as soon as I get power back.

Wednesday, November 02, 2005

Survival, Day 9 (or: The Future's So Bright, I Gotta Wear Shades)

The sky is cloudless. The weather is nice. I was able to get gas with no wait last night. And there's Good News™ about the power situation. But first, I must backtrack a bit.

Back when we lived in The Facility in the Middle of Nowhere, we met Bubba (his real name is Rob, but to keep him straight from Rob the ex-roommate, we'll call him Bubba—he doesn't mind), a nice fellow that still hangs around even though both of us moved away from The Complex. He comes by at least once a week now, at least for the weekly D&D game I hold on Sunday.

Well, this past Sunday, Bubba called Lake Worth Power and posing as the Mayor of Boca Raton, berated Lake Worth Power for their tardiness in restoring power to his friends' house. They told him that power would be restored by Tuesday.

An amusing stunt, but I would only believe it when I see it.

Well, Tuesday (while I was at work) FPL stopped by (note, it was FPL and not Lake Worth Power) Casa New Jersey and told Spring & Co. that they would be coming by tomorrow (which is, today) to restore our power. Hmmmm.

Another small digression: the street we live on is rather short, perhaps a half mile in total length, with a major road bisecting our street in half (we live at the south end of the street).

Well, as I was leaving for work this morning, I saw a power truck (that I took to be FPL, although I couldn't make out which power company it really was) at the far north end of the street.

So it's likely that we'll be getting power today, but no later than tomorrow.

Also, I just received the follow email from Spring:

The Lake Worth Power dude came to our place about noon or so and went up in the bucket truck. He then proceeded up the street, upstream in the power supply. He projects we'll have power tonight.

He also lamented that LWP are not as beloved as FPL and are not able to score the good free food like the big guys can. We offered him blueberry muffins and coffee, but he said he just ate.

Things are definitely looking up …

---

O frabjous day!

Just got the news: We have the power!

Woot!

Thursday, November 03, 2005

Things I Have Learned Lately

Much like Spring, I too, will list some things I have learned through Hurricane Wilma.

• Do the dishes, and put them away, before the hurricane.
• Paper bowls are more useful than paper plates.
• Use plastic utensils.
• Do as much laundry prior to the hurricane as you possibly can.
• Take a hot shower just before the hurricane is expected to hit. It may be your last for the next few days.
• A carbon steel wok is the only pan you should need. They're also cheap.
• It helps to have lots of palm trees around your house to protect it. That's because they have evolved to survive hurricanes. But if there are any coconut palms around, cut the coconuts down prior to the hurricane. Also, skip the Royal Palms—sure they look very stately, but they shed palm fronds like crazy during a hurricane.
• Install your shutters at least once during the non-hurricane season, just to keep in practice.
• Some people had entirely too much fun during the power outtage.
• Camping sounds even less fun now. Not that it sounded fun before the hurricane.
• Find someplace safer to live.

Sunday, November 06, 2005

The good news is: I can fix it!

We use MRTG to monitor bandwidth at The Company. I've recently been tasked with taking over the monitoring machines for the network overall. I had to reinstall the operating system on one of the two monitoring systems, and once I get things settled with that server, I can then move on to reinstalling the other monitoring server.

If I weren't so darned diplomatic, I'd call MRTG a piece of XXXX, but I'm not like that, so let's just say that MRTG has it's problems.

I installed MRTG a few weeks ago but you'd never know it as random logfiles seem to get truncated mysteriously. So, now that things have more or less returned to normal, I start looking into this.

MRTG is buggier than a flea circus. I get a lot of this:

Use of uninitialized value in concatenation (.) or string at /usr/bin/mrtg line 1197.

Oh, guess what? MRTG is written in Perl.

Lovely.

Checking out the offending line:

        print HTML <<"TEXT";
<!-- maxin $peri $$maxin{$peri}{$router} -->
<!-- maxout $peri $$maxout{$peri}{$router} -->
TEXT

So, it's unlikely that $peri is undefined due to the context (it's the index of the loop this code appears in), so that leaves $router, %maxin or the hash referenced by $maxin{$peri}. It doesn't really hurt the program that one of these is undefined (since in a string context, Perl returns an empty string for an undefined reference or scalar or whatever is undefined at this point) but I get the warning anyway because the programmer added a use strict, which is used to track down such problems (I guess, otherwise, why use it?). I'm guessing that this isn't normally supposed to happen, and is indicative of a deeper problem in the code.

Somewhere.

And it's not like it happens on the same log file. No, that would be too easy. Nope. It just randomly changes on which log file it's spewing this out on.

I thought that it might have something to do with the 95^th percentile patch, but nope. That's been temporarily disabled and the errors are still cropping up.

Another lovely error I keep seeing:

Rateup WARNING: /usr/bin/rateup Can't rename uplink.tmp to uplink.log updating log file

MRTG uses a program called rateup to store the actual information. This time, rateup is a C program and the error code is less than stellar—why couldn't you rename the file? Would it have been that hard to print out the system error?

But this is open source, right? I can modify the code myself to include more information. So I grab the source code to the version of MRTG that's installed, and go to compile rateup …

checking for gd.h... no

** Ooops, one of many bad things happened:

   a)  You don't have the GD library installed.
       Get it from http://www.boutell.com, compile it and
       use either --with-gd-lib=DIR and --with-gd-inc=DIR to specify
       its location. You might also have to use --with-z-inc,
             --with-z-lib and --with-png-inc, --with-png-lib for gd
             versions 1.6 and higher.  Check config.log for more
       information on the problem.

   b)  You have the GD library installed, but not the gd.h
       header file.  Download the source (see above) and use
       --with-gd-inc=DIR to specify where the file can be found.

   c)  You have the library and the header file installed, but
       you also have a shared GD library in the same directory. 
       Remove the shared library files and/or links (e.g. 
       libgd.so.2.0.0, libgd.so and libgd.so.2).  This is especially
             likely if you're using a recent (post 1.8.4) version of GD
       and didn't configure it with --disable-shared.

   d)  You have gd library installed and also it's headers, but you are
       missing libpng (and headers) or freetype (and headers)
       (mrtg does not use freetype, but if your copy of gd is precompiled
       against it, you have to install it ... 

   Consider following the instructions in doc/mrtg-unix-guide.txt

Okay, but this is a fresh Fedora Core install, so I should be able to use the package manager to install the GD developer libraries. All I need to do is find out what it's called:

GenericUnixPrompt# yum search gd

Ten minutes later, nine of which were spent updating the master list with a bazillion packages that have been added and/or updates since I installed about three weeks ago (and it seemed like it upated the master list multiple times no less!) I finally got a list of a few zillion matches.

So I run the command again, only this time redirect the output to a file that I can search. I find the package I need:

GenericUnixPrompt# yum install gd-devel

A minute goes by while it updates the half-zillion packages that have suddenly upgraded in the past two minutes, and it's asking me if I want to install half a dozen development libraries, including the X Windows development libraries!

No!

No!

I don't care for the X Windows development libraries.

But the package maintainers don't care about my wants! They, in their infinite wisdom, have decreed that if one wishes to develop using GD, then one must also with to develop with X Windows.

Sigh. What's another 10 megabytes of wasted disk space?

Hack. Hack. Hack. Compile. Install the new rateup.

Now I get:

Rateup WARNING: /usr/bin/rateup Can't rename uplink.log to uplink.old updating log file [No such file or directory]

Okay … so what happened to the log file?

And a missing log file only rates a warning?

This is some well written software here.

Ah well … back to debugging other people's code.

Monday, November 07, 2005

“We know better than you … ”

I think I figured out the problem with MRTG and the missing log files.

You see, when I installed the operating system, one of the optional packages to install was MRTG. So I decided to install it. But unbeknownst to me (and totally unconfigured mind you) as part of the installation, it was already added to cron but not as part of the file you get when you run crontab -e (because you know, just by the act of installing the software you must want to use it immediately, even if it isn't fully configured yet, right?).

So every five minutes, two copies of the software were being run.

So no wonder the log files were getting munged.

Grrrrr.

You'd think that after ten years of Unix administration I'd get the hang of things, but nooooooo! I guess I still expect to have to configure packages and add them manually to cron if I want them.

Tuesday, November 08, 2005

Sigh

I really had to wonder what I did to earn my current project.

I think I've mentioned several times how much I dislike control panels (yes, I thought I did … here, here, here, here, here, here, here, here, here, here, here, here, here, here, here and here). And yet what do I find myself doing as a project?

Installing yet another control panel.

Since we don't currently use this one, I will name names for the one Smirk has in mind—Web-CP. Smirk wants to use it since the price is right (free as in beer). And yes, I can understand his reasoning for this and in fact, I can agree with him.

But that doesn't mean I like the darned things.

Especially this Web-CP thing. I don't really know what to make of the following post on their support forums:

The goal of this post is not to intentionally make anyone mad, put off or making you feel inadequate where linux is concerned. However, it is assumed you ARE VERY familiar with linux - no matter what distribution you use—this software is NOT for a newb Linux user—it requires an above average knowledge and skill to install, run and maintain. Not only linux, but php, mysql, html and about 15 other packages that it takes to run webcp.

READ THIS BEFORE YOU POST PLEASE

“Newb Linux user?”

But besides that … 15 packages in addition to PHP, MySQL and Apache?

But besides that … it takes a skilled user to use? That's the part (well, one of the parts) I have qualms about this package. The way it's worded makes it seem like it requires a skilled person to use the package, which isn't why Smirk wants the thing. Smirk wants a control panel to let a person manage their website—you know, add subdomains, users, email addresses, databases, that type of thing. Simple stuff like that. But using the online Web-CP Demo doesn't instill confidence that this thing will be simple to use.

For one thing, the navigation is horrendous, leading to a horrible user experience. There are also limited actions and it's hard to see how to actually manage a website. Granted, this is a demonstration, but given that there's fairly complex but quite terse, installtion instructions involving the installation of 18 packages (including the custom compilation of PHP so you can run PHP scripts from the command line) it's not something that is … um … easy … to test (and yes, I've mentioned to Smirk several times just how … um … convoluted … the installation is) to possibly get around several demonstration based limits (not to mention that it's only supported for Fedora Core 1—anything else and you are pretty much on your own—needless to say, the distribution we're using means we're pretty much on our own).

Blah.

So, not only do the various Linux distributions insist on adminstrating the systems as they see fit (and it gets back to a saying I've heard: “when you've seen one Unix system, you've seen one Unix system”) but then you have to twist and contort a possibly annoying administration system for use under a control panel that insists on doing things their [the control panel's] way. So what I'm really grousing about is that not only do the distributions not work the way I expect a Unix system to work, but the control panels can't be made to work the way I expect a control panel to work (that is, if I actually liked using control panels, which I don't).

I'm seriously considering that it may be easier to write a simple control panel that it would be to adapt some mutant PHP-based control panel.

[Smirk did give me an option to swap projects with P, which is setting up the backup system which has to deal with both Insipid and Blech … and honestly, I don't know who has it worse!]

Tuesday, November 15, 2005

Catching up

From: <XXXXXXXXXXXXXXXXXXXXXX>
To: <sean@conman.org>
Subject: Indolence…
Date: Tue, 15 Nov 2005 01:11:38 -0500

Mark says you're falling down on the job. (No posts since last Tuesday??) Actually, that's not how he put it, but I felt compelled to sanitize, since I don't know you.

Yes, things have been quiet since last Tuesday. I blame it on control panels (and no, I'm not bothering to link to the umptzillion posts I've made on control panels this time). But just as things were their darkest, Smirk pulled me temporarily off that project and onto more important things, like configuring a router for the DSL service we'll be offering (and the best part—I'll be getting free Internet service again! Unlimited static IP addresses! The ability to fix routing problems! The ability to control my own reverse DNS! Woot!).

Since I got MRTG playing nicely, I went ahead and installed Cacti, a type of “next generation” version of MRTG and a lot nicer to work with. Yes, the interface is a bit klunky, but I can understand why it's klunky the way it's klunky (you define your device and the type of monitoring you want. You then select the actual items you want to monitor and the type of graphs you want to generate (you can generate multiple types of graphs from the same data source). Then you create the graphs, and add them to the viewing tree) but it sure beats MRTG (where you hand generate the configuration file, then hand generate a page with links to the various graphs, unless you like looking at a raw directory dump in your web browser). Hopefully, the reports Cacti generates are good enough for Smirk to use and we can retire MRTG.

And to make matters better, I no longer have to install Web-CP. Granted, it's a different one I have to install, but the new one (still haven't come up with a pseudonym for it) seems more reasonable than Web-CP.

In other news, my friend Bill Lefler send me the link to his blog, so now Mark has another programmer's blog he can read while waiting for me to update mine.

Monday, November 21, 2005

Overheard conversation at a place of employment wherein the employer asks the employee about the relative lack of posts in the recent past of the employee's blog.

“You haven't updated in a while, have you?”

“Nope, not really.”

“You might have to hire a ghost writer.”

“Possibly so.”

---

Alive and well on Ganymede

Again, a week (or so) has gone by with nary an update.

Thing is, the past few weeks I haven't really had the gumption of writing entries, and it's not like I have a good excuse like I'm deep into writing for National Novel Writing Month (hardly—I didn't fool myself this year with thinking I would finish); it's just that I … don't really have much to write about.

Even I am tired of ranting about control panels and Cobalt RaQs.

I am, however, conversing with my friend Bill Lefler through his blog about the future of carbon paper (and part II of the future of carbon paper).

---

Harry Potter and the Goblet of Fire

Tonight the Brood (Spring, Wlofie, The Kids and I) saw Harry Potter and the Goblet of Fire, the latest film in the ongoing saga of an orphaned kid who's also a wizzard.

The book was the longest and perhaps the darkest of the saga so far, and unfortunately, the movie suffered because of it. The whole first half of the film felt too jumbled and cutup (much like the entirety of David Lynch's Dune) but the second half flowed much better (but the the book was better, as is almost always the case with a movie).

My other two complaints with the film: I still preferr Richard Harris as Albus Dumbledore than Michael Gambon. Mr. Gambon comes across as too forceful and less whimsical than Mr. Harris' soft spoken version.

And the other complain: not enough Snape! The most interesting character in the whole series, and only a few minutes of screen time.

Tuesday, November 22, 2005

I've got the power (but how much?)

Sitting at an idle Gnome desktop, this thing sucks up 153W of power. I was almost scared to push it. But I did anyway.

Pulling Linus' latest git tree into my local tree sucked up 216W of power at its peak.

Just when I thought I'd seen it all, a -j4 kernel compile of that same tree pulled 258W.

I no longer leave this box on 24/7.

Via Robot Wisdom, Fun with power

Dave used the Kill-a-Watt to measure the power consumption of his equipment. I think it's something we could use at Casa New Jersey, since our power bills are a bit high (then again, we do use Lake Worth Utilities, which charges more than FPL).

Monday, November 28, 2005

Colors

I awoke screaming.

At least, it felt like I awoke screaming, but I doubt I was actually screaming because no one came rushing into the room to see if I was being attacked by a hooked-handed lunatic. In fact, I think it was the dryer that was doing all the screaming—someone had forgotten to close the door to the dryer. [It just so happens that the dryer is in a closet in the master bedroom, while the washing machine is in the hall just outside the master bedroom—mostly due to space limitations in Casa New Jersey.]

Somehow I managed to close the door, pick up my cell phone, and make my way into the main part of the house, all without killing myself. I saw Spring, and what I wanted to say was, “Ah, my dear Spring. Would you be so kind as to call Smirk on my cell phone and inform him that I am incapacitated and unable to to travel to the office today and that I shall remain home in bed where I belong? Thanks.” What I think came out was something along the lines of “Oook. Aak. Smirk. Call. Okay.”

“Sean,” said Wlofie, “don't take this the wrong way—”

“Okay,” I said.

“But you don't look that well.”

“Okay.”

“Why don't you get back into bed,” said Spring.

“Okay,” I said.

“I'll call Smirk.”

“Okay.”

I stumbled back into the room, crashed into the bed and proceeded to have dreams of thousand legged spiders surrounding the house.

It was only later did I realize I must have nearly overdosed on a combination of Guaifenesin and Dextromethorphan. Or in other words, Tussin.

Yeah, I'm a light weight when it comes to drugs.

I've been fighting a cold since probably Wednesday, definitely by Thursday (Thanksgiving). I had thought I pretty much licked it by last night, but there I was, at a party falling asleep admist a Bacchanalian ruckus of drinking games.

By the time I got home (and no, I didn't drive), I was tired of everything, including sleep, and I ended up staying up until I was tired enough of everything to fall asleep and around 7:30 am, I took (what turned out to be) one final dose of cough syrup and fell asleep.

Only to wake up to a screaming dryer at … some point later in the morning.

Tuesday, November 29, 2005

She's done the hard part

Congratulations to Spring for finishing her NanoWriMo novel: Earth and Air: A Story About Attractions.

Woot!

---

No, I'm not kidding

<html xmlns:v="urn:schemas-microsoft-com:vml"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:b="urn:schemas-microsoft-com:office:publisher"
xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name=ProgId content=Publisher.Document>
<meta name=Generator content="Microsoft Publisher 10">
<link rel=File-List
href="faq1_files/filelist.xml">

If the above means nothing to you, consider yourself lucky.

The above is but a mere snippit from a page I had to help Smirk modify.

The above is the supposedly HTML output from Microsoft Publisher, which was used by the customer to render the web page. The fact that it only renders correctly (if it could be said to render correctly at all) under Internet Explorer is irrelevant to the customer—everyone uses Internet Explorer, right?

Right?

Forget trying to actually modify the Microsoftian HTML by hand—I spent perhaps an hour trying to locate a portion of the file that generated the content for one particular area of the page and couldn't pin it down fully. Add a large red border for this bit, okay, that's a bounding box for this bit of text. Move up a bit and add a large red border to this bit, and that's a bounding box for the bounding box for this bit of text. Move up a bit more, add a large red border and why is the border around that on the other side of the page that has nothing to do with what I'm trying to find.

Stuff like that.

This is the HTML equivalent of having a GOTO following every statement in a program.

Gave up on trying to modify 200,000 bytes of HTML (I'm not kidding—five files, all 40k in size) and redid the page (the task was to merge the five pages into one) in 1,322 bytes (a very simple <TABLE> based layout, which is what it took Microsoft 192,000 bytes to describe).

And as a side affect, it renders correctly in more than just Internet Explorer, and for that, I have to apologize. I just couldn't help myself (even if the design caused Spring to gouge out her eyeballs with a dull grapefruit spoon).

---

Feeling groovy

I'm feeling a little bit better today. No waking up to screaming appliances nor the inability to express myself as eloquently as a caveman. No, today, I was able to function well enough to get myself to work, which on retrospect, perhaps wasn't all that good of an idea, but hey, at least I'm in the recovery phase of the cold.

---

She's done the hard part

Congratulations to Spring for finishing her NanoWriMo novel: Earth and Air: A Story About Attractions.

Woot!

Wednesday, November 30, 2005

Feeling less groovy

Of course, feeling better is a relative thing when one has a cold, and today I'm feeling a bit worse than yesterday (although a bit warmer—I did remember to bring a sweater to work today). Part of feeling worse is how little sleep I got last night (or rather, this morning). Between not being sleepy at all, my runny nose and some chest congestion, it was very hard to fall asleep.

And when I did, it was around 6:30 in the morning.

I'll certainly be happy when this cold is over.

---

Don't forget your sippy cup

Instead, I'll share with you the results of a little between-classroom brainstorming about how office life could learn a little bit from grade school life.

So, in no particular order, here are some ideas for how to run your next Web 2.0 startup:

• Forget calendars, try periods! Every period is 50 minutes, with a 10 minute break in between. “What are you doing 4^th period? Wanna get together to talk about our alpha invite strategy?” “I have a yellow fade discussion then.” “How about 5^th period?” “Sounds good.” Make a rule that no meeting can span two periods without a good reason, and why not actually ring a bell at the start and end of each period.
• Lots of wall art! The best thing about grade school classrooms are the walls—they're covered with great stuff! Charts of the alphabet or the periodic table, ground rules about about classroom behavior, plus lots and lots of stuff produced by the kids. Artifacts everywhere, and in color!
• Nap area! Of course.
• Field trips! Everyone needs to get out and see the big bad world … whether it's market research, a trip to the local geek museum or even the bar down the street. After all, what would you rather go on—a strategic planning offsite, or a field trip!

Via Jason Kottke, schoolwork

Back durring my first week at Negiyo, I kept having flashbacks to high school. The treatment of us peons non-management employees as kids. The long hallway down towards the cafeteria. The small desks. Being sent to the Principal's office HR department.

I thought I had died and gone back to high school.

But now grade (or elementary) school. Kindergarten through 5^th grade. That wasn't so bad. And I could definitely deal with nap time. I wonder how Smirk would go for the idea?

Thursday, Debtember 01, 2005

Yet more thoughts on spam

Last month I switched email clients from Thunderbird to mutt (I found Thunderbird to be too sluggish but that's a story for another entry) and configured our primary email server to forward my mail directly to my workstation, where procmail can then filter it.

So now I can burn through mail in about half the time it used to take me.

I get a ton of email, most of it from the various servers (from root mostly) and most of that is generated by the mail system itself, informing me that it's found, yet again, another email infected with a virus (oh, easily 500 a day) or it couldn't deliver a message (another 500 a day easy) or the multi-thousand line output of logwatch (each easily 15,000 lines of summary per day).

So it was a simple matter to set up procmail to filter the messages (and say, automatically delete the virus warnings—I tried turning that off on the servers themselves, but … well … control panels and hidden configuration files and I'm stuck getting them even though I don't care for them). Now, since our mail goes through a dedicated spam filtering system and can mark emails as spam, I thought it would be a good idea to simply delete those upon receipt as well.

Only I kept receiving emails marked as spam.

  31 N   Dec 01 trespassers@gre ( 306) [SPAM]  Breaking News

Puzzled, I moved the procmail configuration to delete such marked spam:

:0:
	* ^Subject: .*SPAM.*
	in-TRASH

to the start of my .procmailrc, and yet, I still get the emails. I bumped up the verbosity of logging, and yes, some of it was actually being caught and trashed, but not all of it.

What the heck?

In mutt I see:

From: <trespassers@greenoblivion.com>
To: <apache@XXXXXXXXXXX>
Subject: [SPAM] Breaking News
Date: Thu, 1 Dec 2005 22:49:10 +0200

But when I checked the actual raw email message …

From: <trespassers@greenoblivion.com>
To: <apache@XXXXXXXXXXX>
Subject: =?ascii?B?W1NQQU1dICBCcmVha2luZyBOZXdz?=
Date: Thu, 1 Dec 2005 22:49:10 +0200

That funky subject line? A form of MIME encoding for email headers. In this case, the subject line uses the US-ASCII character set and is encoded as base-64. procmail knows nothing about MIME encodings. It's looking for “SPAM” in the subject line and not finding it.

Well now …

Obviously, I can add

:0:
	* ^Subject: =\?.*\?W1NQQU1dIC.*
	in-TRASH

(“[SPAM]” encoded as base-64) to my .procmailrc file, but is there a better way?

Sure, Bayesian filtering is pretty cool, but I still think that a few simple heuristics in place would help just as much.

One idea: check the character encoding of the incoming email. In my case, if it isn't US-ASCII, ISO-8859-1 or UTF-8 (oh, might as well include WINDOWS-1251 for those unfortunate friends that are abused by Microsoft), then discard it. It doesn't matter if it's legitimate email if I don't understand the language it's written in.

Now, with ISO-8859-1, UTF-8 or WINDOWS-1251, I still might not be able to read the message (since ISO-8859-1 and WINDOWS-1251 covers western European langauges like French and German, and UFT-8 covers just about all written languages), but my second idea should take care of that.

Second idea: spell check the incoming email.

No, seriously.

Take this bit of spam I received today:

lt is really hard to recollect a company: the market is full of sugqestions and the information is overwhelming; but A GOOD CATCHY LOGO, STYLISH STATlONERY and OUTSTANDING WEBSIT E wilI make the task much easier.

We do not promise that having ordered a loqo your company wiIl automaticaIly become a worId Ieader: it is quite clear that without good products ,effective business orqanization and practicable aim it will be hot at nowadays market; but we do promise that your marketing efforts will become much more effective.

Twelve spelling errors (and one punctuation error, which I marked, but not counting in the following statistic) for a 14% spelling error rate. And if the email is in a different language, the spelling error rate will easily go past 95%. So, if the number of misspelled words exceeds say, 70%, delete it, and if it's above say, 5% (hey, we all make mistakes sometimes) mark it as possible spam.

This would definitely piss off the V1@gr@ pushers.

Third idea: Unless whitelisted, any email that consists of any type of attachment, delete it (well, for me at least).

And this is before explicit filtering, Bayesian or otherwise.

I wonder just how hard something like that would be to write …

Friday, Debtember 02, 2005

One obscene car

I just came across a most obscene production car.

It's a stylish looking car, like something The Batman would drive. A one thousand horsepower 8 liter W-16 engine (that's two V-8s merged into a single block) that can accellerate from 0 to 60 mph in just three seconds. Accelleration slows down a bit after that, since it takes 14 seconds to hit 180 mph (and not 9 seconds a straight linear accelleration would predict). But give it a few more seconds and you'll top out at 250 mph, complete with your own personal police escourt.

But the Bugatti Veyron comes with a price. A rather steep price, and this is were it gets obscene (as if a 1000Hp 8 liter W-16 isn't obscene enough). It's a cool $1,000,000.00 to buy (and yes, it is a production car. And if you can afford the cool one million to get the car, then you certainly can afford to fill (and refill and refill) it—at top speed you'll be burning fuel at a rate of 1.3 gallons per minute (or an effective 3 mpg).

Thirsty little car.

It'd be real fun to drive this car at perhaps 100 mph, just to get the attention of the local police. Once I get a few lined up behind me, punch the gas pedel (and assuming I don't slam into the side of a mountain) and watch as the red and blue flashers receed into the distance.

Until I run out of gas ten minutes (and fourty miles) later.

And as fast as the Bugatti Veyron is, nobody can outrun a Motorola …

Monday, Debtember 05, 2005

One man's pollution is another animals food source

As the world increasingly considers hydrogen as a potential biofuel, technology could benefit from having the genomes of such microbes. “C. hydrogenoformans is one of the fastest-growing microbes that can convert water and carbon monoxide to hydrogen,” remarks TIGR evolutionary biologist Jonathan Eisen, senior author of the PLoS Genetics study. “So if you're interested in making clean fuels, this microbe makes an excellent starting point.”

Via Robot Wisdom, Poison + water = hydrogen. New microbial genome shows how

This is really cool news, and just goes to show that for any problems we create, we're clever enough to find a solution.

Tuesday, Debtember 06, 2005

BBEdit

I just got a copy of BBEdit and I've been playing around with it for the past few hours (way too long actually). While fairly nice (and as far as I can see, those programmers that use Macs tend to use BBEdit and really like it), I do have a few gripes about it.

1. The PageUp and PageDn keys don't work like I expect them to work. In my world, the PageUp and PageDn will not only page the document up and down, but move the cursor as well. It does not mean page up (or down) the document only if it extends past the visible portion of the window, and most emphatically does not mean “never move the cursor.” I page up, oh, want to type over there, hit the arrow key and hey! I'm back down a page‽
2. There's no simple key sequence to enable/disable word wrap. Yes, you can enable/disable, and I suspect you can enable/disable it based upon the document type being edited, but there isn't a way to enable/disable word wrap on the fly within a document.

Okay, only two gripes.

But big ones given the way I like to work.

I do like the ability to add extentions, and they even make a SDK so you can (if you can) program your own extentions. That may be something I need to play around with.

Wednesday, Debtember 07, 2005

We're just a conduit

One of our customers sent in a ticket complaining about not receiving email:

I sent myself an email to [customer's email address at their ISP] and it came back in less than 5 secs.

I sent myself an email to [customer's email address on our server] and it NEVER came back.

What is happening?

I checked the mail logs and they didn't show anything. I then sent email to the customer's address on our server, and got the following back:

From: Mail Delivery Subsystem <MAILER-DAEMON@XXXXXXXXXXXXXXX>
To: <support@XXXXXXXXXXX>
Subject: Returned mail: see transcript for details
Date: Wed, 7 Dec 2005 12:52:12 -0500

The original message was received at Wed, 7 Dec 2005 12:52:11 -0500 from root@localhost

   ----- The following addresses had permanent fatal errors -----
[address to customer's ISP]

    (reason: 550-[our server IP address] blocked by ldap:ou=rblmx,dc=XXXXXXX,dc=XXX)
    (expanded from: <XXXXXXXXXXXXXXXXXXXXXXXXX>)

   ----- Transcript of session follows -----
... while talking to XXXXXXXXXXXXXXXXXXXXX.:
>>> MAIL From:<support@XXXXXXXXXXX> SIZE=1311
<<< 550-[our server IP address] blocked by ldap:ou=rblmx,dc=XXXXXXX,dc=XXX
<<< 550 Blocked for abuse.  Please send blacklist removal requests to XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - Be sure to include your mail server IP ADDRESS.
554 5.0.0 Service unavailable

This is a major problem.

Basically, our customer's ISP is blocking our server because it sent too much spam to towards our customer's ISP. Well, yes, because it's forwarding email, including all the spam. So of course it's going to look like our server is spamming.

I could write to XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX and say that this is a shared webhosting server and that we'll filter for spam and sorry about that, but we're already filtering spam for this client (although apparently not filtering enough). And even if they remove our server, there's no guarentee that sometime in the future they won't block our server due to excessive levels of spam coming from our server (because spam never stops).

Well, I'll write to the address anyway and profusely apologize and all that, and hope they'll remove the block.

Sigh.

Thursday, Debtember 08, 2005

You almost have to root for her.

Now she hopes to retain her office on the basis that she ran her office so incompetently that you can't trust the results of the election she oversaw. Her reasoning boils down to this: Based specifically on being thoroughly incompetent, she should have her old job back.

In just about any other city, the proffering of one's own idiocy as a specific qualification for office would be laughable and ridiculous. But this is Detroit, and Currie can ask for a recount with a straight face and without embarrassment because she knows her audience well—they're the same people who took a look at her, dementia and all, and decided to put her in charge of the city's elections. Several times.

“Untitled” from The Detroit Blog

I have a soft spot for Detroit (go figure). But it's sad to see a once great city slowly become a modern ghost town (although at the rate that buildings are either torn down or burn down, there may not be much left) and the antics of the current city government aren't helping things any.

But, claiming that her opponent was fraudulently elected when she [Jackie Currie] herself oversaw the election … that's just chutzpah.

This past Detroit election reminds of me a student election at FAU years ago. The election so pissed off everybody that the Student President and Student Senate Speaker resign. Then, the Judicial Branch declares the recently held elections invalid, prompting the Student Senate to start impeachment proceedings against the Judicial branch.

I kid you not.

I always wondered what happened to that lot. Seems they all moved to Detroit.

---

Sounds like someone who really loves their job

Ring.

Ring.

“Hello, this is Technical Support,” I said.

“Yes, I need to talk to the office manager,” said the person on the other end. I'm not sure if it was possible for this person to sound more apathetic.

“I'm sorry, but he's on the phone right now. Can I take a message?”

“No, I'll call back when he's available. When would that be?”

“I don't know how long he'll be on the phone.”

“You've been a wonderful help. I hope you do it more often.” Click.

You have a nice day too!

Friday, Debtember 09, 2005

Yes, I expected documentation in a man page …

So Smirk calls me up late last night. “Hey Sean,” he said. “Can you install a Radius server on such-n-such a machine. I need to get my DSL working.” We're offering DSL to customers, and as a side benefit, we're all getting DSL (from The Company) for free.

Although I didn't expect things to be quite so far along. I think my reply to Smirk was “Ack,” but secretly, I was Now? He wants it now? Although, had the roles been reversed, I think I would have demanded DSL immediately as well.

I do a search for freely available Radius servers, and the first one I come across is the GNU Radius server. I get it installed and running, despite the lack of documentation. Seriously. It's not like I could immediately buy and get the documentation right then and there, and the man pages all read like:

NAME

radiusd - Authentication and accounting server

SYNOPSYS

radiusd [-A] [-a account_dir] …

DESCRIPTION

Ha ha ha ha ha ha ha! You expected documentation in man format? Ha ha ha ha ha ha ha ha! Silly Mortal! Man is The Man's documentation format, and we're here to screw The Man! We use info, based on the “One True Editor” that is known as Emacs (and no jokes about it sucking up more memory than Windows least we come in and reformat your system to the GNU Hurd). So what if the key bindings give you carpel tunnel syndrome? If it's good enough to criple RMS then it's good enough to criple you. So suck it up and use info.

And the info pages are a twisty maze of jargon and confusing examples (more on that later).

But at this point, I have no clue how to get a Cisco router to authenticate against a Radius server, did a quick search, found a few commands, typed them in, and locked myself out of the router (as it was attempting to authenticate my administrative logins against the Radius server).

So much for Smirk and his DSL last night.

Today I spent all day on the phone with G, our CCNE consultant (who did admit that on th Cisco test, all Radius server questions were only worth a collective two points, so even he was unsure on some of this). I did, however, realize I didn't fully finish configuring GNU Radius. You first need to expliticly tell it to listen on the network port (okay, good default for the security conscience) and tell it the IP address of the client(s) (an even better default for the security paranoid).

I was luckily able to log into the Cisco router on the console port and fix the administrative login problem so G could log in. A few hours of playing, and we could administratively login locally, but network authentications (for say, DSL) would go against the Radius server. We then saw Smirk's DSL unit attempt to log in, as smirk@exapmle.net.

Only, I set the account up as smirk.

When Smirk changed his user ID to smirk, nothing, and I mean nothing came through. Smirk, G and I were checking both the Cisco logs and the Radius server logs, and nope. Smirk's DSL unit wasn't even making an attempt.

An hour or so later, Smirk got off the phone with either the CPC, the BRC or the BBG (yes, we have to work through at least three departments at BellSouth to offer DSL as a CLEC (pronounced “sē′‧lək”)—alphabet soup anyone?) and found out that BellSouth will only pass the authentication request if the packet has the format user“@”domain.

Nice.

Only I opted to configure the GNU Radius server to use the underlying Unix system authentication. Now I had to figure out how to get it to accept smirk@example.net.

I'll spare you the pain I suffered, but let me just say that GNU Radius is extremely picky about the syntax of its configuration files. And for it's security conscience about networking, it's rather stupid about CHAP authentication, where it requires the un-encrypted version of the password in the configuration file. Five hours to get:

"smirk@example.net" Suffix = "@example.net",
	Strip-User-Name = Yes,
	Auth-Type = Local,
	User-Password = XXXXXXXXXX
	Service-Type = Framed-User,
	Framed-Protocol = PPP,
	Framed-IP-Address = XXX.XXX.XXX.XXX

The commands? Case sensitive. Options, like the “Yes” … case sensitive and it has to be “Yes”. Commas? I can't figure out where it wants them, and where it doesn't want them. Basically, I had to make a change, then run radiusd -m c to see if it liked the configuration file, and if not, what it didn't like about it. And the examples! That further confused issues because of random indenting! In one section, I saw:

DEFAULT Suffix = ".ppp",
		Auth-Type = SQL,
		Login-Time = "Al",
		Simultaneous-Use = 1,
		Strip-User-Name = Yes
	Service-Type = Framed-User,
		Framed-Protocol = PPP

Somewhere else:

DEFAULT	Suffix = ".slip",
		Strip-User-Name = Yes
	Hint = "SLIP",
		Service-Type = Framed-User,
		Framed-Protocol = SLIP

But then:

DEFAULT Hint = "SLIP",
		Auth-Type = Mysql
	Service-Type = Framed-User
		Framed-Protocol = SLIP

I found out that indenting isn't that important—that is, it's required, but how much isn't. And if you can figure out where commas are required and not, please tell me so I don't have to play “Hunt the Comma Location” again.

Sheesh.

But I finally got Smirk up and running with his DSL, and I'm slated to get it later this month. Woot!

Saturday, Debtember 10, 2005

Still a cut-up

Same book, different cake.

When I made a cake for The Younger's birthday, at the time I asked The Older which cake he would want for his birthday. He flipped through the book and pointed to one of the boats. That was September.

Come December, and it's time for The Older's birthday. And yes, I remembered which cake he pointed out.

Amusingly, as I was making it (I was up till 6 am making the darned thing) The Younger (who's a morning person by default) came down, saw what I was making.

“Is The Older going to [visit Dad] by boat?” he asked. I made the airplane for The Younger at his birthday since he was flying to see his Dad.

“No, he's going by plane,” I said. “But he wanted a boat cake.”

“Ah.”

But at least this time, I remembered the sugar.

Monday, Debtember 12, 2005

Talk like who day?

“So I'm playing around with BBEdit—”

“How do you do that?”

“Do what?”

“Talk with links.”

“Talk with links?”

“Talk with links. You just mentioned BBEdit and I swear—”

“Swear what?”

“That I could hear the link to the BBEdit site.”

“Maybe it's because I said BBEdit with scare links.”

“You just did it again.”

“Will you stop?”

“That's just—”

“Stop!”

“But—”

“Shh!”

“But—”

“Shh!”

“Okay! Okay!”

“So I'm playing around with BBEdit (see, no ‘scare links’ this time).”

“And how do you like it?”

“It's growing on me.”

“Growing?”

“Growing. As in ‘I'm begining to like using it’ growing.”

“But I feel a ‘But …’ in that statement.”

“Right you are.”

“So … ”

“So what?”

“So … what's the but?”

“The part of the body you sit on.”

“Funny guy.”

“Thank you.”

“No, really, what don't you like about BBEdit?”

“The PageUp and PageDown keys.”

“The what?”

“The PageUp and PageDown keys.”

“What does the PageUp and PageDown keys have to do with BBEdit? Those on keys on the keyboard.”

“I don't like the way BBEdit handles those keys.”

“What's wrong with the way BBEdit handles those keys?”

“Well, they page the window up and down—”

“I would expect that to happen with the PageUp and PageDown keys.”

“But the cursor doesn't move.”

“So?”

“So? The cursor doesn't move!”

“Why would you want the cursor to move? When I page up, it's usually to look at something.”

“Yes, but I also use the PageUp and PageDown keys to move to the next area of a file I want to edit.”

“That's what the scroll bar and mouse are for.”

“No.”

“No?”

“No.”

“Then what are the scroll bar and mouse for?”

“I don't care about the scroll bar and mouse. When I'm editing, I want to use the keyboard exclusively.”

“You're weird.”

“I'm ‘old school.’”

“That's not ‘old school,’ that's ‘dead school.’”

“Funny guy.”

“Thank you.”

“If I didn't want the cursor to move, then I'd hit the …”

“Hit the … ?”

“Oh, never mind.”

“Never mind what?”

“The ScrollLock key.”

“The what?”

“ScrollLock.”

“Does that key do anything?”

“I just tried. Nope.”

“Tried what?”

“I thought that if I hit ScrollLock, it would ‘unlock’ the cursor so it would move when I hit PageUp and PageDown.”

“But you just said the ScrollLock doesn't do anything.”

“That's right. I just tried it. Didn't you see me?”

“No.”

“You should pay attention.”

“I am. Or trying anyway. Besides, if you use the PageUp and PageDown keys to navigate, what if you want to page up and look at something and not loose your place?”

“Then I split the window in two.”

“Show off.”

“Hey, I just want my PageUp and PageDown keys to work.”

“They work.”

“Like I want them to.”

“Oh.”

“And one more thing.”

“Yes?”

“Happy ‘Talk Like Brian Michael Bendis Day.’”

“What a geek.”

“Why thank you.”

Tuesday, Debtember 13, 2005

The Buns of St. Lucy

In celebration of Lucia, Wlofie made the traditional lussekatter, a sweet bread made with saffron (which costs about ¼ the price of gold—yes, it's expensive stuff, but you don't need much). I think I enjoyed the lussekatter more than the cake I made the other day.

---

All I want to do is resize some graphics!

I spent way too much time last night tring to get ImageMagick installed on my Mac mini. I compiled and installed the latest version, but each time I tried using it, I kept getting:

convert: no decode delegate for this image format (jpeg)

A Google search on the error didn't prove anything conclusive. Even installing an older version didn't work (same error). The binary install of ImageMagick was useless as that's for Tiger, and apparently, I don't have Tiger but Panther (gee, what ever happened to things like version 10.4 or 10.3?).

Eventually, I was able to find a package I could install, but by then several hours had passed, and all I wanted to do was resize some pictures.

Sigh.

Wednesday, Debtember 14, 2005

Immiment Death of the Internet: mpeg @ 127.0.0.1

The [phone/TV cable] carriers are going to lobby for the laws and regulations they need, and they're going to do the deals they need to do. The new system will be theirs, not ours. The NEA principle—Nobody owns it, Everybody can use it, Anybody can improve it— so familiar to the Free Software and Open Source communities will prove to be a temporary ideal, a geek conceit. Code is not Law. Culture is not Free. From the Big Boys' perspective, code and culture are stuff nobody cares about.

That's us: Nobody.

The new carrier-based Net will work in the same asymmetrical few-to- many, top-down pyramidal way made familiar by TV, radio, newspapers, books, magazines and other Industrial Age media now being sucked into Information Age pipes. Movement still will go from producers to consumers, just like it always did. Meet the new boss, same as the old boss. Literally.

Saving the Net: How to Keep the Carriers from Flushing the Net Down the Tubes

Network Neutrality, that is, a network that just delivers the packets, stupid, with no cognizance of what app, device, or end-user generated them, is an public good that gives rise to much innovation, value creation and economic growth at the application layer. It is the single greatest factor in the success of the current Internet.

But a Network Neutrality rule, even a strong one, can fail.

http://isen.com/blog/2005/12/what-network-neutrality-rule- wants.html

If you want to help save the net, bug your provider for IPv6 today.

If you want to ensure the Net remains a free place for ideas and services - you - yes you, dear reader, must also take action. Implement IPv6 at home, and at work. Get a ipv6 tunnel and publish your AAAA records! Don't ask for permission. Just. Do. It.

One escape from the silo - ipv6

Each article is a definite must-read if you value the future of the Internet. I know that David Isenberg has been saying this for a long time on isen.blog, but it seems to be coming to a head, what with the entrenched phone and cable companies wanting to carve out the Internet in their own (incompatible) images.

And IPv6 would prevent a lot of networking problems and return us once again to a true “point-to-point” nature of the early (pre- commercial) Internet.

Monday, Debtember 19, 2005

There are some that don't know?

Just because the front page said “Inside Area51: Secret government UFO center finally exposed” I just had to get it. I mean, it's Area 51 for crying out loud. Now, on the front page it says:

THE WORLD'S ONLY RELIABLE NEWSPAPER

ALL NEW!

• SHOCKING!
• BIZARRE!
• INCREDIBLE!

and it's ALL TRUE!

[and if by now, you haven't guessed I'm talking about the Weekly World News, then you haven't been paying attention much at the supermarket checkout lanes]

Now, with such stories as The 24 Days of Christmas and Thanksgiving Attack of the Turkey From Hell you know the articles in the Weekly World News isn't real.

But that's part of the charm of the newspaper. It's so over the top (“Gal topples office building in a fit of rage”) and I'm surprised that anyone would believe anything that's reported in it.

But sadly, just inside in the lower left hand corner, just below the headline that reads “Slipper Power: Man with large fuzzy slippers creates enough electricity to heat his house,” it states:

Weekly World News articles are drawn from different sources and most are fictious. Weekly World News uses invented names in many of its stories, except in cases where public figures are being satirized. Any other use of real names is accidental and coincidental. The reader should suspend belief for the sake of enjoyment.

Somehow, I just find that sad that such a disclaimer has to be printed.

Wednesday, Debtember 21, 2005

“OMG! You're running server software older than two days! Pwned!”

I was just given a security scan compliance report, run by XXX XXXXXXXX XXXXXXXX & XXXXXXXXXX XXXX on behalf of one of our customers, and it's rather amusing at 502 pages in length.

The security company wanted a list of everything that is even remotely associated with the customer's dedicated server that is publically accessible via IP—stuff like name servers, mail servers and routers. Well, the customer's server handles everything except DNS and routing, so I sent along the IP address of the DNS servers and the primary router here at The Company.

The security company did their scan, and sent along their 502 page report.

Ho ho ho.

There are five levels of vulnerabilities. One and two are in the “Well, we don't like that these exist, but I suppose we'd get too many complaints if we actually recommended that people be unable to use ping or traceroute, or force people to forge WHOIS contact information” (heaven forbid anyone wanting to trouble shoot networking issues). Think I'm kidding about levels one and two? Here are some sample level one and two “vulnerabilities:”

• Web Server Supports HTTP Request Pipelining [it's part of the HTTP protocol as specified in RFC-2616]
• Mail Exchange (MX) Record Gathered from DNS Server [um … I suppose disabling of SMTP entirely might be considered a Good Thing™, given the levels of spam, but people still use email, and this is part of the SMTP specification]
• SMTP Service Detected [at level two no less!]
• DNS Hierarchy of Target DNS Server Traced [just writing about these is causing my blood pressure to escalate—is this security company on Crack or something?]
• Host Names Found [oh dear we seem to actually have DNS PTR records!]
• Target Network Information [this means The Company is listed in the WHOIS database as owning the IP address. The fact that for any given publically routable IP address on the Internet someone somewhere owns said IP address has probably escaped this security company]

Levels three and four are in the “There exists a theorectical exploit that in reality is impossible to actually exploit, but since it does exist, and the fact that the server software you are running is older than twenty minutes old, means we don't like it and therefore you don't pass. Please upgrade immediately to the latest codebase; we don't care if it causes the server to become inoperable (actually, that's a Good Thing™)—upgrade now!” And level five is “OH MY GOD THE INFOCAPALYPSE IS NIGH UPON YOU! YOU ARE PWNED! GET AWAY FROM US YOU VENOMOUS CRETINS FOR EVEN THINKING OF RUNNING SERVER SOFTWARE THAT IS OLDER THAN TWO DAYS!”

Of course, I have issues with the report.

Okay, one of the three bazillion “vulnerabilities” on the customer's server, at level “Infocapalypse” is the following:

Title: Multiple Apache Web Server < 2.0.51 Vulnerabilities

Severity: 5

Diagnosis: There is an input validation issue in IPv6 literal address parsing which can result in a negative length parameter being passed to memcpy.

A buffer overflow in configuration file parsing makes it possible for a local user to gain the privileges of a httpd child, if the server can be forced to parse a carefully crafted “.htaccess” file.

A segfault in “mod ssl” can be triggered by a malicious remote server, if proxying to SSL servers has been configured.

A potential infinite loop in “mod ssl” can be triggered given particular timing of a connection abort.

A segfault in “mod dav fs” can be remotely triggered by an indirect lock refresh request.

Consequence: An attacker may get control of the server.

(Yes, that is one “vulnerability,” by the way)

Can you say “overboard?”

We don't run IPv6 on our network. Even if we were, this would most likely cause the server to crash on startup (or at the worse, if trigger by a directive in .htaccess, crash just that child process).

We don't proxy SSL servers. Even if we were, this would just crash that particular request. Yes, it could lead to a denial of service attack, but those are rather hard to guard against anyway.

We don't have mod_dav running. And again, even if it were, it's just a replay of the above problem.

Of the two remaining “issues,” one sounds theoretical, and even if it were possible, is just a (heh—“just a”) type of denial service attack. Hard to gain control of a server that way (well, for certain values of “control” I suppose).

That does leave the last “issue,” which is a valid issue, but one that's (in my humble opinion) rather moot—if someone can place a carefully crafted .htacces file on the server, they already have access to the server!

Um … yeah.

I would also be more impressed if the report did not contain five duplicates of this “issue.” And I don't mean because there are five different IP addresses on the server—no, this was six instances reported for a single IP address. I'm guessing that a 502 page security scan compliance report is more impressive than a mere 302 page security scan compliance report.

In fact, of the 216 “vulnerabilities” listed for the customer's server, 129 were duplicates. Sure, some of them are interesting, but the sheer repetition (and the silliness of some of them) lessens the impact for me. It makes reading the report rather tedious, which in my mind, lessens the worth of this 502 page report.

I just hope Smirk can calm down the customer.

Thursday, Debtember 22, 2005

Network control

Today I received my Company provided DSL unit. Smirk told me that at some point today, the service would cut over, but The Monopolistic Phone Company could not provide a timeframe for said cut over. Just that it would happen sometime during the 22^nd.

I was not expecting the cut over to be about ten minutes past midnight.

But now, I have DSL that I fully control!

Muahahahahahahahaha!

Sunday, Debtember 25, 2005

Merry Christmas