Look at the nice present Comcast just gave me:
2010-10-20 01:04:23 3-Critical R005.0 Started Unicast Maintenance Ranging - No Response received - T3 time-out
2010-10-20 01:04:55 3-Critical R004.0 Received Response to Broadcast Maintenance Request, But no Unicast Maintenance o
2010-10-20 01:04:55 6-Notice M573.0 Modem Is Shutting Down and Rebooting...
1970-01-01 00:00:03 6-Notice M571.1 Ethernet link up - ready to pass packets
1970-01-01 00:00:42 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:00:52 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:01:01 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:01:11 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:01:38 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:01:48 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:02:27 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:02:37 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:02:59 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:03:09 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:03:18 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:03:28 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:04:21 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:04:31 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:04:52 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:05:02 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:05:08 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:05:29 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:05:39 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:05:45 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:05:55 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:06:04 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:06:14 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:06:19 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:06:29 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:06:29 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:06:34 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:07:40 3-Critical D001.0 DHCP FAILED - Discover sent, no offer received
1970-01-01 00:07:43 6-Notice M572.0 Ds Lock Failed - Reinitialize MAC...
1970-01-01 00:07:44 3-Critical T002.0 SYNC Timing Synchronization failure - Failed to acquire FEC framing
1970-01-01 00:07:51 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:07:52 3-Critical T002.0 SYNC Timing Synchronization failure - Failed to acquire FEC framing
1970-01-01 00:08:12 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:08:23 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:08:23 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:08:33 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:08:33 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:08:34 6-Notice M572.0 Ds Lock Failed - Reinitialize MAC...
1970-01-01 00:08:45 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:08:45 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:08:55 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:08:55 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:09:06 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:09:06 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:09:07 6-Notice M572.0 Ds Lock Failed - Reinitialize MAC...
1970-01-01 00:09:12 3-Critical T002.0 SYNC Timing Synchronization failure - Failed to acquire FEC framing
1970-01-01 00:09:13 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:09:27 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:09:37 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:09:43 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:09:53 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:10:02 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:10:12 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:10:27 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:10:37 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:11:10 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:11:20 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:11:42 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:11:52 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:12:05 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:12:15 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:12:29 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:12:39 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:13:05 3-Critical R002.0 No Ranging Response received - T3 time-out (US 2)
1970-01-01 00:13:15 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:13:45 3-Critical R002.0 No Ranging Response received - T3 time-out (US 4)
1970-01-01 00:13:55 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:14:07 3-Critical R002.0 No Ranging Response received - T3 time-out (US 3)
1970-01-01 00:14:17 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:14:48 3-Critical R002.0 No Ranging Response received - T3 time-out (US 1)
1970-01-01 00:14:58 3-Critical R001.0 No Maintenance Broadcasts for Ranging opportunities received - T2 time-out
1970-01-01 00:14:59 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:15:00 3-Critical T002.0 SYNC Timing Synchronization failure - Failed to acquire FEC framing
1970-01-01 00:15:00 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:15:10 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:15:10 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:15:21 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:15:21 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:15:32 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:15:32 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:15:43 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:15:43 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:15:53 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:15:53 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:04 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:04 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:14 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:14 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:25 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:25 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:36 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:36 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:46 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:46 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:57 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:16:57 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:16:57 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:17:08 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:17:08 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:17:18 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:17:18 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:17:29 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:17:29 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:17:40 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:17:40 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:17:50 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:17:50 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:01 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:01 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:11 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:11 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:22 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:22 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:32 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:33 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:43 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:43 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:54 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:18:54 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:18:55 6-Notice M572.0 Ds Lock Failed - Reinitialize MAC...
1970-01-01 00:19:06 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:06 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:19:16 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:16 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:19:27 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:27 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:19:37 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:37 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:19:48 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:48 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:19:59 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:19:59 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:20:09 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:20:09 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:20:20 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:20:20 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:20:30 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:20:30 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:20:41 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:20:41 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:20:52 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:20:52 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:02 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:02 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:13 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:13 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:23 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:23 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:34 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:34 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:45 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:45 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:21:55 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:21:55 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:06 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:22:06 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:16 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:22:16 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:27 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:22:27 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:37 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:22:37 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:39 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:22:49 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:22:49 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:22:50 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:22:50 3-Critical T002.0 SYNC Timing Synchronization failure - Failed to acquire FEC framing
1970-01-01 00:22:51 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:23:01 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:23:01 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:23:12 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:23:12 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:23:13 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
1970-01-01 00:23:23 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:23:23 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:23:33 3-Critical U001.0 No UCD's Received - Timeout
1970-01-01 00:23:33 6-Notice M572.0 T1 No Ucd Timeout - Reinitialize MAC...
1970-01-01 00:23:34 3-Critical T001.0 SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing
So, there is this function named glXProcGetAddress() that will return the memory address of an OpenGL function. Here is what it gives for 3 function names when compiled for 64-bit:
$ ./test64
glTexSubImage2D = 0x7fbc98e80b00
glProvokingVertex = 0x7fbc98e82760
glBogusFunctionName = (nil)
But this is what the binary says on 32-bit:
$ ./test32
glTexSubImage2D = 0xf774c880
glProvokingVertex = 0x8b33008
glBogusFunctionName = 0x8b33038
LOLWUT?
Okay so turns out the ia32-libs package in Debian is just a little bit outdated. So I hack upgraded it by manually pulling in the OpenGL stuff from the i386 packages. Its a little better now:
$ ./test32
glTexSubImage2D = 0xf7745db0
glProvokingVertex = 0xf7747a10
glBogusFunctionName = 0x8bba008
glProvokingVertex now has a more reasonable looking memory address. I find it more than a bit disturbing that a bogus function name does not return NULL, but according to someone in #winehq thats just fine by the spec. I still can't run Eve under Wine though. Turns out Eve requires S3TC, which is a bit patented and my open source video drivers don't support it.
So a few of the networks I have access to require me to SSH into a specific machine to gain access to the network. Previously I used a command like this:
ssh -t bastion.example.net ssh internal.example.net
Now SSH has long had a ProxyCommand so that it could route its traffic through the standard I/O of another program. The trouble is that SSH itself was not capable of acting as this other program. Then I saw this in the OpenSSH 5.4 release notes:
* Added a 'netcat mode' to ssh(1): "ssh -W host:port ..." This connects
stdio on the client to a single port forward on the server. This
allows, for example, using ssh as a ProxyCommand to route connections
via intermediate servers. bz#1618
Here is the .ssh/config file for those who are lazy:
Host internal.example.net
ProxyCommand ssh -qW %h:%p bastion.example.net
Now I can log in with just:
ssh internal.example.net
Bonus? scp works over this just fine.
Amazon EC2 just rolled out a new instance type called a spot instance. So the short version is that each hour Amazon sets a spot price based on current supply and demand. Users of EC2 can have instances run as long as the price is beneath a spot limit that they set.
So I checked the recent spot pricing for an m1.small machine in the us-east zone and its between $0.025 and $0.035 per hour. This same machine as an on-demand instance (the original type) is $0.085. Now Amazon's goal is clearly to monetize their idle CPU time by offering a low cost option for data analysis work. But, if we make one little assumption we can use it to get a discount for on-demand instance.
So what do you think the chances are that Amazon has capped the spot price at the normal instance price? If they did, then you could just convert all your on demand instances to spot instances with the spot limit set to the normal price. That way your instance always stays up and you get a discount when the spot price is lower!
This only works for on demand instances though, a 3-year reserved instance is $0.041/hr and a 1-year reserved instance is
$0.056/hr for that same machine type. Depending on where the market goes, its probably a safer bet to keep those reservations.
Update: On a side note, I wonder if Amazon will actually bill me $0.052 for the two $0.026 instances I started for a moment while playing with it. I've always wanted to write a check to my credit card company for $0.06
I really wish Apple would allow focus follows mouse in OSX outside of just Terminal.app and X11.app. Even Windows supports it, the setting is available in TweakUI.
Lots of people say I'm crazy when I talk about focus follows mouse and I eventually learn they think focus means which window is on top. So let me clarify:
Focus means which window gets keyboard input.
Focus does not mean which window is on top.
The confusion comes from the fact that OSX and Windows automatically put the window with focus on top, this is actually called autoraise. Autoraise and focus follows mouse are related features that should both be configurable. As you can see in the following screenshot, TweakUI allows autoraise to be enabled or disabled if focus (called activation) follows mouse is enabled.
Why won't Apple give us the ability to enable focus follows mouse and disable autoraise?
The VBox 3.1 changelog noted something about disabling the dock on OSX. So I did some googling, eventually found a shareware app that could also do it. I reverse engineered that and found these:
defaults write com.apple.dock orientation -string bottom
defaults write com.apple.dock pinning -string end
defaults write com.apple.dock autohide -bool true
defaults write com.apple.dock tilesize -float 1e-17
Why would I pay $14.95 for that?
For the curious the legitimate values for those keys are:
defaults write com.apple.dock orientation -string [left|bottom|right]
defaults write com.apple.dock pinning -string [start|middle|end]
defaults write com.apple.dock autohide -bool [true|false]
defaults write com.apple.dock tilesize -integer [1-256]
The OSX Preferences GUI only allows tilesizes from 16 to 128 and doesn't allow setting the pinning value.
I updated my desktop to the 2.6.32 kernel today and was greated with a pleasent suprise. I have 3d acceleration with the open source radeon X driver now! I stopped using the closed source fglrx driver a few months ago because ATI dropped support my laptop's graphics card. This kind of pissed me off because that card isn't even 3 years old yet.
I'm not sure if it was the new graphics layer in the 2.6.32 kernel or an update to Xorg that I hadn't restarted X for that did it. Regardless of how it happened, it is awesome. I tried enabling KMS support too, but I need the 1.7 release of Xorg for that I'm still on 1.6.
I've been getting my quake3 fix today...
My friend linked mathematica into an IRC channel, so I started playing with commands like Run[], FilePrint[], etc., You know, the ones that let you run system commands:
14:27 <@mjgardes> if you get your ssh key in there, what will you do with it?
14:27 < NUXI> im not sure
14:28 <@mjgardes> it's behind NAT
14:28 < NUXI> math: "ssh-rsa *snip" >> /home/math/.ssh/authorized_keys
A little bit later (after he hardens it more) something occurs to me:
15:12 < NUXI> math: FilePrint[FromCharacterCode[{33}] <> "bash -c
'echo;/sbin/ifconfig eth0'"]
15:12 < math> eth0 Link encap:Ethernet HWaddr 00:16:d4:dd:e4:c2
15:12 < math> inet addr:192.168.0.37 Bcast:192.168.0.255 Mask:255.255.255.0
15:12 < math> inet6 addr: 2001:5c0:1103:1400:216:d4ff:fedd:e4c2/64
Scope:Global
15:12 < math> inet6 addr: fe80::216:d4ff:fedd:e4c2/64 Scope:Link
15:12 < math> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
15:12 < math> RX packets:1141505 errors:0 dropped:0 overruns:0 frame:0
15:12 <@mjgardes> crud
Isn't that a lovely IPv6 address?
nuxi@nobel:~(130)$ ssh math@2001:5c0:1103:1400:216:d4ff:fedd:e4c2
Last login: Tue Dec 8 13:30:55 EST 2009 from babylon.chroma on pts/8
math@merle ~ $
I win!
My friend recently asked for some assistance optimizing some SQL. You might want to read the code on his page, I don't have a pretty syntax highlighter in my blog. I don't usually use MySQL because I prefer Postgres, but the offer a free beer prompted me to take a peek anyway.
His database schema was as follows:
CREATE TABLE IF NOT EXISTS `MyDatabase`.`TRK` (
`id` int( 11 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`latitude` float NULL ,
`longitude` float NULL ,
`altitude` float NULL ,
`date` date NULL ,
`time` time NULL
) ENGINE = MYISAM DEFAULT CHARSET latin1 AUTO_INCREMENT=1 ;
CREATE UNIQUE INDEX lldt ON `MyDatabase`.`TRK` (`latitude`,`longitude`,`date`,`time`);
And the query that needed help is:
SELECT latitude, longitude, date, time, CONCAT(date, ' ', time) AS trk_dt_0,
'$dat1 $tim1' AS trk_dt_1 FROM TRK WHERE UNIX_TIMESTAMP(CONCAT(date, ' ', time)) >
UNIX_TIMESTAMP('$dat1 $tim1') ORDER BY UNIX_TIMESTAMP(trk_dt_0) ASC LIMIT 1;
Generally speaking the first step of optimization should be ensuring that the WHERE clause of your query is using an index. In this case, the WHERE clause is not even directly working on fields of the database. A short description of how this query runs would be:
1. Retrieve a row from the database
2. Combine the date and time fields
3. Compare them against the specified value
4. If it matches add to the result set
5. Repeat until end of database reached
6. Order the results
7. Select the first one
So the first step in optimizing this query is to just combine date and time fields in the database. The two halves can easily be seperated in the PHP application if necessary.
CREATE TABLE IF NOT EXISTS `MyDatabase`.`TRK` (
`id` int( 11 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`latitude` float NULL ,
`longitude` float NULL ,
`altitude` float NULL ,
`datetime` datetime NULL ,
) ENGINE = MYISAM DEFAULT CHARSET latin1 AUTO_INCREMENT=1 ;
CREATE UNIQUE INDEX lldt ON `MyDatabase`.`TRK` (`latitude`,`longitude`,`datetime`);
Obviously this had to be done through a more complex conversion script for the live database. You would do that by adding the new column, running a script to copy the data from the seperate date and time fields into the combined field, and then delete the two old columns. So the new SQL query looks like this:
SELECT latitude, longitude, datetime, '$dat1 $tim1' AS trk_dt_1 FROM TRK WHERE
datetime > '$dat1 $tim1' ORDER BY datetime ASC LIMIT 1;
At the very least we have less typing for the programmer, but this alone apparently brought the runtime from over 11 hours to 45 minutes! Consider the steps now used:
1. Retrieve a row from the database
2. Compare the datetime against the specified value
3. If it matches add to the result set
4. Repeat until end of database reached
5. Order the results
6. Select the first one
The next step in optimization is to actually add our index to the datetime field.
CREATE UNIQUE INDEX dt ON `MyDatabase`.`TRK` (`datetime`);
Now the WHERE clause of the SQL query operates against the index instead of the full table. Searching an index is much faster than searching the database as a whole. A full row only needs to be retrieved if it is part of the result set.
So now the steps taken by the database engine are:
1. Retrieve a row from the index
2. Compare the datetime against the specified limit
3. If it matches add to full row from the database to the result set
4. Repeat until end of index reached
5. Order the results
6. Select the first one
Another benefit in this case is that our results are also sorted by the index and generally speaking the index itself is sorted...
1. Retrieve a row from the index
2. Compare the datetime against the specified value
3. If it matches, return the full row from the database and exit
4. Repeat until end of index reached
Now the first row that matches will cause the search to just exit. This optimization brought the overall runtime from 45 minutes to 3 seconds! Thats right, it apparently ran in 3 seconds.
My friend Peter suggested another optimization that he has told me about in the past. One SELECT query that returns 10 rows is much faster than 10 SELECT queries that return one row each. The application in this case is actually requesting every row of the database twice! First it requests every database row, and then for each one it requests the row immediately following it chronologically. With a little redesign the SQL query in the loop could be removed:
The redesigned PHP with only a single SQL query
Another minor optimization you can usually perform is defining fields as NOT NULL unless you actually need to store null data. I read a blog post once that claimed NULL was the biggest mistake in SQL design. Whether or not that is true is way above my head, but you can definitely squeak a tiny bit more performance out by not allowing NULL if you don't have to.
CREATE TABLE IF NOT EXISTS `MyDatabase`.`TRK` (
`id` int( 11 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`latitude` float NOT NULL DEFAULT '0',
`longitude` float NOT NULL DEFAULT '0',
`altitude` float NOT NULL DEFAULT '0',
`datetime` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
) ENGINE = MYISAM DEFAULT CHARSET latin1 AUTO_INCREMENT=1 ;
What I've mentioned above is nearly universally true, although creating a lot of different indexes will eventually slow down your database. What I mention below is more in the deep magic category, it may help or hurt your performance. You should always explore the benefits using things like the EXPLAIN command. EXPLAIN is not a standard SQL command, so here is the Postgres and MySQL documentation.
One trick on tables with lots of fields where we regularly need a very small subset of the data is to simply put all the fields in our index. My friend's database already had such an index, but the EXPLAIN command showed it was unused.
CREATE UNIQUE INDEX lldt ON `MyDatabase`.`TRK` (`latitude`,`longitude`, `datetime`);
By redefining this index with datetime first, MySQL will use it when running the search.
CREATE UNIQUE INDEX lldt ON `MyDatabase`.`TRK` (`datetime`, `latitude`,`longitude`);
So now the operation of the database is:
1. Retrieve a row from the index
2. Compare the datetime against the specified value
3. If it matches, return the row from the index and exit
4. Repeat until end of index reached
Combining the two indexes on my friend's database will help the performance of INSERT, UPDATE, and DELETE, but it may end up slowing down SELECT. Only by actually testing it would you be able to tell if it was worth it.
I have a bit of a problem with an MS Exchange server some of my mail is controlled by. The biggest issue is that Exchange is munging the mail contents.
Exchange supports two different mail protocols. (well, 3, but we are going to ignore X.400) The first one is what you might call the native Exchange storage format and protocol, MAPI. MAPI is also the protocol used by MS Outlook to talk to Exchange.
The second protocol is the standard SMTP format message called RFC822, or sometimes called MIME format in the Exchange documentation. This is the format used by SMTP, POP3, and IMAP. This is the format used by Exchange when it needs to talk to the real world.
Exchange 2003 stored messages in two different databases. One database stored mailed that arrived in MAPI format, the other stored mail that arrived in RFC822 format. Mail would be converted on the fly from one format to the other as needed.
Now this conversion from one format to the other causes some loss of information, such a thing is inevitable. So obviously, its important to only do this conversion when necessary right?
Exchange 2007 only stores mail in MAPI format. All incoming mail is converted to MAPI and it is converted back to RFC822 format if needed. So if you are an IMAP client to Exchange 2007, your mail is converted from RFC822 to MAPI and then back to RFC822.
Yeah, that double conversion works about as well as you might expect.
This is the classic asciibetical mode, its always case sensitive:
nuxi@nobel:~/wtf(0)$ echo $LC_COLLATE
C
nuxi@nobel:~/wtf(0)$ ls
Makefile makefile
nuxi@nobel:~/wtf(0)$ ls m*
makefile
nuxi@nobel:~/wtf(0)$ ls [m]*
makefile
nuxi@nobel:~/wtf(0)$ ls [mn]*
makefile
nuxi@nobel:~/wtf(0)$ ls [m-n]*
makefile
Now here is the en_US mode, its sometimes case sensitive and sometimes not:
nuxi@nobel:~/wtf(0)$ echo $LC_COLLATE
en_US.UTF-8
nuxi@nobel:~/wtf(0)$ ls
makefile Makefile
nuxi@nobel:~/wtf(0)$ ls m*
makefile
nuxi@nobel:~/wtf(0)$ ls [m]*
makefile
nuxi@nobel:~/wtf(0)$ ls [mn]*
makefile
nuxi@nobel:~/wtf(0)$ ls [m-n]*
makefile Makefile
And this is why I always set LC_COLLATE to C even when I run Unicode stuff.
Dear Microsoft,
You do not need to pack the .DMG (Max OSX disk image) for the Remote Desktop Client in an archive container. The only thing you did was increase the file size.
-rw-r--r--@ 1 jadevree jadevree 1434112 Aug 14 11:22 RDC103EN.bin
-rw-r--r--@ 1 jadevree jadevree 1433909 Sep 21 2004 RDC103EN.dmg
I see this all the time with single binaries in a zip archive...
My cable provider, Comcast, has sent out a letter saying they will be dropping all analog cable service and going digital only in October 2009. With this change I will no longer be able to recieve cable tv without needing equipment from Comcast.
If only there was some part of the government that was supposed to be protecting my ability to use my own equipment on a cable TV system. Thats not wishful thinking, its actually part of the Telecommunications Act of 1996. The only problem is that the FCC considers CableCARD to be a perfectly cromulent solution to this.
The FCC is perfectly capable of truely enforcing the provisions of federal law that require the system to be accesible by end user owned equipment. The content providers will of course claim that they can't possible provide digital content without some form of protection. They've been doing so about digital TV since atleast 2003 when CBS stated:
If a broadcast flag is not implemented and enforced by Summer 2003, Viacom's CBS Television Network will not provide any programming in high definition for the 2003-2004 television season.
Here is a hint: today CBS and everyone else are broadcasting high definition digital content without the broadcast flag. Although it was't FCC that called their bluff, they fell for it. You can thank the EFF and ALA for stepping up and blocking the broadcast flag in court. Thanks to their efforts, there is no DRM in digital broadcast television.
The content companies use the same line to promote the idea that DRM is a necessary aspect of digital cable. This is the same message and the same bluff as before. The FCC needs to step up and actually require that the system be accesible in a DRM-free way to end user devices.
Consumers should be able to build their own DVRs that directly record the digital cable signal, but because of the failure of the FCC to protect their rights as consumers this isn't possible.
Nope, my ad block software is working as designed. Thank you for asking though.
My KVM has herpes :P
A few years ago I wrote a program that generates a highly compressed PNG file. Something on the order of a ratio of 1,000 to 1. This was all fun and games, but the output files I have (I lost the source code) don't do much of anything to modern computers. 1 GB just isn't very impressive by today's standards. So I took it to the next level.
Using bzip2, I wrote an app that does a ratio of about 1,800,000 to 1. Strangely enough 0x00 is not the optimal byte to compress with bzip2, 0xFB is. This is due to the first pass of bzip2 being RLE. Any sequence over 4 bytes long is converted into 4 bytes followed by a length byte. The highest value that can appear as the length byte is 0xFB (251). Obviously this means any stream of 0x00 is converted to a sequence of 00 00 00 00 FB, which is less than ideal. Streams of 0xFB on the other hand are converted to FB FB FB FB FB.
Bzip2 also compresses in blocks with each block containing up to 45,899,235 bytes. A stream of 0xFB compresses down to blocks 26-bytes long. I can pre-compute the checksum of a single block and just dump it to a file repeatedly! Thus is born my latest toy program.
1 TB file
Source code
Some day I may rewrite my app that makes giant PNG files and actually put some thought into how the deflate compression algorithm works and what uncompressed PNG chunks look like. I may be able to improve on the 1,000 to 1 compression ratio I obtained with the original.
My firefox extension is coming along nicely. I have the easy part of it done and I learned some cool stuff. Like how putting chrome://browser/content/browser.xul into the address bar can get you tabs within tabs.
I also fixed the scrollbars in the theme I have for Firefox on my work lappy. (The default OSX theme is icky)
My former roommate wrote a module for unrealircd that enabled unicode nicknames. I'm currently a hammer and sickle on IRC. :D
☭
Its really messing with some people's terminals, especially the nicks that are in a RTL alphabet.
Update: I found the swastika in the unicode tables while trying to find a symbol that would make a decent pacman. The left and right handed versions are below. Yes, I'm using one of them as my IRC nick.
卍 卐
I'd like to note before anyone without a sense of humor complains, that the swastika was originally a symbol of good luck. Not that this will stop any people without a sense of humor from complaining.
$ ./autopoke.py
Retrieving Login Page
Logging In
Logged In
Retrieving List Of Pokers
Poking Steven
Poking Lenore
Poking Adam
Edit: I changed it around a bit, here is the current output (its being run automatically now)
Lock acquired
Sun Sep 14 18:45:01 2008
Logging In
Retrieving List Of Pokers
No one loves you :(
Lock released
Lock acquired
Sun Sep 14 18:58:42 2008
Logging In
Retrieving List Of Pokers
Poking Lenore
Lock released
Its entirely possible for your kernel to tell you it got a happy meal with fry guys.
So despite most of my projects sitting around half completed. I've decided to finally start one I've been threatening to do for awhile.
Ever wonder how much RAM programs really use? I intend to find out. BTW /proc/<pid>/(maps|stat|status) lies to you regarding memory usage. Just in case you missed that memo ;)
The trick is getting all the data I want atomically without introducing a deadlock. Did I mention this involves a kernel hack? I don't know what I'll find out, but if I knew what I was doing it wouldn't be called research.
So lots of people have been getting a problem where trying to start the vmware GUI on sid results in a nice backtrace and the final line:
vmware: ../../src/xcb_lock.c:77: _XGetXCBBuffer: Assertion `((int) ((xcb_req) - (dpy->request)) >= 0)' failed.
If LIBXCB_DISABLE_SLOPPY_LOCK the traceback changes slightly:
vmware: xcb_xlib.c:82: xcb_xlib_unlock: Assertion `c->xlib.lock' failed.
This will fix both of those problems and probably any others that have errors that involve the acronym xcb in it somewhere.
The solution is actually pretty simple, you just need to let vmware use an older copy of libX11. Although how to do this without holding half of X back is a bit trickier. First we need the library, you can get it from me or get it from Debian. I might as well show how to manually extract a .deb:
mkdir /tmp/foo
cd /tmp/fpp
wget http://http.us.debian.org/debian/pool/main/libx/libx11/libx11-6_1.0.3-7_i386.deb
ar -x libx11-6_1.0.3-7_i386.deb
tar -zxf data.tar.gz
data.tar.gz contains all the stuff related to actually using the package. control.tar.gz contains all the control scripts for apt and dpkg. Both of these are tarbombs which is why you make a new folder to unpack them in.
/tmp/foo/usr/lib/libX11.so.6 is the library
$VMWARE_PREFIX is wherever you told vmware to install. I keep mine in /usr/local and I forget where the default is. Its easily spotted in that backtrace you get when you try to start vmware if you forget where you put it ;)
mkdir $VMWARE_PREFIX/lib/vmware/lib/libX11.so.6
cp libX11.so.6 $VMWARE_PREFIX/lib/vmware/lib/libX11.so.6/libX11.so.6
Then edit $VMWARE_PREFIX/lib/vmware/lib/wrapper-gtk24.sh. Look for the part that looks like this: (For 1.0.6 this is line 65)
vm_append_lib 'libfreetype.so.6'
vm_append_lib 'libXft.so.2'
vm_append_lib 'libXrender.so.1'
Add a line after these that says:
vm_append_lib 'libX11.so.6'
vmware's GUI should run now and you don't have to actually downgrade libX11-6!
Running vmware headless is very convient for running servers to debug various things. The real trick is getting the serial port working because vmware doesn't make a TTY device, it makes a named pipe. Luckily someone on IRC helped me out with that part by recommending an application called Socat. Now I can do kernel hacking in vmware without needing the GUI open in case networking doesn't come up!
socat UNIX-CONNECT:/tmp/vmware-console PTY,link=/tmp/vmware-serial,raw,echo=0
/tmp/vmware-console is the named pipe created by vmware. The correct settings for the serial device are:
* Use named pipe
* This end is the server
* The other end is an application
/tmp/vmware-serial is the TTY device to give to minicom or your serial console app of choice. The speed settings don't seem to matter.
You can put those files anywhere, but minicom has been modified by some distros to not like TTYs that aren't in /dev
vmrun can be used to control the state of the VM.
This is also good if you are running production boxes in vmware.
nuxi@junkers:~(0)$ ps
PID TTY TIME CMD
4866 pts/10 00:00:00 bash
4871 pts/10 00:00:00 \_ ps
nuxi@junkers:~(0)$ gdb /usr/bin/gdb 4872
GNU gdb 6.7.1-debian
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
I refuse to debug myself!
/home/nuxi/4872: No such file or directory.
(gdb)
Apparently I have to be more clever:
nuxi@junkers:~(0)$ gdb /usr/bin/gdb
GNU gdb 6.7.1-debian
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
(gdb)
(1)+ Stopped gdb /usr/bin/gdb
nuxi@junkers:~(148)$ ps
PID TTY TIME CMD
4866 pts/10 00:00:00 bash
4885 pts/10 00:00:00 \_ gdb
4887 pts/10 00:00:00 \_ ps
nuxi@junkers:~(0)$ fg
gdb /usr/bin/gdb
set args /usr/bin/gdb 4885
(gdb) run
Starting program: /usr/bin/gdb /usr/bin/gdb 4885
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(Thread debugging using libthread_db enabled)
(New Thread 0xb7ccb6b0 (LWP 4888))
(no debugging symbols found)
(no debugging symbols found)
GNU gdb 6.7.1-debian
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
Attaching to program: /usr/bin/gdb, process 4885
WIN!
Occasionally I'll see of a cry of "you're spamming my inbox" on a mailing list I'm on. This is usually after a heated argument on a topic that occured on a normally low traffic mailing list. Well I hate to say it but if that is true then you're doing it wrong!
(Note: I'm not picking on anyone. I've been tempted to do this for awhile and someone who knows the insane volume of my email asked me to explain how I do it)
I get about 100 legitimate emails per day in my personal mailbox and 100 more in my work email box. I don't keep records of how much spam I get but based on overall internet statistics it is probably 200-300 messages a day. Spamfiltering is really beyond the scope of this post but I use Bogofilter. Just so you get an idea of how much that is, I fill my MTU mail quota every 6 months. I don't delete anything either, I have one folder with 15,000 messages in it.
Sadly, I can't provide examples for mail clients I don't use so you'll have to make do with the suggestions and specific examples of mine and see if yours will do it too. You can post a reply asking in the hopes that someone else can help you, but I suggest you head to the appropriate forum for your mail client to ask.
1. Folders
If you let all the email go to your inbox, it will drive you crazy. Thats why someone invented mail filtering so that you could sort your email into different folders automatically. Personally I don't let my actual mail client do this because that means if I'm somewhere else and use a different mail client to access the email box my mail isn't sorted.
Instead I use a tool called Procmail. Procmail runs whenever you recieve email and filters it before your mail client gets to touch it. Procmail has a config file where you specify the conditions and then where to put the email. Here is the line of mine that filters the email from partners-l:
:0
* ^Sender: owner-partners-l@mtu\.edu
.partners/
Thats a very simple rule as far as procmail goes, so I'll explain it. First I have no idea what :0 means but it marks the start of a rule. The next line gives the condition it matches. The final line is the mailbox to save it to. Both the leading . and trailing / are part of the folder, they indiciate the format of the mailbox which is maildir for this example. Procmail can be much more complex, but this is a very basic use of it so it is rather simple.
One item of note here is that I am filtering on the Sender header instead of To or CC. This is because some messages were being sent to partners-l@mtu.edu and lug-l@mtu.edu. I'm on both lists and would recieve two copies of the email. If I filtered based on the To or CC lines then both copies would end up in the same mailbox. By filtering on a line that is set as it is handled by the mailing list software I can get one copy in each mailbox! Pretty cool huh?
Other common headers you can find are X-Loop, X-BeenThere, and MailingList. Exactly which one is used depends on the mailing list software involved.
Most mail clients support filtering, although some only support doing it on certain headers. At work I'm currently using Mail.app (OSX mail client) to perform the filtering and it is working out rather nicely.
2. Threading
This is one a lot of people aren't even aware of cause few mail clients support it and fewer enable it as a default. But nothing is better for a mailing list! What a threaded mail client does is organize email by topic. There are different ways to do this (none of which are perfect) but overall it handles it rather nicely. My spies tell me that Thunderbird and Mail.app also support this feature. Outlook of course is taking the short bus and barely supports RFC822. Personally I use this nice little application called Mutt because "All mail clients suck, this one just sucks less." as the author describes it.
Assuming you filtered your mail, that is probably how you saw all the email come through. Imagine if there was an important email hiding inbetween all that junk!
That is roughly how a threaded mail client would display today's fun. Notice how with threads a new topic or branch of a discussion is easily noticeable? When you're on lists that have a half dozen discussions going on at any given time this can be very useful.
3. Threading part II: Collapsing
The cool thing about threading is that since your mail client has already grouped a discussion, it can easily ignore the discussion too! Here is a picture of ust the main KVM argument collapsed:
See, now I won't see any new email to the thread cause it is hidden beneath the top post. Many threaded clients also support collapsing all threads:
4. Ignoring a thread
Just for a quick example, this is the folder I store all my LUG and 2600 email in. This folder contains 3 mailing lists.
Obviously I didn't read a lot of that (the 'O' means unread) but it is still easily manageable.
5. Do not feed the trolls!
I cannot stress this one enough. Some people have turned trolling into an art. My favorite troll ever was a message titled "Not to start a flamewar but reiser sucks ass" in a discussion about filesystems. I was actually laughing too hard to feed it, much to the disappointment of the author. Although if I remember right, he somehow succeeded anyway.
I didn't deliberately troll the list this time. All I did was tag the end of my message with the joke, "(plus why would you want to use windows?)". This was a silly observation I made to make the problem at hand irrelevant. Now lets make this very clear:
NEVER RESPOND TO A TROLL
If you feed a troll you have no one but yourself to blame for the result. Trolls, like creationists, are not bound by silly things like logic or facts. You are not likely to do anything but encourage them. Trolls are very good at what they do and they are usually in cahoots behind the scenes. Do not attempt to get the last word unless you are admitting defeat, a good troll won't let you have it. Remember, a troll is faking stupidity and as the saying goes:
"Never argue with an idiot, they drag you down to their level and then beat you with experience." -Anonymous
6. Don't complain about spam (if its trolling or a flamewar)!
Unless you are the list administrator there is nothing you can do and it really only tells them that they are succeeding. Usually it only heads to the topic of spam and those noisy vikings. Which is a topic full of it's own flamewars that you don't want to encourage.
I hope you can use these hints to better manage your email load. For a final note, here is a 200 message discussion on a mailing lists (hidden off screen is 100 more messages in a different thread). Now that is a mailing list :)
Since working on FADECs for 8 months and participating in the subsequent FAA audit makes me an expert, I've been asked what I think about the crash. Sadly I can't provide any better insight than what you can find in the news. The short version is the both engines failed to respond to both an automated and manual request for more thrust which resulted in insufficient thrust to allow the plane to reach the runway. The passengers were lucky they had a pilot who was good at flying a brick. If you want to know more you'll just have to wait for the official accident investigation report.
Although I can't provide any specific insight into this crash, I would like to take a moment to talk about software engineering and the obession with ISO 9000. This really doesn't have anything to do with the crash, I just like excuses to rant on topics.
ISO 9000 is not about producing good code its about producing consistant code. No amount of process can replace the knowledge required to produce good code. The belief that consistancy means quality is hardly unique to engineering. This same belief is contained in the adage "Practice makes perfect." My band teacher used to say "Practice makes permanent" instead because all practice does is teach you to do it consistantly. Consistancy is only a virtue if you aren't a screwup.
I have a sporadic problem where my ipv6 link-local addresses vanish, my temporary solution is a little snippet of C which spits out the right link-local addr to re-add to the interface:
http://www.vault24.org/lladdr.txt
The next version should actually run the command, but this one works close enough.
Never add a Wireless card in client mode to an ethernet bridge. Its just asking for trouble really. Something about the IPv6 packets that come out the wifi interface disagree with my AP's wireless card firmware. The packets don't even show up for tcpdump. To work around this I'm now running a 6-in-4 tunnel from the AP to the wireless bridge.
The catch is that IPv6 from the AP -> wireless bridge works. So I can't run radvd anymore to provide IPv6 autoconf. The network basically shits its pants with a routing loop. Its rather amusing actually, I get funny errors like this:
# ping6 2001:4830:1546:1::10
PING 2001:4830:1546:1::10(2001:4830:1546:1::10) 56 data bytes
From 2001:4830:1546:1::10 icmp_seq=3 Destination unreachable: Address unreachable
Don't think about that too hard or your head will explode.
1.5 hours into the build process:
ar: libgklayout.a: No space left on device
What kind of build system needs (and I quote from their own website):
* 512MB RAM with lots of available swap space. For static and XULRunner builds, 1GB RAM minimum. Additional RAM will significantly decrease build time.
* For debug builds: at least 1.5 GB free disk space (2 GB recommended)
* For optimized builds: at least 300 MB free disk space (500 MB recommended)
WTF??? Can someone please tell me why the system requirements for building a web browser are higher than that for building my operating system!
I had 1 GB, I figured that was good enough for somewhere between a debug build and a real optimized build. I'm using the debian package to build it with a small patch I'm testing.
Over the years I've developed a rather nice firewall script. It started as a bash script and has migrated to perl. It currently handles both IPv4 and IPv6. I have a nice helper script to run it from a Debian style network manager (ifup/ifdown)
I'm thinking about cleaning it up for release. I recently realized that start and stop are really just special cases of start, so I'm gonna fix that up first.
But my motorola e815 is now uncrippled successfully :)
This is a snippet of headers from two emails sent from my gmail account to my MTU email account (which forwards to tesla) and my local mail account:
MTU copy:
Return-Path: prvs=jon787=797db2745@gmail.com
Direct copy:
Return-Path: jon787@gmail.com
Last I heard (and I could be wrong) was that only gmail.com's servers were supposed to be modifing the part to the left of the @ symbol. They do this to my outbound email too. I had to reconfigure my mailserver to run this regex on inbound email becuase of this same shit. I'm still bitter that I had to work around their broken server, but they are uninterested in fixing this blatant RFC violation.
Now let's see what the RFCs have anything to say about this:
A host that is forwarding the message but is not the destination host implied by the right-hand side "domain" MUST NOT interpret or modify the "local-part" of the address. - Section 5.2.16 of RFC 1123, October 1989
Hey look at that. Not even a new RFC, that one is nearly 20 years old. I found another, this one is marked as an update to RFC 1123:
Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address. - Section 2.3.10 of RFC 2821, April 2001 (emphasis mine)
History of problems you say? NO WAI! The only reason I even noticed this was because of mysteriously missing bounce messages. I think we could even consider anti-spam stuff (I've traced this stupidity to the IronPort anti-spam server) as "optimization" so they are doing exactly the thing the RFC was specifically worded to stop!
I think I found a bug in OpenLDAP. I'm not sure if its a configuration problem or a real bug. It seems to be leaking information that isn't in the results I can see from the anonymous user.
I posted earlier about a program on my USB drive that got flagged as a virus. Well I stuck it in a computer with a different A/V program and it didn't just get flagged, it got deleted! WTF the program is perfectly legit.
Now I have to go download it again :(
Since I tend to store the EICAR anti-virus test file on my USB key I'm used to have AV systems go apeshit when I put them in a computer, but this is the first time one of my old sysad utilities set one off.
Anti-virus warning
Program running just fine with AV disabled
I need a machine hacker tested. I put it up at bigredbutton.glasstheplanet.org. If you get into it leave a message saying how you did it.
Why do I always get to find these? Yeah I can't log in to any of my machines with passwords through SSH. Thank $DIETY for passwordless login methods like public key authentication and GSSAPI.
Follow along with the fun
This also explains why some people might have trouble logging into my firewall right now.
EDIT: And its fixed, I really must say the two Debian krb5 package maintainers are awesome. The previous bug I found was cooler though, since I shouldn't have even been doing what cause this one.
Okay I did have a link to some AACS proof of concept code, but my blog software is acting stupid with the latest PHP upgrade and I am unable to post any HTML.
I will say that the Emporer isn't wearing any clothes.
So I got an entire /48 of the IPv6 address space all to myself. This is about 1.20892581961463*10^24 addresses. Just for the reference there are 281,474,976,710,656 subnets this big in the IPv6 address space. That is more subnets than IPv4 has addresses!
With this I gave every computer in my apt an IPv6 address although I'm having some strange troubles with some of the hardware not supporting IPv6. To get my laptop an IPv6 address whever it goes I run a 6in4 tunnel over my VPN. If only OpenVPN would directly support IPv6. Its kind of cool though I can directly SSH into my laptop from any other IPv6 host online, no more NAT!
There also isn't any form of firewall cause I haven't set up ip6tables yet, so I'm not sharing the subnet info just yet.
I'm about to get my first new computer in 4.5 years. Actually my plans include up to 3 of them, although I'll be getting rid of one in the process.
Step 1, new server and move Tesla to firewall duty only.
Step 2, Mythbox (One of these will probably be on my birthday list)
Step 3, new workstation (plus move all non-public services to it)
The new LUG server runs Ubuntu instead of Debian :(
I guess I should explain that little counter on my website that currently reads 51 days. I'm lazy... really, really lazy. If I can automate something then I will, even if setting up the automation takes some effort. So about two or three years ago I wrote up a PERL script to do some housekeeping tasks in an account I had on a server at MTU. This script works so well that I quickly forgot it existed.
That is, until I got an email saying it failed to run two days ago. When I went to login to a server up there to check on it, I discovered my account was finally disabled. Now this would be the end of the story except for two little things:
1. Cron was attempting to run the program despite my account having a shell of /bin/false.
2. My account was disabled on this server approximately 51 days ago, I'm only getting an email now because they deleted my home directory. Until 2 days ago the cronjob was successfully running every night.
Now everyday at midnight I now get a notice saying my cronjob failed to run and there is nothing that I can do to disable the cronjob. Oops! So I figured I'd count the number of days until it gets disabled, which will probably be when the server is reinstalled.
Panera bot
This one logs you into panera's wifi. No secret backdoors, it just acts as a web browser and follows the normal login process.
Firefox has some sort of exploit in the cache system. Since there is gibberish at the end of this file I'd say this was an accident rather than a delibrate attempt to exploit Firefox, but I could be wrong.
screen cap
I'm pretty sure thats not CSS and I'm 100% sure that isn't the file on tesla's hard disk. The real base.cssand the other base.css file. Reloading the page doesn't fix it, I had to clear my cache.
Note to self: dump this in bugzilla tomorrow. See if they can make any idea out of it.
Download it
Oh and to get it out of FLV format, ffmpeg -ab 56 -b 500 -i in.flv out.mpg does wonders.
So I've had issues with the WECN terminal servers refusing to remember preferences and such. I figured out why today when I tried to enable X-Mouse in my account.
Figure 0
Last I checked, its a bad thing when CURRENT_USER can't write to HKEY_CURRENT_USER. Better check the permissions.
Figure 1
Okay I'm not listed, thats a bad thing (TM). Maybe I'm the CURRENT OWNER and thats why im not explicitly listed.
Figure 2
Nope, although checking an XP machine shows that Administrator always owns all the keys under HKEY_CURRENT_USER. I should have been listed in the ACL. Better do an effective permission check to make sure I'm not hiding somewhere.
Figure 3
Nope, I only have read access to my registry. Houston, I found my problem. Supposedly this was a Windows Policy setting to stop something, I'm not sure what. Now normally you can't just go editing your NTUSER.DAT (where HKEY_CURRENT_USER is stored) because the file is in use by Windows. Lucky for me I found my profile on the Samba server. One offline Windows Registry edit later:
Figure 4
Yes, I went through all of this work just to enable X-Mouse in my terminal server account.
We had the biannual "there is too much spam on the partners list" message. My reply:
You can never have to much v1agra!
(Just wait this will get flagged by myspam, just like most of the NANOG
discussion about spam)
Score at myspam.mtu.edu: 43%
I challenge another partner to do better without going over the quarantine mark (50%)
Someone in #mi2600 made a comment implying how few people actually know what the 2600 means.
So here is a piece of history from my college:
Photo taken by Peter.
If anyone in the Houghton area wants to see this sign for real it is down by the Portage behind the MEEM. Look for the power substation just west of facilities. There is a corresponding sign on the north side of the portage.
Also if you don't get why that sign is a part of history or can't figure out why 2600 is a reference to the telephone system and not computers, I'm not helping.
I was planning on doing a whole rant about this, but I'll just keep it short.
"The network builders are spending a fortune constructing and maintaining the networks that Google intends to ride on with nothing but cheap servers. It is enjoying a free lunch that should, by any rational account, be the lunch of the facilities providers." -John Thorne, Verizon
Thorne is full of it. This is tantamount to a farmer claiming that you are getting free milk because you didn't pay him for it. Just because you paid him through an intermediary doesn't mean you didn't pay him for it. Google buys bandwidth from multiple companies (which obviously doesn't include Verizon) and these companies have their own agreements between each other for payments. Eventually you can trace this line of payments to Verizon.
Note: I started doing this before Firefox's adblock extension existed. I still do it because I already run BIND so its not a big hassle.
About 3 years ago I noticed that many pages would stall downloading images from places like doubleclick.net. The reason was that the servers hosting the images were being overloaded. The only adblocking in Mozilla at the time was the "Block images from this host" feature and that wasn't quite good enough because it wasn't always an image. Sometimes the ad would come from the server in a complete IFRAME or as a script that created HTML on the fly for the image. These requests were just as slow as the requests for the images.
My first idea was to block them at the DNS level using the HOSTS file. This file is just a series of entries of the form:
[IP Address] [hostname]
This tells your computer that hostname is at ip address so that it doesn't have to do a DNS request. This can be subverted to act as a poor man's firewall if you want. Say we want to block www.google.com we could put this line in the hosts file:
127.0.0.1 www.google.com
Now our computer believes that www.google.com is at 127.0.0.1 (Note that this address always points to the machine you are using). This method has three flaws:
1. If you run a webserver on the local machine it might end up pulling valid pages off of it. We haven't blocked the ads as much as lied about where the ads are.
2. Other servers at Google like maps.google.com or images.google.com would have to each have their own entry.
3. Really large hosts files can end up slowing down the computer, it really wasn't meant to hold hundreds of entries.
BIND removes all 3 of these problems. BIND was designed to handle hundreds (if not thousands) of entries, we can block entire domains at once, and we can claim the server doesn't exist instead of lying about it's location. All you need is an "empty" zone file: (which may or may not come with your installation of BIND)
$TTL 86400
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ IN NS localhost.
And to add the following line to named.conf for every domain you wish to block:
zone "domain" { type master; file "/path/to/db.empty"; };
This can almost certainly be replicated with any DNS server out there.
How effective is this? I think it is quite effective. To the point that forget how many ads are on some websites I visit regularly. Take my favorite news source, Fark as an example:
Without blocking
With blocking
Ultimate ad blocker
IPsec still isn't working from Panera, but a new experimental feature of OpenSSH allows me to use it as a VPN. I don't have it terribly well configured at the moment though. Right now I'm using it as a layer 3 tunnel to my server, but without the firewall rules that let my layer 3 IPsec tunnel in. I'm gonna shoot for a layer 2 tunnel later.
Okay so the result of my previous endeavour into the kernel was that the reason the address remains accessible is that under Linux the host owns the addresses not the interface. So keeping the address accessible when the interface goes down is completely normal. (Although why it goes away when the driver for that device is unloaded is left in question then.) According to RFC 1122 section 3.3.4.2 this is completely acceptable and falls under the "Weak ES" model of multihoming. There is another model described which does associate addresses with interfaces instead of hosts, this is known as the "Strong ES" model.
The argument between the strong and weak models has been brought up on Bugtraq in March 2001 (discussion) and on linux-net in December 2005 (discussion) If anyone knows of any more extensive discussions of this, please post a link. I think there are very good arguments for keeping the weak ES model in Linux. I also think that Linux firewalls could benefit from the Strong ES model being an option in the kernel.
I have seen many incorrectly configured firewalls made by users that do not realize that the addresses belong to the host not to the interface. The strong ES model can be more or less emulated by firewall rules, sysctl options, and routing table modifications. The problem is that these changes are not documented very well for new users setting up firewalls with Linux.
I think that concentrating all these settings into a single kernel option would be advantageous to those who wish to run Linux as a firewall. This would reduce the chance of misconfiguring the firewall and simplify the setup for those of us who do know the required modifications.
I haven't really looked deep into the routing code, but I don't see why it wouldn't be possible to make a single sysctl setting that controls whether the kernel behaves according to the strong or week multihoming model.
According to netdev the thing that has been annoying me is a feature not a bug. I still don't like it, but atleast someone answered my question this time.
Oh well, atleast I had fun poking around the kernel for a few days. (and I can use my patch to make it work the way I think makes more sense)
zerone:~# ifconfig dummy0 1.2.3.4
zerone:~# ping -c 1 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4: icmp_seq=1 ttl=64 time=0.138 ms
--- 1.2.3.4 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.138/0.138/0.138/0.000 ms
zerone:~# ifconfig dummy0 down
zerone:~# ping -c 1 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
--- 1.2.3.4 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
zerone:~# ip route show table local dev dummy0
There is an explicit check in the routing table deletion to make sure routes that are internal to the system are not deleted. Whether or not this check was designed for other reasons or ones just not apparent to me at this time I'm not sure. It doesn't seem to have any ill effects yet, but I'm still testing. Anybody who would prefer this behavior and doesn't mind the possible ill effects can apply the following patch. In net/ipv4/fib_frontend.c inside of fib_netdev_event on or around line 636 change the last parameter of the call to fib_disable_ip from 0 to 1.
This might be in the IPv6 stuff too. If I can't find any issues with this fix in a few days I'm gonna send it to the linux netdev mailing list and see what they think. Followed by LKML itself.
Please stop stealing my DNS packets
When I ask to query the root DNS servers I should be getting this:
jon787@tesla:~(0)$ dig lug.mtu.edu @a.root-servers.net
; <<>> DiG 9.3.2 <<>> lug.mtu.edu @a.root-servers.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62974
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 8
;; QUESTION SECTION:
;lug.mtu.edu. IN A
;; AUTHORITY SECTION:
edu. 172800 IN NS L3.NSTLD.COM.
edu. 172800 IN NS D3.NSTLD.COM.
edu. 172800 IN NS A3.NSTLD.COM.
edu. 172800 IN NS E3.NSTLD.COM.
edu. 172800 IN NS C3.NSTLD.COM.
edu. 172800 IN NS G3.NSTLD.COM.
edu. 172800 IN NS M3.NSTLD.COM.
edu. 172800 IN NS H3.NSTLD.COM.
;; ADDITIONAL SECTION:
L3.NSTLD.COM. 172800 IN A 192.41.162.32
D3.NSTLD.COM. 172800 IN A 192.31.80.32
A3.NSTLD.COM. 172800 IN A 192.5.6.32
E3.NSTLD.COM. 172800 IN A 192.12.94.32
C3.NSTLD.COM. 172800 IN A 192.26.92.32
G3.NSTLD.COM. 172800 IN A 192.42.93.32
M3.NSTLD.COM. 172800 IN A 192.55.83.32
H3.NSTLD.COM. 172800 IN A 192.54.112.32
;; Query time: 48 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Mon May 8 16:48:00 2006
;; MSG SIZE rcvd: 302
Not this:
jon787@junkers:~(0)$ dig lug.mtu.edu @a.root-servers.net
; <<>> DiG 9.3.2 <<>> lug.mtu.edu @a.root-servers.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14193
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 2
;; QUESTION SECTION:
;lug.mtu.edu. IN A
;; ANSWER SECTION:
lug.mtu.edu. 83507 IN A 141.219.155.230
;; AUTHORITY SECTION:
mtu.edu. 83507 IN NS dns2.mtu.edu.
mtu.edu. 83507 IN NS dns2.merit.net.
mtu.edu. 83507 IN NS dns3.merit.net.
mtu.edu. 83507 IN NS dns.mtu.edu.
mtu.edu. 83507 IN NS dns1.merit.net.
;; ADDITIONAL SECTION:
dns.mtu.edu. 8052 IN A 141.219.4.30
dns2.mtu.edu. 8052 IN A 141.219.100.30
;; Query time: 41 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Mon May 8 16:46:53 2006
;; MSG SIZE rcvd: 180
This is really starting to bug me:
root@junkers:~(0)# ifconfig eth0 1.2.3.4
root@junkers:~(0)# ping -c 1 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4: icmp_seq=1 ttl=64 time=0.091 ms
--- 1.2.3.4 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.091/0.091/0.091/0.000 ms
root@junkers:~(0)# ifconfig eth0 down
root@junkers:~(0)# ping -c 1 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4: icmp_seq=1 ttl=64 time=0.093 ms
--- 1.2.3.4 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.093/0.093/0.093/0.000 ms
root@junkers:~(0)# ip route show table local dev eth0
local 1.2.3.4 proto kernel scope host src 1.2.3.4
Why is that entry not deleted? I'm going to spend my spare time tracing this sucker down and fixing it. I have no clue where it is in the kernel other than somewhere under net/
Since I can't easily do portability testing (I'm not putting this on MTU's machines) I'm making a beta release that still doesn't have anything fixed from last night.
Download page
NFS is a tad too trusting. I just finished my userspace NFS client up. I totally rebuilt it. There is now a backend library that translates between a vaguely UNIX File I/O API to the NFS calls. The frontend is a crude shell that lets you poke around the NFS share.
Features missing:
Enumerating the server's shares.
Forging file access/modification times.
Creation of device nodes.
Support for anything other than NFSv3/AUTH_UNIX.
Bugs:
I'm under the working assumption that it leaks memory like a sieve
I'll release the code later tonight or tomorrow on my website in the project area. I have to document the frontend and the API for the backend, although anyone familiar with the UNIX File I/O API should have no problems with the library.
As some of my friends know I'm adding WPA support to a Linux wireless driver for a class here at MTU. I've kept my complaints to myself until today. The following is actual code I found in it, that explains a few kernel panics:
isl_oid.h:
struct obj_mlmeex {
u8 address[6];
u16 id;
u16 state;
u16 code;
u16 size;
u8 data[0];
} __attribute__ ((packed));
Now remember that the 'data' member has no size, writing to it is a buffer overflow unless you allocate extra space for it. This is a horrid, but common trick used in C. The 'size' member refers to the size of the data in 'data'.
isl_ioctl.c:
confirm = kmalloc(sizeof(struct obj_mlmeex), GFP_ATOMIC);
*snip*
confirm->size = wpa_ie_len;
memcpy(&confirm->data, wpa_ie, wpa_ie_len);
What that first line should say is:
confirm = kmalloc(sizeof(struct obj_mlmeex) + wpa_ie_len, GFP_ATOMIC);
Despite the existance of the string 'wpa', this code is actually not part of what I'm working on. Back before the generic WE-18 implementation of WPA in the kernel each driver had to do it on it's own. This is from the vague implementation of WPA they tried to put in this driver before the chipset was changed by the manufacturer and all progress on the old driver stopped.
I actually got quite a bit of work done on this today sitting on the floor of my friend's house. I would have thought it would be more distracting over there, but its actually quite nice. We went to the bar sometime during the evening. Such a nice day up here today.
What is your prefered host naming scheme? I currently use scientists and inventors. Note the actual host name is only the persons's last name. Many of them are rough jokes about the machine in question.
Nikola Tesla - Firewall/Server
Alfred Nobel - Holds the 50 bazillion developement libraries I don't want or really need on Junkers
Hugo Junkers - Laptop
Marie Curie - Sun Ultra10 running Linux
Paul Baran - ES1200 managed switch
Richard Skrenta - Windows 2000 in VMWare
Johannes Kepler - Sun Ultra10 running Solaris
Edward Jenner - Sun Ray
Jonas Salk - Sun Ray
Albert Sabin - Sun Ray
wget -qO - http://google.com/ | sed -e '/login.php/!d' -e '/Guest/d' -e 's/.*<a href="\(.*\)login.php\(.*\)">.*/\1verify.php\2/' | wget --spider -qi -
Should work on any system with sed and wget.
jon787@nobel:~(0)$ lsusb
Bus 001 Device 003: ID 08e6:0432 Gemplus GemPC432 SmartCard Reader
jon787@nobel:~(2)$ opensc-tool -l
Readers known about:
Nr. Driver Name
0 pcsc GemPC432 00 00
/me whistles innocently
So I found a bug somewhere in Kerberos5 1.4.3. Working with the people on the MIT Kerberos mailing list I have determined that the data structure that is supposed to contain the information about a pthread mutex lock holds the value <kbd>/etc/krb5.conf</kbd>. No one is sure if this is just memory that never got initialized with lock information or if it was overwritten after initialization with another value.
nfs> server localhost
Connected to localhost
nfs> mount /tmp
Mounted /tmp
nfs> stat blah
Lookup succeeded
Type: 2 Mode: 40700 Links: 2
Uid: 0 Group: 0
nfs> cd blah
Lookup succeeded
nfs> stat .
Lookup failed: 13
nfs> setuid 0
nfs> stat .
Lookup succeeded
Type: 2 Mode: 40700 Links: 2
Uid: 0 Group: 0
nfs> stat asdf
Lookup succeeded
Type: 1 Mode: 100644 Links: 1
Uid: 0 Group: 0
nfs> setuid 1000
nfs> stat .
Lookup failed: 13
nfs> stat asdf
Lookup failed: 13
nfs> setuid 0
nfs> cd ..
Lookup succeeded
nfs> stat .
Lookup succeeded
Type: 2 Mode: 41777 Links: 7
Uid: 0 Group: 0
nfs> quit
jon787@junkers:~/nfsclient(0)$ ./nfs
nfs> server localhost
Connected to localhost
nfs> mount /tmp
Mounted /tmp
nfs> setuser jon787
nfs> lookup blah
Lookup succeeded on blah
nfs> lookup asdf
Lookup failed(13)
nfs> setuser root
nfs> lookup asdf
Lookup succeeded on asdf
nfs>quit
Its kind of kludgy still, lookup acts like cd but can cd into files which makes it impossible to leave.
The following MOUNTv3 commands are implemented:
mount
export
dump
unmount
unmountall
The following NFSv3 commands are implemented:
lookup
The following extras are implemented:
setuser - sets your AUTH_UNIX cookie to that user (uid and primary gid only)
BTW you can thank Sun Microsystems for this. 84% of the code in the program came directly from their specification for NFSv3. I need to find out what license the examples in the RFC comes with.
A bad upgrade to PAM locked me out of 2 of my machines, both are 500 miles away from me. I rooted the first by loading a setuid binary into the webserver folder and getting apache to exec() it. I have yet to come up with a way to root the second. All I need to do is overwrite a single file in /etc/pam.d and I'll be back into it. Since I have struck out I shall appeal to the internet, here is the machine listing: (version numbers come from debian packages)
Debian SID, completely updated as of Sunday.
2.6.13.2 Kernel
fingerd 0.17-9
nfs-kernel-server 1.0.7-3
nfs-common 1.0.7-3
openssh-server 4.2p1-5
racoon 0.6.2-2
portmap 5-16
For NFS I have root access to shares that are the same filesystem as /etc, they are mounted on the machine normally (aka they don't have the noexec or nosuid falgs). It is running the whole loadout of NFSv3 daemons (lockd, statd, mountd, nfsd).
OpenSSH is running privilege seperated with PAM and Protocl 2 only, root logins are set to public-key only.
I can put a setuid executable onto the machine that overwrites the PAM config file that is broken, all I need is a way to execute it. If anyone knows any current exploits for this setup that are capable of overwriting a file or exec'ing a file please drop me a line. Otherwise I'm locked out of my box until next week.
My professor for Computer and Network Security forwarded an X display by the following procedure:
xhost +some_cslab_machine
ssh some_cslab_machine
setenv DISPLAY her_ip_address:0
....
I'm speechless. This was NOT a demonstration of the dangers of doing that, it was demoing something completely different. I could demonstrate why she shouldn't do that though:
ssh some_cslab_machine
export DISPLAY=her_ip_address:0
while [ 1 ]; do
xeyes &
done
UPDATE: I asked her after class why she didn't use SSH's X forwarding. Apparently it wasn't playing nice with cygwin when she tried it from her office.
Conventional worms and viruses conceal themselves from the user by giving their files names that mimic standard operating system programs. A rootkit conceals itself from the user by patching the operating system to conceal its presence. It is this difference that distinguishes a rootkit from a simple virus or worm.
Last week a rootkit was spreading via messages on the AOL Instant Messeging service. These messages directed users to a website where the rootkit would be installed from. UNIX people have been dealing with rootkits for years, the name rookit itself comes from the name of the UNIX administrator account. Windows rootkits have existed for years but very few exploits used them.
Mark Russinovich recently discovered a Windows rootkit on his own system while writing a rootkit detection software. This shocked him because this wasn't one of the test machines that rootkits had been delibrately installed on. He eventually traced this rookit to the digital rights management software that got installed with an audio CD he had purchased. This rootkit is not removable except via the LocalSystem account, something most people don't know how to access.
Specifically Mark reports that the rootkit activates itself under safe mode, hides any file or directory that has the string '$sys$' in the name, patches the Windows system call table, and installs itself into the driver stack for CDROMs and IDE controllers.
I'm really not sure what to add, this is completely unacceptable behavior for a normal program to exhibit.
I'm having trouble with suspend to ram under 2.6.14, specifically after I came out of it most of /lib/modules/2.6.13.2/kernel was corrupt along with /etc/resolv.conf and /etc/libnss-ldap.conf. I think my kernel attacked the old kernel :( Or maybe I shouldn't try to coax it to suspend to ram if nvidia doesn't want to. Luckily it suspends fine with 2.6.13.2. I hope this is linked to suspend to ram because my two other machines are running it too.
1. Totally hoses setuid/setgid programs
2. Totally hoses cron
Is there any middle ground? How about stronger host authentication (X.509 certificates anyone?) with traditional AUTH_UNIX authenication for users once the share is mounted? Like before the NFS server will delegate user authentication to the clients, but now there will be additional verification before the server gives the client the privilege of verifying users.
So I got NFSv4 w/ kerberos5 security enabled, it is kind of nice.
Two problems:
1. root_squash won't turn off (yes I have no_root_squash in /etc/exports). I need root to have full rw access to a few shares, like /var/cache/apt.
2. No kerberos ticket means no access at all. Why can't it just map that down to nobodoy? That would be so much nicer!
3. I'm sick of generate keytab files for daemons to use when they access NFS shares.
Also I drove my friend to Hancock to pickup his car and on the way back had to wait for the lift bridge to go down. I was very mad, my view was blocked by the trees :( 4 yaers up here and I still haven't seen it move.
Certain advanced search terms like site and inurl can be used to find many pages that shouldn't be in google. Hopefully Dave Hale will email me back soon.
They switch from LPRng to CUPS on the Linux side, but the print server is still LPRng on a Solaris server. So they installed the LPR compatibility layer for CUPS, but that doesn't give any useful info if I type lpq.
While I can't let this fly, what if I want to topq my job? I first tried extracting the files from the LPRng RPM package, but got a libcom_err.so.3 not found error. LPRng won't compile cleanly on it either. So I dug around the filesystem and found the old LPRng install, hex edited the path to the printcap file to point to my home directory.
All CS majors can now add /major/jadevree/bin.lprng to their path and get the old LPRng tools. The printcap file I use contains both new and old names for the printers. You can view it at /major/jadevree/.printcap-cslab
So is writing a userspace nfs client that doesn't need root permissions a bad thing? All those lovely servers that don't have the secure port requirement set, it will be wonderful!
My program already supports mount and unmount calls. I think I have crossed a threshold, this is the first program I have written that is designed to exploit a flaw in a piece of software.
Adults are just like little kids. If you tell them no, they go ask the other parent.
As of last Friday I no longer work at the school, as of either Monday or Tuesday evening this week I will be at MTU. I miss tech, most of my friends are up there.
This is mainly a reply to Tim:
Tim, the specific algorithm used is quite irrelevant here. Cryptography is very good at distinguishing a legitimate user from an attacker, but only when those groups are exclusive. No amount of cryptography can protect against the case where the legitimate user is the attacker.
All DRM systems suffer two weak points, neither of which has anything to do with the strength of the algorithm involved:
1. The data must be converted into a form that a human can understand.
2. The computer must have the information necessary to do this.
Exploiting #1 is done by capturing the data at some after it has been prepared for human consumption. For example plugging the audio out jack into the audio in jack on your computer. Obviously the only thing the DRM makers can do here is keep the data under the DRM until the last possible moment. Even then, they can't stop me. Generally speaking this is useless for realtime playback. The attacker would record the stream once and resave it without the DRM. This generally involves a loss of quality.
Exploiting #2 generally takes more effort but can usually be done without degrading the quality of the work. #2 is possible because the Von Neumann design that all PCs are based off of dictates that programs themselves are just data. Or in other words, one program can be fed another program as input data. In this case the attacker would feed the DRM program into a program known as a debugger. This debugger records what is happening when the DRM program decrypts the protected content. This would include the decryption algorithm and the decryption key. The original DeCSS program used a decryption key stolen from a software DVD player in this manner.
Neither of these methods requires the attacker to break the encryption algorithm. So the use of heavy encryption like AES is futile.
Okay certain versions of EMC systems (I still am not certain which ones) suffer a directory tree traversal problem inside the checkpoint backup system. This backup system allows you to have live access to the most recent backups of your files simply by doing "cd .ckpt". Inside of this directory there are a bunch of dated folders corresponding to the recent backups. This is a one way door, once in here you cannot leave be way of relative paths.
Specifically 'cd ..' behaves radically different than expected. Instead of going back to the folder with the list of backups, it goes one directory up the tree of the backup system. Like if you were in '/home/bob/.ckpt/NNN/' (which is '/ckpt_NNN_home/bob' on the server side) and did 'cd ..' you would expect to get to '/home/bob/.ckpt' but instead you are at '/ckpt_NNN_home' on the server side. By repeatedly doing 'cd ..' you proceed up the directory tree of the storage array and eventually get to the root of the storage array's filesystem. You can now proceed to explore the ENTIRE network storage array, including NFS shares that your computer can't normally access.
Lot's of people make poor assumptions on who is world. Without this exploit world is anyone who can access a computer that gets that specific NFS share. With this exploit world is anyone who can access any share on the NAS. In my case I was able to read 6 years of PBX logs for all of Michigan Tech and plenty of other goodies.
My pieced together list of what tech has from EMC is:
EMC Celerra
EMC Clariion CX600
EMC Clariion CX700
I'm pretty sure that the flaw is in the Celerra, but I have no clue.
There is a patch out, cause Tech applied it on Tuesday evening and has so far stopped my efforts at defeating it. 'cd ..' still doesn't behave correctly, but it does stop you from going above the base of the NFS export you are on. So in my example I would be stopped at '/ckpt_NNN_home' and unable to get to the '/' of the NFS server.
Now if you are shocked about this, so was I. What happened to software quality control? You think atleast one QA tester would have tried the thing that I did out of habit to leave the folder! You think atleast one would have investigated when it didn't behave quite right. And people wonder why I don't trust computer software.....
![[setec astronomy]](/graphics/sa/sa.png){kind=small}
