2007-11-28
Oh My Goodness I so want this
I think I will start on my aquarium this week! [The image is copyright of the XKCD author who I can't remember and is used under the Creative Commons license. Please see http://www.xkcd.org/license.html for more information.]
2007-11-26
Ketchup #5: Oh boy thanksgiving
- cfengine.. is not like falling off of a bicycle. I keep looking at it and thinking.. if it were python I would do this.. too much school I guess.
- class stuff. Got grades back on kudosu and turned in parser program. Got the final project today and got my deadlines on it. I will have to work every night for about 4 hours to get this thing done.
- decided not to take a spring class this year. I have to focus on catching up with work load and getting family house issues dealt with.
- had Sister-In-Law visit. Lovely as always.. wish I had had more time to spend and not be so grumpy from other stuff.
- took pictures of the dog, house, family. Gave camera to paul.. he took 40 more pictures :). Then tried to get data off of camera. Seems that the camera no longer talks to the Macintosh or Linux boxes.. spent most of Sunday working on why (looks like firmware problem in camera... have to install Windows ME to fix.. time to get a new camera I think).
- worked on jphoto and started seeing what would be needed to get it to work with 2.6 kernel (lots of work). then realized that the camera doesnt talk correctly anyway and that I might as well start over.
- Family had a good time with everything. Lisa made lots of good food that we ate. Paul and I played Kingdom Hearts.. til the PS2 started to show its age and go into lockup mode. Sigh...
- Played with android and found I could not get hello world to work in Fedora8. Not sure exactly why yet.. have to futz with it a bit.
2007-11-20
Another Round on Passwords
I have to grudgingly agree with Dr Spafford on this. On our public ssh servers our main problem used to be users who set passwords to guessable words. However, while we have this occur everynow and then, the bigger problem is where users use the same password everywhere. While we limit the number of ssh attempts, make the users pick stronger passwords.. we can't stop them from using it at AOL etc. And even SSH blocking is limited as the crackers have parallelized their tools enough that as we block one host another picks up right where we blocked the last and they come from all over the internet that we can't really shut everything down.
And even if we were able to block all that.. we would just be the mythical bosun on the Titanic that Dr Spafford mentions.. making our selves useful as the ship sinks.
- We can't make the users patch their systems since the majority of them are privately owned. [State laws or some such.]
- It seems impossible to train common sense. You can tell people "Don't give your password to someone.", "Don't use the same password in multiple locations.", "Be careful of attachments.", etc and they will still do stupid things. Maybe because there is no evolutionary consequences.. "So you opened that attachment. Well its time to install Eunuchs on you."
- Even if we were able to patch the systems AND train the users.. there are too many tools that are too expensive to replace that have to run un-encrypted etc to make much of a difference.
Oh well...
2007-11-13
What I would do if I had $400.00
http://www.laptopgiving.org/en/index.php
The laptops are cool, great, wonderful, and meaningful to help children in the world. I am currently trying to find some projects who will pay me in one (well two.. one for the kid somewhere who needs a computer.)
Ketchup #4: Whee...
- Installing and working with cobbler so that we can have a unified build system at work.
- Installing and working with venerable cfengine for our change mangement system at work. I had looked at puppet, func and some others.. but the need to be old-fashioned, boring, and stable won out when looking at what each one had and what systems we needed to support (Majority of RHEL-3 and earlier systems with few updates due to legacy software).
- Working on CS homework. The latest problem was a variant on the old write a reverse polish calculator problem. We were given a minimal language and needed to write a tree and parser for it. The work on this is ongoing as I need to get the evaluator done by Friday.
- Helping the kid play Kingdom Hearts. Yes its old.. but it is an excellent story and RPG that has gotten Paul completely emmersed.
- Try to help the wife with a house blessing. We have had lots of problems with the current house, and felt we needed to come to peace with it. It was a beautiful ceremony and it seemed to go well except for the cat who is probably going on Cat Prozac as the number of people in the house freaked her out.
- Trying to work on a couple of projects for EPEL.
- MOST important for some people.. trying to find time to QA CentOS-5.1
2007-11-04
QMAIL: 10 years later
http://cr.yp.to/qmail/qmailsec-20071101.pdf
I would like to say that I am not a qmail fanatic, and Daniel J Bernstein is not a friend of mine :). Actually I remember some testy emails back in 1997/8 where I was rather brash and talking out my ass and thinking he was doing the same. However, I would like to say a couple of things nice about qmail and DJB.
- 10 years ago, while there were other email server software's.. the majority of it was sendmail, and most people used it whether they liked it or not. It basically took a lot of grok-foo to be able to understand the sendmail language, and if you got it wrong you ended up with poor security and poor performance. However, once you had 'earned' your stripes, you weren't likely to ever want to learn another email language. qmail changed that for a lot of admins... and it changed it enough that the monopoly hold was broken and things like postfix and exim got a larger mindshare than they would have 15+ years ago.
- Qmail invalidated a psychological tendency I had seen with some Unix admins to ever patch, or touch their email servers. Sendmail was hard enough to get working minimally for some people, and so patching it was out of the question. I remember one site I worked had a process that would replace any sendmail after SunOS patches with 'sendmail-working' which was basicially an unpatched version of sendmail that they knew worked from 5 years ago...
- I really would like to focus on this sentance:
"In retrospect, some of qmail's "security" mechanisms were half-baked ideas that didn't actually accomplish anything and that could have been omitted with no loss of security." The DJB of 10 years ago would not have said that... but he was getting attacked everyday for this or that. A secure coder should always be able to look back at their code and be able to say that and believe it. I would like to think that I could be able to say that someday about my code (which is perfect, has no problems, and doesnt need patching as all my ideas are perfect, no problems, and never need patching :)).
2007-11-02
Colbert foiled!
US TV comedian Stephen Colbert appears to have failed in his attempt to enter the 2008 presidential election.
Despite stumping up a $2,500 (£1,250) deposit, Colbert's application to stand in South Carolina's Democratic primary was rejected by 13 votes to three.
...
And his "policy platform" won him instant notoriety when he promised to "crush" neighbouring Georgia if elected.
----
Personally I think that yes Colbert was playing SC for an act, but to be honest I think both parties were worried that too many people would vote for him than the current 'annointed' candidates. I looked at his candidacy as a 'none of the above' vote.. and if I were still living in SC would have voted for him on whatever ticket he had been on.
If for any reason, it was because he was addressing an important item I read in the school texts in State History: The creation of Georgia stole most of the territory that South Carolina had been 'granted'. Well not in so many words, but the various graphs of showing SC as stretching to the Pacific before Georgia ( a prison colony as pointed out several times in the text) and then just having a small strip in the far Northwest corner that was eventually stolen (sorry realigned) by Georgia later on.
Oh well, hopefully Ron Paul will still be on the ballot in NM by the time that primary rolls around.
2007-11-01
Bad tricks grown-ups play on Halloween
- Put on lots of decorations in the yard and house
- Put on the outside lights
- Leave for the night.
- For extra credit have a sound track that makes it sound like you are walking up to the door after the doorbell is rung.
- For extra extra credit, do this to the house down the street with the family you knew were on vacation.