The Lair

Most people with a ken for finding out about this whole Loonix thing have heard of Ubuntu by now. If not, please come out from that dark cave that you’ve been inhabiting and venture forth into the sunlight… it won’t burn. much. Anyway, of all the bizarre ways in which a person can advertise their love (or lust, thereof) for the Ubuntu Linux distribution, wearing a branded thong has to take the cake. Not that I go around looking for branded underwear in Cafepress (I don’t ok? honest!); but a BBC article on Clinton’s recent visit to the Labour party conference yielded a news story on the word Ubuntu. Check out that Ubuntu Linux thong halfway down the page.

Gents of the world, rest easy. In addition to bringing about world peace, making Linux accessible to mere mortals and any number of other miraculous tasks; Ubuntu Linux-ware can now protect your nadgers. I gotta also concede that it was a ballsy *cough* move by the Beeb to run that particular image. Here’s hoping that this doesn’t become standard dress at LUG meetups though. Ubuntu. Is there anything it can’t do?

Two links doing the rounds recently; 25 signs that you’ve grown up. Ok, lots of that stuff didn’t apply to me. One thing, however, did strike a chord. “I just can’t drink the way I used to,” replaces, “I’m never going to drink that much again.”. This is so completely true that it’s scary. Somewhat related. “A $4.00 bottle of wine is no longer “pretty good stuff”.. So, imagine my disgust when I took the beer quiz and got Guinness. There’s something not quite right about that picture.

For entertainment, I am happily hunting down the list of book recommendations sent by Sin. I’m also on one of my periodic downloading sprees so everything from Aphex Twin and Aphrodite to Sting and assorted trance on the playlist. Productivity has zoom climbed.

I go to great (some would say obsessive) lengths to duplicate a Unix command line experience on Windows. While the reasons are probably more complex than saying “I like Windows” or “I don’t like Linux”; it’s not ideology that prompts me to use Windows. It’s partly battery life (usually better with Windows than Linux, by as much as 15% or so on my old Acer), it’s partly software compatibility, it’s partly inertia (read: laziness) on my part.

Recently, I was asked why I liked command line and console based apps so much. This was after I moved from mIRC to the wonderfully configurable irssi and continually raved about it to the luckless chickenbutt. The most readily found reason to move is probably to reduce wear and tear on my fingers, wrists and elbows. I find constantly moving my hand from the keyboard to the mouse is downright inconvenient. So much so that after a few hours of the click frenzy that is Warcraft (for example) my right hand actually cramps over the mouse. Yeah, I should probably cut down on my play and/or not micro quite so much - but I also have a stated goal of reaching 200 APM in a standard ladder game (I hover around the 90-120 mark right now) so less clicking isn’t really going to help me achieve that. But as a rule, the less I have to grab the pointing device *cough*, the more comfortable I am.

Read the rest of this entry »

And the lack of sleep isn’t helping. Delaying much needed sleep with artificial stimulants is a bad idea. Sooner or later you just need to crash; and waking up is unpleasant, to say the least. I know by now that if I stay awake this long with this little sleep, a crash is going to be followed by waking up feeling hungover. Without the alcohol. Gah. I had a hair trigger temper this morning too. Hate being this sleepy and not being able to sleep. Maybe my sis got it right. She observed that I’d not even blink or look sleepy after a night out earlier, but this time (when I was in SL), I was the proverbial old man and in bed by err.. 2200 or something. Obscenely early, anyway. Well, of course I’m getting old, dammit. Or lazier, anyway. At least the report (and the stuff that had to happen after the report) got done, ahead of schedule.

I’ve sold out. Perhaps it was the lack of sleep affecting my judgement; but at some point I decided that obscurity is pretty good security. Considering the number of people hitting the proxy servers in search of a cheap spam relay; I’ve decided (pretty arbitrarily, at that) that we’re going to change all the default proxy ports. Like, it’s not going to stop a determined spammer type but at least the dumber ones will no longer soak up bandwidth and server CPU cycles.

Done my bit for the environment, I have.

Found me a mess of Fatboy Slim and my old Scissor Sisters album. I’m humming along to Laura and feeling not a whit ashamed. It must be something in the coffee. Or lack of sleep, whatever.

Got Chickenbutt to do some downloading for me and grabbed a few Pinky and the Brain episodes. Whee. Regular Bonnie and Clyde, that’s us. Also succeeded (I think) in introducing Chickie to the wonder that is Pinky and the Brain in the process (well, if she’s downloading it she has to watch it too, right?). Narf. Zort.

Now to take over the world. Right after I grab about 12 hours of sleep.

The mass of men lead lives of quiet desperation

quoth Thoreau. Actually, that’s patently false. In the days of cheap or free blogging, every single person can squawk out their fears, deepest and darkest secrets and everything else that might make them suddenly go postal onto the internets. And hey, they’d probably become an overnight sensation and then be exposed as a fake. But I digress. There is no need for quiet desperation anymore; which is why I’ve descended on the blog with a litany of my woes for the next few days.

I have a massive report to write and hand in within the next umm.. 48 hours. Which is ok. Plenty of time to get it done under ordinary circumstances. The only problem is that the report is to detail my progress on a particular task over the last three months and considering that my progress has been precisely nil - well, I’ll need to write the report first, make sure it hits the pagecount (because the beancounters actually do count the number of pages on the report) and then set about implementing what’s actually detailed as progress.

And it does not help that I haven’t been tracking MythTV as often as I should and they’ve gone and released 0.20. Aargh. I was just about hoping that I could let all the C I had forgotten slink away into the dark dank corners of memory. No such luck now.

Say hello to caffeine abuse. I foresee a couple of sleepless nights ahead.

Hasty post script: Don’t you dare go to that great big used car lot in the sky, Hamster!

This is one of the things that I always have trouble remembering in Perl. Occasionally (when it’s late, I’m tired and just want to finish up and go sleep), I am tempted to write hackish code like this:

Connect to database
Get a statement handle out

$statement_handle->fetchrow_array()[0];

Which works sorta ok, till you try to print the result of that fetchrow_array call; and then everything goes bad in a hurry. Annoying, but I hadn’t bothered figuring out how I could work around it… Till today. Popped into #perl on freenode. I was pointed to the fine manual which includes a section on symbolic unary operators.

So, what I really need is a leading unary + to disambiguate. Cor. All this time programming Perl and I never needed something like that. So, what I need to say is:

print +($statement_handle->fetchrow_array())[0];

Sounds trivial, but it took a similar epiphany for the delights of map to be revealed a while ago. Learn something new, most days.

And I’m listening to Ta Dah by the Scissor Sisters and liking it. Muchly, in fact.

Some authors are just damn good. You know, regardless of writing an action novel, futuristic sci-fi or even turning their hand to comedy; the genius of the writer shines through. Others are more tied to a genre; consider the ludicrous thought of Tom Clancy writing a Discworld novel and you’ll see what I mean… Ludlum, for example, tried to get the comedic angle going with the Road to … series. (Road to Gandolfo and Road to Omaha). In much the same way, David Baldacci tried something different with The Christmas Train. Unfortunately, Ludlum probably did better at the genre change than Baldacci did… Christmas train didn’t work quite work for me.

From the beginning, there was no build up, no master criminal (a hallmark of Baldacci’s earlier stuff) and not a whole lot of tension in the novel for me. There was very little cleverness in this book (contrast with the number puzzle in Total Control for example). It was, in short, a nice book to be made into a movie showing in some random channel which rhymes with Ballpark; but not exactly the stuff that David Baldacci used to make a name for himself. Think of Robert Jordan attempting a cookery book? Yup, not to impugn RJ’s cookery skills (if he has any) or Baldacci’s ability to write well - but without the edge of action and a plot and something thing to figure out while reading the book; Christmas Train was more like a rerun of an episode of Friends. Intrinsically, not a bad thing. Except it’s just not Baldacci.

In other news, I feel increasingly like I’m in a B-movie called the Attack of the Feeping Creatures. My supervisor has unveiled grand plans for what I’m going to be doing in my *gasp* fourth year of research. Which is all well and good for him, except I have little intention of hanging around long enough to do what probably constitutes another large scale project. It’s all very well talking about how research interests me (because it does, really) but research at the expense of real life sounds silly, to say the least. Oh, and how about the client who introduced a few features (oh, they won’t take long, will they? What? You don’t have enough people to do what we want now? lalalalalalalala, I can’t hear you). Aargh, grr, snarl, I hate my job(s) etc.

So, my current long term career plan has been transmogrified into fighting off Ed for a place as the Pit peon. Ok, so maybe there is room for both Ed and yours truly to work as Pit peons. I hear the bennies include Elephant House Hawt Dawgs and (allegedly) chocolate muffins. I can live with that. Also, I am informed that Elephant House has made a come back with the hawt dawgs… and here I was thinking that they had gone out of business. But … again, second hand information, apparently the secret sauce doesn’t taste as good. I think the water quality of the Beira has gone down a bit, that might be a reason *evil grin*

Also, very randomly, w00tabix - the breakfast of naturally cheerful people. I just thought I’d share that awesome product idea with all my readers. Royalty free, even.

Have an internet facing public server or four and someone is going to try breaking into it. Sad, but true. I’d like to think that most of the people who try this sort of game are pimply faced teenagers with an internet connection and nothing better to do… Most of them probably are, I suspect. Regardless, the point is that most of these guys (the ones I detect, anyway) are so amateurish that they point some random ssh password brute forcing tool at a random server and pull the trigger. Never mind that our user names and passwords are (mostly) safe; these idiots spray servers with hundreds of requests a minute and slow the servers down to a crawl.

I have respect for people who are good enough to break in, leave little trace, do their business (rootkits, warez dump, whatever) and then vanish. I may not like them, in fact I may actively fear their existence, but I have a healthy respect for the subtle cracker. But the hordes knocking on the server doors at this point are about as subtle as a smack on the face in a crowded pub. Actually, it’s more like the death by a thousand cuts for the servers. Incidentally, how apropos; easily 80% of the hits from these wannabe crackers have come from Chinese, Taiwanese and Korean IPs.

So, considering how much bandwidth these maladroit marauders waste - I obviously needed to do something.

DenyHosts. It’s a lovely little script which is capable of being run as a daemon. Written in Python, it monitors the ssh log (auth.log in Debianesque servers, /var/log/secure in Redhat/Fedora land) and blocks off hosts which make too many bad ssh login attempts. Everything is configurable, of course - number of failed logins before adding to hosts.deny; number of bad root logins before being killz0red and so on. So, I installed it. Nice and easy, took all of 10 minutes. [A bit later, I read the FAQ and found this link. Yup, I installed first and read the FAQ later, so sue me]. One thing I didn’t feel comfortable doing just yet though, was enabling synchronization mode - which allows Denyhosts daemons to communicate with a central server.

Within hours, my hosts.deny had four new entries added. And that’s just one server, mind you. W00t for automatic blocking of abusive IPs. Now I need to try out Fail2Ban which looks like it could handle HTTP server attacks as well as ssh based brute force attempts.

I feel safer already… I think

Update: One night of denyhosts and the incoming bandwidth on the server has gone down from a whopping 91M to a mere 6M. Umm. Hell, yeah? Something is working, at any rate.

Wikipedia has the skinny, as usual.

Going from pedal to the metal, up to eleven work levels to … almost no fires to put out. That whiplash, ladies and gents, is from my workometer slowing from flat out crazy to almost managable inside 24 hours. Scary stuff. Long may it last, I say.

In other news of note, JRuby got Sun support. Well, sorta. I still like Jython though; but the lack of updates leaves me wondering if I should switch. Of course, if I had to do a project tomorrow using some scripting language adjunct to the JVM, I’d probably pick Rhino over all the other pretenders. The more I work with JavaScript, the better I appreciate the flexibility of the language. Irritating quirks aplenty to be sure, but still a great language. While on the subject of languages and environments, I recently discovered that Smalltalk has a Windows version. That sounds interesting enough to investigate soon. Back on topic with the JRuby development, I wonder how much the rise of RoR actually prompted Sun to take an interest? Too little too late? Then again, Mustang was going to (has?) bundle Derby and I don’t see many people moving away from the other pure Java databases just yet.

And in another plainitive bleating of the obvious, let me be only the eleventy billionth person to observe that there is no expectation of privacy on the internet. None. Search records? we got those. How about online stalking? Yup, got that covered. Then there is the Craigslist prank. Ok, so the last one just covered the stupidity (of people who responded) but still a point to be made about privacy in there, somewhere.

Maybe we all need to start using Tor for everything, every single search engine request. Wait, can’t do that either. I wasn’t being remotely serious anyway. Tor isn’t for normal everyday use, there just aren’t enough onion routers to go round for that sort of thing. But think twice before letting details of your particular predilection for donkey pr0n (or whatever else it is that might be deeply embarassing) escape into the logfiles of a search engine.

As seen on Wikipedia. Perhaps I meant a vow of silence.

I switched off my IM client yesterday. Or rather, I didn’t switch it on at all in the morning. Such a trivial sounding thing to do, not launch a piece of software on a machine. The truth is that this was probably one of the first times that I had access to a stable internet connection and chose not to have IM software running. Ok, so I cheated a little in the afternoon and launched it for a few minutes, fully intending to go offline after seeing who was online at the time. Only StaticX was online and pinged me so I spent about half an hour jabbering to the wee Scots leddie. Not a perfect score for abstention, but close enough, near as dammit. Also, IRC does not count, ok? [Yup, there’s a long way to go to reform my IM/IRC habits].

What did it feel like? Not having my IM client teat to suck on left me feeling simultaneously liberated and uneasy. For one thing, you never do realize how much time is actually sucked away switching contexts from work to a chat window (ok, so some chat windows are work, that’s irrelevant here). It’s the equivalent of a runner training with a heavy lead belt and suddenly being asked to run without the excess weight. All of a sudden, work timecycles become a lot larger - I could write not one but multiple paragraphs of code without needing to concentrate on anything else. A slight digression here: a paragraph is basically a unit of my own devising, the smallest logical piece of code I need to write to express a certain concept. It could be a line, two lines, five lines but whatever it is, it’s a small self contained chunk of code. Keep it in my head, figure out how to write it, and then write it. Get it onto the editor window somehow before something else forces it out of my consciousness. Long years of experience have told me that if I context switch to something else before I write at least a paragraph of code, I’ll never get any work done.

At the same time, I had this vague sense of unease that any recovering information addict must feel - what if something is happening, if someone wants to get in touch with me and they can’t? No IM? Unthinkable. Maybe I should just leave the client on, just in case. No, I really shouldn’t. After a full 6 or 7 hours of this internal argument, I finally did crack and launch Trillian for a short time… but at least I switched off the moment the conversation with StaticX was done.

Not having to deal with weirdness over IM also meant that I could internalize some of the angst (ie: see previous post). Incidentally, yeah - Ubuntu Server and all the idiot fanboys may suck, but I’m still going to need to secure that box. I guess I’ll have to find the time from somewhere. Also to clarify, I love Ubuntu the desktop. Ubuntu the server may yet reach those heady heights, but it’s not there yet. So, I guess my real beef is with people who recommend it for every thing without knowing exactly how deficient it is. Or maybe, just maybe, having a pair of lovely Fedora Core 5 and RHEL 4.0 servers to work with has spoilt me for an unbiased assessment.

Angst. While I’m on the topic, it’s also worth noting that I tend to take eleborate care over cooking meals when I’m truly stressed out. I noticed this years ago, during the heady dotcom era… and it’s back now. Everything from risotto to various attempts at making paella. But the real star find was apricot and fig chutney from a local supermarket. *sigh* It’s fricking fantastic, it is. The mango chutney I dragged over from SL has been put to shame by this delicacy.

Somewhat sparsely explained on Wikipedia.

Honeynet has an interesting (although somewhat dated) paper on the survivability of machines exposed to the internet. I’ve just been watching logs (not really my job, but no one else seems to be doing it) and I’ve seen the firewall and proxy log hits from places as diverse as China Telecom (that’s Taipei), various places in the western seaboard of the US, Europe and Australia. They’ve tried things like proxying a connection to IRC channels, connecting via Yahoo Messenger (yes, really. I was so tempted to let it through and snatch a password or three… damn being all corporate and law abiding) and sending email (to advertise random pharmaceuticals, no doubt).

It’s only a matter of time before someone really does break into the machine and make free with the juicy bandwidth. If they haven’t done it already. I know it for true. The statistics (and even Netcraft) bear it out. It’s only a matter of time.

No one else seems to get it though.

To become the Cassandra or not? Do I really care if it happens? (Hey, I’m not using that bandwidth, so should I really care at all?). Do I have the time to seat people down and explain it to them? Do I have time to secure it myself? The answer to the last two questions is probably not. So… I let it slide.

It’s a crappy way to run servers, but I’m going to pick a battle I really want to fight.

update: Ubuntu Server truly does suck donkey shlong. I quote from Information Week because this is priceless.

… Ubuntu doesn’t recommend its server version for truly mission critical tasks. By contrast, there are plenty of big companies running things like SAP and Oracle on Red Hat and big server iron.

Much to my shock and horror, I got infected with a virus (more properly, a trojan) last week. Before you ask; no, I was being lame and didn’t have my antivirus enabled at the time. I deserved the punishment I had to endure. In my defence, this sort of thing doesn’t happen very often to me… I usually know better than to click dodgy attachments and so on. In fact, I never click on attachments from chain mail and rarely click on attachments otherwise unless I know I’m due to get one (from the author). Yes, I was running Windows on my notebook at the time. Now that I’ve established my credentials (bwahahaha) and told everyone (unconvincingly) about how rare this occurence really is - let me break out the sack cloth and ashes etc. Ok, I’m done repenting, let’s move on.

Read the rest of this entry »

A few weeks ago, someone sent me this link; the best English Premier League team to support in the coming season. I won’t give away the punchline to the joke, but suffice to say that Bill Simmons and the guy who sent me the link have at least one thing in common. Why do I blog about this now? Because how quickly things can change - in the space of a few weeks, a turbulent transfer period has turned things pretty much on its head.

Grist for the rumour mill. From that epitome of journalistic brilliance, the Sun. Turns out that both Tevez and Mascherano have get-out clauses in their contracts. First club to offer £35million gets to take either one. Also turns out that Kia Joorabchian is … get this, an Arsenal fan. So, to revisit that ESPN article, the “Bandwagon Potential: Off the charts. Almost horrifying” still remains. And hey, guess what? Kia Joorabchian the Iranian joins the august company of Spike Lee, Joan Collins, Osama Bin Laden and Senhor Drac as an Arsenal supporter. Allegedly. I’m reasonably sure Osama isn’t taking interviews about his EPL favourites right now. Word has it that he still loves his Gunners though. And the guys who blow themselves up too.

In other news (but staying with the footie, because this is one of those posts… ), Ashley needs to show his book to Chelsea before publication. Among other things, apparently the EPL transfer deadline was extended by 10 minutes to allow Ashley to be swapped with William Gallas, Mourinho is still smarting at having lost a small plastic dump truck from his massive sandbox filled with half of Hamley’s inventory, and apparently Gallas will be paid more at the Emirates Stadium than Cole will be paid at Chelsea. Oh and Gallas loves the Arsenal fans. Um. Yeah. By the way, Cole would have been sent to Man U if he had refused Chelsea. Or, as the Sun spins it, the Arsenal management tried to deny Chelsea a chance at Cole. Mad fun.

Actually, I wish I could share elric’s confidence about where Arsenal are going to finish up this season. I actually think Man U have a good chance of repeating last season’s finish; maybe swapping places with Liverpool this time around… Arsenal? Um. The squad just got Baptista; but most physical teams in the EPL know how to shut down Arsenal now and with Thierry the Wonderboy Henry still their primary attacking option - umm. Interestingly, I share elric’s view about not having a single English player in the starting 11 or the bench; but it looks like Arsenal is the French enclave in the EPL while Liverpool is sorta the Spanish ghetto. Does this make West Ham the new Buenos Aires? Um. I don’t think the bemused 22 year old Argie twins will be staying too long. Everyone with the money is going to look to lasso and tie up some nice Argie beef.

No predictions from me, as usual. Just gloomy pessimism about everything going pear shaped for Le Arse.

But wait. Did I mean the first definition of this tool or the second definition of this? The jury is still out on that, folks.

I have been spending the last few days (weeks?) becoming reacquainted with the command line. Tis good. As much as I bitch about having a nice GUI and a weakness for eye candy, the proper shell environment can help one gets lots done much faster than the pointy clicky variety. I also (somewhat fool hardy, I must admit) embarked on an ambitious venture to try and tame the irssi beastie. So far, I’ve figured out how to set some options and tweak things but haven’t gotten to the really fun stuff like theming and scripting my own commands. Soon, I hope.

Actually, this brings me to another fairly obvious realization…

Why do dogs chase their tails before settling down to sleep? to make their sleep habitat comfortable. In much the same way, I endlessly tweak and twiddle with the options of any interface that I have to work with for extended periods. Be it command line, GUI, Windows, Linux, Solaris, whatever. They all have their prescribed drac rituals for maximum comfort and minimum typing (and clicking). This, I’ve realized, is the reason why the whole Windows/Linux or KDE/Gnome/XFCE/shell argument is pointless to me. No matter which environment I use, I need to tweak it before I feel comfortable using it. The only difference is how much I tweak. So it is with the ssh connection I use now. I’m slowly bringing over my most useful bash shortcuts, my comfortable autocomplete scripts, my (rather large) list of aliases [side rant: why the hell does Ubuntu Server have such a terrible out-of-the-box experience? I typed “ll” a couple of times before realizing that convenient aliasing isn’t part of the Ubuntu ethic. Go go Fedora. You may have gotten some stuff wrong, but you can’t be faulted for your install experience on the server]

All I need to do this week is figure out how to master the dark arts of bitlbee and I’ll be all set. Incidentally, I have to admit that working in the command line has done wonders for my typing skills. Not necessarily in the sense of typing faster, but typing more accurately. Anyone who has seen me type (people can hear me type across the building, because I bang on the keys rather loudly) knows that the most used key on my keyboard is the backspace. As in, type three chars, use the backspace once because I made a mistake. Unfortunately, working with ssh across a slow link doesn’t allow many luxuries - I can usually type in a longish set of commands before anything appears on the screen. Yes, SLT leased links are that slow. Make frequent typos and the whole command line experience becomes a nightmare. So, accuracy matters. I could possibly think of trying out at a secretarial school now.