Just saw something terrible on TV. They took the Ripley-in-power-loader v. alien queen fight at the end of Aliens and turned it into a DirecTV commercial.
Part of me just died. Horribly.
31 July 2007
30 July 2007
OSCON 2007: Friday
OSCON Friday is much like Wednesday and Thursday, but it's a half day: keynotes, two sessions, a final keynote, and a final schmoozing session. The Friday keynotes were pretty good. The first was from Philip Rosedale of SecondLife. He gave a demonstration, which was my first time to actually see Second Life. It looked pretty cool, and he displayed some data graphs from inside the virtual word. He said that lots of people use it for telemeetings. They're beginning to offer voice features, so people will probably start using it for teleconferencing. Some of the components of Second Life are open source, and Rosedale was encouraging the community to contribute to the project.
Next was Jimmy Wales of wikia, which hopes to fulfill Wales' ambitious goal of giving everyone free access to the entire sum of human knowledge. Wales also announced wikia's acquisition of grub, Web-crawling software which lives on unused computer cycles (sort of like SETI@home, but less pointless).
Simon Wardley then spoke about information technology commoditisation. I believe his point was that open source means allowing people not to have to spend all their time building entire infrastructures from scratch, because someone else has hopefully already done it for you and has open-sourced the code. And Simon evidently really likes ducks.
Nat Torkington, OSCON program chairperson, gave a farewell keynote. He's stepping down from OSCON organization duties (and perhaps leaving O'Reilly altogether--not sure). A (paraphrased) quote from his talk was "ignore the noise and make some signal" (participate in and contribute to a cause about which you feel passionate).
The last keynote was "Pimp My Garbage" by an electronics engineer named James Larsson. Larsson like to make interesting things out of computer equipment that other people want to throw away. His creations have to be seen to be fully appreciated, and he took the notion of building a better mousetrap to a hilarious conclusion.
The first session I attended was "Subversion Worst Practices" [sic] by Ben Collins-Sussman and Brian W. Fitzpatrick, a couple of Google software engineers who moonlight as subversion developers. They gave a good list of things to avoid when implementing version control, like storing ISO images in a repository, skipping out on backups, and manually editing repository files.
I was wanting to go to "Testing With Selenium" as my second session, but it was cancelled (selenium is an in-browser unit testing framework, which can be a good way of automated javascript testing). So I went down the hall to "Running Your Programming Language on Parrot", and was quite promptly confused. shrug
So I had some time to kill Friday afternoon. I decided to go to the Chinese Garden and the Japanese Garden. I didn't much care for the Chinese Garden, which was pretty small. It was $7 and 30 minutes of my life I'll never get back. It was OK, but nothing special. It didn't seem very well-kept: the water was pretty murky, and cobwebs were everywhere.
But the Japanese Garden was awesome. It was $8, it's in Washington Park (western Portland), and it was really beautiful and peaceful. I spent a couple of hours there, and took several pictures (I posted them to flickr). I highly recommend this to anyone with a couple of hours to spend in Portland.
Here are a couple of my favorite pictures:
Next was Jimmy Wales of wikia, which hopes to fulfill Wales' ambitious goal of giving everyone free access to the entire sum of human knowledge. Wales also announced wikia's acquisition of grub, Web-crawling software which lives on unused computer cycles (sort of like SETI@home, but less pointless).
Simon Wardley then spoke about information technology commoditisation. I believe his point was that open source means allowing people not to have to spend all their time building entire infrastructures from scratch, because someone else has hopefully already done it for you and has open-sourced the code. And Simon evidently really likes ducks.
Nat Torkington, OSCON program chairperson, gave a farewell keynote. He's stepping down from OSCON organization duties (and perhaps leaving O'Reilly altogether--not sure). A (paraphrased) quote from his talk was "ignore the noise and make some signal" (participate in and contribute to a cause about which you feel passionate).
The last keynote was "Pimp My Garbage" by an electronics engineer named James Larsson. Larsson like to make interesting things out of computer equipment that other people want to throw away. His creations have to be seen to be fully appreciated, and he took the notion of building a better mousetrap to a hilarious conclusion.
The first session I attended was "Subversion Worst Practices" [sic] by Ben Collins-Sussman and Brian W. Fitzpatrick, a couple of Google software engineers who moonlight as subversion developers. They gave a good list of things to avoid when implementing version control, like storing ISO images in a repository, skipping out on backups, and manually editing repository files.
I was wanting to go to "Testing With Selenium" as my second session, but it was cancelled (selenium is an in-browser unit testing framework, which can be a good way of automated javascript testing). So I went down the hall to "Running Your Programming Language on Parrot", and was quite promptly confused. shrug
So I had some time to kill Friday afternoon. I decided to go to the Chinese Garden and the Japanese Garden. I didn't much care for the Chinese Garden, which was pretty small. It was $7 and 30 minutes of my life I'll never get back. It was OK, but nothing special. It didn't seem very well-kept: the water was pretty murky, and cobwebs were everywhere.
But the Japanese Garden was awesome. It was $8, it's in Washington Park (western Portland), and it was really beautiful and peaceful. I spent a couple of hours there, and took several pictures (I posted them to flickr). I highly recommend this to anyone with a couple of hours to spend in Portland.
Here are a couple of my favorite pictures:
26 July 2007
OSCON 2007: Thursday
Enjoyed about half the keynotes too much this morning. The first one was cool: Ben Fry of processing.org showed some data visualization animations that have to be seen to be believed. And Steve Yegge of google gave an irreverently hilarious discourse on branding, and pointed out that branding is something that open source really lacks.
My first session was "Vim for PHP Programmers" by Anerei Zmievski (although the content was not very PHP-specific). This was an excellent talk with lots of neat Vim tricks. It was way too much material for a 45-minute presentation, but he made his slides available, so I'll be able to go through them later. As a Vim noob, I'm quite keen on learning tricks like easily wiping out the text between paired curly braces (or angle brackets or parentheses).
In a couple of the sessions I've attended this week, including today's "Untangling the Web: Dealing with Legacy PHP Code" by Clinton Nixon, people have expressed significant disdain for templating engines in PHP. I've used smarty for a couple of years and really like it. So I guess I don't really understand this sentiment. shrug
"Cache That" by Gopal Vijayaraghavan talked about APC, an opcode and data cache for PHP (Gopal is the lead maintainer of APC). This was pretty interesting, and he talked about some subleties of using APC.
My favorite talk of the day was "PHP Addons for Fun and Profit". (I didn't get the speaker's name, but she said that her blog is coffee.geek.nz). This talk was incredibly informative, with lots of good stuff about memcache and eaccelerator. I'm looking forward to giving memcache a try.
My first session was "Vim for PHP Programmers" by Anerei Zmievski (although the content was not very PHP-specific). This was an excellent talk with lots of neat Vim tricks. It was way too much material for a 45-minute presentation, but he made his slides available, so I'll be able to go through them later. As a Vim noob, I'm quite keen on learning tricks like easily wiping out the text between paired curly braces (or angle brackets or parentheses).
In a couple of the sessions I've attended this week, including today's "Untangling the Web: Dealing with Legacy PHP Code" by Clinton Nixon, people have expressed significant disdain for templating engines in PHP. I've used smarty for a couple of years and really like it. So I guess I don't really understand this sentiment. shrug
"Cache That" by Gopal Vijayaraghavan talked about APC, an opcode and data cache for PHP (Gopal is the lead maintainer of APC). This was pretty interesting, and he talked about some subleties of using APC.
My favorite talk of the day was "PHP Addons for Fun and Profit". (I didn't get the speaker's name, but she said that her blog is coffee.geek.nz). This talk was incredibly informative, with lots of good stuff about memcache and eaccelerator. I'm looking forward to giving memcache a try.
Cloverfield poster
I'm a pretty big J.J. Abrams fan: I really liked _Alias_ (well, the first two seasons, anyway), and I've been enjoying _Lost_. So I'm looking forward to the next Star Trek film (Abrams is directing it).
But I'm really looking forward to the "Cloverfield" film (or "Slusho", 1-18-08, or whatever). Looks like it'll be a pretty cool monster flick. The released the movie poster today, and it's awesome.
But I'm really looking forward to the "Cloverfield" film (or "Slusho", 1-18-08, or whatever). Looks like it'll be a pretty cool monster flick. The released the movie poster today, and it's awesome.
25 July 2007
OSCON 2007: Wednesday
Wednesday and Thursday of OSCON are made up of 40-minute sessions after a morning of keynotes. This morning's keynotes started with Tim O'Reilly himself. He talked about how successful Web sites these days are more about user data than they are about the software driving the sites. He listed flickr and del.icio.us as examples, and he listed a few new sites, as well:
Next were a couple of guys from Intel: James Reinders (a suit) and Dirk Hohndel (looked like he belonged on a snowboard in the Swiss Alps). They talked about the new Intel Threading Building Blocks, a C++ parallelism library (you'd use this library to write software to take advantage of a multi-core architecture). Intel has open-sourced this technology, and there's even an O'Reilly book about it. Hohndel also mentioned moblin.org: Linux for Intel-based devices.
Next up was Simon Peyton-Jones, a researcher who talked about concurrent programming. He said that one approach to addressing the challenges of concurrent programming is to wrap code in a database-like transaction (with a transaction log) to acheive atomicity (like a journaling filesystem, I guess). At that point my eyes started glazing over, and I became hypnotized by his bright red sweater with a picture of a red-eyed treefrog on the chest. (It was really a very interesting keynote, and he's a good speaker--I just didn't understand a whole lot of it.)
Then Tim O'Reilly interviewed Mark Shuttleworth of Canonical. As I'm not a passenger on the Ubuntu bandwagon, and was still recovering from the amphibious atomicity assault, I went looking for coffee or something.
During the course of the day, I attended a handful of sessions, including a couple about nagios (a host- and service-monitoring system) and APD (for profiling PHP code). I enjoyed David Verba's "Practical Design For Web Developers", a discussion of user-centered design (whose 'further reading' bibliography included several interesting-looking books). Perrin Harkins' "Care and Feeding of Large Web Applications" was also pretty cool: he talked about the challenges of devoloping, maintaining, and distributing an enormous Perl-based codebase (the Arcos CMS/CRM).
But my favorite of the day (and maybe of the whole conference) was Joseph Smarr's High Performance JavaScript. I highly recommend the slides from his talk about the development process of the Plaxo online calendar and address book synchronizer.
- freebase: "a structured, searchable, writeable and editable database" of just about anything/everything
- dabble DB: looks like an impressive online spreadsheet service
- open ads: "the web's largest ad-space community"
- hadoop (an Apache project): "a framework for running applications on large clusters of commodity hardware"
Next were a couple of guys from Intel: James Reinders (a suit) and Dirk Hohndel (looked like he belonged on a snowboard in the Swiss Alps). They talked about the new Intel Threading Building Blocks, a C++ parallelism library (you'd use this library to write software to take advantage of a multi-core architecture). Intel has open-sourced this technology, and there's even an O'Reilly book about it. Hohndel also mentioned moblin.org: Linux for Intel-based devices.
Next up was Simon Peyton-Jones, a researcher who talked about concurrent programming. He said that one approach to addressing the challenges of concurrent programming is to wrap code in a database-like transaction (with a transaction log) to acheive atomicity (like a journaling filesystem, I guess). At that point my eyes started glazing over, and I became hypnotized by his bright red sweater with a picture of a red-eyed treefrog on the chest. (It was really a very interesting keynote, and he's a good speaker--I just didn't understand a whole lot of it.)
Then Tim O'Reilly interviewed Mark Shuttleworth of Canonical. As I'm not a passenger on the Ubuntu bandwagon, and was still recovering from the amphibious atomicity assault, I went looking for coffee or something.
During the course of the day, I attended a handful of sessions, including a couple about nagios (a host- and service-monitoring system) and APD (for profiling PHP code). I enjoyed David Verba's "Practical Design For Web Developers", a discussion of user-centered design (whose 'further reading' bibliography included several interesting-looking books). Perrin Harkins' "Care and Feeding of Large Web Applications" was also pretty cool: he talked about the challenges of devoloping, maintaining, and distributing an enormous Perl-based codebase (the Arcos CMS/CRM).
But my favorite of the day (and maybe of the whole conference) was Joseph Smarr's High Performance JavaScript. I highly recommend the slides from his talk about the development process of the Plaxo online calendar and address book synchronizer.
24 July 2007
OSCON 2007: Tuesday
This morning's tutorial was "PHP and MySQL Best Practices" by Luke Welling and Laura Thomson. I've heard her speak previously at OSCON, and she's a good speaker. And this morning's talk was also good, but it turned out to be mostly review for me, so maybe I should have signed up for something else. But I did pick up a few interesting things that I'll want to research further:
The afternoon session was "How To Be a Better Programmer" by Michael Schwern. I've been to Michael's talks before, and he's a bit different (and opinionated). He appeared to have three non-OSCON groupies today, which was a little odd. The first half of his talk turned out to be mostly about soft skills (like getting along with people). While those are certainly useful and important skills, I guess it's not really what I was looking for. Oh, well.
It picked up a bit after the break, and Michael talked about things like version control (specifically SVN and SVK) and unit testing.
A couple of the more interesting (to me) points from Michael's talk:
Seems like Tuesday night is typically a fairly well-organized affair, with several speakers and a pretty interesting program. This year, not so much. Instead of setting up the ballroom with chairs lined up seminar-style (as in years previous), the chairs were arranged around lots of tables, and we were made to go from table to table meeting people. Like speed dating.
There was a musical guest who, to his credit, sang and played guitar fairly well. But he sang about man pages. Yes, man pages. It was supposed to be funny, but no one was really laughing.
There was the annual open source award ceremony, in which PJ of Groklaw (who, disappointingly, was not present) and Paul Vixie (of BIND and cron fame) received some well-deserved recognition. But lots of people were talking, rather than paying attention, so it was difficult to hear the people on stage.
And there were no other speakers. So the evening event was pretty lame. I left early. At least they served booze, which took the edge off, a bit.
- test_more (which is like Perl's Test::More) for unit testing
- PEAR's quickforms2 for form processing
- PDO might be a good alternative to the PEAR DB in PHP5, but I should probably consider just using the mysqli interface, since I don't really need to be writing my applications to support multiple backend DB engines
- xdebug looks interesting for profiling
- if I need to develop in a load-balanced environment, I'll need to move away from storing session data in flat files on the Web server--encrypting the session data and putting it in a browser cookie might be an interesting alternative to storing sessions in a DB
- I need to look at memchached again
- mysqlperformanceblog.com looks worth following
The afternoon session was "How To Be a Better Programmer" by Michael Schwern. I've been to Michael's talks before, and he's a bit different (and opinionated). He appeared to have three non-OSCON groupies today, which was a little odd. The first half of his talk turned out to be mostly about soft skills (like getting along with people). While those are certainly useful and important skills, I guess it's not really what I was looking for. Oh, well.
It picked up a bit after the break, and Michael talked about things like version control (specifically SVN and SVK) and unit testing.
A couple of the more interesting (to me) points from Michael's talk:
- he suggested learning a radically different programming language, and then bringing that language's best features back to your 'native' language
- hiveminder.com looks interesting for task management
Seems like Tuesday night is typically a fairly well-organized affair, with several speakers and a pretty interesting program. This year, not so much. Instead of setting up the ballroom with chairs lined up seminar-style (as in years previous), the chairs were arranged around lots of tables, and we were made to go from table to table meeting people. Like speed dating.
There was a musical guest who, to his credit, sang and played guitar fairly well. But he sang about man pages. Yes, man pages. It was supposed to be funny, but no one was really laughing.
There was the annual open source award ceremony, in which PJ of Groklaw (who, disappointingly, was not present) and Paul Vixie (of BIND and cron fame) received some well-deserved recognition. But lots of people were talking, rather than paying attention, so it was difficult to hear the people on stage.
And there were no other speakers. So the evening event was pretty lame. I left early. At least they served booze, which took the edge off, a bit.
23 July 2007
OSCON 2007: Monday
Monday and Tuesday of OSCON are made up of tutorials during the daytime (there are also some evening events). A tutorial is an in-depth presentation of a specific topic, and it lasts 3-to-4 hours.
This morning I went to "Advanced Vim Scripting", for which the speaker was Steve Oualline (it was originally going to be Damian Conway, but they changed speakers a couple of weeks ago--dunno why). It was a good talk. I'm sort of new to vim (I've used joe for about ten years). Here are a few lines I've added to my
The first two lines define a couple of abbreviations: if I type #p, it'll be replaced by #/usr/bin/perl -w. And I think I probably misspell the more often that I spell it correctly, so the second one will probably help a lot.
The first three map items allow me to do some tricks I've previously talked about doing in joe. The first two comment or uncomment a region (determined in visual mode), and the third runs perltidy on the whole file. The fourth is useful if you have vim in your VISUAL or SVNEDITOR envariables. When you type
The afternoon tutorial was "Linux Performance Monitoring" with Darren Hoch. This was very interesting to me, as it covered lots of diagnostic techniques for troubleshooting server performance problems. Darren covered vmstat, iostat, mpstat, ps and a few other programs. He pointed out that it's a good idea to run these things when the system is quiet and when it's under load, and to archive this information. This gives good baseline data. In fact, I'm thinking about setting up some cron jobs to do this sort of thing on a regular basis, and maybe doing some trend analysis.
Darren also talked about iptraf, and this may be a good way to track the amount of traffic coming in and going out on various tcp and upd ports. I'd previously tried a very complicated process involving user-defined iptables chains and parsing the output of
This morning I went to "Advanced Vim Scripting", for which the speaker was Steve Oualline (it was originally going to be Damian Conway, but they changed speakers a couple of weeks ago--dunno why). It was a good talk. I'm sort of new to vim (I've used joe for about ten years). Here are a few lines I've added to my
.vimrc
file today, as a result of the tutorial:
iab #p #/usr/bin/perl -w
iab teh the
map \1 :s/^/#/<CR>
map \2 :s/^#//<CR>
map \3 :%!perltidy<CR>
map \4 G:r!svn diff<CR>:sp<CR>gg<C-W><C-W>gg
The first two lines define a couple of abbreviations: if I type #p, it'll be replaced by #/usr/bin/perl -w. And I think I probably misspell the more often that I spell it correctly, so the second one will probably help a lot.
The first three map items allow me to do some tricks I've previously talked about doing in joe. The first two comment or uncomment a region (determined in visual mode), and the third runs perltidy on the whole file. The fourth is useful if you have vim in your VISUAL or SVNEDITOR envariables. When you type
svn commit
, svn opens vim so that you can record a commit message. If you type \4
, the macro sends inserts the output of svn diff
at the end of the file, splits the screen, sends each half to the top of the file, and leaves the cursor in the lower half. So you're ready to page down in the lower half to review the changes while recording the commit message in the upper half.The afternoon tutorial was "Linux Performance Monitoring" with Darren Hoch. This was very interesting to me, as it covered lots of diagnostic techniques for troubleshooting server performance problems. Darren covered vmstat, iostat, mpstat, ps and a few other programs. He pointed out that it's a good idea to run these things when the system is quiet and when it's under load, and to archive this information. This gives good baseline data. In fact, I'm thinking about setting up some cron jobs to do this sort of thing on a regular basis, and maybe doing some trend analysis.
Darren also talked about iptraf, and this may be a good way to track the amount of traffic coming in and going out on various tcp and upd ports. I'd previously tried a very complicated process involving user-defined iptables chains and parsing the output of
iptables -L -v
. But I may be able to get comparable data by running iptraf for a few minutes at the top of every hour or something.
22 July 2007
2007 OSCON: hotel Internet fee
So I asked at OSCON registration about the hotel Internet fee. I talked to an incredibly hot woman with a nosering, and she said that, alas, it was no mistake.
She said that Portland had recently launched citywide wireless, but that the hotel was blocking it. Charming. Don't know if I need to complain to the hotel, the conference, or both, but I think someone probably needs a wee bit of wrath.
Well, my work (which is paying for this trip) will probably pay for the Internet fee, as I'll likely do some work this week. So I guess I'm still sticking it to 'the man', but I sort of feel like I'm sticking it to the wrong man. shrug
And I stopped by the Ubuntu Live party looking for the Linux Action Show guys, but didn't see them. Oh, well.
She said that Portland had recently launched citywide wireless, but that the hotel was blocking it. Charming. Don't know if I need to complain to the hotel, the conference, or both, but I think someone probably needs a wee bit of wrath.
Well, my work (which is paying for this trip) will probably pay for the Internet fee, as I'll likely do some work this week. So I guess I'm still sticking it to 'the man', but I sort of feel like I'm sticking it to the wrong man. shrug
And I stopped by the Ubuntu Live party looking for the Linux Action Show guys, but didn't see them. Oh, well.
OSCON 2007: arrival
Left home this morning to fly to Portland, OR, for the 2007 OSCON. This is my fourth year to attend, and I always have a really good time at this conference.
So far, I'm a little disappointed in the hotel (the Doubletree). In past years, they've waived the $10/day in-room Internet fee, but they say they're not doing that this year. I'm hoping that's a mistake. I'll ask about it when I go check in at the conference in about an hour.
The guys from the Linux Action Show are having a get-together tonight (they're here for Ubuntu Live), and I was planning to join them. Unfortunately, they've picked a place which looks a bit too far to walk (I didn't bother renting a car), so I don't know if I'll do that or not. Looks like they'll be at the Fun, Food, and Drink event, so maybe I'll try crashing that.
So far, I'm a little disappointed in the hotel (the Doubletree). In past years, they've waived the $10/day in-room Internet fee, but they say they're not doing that this year. I'm hoping that's a mistake. I'll ask about it when I go check in at the conference in about an hour.
The guys from the Linux Action Show are having a get-together tonight (they're here for Ubuntu Live), and I was planning to join them. Unfortunately, they've picked a place which looks a bit too far to walk (I didn't bother renting a car), so I don't know if I'll do that or not. Looks like they'll be at the Fun, Food, and Drink event, so maybe I'll try crashing that.
21 July 2007
GNU screen w/ ssh-agent
I maintain a lot of Linux servers, and I find it useful to keep an ssh session open to each one. But I don't want a terminal window open for each server, so GNU screen has been really helpful to me. I've used screen for years and I thought I knew most of its features, but I recently saw a post on polishlinux.org which has some really neat screen tricks which were new to me.
One screen trick I've used a lot in the past is to run screen inside of an ssh-agent session, with each screen window being an ssh session to one of my servers. So if I generate a password-protected ssh key and share it to all my servers, I can do the following:
The first call to
Then within the inner
The tedious part of doing this was manually opening all those ssh sessions and naming the screen windows. But now (thanks to the polishlinux.org post) I see that I can save something like the following to a file called .screenrc_ssh:
And then I can instead do this:
And all my ssh sessions open like magic.
Another interesting part of the polishlinux.org post is the discussion of regions. This feature lets you split a screen window into regions. I've done this several times by accident, and I always just found it annoying, because I'd have to look in the man page to see how to close a region. I never knew how to use the feature. But you could have an ssh session to two servers in the two regions of the same window--allowing you to run some long-running process on one server and keep an eye on it while you're working on another server in the other region.
Screen rocks.
One screen trick I've used a lot in the past is to run screen inside of an ssh-agent session, with each screen window being an ssh session to one of my servers. So if I generate a password-protected ssh key and share it to all my servers, I can do the following:
$ screen -S wrapper -c .screenrc_escP
$ ssh-agent /bin/bash
$ ssh-add # supply ssh key password
$ screen -S ssh
The first call to
screen
sets up a 'wrapper' session, so that the ssh-agent will work for adding new windows to the inner screen
session, even if I re-attach from another terminal. The .screenrc_escP configuration file contains escape ^Pp
so that the two nested screen
sessions have different escape sequences.Then within the inner
screen
session, I can ssh to my servers without passwords (because I've already given the ssh key password).The tedious part of doing this was manually opening all those ssh sessions and naming the screen windows. But now (thanks to the polishlinux.org post) I see that I can save something like the following to a file called .screenrc_ssh:
screen -t host1 ssh host1
screen -t host2 ssh host2
screen -t host3 ssh host3
screen -t host4 ssh host4
And then I can instead do this:
$ screen -S wrapper -c .screenrc_escP
$ ssh-agent /bin/bash
$ ssh-add # supply ssh key password
$ screen -S ssh -c .screenrc_ssh
And all my ssh sessions open like magic.
Another interesting part of the polishlinux.org post is the discussion of regions. This feature lets you split a screen window into regions. I've done this several times by accident, and I always just found it annoying, because I'd have to look in the man page to see how to close a region. I never knew how to use the feature. But you could have an ssh session to two servers in the two regions of the same window--allowing you to run some long-running process on one server and keep an eye on it while you're working on another server in the other region.
Screen rocks.
19 July 2007
xscreensaver in CentOS 5
xscreensaver landed in the CentOS 5 'extras' repository a couple of days ago (I'd previously bemoaned the absence of xscreensaver in CentOS 5).
Nuclear materials for the asking
The New York Times is reporting that the General Accounting Office (GAO) set up a fake construction company and requested a license from the Nuclear Regulatory Commission (NRC) to purchase nuclear materials. The GAO did this in order to audit the NRC's security protocols. The fake GAO company had no physical location, no Web site, no clients, no construction equipment, and no personnel--just a mailbox.
The NRC quite promptly (less than a month) sent the fake company the requested license. In fact, the GAO was able to alter the document so as to be able to purchase more nuclear material than the original license allowed. The GAO was then able to acquire enough americium-241 and cesium-137 (substances which are legitimately purchased by construction companies) to have been able to construct a dirty bomb (the GAO called off the order prior to delivery and never actually constructed a bomb).
So, next time you think the NRC's got your back, think again.
The NRC quite promptly (less than a month) sent the fake company the requested license. In fact, the GAO was able to alter the document so as to be able to purchase more nuclear material than the original license allowed. The GAO was then able to acquire enough americium-241 and cesium-137 (substances which are legitimately purchased by construction companies) to have been able to construct a dirty bomb (the GAO called off the order prior to delivery and never actually constructed a bomb).
So, next time you think the NRC's got your back, think again.
18 July 2007
gpg-based password wallet
I've been using the following script for a while to store passwords in an encrypted file. As you can see from the comments, it's based on a script from a linux.com article, but I've added several features which make it more agreeable to me. To use, save it as an executable file somewhere in your path (I've saved it as
You'll need to specify the location of the encrypted wallet file. You can do that in one of three ways:
Then just type
And here's the script...
~/bin/wallet
).You'll need to specify the location of the encrypted wallet file. You can do that in one of three ways:
- with the PASSWD_LIST environment variable
- having something like 'PASSWD_LIST=/path/to/wallet.gpg' in ~/.walletrc
- on the command line:
wallet -c /path/to/wallet.gpg
Then just type
wallet
to view your password wallet in less
, or type wallet -e
to edit your wallet (set your VISUAL environment variable to your favorite editor, or wallet
will default to vi
).And here's the script...
#!/bin/bash
# alteration of script described at
# http://www.linux.com/article.pl?sid=07/03/06/1640216
# changes from original:
# 1. use of VISUAL envariable for editor
# 2. storage of password in variable, rather than file
# 3. view-only mode (rather than always opening in text editor)
# 4. symmetric encryption
# 5. saving backup copy of encrypted password file prior to editing
# 6. creates password wallet if it doesn't exist
# 7. encrypted file can be specified by -c option, by PASSWD_LIST
# envariable, or in ~/.walletrc
if [ -f ~/.walletrc ]; then
. ~/.walletrc
fi
if [ -z ${VISUAL} ]; then
VISUAL=vi
fi
EDIT_PWFILE=0
while getopts 'ec:' OPTION
do
case $OPTION in
e) EDIT_PWFILE=1;;
c) PASSWD_LIST="$OPTARG";;
?) printf "usage: %s [ -e ] [ -c encrypted file ]\n" $( basename $0 ) >&2
exit 2
;;
esac
done
shift $(($OPTIND - 1))
if [ -z "${PASSWD_LIST}" ]; then
echo "need the encrypted file specified by PASSWD_LIST (in ~/.walletrc"
echo "or the envariable) or with the -c option"
exit 2
fi
if [ ! -f $PASSWD_LIST ]; then
echo "$PASSWD_LIST doesn't exist--attempting to create..."
echo "(you'll need to give gpg a master password in a moment)"
mkdir -p $( dirname ${PASSWD_LIST} )
TEMPFILE=$( mktemp /tmp/wallet.XXXXXX )
gpg -c -o ${PASSWD_LIST} ${TEMPFILE}
rm -f ${TEMPFILE}
EDIT_PWFILE=1
fi
# prompt the user for the password
PASSWORD=$( dialog --stdout --backtitle "Password Locker" \
--title "Master Password" --clear --passwordbox \
"Enter the Password Locker master password." 10 51 )
RETVAL=$?
case $RETVAL in
1)
echo "Authentication Required!"
exit 1;;
255)
echo "Authentication Required!"
exit 1;;
esac
# if we're not editing the file, just display it and quit
if [ $EDIT_PWFILE -eq 0 ]; then
echo $PASSWORD | gpg --decrypt --passphrase-fd 0 $PASSWD_LIST | less
clear
exit
fi
TMPDIR=$( mktemp -d /tmp/wallet.XXXXXX )
chmod 700 ${TMPDIR}
PASSWD_LIST_UNENCRYPTED=${TMPDIR}/wallet
# decrypt the password list
echo $PASSWORD | gpg -o $PASSWD_LIST_UNENCRYPTED --passphrase-fd 0 \
$PASSWD_LIST &> /dev/null
RETVAL=$?
# if decryption succeeded, open the password list in the editor
# and then re-encrypt it after the editor closes
case $RETVAL in
0)
mv $PASSWD_LIST ${PASSWD_LIST}.bak
${VISUAL} $PASSWD_LIST_UNENCRYPTED 2> /dev/null;
echo $PASSWORD | gpg -c -o $PASSWD_LIST --passphrase-fd 0 \
$PASSWD_LIST_UNENCRYPTED &> /dev/null
CRYPT_RETVAL=$?
if [ $CRYPT_RETVAL -eq 0 ]; then
rm -rf ${TMPDIR}
clear
else
echo -n "gpg failed to encrypt your password file! "
echo "Please fix the problem manually!"
echo "unencrypted file at $PASSWD_LIST_UNENCRYPTED"
exit 1
fi;;
?)
echo "error condition detected (invalid password?)"
rm -rf ${TMPDIR}
exit 1;;
esac
Labels:
cryptography,
linux,
security,
software
17 July 2007
No more oil: try jatropha and miscanthus
A recent post on the Neutral Existence blog reports that the International Energy Agency says we'll run into serious oil supply problems in only five years. The post says that there will be a significantly increased demand from the booming industrialization of India and China, and that it's becoming increasingly critical to find alternatives to oil.
Along those lines, the Energy Blog had posts for a couple of exotic-sounding alternative fuel possibilities that I hadn't read about before. One is a cellulosic ethanol energy crop called miscanthus, whose output exceeds that of switchgrass:
Along those lines, the Energy Blog had posts for a couple of exotic-sounding alternative fuel possibilities that I hadn't read about before. One is a cellulosic ethanol energy crop called miscanthus, whose output exceeds that of switchgrass:
In the 2004 trials, miscanthus out-performed switchgrass by more than double and in the 2005 trials more than triple.(Don't know if that means the amount of crop produced, or the amount of energy produced.) And the other is jatropha, a biodiesel crop which grows well in undeveloped land:
Although not suitable for temperate climates, jatropha promises to be less expensive and less competitive for land than food based oil seeds that are used as feedstock for biodiesel.
16 July 2007
Correspondent Inference Theory
Bruce Schneier has an interesting post about correspondent inference theory (the post discusses a recent paper which applies correspondent inference theory to terrorism). Schneier describes correspondent inference theory as the following:
This is relevant to terrorism in the context of the assertion that terrorism is typically not very successful at helping terrorists attain their goals, because victims tend to assume that the terrorists' goal is to hurt them, rather than effecting some political change.
For example, many people probably believe that the 9/11 attacks were carried out because Al-Qaeda wants to destroy the Americal way of life. But the way I understand it, bin Laden's feelings toward America go back to the early 1990s, when Saudi Arabia allowed Western military forces to be stationed in Saudi Arabia, the home of Islam's two holiest cities, Mecca and Medina. The Schneier post lists four other motivations behind bin Laden's actions. Bin Laden doesn't necessarily want to kill Americans for the sake of killing Americans, but rather to change America's Middle Eastern policy. But many people (understandably) have trouble seeing further than Ground Zero, the Pentagon, and a field in Pennsylvania.
This brings me to a very interesting book I recently read: Religious Literacy by Stephen Prothero. The book details how little the typical American knows about Christianity, let alone the world's other major religions. I learned about this book when the author was interviewed on Comedy Central's The Daily Show. Prothero told an anecdote about a government official (someone influential in U.S. foreign policy) who was unable to correctly answer the question "Is Al-Qaeda a Shi'a or Sunni organization?" Prothero's book makes a pretty convincing argument that university and/or high school curriculum programs should include mandatory courses in basic religious literacy, and that understanding religion helps us to be better citizens, better able to make decisions. If you disagree with that thesis, ask yourself a few questions. Do you know what the terms Sunni and Shi'a mean? Do you know why Mecca and Medina are holy to Muslims? Can you name the world's five major religions? To what story was George W. Bush referring when he mentioned the Jericho Road in his inaugural address?
People tend to infer the motives -- and also the disposition -- of someone who performs an action based on the effects of his actions, and not on external or situational factors.
This is relevant to terrorism in the context of the assertion that terrorism is typically not very successful at helping terrorists attain their goals, because victims tend to assume that the terrorists' goal is to hurt them, rather than effecting some political change.
For example, many people probably believe that the 9/11 attacks were carried out because Al-Qaeda wants to destroy the Americal way of life. But the way I understand it, bin Laden's feelings toward America go back to the early 1990s, when Saudi Arabia allowed Western military forces to be stationed in Saudi Arabia, the home of Islam's two holiest cities, Mecca and Medina. The Schneier post lists four other motivations behind bin Laden's actions. Bin Laden doesn't necessarily want to kill Americans for the sake of killing Americans, but rather to change America's Middle Eastern policy. But many people (understandably) have trouble seeing further than Ground Zero, the Pentagon, and a field in Pennsylvania.
This brings me to a very interesting book I recently read: Religious Literacy by Stephen Prothero. The book details how little the typical American knows about Christianity, let alone the world's other major religions. I learned about this book when the author was interviewed on Comedy Central's The Daily Show. Prothero told an anecdote about a government official (someone influential in U.S. foreign policy) who was unable to correctly answer the question "Is Al-Qaeda a Shi'a or Sunni organization?" Prothero's book makes a pretty convincing argument that university and/or high school curriculum programs should include mandatory courses in basic religious literacy, and that understanding religion helps us to be better citizens, better able to make decisions. If you disagree with that thesis, ask yourself a few questions. Do you know what the terms Sunni and Shi'a mean? Do you know why Mecca and Medina are holy to Muslims? Can you name the world's five major religions? To what story was George W. Bush referring when he mentioned the Jericho Road in his inaugural address?
15 July 2007
Google Earth finds new Chinese submarine
I thought this was pretty cool. If you download and install Google Earth (there's now even a version for Linux), you can see China's new Jin-class ballistic missile submarine. The coordinates are 38°49'4.40"N, 121°29'39.82"E.
14 July 2007
PHP4 end of life
I maintain a lot of legacy PHP code on some CentOS 4 servers, and CentOS 4 comes with PHP4 (I only recently became aware of the PHP5 packages in the centosplus repository). I've long resisted trying to move to PHP5 due to (probably overblown) fears of broken code.
PHP recently announced the PHP4 end of life at the end of 2007 (with some security updates through 8 August 2008). So it looks like I've just about run out of excuses.
Makes me wonder what Red Hat will do about their RHEL3 and RHEL4 distributions.
PHP recently announced the PHP4 end of life at the end of 2007 (with some security updates through 8 August 2008). So it looks like I've just about run out of excuses.
Makes me wonder what Red Hat will do about their RHEL3 and RHEL4 distributions.
11 July 2007
Screw the iPhone
I'm so sick of hearing about the iPhone. For those of you who have an iPhone, congratulations. And for those of you who've had service or hardware problems, condolences. And for members of the press who can't seem to talk about anything else, you suck.
It's an expensive phone. So go call your accountant. Or get a real hobby. Or something.
Looks like someone's already pwned the damn thing, anyway (yes, that's right, pwned).
It's an expensive phone. So go call your accountant. Or get a real hobby. Or something.
Looks like someone's already pwned the damn thing, anyway (yes, that's right, pwned).
10 July 2007
Photos from Antarctica
Some photos (not mine) from Antarctica hit digg.com yesterday. The post says it's a flash-frozen tsunami. Lame, but the pictures are very cool.
09 July 2007
the end of sysadmin
I've been a subscriber of Sys Admin for several years. So I was surprised and disappointed to read this in the 'syslog' (letter from the editor) of the newest issue:
There's nothing else anywhere in the issue to indicate the end of the run, and I don't see anything on the Web site, either. Must have been a very abrupt decision.
Sys Admin appears to have been part of CMP media, which owns several other Web sites and publications. I wonder if they'll send me a few issues of something else to finish out my current subscription.
This is the last issue of Sys Admin magazine that you will receive. The magazine is ceasing publication as of this issue.No warning, no fanfare, they're just done.
There's nothing else anywhere in the issue to indicate the end of the run, and I don't see anything on the Web site, either. Must have been a very abrupt decision.
Sys Admin appears to have been part of CMP media, which owns several other Web sites and publications. I wonder if they'll send me a few issues of something else to finish out my current subscription.
08 July 2007
new 7 wonders
A new seven wonders of the world have been selected. There's a pretty good wikipedia page with pictures and links for the 21 finalists. Apparently the voting is somewhat suspect, and it seems that Egypt was pretty annoyed by the whole thing (the pyramids of Giza are the only surviving monuments from the original seven wonders, and Egyptian officials didn't think the pyrimids needed to compete again).
And here's the wikipedia page for the ('original') seven wonders of the ancient world. Looks like earthquakes are pretty rough on these things.
And here's the wikipedia page for the ('original') seven wonders of the ancient world. Looks like earthquakes are pretty rough on these things.
07 July 2007
Cosmologically illogical
I don't get into astronomy much any more, but I thought this Ars Technica article was pretty interesting. The article talks about a paper to be published in the journal General Relativity and Gravitation. The paper claims that in 100 billion years the universe's cosmological evidence will have disappeared. The cosmic microwave background will be buried in interstellar plasma, and light from other galaxies will have been redshifted (from Hubble expansion) too much to be detectable.
Reminds me of that Simpsons episode: "Let's burn down the observatory so that this can never happen again!" (If I only had a dime for every time I've thought those very words.)
Reminds me of that Simpsons episode: "Let's burn down the observatory so that this can never happen again!" (If I only had a dime for every time I've thought those very words.)
06 July 2007
July 4 sunset
05 July 2007
GPLv3
You can't swing a dead cat over your head lately without hitting a blog post which mentions version 3 of the GNU Public License (an appropriately cynical reader would correctly point out that this would require swinging a dead cat at a fairly narrowly-focused RSS reader). I don't really know a lot about the GPL, but here are a couple of resources which look useful:
- a post on Luis Villa's blog (some poor bastard in law school)
- the GPL FAQ on the GNU Web site
- a critical view of GPLv3
- speculation about Microsoft's reaction
04 July 2007
e-voting source code disclosures
Efforts by Microsoft and a few vendors of e-voting technology recently failed to amend New York state legislation in a way that would have weakened source code escrow provisions.
New York state passed legislation in 2005 requiring that e-voting software source code be placed in escrow for examination. Microsoft (whose Windows operating system is used by some e-voting products) lobbied to amend that legislation. This amendment would have exempted code not specifically designed for voting technology. I suppose this would have made it easier for Microsoft and the e-voting vendors to claim that most or all of their code is to generalized to be considered voting-specific, and would therefor be exempt from examination.
California has similar source code disclosure provisions regarding e-voting technology. One e-voting vendor (Election Systems & Software) had been holding out for months, but recently (and grudgingly) turned over their source code to the California Secretary of State.
Looks like event Presidential candidate John Edwards is getting into the act.
New York state passed legislation in 2005 requiring that e-voting software source code be placed in escrow for examination. Microsoft (whose Windows operating system is used by some e-voting products) lobbied to amend that legislation. This amendment would have exempted code not specifically designed for voting technology. I suppose this would have made it easier for Microsoft and the e-voting vendors to claim that most or all of their code is to generalized to be considered voting-specific, and would therefor be exempt from examination.
California has similar source code disclosure provisions regarding e-voting technology. One e-voting vendor (Election Systems & Software) had been holding out for months, but recently (and grudgingly) turned over their source code to the California Secretary of State.
Looks like event Presidential candidate John Edwards is getting into the act.
03 July 2007
Restrictions on photography in NYC
The New York City Mayor's office is considering new rules which would require a person to obtain a permit and an insurance policy as a prerequisite to certain kinds of public photography in NYC.
The rule would apply to two or more people taking pictures in one location for more that 30 minutes, and also to someone using a tripod for more that ten minutes (that timeframe includes setting up and dismantling the tripod).
So what about someone taking pictures at the Macy's Thanksgiving Day Parade? That's more than a half-hour, and typically more than one person.
The Mayor's office says that this is not intended to affect tourists and amateur photographers. In fact, the article doesn't say what these rules are intended to accomplish (the article says that the rules are coming from the Mayor’s Office of Film, Theater and Broadcasting). But I imagine that city officials will try to justify this as an improvement in city security, based on stories of terrorists taking pictures of their intended targets for planning purposes.
Bruce Schneier talks about this kind of thing a lot in his blog. He calls it security theater: doing something which has the appearance of improving security but which actually doesn't accomplish anything except inconvenience the innocent (like having someone make a cursory visual inspection of your car's trunk when you enter an airport--they're paid a wage not to look through your suitcases, just to look at your suitcases).
Refuse to be terrorized.
The rule would apply to two or more people taking pictures in one location for more that 30 minutes, and also to someone using a tripod for more that ten minutes (that timeframe includes setting up and dismantling the tripod).
So what about someone taking pictures at the Macy's Thanksgiving Day Parade? That's more than a half-hour, and typically more than one person.
The Mayor's office says that this is not intended to affect tourists and amateur photographers. In fact, the article doesn't say what these rules are intended to accomplish (the article says that the rules are coming from the Mayor’s Office of Film, Theater and Broadcasting). But I imagine that city officials will try to justify this as an improvement in city security, based on stories of terrorists taking pictures of their intended targets for planning purposes.
Bruce Schneier talks about this kind of thing a lot in his blog. He calls it security theater: doing something which has the appearance of improving security but which actually doesn't accomplish anything except inconvenience the innocent (like having someone make a cursory visual inspection of your car's trunk when you enter an airport--they're paid a wage not to look through your suitcases, just to look at your suitcases).
Refuse to be terrorized.
02 July 2007
Dallas World Acquarium
Friends and I went to Dallas recently to see The Police in concert (great show). We also checked out the Dallas World Acquarium. I took several pictures, most of which didn't come out very well. But here are a couple of pretty good ones.
This first one may be hard to understand out of context. There's a large pool with rays and a shark, and there's a plexiglass tunnel along the floor of this pool. You can walk through the tunnel and see the shark and rays (although the distortion is pretty bad). You can also (from an upper level) look down into the pool and see the tunnel. This picture is looking down into the pool while the shark is swimming over the tunnel:
And here's a penguin, because penguins are awesome:
The DWA also has a black jaguar. Beautiful animal. So if you've got a couple of hours to kill in Dallas, hit the DWA.
This first one may be hard to understand out of context. There's a large pool with rays and a shark, and there's a plexiglass tunnel along the floor of this pool. You can walk through the tunnel and see the shark and rays (although the distortion is pretty bad). You can also (from an upper level) look down into the pool and see the tunnel. This picture is looking down into the pool while the shark is swimming over the tunnel:
And here's a penguin, because penguins are awesome:
The DWA also has a black jaguar. Beautiful animal. So if you've got a couple of hours to kill in Dallas, hit the DWA.
Subscribe to:
Posts (Atom)