Older blog entries for hacker (starting at number 182)

Linksys Quality Control

    Urgent telegram.                 <stop>
    Regarding Linksys BEFW11S4 v4.   <stop>
    Do not purchase this device.     <stop>
    Major firmware and chipset bugs. <stop>
    Return to vendor immediately.    <stop>

    I bought this Linksys BEFW11S4 v4 router/WAP to hopefully replace some of my aging Luent wireless and network gear here on the network, and what a wonderful experience this has been. I also picked up the WSB24 signal booster for the 802.11 bits, because I wanted to go through some of these thicker walls. I'm also working out a plan for a Monster Cantenna that I'm building (Yes, that's my arm).

    Apparently there isn't a single person who owns a v4 of this device who can keep a stable connection longer than 30 minutes. v1-v3 work fine, but v4 is a horrible mess of broken chipsets and firmware. Read here and here for the hundreds of users who have reported this issue. Linksys is curiously silent, and their technical support continues to blame MTU settings, Windows (even though I'm on Linux and FreeBSD), the cable modem, DSL providers, and the direction of the wind blowing.

    I'm pretty close to giving up on the device, and shipping it back to the vendor I purchased it from online. I'll barcode it off and RMA it, and let them deal with it. The Netgear MR814 is looking like a nice replacement for it.

Other News

    No job yet.

    Looking for a house.

    Lots of new woodworking projects.

fxn, here's one for you.. straight from my .sig:
perldoc -qa.j | perl -lpe '($_)=m("(.*)")'

Just perl, nothing but perl, only perl.

    I've been spending an enormous amount of time writing perl lately, learning a lot more than I thought I would on these projects, but it is definately fun.

    Elegantly stripping Javascript and Style tags and blocks from a stream of HTML content in a scalar:

    $html =~ s!<(s(?:cript|tyle))[^>]*>.*?</\1>!!gis;

    There's so much I haven't ever done with perl, using it only as a "sysadmin" tool in the past, but now I'm neck-deep in screen-scraping and all kinds of other uses for perl that I've never delved in before. Neat stuff.

Job Trends

    No job yet, still looking for contract work to fill in the blanks.

    The trend seems to be towards posting jobs with incredibly unrealistic job requirements for a pittance of a salary.

    "Must have 10 years experience in HTML, XML, CSS, DOM, ASP, PeopleSoft, AutoCAD, Macromedia Flash, .NET, C, C++, Java, and be able to speak Spanish, Japanese, and write Sanskrit."

    "Oh, and by the way, we don't offer any benefits."

    "Do you mind being our Senior Developer, leading up a team of 16 other developers, for $45k/USD a year?"

    Yes, yes I do mind. That's insulting.

    It would seem that even if you send in a peper resume, make the calls, follow up, and get a real human on the telephone, one who is impressed with your skills and previous work experience, that it is all moot anyway. It's like yelling at a tree in the forest.

    The other thing I've heard (after sending in roughly 400 resumes and making about 70 phone calls myself), is that it doesn't matter if you're a perfect match for the job, with everything they require. If you're not in the "first batch" of resumes they receive, you'll never get a look.

    A job posts an open position, and they get say.. 500 resumes in the first 2 days (a very low estimate, most are in the thousands by week's end). The hiring manager will take the top 50 from the pile, and toss the rest into the trash (or "scan them in for later", yeah, right). If your resume isn't in the first 50 in that pile, you're never going to get your resume seen or receive a call back.

    I've sent out probably 400+ resumes in the last year (many of them were email-only contacts, no follow-up mailing address to send a paper copy of my cv to, or a business name to call around to speak to someone in charge of hiring), and made about 70 phone calls to places that were offering work. To date, I have only received one call from a recruiter, and it was from a word-of-mouth discussion at my local LUG meeting. The job was for something completely out of my skillset (Python and the "R" Statistical language). That's a .002% return on my effort. My friends send me job postings all the time, which I follow-up on, only to find myself talking to a tree in the forest again.


    We're trying to find a house here in the area, so we can settle down a bit and stop paying rent. There's so many nice houses, and a whole lot more houses that are complete trash, going for substantially more than their market value. Typically, the assesed value for taxes represents 75-80% of the actual market value of the house. We're seeing houses listed for 90-100% over that value. A house assessed at $89k for example, will be listed for $225k on the market, in a not-so-nice area of the community. I just don't get it. the interest rates are at 5.1%, and everyone jacks up the price of their house to compensate. It just ends up being a feeding frenzy.

    We've got an agent now to try to help us find the "right" place for us. We go through about 2-dozen listings, drive by the places (without going inside), then take 4-5 out of those 2-dozen, and hand them to our agent to set up appointments to see the insides of. It saves everyone time and money to do it that way, so we're not driving halfway across the state for a house we wouldn't live in, just because the back yard borders an auto-graveyard for example (but of course, you don't see that in the pictures of the houses online, noooOOOoo..). Tough work.

    I'm ok with doing some renovations, but not moving plumbing and walls from one side of a house to the other. That's a bit out of my league.

    .oO(Now where did I put Norm's phone number from "This Old House")

Final Justice

    Brian Silverman, doing business as BES Systems, Electro Depot, Dallas Tech Surplus, and New York Tech Surplus offered laptop computers for sale via Internet auction houses, including eBay. The FTC alleges that Silverman accepted only cash, checks, or money orders for payment from winning bidders. In many instances he failed to provide the computers or provide refunds to his victims, the agency alleged. The FTC charged him with violating the FTC Act and the Mail or Telephone Order Merchandise Rule.


brondsem, look into getting your CISSP. There are a few facilities that offer classes and on-premises testing. It helps if you have a background in other security arenas also. You have to think like... well, a hacker.

Other News

    - Lots of perl

    - Lots of porting

    - No job yet

IBM Warantee Information

    Related to some of the others I've seen here and on the web complaining about their IBM battery life on Thinkpads (raph was it? I forget).. my T23 battery finally stopped holding a charge about 2 weeks ago. It started to decrease slowly in overall on-battery time, but now I get about 10-15 minutes out of it. It reaches about 50%, then drops down to 5% in about 20 seconds and gives me the low battery warning. It won't hold a charge at all.

    What's interesting though, is that I habitually charge it to full, then unplug, then let it run down while I use it to about 1%, then plug it back in. I've been told that this is the way to ensure longer life out of the battery (I realize they don't have memory, and this isn't to prevent that). I never keep the battery in the unit when it's sitting at 100% fully charged.

    So I called IBM today to report the problem. The woman said that IBM laptop batteries are only waranteed for 1 year, and are generally "..are not engineered to last longer than that..". I told her I got the laptop about a year ago, maybe 10 months, but I'd forgotten exactly when. She checked, and found out that my 1-year warantee runs out ON WEDNESDAY. That was 2 days away.

    Funny thing too, my history at IBM for this laptop is longer than my credit report. It's already been into them 5 times for repair and had various innards replaced multiple times.

    Needless to say, a new battery is on its way to me, care of IBM Customer Care. How's that for good luck. Whew.

Other Stuff

    • Trying to grok XML for use in an upcoming release of pilot-link. It makes sense for the type of data we're representing on these devices, and it fits in with a product idea I've been working on in my head.

    • Investigating SyncML.

      Weird questionable licensing involved there. They basically make the claim that if you don't properly protect your IP when using/implementing it, they own whatever you don't claim. Odd arrangement. It's not clear I can use it freely yet in my code. What I'm probably going to end up doing is writing mod_syncml for Apache and use that. I'm hesitant to try the oddball Java versions I've been seeing floating around. I found an interesting thread on it over at handhelds.org.

      If anyone is feeling generous, I've earmarked the SyncML book on my Amazon Wishlist.

    • More RFC reading, this time 2445 for iCal objects. It's not clear to me whether or not I should directly support this in pilot-link yet, or just go straight to XML, and skip the whole ldif/iCal/vCard/vTodo train.

    • Community domains expiring.

      I've been managing and maintaining a bunch of community lists, work, code in cvs, websites, and code for quite awhile now, out of my own pocket. Some of the domains are coming up for expiry soon (two weeks). Since I've been unable to find paying work in 466 days, I'm wondering if I should just let them expire, or make a plea to the community to chip in a few bucks and help me keep them alive.

      Has anyone run into this before? What do/did you do?

    • Someone special has a birthday coming up. We just had Valentines Day and our 3rd anniversary. So many things so close together. Not sure what I'll be able to do without any income, but I'll think of something. She's turning the big 31 this year, while I'll be 32 in a few months. Some days I feel 62.

This life isn't going the way I thought it would. Now what?

More Sendmail Hacks

    I've been handling mail for some friends, one of which gets a LOT of spam. He's a good litmus test for how to tweak a spam filter to maximum effectiveness.

    I'm using a combination of Sendmail, triple-RBL, ordb.org, SpamAssassin (and the milter), and iptables to filter out spam from reaching $USER mailboxes. Here's some recent tweaks I came up with (some with the gentle nudging of others):

     # There is no reason to send HTML in email, none. Blocked.
    HContent-type:  $>+Check_Content_Type
    Rtext/html $*    $#error $@ 5.5.5 $: "555 HTML email denied; use plain text."

    # There is no reason for anyone to send a Content-Type of # multipart/alternative. Multipart is fine in the body # or as an attachment, but the generalized header for those # should be text/plain, not multipart/alternative. Blocked. HContent-type: $>+Check_Content_Type SCheck_Content_Type Rmultipart/alternative $* $#error $@ 5.5.5 $: "555 multipart mail blocked; use plain text"

    # Likewise for base64-encoded bodies. There is no reason # for the ENTIRE message body to be base64-encoded. Blocked. HContent-Transfer-Encoding: $>+Check_Transfer_Encoding SCheck_Transfer_Encoding Rbase64 $* $#error $@ 5.5.5 $: "555 base64-encoded body blocked; use plain text"

    And recently, there is an increase in the number of people being affected by this W32/Sobig@MM trojan, so I blocked that (and another worm) too:


    big@boss.com         ERROR:5.7.1:550 Sobig worm rejected
    hahaha@sexyfun.net   ERROR:5.7.1:550 Hybris worm rejected
    These small changes alone have begun to cut down the number of spam messages that my system(s) will accept for users. A quick grep shows that in the last 2 days, the three tweaks above have successfully blocked 417 separate spam messages that would have otherwise been caught by spamassassin or passed onto a user.

    Any spams that get through these + spamassassin, I block with iptables. It's been doing quite a good job so far. In the last week, my iptables blocks for known spammers has produced 1,291 hits in the logs.

Other Stuff

    Things are busy here, but still no permanent employment (427 days, 61 weeks so far). It may be time to call UPS/Fedex/USPS and see if they have any openings. There are definately no technology jobs left here on the East Coast. Depressing.

Have you ever wondered what your current life would be like, if you went left instead of right, or right instead of left at all those forks in the road of life?

pilot-link 0.11.6, "Chasing Platform Bugs"
    Mac OSX
    I successfully ported pilot-link 0.11.6 over to OSX and managed to get it building cleanly.. apparently the libtool provided on OSX isn't really the same as GNU libtool.
    Apple's Developer Tools contain a program also called libtool, which is used by the compiler driver to build shared libraries. However, this is completely unrelated with GNU libtool. The GNU libtool that Apple ships is installed as glibtool instead.
    What I had to do, was change autogen.sh from pilot-link to run 'glibtool --version' instead of 'libtool --version', and now configure runs properly. I'll hack in a check for that later.

    This Fink Libtool page was useful.

    FreeBSD 4.7-STABLE
    There's still a lingering FreeBSD issue that I can't seem to quite figure out yet. I'm not sure if it's BSD, or pilot-link that is the problem (or both), but I'm leaning towards BSD, since the same branch of code works over serial and IrDA through birda, without problems. Thanks to groggy, and the PR he filed, we may see some positive fixes in this area.

    I've had a machine donated to me by a very helpful person in Dallas, specifically to put FreeBSD on and get this working. Its actually caused me to close up a bunch of lingering bugs in the past month (thanks Larry).

    AIX 4.3
    There's an open issue with AIX 4.3 using vsnprintf(), basically that it has none. I need to add a better test for that. tridge lent me a shell for a bit, but I ran out of neurons to focus on it. Can anyone else lend me a chrooted/jailed environment that I can ssh into and test building pilot-link against AIX?

    Sparc hardware requires aligned structures and addresses. Our current use of unsigned char slp_buf[...] and then casting it to a struct slp * then dereferencing it causes a bus error because of the misaligned address. Again, need testers or actual shell time to fix this.

    Most of the trouble right now is gaining access to boxes that I can test and fix these issues on. Everyone seems to be in either some far-away country, or behind very restrictive environments that I can't mole my way through.

Plucker 1.2
    Well, we released Plucker 1.2 and have had quite a bit of hits lately on the site. The whole site was redesigned from the ground up to take the load, and to properly stuff the necessary bits into mod_perl. This is all going to tie into a larger project on the horizon, when I get time to work it out.

    I managed to cut together an email-only interface to Plucker also (info here), and threw a wiki up with all of the PDA-sized urls I've been capturing for years (over here). I also did a comparison of AvantGo vs. Plucker, which has been quite popular, gauging from the hits (over here).

Rack it up!
    I need to find some 1U and 2U rack cases. Anyone know of a dot-com or three that has some of these they want to unload, fairly inexpensively? I'm trying to get all of these bits of various hardware racked into 1U and 2U enclosures, so I can start saving space around here in the server closet. It's getting crowded in there.
Weather calls for... SNOW!
    One big huge pile of snow says the map. No mountains near here though to take the board out on.
    Well, it looks like I'm next in line for the chance to be a father. I wonder what the percentage of Y chromosomes it takes to father males or females. My father had brothers, my mother had three sisters, and their families had lots of siblings (though ours did not). I also have a brother. Does that mean I'll have sons?
    Status: None, 385 days.

    I did find one small contract gig, which should pay up a small slice of the bills, and maybe give me some money for Christmas expenditures, but nothing really promising looms on the horizon. The threat of major layoffs at $PHARMA has us both concerned.

    Our previous landlord's daughter, who owned the apartment below us, verbally told us that her parents weren't going to renew the lease on our unit (which was up in about 45-50 days), since she was going to buy the entire building. She handed "E" the classifieds.

    We immediately scrambled to find a new place to live, and sent the landlord a very formal letter, explaining that since we weren't properly notified, as required by Rhode Island's Landlord Tenant Act (specifically 34-18-37(c)) which says we are supposed to be given 90 days, in writing), that we were legally justified in terminating our lease 30 days early, and moving out post-haste.

    We moved out, and then the landlord gives us a hard time about some dirt in the oven, and some minor garbage he found on a shelf in the bathroom. He demanded we come over and clean it up first, and he STILL hasn't given us our deposit. He has 20 days, and if he doesn't return our deposit by that time, RI law says we can then persue him for triple damages PLUS our deposit back. That's $2,900.00/USD total.

    Since there were no damages to the unit, and there was no "back" rent owed (we always paid on time), he legally cannot keep the deposit. Cleaning is not damage, even if he wants to hire people at $100.00/hr. to paint the walls or polish the wood floors. Then he claims WE terminated the lease without proper notice. How inept.

    We're settling in well in our new place, 4 floors of a split townhouse. Lots of little fixups to do, but it's nice and quiet here, unlike the previous place, which was a circus 24x7.

So much to do, so much to learn, so little time, it seems.

Lastly, something I saw on a job forum the other day, which was perjured out of Slashdot:

1999: "How To Get Hired As An Open Source Developer"

2001: "How To Get Hired As A Developer"

2002: "How To Get Hired"

2003: "How to Get Hired in a Completely Different Industry"

How true it seems... how true...

173 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!