Older blog entries for ianmacd (starting at number 67)

At work this morning, I was having trouble reaching one of my servers at home. A little investigation revealed that my upstream DSL bandwidth was full to capacity.

What had happened? It turns out that Linux Today had put a link to my bash stuff on their front page. Instant Slashdot effect.

Anyway, the net effect was great. It put a lot of people in touch with bash completion who wouldn't otherwise have known about it. Not everyone reads Freshmeat and few people visit my home page.

My Malata N996 DVD player turned up yesterday. This player is code-free (will play DVDs from any region), dual-standard (converts PAL to NTSC and vice versa), and operates at multiple voltages.

In other words, this player can be plugged in anywhere in the world, connected to any kind of TV, and used to play any DVD. It even handles RCE1 discs. (Hmm, I wonder what it does with SECAM TVs and DVDs.)

This really makes a mockery of the MPAA and their heinous region encoding scheme.

I can't wait for my order of region 2 European DVDs to get here. All those old episodes of Minder and The Royale Family. No way they'll ever see a region 1 release or even end up on American TV. (I wish we could get BBC America in our building, though. They show some great stuff on there.)

I've been playing with Ruby this week. It's like a next-generation Perl, with most of Perl's standard modules and functions converted to classes and methods, giving a truly object-oriented scripting language; much more true to the notion than Python.

It's a little odd learning to think in terms of Ruby's constructs, but I'm having fun and I like it a lot.

I got a copy of Kylix Professional for Christmas, too, so I should really start playing with that and reawaken my old love of Pascal and Modula-2.

Homesickness for Amsterdam is becoming acute. I'd love to get home for a while, even just a few days. Since the introduction of the Euro, I wouldn't even recognise the money now.

The USA is starting to feel much like a job that I've outgrown and need to resign from. The sense of adventure and novelty value that were strong when I first came here have evaporated. What to do? Our immediate future is here (Sarah's job is going very well), but I definitely want to start thinking about how I might engineer our smooth migration back to my homeland in the not too distant future.

Plans for the wedding are proceeding apace. I need to build an RSVP system out of CGI scripts and MySQL to take care of the invitations. So much to do, so much to think about.

Just got back from two weeks on the east coast, celebrating Christmas and New Year with Sarah and her folks. What bliss.

Our two nights out at Fire & Ice were fun, as were the positively stupendous desserts at Finale in Boston.

Anyway, I've just put up a new release of bash completion with which to kick off the new year.

I'm back at work tomorrow. Ugh. I very quickly get used to not working, so I can't say I'm looking forward to getting back into the doldrums.

Anyone played with grsecurity, an excellent security patch for the Linux kernel? This thing is great and nails a system down very tightly indeed. The sysctl interface is particularly good, allowing you to fine-tune parameters to get the precise balance between security and usability that you want. Then you can lock down all the configured parameters by setting one final sysctl. Once that's set, grsecurity parameters can no longer be redefined.

So, I won an Xbox last night in a raffle at the Disaster Recovery BoF. A few hours prior to that, I hadn't even heard of the Xbox.

Walking through the vendor exhibition hall with a colleague earlier that afternoon, he remarked how cool the Xbox was. "What's an Xbox?" I asked. "A game console", he replied.

I told him how glad I was that I didn't have one, because I didn't have enough time for my interests and hobbies as it was. My life would be over if I had such a device.

Now I own one.

Hmm...

So, I'm at LISA 2001 in San Diego this week.

The downloads of my bash completion code have been very encouraging. Expect to see a new release at the weekend to fix a few silly bugs.

Highlights of LISA so far have been Jim Reid's excellent advanced DNS tutorial and KC Claffy's presentation on Internet traffic statistics, which debunked a surprising number of commonly held beliefs. Her Answer Lies in Measurement folk song was particularly entertaining.

I've finally put up a page for my bash completion and other cool bash stuff.

We spent Thanksgiving in the Santa Barbara area, in Carpenteria to be specific, staying at Prufrock's Garden Inn.

Saturday evening, I'm flying down to San Diego for the LISA 2001 conference. That should be fun. I just hope they have a wireless LAN for my laptop so that I can still do stuff.

On Sunday evening, we'll probably head down to tacky Tijuana, just over the Mexican border.

Flight prices are still ridiculously cheap right now, so Sarah and I have decided to go for a long weekend on Maui in January. So it's the rainiest month of the year in Hawaii, but who cares?

Spent some time hacking on Junkbuster today. It's rare that I get to hack on C code in my day job (or even outside of my day job).

Basically, Google needs to be able to strip out the Referer header from HTTP requests when said URL refers to an internal Google document, just in case the file name compromises confidentiality.

We now have a trio of Junkbuster proxies running on a single machine. Port 8000 filters out Referer and User Agent headers, port 8001 filters out both of those headers as well as ads, and port 8002 filters out those headers, ads, and cookies.

All in all, a decent step in the direction of anonymous browsing. It's just unfortunate that Referer and User Agent information can also be retrieved via JavaScript. Nothing is infallible.

Looks like tomorrow is going to be taken up with documenting the proxy implementation and putting together an LDAP design document.

On the home network front, I now have monitoring, thanks to mon. I've also replaced wu-ftpd with vsftpd and syslogd with syslog-ng, which is a vastly superior piece of code. CVS is one of the next things I'll need to set up, but that's pretty simple.

Hi mperry. It sounds like you've arrived at a crossroads in your life and I wish you the best in your future endeavours.

Your diary entry yesterday was most tantalising and I find myself wondering how much of the change in your life is related to unstoppable events at work.

Will Linuxcare implode on itself like a dying star? Almost no news comes out of that company these days. Once upon a time, people would dread the poison pen of Maureen O'Gara as she sought to trash Linuxcare and all other Linux companies. These days, Linuxcare isn't even important enough to be worthy of her bile.

It's true what they say: the only thing worse than being talked about is not being talked about. Anyway, I successfully migrated all services from my old machine in Amsterdam and now have everything running on a new machine in my apartment, down here in Palo Alto.

The last few weeks have seen me fine-tuning the configuration of Postfix and BIND, as well as nailing down the security of my network as tightly as possible.

I've now got IPSec based access into Google, which is very convenient when I'm on-call.

I also installed an excellent Web based e-mail client for family and friends to use to access their e-mail account. I didn't want to be offering either POP or IMAP over the Internet, so SquirrelMail provided an excellent alternative.

Future projects will see incremental improvements in the network here. I require more flexible logging, which I'll get from either msyslog or syslog-ng.

Then I'll need a more secure FTP daemon, for which I'll probably go with vsftpd. Another worthy project is monitoring, where I'll probably use mon, since that has served me well in the past. Somewhere down the road, I also want to install a news server to gate some of the mailing lists I'm on to newsgroups.

In short, projects aplenty. The only issue, as always, is finding the time.

I dropped Sarah off at San Jose airport this morning. I felt as nervous as hell while she was in the air. I'm flying out to the east coast Friday night and I'm not worried for my own safety at all, but it was awful knowing that the person I care most about in the world was in what has been exposed as an extremely vulnerable position. To my great relief, she arrived safe and sound.

First of all, hi to mperry. Welcome to Advogato! It was always a pleasure to work with you and who knows, maybe our professional paths will cross again in the future.

The stuff you're doing with your iPAQ sounds very cool, but I wonder how much you must have spent on all of those accessories. I would love one of those things, but know that it wouldn't stop at the initial cost of the unit itself. There would be the card expansion pack, the extra memory, etc. Life's hard when you have to justify expenditure to your fiancée. Maybe I'll reassess when the H3800 comes out. That looks like it will be a great unit.

Well, I spent some time configuring Apache last night and should be ready to make the switch to hosting www.caliban.org sooner rather than later. Hopefully, I'll manage to grab some time today to start working on e-mail.

As a former employee of @Home Benelux, it comes as no big surprise to read about the chapter 11 filing of the US variant and shareholder. Management at that company was always in disarray, with a fatal unwillingness to listen to the wisdom of others.

More illuminating, though is this article on how the whole @Home/Excite merger was doomed from the start, with cynical executives and VCs looking for artificial ways to bump up the stock value so that big investors could cash in and bow out, without any care for the long term future of the business, its employees, its customers, or minor investors in its shares.

This is cynical big business at its worst, especially when one considers that those guilty have what I disaffectionately call resumé buoyancy. They've risen so high on the totem pole that they can just waltz into a similar position elsewhere and rape and pillage in the same fashion all over again. OK. that's my Saturday morning rant out of the way. Time to go and do something useful now...

Wow, things have been really busy lately.

Google is ticking along nicely, though I need to get my teeth more into the production stuff than I have done so far.

No date set for the wedding yet, though it's almost a certainty that 30th August 2002 will be the date that lives in infamy.

We finally got DSL last week. After 18 months in the USA, with nothing more than dial-up service (and poor dial-up service, at that), I finally have a fast connection to the Net again. What a difference this makes to one's quality of life.

In the wake of recent events, it seems almost absurd to find happiness in something so trivial, but it really is nice to have this little luxury.

So, I've installed one of my servers with bind 9.2.0rc4 and configured that securely. Next in line is Postfix, followed by Apache.

Once those are optimally configured, I'll start pointing to my own box for Web and e-mail, moving it away from The Netherlands for the first time in 7 years. The end of an era.

I've already modified my whois information to point to this new box for DNS, but that DNS currently just points back to The Netherlands for Web and e-mail. I'll migrate those services one at a time over the weekend. My Netgear MR314 arrived yesterday. This really is a nice piece of kit, though I was disappointed to discover that, unlike the RT314, it has no selective packet filtering capabilities. I guess I'll fix this by placing my RT314 in front of it.

The MR314 also doesn't have the ability to syslog to a log-host and its Telnet interface is very limited, requiring most duties to be performed via an admittedly very easy to use Web interface.

There's also no serial port, which is a shame.

Still, the main reason I wanted it was for its wireless capabilities, and it seems to be performing very well in this area. A firmware flash to the latest version added the ability to restrict on MAC address, which is a nice security measure (though not infallible). So, the net result of all of this is that I can now hermetically seal off the computer room (which now sounds like there's a DC10 taking off in there) and sit on the couch with my laptop, obtain a DHCP address and surf away, protected behind the NAT of this clever little gateway.

The only thing wrong with the MR314 (and any product like it) is that it's not open source, so it's a trade-off between trusting Netgear's code and not having to purchase another computer with moving parts for the purpose of firewalling my network.

Anyway, time to go to work...

58 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!