Older blog entries for mjcox (starting at number 82)

Just say no to macerator pumps They place a large number of restrictions on what you can do with them (toilet paper only in the pan, no hairs down the sink, no cleaners), and then even when obeying all the instructions they fail to work, and when they fail to work you end up with a ton of waste soaking into your floor. This time spectacularly flooding (and ruining) the bathroom and hall floors and coming within inches of flooding the cupboard where my large UPS sits (stupidly) on the floor. A very large wet battery and invertor - that would have been a spectacular bang. So that put an end to the balun and S/PDIF (I got the acronym right this time) through CAT5 idea needing 3-400 pounds to fix the damages, and tommorrow a trip to the DIY store to buy some wood to raise the UPS by four inches or so and maybe some water sensor alarms, and possibly a bucket - low tech toilet, but at least it would work.

Who needs impossible-to-find-baluns anyway? I started looking back through my notes from years ago about using opamps to drive differential circuits, then had a quick google search which came up with this gem: http://www.elantec.com/pages/apppdf/d40968.pdf So for about $15 of components (RS Components even have them in stock) I can run SP/DIF through CAT5. Whee.

Spent a good few hours over the weekend trying to find misc bits and pieces to make my home automation more complete. I want to be able to play my music collection in the main room which has the nice 5.1 amp and speaker setup. I thought about buying an Audiotron or the cute spimmp3 devices, but they're about $300+VAT+duty+blah. So here is the alernative cunning plan:

  • Find a cheap soundcard that will output SP/DIF (coax) that works okay with Linux. SP/DIF input too would be nice but not essential. Not yet investigated.
  • Get a pair of 75 ohm to 110 ohm baluns. Then I can feed the SP/DIF output through the balun into the cat5 network, and up to the front room, converted again to SP/DIF and fed into the amp. How hard is it to find a UK source of these things, they should only be about $10-$20 each - it's only a transformer after all.
  • Find my awful IRDA keyboard that I bought in the USA for about $20 a couple of years ago instead of getting a IRDA receiver for the Linux machine.
Ideally I'd have a 2nd balun on the same cat5 cable passing composite video back from the machine through the AV amp to the TV, but that would mean sourcing a replacement video card that has composite out and works with Linux.

Backups, backups, backups. I do! I backup everything off-site! Well, okay, apart from my TiVo which I've not backed up for a while, since January in fact. So when the disk died yesterday and I was unable to salvage it enough to get a working backup off it and ended up with this really old backup, and having to do all the pain of resetting season passes, losing stored programs, losing tivoweb etc etc. Argh.

Still working on the technical review of this firewall book - going well but taking so long I wonder if I'd have time to write a book myself.

Nothing much changed on the house situation, I've brought in my legal insurance to take care of it now, they can have the hassle. A local company, Multipump services, are also becoming annoying as they refuse to return a repaired saniflow pump that I paid for them to repair back in April. Threatening legal action didn't help so I'll have to follow up and start small claims proceedings next week - they're messing me around on purpose and this thing is worth over 200 quid so I can't just ignore it.

More Apache fun last week with an advisory for security issues in 2.0.40 (fortunately which don't affect Unix machines).

Where did that month go? Well actually I know exactly where it went since I started managing my time using the Franklin Covey system. Security work keeps me busy and in spare time I've been finishing off our CVE mapping. I had a mad moment one evening and got our 2000 mapping nearly complete, so only a handful of issues left until we've got a 100% mapping.

In home life I now have the ability to assemble flat pack kitchen units with Italian instructions and make them defy gravity by fixing them to the garage walls using my new scary hammer action drill.

What a busy couple of days. It all started last month with a seemingly innocent DOS being reported to the Apache security team. jorton and I spent some time analysing it and found that although it wasn't exploitable on 32 bit until platforms it may well be exploitable on some 64 bit machines. Then started the co- ordination work with CERT.

Then, suddenly, the ISS team announced the same issue publically causing us to go into firefighting mode and release the advisory (which I'd fortunately already drafted and got positive feedback on), followed by seemingly hundreds of press calls, lots of additional analysis, and reading ISS say I was untrustworthy in some Chicago newspaper ;-)

Now for some sleep

  • Got interviewed for redhat.com
  • I was initiated into the need to carry around more paper
  • had a few days of fun with Bryce and other US folks. Looking in the US for magazines on how to do interior US home design, although all I found was imported magazines showing how to make your US home look English. Grass, greener, etc.
  • Went through far too many security points at airports and found that it's really important to make sure your laptop is charged when they want to inspect it
  • spent some time with the Mitre CVE people

Did an interesting interview last week for Red Hat about what I do and why I do it with some very American questions like "Justify your existance". Anyway that should be on the web site next week sometime and explains all about how I got involved with Apache and why I think buying a house is like coding software.

The cute Erricson phone works over here in the USA and for the first time I've been able to hold working SMS conversations with the UK - saves me a buck or two.

Replaced my outdated paper log book with my todo list and notes with a system from Franklin Covey. Replaced it with even more paper - but according to the seminar this system will sort out my entire life and make me a better person.

Rest of my time has been dealing with various security advisories for Red Hat and investigating new issues. I'm off to see the Mitre CVE folks in a couple of days in Boston.

Tip of the month: When travelling don't let your batteries completely run out so when you are asked to turn on your laptop at airport security there isn't even enough power to light the 'your batteries are low' light.

So I've had my Nokia 8210 for a couple of years and it is getting old and battered. Everytime I go to the US I have to swap to a very horrible Motorolla (with such a confusing interface I can't use it). I wanted to replace it with one of these cute Erricson Bluetooth GPRS tri-band t68's. To upgrade the phone costs 170 pounds and ties you into another 12 months contract. To get the phone on a new contract costs 70 pounds, but you can't keep your number. So I rang and cancelled my service and was going to switch networks (if I switch networks I can keep my number; so Orange are the only losers). They didn't bother trying to keep me.

Just before ordering my new phone I gave Orange Customer Services a call; not only were they then willing to upgrade my phone for just 97 pounds, but they'd give me 60 back for my old phone, no matter what the condition.

So I now have a 9 foot deep hole in my front driveway.

House: Finally taking stock of all the outstanding house stuff. Called the council to look at the vibration problems (they came out within 3 hours, amazing!), keeping a better log of the high voltages so I can complain (it keeps going about 253volts, it's meant to be 230volts), some bits fell off my roof, missing some tiles, they still can't find the water pipe.

X10: problems with X10 codes not being received between floors, have to spend some time to experiment as they all are the same phase (although there is a lot of cable, ring lighting circuit passes through each switch)

CVE: Finally finished the 2001 and 2002 CVE mapping.

73 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!