Older blog entries for richdawe (starting at number 98)

Perl

I released a pre-alpha of File::ExtAttr, a module for accessing files' extended attributes (arbitrary metadata in the form of key-value pairs). The API isn't stable and it only supports Linux. One Day it will support Mac OS X and the *BSD.

Music

"Global Underground 025 Toronto" mix by Deep Dish

Logo for copy protection on audio CDs

I thought it was about time there was a logo to inform customers of the protection on audio CDs.

Perl

Last weekend I went to the London Perl Workshop at the City University in London. I really enjoyed the conference. The talks were well-delivered, interesting and reasonably varied. I particularly liked the way people just got on with it - JFDI! Inspirational. Last year's was a bit cramped, but the venue seemed to be just the right size this year.

Last night I gave a couple of lightning talks at Birmingham.pm:

I've not done lightning talks before. They were fun to write and fun to give. Hopefully the audience enjoyed them too!

At some point in the hopefully-not-to-distant future we'll release File::ExtAttr. This will be a Perl module to provide access to extended file attributes (used for e.g.: ACLs). It's nice to be collaborating on open source over the internet again.

Music

Listening to some music off Magnatune. This is an online music shop with a business model I like. You can listen to full-quality previews before buying. Once you buy the music, you can do what you want with it. There's no DRM. Yay!

Sony rootkit / uninstaller

"More on Sony's DRM Rootkit" by Bruce Schneier
"Sony's Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall Discs" by Alex Halderman and Ed Felten

Inflammatory comment: So it seems like the only secure way of getting music these days is to use P2P, since it's unencumbered.

I'm not advocating or condoning piracy. But way to go Sony on convincing people that DRM is in people's interests (as in: DRM guarantees revenue, ensuring Sony can support new artists, ensuring people get new music, etc.).

Music

"Vehicles & Animals" by Athlete

Blogged Down

So a while ago I reached the point where my own personal planet was completely overwhelmed by the number of blogs I was aggregating. I've been using PlanetPlanet to do the aggregation pretty successfully (using my FC4 rpms of PlanetPlanet).

So I had a look around at a couple of RSS readers. First I tried straw, which looked really good, but failed the "runs successfully" test. Next up was Liferea, which is what I'm using right now.

I have to admit I was a little sceptical of using a separate program. I also had a look at some Firefox plug-ins, which looked promising and probably offer a better interface for discovering and picking up new feeds. But I use Mozilla as my browser and mail client and I'm not ready to switch yet (I'm awkward like that).

Anyway, my personal aggregated planet combined with Liferea seems to be a pretty good combination.

Music

Grand Theft Audio, underground internet radio from Bristol

Evolution

For a while I've wanted to search on Sender and Recipients simultaneously in Evolution, to follow a thread. Someone kindly provided me with a patch to do that:

"Bug 318334: Search by sender and recipients"
<http://bugzilla.gnome.org/show_bug.cgi?id=318334>

Music

The yellow album by Orbital

Phishes, ahoy!

Today my bank actually sent me an e-mail. That's right, a non-phish. And it's about a prize draw for their Internet banking service. I mean, WTF?

This is an example of banks being unhelpful to their customers. If you want to help combat phishing, don't ever send your customers e-mail and tell them that you'll never send them mail. Don't muddy the waters by occasionally sending them e-mail.

Do banks actually care about helping their customers?

Music

"Pushing The Senses" by Feeder

Auto-blackholeing zombies

A while ago I had the idea of having netfilter automatically blackhole any traffic from zombies. A module would automatically check Spamhaus's XBL and throw away the traffic. Or send RSTs.

A slightly more friendly alternative is to redirect HTTP traffic from that IP address to a web page explaining that the user needs to clean their computer.

I have no idea if this is possible with netfilter, never having played with it. I'm finding it hard to get free time to investigate this, so I'm recording this idea here for posterity.

"Agile Software Development In The Large"

I finally finished reading "Agile Software Development In The Large: Diving Into the Deep" by Jutta Eckstein, which I've been reading since April, when I bought it at ACCU 2005.

Mostly I bought it to find out more about Agile programming, but it seems jam-packed with sensible advice, like "Peopleware" by Tom Demarco. It's very readable, interspersed by useful real-world examples of how to apply the advice.

My only criticism is that I still have no idea what Agile Programming is. From that I conclude a few things:

  1. Agile Programming isn't one thing, it's a collection of methodologies - Extreme Programming, Scrum, other methods. (Well, duh, I'm sure I knew that before I read the book. I guess I expected to find it was some other magical thing.)
  2. I may have already been doing a number of the things that make up Agile Programming. Sprints seem familiar, although I don't think I involved customers to the extent required by Agile Programming methodologies.
  3. I haven't had enough experience to really get this book yet.

Point 3 is the crux. Time to experiment a bit with it.

TV...

...or why I may finally get a TV. More4 on the free-to-view broadcast Digital TV is going to show the Daily Show with Jon Stewart. That guy is a legend.

Music

"X&Y" by Coldplay

pptpclient vs. kernel-2.6.13-1.1526_FC4

The latest errata kernel for Fedora Core 4 broke my PPTP VPN using pptpclient. I've done an updated kernel_ppp_mppe rpm that works with the new 2.6.13 kernel. Get it from my Fedora Core 4 area.

Fedora Core 4

Finally got round to upgrading my desktop (i386) and laptop (x86_64) to Fedora Core 4. It took about 8 hours. For some reason the upgrade install takes 2-3 hours. A clean install took around 20 mins, IIRC, on my x86_64. Why it's so slow, I have no idea.

People say Fedora doesn't upgrade very well. I'd have to agree with them. In fact the upgrade went OK. It was only when I pulled down the updates with "yum update" that things got interesting. 1.1GB of updates on i386, 800MB on x86_64 (I install almost everything, so it's my own fault). I guess that the problem with the upgrade is that it installs all the updates, then removes all the old packages, thereby requiring boatloads of free disk space.

Solution: Upgrade piece-wise. This is hardly user-friendly. I had to resort to incantations like:

rpm -qa | grep openoffice > t.lst
yum update `perl -ne 's/-[0-9.]+-.+$//g; print;' t.lst`

to update just OpenOffice. Something similar was required for KDE. Then I could "yum update" the other packages successfully.

I've started porting over my FC3 packages to FC4. Not got very far yet, but check out my FC4 area, if you're looking for a version of xmms that can play MP3s.

Tip: If you want locate to work after upgrading to FC4, you need to update /etc/updatedb.conf to enable daily rebuilding of the locate database.

bluez-libs

There's a recent vulnerability in bluez-libs (Bluetooth libraries) that allows attackers to execute arbitrary commands, if they craft their Bluetooth device name. See CAN-2005-2547. I filed a couple of bugs in RH's Bugzilla:

  • FC3: Bug 166791 - Remote attackers can execute arbitrary commands with crafted Bluetooth device name
  • FC4 Bug 166792 - Remote attackers can execute arbitrary commands with crafted Bluetooth device name

I have some updated FC3 and FC4 packages.

I'm not sure if bluez-utils needs rebuilding to match bluez-libs. Probably. Anyhow, the FC4 bluez-utils ones need rebasing off the bluez-utils from FC4, rather than just rebuilding the FC3 one - I've missed some changes between FC3 & FC4's bluez-utils in just rebuilding.

Music

"Lights Down" by Jerricho

89 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!