Older blog entries for trs80 (starting at number 16)

Small scale trust mechanisms

Before gbowland (or grahame as he prefers to go online these days) took LiveJournal by storm with his lj-haiku script (more stats), he wrote the UniSFA smut tree project. Anyway, this had some authentication issues - namely you couldn't really tell who someone really was, since registration only required a valid email address.

Because there aren't that many users, implementing a trust metric for this site alone isn't going to be that useful for preventing impersonation/trolling (see this slashdot article on distributed trust metrics for another example). So what's the solution? Leverage someone else's trust metric. Stevey did this with the LJ Valentine System - to get an account you needed a LJ account, which while LJ doesn't strictly have a trust metric, you can tell who someone is by their past posts, friends and description.

Some other examples of places trust can be obtained: email domains with well-known users (eg people know the username <-> person mapping of UCC, and to a lesser extent the UWA student system tartarus). In these cases, you simply allow people to show who they are by sending the "confirm your account" email to their username@trusted.domain. Other possible sources of trust include IRC nickservs, Advogato, Slashdot etc. However, these latter ones do not allow for external authentication via their database, so your website has to ask for the username and password and autheticate directly, which opens up questions of how much do you trust the website to not keep a record of your password.

You could also just use the PGP web of trust, but generally your target audience will not be that PGP-savvy. Another advantange of using already existing user databases is that you can target the authentication to the audience you are targetting; eg if your website is for an IRC channel, IRC nickserv auth is appropriate, while for LJ users their LJ email is what you want. The other thing you want is a choice of authentication methods - eg not everyone may have a UCC account, but they do have an LJ or tartarus account instead. Usernames should then be displayed as user@trust_domain.

Anyway, enough rambling. The point of this post is that it'd be useful if a collection of these authentication methods was made into a library for future use. Ideally it'd be language neutral, but support for at least two of perl, python and/or php (the most common website scripting languages) would be desirable. Uh, so, Stevey, would you be interested in working on something like this? Oh, and apologies if this doesn't make that much sense - it's 1:45am and I'm still twitching from the whole block of rum and raisin chocolate I had at about 8pm.

More lj-haiku stats: 615,000 total haiku generated, 139,000 unique usernames. Given that around 350,000 LJ users update weekly, that's a penetration of 40% in a week.

Life: Nothing of note. Anyway, there's too many Life posts on Advogato atm, and not enough open sourcery IMHO, so this is my attempt at reversing the trend :P. Oh, and the diary ratings seem stuck again.

diablod3: I thought you joke was funny, but then again I have a weakness for AYBABTU (btw I think Zero SCO is better). You might want to cut down on your posting frequency though, recentlog only shows your last post. Perhaps hold off on posting until you've got several things to say - Advogato has this useful feature where it will remember a diary entry that's been previewed, so you can build up an entry over several days.

chalst: There's the standard rule to avoid click here as link text, but you seem to have got that one already ;-) The best page on the W3 site about link text I could find isn't that long either, though it does link to Tim Berners-Lee's style guide from 1995, in particular the page on avoiding talking about mechanics. I think the most important point they make is to avoid verb phrases - links should be as noun-ish as possible. Also IMHO cutting down on the glue words is a good idea.

Some thoughts about online authentication to follow sometime when it's not 2:13am and I don't have a bunch of things I should have done on the weekend to do today when I get up. However, I will just say that the remix of London Still (The Waifs) was an act of vandalism that converted a great song into something that made me want to stab my eardrums.

Gah! Ctrl-W isn't delete word in a Mozilla <textarea> on Windows!

Damn, linmagau got slashdotted, now I can't read what jdub is on about.

Amusing thought of sometime last week: The meta key is a meta-key on most of today's keyboards. Spent last night trying to get the media keys on my Logitech Elite keyboard which gbowland got me for my birthday. Got them working with xmodmap, but pondered making a proper layout (there were several "internet" keyboard layouts already there, but none that matched my model), then the difficulties of getting it into upstream. I suppose a debian patch wouldn't go astray however. Of course, it might already be in X 4.3 ...

CSS is beginning to use more and more ASCII symbols for the selectors syntax (some examples). This strikes me as one of those little languages that people write with a simple spec and parser, and then expand and expand but can't bear to throw away the (by now) incredibly ugly syntax in favour of something sane for compatibility reasons. Eg the soul description code for a MUD I'm on went from this You ping %people:%name pings %you:%name pings %people to this You ping %people:%name %verb{pings,ping} %you:%name %verb{pings,ping} %people:force=ack %name, CSS has gone from DIV.highlight to #larchives ul>li+li a[href*="alldesigns"]:hover

I've been following the RSS/Echo kerfuffle over the weekend and am now thoroughly confused. Links to the (incredibly wide-ranging) discussions are left as an exercise for the reader, since it's moved past well-reasoned posts into an all-out flamewar across half the technical blogosphere. I was thinking about starting a blog of my very own, but my abhorrence of web design and my inability to properly perform structured procrastination have postponed that idea. For the moment Advogato will suffice for my occasional ranting. Serendipitous googling results in an Advogato FAQ.

Actual life stuff: exams are over, I should pass all my units hopefully. Going down south for Terracon this weekend (need to organise RFT), then back to Perth, then on holiday with family to Esperance and various places along the way. UCC continues to exist, we had the post-exam Zone 3 Midnight to Dawn this morning. Yeah. stuff.

Where to start? At the beginning, of course.

Warning: long and mildly ranty post ahead - click here to skip.

So, quite a few months ago now, my home computer started having trouble powering on - like, it would take several turn on, wait, turn off cycles before it would POST. Then, about 6 weeks ago, it just wouldn't power on at all one morning. At first I thought it was the power supply that was dead, so I picked up a new one, but to no avail. After procrastinating for another fortnight, I took it into UCC for a LAN, where I took it apart completely. Looking at the motherboard (Abit BF6), it became obvious that I had fallen victim to the (not so) fabled batch of stolen electrolyte capacitors. So I got one of the technicians from the EE workshop to replace them for me. Upon powering it up at UCC, it seemed to POST fine, so I packed it up and took it home. To my dismay, when I booted it at home, I realised the keyboard didn't work. After trying with another PS/2 keyboard, I figured my PS/2 port must have been fried. Also, since I'd reset my CMOS when I was determining what was dead, it hung at the POST screen saying "F1 to continue, DEL to go to BIOS", and my P3 600MHz CPU was running at 400MHz (while I normally overclock it to 800MHz). So I thought "maybe a USB keyboard will work". Of course, the only USB keyboard lying around UCC was a dutch imac keyboard of k's. Thankfully, it worked, but since it has no DEL key, I can't get into my BIOS and speed up my CPU, so I'm sitting here typing on a horrible tiny keyboard on a computer that's running half as fast as it should be ... but it still feels great to have my computer back again :-)


About 2 months ago, wheel (the shadow hand that runs UCC) decided that we should replace our venerable stable of standalone X servers that date from the early '90s with modern thin-clients (more on these later). So after the usual time to get quotes and generally be disorganised, we actually got them last Friday. They're Athlon 2000+ (the slowest Athlon you can buy today!) with 512 meg of PC 2100 DDR RAM, nice slimline cases (in black, of course), and ASUS A7N266 nForce based motherboard. Usefully, the motherboard has a built-in PXE boot agent, so netbooting them wasn't a problem .. or so we thought. The nVIDIA linux ethernet driver only comes as a module, and is a wrapper around a closed-source binary to add insult to injury. So while we got them PXE booting a kernel pretty quickly, NFS mounting a / filesystem was going to be a world of pain as we couldn't use the builtin kernel facilities.

After fighting the Debian initrd (which doesn't support NFS / at all), dhcpclient, pump, mount and portmap most of Sunday, I finally got something that mounted / in an incredibly ugly fashion. Davyd helped refine it, and we got it booting fairly well, apart from some locking issues which we're still working on. That afternoon, Bernard (resident kernel-hacker) announced that he'd figured out how to compile the object into the kernel, rendering most of my efforts pretty pointless, since we could use the kernel nfs root and IP autoconfigure stuff. Davyd and Bernard cleaned up the configuration today, and put together some hacks to allow several of these machines to use the same filesystem (with the exception of /etc/hostname, /var/run etc.).

If anyone knows of a better system that's desgined to allow netbooting clients to share a single filesystem, I'd love to know of it. Note that the way it's currently set up, we can apt-get install something on one, and it'll be installed on the other by definition. None of the current cloning systems like cfengine or systemimager are tailored for this scenario, which is caused by our desire to save disk space and admin time (since the machines are identical save for MAC addresses). gconf might be interesting however ... anyway. Tonight grahame installed the RTCW linux demo and kept on commenting how nice these machines were. They're called pitch and velvet (because of the black cases), and the best bit: they cost less than $AU500 each for fast, functional Linux X terminals. And, with an AGP slot, we can upgrade the graphics in the future (although we'll need to find a slimline video card).

Well, I was going to rant slightly about the old Labtam X servers, but it's 2:30am. The HDS ViewStations we picked up recently are of a similar era, but are nicer, to the extent of having a local tetris client.


Life has been fairly good, but I've got a bunch of stuff to do, like two uni assignments, but instead I spend all my time at UCC instead of doing work. There was some fun social ranting tonight at UCC about various people, Cameron Hall is an incestuous social microcosm, but it's moderately enjoyable provided you don't care too much. Brought some of k's couches from STV to UniSFA today, after helping in the Cameron Hall cleanup. As usual, the two worst behaved tenant clubs didn't help out (in fact one was off having a sausage sizzle), but hopefully our soc plant will raise some shit about this. Hmm, too much uni stuff in the "Life" section ... let's see ... saw an X2 preview last Monday, it rocked; just finished Mistress of the Empire by Raymond E. Feist and Janny Wurts, now I have to read Magician to get the other side of the story. And that's enough for now.

Rant over, you may continue your regularly scheduled diaries.

One final note - for those who complain of obscurity if they have a diary rating less than 3: firstly, only logged in users have their recentlog affected by the threshold - anonymous people see all entries because they don't have a root for the diary rating calculation; secondly, you might be able to rate yourself above the threshold - I make no judjement on the ethics of doing this.

mathieu: While I'm hardly a network guru, the router examines FTP packets (or maybe all packets, matching on FTP syntax) and modifies (or at least takes notice of) the PORT command. When doing NAT (or NPAT as one of my pedantic friends would have you say) iptables under Linux, you have to modprobe ip_nat_ftp to get FTP to work. There's also a ip_nat_irc module to get DCCs to work. Oh, and I recommend Tannenbaum's Networks, 4th ed; it's very up-to-date and covers ADSL, 802.11, Bluetooth and 802.16 (the new wireless MAN standard).

k: Can I borrow The War of the Worlds sometime?

14 Apr 2003 (updated 14 Apr 2003 at 14:07 UTC) »

BitTorrent: One of the best features of BitTorrent isn't immediately obvious from the design. By only performing the actual distribution of files (via torrents, with a tracker), the searching for files can be outsourced to Google (since torrents are mianly just listed on random webpages), which is far better at searching than any client could be. This also means that there's no need for a central server to find trackers, and avoids a walled garden which can't take advantage of any upgrade in searching technology. The disadvantages are a lack of metadata in the .torrent file (however the unix philosophy of do one thing (.gz/.bz2 vs .zip) implies that metadata should be kept in the file where it belongs) which impedes searching, and old torrents generally not being available (due to people closing them). The latter could be at least partly fixed by a more traditional p2p app front-end that kept already downloaded torrents around. Gah, that explanation sucks donkey balls and could be much clearer.

olandgren: Au contraire, I quite enjoyed reading your entries back when you updated. However, I do to side with bgeiger about the seasons (winter just arrived here).

Parties: Yeah, that party sucked. I came up with a wonderful proof of why the corridor was (and has always been) the place to be at that house during parties, but this diary is too out of context to contain it.

linux.conf.au 2003:

The Linux.Conf.Au 2003 CD of proceedings are now available. We've posted out CDs to all the attendees, and the ISO image is available from our many mirrors, including via BitTorrent here. The CD includes all the papers, as well as audio recordings of all the presentations, in Ogg/Speex format.


I forgot to note in my last entry that I was elected president of UCC at the AGM. So far, I haven't done that much, except practice my delegation skills :-). After several years of doing most of the day-to-day clubroom stuff, it's nice to be able to tell someone else to do it :-).

Uni is going ok, but I need to actually start studying and going to (at least some) lectures :-(. Object-Oriented Programming this year seems quite decent, it's covering Eiffel and Smalltalk, instead of just more "More Java", which is apparently what it covered in previous years.

My job as a support droid for the uni's student internet service got converted into a fulltime position, so now I only have 6 hours/fortnight instead of 8 hours/week (previously the job was shared between 5 casuals).

Mozilla ate my original post. That and the Labtam with only 16meg of ram and a 256 color display.


I tried out the Mandrake 9.1 torrent, and was suitably impressed. Speeds of up to 350kb/s, it finished in a few hours. It'd be nice if BitTorrent told you the total time taken and average speed when the download finished. I'll use BT to get RedHat 9 early, in an attempt to stop the steady trickle of posts saying "Has anyone mirrored RedHat locally" that follow after every release.

On a related note, Stewart Fist believes that domestic phone calls should be free in Australia. He cites an unreleased report that claims the cost of running the actual network is less than the cost of tracking all the calls, sending out bills, and all the other billing-associated costs. The one time I've set up a network to do billing, it was a right PITA, and dramatically complicated the configuration. So perhaps tjansen, the trend will be towards flat-rate charging in the future (although this is voice calls, not data). Also, many people can't afford/don't have the expertise to colocate a server for cheap bandwidth. Which leads into the other reason to use BitTorrent on ADSL (or cable) - every little bit helps, and far more people have ADSL (or cable) than colocate servers on fast pipes.

advogato diary persistance: I came to write this entry, and found an old entry (which I'd presumably previewed, but not posted) still here. It's hidden features like these that make software pleasant to use.

thomasvs: Even the best project managers have made versioning mistakes:

In March 1992 I had planned to release version 0.13. Instead, with the graphical user interface in place, I felt confident that we were maybe 95 percent of the way to our goal of releasing a full-fledged, reliable operating system, and one with networking. So I named the new release version 0.95.

Boy, was I premature. Not to mention clueless.

[Difficulties of getting networking right elided]

Becuase I had been overly optimistic in the naming of version 0.95, I was caught in a bind. Over the course of the two years it took to get version 1.0 out the door, we were forced to do some crazy things with numbers. There aren't many number between 95 and 100, but we continually released new versions based on bug fixes or added functions. By the time we got to version 0.99, we had to start adding numbers to indicate patch levels, and then we relied on the alphabet. At one point we had version 0.99, patch level 15A. Then version 0.99, patch level 15B, and so on. We made it all the way to patch level 15Z. Patch level 16 became version 1.0, the point where it was usable.

Linus Torvals, Just for Fun.

linux.conf.au is getting close far too quickly. We drew up the design for the networking room last night, which I now have to implement. Various other little things need to be done in the next two weeks, but the committee has done a great job of getting it all together.

7 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!