Virtualenv-clone 0.2.2 : Python Package Index. Not yet tried, but according to the description it copies virtualenv environments and fixes import paths, egg files, .pth contents and scripts. And it should work more completely than relocatable virtualenvs.
sysadmin - 18.5.2011 - 12.4.2012
abique/tmfs. Poorly blogged, could be helpful someday - a user-space filesystem for Time Machine backups on Linux.
The unbearable finality of pixel space. I tried the linked archiving tool for Flickr once and it works really well. I can even forgive the PHP for that. I have also occasionally pushed Flickr images into this blog (the "Neulich auf Flickr" posts), but the advantage of this backup script is that the structure and even the Flickr access rights are preserved. Unfortunately, albums and sets are not yet backed up, only the photostream. And the layout is very spartan. But maybe this would be a candidate to play with Bootstrap 2.0 and spice up the whole thing a bit.
pyp - Python Power at the Prompt - Google Project Hosting. Since I prefer to play around with Python rather than awk or perl, this is quite an interesting tool. You can use it to edit text files with similar features as awk and perl. And all of it as a one-liner - pyp simply defines a few variables and operators that you can use. Looks quite good.
Gprowl is a nice little script that monitors a GMail account and sends messages when a new message appears in the inbox. With this, you can create push notifications if you use Sparrow (which does not yet support push notifications). Of course, it also works with forwarding and BoxCar, but I don't really want to forward my spam to other servers ... (and hey, the script is in Python!)
Heroku | Clojure on Heroku. And even more Lisp. With Clojure, you can now also work on Heroku, the cloud platform. This might be an alternative to, for example, Google App Engine (on whose Java incarnation Clojure also runs).
Chrome can be cracked in five minutes | Products | futurezone.at: Technology-News. Oy Gevalt! I think some people need to rethink things now. No, sandboxing is not a guaranteed solution for security, it is at best a single component of a complete solution. And yes, making programs more complex also increases the complexity of the security situation. And eventually, there will be a breakthrough like this. (and no, the other browsers are no better, Chrome was just considered "secure" for longer and after the last Pwn2Own it was considered "uncrackable" by some)
Vagrant - Virtualized development for the masses.. Looks good, you can quickly set up a development environment based on BSD or Linux via the command line - and then work with it without having to manually install a bunch of things. Basically appliance templates that can be installed via command line tool. And a whole range of systems are offered as hosts (including OSX, for example). So, for example, also a very easy way to set up a LAMP stack or something similar under OSX.
Hyper-V, Virtual Machines, Drive Letters, Madness, Microsoft
Yupp, the above combination is really not great. Scenario: Hyper-V machine, several virtual machines, some with snapshots, various very long-running installations and a lot of work in these machines. New machines are created based on existing images, which are each generalized with sysprep and prepared for first use and then configured.
Enter the system administrator: a new virtual machine created, sysprep running, unfortunately not in the virtual machine, but on the Hyper-V server. It was then gone. First panic attack.
Colleague has revived the (of course remote) Hyper-V server and put it back into the domain, I get on. All configurations still there, all virtual machines still there. Not a single one of them works. Second panic attack.
Trying to edit virtual machines, no go - the configurations are not accessible, Hyper-V thinks they are all on drive C:. Checked, oh, the drives I: and J: (where the machines were before) are no longer there, have different letters. Ok, letters reversed and Hyper-V restarted. None of the machines run, they still think they are on C:. Third panic attack, as I realize that no configuration changes can be made.
Well, even in the configurations and the registry there is nothing about this mysterious C: - where does it come from? After a long search, found, for each virtual machine and for each snapshot Hyper-V places symbolic links under NTFS. These are located under %systemdrive%:\ProgramData\Microsoft\Windows\Hyper-V in the subdirectories "Virtual Machines" and "Snapshots" and point to the real target files. And in a magical way, all of these pointed to C: - apparently "corrected" NTFS at startup defective symbolic links that point to non-existent drives. Great.
So the links were recreated (first only an unimportant server, so I can see if it works). Of course it doesn't work, because Hyper-V ignores the nice new symbolic link. Permissions are wrong. Icacls can fix that - "NT VIRTUAL MACHINE\
Found, while swearing, that a Frenchman also had problems with this - Microsoft in its great wisdom has localized the names. Under the German version, therefore "NT VIRTUELLER COMPUTER\
German Keyboard Layout under Parallels, VMWare, BootCamp and VirtualBox - Info - Schirmacher. Because I needed it just now - this moves the special characters that you do need occasionally when programming to keys that are more Mac-like. Not perfect, but much better than the standard PC layout, as the MacBook usually doesn't have any markings for these special characters, so you would otherwise search for them in vain.
CoRD: Remote Desktop for Mac OS X. Hmm, let's take a look, it should be good - better than Microsoft's client.
Howto to rebuild Debian packages. Since I had to do it again - especially important is the hint about dch --local blah, so that you get version numbers that differ from the official ones and are not automatically overwritten with the current version from the Debian repository.
Google Wallet PIN cracked on rooted Android devices | The Verge. Well, that was quick. I can't help but smirk. Google should really have better people implementing such things.
Technical Documentation of the Pistos Diaspora forks with a whole lot of interesting features that go beyond the normal Diaspora code. There are some things in there that really interest me, maybe I should think about moving to Amsterdam. Therefore, here's a blog reminder.
Linux L2TP/IPSec with iPhone and Mac OS/X clients | PEEN.NET. Helped me install an L2TP/IPSec Gateway on my server that works with the iPhone. This is already a quite nice solution to not shout all data out loud at hotspots. However, due to the deactivated NAT transport in the Ubuntu package (due to security concerns), it is a bit fiddly because you really have to manually compile the strongswan package. Additionally, it's a bit annoying that you always have to manually activate the VPN on the iPhone - it doesn't stay active at the top. What you actually want with VPNs is for them to always be active - because otherwise you end up sending data accidentally over unencrypted and listenable paths.
Phalanger 3.0 | PHP compiler for .NET. Hmm, completely passed me by - there is a PHP compiler for .NET, which makes PHP a fully integrated .NET language. And this also runs with Mono. And it's so complete that you can run a current Wordpress under mod-mono with it - and according to benchmarks, the performance goes up significantly. Maybe I'll take a look at it in a quiet hour.
EComStation - Wikipedia, the free encyclopedia. Wow. While we're on the topic of Rexx - OS/2 is still around. Even if it's no longer made by IBM - does the company have licenses from IBM? Or do they just have a huge warehouse full of OS/2 Warp installation media lying around?
BUSTED! Secret app on millions of phones logs key taps • The Register. Net - Android phones infected with rootkit/keylogger. And if I read that correctly, the software was apparently installed by network providers and/or device manufacturers. Oh, of course, it's just a "diagnostic tool" - just like the various trojans for PCs are only remote maintenance tools ...
Security flaw: Fire hazard with HP printers? - Golem.de. Finally able to remotely burn down offices. Surely every hacker dreams of that. Thanks HP for this extremely useful feature.
YaCy - Free search engine software and decentralized web search. I'm a fan of distributed systems, so I should definitely check out this distributed search engine (alongside the distributed overlay network Tor and the distributed social network Diaspora, certainly an important component in a potential "free" network).
CCC | Chaos Computer Club analyzes current version of the state trojan. Well, well, the current state trojan is just as bad as the alleged prototype. And of course, everyone claims not to use it. So what is the wonderful, legally compliant version of the state trojan that is allegedly used in the authorities? It would be interesting if the authorities would provide this trojan to the CCC for analysis. But that would be honest and transparent behavior. Apparently, we can no longer expect that from authorities in our banana republic.
Time zones: tz database shut down due to lawsuit. This is probably one of the extra-absurd cases of patent extortion. Time zones are hardly copyrighted by this silly company, and the banal compilation of facts that do not belong to you really does not have a level of creativity that needs to be greatly protected. Patent trolls are annoying.
oryx-editor - Web-based Graphical Business Process Editor. Just looked this up for a colleague and it looks quite interesting - I should take a closer look at what it actually does. This could be quite exciting for some work projects.
Straight Talk on Event Loops. After his beautiful rant "Node.js is Cancer" Ted Dziuba goes into more detail about what the problem is with pure async-event solutions like node.js. As a programmer of a rather old project in Python - the Toolserver for Python - I can certainly understand this. There are good reasons why I implemented threads integrated into the event loop for parallel processing as needed. This "async is faster and better than threads" is exactly the kind of hype nonsense like "NoSQL is faster and better than SQL" and other pigs that are currently being driven through the village.
StartSSL and Nginx. StartSSL is a very good way to obtain SSL certificates for a web server that are actually accepted by browsers. However, these are issued by intermediate certificates that are often missing in browsers - for this, you have to deliver these with the server. With Nginx, this is a bit more complicated because there is no separate setting for it - you have to copy the certificates together for it to work. This is all explained in the linked blog post.
SCO ultimately loses against Novell. Should this nonsense finally be over soon? It's not as if there aren't more absurd proceedings on the horizon (I just recall Lodsys), so it won't be boring. And the entertainment value of the longest-dying IT company has left much to be desired for quite some time ...
Setup services on your Pod - GitHub. Saved for later, I've already set up the link to Twitter on my own pod. I'll probably set up Tumblr soon too, since I still use it quite often. Diaspora is still quite buggy (it's really Alpha), but already quite complete in terms of features. And it's fun to play around with. However, people on Diaspora pods should also post more there, otherwise the social aspect has its problems - I only knew after self-experiments on two pods and several days of waiting that posts actually arrive at me - not because of technical problems, but simply because no one wrote anything ...
Schneier on Security: New, Undeletable, Web Cookie. On to the next round: ETags are evil! Since they can be arbitrarily assigned by the server, you can simply insert a visitor's UUID there, and on the next visit, the browser sends the content for checking for file changes (provided it supports conditional-GET, but that's true for all browsers today). The user has no control over the use of ETags - and it actually doesn't make sense to give the user this control - so it's very difficult to defend against this method.
Time Machine - Frequently Asked Questions 30. What are Local Snapshots?. Not a bad idea what Apple came up with. The first rumors about local snapshots sounded rather strange, but what has become of it - automatic snapshots for on the go, when you don't have your backup drive plugged in, are quite practical. Not for real recovery in the sense of a disk crash, but for the usual "oops, I'm stupid, I didn't want to delete that yet" situations. However, I would like it if there were a GUI in Time Machine for this, where you can turn local snapshots on and off - yes, I know, you can do it from the command line, but I'm not an Apple user for nothing, I want pretty graphical buttons to press!
Sankra Software: Disable OS X Lion Resume per application. Since Apple implemented this feature a bit "aggressively" (it is also activated for apps that do not explicitly say "turn this on, I can handle it"), it can sometimes be quite annoying - some apps then perform both their own "new program start" action and then the system's action afterwards - for example, some editors open two windows on the same file if both the editor and the OSX say "Restore Window". Therefore, it is not impractical to be able to disable this feature per application. Although, of course, this will be forgotten at the latest when the application is updated, and you wonder why the windows no longer open automatically because the application has switched from its own control to system control. But hey, software is the last remaining adventure ...
Trunk Notes | Apps On The Move. I've had this on my computer for a while, but only now have I taken a closer look at how to integrate it with other tools. And it's actually quite simple: Use VimWiki. I already use VimWiki for my desktop wiki, so it makes sense to integrate everything so that I can also use it with the TrunkNotes wiki. Of course, this means that various advanced features of TrunkNotes are not supported, but that's not primarily important to me; what's more important is being able to edit the normal content directly. And for that, this little hack is sufficient. At some point, I'll create a special TrunkNotes mode that also supports metadata. Just found: a clone of VimWiki that works with Markdown (which TrunkNotes uses internally) (the corresponding code is already in the developer version of VimWiki).
PostgreSQL Server Tuning. I just used it, and so I don't have to google it again and again, I made a blogmark. Additionally, you will probably also need to increase kernel parameters so that the shared memory can be allocated at all. Because PostgreSQL likes a lot of memory when you execute more complex queries and the default allocation of about 100 MB is definitely too low for serious use.
Data Protection and Social Network Buttons
Just read: Data Protection & Facebook Like Button for Website Operators. I just played around with the various social buttons (they might still appear on cached pages for a while), but then I thought they will probably report more connections between accounts and page visits - and turned them off for now.
The linked article takes a closer look at the Facebook Like Button, the Google +1 Button should be very similar. The Twitter Button is probably not unproblematic either, at least when the server is queried for the number of tweets - but an unproblematic variant of the Twitter button should be achievable, because that is the simplest case after all.
Well, for now I have turned off the toy again, I still have to think about it. Because on the one hand it is of course interesting to enable visitors with active social networks to easily share in their networks - but what is the price?
Google+. Now I also have one of those funny gadgets. However, I still don't really have an idea of what I need it for. What I like is the already quite good integration with other Google services, although I am surprised that I cannot automatically transfer my recommendations from Google Reader to Google+. Or that I cannot import a simple RSS feed into Google+ for automatic posts. Let's see how this develops. The setup for targeted sharing with different recipient groups, however, I already find much more thought out than the strange stuff on Facebook.
Auto Refresh Plus - Chrome Web Store. For good reason, my interest in such things has been piqued. On the Mac, I of course have more comfortable tools, but to simply refresh a webpage until it has a defined change, this one is more than enough.
WordPress 3.2 now available. Update executed (and for the first time also via automatic update and ssh access for the update, since my web server does not have write permissions on the WP code) and everything seems to have worked smoothly, even though I use a number of plugins. Nice. The admin has been really streamlined, much faster responses.
Prowl - iOS Push Notifications. Is a very practical tool for the iPhone or iPad as a supplement, because you get nice APIs with which you can, for example, send messages from servers to the iPhone. Or you use Send2Prowl from Firefox or Prowl from Chrome to send a link directly to your iPhone.
"We sometimes need your permission to do what you ask us to do with your stuff for example, hosting, making public, or sharing your files. By submitting your stuff to the Services, you grant us and those we work with to provide the Services worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works such as translations or format conversions of, perform, or publicly display that stuff to the extent reasonably necessary for the Service. This license is solely to enable us to technically administer, display, and operate the Services. You must ensure you have the rights you need to grant us that permission." - weil sicherlich wieder haufenweise halbinformierter Unfug geschrieben werden wird, nachdem Dropbox die ToS leichter lesbar und vervollständigt hat, hier der wichtige Punkt nochmal rausgegriffen. Nicht dass ich mich der Illusion hingebe das würde die halbinformierten Unfugposts verhindern, aber wenigstens kann ich dann einfach auf die passende Stelle zeigen.
Ubuntu Cron error - Module is unknown - after libpam upgrade. Argh!!! That really caught me off guard - I didn't notice it for a whole month, so the Metaeule wasn't updated during that time, the cron was just gone. Damn it. I only realized today to look for the cause outside the Eule and then stumbled upon the log messages. Now everything should work properly again. I hope.
Installing gitorious on Ubuntu 10.04. Hmm - I already have an Apache2 with SSL running for my Wordpress administration. And I've also set up a DAV server for document synchronization (in case MobileMe is replaced by iCloud and loses the iDisk in the process). Besides, it's sensible anyway, because the iDisk is so slow. I could also install my own Gitorious there and put my own repositories on it. Just blogged about it, but I should really take a closer look at it.
SparkleShare - Sharing work made easy. Badly blogged, but this looks quite promising at first glance - a simple Git server is used. Unfortunately, it seems to be based only on SSH Git, not HTTPS, at least I don't see anything about it in the docs - HTTPS would be more universal (even if passwords would then have to be stored). What is still missing is an iOS or Android client (Android is apparently in the works), but OSX is already supported. It seems that the most activity in the open-source alternatives to Dropbox is happening here - but I'm still wondering how the server behaves with massive file additions and deletions - for example, I have the current raw photos of the last few months in my Dropbox. A "raw" Git repository grows very quickly to unimaginable sizes ... (and you probably also have to do regular packs so that changes to DNG files don't blow up the repository). One small detail on the side is still important: SparkleShare uses a public IRC server for synchronization messages - so even with self-hosting, all clients are on this server and exchange their triggers via it. Should be kept in mind, because this would be a classic attack vector (and if the IRC server fails, the self-hosted system also hangs). SparkleShare is open source, so you can certainly also plug in your own IRC server here and simply use your own packages.
The Postillon explains: What can the National Cyber Defense Center do?. Awesome. Simply awesome. Next, they'll buy a computer... (I doubt it, though, probably its purchase will be canceled for budget reasons)
Metaverse Ink Blog» Blog Archive » The 4,096 “bug”. Why OpenSim operators should set up their grids with region coordinates below (4096,4096) - the higher coordinates simply cause too many problems and it doesn't look like these problems can be easily and compatibly fixed. Since region coordinates are internal to the grid, it shouldn't be a problem if multiple grids lie in the same coordinate ranges.
Function Reference/site url. I need to go through this more carefully, because if a site is supposed to run in parallel under http and https, then there must no longer be any absolute references, everything must be routed via these functions. A few plugins (jQuery Lightbox and Infinite Scroll) also cause problems here, so bug reports will probably be necessary.
Shedding Bikes: Github's Favorite Joke. Why social networks in combination with code and geeks quickly become asocial networks. One reason why I also keep my distance from Github - I have an account there to set favorites and make bug reports, but I prefer to host my projects on Bitbucket. And even then, I'm very glad that Mercurial (as well as Git) as a distributed version system allows me to switch to other systems or switch to self-hosted sites (Rhodecode would be useful to install in the long run). Update: Github reacts and finally builds in blocking.
SSL and Cookies in WordPress 2.6 « Ryan Boren. Although originally written for WordPress 2.6, it is still valid. I had to do a bit of hacking, as my WordPress server is not directly connected to the network, but behind a firewall (iptables with DNAT helped), but now I have properly secured admin cookies and am better protected against WLAN sniffers at public hotspots. The WordPress idea is really nice - not 100% security, as with my login cookie comments can still be posted under my name, but at least the administration is protected. However, it conflicts with the Safer Cookies Plugin, which I previously used to at least pin my cookies to the IP. Additionally, there is a patch that has gone through 3.1 and enables securing the login cookie as well.
Hackers broke into Lockheed Martin. Holy cow, worst case scenario. Who bets that now cybersecurity laws in the USA will be tightened, after attacks on companies in the defense industry can presumably be portrayed as a matter of national security?
IPhone PPTP VPN – GRE Protocol Issues | it-fabrik blog. Argh. That's exactly where my experiments failed - the VPN doesn't work over Edge - and it's probably because Telekom filters GRE (verified via a WLAN connection and then everything works fine). Why do these stupid mobile providers mess around in the network, they should just provide a connection and that's it. Now I have to manually turn on the VPN in WLAN environments that I don't trust, just because the Telekom people think I shouldn't be able to establish VPN connections over their sacred network. You're supposed to be able to do this via another APN that assigns public IPs and doesn't have a NAT box in between, but whether it's then billed as a flat rate with the tariff, of course, no one can say. I hate mobile providers and their protectionist behavior and their chaotic network structure.
TiddlySpace/tiddlyspace. And since I find TiddlyWiki interesting right now: this project is a hosting project for TiddlyWikis that can be linked to users there and can be networked with each other - sounds like an interesting platform for collaboration on projects, for example (projects that are not about code - there's GitHub and Bitbucket for that). TiddlySpace is also a direct platform where you can register, or you can simply take their open source project here and host it yourself.
On TermKit. A pretty cool project for reinventing terminals. In this case, the output is made as HTML and the terminal is not rendered as a simple console but as a browser window. This way, for example, you can make directory lists graphical or output images directly. It also works on things like pipes and the idea of how data is transported between tools, so that they can all work universally with it - JSON is used here. The whole thing makes a well-thought-out impression.