jgm's peg-markdown - and another C-based markdown version.
sysadmin - 9.7.2008 - 8.4.2009
Bug #317781 - Comment #45 - very interesting analysis of the data loss problem with ext4. Summary: crap applications and libraries. Unfortunately, it also affects parts like sqlite (though only performance) and unfortunately larger parts of Gnome and KDE, which is why kludges are now being introduced in ext4 to work around them.
What happened to Hot Standby? - real native synchronization is coming with PostgreSQL 8.5! There are already existing solutions, but native is of course easier for administration. And should finally shorten the silly discussions with the MySQL disciples.
ITU plans to combat cybercrime face resistance - why we definitely do not want any involvement of the ITU in any form. This is the typical megalomania of the old monopolists in the telecommunications industry and their state lackeys. Does anyone believe there would still be chances for independent projects if the ITU were to actually succeed with its idea of mandating the implementation of ITU security protocols? Especially since ITU standards are anything but free (and even patent-infested garbage can establish itself there as a "standard" that can then only be implemented in practice by stores like IBM or similar. The IETF is a chaotic bunch - but due to the quite pragmatic structure ("a standard can become what two interoperable, independent implementations can demonstrate") is much better suited for the Internet and its constantly changing situation.
zsync - interesting tool, so to speak one-sided rsync. Server only http, client then with difference transmission - the server side of the protocol is "precompiled" by the tool. Great for update distribution to many downloaders.
Unix Lovers to Party Like It's 1234567890 - tonight at 0:31 (plus a few seconds) it's time!
Schäuble hacked (Update) - well, PHP applications are not inherently secure just because the Federal Minister of the Interior says so. However, he still claims this for electronic ID cards, mass data collection, and similar nonsense ...
ExpanDrive: Ridiculously simple SFTP and FTP drive access on your Mac - also worth a look, after all I have tons of stuff lying around on SFTP servers. And while the Cyberduck is nice, I would actually prefer to use the Finder - at least, if the result is usable.
Nokia pushes through surveillance rights for emails - we buy ourselves a government. The model will certainly soon be adopted in Germany by various large employers (Deutsche Bahn and Deutsche Telekom anyone?).
How To Migrate from Parallels to VirtualBox - might be a good idea, as VirtualBox is free - and should also run on my Asus. And yes, it's completely crazy to have virtualization running on a netbook. But OS X also runs on mine.
XBinary: Extended Binary Format Support for Mac OS X - looks quite interesting.
TimeMachine fails backup - InsanelyMac Forum - there are tips on how to get Time Machine to fly. At least it works with an eee-PC that has an Airport card (the Ralink drivers are said to conflict with the patch).
how to find mac os x application specifier for preferences - since I only have 600 pixels in height on my EeePC, but some dialogs are larger (and you need to get to the things at the bottom): there is help. Mac OS X is already a fine system.
OS X on the EeePC - works. The linked snap shows my EeeBook with NetNewswire in the foreground, notes and a shell (where software is currently being installed with MacPorts) in the background. EeePC: 350 Euro. RunCore 64 GB SSD (fast!!): 199 US$. 2GB memory upgrade: 25 US$ (and I'll also replace the WiFi card so I can use the native drivers, so another 30 Euro). Finally Windows-free: priceless.
RunCore 256GB Pro III Hyper Speed 2.5" SATA Solid State Drive - sorry, I'm drooling on my keyboard while reading the specs. Does anyone have a cloth? This could be the dream for my MBP. An entire edge larger than the built-in drive, and definitely faster. And quieter. And with less power consumption.
Vx32: Lightweight, User-level Sandboxing on the x86 - interesting concept based on processor virtualization.
arRsync - an Rsync GUI for Mac OS X - Title says it all. Addendum: the programmer was probably on drugs. You can't enter ssh servers or anything, only paths. What the hell is rsync good for local paths? The advantage of rsync is especially on network connections ... (oh, and no documentation and no status, unless you sacrifice an email address for "information about the new release")
duplicity - hmm. Could potentially be interesting to back up my server when I shut down the second one next month and instead back up to S3, for example.
IT-Gipfel: VertrauenswĂĽrdige De-Mail von Innenministerium und Telekom - so the company that wants to put a trojan on every PC and the company that decided arbitrarily and unilaterally to tap phones that interest them, want to build a "trusted" email platform together. Did I get that right?
ISS advises against using Trend Micro's ServerProtect - Security vulnerabilities in security software. Great job!
Microsoft explains seven-year patch delay - seven years. For a glaring hole. Great. Proprietary software is so damn secure because only professionals work on it and security is of course the highest priority. (and anyone who finds sarcasm in that sentence can keep it)
The world’s most super-designed data center – fit for a James Bond villain - now that's a data center after my own heart!
The Qualitative Decline of a Provider
There was once a provider that sold root servers in Germany. And the services were good. And the support was good. And oh wonder: you got competent contacts. And hey, you got quick responses. And another thing: when you described problem situations, the contact person on the other side actually understood what it was about. And everything was good.
And then the provider grew. And grew. And somehow the brain didn't grow with it.
Fast-forward to yesterday: I received an email. According to this email, one of my servers had attacked another server in the network. As evidence, a log/dump was attached, which showed this attack traffic. My IP and that of another computer were visible, as well as the protocol: FTP data. So far, so good. If my machine has any guests, I find it good when I am told about it.
First act: contact via ticket and request console - because the network connections are disconnected, there is only a console connection via the web. Oh great: the provider has selected software that doesn't work with proxies - direct access to ports only works when the firewall does NAT (which is less common with corporate firewalls). And with that, it's already 6 hours of forced downtime because there is no other, alternative way - to access a machine with a pure text console setup, I have to use a web console based on Java. Ok, even intelligent companies make dumb decisions from time to time, I thought...
Second act: then at home, the console was started directly. And in between, I pondered the addresses - I know this address, don't I? Hmm, let's see. And correctly: it is in one of my scripts. And it is called once a day, and then shovels some gigabytes of data to this target machine. Why? Well, the target server is the backup server accessible via FTP for data backups ... I should have been suspicious that the original email didn't mention this. Intelligent providers know their own machines. But ok, such a faux pas can happen, take it with humor, what can you do. It's just the internet.
Third act: support message sent - quickly before 18:00, although support is listed until 22:45, but well. No reaction after an hour. Hmm. Called - "oh, yes, I saw the ticket, I'll pass it on again". Two more hours. Then the statement "the traffic was not a backup, it was an attack". What?
Third act drags on for some time, because the support employee simply refuses to accept this clarification. What is unusual about the traffic, he does not want or cannot say. I wouldn't have logged in at all. Strange only that in my research on my machine and the backup server the files have exactly the times specified and thus clearly a login and transfer took place. I can finally only get the data to the FTP server, not conjure it up. Ok, the data is large - but I have 50 GB of backup space, I should be able to fill that. And the volume is around 14-15 GB. Yes, that's a lot.
But no, the support employee insists that I make a written statement. I have to comment on what nonsense they have made at the provider. Doesn't go well. Bad mood.
Fourth act: the next morning first a meeting, then immediately the fax was made and faxed. Waited, worked, occasionally checked the mailbox. Nothing. After 6 hours no reaction. Support ticket expanded with comment, also no reaction. Downtime of the server meanwhile far over 24 hours - because of a misinterpretation on the part of the provider. But he doesn't need to bother about it. Harassment as standard treatment for customers who dare to object?
Too bad that I can no longer recommend Hetzner as a server provider. A pity, after so many years, such a blatant mistake, I really didn't expect that.
(Possible cause: simply the data volume and a misguided intrusion detection system, or maybe the one file that is larger than 2 GB? Who knows - the provider has no interest in clarification, and on my side I can't analyze it, especially not with a machine disconnected from the network).
Update: the fax did not arrive (well, happens sometimes, fax is primitive Stone Age). Kindly, I was allowed to send a photo of the fax, because the next time I am near Stone Age technology is Friday again. And oh wonder - a few minutes after sending the photo comes "the server is back online" - but what surprises me now: in my fax was exactly what I already said in the ticket. And of course there is no explanation, no explanation and also no "Sorry, our mistake". Nothing else. Scratching my head and annoyance over 30 hours of downtime.
Fabric - interesting small tool for simplified deployment of software on clusters or distributed systems.
WPA allegedly crackable in less than 15 minutes - Holy Cow!
Critical security vulnerability: Microsoft warns of worms - "Windows 2000, XP, and Windows Server 2003 are particularly affected by this error. Microsoft classifies the issue as critical here. Windows Vista and Windows Server 2008 are also affected, but Microsoft classifies the issue as important here because users must authenticate themselves first. Even users who are already using a pre-beta version of Windows 7 are advised to install the update." - so basically everyone.
VirusTotal - Free online virus and malware scanner - because I often searched there when I needed a second or third opinion.
eeebuntu - available with Netbook Remix and classic Gnome. Should also have quite comprehensive drivers for the hardware.
Ubuntu Eee - one of the many Ubuntu-based EEE PC distributions. This one sounds very complete and uses the new Netbook Remix interface. According to forum comments, it also runs smoothly with all versions and has full drivers installed.
UMTS USB Sticks: with Xandros (Linux) OVERVIEW - and as I can see here, things still look pretty bad for my UMTS stick under Linux (I have the black thing from TMO), so I'll probably have to continue using Windows for now.
Apple and Windows - Fail
Well, for a few days now I have a cute Asus EEE-PC 901 at home. The thing rocks! I thought I'd stick with Windows, so I can at least use some of the familiar programs and sync my bookmarks between the Safaris, etc. And what happens? Apple is a total failure.
First of all: I don't use an admin account under Windows, I use a normal account and only the admin for installation. For this I have also set up my own admin, as I wanted to put my user profiles on drive D: due to the stupid partitioning of the SSD. It all works quite well. But Apple has dumb ears.
On the one hand, Apple still messes around on drive C:. Then I can't specify for all installers that they should install to D:, instead they install on the system partition. Or iTunes: it demands the installer on the disk in the admin's home directory (which was not readable for others before), to then locally install something (whatever) for the user. If that would work, ok. But it doesn't - iTunes runs through the entire installation sequence with searching for MP3s and all that crap every time it starts.
And setting my iTunes media library to another drive doesn't work either - my 16G Class 6 SDHC will probably remain locked for iTunes, because the library is always reset to D:. Rarely stupid.
And MobileMe? Well, it worked once and messed up my bookmarks, but since then it doesn't work anymore - the control panel takes my data and logs me in, but as soon as I reload the panel or go to the sync settings, my user data is supposedly incorrect. Rarely stupid.
All in all, Apple's offering for Windows leaves a rather pathetic impression - sure, some of it may be due to the non-admin user, or the profiles on drive D:, but hey, similar things exist on the Mac as well, and Apple handles them there. So what's lost on Windows?
Safari works well, but against Chrome it doesn't stand a chance on the small Asus box - too slow. Although Google also didn't exactly cover itself in glory with the Chrome installation, which is forced into the user profile (not changeable without hacks).
Do they want to force me to put Linux on the box? Then there's not even the temptation to look at Apple's stuff...
Update: with an admin user, iTunes works - even with the media library on the SDHC card. Do they have a total screw loose at Apple?
Update 2: After finding a tip in a web forum, I uninstalled all the iTunes stuff and QT and then started the Apple Software Updater under my normal account with "Run as..." and then with the admin user and installed iTunes and QT with it. Intuitive is something else, but at least iTunes now works with my non-privileged account. MobileMe still makes its fuss, though, despite installation via this method. Approaches to debug it? None. Oh, and of course the software ends up on C: again instead of D: ...
Oh yeah, and why the hell does every stupid installer put icons on the desktop without asking? Ok, some ask, but the ones from Apple - no. Bah.
IBM warns standards bodies to shape up - this could be the storm that ISO and ECMA have sown with the OOXML nonsense.
heise online - 15.09.08 - ITU discusses better traceability of IP addresses - "In the International Telecommunication Union (ITU), a procedure is being discussed that can help track IP addresses better. According to a preliminary document published by CNET News from the ITU Working Group 17 (SG 17), 'IP Traceback' is intended to help prevent Denial-of-Service attacks or track down network criminals, but also to make applications on the network more reliable overall. Data protection experts, however, warn of possible misuse. Particular mistrust was apparently aroused by the fact that the first proposal comes from the researcher Tian Huirong, who works at the Chinese Academy for Telecommunication Research (CATR), which is under the Chinese Ministry of Information Industry." - of course in the ITU, which has been accused for some time of increasingly and strongly interfering in internet regulation and standardization. And which has often shown that its mechanisms are anything but open - and thus pretty much contrary to the approach of the IETF. It fits perfectly, like the proverbial ass on the bucket, when a goat is made into a data protection gardener.
Sync trigger with Applescript ... - the path of the command line tool to trigger a sync is mentioned in the last comment. Very nice to build your own backup system, e.g. using Unison and iDisk.
Techdirt: Diebold/Premier Actually Admits Its Machines Are Faulty! And That It Lied About Antivirus Software... - and this will surely be ignored here in Germany. Or will someone finally wake up?
Amazon EBS - Elastic Block Store has launched - normal block devices for Amazon EC2.
CPU Rings, Privilege, and Protection - good overview article.
The Associated Press: States throw out costly electronic voting machines - only here do we still believe the manufacturers' lies more than the experts. There are no unhackable computers. As already in XKCD: "anti-virus programs on voting machines? You are doing it wrong."
BeagleBoard.org - nice small ARM-based computer with quite impressive performance. Could almost tempt me to play around with it.
Everything You Need to Know About USB 3.0, Plus First Spliced Cable Photos - 10x faster and therefore 9x more power - and then the laptop is 20x faster all ...
tunnelblick - graphical OpenVPN client for OS X with all necessary binaries and tools. Could be really useful for me.
We're running out of IPv4 addresses. Time for IPv6. Really. - oops. it's getting tight now.
Tetris - in sed ... (I can't think of anything else to say)
Postgres-R: a database replication system for PostgreSQL - worth a look?
Étoilé - interesting project based on GNUStep, providing an environment with libraries, frameworks, programming languages (a Smalltalk that can be directly combined with Objective-C) and tools. It's great that there are always activities in the GNUStep environment, as it operates somewhat below the horizon defined by Gnome and KDE desktop environments.
Data Protection Experts: Google Analytics Violates User Rights - well, this assessment was somewhat predictable. I'm curious to see what else will come up in the near future. Will Google give in? I doubt it. And even if they do - how credible would an (unverifiable!) assurance from Google be?