Oct 19 2011

time to ditch ubuntu?

I’ve used Ubuntu on my desktops/laptops and netbook for some time now. I think my first installation was 6.06 (the version 6.04 which was late by two months) and my desktops currently all run 10.04 LTS. I got over the minor irritation of the move of the window control buttons from the top right to the top left (a la Mac OSX). But I disliked the first version of 10.10 I tried on the netbook (sporting an early version the unity desktop) so much I quickly switched that back to to 10.04.

I have used the LTS versions of Ubuntu because, in my view, it provides the best trade off between bleeding edge and stability. I’m a huge fan of Debian and use it on my servers and slugs, but Debian is too conservative (and too purist about non-free software such as multimedia codecs) to make it a truly attractive OS for the modern desktop without a lot of additional work. So, the fact that Ubuntu was based on Debian, but with a rather faster release schedule and added usability has made it an obvious choice for some time. And it has become hugely popular. It still ranks number one at distrowatch and there are many other distributions which are based upon it. But Canonical have been taking some controversial decisions of late, many of which have split the user base.

After trialling the unity desktop on the netbook edition in Ubutu 10.10, Canonical merged the netbook and desktop versions into one with 11.04. This meant that users upgrading from an earlier (GNOME based) version were suddenly faced with a radically different looking desktop. The GNOME desktop (called Ubuntu classic) was still available as a fallback from unity in 11.04, but from the latest release (11.10) this is no longer the case, instead you get a 2D version of unity. So, you have unity or you have a worse version of unity.

Ubuntu may be using the GNOME libraries (and it is now using the GNOME 3 libraries rather than those for GNOME 2 as it did when unity was first launched) but many people, myself included, cannot understand why Canonical did not simply work with the GNOME project on version 3. But Canonical have form here. As a company they have been criticised many times in the past for taking rather too much from the FOSS community and not putting enough back. Without Debian, Ubuntu would never have existed. Ian Murdock (the “ian” in Debian) himself expressed concern some time ago that the Ubuntu codebase could diverge too much from Debian unless Canonical developers pushed changes back into the upstream projects. Furthermore, unlike companies such as Intel and Redhat, Canonical developers seem to be almost entirely absent from the linux kernel development community. An interesting, indeed almost comical, statistic emerged recently showing that Microsoft was the fifth most productive contributor to the Linux 3.0 kernel behind only Redhat, Intel, Novell and IBM respectively. As admin magazine notes however, this position owes much to the fact that Microsoft employee K. Y. Srinivasan made 343 changes. Most of those changes were to clean up the code implementing a driver for Hyper-V virtualization. But this is just a statistical blip – I fully expect Microsoft to drop out of the top five, or even top twenty five, shortly.

Canonical also got into a spot of bother when they ditched the GNOME audio player Rhythmbox in favour of Banshee. Rythmbox is decidedly “free software” and links users to free music downloads from Jamendo and paid for music from Magnatune, whilst Banshee looks far more commercially oriented (it linked to Amazon’s MP3 store for downloads in mid 2010 and Canonical used it to link to its own Ubuntu One music store in the 11.04 release. Such decisions can upset people (and make Canonical begin to look like Apple). If they introduce any form of DRM then there will be hell to pay.

With the release of 11.04, Ubuntu Studio, the Ubuntu based distro aimed at multimedia creators, defaulted to retaining GNOME in preference to unity, saying in its release notes “Ubuntu Studio does not currently use Unity. As the user logs in it will default to Gnome Classic Desktop (i.e. Gnome2)”. Shortly thereafter, in May of this year, Scott Lavender, the project lead for Ubuntu Studio announced that they would move away from unity (and GNOME) and use the lightweight Xfce desktop as the default environment in future.

Criticism of Ubuntu (and of Canonical the company) has become so loud and frequent of late that Jono Bacon, the Ubuntu Community “spokesman” reacted by founding openrespect.org apparently as a means of deflecting some of that criticism. The openrespect website says:

“OpenRespect was founded out of a concern that discussion and discourse in the Open Source, Free Software, and Free Culture community has become a little too fiery and flamey in recent years. The goal of OpenRespect is simple: to provide a simple declaration that distills some of the core elements of showing respect to other participants in discussions.”

But as itwire points out, the timing here is rather odd since it is only now “when Canonical has its feet held to the fire, we have a new website called OpenRespect.org registered and volumes of spiel being generated by Bacon.” Quite so.

Jono Bacon has also popped up in a variety of fora getting all defensive about Canonical’s design decisions. He even fronted an article in the July 2011 issue of LinuxFormat magazine where he “interviewed” four key players at Canonical (including Mark Shuttleworth). That interview included such unbiased questions as “Unity is an exciting new vision. What are your goals and inspirations?” Worse, the article did not bother to mention that Bacon was a key Canonical employee.

I have no doubt that Canonical will make unity work. The installed base of Ubuntu users is so large that developers will be forced to make it work, but I don’t have to like it. My problem is that GNOME itself has also changed radically in the move from 2.30 to 3.0. And I don’t like that either. I find myself in good company though, back in July of this year, Linus Torvalds called GNOME 3.0 an “unholy mess” and announced that he was ditching it in favour of Xfce. Although unlike Linus, I never liked KDE, even before the KDE 4 debacle

Permanent link to this article: https://baldric.net/2011/10/19/time-to-ditch-ubuntu/

Oct 19 2011

I don’t have a start menu

You know those irritating conversations you have with “support” staff at your ISP whenever you have a problem which is even slightly off their script? Well xkcd has a solution. Use the code word “shibboleet”. It might work. Nothing else ever does.

XKCD cartoon number 806

With thanks as always to xkcd

Permanent link to this article: https://baldric.net/2011/10/19/i-dont-have-a-start-menu/

Oct 14 2011

clarity is not a virtue

Picking up my copy of the second edition I was reminded of the old obfuscated c contests. One of the earliest (anonymous) entries was this tribute to K&R’s famous printf(“hello world\n”);

—————————————————————————-
int i;main(){for(;i[“]<i;++i){–i;}”];read(‘-‘-‘-‘,i+++”hell\
o, world!\n”,’/’/’/’));}read(j,i,p){write(j/p+p,i—j,i/i);}
—————————————————————————-

c is not known as flexible for nothing.

Permanent link to this article: https://baldric.net/2011/10/14/clarity-is-not-a-virtue/

Oct 14 2011

mountain streams

In response to the news of Dennis Ritchie’s death, Ted Harding, a long time member of the anglia linux users group posted an interesting comment to the list this morning. Ted has kindly given me permission to link to that comment. Like Ted, I too hope we shall be seeing proper tributes to both Dennis Ritchie and the elegance of his creations. Sadly I feel that the mainstream media may pay less attention to the passing of this man than he deserves.

Addendum

The guardian ran a reasonable obituary profile of dmr on 13 October 2011. And on 16 October, John Naughton wrote a good piece for the Guardian’s sister paper, the Observer. In that article, Naughton says:

“It’s funny how fickle fame can be. One week Steve Jobs dies and his death tops the news agendas in dozens of countries. Just over a week later, Dennis Ritchie dies and nobody – except for a few geeks – notices.”

Quite.

And Linux Magazine posted a nice article by Jon “maddog” Hall.

Permanent link to this article: https://baldric.net/2011/10/14/mountain-streams/

Oct 13 2011

a double googol

It seems that google has lost a recent battle to wrest control of the goggle.com domain away from its owner. I wonder if they’ll want to have a go at me next.

Permanent link to this article: https://baldric.net/2011/10/13/a-double-googol/

Oct 13 2011

Dennis Ritchie dies

Now this is getting depressing. It seems that Dennis Ritchie (the “R” in K&R, author and creator of the C programming language and genuine legend in computing history) died last weekend. Bell Labs reported yesterday, and confirmed today, that Ritchie had died after a long illness. He was 70 years old.

As a unix fan, ex-sysadmin and (rusty) C programmer, I owe much to what he created.

dmr once said: “UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity.”

Permanent link to this article: https://baldric.net/2011/10/13/dennis-ritchie-dies/

Oct 11 2011

I have a policy

As I have said in many posts in the past, I care about my privacy. I also care about yours. Ironically however, I have not until now codified exactly what I mean by that, nor have I identified what I will or will not do to protect your privacy. This seems to me a little unfair.

So I have drafted a privacy policy for this blog.

Let me know what you think (and remember to lie where necessary)

Permanent link to this article: https://baldric.net/2011/10/11/i-have-a-policy/

Oct 10 2011

that looks like a scam to me

The volume of spam backscatter I am receiving at the baldric.net domain currently runs at around 18-20,000 emails per month, nearly all of which is aimed at the info@ address I have mentioned before.

My mail server is currently configured to reject mail to non-existent users at the SMTP level with a permanent failure message like so: “550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table:” Rejecting mail at this stage, rather than accepting it only to bounce it later is the “correct thing to do”. This way the sending MTA gets a failure message in its logs and the mail it was attempting to send to me never leaves its queue. If the mail admin at the other end is in any way savvy, then he or she is given enough information to allow them to investigate and, perhaps, cure the problem. But of course that assumes two things: one she /is/ savvy; and two, she actually cares enough to do anything.

Now there is nothing I can do about the second problem, but if there is any way I can provide additional information which might help the hard pressed admin understand why they might have a problem, then that would aid them, me, and any of the likely hundreds or thousands of other people out there who will be receiving crud in response to mails they didn’t send.

One possible way forward might be to add some additional information to the SMTP rejection message – something along the lines of “hey, you might have a configuration problem here, please consider investigating”. Now I dislike re-inventing wheels (and I’m lazy) so I spent a short while searching for possible modifications to my own postfix configuration which would do the trick. Sure enough, I quickly discovered backscatterer.org and its suggested modification to main.cf (though note that it assumes that postfix is using the dbm database library – not all of them do, particularly on the default debian install). Hey, that looks cool, so if I modify my configuration slightly I will be able to run a lookup against backscatterer’s DNSRBL and in cases of a hit I will send an SMTP reject message that looks like this: “554 5.7.1 Service unavailable; Client host [217.77.96.18] blocked using ips.backscatterer.org; Sorry 217.77.96.18 is blacklisted at https://www.backscatterer.org/?ip=217.77.96.18;” instead of the much less informative message above. Now the sysadmin at mx2.infopac.ru (217.77.96.18) will get a much more useful log message. Won’t they?

But hold on a moment, where does backscatterer.org get its RBL? Can I trust it? And am I being fair on the sending domain if I block all mail coming from there based on the simple fact that they are listed in some third party RBL? That feels a little like SORBS to me. Turn the question around. Would I, as admin for the baldric.net domain (and a dozen others) be happy if mail from my domain to some servers were blocked because I had chosen to implement something like “sender callouts” (unlikely as that might be). Worse, backscatterer.org “offers” to de-list any server from its database if you pay them 85 euros (OK, so that will only be about threepence halfpenny in a few weeks time when the eurozone finally tanks, but it is still extortion, whatever the actual sum).

So I think I’ll stay away from backscatterer – it looks like a scam to me. I’ll just have to find another way of telling my Russian sysadmin friends that their servers are “misconfigured”.

Permanent link to this article: https://baldric.net/2011/10/10/that-looks-like-a-scam-to-me/

Oct 07 2011

rip steve jobs

Whilst I have never been an Apple fan, I was enormously saddened to learn of the death on wednesday of Steve Jobs. He was a visionary architect and was undeniably a charismatic, if idiosyncratic, leader in the world of computing and technology.

Whilst his death was not unexpected, he will be missed.

Permanent link to this article: https://baldric.net/2011/10/07/rip-steve-jobs/

Sep 27 2011

webcam mark II

Upgrading the slugs to squeeze killed the webcam. At first I thought that squeeze was missing the necessary gspca drivers, but no, a quick look in /dev revealed an entry for video0 and “lsmod” reported “gspca_zc3xx” loaded correctly. This is a different driver to that which my camera loaded in lenny (spca5xx) but a quick search around the web confirmed that the camera should be happy with the new driver. So clearly the webcam program itself was at fault (confirmed by checking the output when running the program by hand). Time to find an alternative.

A scan of the debian repositories turned up a bunch of possibilities, some of which I had looked at in the past when first installing the camera. I eventually plumped for fswebcam because it was quick and easy to install and configure, it seemed to be actively supported (unlike Gerd Knorr’s old program) and it didn’t need a GUI. More to the point, it works with my old Logitech camera.

The program can be run from the command line with option switches or configured to read its options from a config file. And despite being advertised as a tiny, it has quite a rich feature set. It can even perform simple manipulation of the captured image, such as resizing, averaging multiple frames or overlaying a caption on the image. Nifty.

My current config file is shown below as an example. I may change this because I’m not quite happy with the brightness/contrast mixture and I’m still playing with the options available. Still, a recommended package.

# /etc/fswebcam.conf
#
# config file for fswebcam utility
#
# device and input are defaults
device /dev/video0
input 0
# log messages – only use this is debugging setup
# log /var/log/fswebcam.log
# repeat image capture every 30 seconds
loop 30
# set number of frames to skip if the camera sends bad frames on startup.
# Note – this is only necessary when using the camera for video capture
# skip 10
# background the webcam process
background
# set resolution of image (default is 384 x 288)
resolution 320X240
# set the palette to use in the output format (here JPEG) and the jpeg quality
# (my camera doesn’t like this option so it is commented out)
# palette JPEG
jpeg 95
# set some additional controls
# (use “fswebcam -d v4l2:/dev/video0 –list-controls” to see options)
set brightness=55%
set contrast=40%
# place the banner at the bottom of the image (default)
bottom-banner
# and colour it black
banner-colour #000000
# set the font to use in the banner title and timestamp
font /usr/share/fonts/truetype/msttcorefonts/arialbd.ttf
# set the title and timestamp to display in the banner – (timestamp uses strftime format)
title “Webcam on the Slug”
timestamp “%d %B %Y at %H:%M:%S”
# where we save the image
save /home/web/webcam.baldric.net/images/webcam.jpeg
#
# end

Permanent link to this article: https://baldric.net/2011/09/27/webcam-mark-ii/

Sep 26 2011

squeezing the slugs

Debian 6 (squeeze) has been the current stable version since February 2011. The latest version (6.02) was released in late June. I have put off updating my slugs from lenny (old stable) for a while because I wanted to see how others faired before committing myself. Indeed, initial reports on the debian arm list indicated that the upgrade could be problematic. Worse, a completely clean install of squeeze turns out to be impossible because the debian installer uses more memory than is physically available on the slugs. So the only way to go, even for a clean new installation, is to install lenny first, then upgrade.

Given that both my slugs are operational, and are now an integral part of my network, I decided to invest in a new one as a development machine to test the upgrade rather than risk fritzing a perfectly good setup. (Back in the day I would have been happy to “fix it ’till it broke”, but these days I don’t really need to experiment that much and I’d rather keep a working system, well, working).

Second hand slugs go for around £25 on ebay, and there are still plenty about, so I bid for one that had only about a day to go and was successful. Unfortunately, when it turned up I found that the power supply was fsckd and so I had to switch off one of my operational slugs in order to test the new one. Happily it appeared to boot up OK so I fired off a disgruntled email to the seller and then ordered a new PSU. The seller claimed that it “worked OK when I boxed it” and didn’t offer to pay for the replacement PSU so I wasn’t too happy with him. I became even less happy when the new PSU arrived and I booted up the slug in preparation for reconfiguration to match my network before installing debian.

The debian installation process is handled via an SSH shell. You need to know the address of the slug in order to connect and install. The installer also needs the addresses of a local DNS server and the default route to the outside world (so it can find the servers containing the installation packages). Now the default, factory settings, for slugs includes a fixed IP address of 192.168.1.77. If this does not match your requirements, it must be changed before reflashing with debian. Guess what? The default address didn’t work, so the previous owner must have reconfigured the slug to match his network and he had not bothered to reset to factory default before selling. Nor had he been considerate enough to let me know the new configuration. Needless to say I won’t be buying anything else from him. Nor did he get decent feedback.

I couldn’t reconfigure the new slug until I could connect so I needed to find out what address it was using. A quick nmap scan of the 192.168.1.0/24 netblock showed that it wasn’t even on the default network range so I fired up wireshark and etherape on one of my machines in the hope of catching the slug arping and getting the address from the request. In the event, etherape proved to be quicker (and easier) in providing the answer since the slug quickly popped up and disclosed its IP address as 192.168.2.10. Adding a route to the 192.168.2.0/24 net then allowed me to finally connect and reconfigure the new beast to suit my network. I then rebooted and started a fresh installation of lenny (as previously described in one of my earlier posts). About four hours later I had a nice new clean slug running lenny.

However, since the main purpose of getting the new slug was to allow me to test the upgrade to squeeze in safety I really needed to make it look like my main operational slug. That slug is my DNS and DHCP server, and primary rsync backup for my desktops. It also runs a webserver. Like most (lazy) sysadmins my system documentation tends to lag somewhat behind reality so I can’t rely on the various readme files I routinely create on my boxes to be completely up to date (or even accurate). Fortunately for me though, debian provides a neat way of snapshotting installed packages on a system. You can then use this snaphot to create a mirror of that system which will include all the same packages. Here’s how:

On the source system:

dpkg –get-selections | grep -v deinstall > packages.txt

This lists all active packages, except those deinstalled, and sticks the list in a text file.

Now copy that file to the target system, ensure that the target system’s “sources.list” file matches that on the source, and then run:

dpkg –clear-selections
dpkg –set-selections < packages.txt apt-get dselect-upgrade

This will download and install all the packages necessary to get the target system matching the source.

All that is now left to do is copy across any relevant configuration files so that the two systems fully match and then rebooot the target to check that everything looks OK.

New slug now finally matching old slug it was time to upgrade to squeeze. Martin Michalmayr’s excellent website documents the upgrade process in meticulous detail. The key points to note here are his recommendation that you read the release notes for debian 6.0. In particular, note and follow the chapter on upgrades from debian 5.0 before attempting an actual upgrade. One of the main differences between 5.0 and 6.0 is the use of UUIDs to reference disks. In my case this meant changing my /etc/fstab from this:

# /etc/fstab: static file system information.
#
# proc /proc proc defaults 0 0
/dev/sda2 / ext3 errors=remount-ro 0 1
/dev/sda1 /boot ext2 defaults 0 2
/dev/sda5 none swap sw 0 0

to this:

# /etc/fstab: static file system information.
#
# proc /proc proc defaults 0 0
UUID=db57451a-e3e5-4d8a-95b9-494c48bb5e8d / ext3 errors=remount-ro 0 1
UUID=022bc211-1c52-4848-9ee1-e211e72b28e4 /boot ext2 defaults 0 2
/dev/sda5 none swap sw 0 0

Before finally starting the upgrade I opened two separate SSH sessions to the slug. In one I ran the upgrade process as below:

first a partial upgrade as recommended at Section 4.4.4, “Minimal system upgrade”

apt-get update
apt-get upgrade

then install the required linux kernel image and udev as outlined in Section 4.4.5. “Upgrading the kernel and udev”

apt-get install linux-image-2.6-ixp4xx
apt-get install udev

followed by

reboot

and

apt-get upgrade
apt-get dist-upgrade

to complete the system upgrade.

Now here is where the second SSH session is most useful. The final upgrade and distribution upgrade installs the file indexing package “apt-xapian-index”. Correspondents on the debian arm list have noted that this package consumes more memory than is available on the poor old slug and it starts swapping itself to death. The process must be killed immediately and the package removed. If you leave it too long after the upgrade has completed you will find it impossible to log in until the initial indexation has completed (in excess of 24 hours or more has been reported) because the system is too busy. I ran “top” in the second shell during the dist-upgrade process and kept an eye on the load averages. As soon as they started climbing above 3 I knew that it was time to watch out for the apt-xapian-indexer and kill it. Once the system load returned to normal I was then able to finalise the upgrade with:

apt-get purge apt-xapian-index
apt-get autoremove

to remove the offending indexer and clean up any residual unneeded packages. A final reboot to check all was well was sufficient to convince me that it was safe to upgrade my two operational slugs using the same process. Testing the upgrade on the new slug in the way I did also meant that I now had a backup slug configured exactly like my main DNS server but running squeeze. Any failure on the remaining upgrade would not then be critical.

I must be getting old. I never used to be this cautious.

Permanent link to this article: https://baldric.net/2011/09/26/squeezing-the-slugs/

Aug 14 2011

my wife bought me a kindle

I feel it only right to add to the post below by noting that my wife bought me a Kindle for my birthday. I have since found one useful aspect to electronic publishing. A Kindle can reduce the weight of your luggage when going on holiday.

But I still prefer the “real thing”.

"speedbump" cartoon by Dave Coverly

Speedbump” cartoon copyright Dave Coverly.

Permanent link to this article: https://baldric.net/2011/08/14/my-wife-bought-me-a-kindle/

Aug 14 2011

in praise of dead trees

As an unashamed gadget freak I suppose I should applaud the rise of the e-book in all its wondrous forms. But actually I much prefer the “real thing” (TM). Some while back I became involved in a series of email exchanges about e-books in general and the Amazon Kindle in particular. That exchange made me think about what it is that I like so much about books. I have no idea exactly how many books I have dotted around the house, but I’d guess the number is somewhere north of a couple of thousand, many of which I have read more than once. Someone on the mail list discussion pointed out that I could probably get that entire collection on one Kindle, a thought that, frankly, horrified me.

I like books. I like the fact that I can lend them to people, I like the fact that I can read them in the bath, drop them when I nod off, and know that they are still (just) readable afterwards. I like way that they are actually objects of beauty in their own right, independent of the contents (can you imagine a bookshelf full of Kindles?). I like the fact that the words remain the same between me putting the book down and picking it up again. I like the fact that when I have bought a book, I can be sure that both the book and the original words will still actually /be/ there when I next pick it up (that may not always be the case for electronic words. In fact Amazon themselves very famously shot themselves in the foot when they deleted customers copies of 1984 and Animal Farm back in July 2009).

A real life book doesn’t need batteries, and it will (probably) still be readable in several hundred years when no-one on earth will still have a Kindle. Books can be given as gifts to a friend. That gift can contain a flyleaf note personalising the book in a very special way (I have duplicates of some books simply because a close friend or family member has given me an inscribed copy of a book that I already possess. Such gifts from my kids are beyond price.) E-mailing a friend an electronic book somehow doesn’t have the same aesthetic.

I like the fact that you can scribble in the margins. Many of my books (particularly the text books or reference books) have such marginal notes. Yes I know you can do that with a Kindle, but it somehow doesn’t seem the same as coming across a note you made to yourself 40 years ago whilst you were boning up on a new topic.

I like old bookshops and market stalls selling books. I can happily spend much time browsing shelves for old SF pulp from the 40s and 50s. Time I would probably otherwise be wasting on something entirely frivolous. Sure I could probably find what I wanted by electronically searching on-line, but where’s the fun in that? I’d miss the serendipity of stumbling across a previously unread author. And there would be no bookseller to chat to who could recommend similar books to the ones I had just picked up.

Oh and I like the way old books feel and smell.

cartoon of man buying e-book

Cartoon from the New Yorker dated 14 September 2009. Copyright is fully acknowledged.

Permanent link to this article: https://baldric.net/2011/08/14/in-praise-of-dead-trees/

Aug 14 2011

what time does the pub open

I wanted to check the opening time for a local shop and petrol station this morning so I plugged in a query about opening times to my favourite search engine and hence came across a rather useful little wiki called, not unnaturally, opening times. That sort of single purpose site is exactly what makes the ‘net so useful.

Give it a try.

Permanent link to this article: https://baldric.net/2011/08/14/what-time-does-the-pub-open/

Jul 18 2011

who are you going to call

Like most email users I get my fair share of spam and other internet crud. Mostly I ignore it, but I received an intriguing email a couple of days ago which purported to be a mailer daemon “Delivery Status Notification” informing me of a failed delivery to some address I had not even heard of. Mostly this sort of junk results from backscatter from mailers responding to spammers spoofing your email address in the outgoing mail. I get a lot of this to the “info@baldric.net” address as I’ve mentioned below.

However, this particular email interested me because the message-id in the headers said it came from a machine calling itself mx1.rlogin.net. Now I own and control that domain and I know that I have no such machine. So I concluded that the machine at the address in question (which looks to be at the end of a commercial cable line) was either deliberately being used incorrectly by its owner, or (much more likely) had been compromised and was being used illegally to send spam mail designed to look like it came from my domain. Either way, I’m not overly happy about that so I decided to contact the ISP and let them know that they might have a customer with a problem.

The normal way to do this is to send email to the “abuse@domain.name” address which is usually listed in the whois record for the network owner. There is even an RFC which codifies this practice. However, on searching a variety of whois records I couldn’t find any obvious address to use. Worse, speculative email to “abuse@the-likeliest-relevant-domain” was simply returned as undeliverable. What to do?

Well as it happens I found a very helpful utility called abuseEmail which automates searches of whois records for likely addresses. Better yet, some helpful people at cyberabuse.org give a web based front end to the abusEmail php script so that you don’t have to run your own.

Permanent link to this article: https://baldric.net/2011/07/18/who-are-you-going-to-call/

Jul 02 2011

one reason I don’t use apple

Being a linux and FLOSS fan has its advantages, not least the fact that most, if not all of the software I would want to use (and indeed, /all/ of the software that I actually do use) is free as in beer as well as free as in speech. And given the much smaller target offered by my chosen desktop in comparison to the widely used proprietary offerings, my systems are amost entirely unbothered by malware.

Most of my friends use proprietary systems. A few insist on paying over the odds for Apple products and, perversely, seem to take some pride in doing so. One or two even seem to think that simply buying Apple products marks them as more discerning, cultured and intelligent than the great unwashed who buy their systems from PC World.

In the course of a recent series of email exchanges on this topic, I was therefore delighted to receive this image from another friend. I know he uses windows 7 – I’ve seen it.

update_for_your_computer

(copyright “stickycomics.com” gratefully acknowledged.)

Permanent link to this article: https://baldric.net/2011/07/02/one-reason-i-dont-use-apple/

May 11 2011

I know I shouldn’t do this

but I just can’t resist it.

The Cabinet Office has launched a trial version of a new central government portal called alpha.gov.uk (snappy title). This trial site is a taster for what the designers hope could be a “new, single UK Government website”.

image of alpha.gov.uk webiste

I cannot help but be amused by the fact that one of the “popular tools and topics” the authors have chosen to showcase on the front page is “guide to redundancy”. Someone, somewhere in the Cabinet Office has a wry sense of humour.

Permanent link to this article: https://baldric.net/2011/05/11/i-know-i-shouldnt-do-this/

Mar 29 2011

irony is not dead

Installing counterize to analyse trivia’s logs has been instructive. I now know that some of my most visited pages are consistently those of a “how-to” nature (in particular, those about postfix, dovecot and, strangely, reflashing the old BT home hub). In many ways this is satisfying since one of the objectives of this blog is to document solutions to problems I have encountered personally.

But counterize provides much more than this. For example, I now know that of my visitors, 46.09% use firefox, followed by 27.24% using IE, with safari trailing in third place on 8.75%. Further, the top browser by version is IE 6.0 (now there’s a surprise…) at 13.14% and the most used OS is windows XP at 42.65% (sad, but you can’t argue with the stats).

However, what really intrigues me is the referer analysis. Some are fairly obvious given the content viewed. For example one of the top referers is a page on the-scream.co.uk which points to my articles on the home hub. Others are less so. One that caught my eye today is a referer from a website which sells a tool to spy on mobile phones. That site has a privacy policy (!) which says the following:

Privacy Policy

This privacy policy applies to the use of https://www.spybubble.com

We highly value your privacy and make this policy easily available throughout our site to assist you in understanding the handling of information in the course of using this site.

As Terry Wogan would say, “is it me?”

Permanent link to this article: https://baldric.net/2011/03/29/irony-is-not-dead/

Mar 27 2011

from russia with love

A few weeks ago I installed pflogsumm on my mail server in order to automate my mail log scanning. For some time I had been conscious that my mailer had been rejecting a lot of mail with “user unknown” but I had never really investigated that in any depth. Running pflogsumm over the logs on a nightly basis makes analysis easy. It turns out that over 90% of all mail hitting my server is rejected because I have no user with the name given. Moreover, practically all of that rejected mail is for one user (info@baldric.net) and it all appears to come from mailers with .ru domain names.

By creating a temporary alias for the failing address to a real one I was able to capture some of the mail coming in. The example below is faintly amusing:

“From: postmaster@ruschermet.ru
To: info@baldric.net
Subject: Не удается доставить: лучший секс в Вашей жизни
Date: Sun, 27 Mar 2011 21:22:42 +0400

Не удалось выполнить доставку следующим получателям или лицам из следующих списков рассылки:

hr@ruschermet.ru
Адрес электронной почты получателя не найден в почтовой системе получателя. Microsoft Exchange не будет повторять попытку доставки сообщения. Проверьте адрес электронной почты и повторите отправку сообщения или передайте указанное ниже диагностическое сообщение администратору.

________________________________
Отправлено с помощью Microsoft Exchange Server 2007″

(Try running this through an on-line translation service such as babelfish).

Clearly, what I am getting is backscatter from failed spam deliveries in Russia where the spammer has used the non-existent “info” as a spoofed from address. Ho Hum.

Permanent link to this article: https://baldric.net/2011/03/27/from-russia-with-love/

Feb 01 2011

no police here

The UK Home Office launched a new crime statistics website today at www.police.uk. The site is supposed to show “Local crime and policing information for England and Wales”.

I’m not entirely convinced of the merit of the site in the first place (and can see all sorts of potential objections arising in some of the more rabid tabloid newspapers), but I thought I would try it out before making any form of judgement of my own. Unfortunately I’m not impressed.

The opening page of the new service invites the user to “Enter your postcode, town, village or street into the search box below, and get instant access to street-level crime maps and data, as well as details of your local policing team and beat meetings.”

I have tried various combinations of the suggestions, scaling outwards and upwards from my precise postcode to the whole of that part of the County in which I live. I was not reassured to get the following message:

screenshot of www.police.uk website

Discussion elsewhere on the ‘net suggests that this result is not unusual. It appears to be a badly worded (or badly coded) response to an error condition resulting from system overload following the launch. At least I sincerely hope that is the case and we are not really completely devoid of policing services in the whole of South Norfolk.

Examination of the HTML source for the webpage generated suggests that the service is running on Amazon’s Web Services. Certainly some of pages are retrieved from S3 servers, and the IP address of the site appears to be on Amazon’s AWS (see dig and whois results below *). If the site is, as it appears to be, cloud based, then either the supplier (Rock Kitchen Harris, Leicester) or the Home Office has seriously undersized the requirement. Regardless of who is at fault here, there is an evident need to pull in some more resource pretty quickly. This should be a good test of the much vaunted flexibility of cloud based services such as Amazon’s EC2. I expect the service to be running quickly and cleanly by this time tomorrow.

* dig www.police.uk returns:

; <<>> DiG 9.6-ESV-R3 <<>> www.police.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10557 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.police.uk. IN A ;; ANSWER SECTION: www.police.uk. 1251 IN CNAME policeuk-167782603.eu-west-1.elb.amazonaws.com. policeuk-167782603.eu-west-1.elb.amazonaws.com. 60 IN A 46.137.113.146 ;; Query time: 268 msec ;; SERVER: 80.68.80.24#53(80.68.80.24) ;; WHEN: Tue Feb 1 14:16:23 2011 ;; MSG SIZE rcvd: 107

and a whois lookup of 46.137.113.146 returns:

% Information related to ‘46.137.0.0 – 46.137.127.255’

inetnum: 46.137.0.0 – 46.137.127.255
netname: AMAZON-EU-AWS
descr: Amazon Web Services, Elastic Compute Cloud, EC2, EU

Permanent link to this article: https://baldric.net/2011/02/01/no-police-here/

Jan 29 2011

is my computer off

This site is probably even more pointless than most webcams, but it, and the site it was inspired by, amused me. Having found this, I just had to register a similarly pointless domain of my own. So now I am the proud owner of theinternetisoff.net

Make it your home page. You know it makes sense.

[Postscript added February 2020. I no longer have this domain. I had only ever used it for the one purpose noted here. I have recently been culling my (previously ever growing) list of unused domain names in the interests of saving money. OK, I’m a cheapskate, but it struck me as dumb to continue to pay out for about a dozen domain names which I never used. So they, and this one, have gone. But in the interests of continuity, the references on trivia to this domain now point to a copy of what the old page looked like.]

Permanent link to this article: https://baldric.net/2011/01/29/is-my-computer-off/

Jan 27 2011

now I feel bad about blogging

El Reg has a wonderful ROTW post here. One “Matt Kracht” lays into an article by Andrew Orlowski about P2P bitorrent users saying:

“I hate… no, I *loathe* when bloggers try to move to online news sites. If there’s one thing that web 2.0 has done, it has fucked up journalism so bad that nobody can tell the difference between some dork yelling his uninformed opinions about uninteresting shit and an actual newspaper article. Sure, once in a while, you get filler crap even in the New York Times, but it’s at least *interesting*. It’s about topics that people care about, and has new, informed, researched opinions and insights. What the hell is your article about? Being bored? Unimpressed by illegal file sharing sites run by scammers trying to make a quick buck? God, you’re an embarrassment to anyone who’s ever written anything less shallow than a blog. You offend me, sir, with your pathetic writing.”

Kudos to Orlowski for posting it. But I feel bad to be considered “shallow” because I blog – or do I?

Permanent link to this article: https://baldric.net/2011/01/27/now-i-feel-bad-about-blogging/

Jan 26 2011

I guess they do it differently over there

I came across a potential new entry to the “slug replacement” competition today in the shape of a 2GHz Sheeva Marvell based plug computer by Ionics called the Nimbus 2000 (all the company’s products seem to be named after cloud types – wonder why).

nimbus 2000 sheeva plug

In addition to that rather fast ARM CPU, this little beast boasts: 512 MB DDR2 RAM at 400 MHz; 512 MB NAND Flash; one USB 2.0 port and a Gigabit LAN port. The plug apparently runs a 2.6.23 kernel in a custom embedded linux. Now if we can get debian onto that little thing (as is the case with the 1.2GHZ sheevaplug from Global Scale Technologies), it looks like being an attractive proposition for anyone wanting a small, but powerful web or file server.

But, whilst I was scanning the company web site I was struck by their “careers” page. Here’s a sample:

DESIGN LIBRARY ENGINEER II
• Female
• Bachelor’s degree in Computer Engineering or Electronics & Communications Engineering
• Strong background in electronics engineering
• At least 1 year experience in design library with emphasis on schematic symbol and component footprint creation
• Preferable with experience using Mentor PADS, Cadence OrCAD, Cadence Allegro or equivalent EDA tools

and

ODM QUALITY ASSURANCE MANAGER
• Male
• Candidate must be a graduate of BS Engineering
• Background in electrical or electronics is desirable for this position.
• Must have experience in Original Equipment Manufacturer / Original Design Manufacturer.
• The candidate must have demonstrated previous supervisory experience.
• Strong computer skills to oversee electronic quality management systems including document control and CAPA.
• Willing to be assigned in Calamba City, Laguna

I suppose they must have some odd policy of balancing the sexes across the disciplines. At least they are not advertising for “Secretary – female” and “Engineer – Male” as we might have done a few years back.

Permanent link to this article: https://baldric.net/2011/01/26/i-guess-they-do-it-differently-over-there/

Jan 24 2011

wordpress setup

I have just added a couple of new plugins to this blog and tidied up some old cruft that I had been meaning to get around to for a while. One of the plugins I have added is a really rather good statistcs tool called Counterize II. It provides a very quick (and impressively comprehensive) set of stats about page hits, browser types, referring URLs etc. all readily accessible from the wordpress admin dashboard – so no need to trawl through web logs to find out where your visitors are coming from or which is your most popular post or page. Thoroughly recommended.

In the process of searching for such a plugin I also came across Angie Bowen’s posting about the top ten things she always does when setting up a new blog. Whilst I don’t agree with all her recommendations (identifying the ones I disagree with is left as an exercise for the class) I think this is a very handy aide-memoire. Her pointers about blog security and discussion settings in particular are sensible and worth reading.

Permanent link to this article: https://baldric.net/2011/01/24/wordpress-setup/