Content-type: matter-transport/sentient-life-form

Another Death in Georgian Government

Another death in Georgian government - and although I'm not a fan of conspiracy theories, I'm starting to find this suspicious. Okay, one death is coincidence. Two deaths from the government could maybe still be coincidence. But if a third person dies now, I won't believe in coincidence anymore.

Bill Gates Commits to Interoperability

Bill Gates commits to interoperability and makes the insightful observation that open source leads to too many similar solutions, which is why interoperability needs to be tested more and that's a problem. Translation: Bill Moppelkotze thinks open source is annoying because it nibbles away at his monopoly

Outrage over Deutsche Bank

Outrage over Deutsche Bank - well, now they're all outraged again, the politicians. And in the next round they'll demand relief for business at the expense of workers, because the wonderful economy would invest all that money - as you can see so clearly with Deutsche Bank.

angry face

It would be nice if politicians had even rudimentary learning ability and understood that they're simply being screwed by business right now. Large corporations have no interest in investing and stabilizing the economy when they can just squeeze society instead. You can see it in Ackermann's behavior in the Esser trial, you can see it in Deutsche Bank's conduct, you can see it in GM's extortion of Opel locations in Germany, in the fat salary increase of the global Daimler failure, and in Siemens' approach in the mobile phone division.

Corporations have no interest in their own market - they'll simply abandon it if necessary. Only short-term improvements to shareholder value matter - so the manager can reward himself with fat raises and nice severance packages because of his supposedly brilliant success. If the whole thing goes down the drain - doesn't matter. Quickly sell off the company to a foreign corporation and disappear. Even the dumbest manager always finds a job somewhere.

Entrepreneurial risk is now only borne by smaller medium-sized enterprises, where the boss still notices when his company goes down the drain. But they're just as naive as politicians and crawl up to the industry bigwigs instead of standing up for themselves.

Cosmic Graze in 24 Years

Cosmic near miss in 24 years - so if it does hit us in 2037, we could manage to be wiped out before the Unix epoch overflow gets us

NZZ online archive no longer freely available

NZZ Online archive no longer freely available - and with that, the NZZ is no longer present on the Internet. What the heck is online availability supposed to accomplish if it's only available on the day of print publication? Ridiculous nonsense from those oh-so-professional media outlets, who are once again revealing themselves as complete amateurs on the Internet 


Trackback Thinking

A Whole Lotta Nothing: No one can have nice things! - Matt is disabling trackbacks on his site. Interesting is his observation that a few test trackbacks came through first, and only after these were still there 8 hours later did the big wave arrive. This aligns with the experiences of others - the spambots are probably still semi-automated at the moment.

At Phil Ringnalda there are more thoughts on trackbacks and whether they're even relevant anymore - and whether the way they're usually used even makes sense. His main point is the fact that many trackbacks are rather pointless - they simply point to a post that ultimately just contains a classic "me too" and points back to the origin. He would prefer context-based pings - you've written something on a topic that's being discussed elsewhere? A manual trackback to that post connects these two sites. This topic-based trackbacking was also the main idea behind the Internet Topic Exchange - basically just a trackback address and an attached wiki. It got off the ground to some extent, but it never really caught on widely. Similarly, LazyWeb - a post with a problem, a trackback to LazyWeb and maybe someone finds a solution - never really took off. Okay, it's running, but you would have expected more response.

These connections are exactly the sort of thing that's not so easy to do with Pingback - Pingback is based on bidirectional linking, whereas trackback would be interesting in these examples precisely because of its decoupling from actual links.

On the other hand, I constantly see poker spam on TopicExchange topics - and with that, such a system eventually just dies, unless enough gardeners are found to pull out the weeds.

That's enough from the self-referential techno-babble corner for now.

insufficient number of Sunnis killed

Rumsfeld thinks the US troops have killed an insufficient number of Sunnis - isn't it nice to have such simple worldviews? Evil Sunnis, good Shiites. That's how simple it is for Rumsfeld. Stupid politician. That's how simple it is for me.

First Fallout of rel="nofollow"

Rogers Cadenhead made some comments about Wikipedia marking all external links with rel="nofollow". I find it particularly unfortunate that Wikipedia typically only links to external sources that actually have subject matter quality - or at least are considered to have such quality by the Wikipedia author. Precisely a link monster like Wikipedia has improved the positioning of other pages through its links - which surely would have been particularly helpful for information websites about obscure topics. After all, who else would link to them?

fallback-reboot

fallback-reboot is a small daemon that locks itself into memory (so it cannot be swapped out) and then waits for a password on a port. When the password arrives, the machine is rebooted without any security precautions or disk sync. Interesting as a last resort when the machine still responds to pings and similar, but you can't get a shell prompt anymore.

Gigablast

Gigablast is a search engine that offers some interesting features. And most importantly, the search results are available as an RSS feed.

Suddenly and unexpectedly: 25 minutes with Bush

Suddenly and unexpectedly: 25 minutes with Bush - Hawks among themselves.

Software Patent Directive: EU Parliament Demands Restart of Procedure

Software Patent Directive: EU Parliament calls for restart of proceedings - whether that will particularly impress the Commission now? Last time they simply ignored the opinion of Parliament anyway.

Pledge association names?

BVB pledges rights to club name - and I wonder who's more stupid: the football club that pledges its name, or the insurer who's dumb enough to accept something so pointless as collateral...

Completely crazy: the sherry enema

Woman Kills Husband with Sherry Enema. Yep, that means exactly what it says: an enema with sherry. On an alcoholic — because he couldn't swallow.

When you read something like this, you understand why Americans need all these nice warning labels on products. A clear case for Wonko.

Zope.org - FileStorageBackup

Zope.org - FileStorageBackup is a description of many useful tips on how to handle ZODB database files. Specifically replication, backup, repair - basically everything that will bite you in the ass sooner or later when running larger Zope systems.

AOL aims to secure surfing with new Netscape browser

AOL aims to secure surfing with new Netscape browser - wobei es wohl weniger um securing als insecuring geht: Netscape 8 will identify sites known to be trusted, such as banks, online services and online stores, with a green check mark. These sites by default will be displayed using the IE rendering engine, with most browser technologies enabled to maximize compatibility. The trusted sites list will come from organizations such as Truste, sources said. . Was fĂŒr eine grossartige Idee. Irgendjemand ausserhalb meines Rechners definiert eine Liste von Sites auf denen das Viren- und Trojanerloch automatisch aktiviert wird. Super Idee. Ganz toll. Ich bin ja auch sowas von scharf darauf jemand anderen bestimmen zu lassen welche Rendering-Engine benutzt wird.

Mannesmann Trial: The Acquittal Must Be Enough

Mannesmann trial: The acquittal must be enough– so even if it were only symbolic, I'd think it good if he himself had to forfeit the 10,000 euros that were awarded to him in the first instance. Of course, it would be even nicer if the Federal Court of Justice then ruled on breach of fiduciary duty after all, but I'm probably hoping in vain for that 


Microsoft: Error in Buffer Overflow Protection is Not a Vulnerability

Microsoft: Error in Buffer-Overflow Protection is Not a Vulnerability - sure. Bill Gates wants to make the net more secure. So a bug is simply not declared as a security vulnerability. Never mind that you can catch a Trojan or virus on Windows faster than you can say boo - and that this one can use exactly this hole to knock down the whole nice security system. What nonsense again...

Just a Test for Quotation Marks

Quotation marks – and other special characters – are important 
 said Gerrit.

Scharping applies for BDR presidency

If it really comes to pass that Scharping runs as BDR president I can only quote the red rascals: folks, try to vote for goat

fast small web servers

lighttpd is a small, fast web server with a quite impressive feature set and the clear goal of being faster and more resource-efficient than Apache. CGI, FastCGI, and PHP (via FastCGI) are also supported, making it suitable for dynamic pages as well. Maybe I should take a closer look at it.

leahhttpd is another small web server with a focus on low resource usage and high performance. Here too, there's quite an impressive feature spectrum.

boa is the grandfather of web servers with a performance and resource focus. However, it only offers CGI as an option for dynamic content. So it's better suited for serving purely static content.

Of all three, lighttpd looks the most interesting, among other things because of its good support for interfaces for dynamic content. Especially since the server already has a built-in FastCGI load balancer, making it designed for larger loads right out of the box. And the focus on FastCGI instead of built-in modules offers additional possibilities for security - the FastCGI process can run under a different (restricted) user.

Strange Business Ideas at Providers

As much as I like Hetzner as a provider, sometimes they come up with weird ideas. Now you can also get additional IPs for your entry server (their starter package). However, these cost a monthly fee per IP - which is actually pretty strange, since IP addresses aren't supposed to be sold according to RIPE - but okay, whatever. I'd be willing to pay a moderate amount for an additional IP.

But the idea that my 250 GB free volume only applies to the main IP and every started GB on the additional IPs has to be paid for, even if there's still plenty of free volume on the main IP - sorry, but that's just plain stupid. That way you end up paying double and triple for the additional IPs. No way. A second IP address for test installations or an isolated chroot jail with isolated software setup isn't that important to me.

In fairness, it should be mentioned that the next larger root server solution from Hetzner does have IPs as needed without a monthly fee. But how the free volume is distributed there, I don't know - it's not clear from their websites anyway.

Well, up until now Hetzner has always surprised me by eventually just dropping strange and absurd ideas and replacing them with sensible solutions (like the long overdue emergency boot system that's now available, or the option for hardware upgrades on the entry server). I'm not giving up hope on the additional IPs either.

Even monkeys pay for beautiful women

Auch Affen zahlen fĂŒr schöne Frauen - and next the spammers will send their spam to the zoos

The Almighty Fantasies of Interior Ministers

Owl Content

junge welt from 01.02.2005 - The data collectors flip out - yeah, great idea. According to Beckstein, SchĂŒnemann and Schily, administrative offenses and anti-nuclear demonstrations should lead to genetic profiling. And onwards into the police state, so that we can nicely keep deviant opinions and the lumpenproletariat under control. Because then we'd all be so terribly safe.

angry face

Who actually protects us effectively from crazy politicians?

eAccelerator

eAccelerator is another PHP accelerator. It is based on the Turck mmCache source, but is actively being developed.

Esser wants 200,000 euros from NRW

Esser wants to squeeze 200,000 euros from NRW - Ripping off millions by selling your employees and then suing for damages. Poor, misunderstood manager

Gizmodo: Epson HX-20 Portable Computer

Gizmodo : Epson HX-20 Portable Computer - a really nice device. I treated myself to one a while back - as a complement to my two PX-8 computers. Really cute what was in use back then. And playing around with it is simply fun.

Heise.de down due to DDOS

Der Schockwellenreiter has the press release from Heise about it. Something like that is really awful and I'm keeping my fingers crossed for the Heise technicians that they get it under control as soon as possible. As a sysadmin, you always suffer along with something like this.

Huh? Media numbers in January ...

Actually, I don't usually mention these things, since they're kind of trivial. But I was a bit surprised today:

8210 visitors 15413 visits 73858 page views 1.96 GB traffic

That's significantly more than I usually get. Strange. And that's not even including the first week of the month, when the whole thing was still running on PyDS. By the way, I'm also getting more comments than usual. Strange. I'm not writing any better than I normally do...

IBM drags Intel into SCO case

GROKLAW has reported that IBM is pulling Intel into the proceedings against SCO with a subpoena and wants to force them to testify. Interesting - because as far as I know, Intel hasn't been part of the discussion so far as to whether they could have anything to do with it. The fact that IBM is bringing them in by means of a subpoena certainly suggests that IBM believes Intel knows something that Intel is unwilling to disclose voluntarily.

Kanther threatens punishment

Kanther faces penalties - as much as I would welcome it, I won't believe it until the verdict is on the table. And the next courts have ruled. Because somehow the rip-off artists always manage to wriggle out of it anyway ...

Free Legal Advice for Open Source Developers

The Free Legal Advice for Open-Source Developers is certainly probably only really useful for US American developers - but perhaps something comparable will come to Europe as well.

Microsoft and Macrovision want to close the 'analog gap'

Microsoft and Macrovision want to close the "analog gap" - great. Just great. Eventually you'll be able to throw the whole garbage out the window because you can't use anything properly anymore without constant regulation. Lots of great ideas for copy protection that are all rubbish anyway and actually don't prevent anything - except completely legal use on some old device or a new one where some garbage collides with other garbage. What a mess.

Nuclear Elephant: DSPAM

Nuclear Elephant: DSPAM is a Bayesian spam filter. However, it's one that doesn't just run for a single user, but typically for an entire group of users. I have it running on simon.bofh.ms to scan all the mailboxes there - it integrates well and has a whole range of interesting features. On one hand, there's the web interface for managing the spam filter, and on the other hand, there's the quite pragmatic method for reporting false detections to the filter. Also nice is the quite broad support for databases (MySQL, PostgreSQL, SQLite, and several db* types). Overall, it makes a really well-rounded impression - the only downside is the lack of translation for the interface.

Whether it actually filters well, I of course can't say yet due to lack of volume - the emails first need to accumulate and be trained. User reports are, however - typical for Bayesian spam filters - quite positive.

Schneier on Security

Found at Schneier on Security: the weakest link. So much for the topic of security.

Solaris 10 is now available for free download

Solaris 10 is now available for free download - even though I certainly won't be using it in production, it would definitely be worth taking a look at.

Away with Trackback

Isotopp is pondering trackback spam on the occasion of spam day and presents several approaches. One of them uses a counter-check of the trackback URL against the IP of the submitting computer - if the computer has a different IP than the server advertised in the trackback, it would probably be spam. I've written down my own comments on this - and explained why I'd rather be rid of trackback today than tomorrow. Completely. And yes, that's a complete 180-degree turn on my part regarding trackback.

The IP test approach once again comes from the perspective of pure server-based blogs. But there's unfortunately a large heap of trackback-capable software installations that don't need to run (and often don't run) on the server where the blog pages are located - all tools that produce static output, for example. Large installations are Radio Userland blogs. Smaller PyDS blogs. Or also Blosxom variants in offline mode (provided there are now trackback-capable versions - but since they're typical hacker tools, they definitely exist).

Then there are the various tools that aren't trackback-capable, where users then use an external trackback agent to submit trackbacks.

And last but not least, there are also the various Blogger/MetaWeblogAPI clients that submit the trackback themselves because, for example, only MoveableType in the MetaWeblogAPI allows triggering trackbacks, but other APIs don't.

Because of this, the IP approach is either only to be seen as a filter that lets through some of the trackbacks, or it's a prevention of trackbacks from the users mentioned above. And the latter would be extremely unpleasant.

Actually, the problem is quite simple: Trackback is a sick protocol that was stitched together with a hot needle, without the developer giving even a moment's thought to the whole thing. And therefore belongs, in my opinion, on the garbage heap of API history. The fact that I support it here is simply because WordPress implemented it by default. Once the manual moderation effort becomes too high, trackback will be completely removed here.

Sorry, but on the trackback point the MoveableType makers really showed a closeness to Microsoft behavior: pushed through a completely inadequate pseudo-standard via market dominance - without giving even a thought to the security implications. Why do you think RFCs always have a corresponding section on security problems as mandatory? Unfortunately, all the blog developers faithfully followed along (yes, me too - at Python Desktop Server) and now we're stuck with this silly protocol. And its - completely predictable - problems.

Better to develop and push a better alternative now - for example PingBack. With PingBack, it's defined that the page that wants to execute a PingBack to another page must really contain this link there exactly as it is - in the API, two URLs are always transmitted, its own and the foreign URL. The own URL must point to the foreign URL in the source, only then will the foreign server accept the PingBack.

For spammers this is pretty absurd to handle - they would have to rebuild the page before every spam or ensure through appropriate server mechanisms that the spammed weblogs then present a page during testing that contains this link. Of course that's quite doable - but the effort is significantly higher and due to the necessary server technology, this is no longer feasible with foreign open proxies and/or dial-up access.

Because of this, the right approach would simply be to switch the link protocol. Away with Trackback. You can't plug the trackback hole. PS: anyone who looks at my trackback in Isotopp's post will immediately see the second problem with trackback: apart from the huge security problem, the character set support of trackbacks is simply a complete disaster. The original author of the pseudo-standard didn't think for a minute about possible problems here either. And then some people still wonder why TypeKey from the MoveableType people isn't so well accepted - sorry, but people who make such lousy standards won't be getting my login management either ...

Interview with a link spammer | The Register

Interview with a link spammer | The Register - of course this could be fake, but the guys from The Register claim they conducted an interview here with a blog spammer.

IT Manager's Journal | Bitter struggle to control SCO Group parent company

IT Manager's Journal | Bitter struggle to control SCO Group parent company - cool, the SCO management is tearing itself apart in court proceedings

law blog » MONEY BACK FROM JAMBA & CO.

law blog » MONEY BACK FROM JAMBA & CO. - interesting reference and interesting discussion on the question of whether parents have to get money back from Jamba if they demand it - and their children who are not fully legally competent have taken out a subscription with Jamba.

Orange Data Mining

Another link for the number crunchers: Orange is a data mining library with Python integration and—at least judging by the screenshots—an interesting GUI.

phil ringnalda dot com: How do you stand it?

How do you stand it?

Phil Ringnalda recounts his dream about the history of RSS, in which he finds himself in a conversation with early RSS developers discussing the technical choices and philosophical debates that shaped the format.

In the dream, Phil is asked by one of the developers: "How do you stand it?" — referring to the frustrations and complexities that came with RSS adoption and the various competing standards that emerged.

The post reflects on the tensions between simplicity and functionality, and how different visions for what RSS should be led to fragmentation in the ecosystem. Phil uses the dream narrative to explore the human and technical dimensions of this important web technology.


Note: The original source link appears to be from Phil Ringnalda's blog from 2005, discussing RSS history through a dream sequence narrative.

Series of Small Nice Freeware Tools

A series of small nice freeware tools for OS X. I particularly like the WordServices and the CalcService (a simple formula evaluator as a service).

SSH on Mobile

MidpSSH | SSH and Telnet client for MIDP / J2ME devices was recommended to me in the comments on an older post. I installed it on my phone and have to say, I'm impressed. Regardless of how silly the idea is to operate an SSH shell via a phone, it works. And with the macros, it could even be useful for some special cases.

Ok, it doesn't make a lot of sense for our server fleet - most of our servers aren't directly accessible from outside. And switching to the next server is quite annoying with mobile text input. But usually I only need access to the front servers to trigger actions from there - and where these are still missing, you could certainly set up scripts on the front servers.

US Court: Guantanamo Tribunals are Unlawful

US court: Guantanamo tribunals are unlawful | tagesschau.de - interesting. But whether that will impress Bush much?

WordPress Related Entries plugin

わさび » Archives » WordPress Related Entries plugin - a very nice little plugin that searches for related articles using MySQL's full-text index. Of course, this is only a fairly simple algorithm and the quality of results is nowhere near Google's level, but I installed it anyway. When you go to the detail page of a post (e.g., by clicking on the title), a list of up to 5 matching other articles is displayed.

I also expect this to give somewhat better positioning for various older posts - without having to remember to manually set a link to them every time (hey, most of the time I've forgotten about them myself!). And maybe it will also help people who come via search engines to find what they're looking for.

Besides, it's cool, and cool is good

It's cool, man!

Bill Gates wants to make the internet safer

Bill Gates will das Internet sicherer machen - will he discontinue the entire Windows operating system line and eliminate Internet Explorer?

Camera Bellows and Hoods

Camera Bellows and Hoods - Bellows manufacturer that produces replacement bellows. Possibly a solution for my Fujica problem.

Camera Bellows Restoration Trick

Camera Bellows Restoration Trick - Tips on the repair and sealing of camera bellows.

darcs - Distributed Versioning

darcs is one of many version control systems vying to succeed CVS. Specifically, darcs belongs to the class of distributed version control systems and is thus naturally superior to Subversion with its centralist approach (at least if you want to manage a distributed project and can't just get by with the central repository). Normally I wouldn't say much about something like this — after all, there are currently more version control projects than there were editors in the 80s. But seriously now: who can ignore a version control system that is written in a functional programming language with lazy evaluation (yes, exactly, this thing is in Haskell — so much for the claim that Haskell is unsuitable for practical projects) and describes itself as being based on a "theory of patches" with roots in quantum mechanics? And the programmers even use literate programming — yes, that somewhat forgotten method by Knuth of combining documentation and code in a single source file and developing a program from a documentation-centric perspective. Simply cool.