Planet LILUG

As I mentioned over a week ago, people have found copies of First Edition UNIX source. Today, I managed to accidentally stumble on a google code project with said code: unix-jun72.

You can check out the entire code from the subversion repo:

svn checkout http://unix-jun72.googlecode.com/svn/trunk/ unix-jun72

Then look at something like pages/e01-01...

$ cat pages/e01-01 
/ u1 -- unix

unkni: / used for all system calls
sysent:
	incb	sysflg / indicate a system routine is
	beq	1f / in progress
	jmp	panic / called if trap inside system
1:
	mov	$s.syst+2,clockp
	mov	r0,-(sp) / save user registers
...

Pretty sweet, huh?

Today, I came across a link to a photo with a long description. I'm going to include both below:

ISS020-E-009048 (12 June 2009) --- Sarychev Peak Volcano eruption, Kuril Islands, is featured in this image photographed by an Expedition 20 crew member on the International Space Station. A fortuitous orbit of the International Space Station allowed the astronauts this striking view of Sarychev volcano (Russia's Kuril Islands, northeast of Japan) in an early stage of eruption on June 12, 2009. Sarychev Peak is one of the most active volcanoes in the Kuril Island chain and is located on the northwestern end of Matua Island. Prior to June 12, the last explosive eruption had occurred in 1989 with eruptions in 1986, 1976, 1954, and 1946 also producing lava flows. Ash from the June 2009 eruption has been detected 2407 kilometers ESE and 926 kilometers WNW of the volcano, and commercial airline flights are being diverted away from the region to minimize the danger of engine failures from ash intake. This detailed photograph is exciting to volcanologists because it captures several phenomena that occur during the earliest stages of an explosive volcanic eruption. The main column is one of a series of plumes that rose above Matua Island (48.1 degrees north latitude and 153.2 degrees east longitude) on June 12. The plume appears to be a combination of brown ash and white steam. The vigorously rising plume gives the steam a bubble-like appearance; the surrounding atmosphere has been shoved up by the shock wave of the eruption. The smooth white cloud on top may be water condensation that resulted from rapid rising and cooling of the air mass above the ash column, and is probably a transient feature (the eruption plume is starting to punch through). The structure also indicates that little to no shearing winds were present at the time to disrupt the plume. Another series of images, acquired 2-3 days after the start of eruptive activity, illustrate the effect of shearing winds on extent of the ash plumes across the Pacific Ocean. By contrast, a cloud of denser, gray ash -- most probably a pyroclastic flow -- appears to be hugging the ground, descending from the volcano summit. The rising eruption plume casts a shadow to the northwest of the island (bottom center). Brown ash at a lower altitude of the atmosphere spreads out above the ground at upper right. Low-level stratus clouds approach Matua Island from the east, wrapping around the lower slopes of the volcano. Only about 1.5 kilometers of the coastline of Matua Island (upper center) can be seen beneath the clouds and ash.

As promised, here's more of the day-by-day summary of Usenix '09.

Friday

The last day of the conference. As before, I got to the place at 8:30, and had breakfast.

The first session, System Optimization, was interesting. It started with Reducing Seek Overhead with Application-Directed Prefetching. The idea is pretty obvious. You have a library that takes lists of future accesses from the application, and tries to prefetch the data while monitoring the application's IO accesses. The first deviation from the prefetch-list causes an invocation of a call-back. This allows the application to specify a new prefetch list.

The second talk of the session, Fido: Fast Inter-Virtual-Machine Communication for Enterprise Appliances, was about a simple and fast way to have multiple VMs communicating. Their target was a collection of virtual machines running in an appliance box. Since the OSes were inherently trustworthy (before virtualization took off and even now, there was one OS that did everything), they achieve zero-copy by mapping all the other OSes into each address space. For example, suppose you have 3 VMs (red, green, blue), their address spaces would be something like:

Each VM gets all the VM's address spaces read-only, and its own read-write. Then a simple message can be exchanged to specify buffer addresses.

The Web, Internet, Data Center session wasn't very exciting. The one talk that stuck in my head was RCB: A Simple and Practical Framework for Real-time Collaborative Browsing. What they did was some javascript-fu that synchronized the DOM trees between two (or more?) browsers.

The last session for the day (and the conference) was Bugs and Software Updates. It opened with The Beauty and the Beast: Vulnerabilities in Red Hat's Packages. The authors did some crazy statistics and found that there was some correlation between packages' dependencies and the number of vulnerabilities. Several audience members pointed out that publishing these findings may cause a feedback that completely maybe either exaggerate this correlation, or it may cause the developers to make dependency choices to make their software seem less likely to have vulnerabilities.

The second talk, Immediate Multi-Threaded Dynamic Software Updates Using Stack Reconstruction sounded interesting, but I really feel like I need to look at the paper first before drawing any further conclusions.

The last talk of the session, Zephyr: Efficient Incremental Reprogramming of Sensor Nodes using Function Call Indirections and Difference Computation, seemed like 2 talks in one. First, we were told about rsync protocol's shortcomings, and how they fixed them, and then we were told about their function call indirection scheme to make the deltas smaller. This function call indirection sounded far too much like dynamically linked binaries, with GOT pointer and all that good stuff.

After a short break, the last invited talk began. The speaker was David Brin - a science fiction writer. He is one of those people that really knows how to present. He gives off an aura of knowing exactly what he'll say next. I can't tell for sure if he does know what he'll say next, or if he merely has an idea where he wants to get to, and "improvises" to get there.

I went back to the hotel, but got bored soon after. Not knowing what to do, I went for a walk. I just took the first street away from the hotel. It turned out to be a road that went considerably uphill toward the San Diego Medical Campus (or whatever it was called). After some exploring, I got some food (this was the only place I saw that had fast food joints, the hotel area was about as boring as it can get).

Saturday

I woke up relatively late - 10am. I blame getting used to the pacific timezone (grr, just in time to fly back!). After packing up, and checking out, I ran into Swami. We went to get breakfast, and talked about all sort of stuff - grad school, conferences, the good ol' days at FSL. After some time, he and another student from Wisconsin took off. I decided to go for a walk. I ended up in the same fast food place. There, I started typing up the previous blahg post. After about 2 hours of working my laptop, I went back and got a shuttle to the airport.

At the airport, I tried to do some work. Before long, I switched to reading a book. Shortly after, it was time to board. The flight itself was mostly uneventful. Sadly, the 2 hour layover in Charlotte, NC was painful. The free wifi that was there few days earlier disappeared. I survived it. Two-ish hours later, we landed at DTW. Due to some miscommunication, I ended up without a ride back to Ann Arbor. I managed to call up a friend that drove me back.

Phew! It's been a fun couple of days. I'm going to provide a day-by-day summary of what's been going on.

Tuesday

More or less the entire day was take up by travel. The flight was mostly uneventful, with a 1 hour layover in Charlotte, NC. The one hour was long enough to get from one terminal to the other and get food, yet short enough that by the time I was done eating, the first class passengers were about to board. For virtually the entire duration of the flight, I was preoccupied with a book I took with me.

Wednesday

Waking up for a 9am event was never easier! I guess it was the timezone difference. Instead of going to bed at about 3am, I went to bed at around midnight (which happens to be 3am on the other coast!).

I woke up at about 6:30 - not due the alarm. I went back to sleep. At 7:30, I woke up for real. Before long, it was 8:30, and I was already at the conference about to get my proceedings and badge. Free food, namely orange juice and crossionts followed.

Nine o'clock rolled around, and the conference began. The keynote was ok. I wasn't amazed by it, even though the speaker had valid points.

At 11, the first session began - virtualization. This was one of the sessions I've been looking forward to. Well, I was interested in one paper specifically: vNUMA: A Virtual Shared-Memory Multiprocessor. The name summarizes the idea very nicely. Why was I interested in it? Well, a long time ago, when you couldn't walk down the street and buy a multi-core system, the year was 2003 - I had the same idea. It's a rather obvious idea, as is the name. At first, I was going to hack the Linux kernel to accomplish it (I still have a couple of patches I started), but other things sapped up my time. (The fact that everyone I mentioned it to told me that the paging over ethernet overheads were going to make it impractical made me want to do it even more!) As it turns out, the folks from University of New South Wales, that got a publication out of it, started working on it in 2002.

Their implementation is for the Itanium architecture. They said that they chose it because at the time they started, Intel was pushing Itanium as the architecture that'll replace x86. Unfortunately, I didn't get to talk to any of them at the conference.

The lunchtime invited talk was nice. It was about how faculty at Harvard tried to make the intro to computer science course fun and appealing, yet still retain the same important intro material. The big thing: they used Amazon's Elastic Compute Cloud (EC2) instead of the on-campus computer network. They liked being in charge of the system (not having to wait for some admin to take care of a request for some change), but at the same time they didn't like being the admins themselves. Some of the students were also not exactly "thrilled" about hearing about the cloud so often - especially since they didn't have to use it in a cloud-way. One of the most memorable parts of the talk was when the speaker whipped out a phone book, asked the audience about how to find something in it, and shortly after proceeded to do binary search - ripping the book in half, then tossing a half across the podium, and then ripping the remainder in half.

Afterward, the networking session took place. The one talk that was fun was StrobeLight: Lightweight Availability Mapping and Anomaly Detection. The summary of the idea: ping the subnet, then some time later, ping it again, and count the number of IPs that changed - essentially XOR and then count ones. It's a simple idea that apparently works rather well.

The next session was about storage. It started with a paper that got a best paper award. One of the authors is Swami - a former FSL member, not at University of Wisconsin-Madison. While he never said it during the talk, they essentially implemented a stackable filesystem. Right after it was a talk by guys from the MIT AI lab, about decentralized deduplication in SAN cluster filesystems.

After a short break, the last invited talk for the day happened. A dude from Sun talked about SunSPOTs. SunSPOT is a small wireless sensor/actuator platform that's based on Java. It reminded me of several other such platforms, but seemed a lot more polished. Unfortunately, it's Java-centric way was rather disappointing. (More or less everyone that knows me, knows that I don't like Java.)

The day concluded with a poster session & food.

Thursday

Again, waking up wasn't a problem. The breakfast happened to be bagels.

9am: the first talk of the distributed systems session, was Object Storage on CRAQ: High-Throughput Chain Replication for Read-Mostly Workloads. This is one of the papers I'm intending to look at. The other two I found less interesting.

11am: the kernel development session had 2 interesting talks. The first, Decaf: Moving Device Drivers to a Modern Language talked about taking device drivers, splitting them into two portions (a performance critical section in C, and a non-performance critical section that could be moved to "a modern language" - read: Java). While I strongly disagree with the language choice, the overall idea is interesting. Java (along with other more managed languages) provides stronger static checking than C. They actually took some Linux drivers, and split them up. I want to go over their evaluation again. The next interesting talk was about executing filesystems in a userspace framework (Rump File System: Kernel Code Reborn). Unlike FUSE and other attempts, this one aims to take in-kernel filesystem code, and execute it in userspace without any modifications.

The lunchtime invited talk about about how teaching students how to program is hard. How some error messages the compiler outputs are completely misleading and confuse students.

I zoned out for most of the 2pm session about automated management. There were emails & other things to catch up on.

The short paper session started off nicely with The Restoration of Early UNIX Artifacts. The speaker mentioned that he managed to get his hands on a copy of first edition UNIX kernel source. While it was slightly mangled up, he managed to get it up and running. After a bit of effort, he got his hands on some near-second edition UNIX userspace. Another short paper was about how Linux kernel developers respond to static analysis bug reports.

The last invited talk for the day was unusual. It was about the Antikythera mechanism. He used Squeak EToys (a Smalltalk environment) to simulate the mechanism. He put the "software" up on the web: http://www.spinellis.gr/sw/ameso/

Afterwards, more food. This time without posters. And after the food, there were some BOFs. The one I went to was about ancient UNIX artifacts. There I got to see first edition UNIX running. Really neat. It felt like UNIX - same but different in some ways. The prompt was '@'; the 'cd' command didn't exist, instead you had 'chdir'... that's right, the "tersness" of UNIX wasn't always there!; the 'rwx' bits you see when you do ls -l were different, you had one 'x' bit, and 2 rw pairs. On my way out, I got more or less dragged into a mobile cluster BOF (or whatever the title was), the most interesting part was when we got to talk about Plan 9 all the way at the end.

Ok, so Microsoft announced this amazing “dream mouse” that works on everything from carpet to granite. I think it’s a bunch of marketing bull, and I’ll show you why.

I’m going to be comparing the BlueTrack to my Razer Diamondback. Below is a comparison of the two mice.
Note: I don’t actually own a BlueTrack. The data below is based on what I’ve read. The data from the Diamondback is my own findings.

#article-bluetrack-table { border: 2px solid #888; text-align: center; } #article-bluetrack-table tbody tr td { padding: 1px; }

	Price	Colors	Wireless	Surfaces
				Wood	Granite	Carpet	Glossy Plastic	Glass*	Mirror
Razer Diamondback 3G	$36-$52	Green, Red, Blue	No	Yes	Yes	Yes	Yes	No	No
Microsoft BlueTrack	$80-$100	Blue	Yes	Yes	Yes	Yes	Dunno	No	No

* Not frosted

The only real thing BlueTrack has that my Diamondback isn’t wireless. It’s not too big of a disadvantage, because wireless is worse for gaming, and you need to buy batteries for the mouse if it’s wireless.

I also measured both mice. Microsoft claims that their big BlueTrack mouse is about 3.1″x4.5″. The Diamondback is about 2.5″x4.75″. They’re both about the same size. The Mini-BlueTrack is around 2.7″x3.8″, so it’s about an inch shorter then the Diamondback. Quite frankly, I’d rather bring the slightly bigger mouse, and not risk getting carpal tunnel.

I wish I could have found the DPI and frame capture rate, but I couldn’t find anything for the BlueTrack. The Diamondback has 1800 DPI, and can capture 6400 frames per second.

So, there you have it. My Diamondback (which is cheaper, older, and uses infared) matches the performance of a new mouse that Microsoft made. Cool.

The show scheduled for June 20th has been preempted by the WUSB blues marathon. Don't miss it, there is going to be lots of excellent music. Our next show will be on July the 18th, expect a quiz on blues then!

I'm going to lose an email address I had for a long while: jeffpc@optonline.net. It's because of an ISP switch. I haven't used it as my primary email address for a long while, but either way, you'll want to update my contact info to jeffpc@josefsipek.net.

I recently put a nice big hard drive in my file server.  I got a 1TB drive, which is kind of silly because I don’t have anywhere near that much data.  But, I figured that it’s better to be prepared.  I wanted to backup the data on the drive and Amazon’s S3 seemed like a good choice.  However, I wanted the ability to only send changed files across the wire, and a simple way to encrypt all of the data as well.  I chose to use Duplicity to manage the backups as it was able to only send changes as well as encrypt everything using GPG.

I decided to only backup a subset of my data since it didn’t seem necessary to backup Linux ISOs or the local copy of Wikipedia that I have on this drive.  So, I ended up backing up 31.2 GB of data.  Here’s the stats that duplicity produced:

--------------[ Backup Statistics ]--------------

StartTime 1244688149.16 (Wed Jun 10 22:42:29 2009)

EndTime 1244842521.31 (Fri Jun 12 17:35:21 2009)

ElapsedTime 154372.15 (42 hours 52 minutes 52.15 seconds)

SourceFiles 0

SourceFileSize 33486993762 (31.2 GB)

NewFiles 0

NewFileSize 0 (0 bytes)

DeletedFiles 0

ChangedFiles 0

ChangedFileSize 0 (0 bytes)

ChangedDeltaSize 0 (0 bytes)

DeltaEntries 0

RawDeltaSize 33484666346 (31.2 GB)

TotalDestinationSizeChange 32831751689 (30.6 GB)

Errors 0

-------------------------------------------------

Yeah, just in case you didn’t notice.  The elapsed time was nearly 43 hours.  That’s just under two full days.  The 15/2 service that I’m getting from Cablevision was clearly the limiting factor.  But, I don’t plan on doing full backups very often, and the incrementals will be considerably smaller.

Amazon charges for S3 by the amount of storage you actually use.  They charge $.15/GB/month.  So, for 31.2 GB I’ll be paying $4.68 per month.  Not bad for a remote, redundant backup.  They also charge for bandwidth which is usually $.10/GB, but it’s currently on sale for $.03/GB.  So, the upload only cost $.93.

Every so often I needed to extract a .deb package manually. Usually I ended up installing Midnight Commander, and used it to copy the contents out. This time around, I did some search, and found a straight forward description how to do it for .debs and .rpms.

RPM

rpm2cpio mypackage.rpm | cpio -vid

DEB

ar vx mypackage.deb
tar -xzvf data.tar.gz

or

ar p mypackage.deb data.tar.gz | tar zx

About two weeks ago, I went to see a play called Bleeding Red. This was at Purple Rose --- a small theatre in Chelsea, MI.

Their summary of what the play was about says it pretty much all:

In this ball-kicking comedy with adult humor, the biggest football match in twenty years is about to kick off across the pond in London. Tommy, confirmed bachelor and passionate Liverpool fan, arrives at his best mate Bobby's flat to discover he's been dumped by his fiancee. Trouble is, Bobby is the linchpin of the all-important pre-game ritual. Tommy must get him to the pub before the game starts, even if it means recruiting the help of another traitorous female, Bobby's fetching sister Sarah.

Featuring:
Heidi Bennett
Matthew David
Matthew Gwynn
Stacie Hadgikosti
Michael Brian Ogden

Stage Manager: Jessica Garrett
Set Designer: Vincent Mountain
Properties Designer: Danna Segrest
Costume Designer: Sally Converse-Doucette
Lighting Designer: Dana White
Sound Designer: Quintessa Gallinat

Directed by Guy Sanville

It was a nice story. As the story involves Liverpool fans, the actors were doing a Liverpudlian accent.

Two days ago, I decided to release HVF v0.15. It's been over a year since I did the v0.14 release. There were 4 -rc's inbetween. All in all, there have been 132 commits with lots of changes all around.

You can get the source code via Git (git://repo.or.cz/hvf.git), or a tarball.

Over a week ago, I mentioned reading Frazz. Another fun comic I came across is called Dork Tower.

This episode is hosted by: Bill Burns, Chris Knadle, Ilya (dotCOMmie) Sukhanov, Jesse, Jonathan Dahan, and engineered by Bobanero.

The following topics were discussed:

• Cisco and FSF finally settle [1] [2]
• Moblin [1] [2]
• Virtualization on Linux [1] [2] [3]
• Linux Unified kernel [1] [2] [3]
• Cyber Security Czar [1] [2]
• China builds secure OS on freeBSD [1]

Extra: Running Windows viruses with Wine

Download {enclose fsrt.20090530.mp3}

A few months ago, I needed to make some mod_rewrite rules that did things to the QUERY_STRING. After a lot of searching and unsuccessful attempts, I found this document (local mirror). Some experimenting later, I had it all working nicely.

For example, I've got something like:

RewriteCond %{QUERY_STRING}    ^page=([0-9]{1,})$
RewriteRule ^/testsite/$       /testsite/page.cgi?seek=%1       [PT,L]

If you are into comics and happen to be near Chelsea, MI (about 15 mins from Ann Arbor, MI) on June 12 & 13, you might want to consider going to Kids Read Comics comic convention. (As the name implies, it's targeted at a younger crowd but don't get discouraged by that.)

The guest list looks quite good (at least in my opinion).

About two months ago, I got introduced to a fun web comic, Frazz.

I was looking at some of the older ones, and I found one that amused me enough to share with you:

This past Monday, it was a year since I was introduced to a very interesting (and a very English) activity --- change ringing. Wikipedia's article has a good summary:

Change ringing is the art of ringing a set of tuned bells in a series of mathematical patterns called "changes". It differs from many other forms of campanology (such as carillon ringing) in that no attempt is made to produce a conventional melody.

Trinity was the first bell tower set up for change ringing that I went to (I think there are about 40 or 50 in all of North America). The bell tower is part of the Trinity church on the intersection of Broadway and Wall St in NYC. Here's a link that has information about the bells at Trinity. I'll probably include most of it here, as well as "borrow" some of the photos. (If I don't say where I got a particular photo, it's because I took it myself.)

I tried taking a photo of the church further down the street, but it didn't go all that well (it was late afternoon, so the church walls were in a shadow, and the sky behind it was bright). So, here's someone else's photo that's from the same perspective as the one I was trying to make:

Trinity is one of only two towers in North America that has 12 bells (the other is St. James' Cathedral in Toronto). All the other towers in North America have less (8 bells being the most common). The practice of change ringing is originally from England, and there 12 bells is pretty normal.

These are the "specs" for the Trinity bells (all cast by Taylors, Eayre & Smith in 2006):

Bell	Weight	Diameter	Note
Treble	4-2-11	259/16"	A
2	5-0-5	265/8"	G
3	4-3-9	263/4"	F#
4	5-0-1	28"	E
5	5-1-23	293/8"	D
6	5-3-14	305/8"	C#
7	6-2-24	321/2"	B
8	7-3-16	347/8"	A
9	9-2-10	377/8"	G
10	12-1-21	411/8"	F#
11	16-3-9	451/2"	E
Tenor	23-3-17	51"	D

The weight is represented by a triple of numbers. The first is the number of hundredweights (1 cwt = 112lbs = approx. 50kg); the second number is the number of quarters (0.25 cwt = 28lbs = 12.7kg); and the third number is the number of pounds (1lb = 0.454kg). So, for example, the tenor is 2677lbs = 1214kg (23*112 + 3*28 + 17 = 2677).

For comparison, the Liberty Bell (as recast by Pass and Stowe in 1753) is 18-2-8 (2080 lbs; 943 kg).

Alright, let's head upstairs into the ringing room. (photo taken from flickr)

Inside the tower, the ropes to control 12 bells (or however many a change ringing tower may have) are arranged in a circle, so that if a person stands near each rope, they can see all the other ropes easily.

This is what the Trinity ringing room looks like (also taken from flickr):

You can see the ropes hanging from the ceiling. They are at the back-stroke (more on this later), therefore you can't see much of them.

Each rope goes though the ceiling, to a wooden wheel that's affixed to the bell. The whole assembly looks like (this is the tenor from Trinity while still at the foundry):

You can easily see the wheel, and the (red) headstock. When a person pulls on the rope, it turns the wheel, which in turn moves the bell.

Anyway, that's it for the introduction to the Trinity Church bell tower. You'll have to wait for the next post to learn more about change ringing itself. :P

This episode is hosted by: Benjamin Kudria, Bill Burns, Brian Fix, Ilya (dotCOMmie) Sukhanov, Kupo and engineered by Bobanero.

The following topics were discussed:

• Open Invention Network, Finding prior art to patents. [1] [2]
• Hippocratic Oath for programmers [1]
• Firefox extension war [1]
• Debian switched to eglibc [1] [2] [3]
• Oracle buys Sun [1]
• Future of Open Office [1] [2]
• Phoenix BIOS HyperSpace [1]
• LLVM distributions [1]

Download

{enclose fsrt.20090516.mp3}

I recently built a birdhouse for our backyard.  I went down to the library and took out “The Backyard Birdhouse Book” by René and Christyna M. Laubach.  I was very happy with this book.  It gave a lot of good, practical details about building birdhouses that actually benefit birds.  If you want to build a birdhouse that looks like a drug store, this isn’t the book for you.  It went in to detail about what type of birds lived in my area, what they needed from a birdhouse, and then had in-depth instructions on how to build the appropriate bird house (which they call nestboxes in the book).

After deciding on the house that I was going to build I picked up some lumber and borrowed my father’s table saw to cut out all of the pieces.  I then assembled it, sanded it, and painted it.  I chose to use a “Noel Wire Racoon Guard” to protect the residents from predators like squirrels, racoons and cats.  Okay, so on to the pictures.

This is a shot of the completed birdhouse.  You can see the noel wire racoon guard, which is the green vinyl covered hardware cloth that encircles the entrance.  The ends of the guard have had the vinyl removed and been snipped on an angle to make them sharp.  This should make it very uncomfortable for predators trying to gain access to the bird house.

The roof of the birdhouse can be removed so you can monitor the birds inside without disturbing them very much.

One of the sides pivots open to make it easy to clean out the previous year’s nest every Spring.

Here’s a close-up of the birdhouse after it was mounted in the tree.

Finally, here’s a wide-angle shot of the birdhouse in the tree.

I’m really very happy with how the birdhouse came out.  I can’t wait until a bird moves in.  It is probably too late in the season to get birds moving in to it this year.  But, it will be weathered and ready for next year.  If birds do move in I’ll be sure and post some pictures.

Oh, and by the way, the title of this post is a reference to a clip from the Family Guy episode titled “I dream of Jesus” where Peter keeps singing Surfin’ Bird.  It’s one of my favorites.

I’ve never really been into 2D shooters, but recently I’ve found a new genre that is pretty awesome, named “Bullet Hell”. What sold me on these games was a game called rRootage. There’s also a port for Linux (and apparently an iPhone app as well). Below is a video of me playing one of the stages of the game.

There’s some other games like this such as the Touhou series, which I’ve been meaning to play, but don’t have the hard drive space for ATM.

The first few levels of rRootage are easier, but they start to get harder after stage 4A. It’s definitely a fun genre once you get past the whole “too many bullets, I can’t do this” mindset.

Today, I found out that "webinar" is not a new concoction. The OED tells us:

orig. U.S. Business

A seminar conducted over the Internet, allowing participants to interact with one another in real time.

1997 DM News (Nexis) 8 Dec. 8 The organization of the Webinar's content and presentation is being handled by Clarify.

2004 Post-Standard (Syracuse, N.Y.) 18 Apr. E2/6 Participants in the Webinars can e-mail questions to experts, with some addressed during the sessions.

2008 Wall St. Jrnl. 24 June A12 (advt.) Attending our free monthly webinars gives you great exposure to new ideas that can drive your business.

The first mention seems to be from over 11 years ago! I just hope that this "word" disappears soon. :(

In general, I have nothing against new words...well, as long as there is a reason to have them. There is really no reason to add "webinar" to the language as seminar works just as well, if not better.

My family and I are going to be participating in the Relay for Life event in our town this weekend. Relay for Life is an event that raises money for the American Cancer Society. This description is from the Relay for Life website:

“Relay For Life is the American Cancer Society’s signature activity. It offers everyone in a community an opportunity to participate in the fight against cancer. Teams of people camp out at a local high school, park, or fairground and take turns walking or running around a track or path. Each team is asked to have a representative on the track at all times during the event. Relays are an overnight event, up to 24 hours in length.”

By going to my relay for life web page you can donate money to the Relay for Life cause or purchase a luminaria.  Luminaria are illuminated bags that are placed around the track to remember people who have lost their lives to cancer and honor those who have won their battle.

If you can, please go to my relay for life web page and donate some money or purchase a luminaria.  You can donate as little as $5, a Luminaria is just $10.  Every little bit helps.  Thank you.

Yesterday, I went to the anual Roth Pond Regatta at Stony Brook. It's an event where different groups of people race their cardboard and duct-tape boats across a pond. (This was the third time I went, but this year, my participation was limited to taking photos.) Below are some of the more interesting ones, you can always check out the whole gallery (as well as photos from 2007 and 2006; note that the photos haven't been post processed).

The Stony Brook Computing Society's boat:

Some other team's boat...both nice looking and fast:

These folks did not have Dino around:

Gargamel (SBCS member):

Getting the head on:

Papa Smurf! (note the size of the people in comparison):

Another team had fun with special effects:

Then, the races began...

Some boats didn't make it off the starting line:

Others did extremely well:

Papa Smurf is getting old, and isn't as agile as he once used to be:

Gargamel finds it very amusing:

Paddle faster!

Trojans nearing the finish line (note that the boat looks somewhat unfinished - the legs aren't fully painted!)

Papa Smurf getting demolished (part of the rules, once you lose, you must dispose of your boat)

Mummy trying to get to the shore:

The dumpster "guardians" using power-tools on Papa Smurf's head:

This is a very small subset of the photos I took...if you want to see more (un-postprocessed) photos, follow the link near the top of this entry.

I've just released a new Drupal module that uses an idea that I heard about a short time ago. The idea is to add a field to a form and hide it with css. If a bot fills in the field, reject the form without any notice (do bots really check for success?), without impacting the user experience. Other devices require extra user interaction.

read more

Thursday I was talking in a technical chat room on freenode and I heard someone mention Scala. And boy I have 3 words for you: I love it!. It has everything: imperative, OO, functional. I requires lot to learn, so I'm gonig to learn it in my off time. In the meantime I hope to employee myself as a computer repairman and website developer (especializing in SOA) Otherwise known as Services Oriented Archtecture. I have no love for interface development and wish to continue my programming practives programming and understanding rules and validations that go into storage or retrieval of database information. I really enjoy conversion based programming to. I was working with XSLT last night and really like it so far. I only go so far as a few XSLT transformation, but so far so good. I think it will be highly visible even in the future. As it related everything at the base level of understanding TAGS. JSTL uses it, and uses it well. Thats mostly what I think future websites will use. Scala or languages like it might have a deep imact especially given that:[/P][P]var var_name = [html]/html][/P][P]" is perfectly legal Scala code. See how the tags fit on the [same_level] as the 4gl code (scala)? Thats a beauty for me since matching up tags and interelated code can be a nightmare on most platforms. The only bad thing i have to say about Scala and (Haskell too) is that the documentation should have multiple ways at looking at the same thing but written together close to each other in the documentation itself. So all you tech book writers now have something to doI  know once I learn Scala I may just suggest myself to write a book since it may prove to be fun. Tah tah for now.

I have been spending the last month and 1/2 tinkering in PHP and Javascript. Let me tell you that it has been a fun and enjoyable experience.

What I like about PHP is it's supreme terseness. When one find a website I usually see that every ounce of code goes to use (not as much with fat clients).
Just knowing how something works when working with it is just such a relief one can add things with a simple lookup if the library call isn't used as much and php.net has a great facility for this : php.net/callme.


Now compared to java, php may seem the wimp. But we know the truth, not only is it too, running on top of a vm but it fully supports OOP as we are familiar with it. Inheritence, Use, Containment. Unfortunately it uses the same exact methods to go about this. 'extend','implement'. i guess it's ok, but I like the idea of multiple inheritence and trust that design wieners know how to inherit without overlapping names.

Wow, it's about time!

Sources tell me that RHEL 5.4 comes with XFS support. This is good news for all those folks wanting to use filesystems larger than 16TB and not trusting ext4 with their data (I couldn't blame them). As far as I know, these unfortunate souls have been told to use GFS2 if they wanted a RH supported fs that did more than 16TB. (It's worth mentioning that ext3 had a 8TB limit until about two years ago, when it got fixed up to support whopping 16TB.)

From IRC:

<jeffpc> Event: Happy Jaunty Release Day Everyone!
<jeffpc> Where: Corner Brewery
<jeffpc> Why: Because Ubuntu is awesome! Because we?re awesome! Right on.
* jeffpc groans
<jeffpc> obiwan: don't you ever take drugs, young man!
<jeffpc> obiwan: or you'll turn into one of those ubuntu lovers
<obiwan> hahahahahahahahhahahaahahahhaa
<obiwan> I was wondering why you cared about Jaunty Jackass or whatever the
         hell they call their releases
<jeffpc> hahaha
<jeffpc> that's awesome
<jeffpc> Jaunty Jackass
<obiwan> they just call it "Jaunty" like we're supposed to mentally fill in
         the other word
<obiwan> well there you go

In reply to Josef "Jeff" Sipeks reply to my post entitle SMTP -- time to chuck it from a couple of years ago.

This is a (long overdue) reply to Ilya's post: SMPT -- Time to chuck it.

[...]

There are two apparent problems at the root of the SMTP protocol which allow for easy manipulation: lack of authentication and sender validation, and lack of user interaction. It would not be difficult to design a more flexible protocol which would allow for us to enjoy the functionality that we are familiar with all the while address some, if not all of the problems within SMTP.

To allow for greater flexibility in the protocol, it would first be broken from a server-server model into a client-server model.

This is first point I 100% disagree with...

That is, traditionally when one would send mail, it would be sent to a local SMTP server which would then relay the message onto the next server until the email reached its destination. This approach allowed for email caching and delayed-send (when a (receiving) mail server was off-line for hours (or even days) on end, messages could still trickle through as the sending server would try to periodically resend the messages.) Todays mail servers have very high up times and many are redundant so caching email for delayed delivery is not very important.

"Delayed delivery is not very important"?! What? What happened to the whole "better late than never" idiom?

It is not just about uptime of the server. There are other variables one must consider when thinking about the whole system of delivering email. Here's a short list; I'm sure I'm forgetting something:

• server uptime
• server reliability
• network connection (all the routers between the server and the "source") uptime
• network connection reliability

It does little to no good if the network connection is flakey. Ilya is arguing that that's rarely the case, and while I must agree that it isn't as bad as it used to be back in the 80's, I also know from experience that networks are very fragile and it doesn't take much to break them.

A couple of times over the past few years, I noticed that my ISP's routing tables got screwed up. Within two hours of such a screwup, things returned to normal, but that's 2 hours of "downtime."

Another instance of a network going haywire: one day, at Stony Brook University, the internet connection stopped working. Apparently, a compromised machine on the university campus caused a campus edge device to become overwhelmed. This eventually lead to a complete failure of the device. It took almost a day until the compromised machine got disconnected, the failed device reset, and the backlog of all the traffic on both sides of the router settled down.

Failures happen. Network failures happen frequently. More frequently that I would like them to, more frequently than the network admins would like them to. Failures happen near the user, far away from the user. One can hope that dynamic routing tables keep the internet as a whole functioning, but even those can fail. Want an example? Sure. Not that long ago, the well know video repository YouTube disappeared off the face of the Earth...well, to some degree. As this RIPE NCC RIS case study shows, on February 24, 2008, Pakistan Telecom decided to announce BGP routes for YouTube's IP range. The result was, that if you tried to access any of YouTube's servers on the 208.65.152.0/22 subnet, your packets were directed to Pakistan. For about an hour and twenty minutes that was the case. Then YouTube started announcing more granular subnets, diverting some of the traffic back to itself. Eleven minutes later, YouTube announced even more granular subnets, diverting large bulk of the traffic back to itself. Few dozen minutes later, PCCW Global (Pakistan Telecom's provider responsible for forwarding the "offending" BGP announcements to the rest of the world) stopped forwarding the incorrect routing information.

So, networks are fragile, which is why having an email transfer protocol that allows for retransmission a good idea.

Pas touche! I have not conducted extensive surveys of mail server configurations, but, from personal experience; most mail server give up on sending email a lot sooner than recommended. RFC 2821 calls for a 4-5 day period. This is a reflection of the times, email is expected to deliver messages almost instantaneously (Just ask Ted Stevens!).

As you are well aware I am not implying that networks are anywhere near perfect, it just does not matter. If you send a message and it does not get delivered immediately your mail client would be able to tell you so. This allows you to reacts, had the message been urgent you can use other forms of communication to try to get it through (phone </gasp>). The client can also queue the message (assuming no CAPTCHA system, more on that later) and try to deliver it later. Granted machines which run clients have significantly shorter uptimes than servers but is it really that big of a deal, especially now that servers give up on delivery just a few hours after first attempt?

I, for one, am looking forward to the day when I no longer have to ask my potential recipient whether or not they have received my message.

Instead, having direct communication between the sender-client and the receiver-server has many advantages: opens up the possibility for CAPTCHA systems, makes the send-portion of the protocol easier to upgrade, and allows for new functionality in the protocol.

Wow. So much to disagree with!

1. CAPTCHA doesn't work
2. What about mailing lists? How does the mailing list server answer the CAPTCHAs?
3. How does eliminating server-to-server communication make the protocol easier to upgrade?
4. New functionality is a nice thing in theory, but what do you want from your mail transfer protocol? I, personally, want it to transfer my email between where I send it from and where it is supposed to be delivered to.
5. If anything eliminating the server-to-server communication would cause the MUAs to be "in charge" of the protocols. This means that at first there would be many competing protocols, until one takes over - not necessarily the better one (Betamax vs. VHS comes to mind).
6. What happens in the case of overzealous firewall admins? What if I really want to send email to bob@example.com, but the firewall (for whatever reason) is blocking all traffic to example.com?

1. Touche! I have to admit CAPTCHAs are a bit ridiculous in this application.
2. See above
3. By creating more work for admins. It allows users to more directly complain to the admins that the new protocol feature does not work. Yes I know admins want less work and fewer complaining users, but there are benefits. It really comes down to the fact that with more interactivity it is easier to react to changes, servers do not have brains but the people behind their clients do.
4. Hopefully that will still happen.
5. Well the worse protocol is already winning SMTP, dMTP (dot Mail Transfer Protocol) is so much better even if it is quite vague. MUAs will not be in charge, if they don not play ball then mail will not be delivered.
6. Now you are just getting ahead of yourself. Stop making up problems. The solution to overzealous admins, is their removal.

[...]

And so this brings us to the next point, authentication, how do you know that the email actually did, originate from the sender. This is one of the largest problems with SMTP as it is so easy to fake ones outgoing email address. The white list has to rely on a verifiable and consistent flag in the email. A sample implementation of such a control could work similar to the current hack to the email system, SPF, in which a special entry is made in the DNS entry which says where the mail can originate from. While this approach is quite effective in a sever-server architecture it would not work in a client-server architecture. Part of the protocol could require the sending client to send a cryptographic-hash of the email to his own receiving mail server, so that the receiving party's mail server could verify the authenticity of the source of the email. In essence this creates a 3 way handshake between the senders client, the senders (receiving) mail server and the receiver's mail server.

I tend to stay away from making custom authentication protocols.

In this scheme, what guarantees you that the client and his "home server" aren't both trying to convince the receiving server that the email is really from whom they say it is? In kerberos, you have a key for each system, and a password for each user. The kerberos server knows it all, and this central authority is why things work. With SSL certificates, you rely on the strength of the crypto used, as well as blind faith in the certificate authority.

They might, the point is not so much to authenticate the user but to link him to a server. If the server he is linked to is dirty, well you can blacklist it. Much of the spam today is sent from bot-nets, in this schema all the individual botnet senders would have to link themselves to a server. Obviously, a clever spammer would run a server on each of the zombie machines to auth for itself. The catch is that he would have to ensure that the Firewalls/NATs are open and that there is a (sub-) domain pointing back at the server. This is all costly for the spammer and for the good guy it'll be easy to trace down the dirty domains.

At first it might seem that this process uses up more bandwidth and increases the delay of sending mail but one has to remember that in usual configuration of sending email using IMAP or POP for mail storage one undergoes a similar process,

Umm...while possible, I believe that very very large majority of email is sent via SMTP (and I'm not even counting all the spam).

Carton jaune, I addressed that issue in my original posting which is just 2 sentences below this one. Excessive lobotomy is not appreciated.

first email is sent for storage (over IMAP or POP) to the senders mail server and then it is sent over SMTP to the senders email for redirection to the receivers mail server. It is even feasible to implement hooks in the IMAP and POP stacks to talk to the mail sending daemon directly eliminating an additional socket connection by the client.

Why would you want to stick with IMAP and POP? They do share certain ideas with SMTP.

Carton rouge, I said nothing about sticking to IMAP/POP. The point is that the system can be streamlined somewhat.

For legitimate mass mail this process would not encumber the sending procedure as for this case the sending server would be located on the same machine as the senders receiving mail server (which would store the hash for authentication), and they could even be streamlined into one monolithic process.

Not necessarily. There are entire businesses that specialize in mailing list maintenance. You pay them, and they give you an account with software that maintains your mailing list. Actually, it's amusing how similar it is to what spammers do. The major difference is that in the legitimate case, the customer supplies their own list of email address to mail. Anyway, my point is, in these cases (and they are more common than you think) the mailing sender is on a different computer than the "from" domain's MX record.

I do not think that increasing the burden on mass mailers even good ones is such a bad thing.

[...]

I really can't help but read that as "If we use this magical protocol that will make things better, things will get better!" Sorry, but unless I see some protocol which would be a good candidate, I will remain sceptical.

And I can not help but read this as "We should not think about improving protocols because it impossible to do better." In any case I appreciate your mal-parè. The discussion is important as letting protocols rot is not a good idea.

[...]

This is a (long overdue) reply to Ilya's post: SMPT -- Time to chuck it.

I'm going to quote it here, and reply to everything in it. Whenever I say "you," I mean Ilya. So, with that said, let's get started.

E-mail, in particular SMTP (Simple Mail Transfer Protocol) has become an integral part of our lives, people routinely rely on it to send files, and messages. At the inception of SMTP the Internet was only accessible to a relatively small, close nit community; and as a result the architects of SMTP did not envision problems such as SPAM and sender-spoofing. Today, as the Internet has become more accessible, scrupulous people are making use of flaws in SMTP for their profit at the expense of the average Internet user.

Alright, this is pretty much the only thing I agree with.

There have been several attempts to bring this ancient protocol in-line with the current society but the problem of spam keeps creeping in. At first people had implemented simple filters to get rid of SPAM but as the sheer volume of SPAM increased mere filtering became impractical, and so we saw the advent of adaptive SPAM filters which automatically learned to identify and differentiate legitimate email from SPAM. Soon enough the spammers caught on and started embedding their ads into images where they could not be easily parsed by spam filters.

A history lesson...still fine.

AOL (America On Line) flirted with other ideas to control spam, imposing email tax on all email which would be delivered to its user. It seems like such a system might work but it stands in the way of the open principles which have been so important to the flourishing of the internet.

AOL (I believe Microsoft had a similar idea) really managed to think of something truly repulsive. The postal system in the USA didn't always work the way it does today. A long time ago, the recipient paid for the delivery. AOL's idea seems a lot like that.

There are two apparent problems at the root of the SMTP protocol which allow for easy manipulation: lack of authentication and sender validation, and lack of user interaction. It would not be difficult to design a more flexible protocol which would allow for us to enjoy the functionality that we are familiar with all the while address some, if not all of the problems within SMTP.

To allow for greater flexibility in the protocol, it would first be broken from a server-server model into a client-server model.

This is first point I 100% disagree with...

That is, traditionally when one would send mail, it would be sent to a local SMTP server which would then relay the message onto the next server until the email reached its destination. This approach allowed for email caching and delayed-send (when a (receiving) mail server was off-line for hours (or even days) on end, messages could still trickle through as the sending server would try to periodically resend the messages.) Todays mail servers have very high up times and many are redundant so caching email for delayed delivery is not very important.

"Delayed delivery is not very important"?! What? What happened to the whole "better late than never" idiom?

It is not just about uptime of the server. There are other variables one must consider when thinking about the whole system of delivering email. Here's a short list; I'm sure I'm forgetting something:

• server uptime
• server reliability
• network connection (all the routers between the server and the "source") uptime
• network connection reliability

It does little to no good if the network connection is flakey. Ilya is arguing that that's rarely the case, and while I must agree that it isn't as bad as it used to be back in the 80's, I also know from experience that networks are very fragile and it doesn't take much to break them.

A couple of times over the past few years, I noticed that my ISP's routing tables got screwed up. Within two hours of such a screwup, things returned to normal, but that's 2 hours of "downtime."

Another instance of a network going haywire: one day, at Stony Brook University, the internet connection stopped working. Apparently, a compromised machine on the university campus caused a campus edge device to become overwhelmed. This eventually lead to a complete failure of the device. It took almost a day until the compromised machine got disconnected, the failed device reset, and the backlog of all the traffic on both sides of the router settled down.

Failures happen. Network failures happen frequently. More frequently that I would like them to, more frequently than the network admins would like them to. Failures happen near the user, far away from the user. One can hope that dynamic routing tables keep the internet as a whole functioning, but even those can fail. Want an example? Sure. Not that long ago, the well know video repository YouTube disappeared off the face of the Earth...well, to some degree. As this RIPE NCC RIS case study shows, on February 24, 2008, Pakistan Telecom decided to announce BGP routes for YouTube's IP range. The result was, that if you tried to access any of YouTube's servers on the 208.65.152.0/22 subnet, your packets were directed to Pakistan. For about an hour and twenty minutes that was the case. Then YouTube started announcing more granular subnets, diverting some of the traffic back to itself. Eleven minutes later, YouTube announced even more granular subnets, diverting large bulk of the traffic back to itself. Few dozen minutes later, PCCW Global (Pakistan Telecom's provider responsible for forwarding the "offending" BGP announcements to the rest of the world) stopped forwarding the incorrect routing information.

So, networks are fragile, which is why having an email transfer protocol that allows for retransmission a good idea.

Instead, having direct communication between the sender-client and the receiver-server has many advantages: opens up the possibility for CAPTCHA systems, makes the send-portion of the protocol easier to upgrade, and allows for new functionality in the protocol.

Wow. So much to disagree with!

1. CAPTCHA doesn't work
2. What about mailing lists? How does the mailing list server answer the CAPTCHAs?
3. How does eliminating server-to-server communication make the protocol easier to upgrade?
4. New functionality is a nice thing in theory, but what do you want from your mail transfer protocol? I, personally, want it to transfer my email between where I send it from and where it is supposed to be delivered to.
5. If anything eliminating the server-to-server communication would cause the MUAs to be "in charge" of the protocols. This means that at first there would be many competing protocols, until one takes over - not necessarily the better one (Betamax vs. VHS comes to mind).
6. What happens in the case of overzealous firewall admins? What if I really want to send email to bob@example.com, but the firewall (for whatever reason) is blocking all traffic to example.com?

Spam is driven by profit, the spammers make use of the fact that it is cheap to send email. Even the smallest returns on spam amount to good money. By making it more expensive to send spam, it would be phased out as the returns become negative. Charging money like AOL tried, would work; but it is not a good approach, not only does it not allow for senders anonymity but also it rewards mail-administrators for doing a bad job (the more spam we deliver the more money we make).

Yes, it is unfortunately true, money complicates things. Money tends to be the reason why superior design fails to take hold, and instead something inferior wins - think Betamax vs. VHS. This is why I think something similar would happen with competing mail transfer protocols - the one with most corporate backing would win, not the one that's best for people.

Another approach is to make the sender interact with the recipient mail server by some kind of challenge authentication which is hard to compute for a machine but easy for a human, a Turing test. For example the recipient can ask the senders client to verify what is written on an obfuscated image (CAPTCHA) or what is being said on a audio clip, or both so as to minimize the effect on people with handicaps.

Nice thought about the handicapped, but you are forgetting that only 800-900 million people speak English (see Wikipedia). That is something on the order of 13-15 percent. Sorry, but "listening comprehension" tests are simply not viable.

Obfuscated image CAPTCHAs are "less" of a problem, but then again, one should consider the blind. I am not blind, and as a matter of fact my vision is still rather good (even after years of staring at computer screens), but at times I'm not sure what those "distorted text" CAPTCHAs are even displaying. I can't even begin to imagine what it must be like for anyone with poor vision.

You seem to be making the assumption that most if not all legitimate email comes from humans. While that may be true for your average home user, let's not forget that email is used by more technical people as well. These people will, and do, use email in creative ways. For example, take me...I receive lots of emails that are generated by all sorts of scripts that I wrote over time. These emails give me status of a number of systems I care about, and reminders about upcoming events. All in all, you could say that I live inside email. You can't do a CAPTCHA for the process sending the automated email (there's no human sending it), and if you do the CAPTCHA for the receiving, you're just adding a "click here to display the message" wart to the mail client software user interface.

Just keep in mind that all those automated emails you get from "root" or even yourself were sent without a human answering a CAPTCHA.

It would be essential to also white list senders so that they do not have to preform a user-interactive challenge to send the email, such that mail from legitimate automated mass senders would get through (and for that current implementation of sieve scripts could be used). In this system, if users were to make wide use of filters, we would soon see a problem. If nearly everyone has a white list entry for Bank Of America what is to prevent a spammer to try to impersonate that bank?

White listing is really annoying, and as you point out, it doesn't work.

And so this brings us to the next point, authentication, how do you know that the email actually did, originate from the sender. This is one of the largest problems with SMTP as it is so easy to fake ones outgoing email address. The white list has to rely on a verifiable and consistent flag in the email. A sample implementation of such a control could work similar to the current hack to the email system, SPF, in which a special entry is made in the DNS entry which says where the mail can originate from. While this approach is quite effective in a sever-server architecture it would not work in a client-server architecture. Part of the protocol could require the sending client to send a cryptographic-hash of the email to his own receiving mail server, so that the receiving party's mail server could verify the authenticity of the source of the email. In essence this creates a 3 way handshake between the senders client, the senders (receiving) mail server and the receiver's mail server.

I tend to stay away from making custom authentication protocols.

In this scheme, what guarantees you that the client and his "home server" aren't both trying to convince the receiving server that the email is really from whom they say it is? In kerberos, you have a key for each system, and a password for each user. The kerberos server knows it all, and this central authority is why things work. With SSL certificates, you rely on the strength of the crypto used, as well as blind faith in the certificate authority.

At first it might seem that this process uses up more bandwidth and increases the delay of sending mail but one has to remember that in usual configuration of sending email using IMAP or POP for mail storage one undergoes a similar process,

Umm...while possible, I believe that very very large majority of email is sent via SMTP (and I'm not even counting all the spam).

first email is sent for storage (over IMAP or POP) to the senders mail server and then it is sent over SMTP to the senders email for redirection to the receivers mail server. It is even feasible to implement hooks in the IMAP and POP stacks to talk to the mail sending daemon directly eliminating an additional socket connection by the client.

Why would you want to stick with IMAP and POP? They do share certain ideas with SMTP.

For legitimate mass mail this process would not encumber the sending procedure as for this case the sending server would be located on the same machine as the senders receiving mail server (which would store the hash for authentication), and they could even be streamlined into one monolithic process.

Not necessarily. There are entire businesses that specialize in mailing list maintenance. You pay them, and they give you an account with software that maintains your mailing list. Actually, it's amusing how similar it is to what spammers do. The major difference is that in the legitimate case, the customer supplies their own list of email address to mail. Anyway, my point is, in these cases (and they are more common than you think) the mailing sender is on a different computer than the "from" domain's MX record.

Some might argue that phasing out SMTP is a extremely radical idea, it has been an essential part of the internet for 25 years.

Radical? Sure. But my problem is that there is no replacement. All the ideas you have listed have multiple problems - all of which have been identified by others. And so here we are, no closer to the solution.

But then, when is the right time to phase out this archaic and obsolete protocol, or do we commit to use it for the foreseeable future. Then longer we wait to try to phase it out the longer it will take to adopt something new. This protocol should be designed with a way to coexist with SMTP to get over the adoption curve, id est, make it possible for client to check for recipients functionality, if it can accept email by this new protocol then send it by it rather than SMTP.

Sounds great! What is this protocol that would replace SMTP? Oh, right there isn't one.

The implementation of such a protocol would take very little time, the biggest problem would be with adoption.

Sad, but true.

The best approach for this problem is to entice several large mail providers (such as Gmail or Yahoo) to switch over. Since these providers handle a large fraction of all mail the smaller guys (like myself) would have to follow suit.

You mentioned Gmail...well, last I heard, Gmail's servers were acting as open proxies. Congratulations! One of your example "if they switch things will be better" email providers is allowing the current spam problem to go on. I guess that makes you right. If Gmail were to use a protocol that didn't allow for spam to exist, then things would be better.

There is even an incentive for mail providers to re-implement mail protocol, it would save them many CPU-cycles since Bayesian-spam-filters would no longer be that important.

What about generating all those CAPTCHAs you suggested? What about hashing all those emails? Neither activity is free.

By creating this new protocol we would dramatically improve an end users experience online, as there would be fewer annoyances to deal with. Hopefully alleviation of these annoyances will bring faster adoption of the protocol.

I really can't help but read that as "If we use this magical protocol that will make things better, things will get better!" Sorry, but unless I see some protocol which would be a good candidate, I will remain sceptical.

As a side note, over the past ~90 days, I received about 164MB of spam that SpamAssassin caught and procmail promptly shoved into the spam mail box. Do I care? Not enough to jump on the "let's reinvent the email system" bandwagon. Sure, it eats up some of my servers clock cycles, and some bandwidth, the spam that gets to me is the few pieces that manage to get through, and show up in my inbox. Would I be happy if I didn't have to use a spam filter, and not have to delete the few random spams by hand? Sure, but at least for the moment, I don't see a viable alternative.

This episode is hosted by: Benjamin Kudria, Bill Burns, Brian Fix, Chris Knadle, Ilya (dotCOMmie) Sukhanov and engineered by Bobanero.

The following topics were discussed:

• Wikipedia relicensing content [1]
• Tom Tom vs Microsoft Settlement [1]
• Fedora break-in digest [1]
• Phones:
  • Android
  • Moblin to be hosted on linux.com [1]
  • OpenMoko RIP [1]
• Government openness [1] [2]

Download {enclose fsrt.20090418.mp3}

Bad news! Matt Lee will not be on todays show after all. I'm hoping to reschedule the interview for an upcoming show.

The good news is that the show is still on so tune in!

You might have already heard about ext4 "eating" people's data. That's simply not true.

While I am far from being a fan of ext4, I feel an obligation to set the record straight. But first, let me give you some references with an approximate timeline. I'm sure I managed to leave out a ton of details.

In mid-January, a bug titled Ext4 data loss showed up in the Ubuntu bug tracker. The complaining users apparently were using data on system crashes when using ext4. (The fact that Ubuntu likes to include every unstable & crappy driver into their kernels doesn't help at all.) As part of the discussion, Ted Ts'o explained that the problem wasn't with ext4 but with applications that did not ensure that the data they wrote was actually safe. The people did not like hearing that.

Things went pretty quiet until mid-March. That's when a slashdot article made it painfully obvious that many of today's apps are buggy. Some applications (KDE being a whole suite of applications) gotten used to the fact that ext3 was a very common filesystem used by Linux installations. More specifically, they got used to the behavior that ext3's default mount option (data=ordered) provided. This is really the issue. The application developers assumed that the POSIX interface gave them more guarantees that it did! To make matters worse, the one way to ensure that the contents of a file get to the disk (the fsync system call) is very expensive on ext3. So over the past (almost) decade that ext3 has been around, application developers have been "trained" (think Pavlov reflexes) to not use fsync --- on ext3, it's expensive and the likelyhood of you losing data is much lower due to the default mount options. ext4's fsync implementation, much like other filesystems' implementations (e.g., XFS) does not suffer from this. (You may have heard about fsync on ext3 being expensive almost a year ago when Firefox was hit by this: Fsyncers and curveballs (the Firefox 3 fsync() problem). Note that in this case, as Ted Ts'o points out, the problem is that Firefox uses the same thread to draw the UI and do IO. That's plain stupid.)

Over the next few days, Ted Ts'o posted two blog entries about delayed allocation (people seem to like to blame it for dataloss): Delayed allocation and the zero-length file problem, Don't fear the fsync!.

About the same time, Eric Sandeen wrote a blurb about the state of affairs: fsync, sigh. He points out that XFS has faced the same issue years ago. When the application developers were confronted about their application being broken, they just put fingers in their ears, hummed loudly, yelled "I can't hear you!" There is a word for that, and here's the OED definition for it:

denial,

The asserting (of anything) to be untrue or untenable; contradiction of a statement or allegation as untrue or invalid; also, the denying of the existence or reality of a thing.

The problem is application developers not wanting to believe that it's an application problem. Well, it really is! Not only are those apps broken, but they are not portable. AIX, IRIX, or Solaris will not give you the same guarantees as ext3!

(Eric is also trying to fight the common misconception that XFS nulls files: XFS does not null files, and requires no flux, which I assure you is not the case.)

About a week later, on an episode of Free Software Round Table, the problem was discussed a bit. They got most of it right :) (Here's a 55MB mp3 of the show: 2009-03-21.)

When April 1st came about, the linux-fsdevel mailing list got a patch from yours truly: [PATCH] fs: point out any processes using O_PONIES. (The pony thing...it's a bit of an inside joke among the Linux filesystem developers.) The idea of having O_PONIES first came up in #linuxfs on OFTC. While I don't remember who first thought of it (my guess would be Eric), I know for sure that it wasn't me. At the same time, I couldn't help it, and considering that the patch took only a minute to make (and compile test), it was well worth it.

Few days later, during the Linux Storage and Filesystem workshop, the whole fsync issue got some discussion time. (See "Rename, fsync, and ponies" at Linux Storage and Filesystem workshop, day 1.) The part that really amused me:

Prior to Ted Ts'o's session on fsync() and rename(), some joker filled the room with coloring-book pages depicting ponies. These pages reflected the sentiment that Ted has often expressed: application developers are asking too much of the filesystem, so they might as well request a pony while they're at it.

In the comments for that article you can find Ted Ts'o saying:

Actually, it was Josef 'Jeff' Sipek who deserves the first mention of application programmers asking for pones, when he posted an April Fools patch submission for the new open flag, O_PONIES --- unreasonable file system assumptions desired.

Another file system developer who had worked on two major filesystems (ext4 and XFS) had a t-shirt on that had O_PONIES written on the front. And the joker who distributed the colouring book pages with pictures of ponies was another file system developer working yet another next generation file system.

Application programmers, while they were questioning my competence, judgement, and even my paternity, didn't quite believe me when I told them that I was the moderate on these issues, but it's safe to say that most of the file system developers in the room were utterly unsympathetic to the idea that it was a good idea to encourage application programmers to avoid the use of fsync(). About the only one who was also a moderate in the room was Val Aurora (formerly Henson). Both of us recognize that ext3's data=ordered mode was responsible for people deciding that fsync() was harmful, and I've said already that if we had known how badly it would encourage application writers to Do The Wrong Thing, I would have pushed hard not to make data=ordered the default. Unfortunately, memory wasn't as plentiful in those days, and so the associated page writeback latencies wasn't nearly as bad ten years ago.

Hrm, I'm not sure how to take it...he makes it sound like I'm an extremist. Jeff --- a freedom fighter for sanity of filesystem interfaces! :) As I said, I can't take credit for the idea of O_PONIES. As I was writing this entry, I mentioned it to Eric and he promptly wrote an entry of his own: Coming clean on O_PONIES. It looks like he isn't sure that he was the one to invent it! I'll give him credit for it anyway.

The next day, a group photo of the attendees was taken... You can clearly see Val Aurora wearing an O_PONIES shirt. The idea was Eric's, and as far as I know, he had his shirt the first day.

Fedora 11 is supposedly going to use ext4 as the default filesystem. When Ars Technica published an article about it (First look: Fedora 11 beta shows promise), some misguided people thinking that that ext4 eats your data left a bunch of comments....*sigh*

Well, there you have it. That's the summary of events with some of my thoughts interleaved. If you are writing a userspace application that does file IO, do the right thing, fsync the data you care about (or at least fdatasync).

I can't belive this...These TV show writers really have to be trying to get things wrong.

I just learned about a rather non-technical description of the Kerberos authentication service: Designing an Authentication System: a Dialogue in Four Scenes. It makes me feel like I should set up Kerberos on my boxes...not sure if it's even worth it, considering that I deal with no more than 3 computers (laptop, desktop, server).

The fall semester, I was taking a computer architecture course, and during it, I came to the conclusion that compare-and-swap is better than the load-locked/store-conditional combination some architectures offer instead. As the class was very Alpha ISA-centric, the below text reflects that.

As a result I wrote this manifesto. I see no reason to keep it to myself! So, here it is. (Note: I haven't really read though it in a couple of months, and overall, I didn't take too long to write it, so there might be some nasty corner cases.)

Definition of Compare and Swap

Let us assume for the moment, that the compare and swap instruction is:

        CS      R1,R2,D3(R3)

Where, Rn specifies a register used as the n-th operand, and Dn specifies an immediate used as a displacement in the n-th operand.

The first and third operands are compared. If they are equal, the second operand is stored at the third-operand location and the first operand is set to the value zero. If they are unequal, the first operand is set to the value one.

When an equal comparison occurs, the second operand is stored at the third-operand location and the first operand is set to the value zero. The fetch of the third operand for purposes of comparison and the store into the third-operand location appear to be a block-concurrent interlocked-update reference as observed by other CPUs.

When the result of the comparison is unequal, the first operand is set to the value one, and the second-operand location remains unchanged.

Sample Code

This section illustrates how certain atomic primitives can be implemented with compare and swap. They assume Alpha-style instruction set and ignore Alpha's weak memory ordering.

spinlock_lock:
        lda     r4,0x0
        lda     r5,0x1
        cs      r4,r5,lock_var
        bne     r4,spinlock_lock

spinlock_unlock:
        stq     r31,lock_var

atomic_<op>:
        ldq     r4,atomic_var
        <some operations that yield r5, and do not modify r4>
        cs      r4,r5,atomic_var
        bne     r4,atomic_<op>

Instruction Encoding

So far, we have ignored all aspects of how a compare and swap instruction may be encoded.

Before looking at the 4 instruction formats present in Alpha, let us consider the requirements of compare and swap.

Compare and swap has three operands:

• the expected ("old") value
• the new value
• memory address

Additionally, it also returns a zero or one value in the first operand. Obviously, the instruction requires a minimum of three registers. While memory references are traditionally represented as <base-register, displacement> pairs (or as <base-reg, index-reg, displacement>, or even <base-reg, index-reg, scale-factor, displacement>) only a single register is necessary to specify an arbitrary memory location.

Of the 4 instruction formats present on Alpha, only the Operate Instruction Format can encode 3 registers.

        +--------+----+----+---------+----+
        | Opcode | Ra | Rb | /////// | Rc |
        +--------+----+----+---------+----+
         31     26   21   16         5    0

Not having an immediate value to use as a displacement is unfortunate, however it does not make it impossible to implement compare and swap.

The actual mapping of the 3 registers to the Ra, Rb, and Rc instruction fields trivial, and can be essentially arbitrary. It is worth noting that the mapping _should_ try to stay consistent with the other Operate format instructions. Namely, Rc should encode the destination register. For compare and swap, the only register that gets written to is the first operand (R1 in the example from the definition section). The order of the remaining two register mapping can be arbitrary with little to no effect on decoder complexity.

There are many unused opcodes that could be used for a compare and swap without adding any significant complexity to the decoder logic.

It should be noted that the bits 15:6 can be used as a displacement. The Op instruction format specifies that bit 12, must be zero if the instruction uses three register, or one if it uses two registers and an 8-bit immediate.

Potential Microarchitectural Issues

Even though only three registers are specified, compare and swap essentially uses 4 operands. The "additional" operand is the result of the fact that the first operand is first read, and then at a later time, written to.

This dictates that the Register Address Table (or some other register renaming logic) must handle translating three architected register numbers to physical register numbers, as well as allocating a new physical register number for the first operand. Aside from the RAT, other structures may need additional read ports (e.g., the physical register file must read 3 values concurrently).

Since compare and swap is a memory operation, special care must be taken to handle any interactions with a load/store queue. Given the fact that compare and swap potentially stores to memory, a mechanism must be provided to either not speculate (e.g., not begin execution of the compare and swap instruction until there are no proceeding instructions in the reorder buffer), or to speculatively launch the instruction and have an undo mechanism in case a conflicting store (from within the same core, or from another core) occurs. Obviously, it is possible to allow only a certain degree of speculation.

Another interesting question is, what component does the actual "compare and swap". The comparison could be located within the core, within the L1, or potentially somewhere else. Each has its own set of benefits and drawbacks.

in-core

This allows the caches to remain (relatively) simple. The cache needs to support a regular load, a regular store, and a "conditional" store.

The conditional store functions as follows:

1. core issues a load
2. core compares the loaded value with expected value
3. if mis-match, destination register is set to 1
4. if match, tell the cache to do a conditional store
5. the cache takes the conditional store, and if the cache line was not invalidated since the load, store the new value; at the same time, signal the core informing it whether or not the line was invalidated. This bit is then used to determine the value stored in the destination register.

in-cache

This design makes the cache do the comparison. The advantage is that the cache does not need to send the data to the core, wait for the store/don't-store signal, and then tell the core whether or not the store succeeded. Instead, it gets the expected value, does the comparison itself, and if the value matched, it proceeds with the store. Then, it signals the core, specifying whether or not the store occurred.

The cache can obtain the line in the exclusive state to avoid having to go to the bus for the store portion of the operation.

Compare and Swap vs. Load-locked/Store-conditional

Compare and swap has the interesting property of not caring whether or not the memory got changed. It simply does a comparison to determine if the in-memory value is what it expects.

Load-locked/Store-conditional lacks this. On the other hand, Store-conditional does not have to even attempt to access memory if the in-core lock register does not match the address.

References

[1] Alpha Architecture Handbook, version 4. EC–QD2KC–TE. Compaq
[2] z/Architecture Principles of Operation. page 7-66. SA22-7832-06. IBM

Looking at some of my older posts about z/Architecture, I decided to post a sample console session (including some annotations) with the latest version of the code with some work-in-progress patches that I haven't touched in a while.

Every OS needs a nice banner, right?

                    HH        HH  VV        VV  FFFFFFFFFFFF
                    HH        HH  VV        VV  FFFFFFFFFFFF
                    HH        HH  VV        VV  FF
                    HH        HH  VV        VV  FF
                    HH        HH  VV        VV  FF
                    HHHHHHHHHHHH  VV        VV  FFFFFFF
                    HHHHHHHHHHHH  VV        VV  FFFFFFF
                    HH        HH   VV      VV   FF
                    HH        HH    VV    VV    FF
                    HH        HH     VV  VV     FF
                    HH        HH      VVVV      FF
                    HH        HH       VV       FF

HVF VERSION v0.15-rc4-7-g62eac50

NOW 06:38:44 UTC 2009-04-15

LOGON AT 06:38:45 UTC 2009-04-15

IPL command isn't completely done, so for the time being, It has the device number hardcoded in.

ipl
WARNING: IPL command is work-in-progress
GUEST IPL HELPER LOADED; ENTERED STOPPED STATE

You can see the device number in R2, the SSCH in R1, and the base address in R12.

d g
GR  0 = 0000000000000000 0000000000010005
GR  2 = 0000000000000a00 0000000000000000
GR  4 = 0000000000000000 0000000000000000
GR  6 = 0000000000000000 0000000000000000
GR  8 = 0000000000000000 0000000000000000
GR 10 = 0000000000000000 0000000000000000
GR 12 = 0000000001000000 0000000000000000
GR 14 = 0000000000000000 0000000000000000

Execution will begin at 16MB, that's where the loader gets copied.

d psw
PSW = 00080000 81000000 00000000 00000000

The first few instruction of the loader...as disassembled by the built in disassembler.

d s i1000000.20
R0000000001000000  B234C090      STSCH  144(R12)
R0000000001000004  4770C040      BC     7,64(R0,R12)
R0000000001000008  9680C095      OI     149(R12),128
R000000000100000C  B232C090      MSCH   144(R12)
R0000000001000010  4770C040      BC     7,64(R0,R12)
R0000000001000014  D2070078C060  MVC    120(8,R0),96(R12)
R000000000100001A  5830007C      L      R3,124(R0,R0)
R000000000100001E  4133C03C      LA     R3,60(R3,R12)

There are real devices. Since this run was under Hercules, these were all defined in the hvf.cnf.

q real
CPU RUNNING
STORAGE = 128M
CONS 0009 3215 SCH = 10000
RDR  000C 3505 SCH = 10001
PUN  000D 3525 SCH = 10002
PRT  000E 1403 SCH = 10003
GRAF 0040 3278 SCH = 10004
GRAF 0041 3278 SCH = 10005
TAPE 0580 3590 SCH = 10006

And there are virtual devices (including their subchannel information blocks).

q virtual
CPU STOPPED
STORAGE = 17M
CONS 0009 3215 ON CONS 0009 SCH = 10000
RDR  000C 3505 SCH = 10001
PUN  000D 3525 SCH = 10002
PRT  000E 1403 SCH = 10003
DASD 0191 3390      0 CYL ON DASD 0000 SCH = 10004
d schib all
SCHIB DEV  INT-PARM ISC FLG LP PNO LPU PI MBI  PO PA CHPID0-3 CHPID4-7
10000 0009 00000000   0  01 80  00  00 80 ---- FF 80 00000000 00000000
10001 000C 00000000   0  01 80  00  00 80 ---- FF 80 00000000 00000000
10002 000D 00000000   0  01 80  00  00 80 ---- FF 80 00000000 00000000
10003 000E 00000000   0  01 80  00  00 80 ---- FF 80 00000000 00000000
10004 0191 00000000   0  01 80  00  00 80 ---- FF 80 00000000 00000000

Let 'er rip! Well, it gets past SSCH (well, kind of) and then it stopped when it didn't know what to do with a DIAG.

be
INTRCPT: INST (b234 c0900000)
STSCH handler (raw:0000b234c0900000 addr:0000000001000090 sch:10005)
INTRCPT: INST (8300 00010000)
Unknown/mis-handled intercept code 04, err = -4

Ah, condition code 3, that's why the loader gave up with DIAG, instead of attempting MSCH.

d psw
PSW = 00083000 81000048 00000000 00000000
d s i1000040.10
R0000000001000040  980FC0C4      LM     R0,R15,196(R12)
R0000000001000044  83000001      DIAG   X'000001'
R0000000001000048  980FC0C4      LM     R0,R15,196(R12)
R000000000100004C  83000000      DIAG   X'000000'

What version is this anyway? Is it 6:45 already?!

q cplevel
HVF version v0.15-rc4-7-g62eac50
IPL at 06:38:44 UTC 2009-04-15
q time
TIME IS 06:45:26 UTC 2009-04-15

P.S. I just realized that the post id for this post is 360. How apt! :)

I guess I should mention it here...

Almost 6 months ago, I wrote up another howto: Installing CentOS 4.x under z/VM (the first one being Installing Debian under Hercules).

I just came across an article that points out how Goldman Sachs managed to show a fair amount of profit for the first quarter:

Goldman Sachs reported a profit of $1.8 billion in the first quarter, and plans to sell $5 billion in stock and get out of the government’s clutches, if it can.

How did it do that? One way was to hide a lot of losses in not-so-plain sight.

Goldman’s 2008 fiscal year ended Nov. 30. This year the company is switching to a calendar year. The leaves December as an orphan month, one that will be largely ignored. In Goldman’s earnings statement, and in most of the news reports, the quarter ended March 31 is compared to the quarter last year that ended in February.

The orphan month featured — surprise — lots of write-offs. The pretax loss was $1.3 billion, and the after-tax loss was $780 million.

Would the firm have had a profit if it had stuck to its old calendar, and had to include December and exclude March?

Clever, eh?

Recently, I decided to watch a movie of some sort. Well, I ended up seeing Leviathan from 1989. It's truly a bad movie.

Spoiler follows!

So, it's essentially just like the movie Alien from 1979, except it takes place on the bottom of the ocean. You get the same kind of "monster" creature that's impossible to kill, and it wants to kill everyone.

It starts off when the deep-ocean mining company workers find a ship-wreck of a ship that's hasn't (officially) sunk. Since the ship was Russian, they discover some vodka in the captains safe. Some of the crew consumes it. Little did they know that the vodka contains some virus engineered by the Russian military! (Everyone know that the Russian military experimented on their own men, right?) Anyway, these charismatic non-Russians' DNA is now being rewritten by this virus. They are turning into...something!

After some battling (I'm not quite sure why they had a flame thrower on their ocean-floor base) of this "creature," they realize that they are on their own. The corporate headquarters don't want to scare investors away with this "virus that rewrites your DNA" news, so they essentially wanted to let them die on the ocean floor. Little did the corporate heads know that our heroes are not only in deep s*..err..water, but also very creative and so they find a way to destroy the mutant, and at the same time save their rears.

So out of the 5 or 6 characters that we start with, all but two die. Oh, actually, one of the characters dies because a shark gets him! Doesn't that bite (hahaha)? You are trying to escape a weird mutant creature that is a mix of your former buddies, and a shark gets you in the last 2 minutes of the movie!

If you have seen Alien, you've seen Leviathan. It really is that simple.

Our next episode will feature a special guest. The Campaigns Manager Matt Lee will talk little about some of the happening at FSF and other fun things.

Make sure to tune in on April 18th at 22:00 EDT. And while the show is live join the IRC channel to interact with the hosts and other fellow listeners.

Also, if you would like us to invite someone to the show send us a note either via the contact link on left menu or by IRC.

Over the past year or so, I tend to let a few comics accumulate before reading them. One of these accumulated comics is this PhD Comics:

I have to say: bravo! MythBusters always bothered me. I find their pseudo-scientific approach irritating. It's nice to see that I'm not the only one.

Here's a fun math problem...

Suppose there are n people. Each person has a hat.

Now, you collect all the hats, and distribute them back randomly. There is a certain probability that no one will get their own back.

What is the limit of this probability as n approaches infinity?

Hint: It's a probability, so it'll be in the [0,1] range.

(I'll post a solution in a few days.)

Wow. Just wow.

One of the dudes on IRC pasted a link to ditaa. Ditta is a utility that converts ascii art diagrams into bitmap files. See their website for examples.

It would be even more amusing if it spit out some vector format --- eps would be just fine.

Recently, I was tasked to install Fedora 10 on 2 systems. I have to say, it's a major pain. Here are my observations.

Live CD

The Fedora CD I got my hands on was a live-cd with an icon allowing you to install it to a disk. Neat idea (I first saw it few years ago with Ubuntu; they used Unionfs with tmpfs) of using dm-zero (IIRC) to provide a virtual disk with stuff. The downside is...it takes ages to get into the installer.

Partition editor crash

I've experienced a crash of the installer when I was setting up the partition table. It was pretty annoying, but at least I just had to start the installer again and not reboot. (I didn't bother saving the trace, but it was related to NoneType lacking isEncrypted attribute.)

NetworkManager

This is just plain ugly. Why do I want NetworkManager running on a server? Grr!

No choices

And worst of all...there were no choices to make during the installation process. So crap like X11 and Gnome got installed...I don't need either on a server system.

Are Linux distros really turning into steaming piles of bloatware? I hope not!

Last night I stumbled across the Monty Hall problem. At first it seems completely counter-intuitive, but when you think about it, the host reveals information about your choice by purposefully opening a door with a goat.

So Microsoft finally has an ad running that makes some kind of sense. They toss “Lauren” $1,000 to buy a computer and tell her she can keep whatever is left over. At the end of the ad she says that she “got *just* what she wanted”, so then why exactly did we see her go to the Mac store first? This ad is the latest in a mess of PC vs Mac ads that finally scores some points on the PC side, because she couldn’t afford a 17″ Mac laptop but ended up getting money back on a 17″ PC laptop. Sad, but true – the 17″ Mac laptop is a lot more expensive. The thing that leaves me scratching my head is that Microsoft doesn’t make laptops! From a business perspective, how does spending $1,000 to get somebody to buy your $100 product make any sense? If they were to continue this promotion and they gave *me* a thousand bucks to buy a new computer, you know I’d buy a PC too – but then of course, I’d put Linux on it.

http://www.youtube.com/watch?v=EIS6G-HvnkU

Do you know what's better than snow? Snow in April. Yep, that's right, there was a reasonable amount of snowfall overnight. I just wish I had time to go around, and photograph things.

Part1

It really seems like Brighthouse is not will to work with the customer AT ALL.

I recently moved down to Cocoa, FL from New York and prices are generally higher up there and I was paying around $140.00 a month for the following:

1 HD Multi Room DVR
1 SD Cable Box
HBO Package

10 MB Down / 2MB Up

Unlimited Nation Wide...

and paid a total of around $150 a month including taxes and the occasional on-demand rental.

Now Brighthouse wants to charge me $119 a month for the following:

1 HD DVR (Not Multiroom)
1 SD Box
10 MB Down / ??? Up
No HBO

$161.73 a month!!!!

Then I asked if there was anything they could do and possible provide the DVR box free of charge and try to work with the customer or if there was anything else they could do and they told me absolutely not.

Something is wrong here.

When I was switching from Cablevision to Fios up in New York Cable vision was willing to make each service 29.95 a month.

Part2
WOW BrightHouse Networks Customer Service is horrible.

So I finally decided to go online last night after all the phone call fun, and signed up for the double pack...For Internet Service and TV Service, including the extras I wanted.

I never got a confirmation email and no one called me this morning, so I called them and the lady told me there was nothing in the system so I went ahead and put the order in and got an install appointment for wednesday(good). Cable/Internet is the only thing holding me back from moving into my house right now.

Not 10 minutes after I get off the phone does the BrightHouse Promotions department call me and start to go into a speech about brighthouse and then i guess he looks at his screen and says "oooo, I was calling to offer $50 off your first month, for setting up your order online. but I see that you went ahead and called prematurely." So I responded with well cant you give me the $50 off I just signed up today. He said "Well, you would have to cancel the order..." so I said OK cancel the order. His response was..."Well I cant cancel the order you would have to call back and cancel the order"...I said oh ok well this is strike 2 for customer service, and then he started to tell me how he disagrees...thats when i hung up...unfortunately this is the only cable broadband provider in the this area and I guess they could give a rats ass about making any of their customers happy.

So 2 strikes for BrightHouse Cable before they even get into my house.

I've spent the last two weeks developing a thunderbird(tb) extension and I must say trying to find information specific to tb development is very hard to come by. Firefox plugin development information is all over the place. But tb resources are hard to come by. I have put together a quick reference that will hopefull get crawled by google and maybe give some help to others that are trying to do the same thing. Please not that this is just a qucik reference, of things I foudn to get the job done...they might not be the best method of doing things but it gets the job done.

Thunderbird Extension Development

Overlay Reference:

• chrome://messenger/content/messenger.xul- statusbar
  

• chrome://messenger/content/mailWindowOverlay.xul- Toolbar Menu (taskPopup), Message Context Menu (threadPaneContext)
  

• chrome://messenger/content/msgHdrViewOverlay.xul- Attachment Context Menu (attachmentListContext)

Accessing Attachments

1. var attachmentList = document.getElementById( 'attachmentList' ) // returns attachment list

2. var selectedAttachments = attachmentList.selectedItems; //Get selected attachments

Getting Message Information

var MessageUri = GetFirstSelectedMessage(); // Get Message URI

/* Get message body as it appears in preview window */

body = document.getElementById("messagepane").contentDocument.body.innerHTML;

Accessing Limited Message Header information

1. var msg = messenger.messageServiceFromURI(uri); // get message object

2. var hdr = msg.messageURIToMsgHdr(uri); // get header object

3. var subject = hdr.mime2DecodedSubject; // get Subject

4. var from = hdr.mime2DecodedAuthor; // get From

5. var to = hdr.mime2DecodedRecipients; // get To

6. var msgdate = new Date( hdr.date/1000); // turn epoch into date

7. var messageid = hdr.messageId; // get message ID

Downloading Attachments

This piece of code will take all selected attachments and download them to C:\ with their original filenames.

1. attachments = this.getSelectedAttachments();

2. for( i=0;i

3. var attachment = attachments[i];

4. 
   

5. /* Create a file interface object */

6. var file = Components.classes["@mozilla.org/file/local;1"].

7. createInstance(Components.interfaces.nsILocalFile);

8. var fullfilepath = 'C:/test/' + attachment.displayName;

9. file.initWithPath(fullfilepath);

10. if(!file.exists()) {

11. file.create(0x00,0644);

12. }

13. messenger.saveAttachmentToFile( file, attachment.url, attachment.uri, attachment.contentType, null );

14. }

It was a dark and stormy night...wait a minute...it was a clear and calm night; the night sky glistened with the light from thousands of streetlights releasing billions upon billions of photons, only to be scattered by the atmosphere and to rain down upon Ann Arbor --- to pollute the otherwise perfect night sky. So, Jeff, a twenty-odd year old who can be best described using Dungeons & Dragons character alignment as "chaotic good," decided that it was time to escape the particle bombardment to attempt the astronomically difficult, and equally arcane, task known as astrophotography...

Anyway...Here are the exposure details and the photos (from February 24, 2009):

826 seconds
f/3.5
ISO 800
Nikon D70
18-70mm @ 18mm (35mm equiv: 27mm)
Location: McCollum Rd, MI

Here's the same photo, but with a very well known constallation outlined.

Just an updated to the previous post. I forgot to mention that ICON is this week, April 3rd-5th. Here is more complete list of panels/talks at which FSRT people will be present:

• Cyber-Crime (Marriott - Salon A, Fri @ 8:30PM) Matt
• Science & Superheroes (SCCC - A 115, Fri @ 10:00PM) Matt
• Evil Scientists (SCCC - A 315, Sat @ 4:30PM) Matt
• Supercomputing (SCCC - A 322, Sat @ 6:00PM) Matt, Brian
• LUGSB Linux Install Q&A (SCCC - A 122, Sat @ 7:30PM) Matt, Ilya, Kupo, Jonathan
• Linux & Open Source Tech (SCCC - A 122, Sat @ 8:30PM) Matt, Brian, Ilya, Kupo, Jonathan
• Build-it-yourself Gadgets (SCCC - A 122, Sat @ 9:30:00 PM) Brian, Jonathan
• Privacy and Security (SCCC - A 122, Sat @ 12:00PM) Matt
• Practical Nanotechnology (SCCC - A 221, Sun @ 4:00PM) Matt

I realize I’m late to the party about last.fm, but I only decided to check it out recently. last.fm is a web 2.0 social networking site for folks that listen to a lot of music on their computer. I definitely fall into this category, in fact it’s the primary way I listen to music – I haven’t even owned a stereo in many years. The benefits of last.fm (a CBS owned site) only become apparent once you begin to publish some of the things you like listening to to it…

For a review of last.fm in the New York Times when it first launched in January of last year, click here [free reg. required]

Once you build up something of a listening history, the site begins to dynamically create lists of similar artists and “neighbors” (other users) who listen to the same kind of music as you so you can see what they are listening to. All the artists on the site are represented by a wiki page with information about the them which you can edit or further adorn with any legal promotional pics you may have. The site provides a flash music player on all pages of the site with a dynamically created and contextual list of music (ie: the list of streaming songs changes based on which page you are viewing). In other words, if you visit my personal page, you will be able to stream music from the vast last.fm library that I also happen to have listened to. note: It’s not *my* copy of this music you are listening to – it’s theirs, and if they don’t have a copy then you won’t be able to stream it out. You don’t have to use the flash players on the site, either, if you use a last.fm aware player you can run it right from your own player. If you visit a particular band’s wiki page, you can tune into a list of songs by that artist or a group of similar artists. The site provides access to this vast amount of music for *free* supported by advertising. I feel compelled to note that I don’t see any of these ads since I use the Firefox adblock plus add-on. I feel some guilt about that, but hey – I’m an equal opportunity ad ignorer. I also use the mute button on my remote when commercials come on the TV.

Once you have a free account on last.fm, you should decide about how you are going to “scrobble” what you listen to up to the site. This happens in real time – as you listen to music the track information is posted up to your personal page. Mine is here. Since I listen on three or four machines during the course of the day and they aren’t all running the same OS I’d prefer to use a player that will work on all of them. However, the choice of a music player is complicated by the fact that some of them are so phenomenal that others just plain suck in comparison and yet they aren’t all available on all platforms. Lately I’ve been using Amarok on my work Linux desktop (tied into a mysql database on one of the Linux servers which makes searches fly), Banshee on my home Linux machines and usually Banshee or iTunes on the Mac. Since Amarok and Banshee have last.fm support built in, I prefer using those players, with iTunes you have to start a separate application which monitors iTunes and thats just lame.

last.fm has a lot of the typical social networking functions like “friends” lists, a commenting system, etc. but with a music-centric paradigm. If you spend a lot of time listening to music played on a computer and want to share what you’re listening to (in real time), find new music you might like, *and* listen to complete tracks of that music for FREE – check it out.

We briefly mentioned I-CON on our last show. Its an awesome convention which has taken place here on long island for 27 years. The content is quite diverse, officially "Science Fiction, Fact And Fantasy." Some of the hosts from FSRT are will be participating in the panels.

Here is a list of panels at which FSRT people will be present at:

• Supercomputing (Fieldhouse @ SCCC A322 6:00pm)
• LUGSB Linux Install Q&A (Fieldhouse @ SCCC A122 7:30pm)
• Linux & Open Source Tech (Fieldhouse @ SCCC A122 8:30pm)

There will be many other interesting talks & panels check out the I-CON schedule.

So, the whole country is in an uproar over these AIG bonuses.  According to Wikipedia, AIG has received over $170 billion in bailout money.  The bonuses that have been paid out total $165 million, although some sources are reporting the total to now be closer to $218 million.

Now, assuming the worst case of $218 million dollars, only .12% of the tax-payer money went to bonuses.  I should point out that the number is not twelve percent, but point-twelve percent.  That’s just slightly more than one tenth of one percent.

Ideally, none of the tax-payer money would have gone to bonuses that were contingent on performance.  Clearly everyone with any real level of responsibility at AIG under-performed at best.  But, should this really be monopolizing the national dialogue?  Does the average news-watching American know where 99.88% of the bailout money went or what purpose it served?

This XKCD comic points out the problem I’m having with the media:

Recently my local LUG (LILUG) invited Eric S. Raymond (ESR) to come and speak. For those of you who are not familiar with ESR, he is one of the three largest icons of the Open Source/Free Software movement. Needless to say, it was an honor so see him speak. For the most part, his talk was quite tame but one of the points he raised seemed quite controversial. According to him the GPL and other viral licenses are no longer needed as they do more harm than good to the community. I don't want to put words into his mouth so I've transcribed what he said during the talk. You can view the ESR Q/A talk in its entirety, this specific excerpt is about 45 minutes into the video.

What is the point of being famous and respected if you can't speak heresy about your own movement. What is the point?

One of my heretical opinions is that we worry way too much about licensing. And in particular; I don't think we really need reciprocal licensing. I don't think we need licenses like the GPL, that punish people for taking code closed-source. Let me explain what I think. And then I'll explain [why] the fact we don't actually need those [licenses] matters.

I don't think we need them because. There has been a fair amount of economic analysis done in the last 10 years, significant amount of it has been done by, well, me. Which seems to demonstrate that open source is what the economist call a more efficient mode of production use, superior mode of production. You get better investment, better return out of the resources you invested by doing open source development than closed source development. In particular, there have been a number of occasions on which people have taken open source products that were reasonable successful, and just taken them closed. Effectively putting them under proprietary control, proprietary licensing and then tried to make a business model out of that. They generally fail. And the reason they fail is pretty simple. That is because when you take a product closed, you are now limited to what ever small number of developers that your corporation can afford to hire. The open source community that you just turned your back on does not, they have more people than you. They can put out releases more frequently, getting more user feedback. So the suggestion is, simply because of the numerical dynamics of the process: taking open software closed is something that the market is going to punish. You are going to lose. The inefficiencies inherent in closed source development are eventually going to ambush you, going to [inaudible] you, and your are not going to have a business model or product anymore. We've seen this happened number of times.

But now, lets look at the implications of taking this seriously. The question I found myself asking is: if the market punished people for taking open source closed, then why do our licenses need to punish people for taking open source closed? That is why I don't think you really need GPL or a reciprocal licenses anymore. It is attempting to prevent the behavior that the market punishes anyway. That attempt has a downside, the downside is that people, especially lawyers, especially corporate bosses look at the GPL and experience fear. Fear that all of their corporate secrets, business knowledge, and special sauce will suddenly be everted to the outside world by some inadvertent slip by some internal code. I think that fear is now costing us more than the threat of [inaudible]. And that is why I don't we need the GPL anymore.

-- Eric S. Raymond

Eric then went on to say that the BSD license is a good alternative to the GPL. This has sparked a heated discussion on the Free Software Round Table (FSRT) radio shows mailing list. While one can admire of the simplicity and clarity of the license it seems far fetched to say that it should be replacing the GPL. While yes there are economical incentive for corporations to keep code Open Source but the relative cost of closing the source depends largely on the size of company. Yes some small companies will not be able to afford to keep a code base alive with internal/contracted developers for larger companies the costs are a lot easier to digest.

Prime example of such a large company is Apple. In 2001 Apple came out with a completely new version of its operating system, MAC OS X. Although a successor to MAC OS 9, it was very different. OS X borrowed a very large code base from the BSDs, and some (pretty much everything but Darwin) of the code was effectively closed. This has not prevented Apple or OS X from thriving.

From the other end of the spectrum, are the companies such as MySQL AB which produce Free Software but also sell closed source licenses of the same code for a 'living.' There is a market for this, it exists because of those scared lawyers and corporate bosses. Killing the GPL would effectively kill this market, as a result development on some of these projects would slow down significantly.

The Open Source/Free Software movement is thriving, it does not mean its a good time to kill the GPL. In fact I don't think there will ever be a time when killing the GPL will do more good than harm.