Lewis' Blog Tales from the trenches of information technology

8Jul/120

When forum moderation goes a bit too far

It happened that I needed to seek some insight from the good folks in the openSuSE community forums. Now, while I haven't posted a tremendous amount over there (only a handful of entries since 2008 or so), I have added a tip or two, and of course, I've regularly contributed to the Novell forums for many years.

So you can imagine how rubbed the wrong way I was to receive a private message from one of the sysadmins concerning my signature and the inclusion of (heaven forbid!) a couple "commercial" links in it.

Okay, it's their forum. I can't complain. I apologized for the oversight. (The current forum software is so difficult to configure, I can't even figure out where to add my signature to my profile, so I had to manually paste it in.)

However, when I stopped by one of my posts which happened to include two - yes, that's T-W-O, as in one more than one - lines of terminal input, I was really annoyed to see a gentle reminder from that same sysadmin (publicly, this time) to use CODE tags around terminal text.

Really? For TWO lines?

<sigh>

It was then that I recalled that the openSuSE forums were available via NNTP (just like the Novell forums). I'm in heaven again...

22May/120

Warpstock 2012, Portland Oregon, USA

Embassy Suites Portland Airport

Well, after another round of considerations and deliberations, the Warpstock Board of Directors finally decided upon the Embassy Suites, Portland Airport for the site of this year's OS/2 & eComStation conference, August 17-19.

Full details are available on the Warpstock site, but meanwhile, here are a couple of highlights:

21Jan/125

SOPA / PIPA

Orwell, George: Social Classes (1984)

George Orwell's diagram of the social classes from 1984.

If you happen upon this blog and are utterly clueless about the two acronyms comprising the title of this post, I strongly urge you to click the ribbon in the upper right corner of your browser window to learn more about these potentially disastrous pieces of flotsam...er...legislation.

The United States Congress cannot legislate - or more specifically, abridge our - Freedom of Speech; it has been guaranteed through our Constitution's First Amendment (1791).

Why is it, then, that such abuses of power take place so often, and with so little intervention on the part of the People?

Because, I think, the vast majority of the People are Proles (sheep).

Please do not be a Prole.

In Germany, in the 1930's, more people were as Proles. This did not lead to good things. Let not history repeat itself (yet again).

12Dec/110

Egad! Why do people do their own web development?

WordPress 3.3 is now GA. Knowing better than to blindly upgrade without at least having a look at what may be not quite ready for prime time (though WP is quite good about reasonable beta cycles and such), I happened over to the WP fora to see what reports had been made (yes, I should have gone to the bugtracker, but I like to get a view from "on the ground," so to speak).

8Dec/110

Configuring Squid Proxy on OS/2: Path adjustments

Following onto my post concerning web privacy, I wanted to produce some pointers concerning Squid configuration for web blocking. To do that, of course, I needed a working Squid configuration. Mine was sorely in need of an update. I'd been running 2.6 stable 14(?) for a long time, then upgraded to 3.0 stable 13. I recall that took me some time to get working, but still I suffered repeated crashes under heavy load, so as a result, I did what any other normal user would do: I turned it off.

Well, that's no solution, now is it? It's especially no solution if the goal is to be able to tell other people how to use it!Hit with Ball

3Dec/110

Wrestling with Apache’s mod_rewrite

mod_rewrite is a great (read: extremely useful) module. For those who may be unfamiliar with its amazing abilities, unlike mod_alias, mod_rewrite actually re-writes a given url, so that

http://www.mydomain.com/some%20ridiculous%20url%20with%20spaces%20in%20it.html

turns into

http://www.mydomain.com/this

and other such wonderful things, completely replacing what would otherwise be visible to the browser's url bar and to search engines. Thus, this becomes a staple of the "Search Engine Friendly" url contingent for CMS-driven sites (such as those hosted under Joomla! and WordPress, for example).

24Nov/110

Mantis email fun – part 1

Mantis Bug Tracker is a great tool. Several friends use it (I was originally going to set up Bugzilla, as I'd had more experience from a user's perspective with it, during my years of submitting and contributing to Mozilla issues), and I finally got my chance to sink my teeth into it in 2009, when I took over the web hosting for OS/2 VOICE. In that instance, I inherited a well-oiled machine, so I had no real need to dig too far into the initial setup routines for the app.

Several months ago, I upgraded that particular installation, and set one up for myself. Naturally, as these things go, "setting one up" and actually "putting stuff into it" are two entirely different things, so until last week, when I really felt the urge, I didn't have any real chance to play with my new install.

So it was that last week I decided to check out where I left off and get an existing small project into it. (Eventually, I'll get fancy and incorporate Subversion or GIT into the Mantis setup, but for now, I just want to organize all of my electronic sticky-notes, so that I can make sense of what I've got and what I need to do moving forward). My first hurdle was that I couldn't for the life of me recall what my password was. Nothing seemed to work, and naturally, I hadn't stored it in SeaMonkey or Firefox or my other password keeper. Unperturbed, I clicked the link to send the password reset request. Nothing happened.

11Nov/112

Three good ways to thwart tracking attempts on the net

There is a lot of malicious junk floating about the net.I know; that's not a real surprise. Under normal circumstances, a good (standalone) firewall will keep one reasonably safe from the worst of it. However for those of us who travel, it's a constant challenge to keep up with personal firewall tweaking and such, and still, unless one is really running the kinds of stuff typically found in a UTM (Unified Threat Management) solution, just tweaking some firewall rules just isn't going to cut it.

[Shameless plug: Rosenthal & Rosenthal is an Astaro consultancy. If you know of anyone with a need for a truly solid firewall, email filter/scanner, VPN concentrator, etc., referrals are welcome.]

So, what can one do while traveling? Trust the hotel firewall? I think not. Here are three quick tips to help keep your system clean from would-be spoofers and such:

HOSTS file

A quick edit of your hosts file to loop back known bad sites to localhost (127.0.0.1) is a good start. To get started, have a look at the list compiled here. This will make some web pages look rather ugly, as the browser brings up the dreaded "cannot access..." in various iFrames and such, but it will speed browsing and keep that excess junk from cluttering the screen.

Squid proxy settings

Squid is great. You can do a lot of things with Squid, such as block entire IP ranges from getting in (or going out to them), which improves performance considerably. I'll post more on Squid configuration in a later article. For now, suffice it to say that Squid can be used as a pseudo-firewall (you just have to not defeat it by turning it off, but this is true of software firewalls, as well).

Privoxy

Another type of proxy is a privacy screen. Enter Privoxy to the scene. One of the annoying characteristics of most web surfing from modern browsers (and ancient ones) is that we tend to leave behind more than we take with us. To truly surf anonymously requires some type of anonymizer, and Privoxy is a good choice (this way, your travels don't follow you home, when you finally do get behind your warm and cozy hardware firewall). A couple interesting guides for chaining Squid to Privoxy (or vice-versa) may be found here and here. Again, I'll post more on this in a subsequent piece, but for now, suffice it to say that this is an excellent addition to your arsenal.

These are but three fairly quick and simple (well, they can be less complicated than others, at least) ways to browse more safely, and are of particular usefulness when away from home (or the office), where the bastion server is unknown and likely not to be trusted. In time, I'll flesh in more details and tips for configuring each of these solutioins.

Happy browsing.

13Oct/114

What’s up with BlackBerry? (Not much, and not for long, it appears)

My wife mentioned to me that she wasn't getting email on her BlackBerry Curve the other day. After some time of struggling (I don't use one of those annoying devices, myself; I currently use a Palm Pre Plus), I finally managed to get the service books re-sent to the device, and while monitoring our email server, saw an IMAP connection come up (albeit quite slowly, spending what seemed like an eternity selecting a folder). I doubt that sending service books really made much of a difference, unless something broke when RIM got things propped up again (temporarily).

The next day, I read several reports online about some massive problem at RIM, in Canada. The Register is now replete with stories of what appear to be ongoing problems up there:

BlackBerry BBM, email downed in epic FAIL - October 10
BlackBerry users back online after outage - October 11
BlackBerry BBM, email offline AGAIN
- October 11
BlackBerry services splutter back into action, again - October 11
RIM stands, staggers, falls again - October 12
BlackBerry stumbles to feet, full of apologies - October 13

26Jan/111

Why the concept of “The Cloud” is as old as dirt, and about as useful

The Cloud

Cloud? Mist? Fog?

I can't stand it.

I have reached the end of my rope with this stupid, stupid buzzword: The Cloud.

Cloud? Does anyone even know from where (or how) this term was derived? Likely from the typical symbol used to indicate the space between networks. This could be the public internet, an intranet, or even the PSTN (for those youngsters who may not be familiar with that acronym, that's the Public Switched Telephone Network, or the "phone system").

So, what the h-ll is it?

In the late 1990's, the big internet acronym was ASP (Application Service Provider). The concept was a good one, though fraught with numerous problems: security, performance, the stability of the provider's network infrastructure, the quality of the connection on the client's side of the link, and of course, the usual customer service issues.

The idea was simple: instead of purchasing your own application and the big iron to run it, you could essentially "rent" the application on someone else's systems (what we now call "hosted") and pay for it based on time, number of concurrent or overall users, volume of data storage, and/or a number of other factors.

Sound familiar? It should. Web hosting has been done like this for ages. In fact, since the internet became a "public" space and smaller companies (and individuals) who did not own their own web servers but who were desirous of maintaining a web presence, web server space has had a market. Likewise, hosted email systems have flourished over the years. YouTube is a major player in this type of space. They host files (audio & video). Their revenue model, however, is to mainly collect from third parties, in the form of advertising, vs charging the hosting clients directly (in most cases). Still, the concept of "your stuff, stored & accessed from somewhere else" is the same.

The security issue becomes the main concern (to me). What is to keep one of these outfits from setting up offshore somewhere (offshore here refers to outside the US - or outside your country, wherever that might be), accessing your data, selling it to some third party/ies, and then just closing up shop? Nothing. Not every country has a treaty with my country. If I am wronged in this manner, I'm pretty much out of luck.

In addition, I have no guaranty that the provider of these so-called "cloud" services has the infrastructure in place to handle my load once he takes on a dozen more clients.

I'm not completely down on the whole IaaS or SaaS ("Infrastructure as a Service" or "Software as a Service") idea. I just think that like most things, it has its uses, and it is not the answer to everyone's problems in all cases, contrary to what the marketing types would like the huddled masses to think.

Web hosting, where data is not particularly private, and where downtime isn't going to cause someone loss of life, liberty, or money (loss of happiness is a bit easier to bear, when compared to the others), makes sense if the cost is commensurate with the risk. Likewise, email hosting works the same way. However, putting my financial data on someone else's server(s), located who-knows-where (and just because the company's website says the facility is located in New Jersey doesn't - and I hate to break this to some of you - necessarily mean that that's really where it is), and with g-d-only-knows who running it, just doesn't sound like the best idea for me, as compared to hosting my own data on a server in the next room, run by me or by someone hired and trained by me (and that's not to say that it is ever entirely safe to trust anyone with your data).

The Cloud is merely the latest marketing hype word for something hosted somewhere else. Whether that something is your website, your email system, your backup (I'll save my rant about offsite backup for another post), or your precious business-critical data, it's exactly the same: you, giving up control over your data to someone else, located somewhere else, and usually replicated across two to two hundred servers, over which the only control you have is the power to withhold payment for services.

Sounds pretty thin to me, more like The Fog than the Cloud.