They renewed the Patriot Act for another six months. In protest of this blatant violation of my civil liberties, I've made a list of my rights which have been infringed by this legislation. I will not rest until we regain these lost freedoms.
1.
2.
3.
This list is by no means complete. Check back often, as I will be adding additional items to the list whenever the "jack booted thugs" impose upon my life, liberty, and pursuit of happiness.
Thursday, December 22, 2005
Friday, December 02, 2005
Fun with bash
In an effort to secure my internal network, I'm adding an access server. Initially, the firewall routed SSH to one of my application servers. Now it routes to a dedicated access server.
Previous: Internet -> Router - > Server -> Network
Current: Internet -> Router - > Access -> Network
Admittedly, this doesn't seem that different. The issue is the configuration of the system. The application server has to be accessible to other systems, so its security systems are somewhat basic. By using the access server, I can rachet the security as tight as it will go. Toward that goal, I've implemented within bash a few fun features.
In /etc/bashrc, I've appended:
if [ "$PS1" ]; then
USER=`cat /etc/passwd | grep ":$UID:$UID:" | awk -F: '{print $1}'`
date +"%d %H:%M:%S" | mail -s "$USER login" someuser@somewhere.com
fi
Whenever someone logs in (or su's to root) I get a message.
In each users .bash_logout file, I've added:
(sleep 3; mv ~/.bash_history /tmp/flytrap/`date +"%d%H%M%S"`; touch ~/.bash_history) &
The parens make this compound command execute in the background. The user's history file is committed to the drive, then (3 seconds later) moved to the flytrap. The flytrap is a directory where users can write, but they can not read (thus view):
# ls -ld /tmp/flytrap
d-------wt 2 root root 4096 Dec 2 13:35 /tmp/flytrap
Of course, I've changed the ownership and permissions on ~/.bash_logout to prevent the script kiddies from messing with it.
Previous: Internet -> Router - > Server -> Network
Current: Internet -> Router - > Access -> Network
Admittedly, this doesn't seem that different. The issue is the configuration of the system. The application server has to be accessible to other systems, so its security systems are somewhat basic. By using the access server, I can rachet the security as tight as it will go. Toward that goal, I've implemented within bash a few fun features.
In /etc/bashrc, I've appended:
if [ "$PS1" ]; then
USER=`cat /etc/passwd | grep ":$UID:$UID:" | awk -F: '{print $1}'`
date +"%d %H:%M:%S" | mail -s "$USER login" someuser@somewhere.com
fi
Whenever someone logs in (or su's to root) I get a message.
In each users .bash_logout file, I've added:
(sleep 3; mv ~/.bash_history /tmp/flytrap/`date +"%d%H%M%S"`; touch ~/.bash_history) &
The parens make this compound command execute in the background. The user's history file is committed to the drive, then (3 seconds later) moved to the flytrap. The flytrap is a directory where users can write, but they can not read (thus view):
# ls -ld /tmp/flytrap
d-------wt 2 root root 4096 Dec 2 13:35 /tmp/flytrap
Of course, I've changed the ownership and permissions on ~/.bash_logout to prevent the script kiddies from messing with it.
All EMF Products - Shielded Cap - Emf Protection
Finally, people won't think I'm crazy! The site, Block EMF, offers baseball caps made of copper core thread that will sheild your brain from dangerous RF waves. People will no longer ask me why I'm wearing an aluminum foil hat! See, I figure if the hat will keep the RF out, than it will keep the signals in my brain from going into outer space where they can be intercepted by aliens.
Though, the foil hat did go well with my cape.
Though, the foil hat did go well with my cape.
Monday, November 21, 2005
Minimuim Priviledges: mysqlhotcopy
I'm setting up a MySql server to run the database from a ramdrive (tmpfs). In order to protect the data, the system has to replicate the database in memory to the drive. The utility, mysqlhotcopy, can be used for this by adding it to a crontab. In my configuration, I'll copy the database to disk every 20 minutes. As my database is primarily read-only, if there were a crash, at worse I'd loose only a few updates.
The problem is that mysqlhotcopy requires a username and password, which must be issued on the command line. Since the command is stored in a crontab, the authentication information is stored in the clear. If someone were to comprimise the machine, I don't want to give them a free ride to the database.
The solution is to create a dummy account with minimuim priviledges. For my dummy account I set all priv's to 'N' except:
Select_priv='Y'
Reload_priv='Y'
Lock_tables_priv='Y'
This allows mysqlhotcopy to replicate the data to disk, but limits an intruder to switching the database to read only.
The problem is that mysqlhotcopy requires a username and password, which must be issued on the command line. Since the command is stored in a crontab, the authentication information is stored in the clear. If someone were to comprimise the machine, I don't want to give them a free ride to the database.
The solution is to create a dummy account with minimuim priviledges. For my dummy account I set all priv's to 'N' except:
Select_priv='Y'
Reload_priv='Y'
Lock_tables_priv='Y'
This allows mysqlhotcopy to replicate the data to disk, but limits an intruder to switching the database to read only.
Sunday, November 20, 2005
Apache modules
I've been needing this for a while: OpenSA has a list a quick reference to Apache modules. I was able to comment out about half the modules and slim the servers by about 12%. That mean more users, less swap. Woohoo!
Friday, November 11, 2005
Car Rentals: DAY beats MCO
...but not in a good way. Just got back from Dayton Ohio and was very dissappointed with the organization of their car rental layout. In fact, I think it is the first airport I've found that is worse than Orlando. (It astounds me that Orlando is so disorganized: With all the Disney tourists, you'd think theyed have thier act together!)
Normally, the Avis car counter has a score board that displays customer's names, and give information about their car. In Dayton, you have to know that the score board is on mounted backwards: You have to walk up to the counter, then turn your back on the counter representative to see the scoreboard.
Once you have you keys, you step outside the bagage area, turn to the right, and walk the one hundred yards to the cars. The cars are in an uncovered lot-- in Ohio. I've lived in Ohio-- it snows in Ohio. Sometimes allot. I don't want to have to load my lugage into a rental car in the snow. (The good new is that the hundred yard walk is not uncovered, they have you walk through a set of tent-like tunnels. This was especially entertaining since its still tornado season-- the tents were acting more like windtunnels than weather protectors.
But here's the best part. The rental return is on the complete opposite end of the airport from the checkin. Now its a two hundred yard walk. Returns should be more convient than pickup. If you arrive in a town late, you simply call your appointment, and blame missing you appointment on the airline. Everyone understands that. If get at the gate late for your flight home because of a problem with the rental car, the airline does not hold the plane for you.
Other than that, Dayton was OK.
Normally, the Avis car counter has a score board that displays customer's names, and give information about their car. In Dayton, you have to know that the score board is on mounted backwards: You have to walk up to the counter, then turn your back on the counter representative to see the scoreboard.
Once you have you keys, you step outside the bagage area, turn to the right, and walk the one hundred yards to the cars. The cars are in an uncovered lot-- in Ohio. I've lived in Ohio-- it snows in Ohio. Sometimes allot. I don't want to have to load my lugage into a rental car in the snow. (The good new is that the hundred yard walk is not uncovered, they have you walk through a set of tent-like tunnels. This was especially entertaining since its still tornado season-- the tents were acting more like windtunnels than weather protectors.
But here's the best part. The rental return is on the complete opposite end of the airport from the checkin. Now its a two hundred yard walk. Returns should be more convient than pickup. If you arrive in a town late, you simply call your appointment, and blame missing you appointment on the airline. Everyone understands that. If get at the gate late for your flight home because of a problem with the rental car, the airline does not hold the plane for you.
Other than that, Dayton was OK.
Friday, November 04, 2005
Fedora 4 Kickstart Errors, Brilliant Fix
Yep, got kickstart working. The fix was AFL brilliant! But before I tell you the solution, you have to promise to understand what I'm saying, rather than blindly implementing the fix.
I added a %pre statement:
dd if=/dev/zero of=/dev/hda count=1000
In other words: I wiped out the partition table. Of course this means all my data was destroyed! But that's OK... Your not suppose to store any mission critical data on a Fedora system anyway.
The major downside is that the system I'm playing with is a dual boot box, supporting both FC4 and RHEL4. This means that if I want to reinstall Fedora, I will have to follow it up with a Red Hat install. The good news is that kickstart still works under RHEL4, so it shouldn't be that painfull, just time consuming.
And, like, I got plenty of time!
I added a %pre statement:
dd if=/dev/zero of=/dev/hda count=1000
In other words: I wiped out the partition table. Of course this means all my data was destroyed! But that's OK... Your not suppose to store any mission critical data on a Fedora system anyway.
The major downside is that the system I'm playing with is a dual boot box, supporting both FC4 and RHEL4. This means that if I want to reinstall Fedora, I will have to follow it up with a Red Hat install. The good news is that kickstart still works under RHEL4, so it shouldn't be that painfull, just time consuming.
And, like, I got plenty of time!
Fedora 4 Kickstart Errors
What a disappointment. Turns out, the kickstart function is virtually useless under Fedora 4. After half a dozen attempts to rebuild a system, I found Chris's Wiki :: blog/linux/FC4BuggyAnaconda, which confirmed that there are two very big bugs in the kickstart facility. One bug will not let Anaconda (the 'client' side of kickstart) allocate partitions. If we can't find the partitions, we can't very well install software to the disk. The second bug prevents the system from being able to identify which packages to install.
So, let's recap: We can't find the disk, and even if we could, we can't figure out what to put on it. Too bad somebody didn't test this before it went out the door.
So, let's recap: We can't find the disk, and even if we could, we can't figure out what to put on it. Too bad somebody didn't test this before it went out the door.
Friday, October 21, 2005
April 7, 2009
Mark your calenders! A Senate panel has set the date as the end to analog TV broadcasts (CNET News.com). Better buy your HD set or et your converter box. The best part of the story: The date was pick to avoid interfering with NFL and NCAA game schedules.
What about baseball? Ha! Nobody cares about baseball on TV.
What about baseball? Ha! Nobody cares about baseball on TV.
Top 50 Science Fiction Television Shows of All Time - Boston.com
The Boston Globe has given us a fun list: Top 50 Science Fiction Television Shows of All Time. All in all, they did OK, though we could easily haggle over the rankings. They had several dogs in the list, and missed a few gems, but isn't that the way it goes.
What would I have included, you ask? How about:
Star Lost, The Invaders, or Brimstone
What would I have included, you ask? How about:
Star Lost, The Invaders, or Brimstone
Wednesday, October 19, 2005
HOWTO - Linux VNCserver
I was playing with the idea a remote desktop on one of my home systems. Under Red Hat Enterprise Linux 4, you can share your desktop, but only if you've launched the GUI. This meant that the system was running X, even when I wasn't logged in: not what I wanted. With Googles help, I found HOWTO - Linux VNCserver, and setup a VNC Server to run in the background. When not logged in, VNC Server take less than 1% of CPU.
I don't think much of the "authentication" process-- more correctly, the lack of good authentication. The server is configured to run as a specific user ID, and all the remote user is doing is connecting to the target users account. (Scary though: Don't run it as root!) For my environment, it should be good enough. The target system in on rack in my basement and I'm connecting via a dedicated ethernet from my another room.
I don't think much of the "authentication" process-- more correctly, the lack of good authentication. The server is configured to run as a specific user ID, and all the remote user is doing is connecting to the target users account. (Scary though: Don't run it as root!) For my environment, it should be good enough. The target system in on rack in my basement and I'm connecting via a dedicated ethernet from my another room.
CommonCensus Map Project
An interesting project. The site, CommonCensus Map Project asks a few unintrusive questions and uses the data to create maps of cultural networking. I especialy liked the NFL map, as it showed the Redskin's sphere of influence to extend into South Carolina. What I wonder, is what would it look like if Washington was having a bad season?
Thursday, October 13, 2005
Next, CUA
Catholic University of America was the next stop. The adjacent basilica is the largest traditional church in the western hemisphere. They have the second largest library in the US. There campus is home to the second tallest building in DC. I was almost surprised when my son raised his hand, as if to ask a question... But he was only fixing his hair. He didn't like CUA-- it smelled funny.
Testudo
I'm touring colleges today, not that any of them offer degrees in heavy metal loafing. University of Maryland was the first stop. My son spent more time fixing his wind blown hair than listening to the tour guide. Hum, I wonder what I could spend $15,000 a year on rather than education... I shouldn't complain: next stop costs $33,000 a year!
Wednesday, October 12, 2005
Rodin Sculpture Garden- The Thinker
A correction to my earlier post: There is a life size version of The Thinker. It is at Musee de Rodin (Paris, France, near the Eiffel Tower) in The Sculpture Garden.
National Gallery of Art
I took my wife to the National Gallery of Art yesterday. We only spent about three hours, so we only saw about 10% of the West building. Being the cultural Neaderthal that I am, I didn't recognize many of the works. I did immediately recognized one painting as a Rembrandt (Portrait of a Man in a Tall Hat). Initially, I did not know one of the featured artists, Rodin, but when I saw The Thinker, I realized who he was. (A side note: I expected The Thinker to be much larger-- it was only about 2 feet tall.)
One very interesting thing about the way NGA displayed the art may be incorporated into my present home. Generally, when one hangs a picture, they bang a nail in the wall, toss it up there, and hope its level. The NGA had tracks embedded in the walls where they joined the ceiling, and would run cables from the tracks to suspend the art. Thus, no wholes in the walls to repair. Given the fact that the art is moved, this seemed very efficient. As I have only recently moved, none of our art is in place.
In retospect, I think the main thing I took from NGA was the understanding of why some art is worth millions of dollars. I'm not certain that I've ever seen a 300 year old masterpiece before, but there is absolutly no comparison to what is sold commercially. The attention to detail, color, and lighting was incredible.
One very interesting thing about the way NGA displayed the art may be incorporated into my present home. Generally, when one hangs a picture, they bang a nail in the wall, toss it up there, and hope its level. The NGA had tracks embedded in the walls where they joined the ceiling, and would run cables from the tracks to suspend the art. Thus, no wholes in the walls to repair. Given the fact that the art is moved, this seemed very efficient. As I have only recently moved, none of our art is in place.
In retospect, I think the main thing I took from NGA was the understanding of why some art is worth millions of dollars. I'm not certain that I've ever seen a 300 year old masterpiece before, but there is absolutly no comparison to what is sold commercially. The attention to detail, color, and lighting was incredible.
Friday, October 07, 2005
Blogger Spam
Ha Ha. Blogger got hacked-- sort of.
Somebody setup a spambot to watch for new Blogger posts, and comment on them. The comments tend to say things like: "Great blog. We have alot in common. I bet you'd like my site, spamspamspam.com, for low cost perscription prices." It's really very cleaver, though annoying. Now, every time I post, I have to go back and delete the comments.
Luckily, there is a way to make it a little more difficult for the spambot. In the Blogger Dashboard, you select the "Settings" tab, and the "Comments" link. Change "Show word verifiction" from the default of No to Yes.
The folks at Blogger are not of the same mind as am I. In my neighborhood, we err on the side of more secure, rather than less secure.
Somebody setup a spambot to watch for new Blogger posts, and comment on them. The comments tend to say things like: "Great blog. We have alot in common. I bet you'd like my site, spamspamspam.com, for low cost perscription prices." It's really very cleaver, though annoying. Now, every time I post, I have to go back and delete the comments.
Luckily, there is a way to make it a little more difficult for the spambot. In the Blogger Dashboard, you select the "Settings" tab, and the "Comments" link. Change "Show word verifiction" from the default of No to Yes.
The folks at Blogger are not of the same mind as am I. In my neighborhood, we err on the side of more secure, rather than less secure.
Anti-Virus Software Comparison
Over the years, I've worked with many different anti-virus software products for the Microsoft platform. Most corporate customers used Symantec, but I always felt it placed too much of a drag on the system. Eventually, I decided that McAfee VirusScan was the better product. I purchased Version 6, when loaded Windows XP, and was happy with it for several years.
A few months again, my update subscription ran out, and I was disappointed to find that McAfee would not support Version 6 any longer. Like a good consumer, I dutifully marched to CompUSA, and bought version 9. I was immediately disappointed. To make a long story short, McAfee had chosen to use Active-X as the engine to fetch virus signature updates. This presents two problems:
First, Active-X requires Microsoft Internet Explorer, but my default browser was Firefox. Thus, the update utility would launch the browser to check for updates, but the process failed becuase the browser was not IE. I used tech support chat, but they insisted that I had no choice but to use IE as my default browser.
Second, Active-X is the mechanism that the majority of Spyware uses to get onto a Windows system. Thus, the anti-virus program was opening a vulnerability. McAfee tech support said I shouldn't worry about spyware, as they had a seperate product that I could purchase guard against that threat.
The good news: McAfee offered a money back guarantee. When I called to exercise that option, they escalated my issue to Tier 2 Tech Support. Eventually, they conceded that Version 9 was a product for the mass market, rather than people truly interested in security.
So, what was I to do? I needed an alternative. I chose to try Trend Micro PC-cillin Antivirus 11. One really big issue: Trend Micro was $39 with a $20 rebate, whereas McAfee was $59 with a $20 rebate. Thus, it was 50% cheaper. Of course, if it didn't work, then cheaper was meaningless.
After loading Trend Micro, I was very quickly, very impressed with the product. Not only did it have no problem with Firefox, but it recognized and operated seemlessly with my Mozilla and Thunderbird e-mail programs. McAfee would only support Outlook variants.
Furthermore, Trend Micro's basic package claims protection from Spyware, as well. McAfee required a second product. This now made Trend Micro 68% cheaper. Another neat feature: Last night there was an indictor that a new virus had been discovered, with a warning that I should update. I initiated a manual update, only to find the system had already downloaded the new signature file.
As far as I'm concerned, the Trend Micro is a vastly superior product to the McAfee product.
A few months again, my update subscription ran out, and I was disappointed to find that McAfee would not support Version 6 any longer. Like a good consumer, I dutifully marched to CompUSA, and bought version 9. I was immediately disappointed. To make a long story short, McAfee had chosen to use Active-X as the engine to fetch virus signature updates. This presents two problems:
First, Active-X requires Microsoft Internet Explorer, but my default browser was Firefox. Thus, the update utility would launch the browser to check for updates, but the process failed becuase the browser was not IE. I used tech support chat, but they insisted that I had no choice but to use IE as my default browser.
Second, Active-X is the mechanism that the majority of Spyware uses to get onto a Windows system. Thus, the anti-virus program was opening a vulnerability. McAfee tech support said I shouldn't worry about spyware, as they had a seperate product that I could purchase guard against that threat.
The good news: McAfee offered a money back guarantee. When I called to exercise that option, they escalated my issue to Tier 2 Tech Support. Eventually, they conceded that Version 9 was a product for the mass market, rather than people truly interested in security.
So, what was I to do? I needed an alternative. I chose to try Trend Micro PC-cillin Antivirus 11. One really big issue: Trend Micro was $39 with a $20 rebate, whereas McAfee was $59 with a $20 rebate. Thus, it was 50% cheaper. Of course, if it didn't work, then cheaper was meaningless.
After loading Trend Micro, I was very quickly, very impressed with the product. Not only did it have no problem with Firefox, but it recognized and operated seemlessly with my Mozilla and Thunderbird e-mail programs. McAfee would only support Outlook variants.
Furthermore, Trend Micro's basic package claims protection from Spyware, as well. McAfee required a second product. This now made Trend Micro 68% cheaper. Another neat feature: Last night there was an indictor that a new virus had been discovered, with a warning that I should update. I initiated a manual update, only to find the system had already downloaded the new signature file.
As far as I'm concerned, the Trend Micro is a vastly superior product to the McAfee product.
Thursday, October 06, 2005
GPG and ssh-keygen
I never can remember these commands, mainly because I don't use them that often.
Before using GPG, create the directory:
mkdir ~/.gnupg; chmod 700 $_
Now, encrypt a file:
gpg -c /path/file
Encrypted file is created as /path/file.gpg.
To decrypt to standard output:
gpg -d /path/file.gpg
(You might want to redirect to another file.)
To use SSH without a entering a password, we do a key exchange. First we need a key pair:
ssh-keygen -t dsa
The key is stored as ~/.ssh/id_dsa.pub.
Transport the key to the remote system, then add it to SSH:
cat id_dsa.pub >> ~/.ssh/authorized-keys
If the permissions are not correct, the login will fail.
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Make sure to check permissions on both sides!
Before using GPG, create the directory:
mkdir ~/.gnupg; chmod 700 $_
Now, encrypt a file:
gpg -c /path/file
Encrypted file is created as /path/file.gpg.
To decrypt to standard output:
gpg -d /path/file.gpg
(You might want to redirect to another file.)
To use SSH without a entering a password, we do a key exchange. First we need a key pair:
ssh-keygen -t dsa
The key is stored as ~/.ssh/id_dsa.pub.
Transport the key to the remote system, then add it to SSH:
cat id_dsa.pub >> ~/.ssh/authorized-keys
If the permissions are not correct, the login will fail.
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Make sure to check permissions on both sides!
Wednesday, September 07, 2005
Check out my $3,700 sunglasses
I got them free from American Express. Which begs the question: If they were free, how did they cost $3700? Glad you asked. American Express gives you a point for every dollar you charge, so I used points to get the glasses.
Granted, I did get $3700 worth of other stuff, too. But, philospically, one could argue that it was the other stuff that was free...
PS: This is the fountain around the Navy Memorial.
Tuesday, August 02, 2005
ls -l `which top`
Learned a new command:
ls -l `which top`
This executes the which command to get the path of the target file, then hands that over to ls, so it can be displayed. This is a compound command that will save from issueing the two comands individually.
ls -l `which top`
This executes the which command to get the path of the target file, then hands that over to ls, so it can be displayed. This is a compound command that will save from issueing the two comands individually.
Sunday, July 10, 2005
My $1,023 Cell Phone Bill
I just got my Cingular bill: they charged me over $900 in roaming charges for calls made from my new house. So, I called customer service and asked what went wrong. They explained that even though I changed my address, I didn't change to the 410 area code, therefore all calls would be billed as if I were still in the old area code. Too bad I wasn't told that at the time I changed the address.
There is a second factor in play. I originally signed up for service with ATT Wireless, which was bought by Cingular. Appearently, I had been on ATT's local plan, rather than their nationwide plan. The nationwide plan would have cost me an extra $10 per month. Since I've had this phone for 18 months, that would have been $180.
Now, here's the question: How can Cingular think it is a good idea to stick a customer with $900 worth of roaming fees? Obviously, their technology could have absorbed the calls for $10. Instead, they agreed to wave $400, and then tried to talk me out of cancelling their service. They expect me to pay them $600, increase my monthly rate plan, and like it?
Of all the transactions I have to undertake, I dispise having to buy a house, a car, and dealing with cell phone vendors. How is this possible? You buy houses and cars maybe every five years. Cell phones are replaced every two. Why does it have to be such a big deal?
But I'm still drawn back to the original question: How can Cingular think that customers would like to pay them $600 for $10 worth of services?
There is a second factor in play. I originally signed up for service with ATT Wireless, which was bought by Cingular. Appearently, I had been on ATT's local plan, rather than their nationwide plan. The nationwide plan would have cost me an extra $10 per month. Since I've had this phone for 18 months, that would have been $180.
Now, here's the question: How can Cingular think it is a good idea to stick a customer with $900 worth of roaming fees? Obviously, their technology could have absorbed the calls for $10. Instead, they agreed to wave $400, and then tried to talk me out of cancelling their service. They expect me to pay them $600, increase my monthly rate plan, and like it?
Of all the transactions I have to undertake, I dispise having to buy a house, a car, and dealing with cell phone vendors. How is this possible? You buy houses and cars maybe every five years. Cell phones are replaced every two. Why does it have to be such a big deal?
But I'm still drawn back to the original question: How can Cingular think that customers would like to pay them $600 for $10 worth of services?
Thursday, July 07, 2005
STONITH
I learned a new acronym: STONITH
The term references how clustered systems handle a failure. During operations, all of the systems in the cluster are constantly running checks on their neighbors. If the systems, called nodes, sense that one of their neighbors has stopped responding, they force the failing system to switch offline, or power-off. Since the working node is killing the failing node, they are executing a stonith: shoot the other node in the head.
Gotta love that one.
The term references how clustered systems handle a failure. During operations, all of the systems in the cluster are constantly running checks on their neighbors. If the systems, called nodes, sense that one of their neighbors has stopped responding, they force the failing system to switch offline, or power-off. Since the working node is killing the failing node, they are executing a stonith: shoot the other node in the head.
Gotta love that one.
Thursday, June 09, 2005
We Are Stupid Consumers
A couple weeks ago, the oven on my Mother In Law's stove stopped working. She called a repair guy, who told her that it would cost $400 to fix the over. At that price, he advised she get a new stove. Good for him for not taking advantage of MIL.
But here's the problem: In economics, a stoves and other large appliences are what is called durable goods. Durable goods are suppose to have a 15 year life span. The stove in question was 7 years old. Oh, sure, there will be some that will fail in less than 15, but others will last 21, so it evens out-- right?
Turns out, the problem with her stove was that the computer that controlled the ovens temperature had failed. The repair guy explained that it was going to cost him $300 to buy the replacement part. WTF! Who in the world decided that replacing a $3 mechanical thermostat with a $300 computer system was a good idea?
And $300 for the computer? You can buy a bare bones Dell for $300!
Here's the problem: computers do not like heat. As a matter of fact, they prefer being supercooled. So why are we putting a computer inside a machine that is meant to operate at 400 degrees?
This is stupid... But you know what-- It is now the industry standard. I didn't like the stove in my new house and I had to look at about a hundred models to find one that didn't have a computerized oven.
We consumers should nat stand for this; but we will, because we're stupid.
But here's the problem: In economics, a stoves and other large appliences are what is called durable goods. Durable goods are suppose to have a 15 year life span. The stove in question was 7 years old. Oh, sure, there will be some that will fail in less than 15, but others will last 21, so it evens out-- right?
Turns out, the problem with her stove was that the computer that controlled the ovens temperature had failed. The repair guy explained that it was going to cost him $300 to buy the replacement part. WTF! Who in the world decided that replacing a $3 mechanical thermostat with a $300 computer system was a good idea?
And $300 for the computer? You can buy a bare bones Dell for $300!
Here's the problem: computers do not like heat. As a matter of fact, they prefer being supercooled. So why are we putting a computer inside a machine that is meant to operate at 400 degrees?
This is stupid... But you know what-- It is now the industry standard. I didn't like the stove in my new house and I had to look at about a hundred models to find one that didn't have a computerized oven.
We consumers should nat stand for this; but we will, because we're stupid.
Wednesday, June 08, 2005
I know how to deal with spam
I loved this exchange over at slashdot. Eventually it slipped into stupidity, but I thought the initial authors had some good momentum. The topic was regarding the comment that Bill Gates is the most spammed person in the world.
by PopeAlien (164869) on Wednesday June 08, @02:34PM (#12760276)
I dont get nearly as much spam as that, but even a few hundred a day is pretty irritating. My solution is to delete all email as soon as I get it.
I figure if its important I'll get a phone call.
by Everleet (785889) on Wednesday June 08, @02:48PM (#12760451)
Funny, I delete all phone calls as soon as I get them. I figure if it's important I'll get an IM.
by DoomHaven (70347) on Wednesday June 08, @02:51PM (#12760479)
Funny, I delete all IMs as soon as I get them. I figure if it's important, I'll get a visit.
by Poltras (680608) on Wednesday June 08, @03:03PM (#12760591)
Funny, I delete all of my visitors as soon as they show up. I figure if it's important, the police will come and circle the house.
by AndersOSU (873247) on Wednesday June 08, @03:07PM (#12760630)
Funny, in Soviet Russia the police delete you.
The original post.
by PopeAlien (164869) on Wednesday June 08, @02:34PM (#12760276)
I dont get nearly as much spam as that, but even a few hundred a day is pretty irritating. My solution is to delete all email as soon as I get it.
I figure if its important I'll get a phone call.
by Everleet (785889) on Wednesday June 08, @02:48PM (#12760451)
Funny, I delete all phone calls as soon as I get them. I figure if it's important I'll get an IM.
by DoomHaven (70347)
Funny, I delete all IMs as soon as I get them. I figure if it's important, I'll get a visit.
by Poltras (680608) on Wednesday June 08, @03:03PM (#12760591)
Funny, I delete all of my visitors as soon as they show up. I figure if it's important, the police will come and circle the house.
by AndersOSU (873247) on Wednesday June 08, @03:07PM (#12760630)
Funny, in Soviet Russia the police delete you.
The original post.
Thursday, May 26, 2005
New Scientist 11 steps to a better brain
While checking the tech headlines at CNET News, I came across a great article. It's titled 11 Steps To A Better Brain and (even though the writer didn't realize that he isn't suppose to start a sentence with a number) its a great piece of work. There are dozens of interesting items regarding actions that can be taken to improve intelligence and mental performance.
Thursday, May 19, 2005
Insider Secrets: DIY home theater - CNET reviews
There's a neat idea explained in the article Insider Secrets: DIY home theater - CNET reviews regarding home theater backlighting. It's a three part article, but the second part is silly, and the third is stupid. I'll have to give the backlighting technique a try when I get around to setting my home theater system back up. Before that, my wife has to approve which room I can use. So much for the man / home / castle theory.
Wednesday, May 18, 2005
Howto Use Commands Within echo
Here's a new trick I learned yesterday. You can execute a command within an echo statement by enclosing the command in backwards quotes, and enclosing the echo arguments within double quotes. Example:
echo "Current time: `date`"
In the past, I'd always done this as two lines. The first would capture the output of the command into a variable and the second would print the results using echo. Example:
dt=`date`
echo "Current time: $dt"
Granted, this is not break-through technology, but every incremental advancement gets me closer to world domination. Did I say that out loud?
echo "Current time: `date`"
In the past, I'd always done this as two lines. The first would capture the output of the command into a variable and the second would print the results using echo. Example:
dt=`date`
echo "Current time: $dt"
Granted, this is not break-through technology, but every incremental advancement gets me closer to world domination. Did I say that out loud?
Tuesday, May 17, 2005
Digital, On Demand, Cable
Over the last two weeks I've been moving. What a mess. Hundreds of boxes. Literally. It will probably be another six months before I find all my stuff.
No pickles. No bars of soap. (Don't worry: I have a lifetime supply of hotel soap...) No phone line. But I do have cable-- not that I watch TV, mind you. So why have cable? For the Internet! I have to have Internet... For my job... Yeah, for the job.
Here's the deal: I had to get my cable modem on the network, so I asked how musch for basic cable to connect to my cable ready TVs. The high-speed Internet was about $40, and the basic cable was $30. As it turns out, digital cable is $25, but you have to rent the set-top box for $5 per month. This means the price is the same.
Here's the catch: If you get digital cable, you get analog for free. How does that work?
I must admit, though, that I did watch TV. What I actually watched, was cable inDemand. This is some cool stuff. They have a repository of several hundred shows that can be run anytime you want-- for free. Old Monty Python episodes, Discovery and National Geographical specials, "gone to video" movies. It's actually pretty cool.
Now, I know what you're thinking. You're thinking that you got a Tivo and can accomplish all that same stuff. No, you can't. What Tivo does is take what the cable company sends you, and lets you control it. This is stuff that is only being sent, as I request it.
From my observation, I suspect that there is some compression involved, as the picture quality seems to be lower than the realtime programming.
No pickles. No bars of soap. (Don't worry: I have a lifetime supply of hotel soap...) No phone line. But I do have cable-- not that I watch TV, mind you. So why have cable? For the Internet! I have to have Internet... For my job... Yeah, for the job.
Here's the deal: I had to get my cable modem on the network, so I asked how musch for basic cable to connect to my cable ready TVs. The high-speed Internet was about $40, and the basic cable was $30. As it turns out, digital cable is $25, but you have to rent the set-top box for $5 per month. This means the price is the same.
Here's the catch: If you get digital cable, you get analog for free. How does that work?
I must admit, though, that I did watch TV. What I actually watched, was cable inDemand. This is some cool stuff. They have a repository of several hundred shows that can be run anytime you want-- for free. Old Monty Python episodes, Discovery and National Geographical specials, "gone to video" movies. It's actually pretty cool.
Now, I know what you're thinking. You're thinking that you got a Tivo and can accomplish all that same stuff. No, you can't. What Tivo does is take what the cable company sends you, and lets you control it. This is stuff that is only being sent, as I request it.
From my observation, I suspect that there is some compression involved, as the picture quality seems to be lower than the realtime programming.
Thursday, May 05, 2005
Excessive Packaging
The environmentalists are always whining about "excessive packaging", yet its difficult to define what that actually means. I think its very subjective, and depending upon how looney the person you're dealing with, any packaging could be excessive. I have finally identified an definition of excessive packaging I can embrace.
I've gone to Home Depot a couple times over the last week, and have noticed that a bunch of their stuff is in blister packs. Take for instance a shower head that is sealed in a form fitting plastic containier. To open the blister pack, you must cut the plastic, this destroying the package. Unfortunately, Home Depot has such a high return rate, the most of the blister packs have been opened (thus cut / destoyed), then taped back together, and restocked on the shelf.
What a mess! What's wrong with putting the thing in a box? If the box is returned and retaped, its not as obvious, but when its in a blister pack, it just can't be repackaged.
Furthermore, the box is biodegradable. The plastic is not. Sure blister packs are made of PET (a type of plastic), which is recylable, but nobody recycles blister packs. As a matter of fact, most people don't even recycle their PET water and soda bottles.
Home Depot is large enough that they should take a stand and refuse blister packing, thus forcing manufacturers to shift to a better method. Home Depot could claim they were being envirnmentally friendly, but they would be saving money on the returns desk. They would argue against this by saying that a blister pack take less shelf space than a box. The reality is that customers won't buy opened blister packs, as they assume the product is defective or missing parts, thus they are actually wasting shelf space with product that won't move.
Just for the record, I don't like plastic bottles either.
I've gone to Home Depot a couple times over the last week, and have noticed that a bunch of their stuff is in blister packs. Take for instance a shower head that is sealed in a form fitting plastic containier. To open the blister pack, you must cut the plastic, this destroying the package. Unfortunately, Home Depot has such a high return rate, the most of the blister packs have been opened (thus cut / destoyed), then taped back together, and restocked on the shelf.
What a mess! What's wrong with putting the thing in a box? If the box is returned and retaped, its not as obvious, but when its in a blister pack, it just can't be repackaged.
Furthermore, the box is biodegradable. The plastic is not. Sure blister packs are made of PET (a type of plastic), which is recylable, but nobody recycles blister packs. As a matter of fact, most people don't even recycle their PET water and soda bottles.
Home Depot is large enough that they should take a stand and refuse blister packing, thus forcing manufacturers to shift to a better method. Home Depot could claim they were being envirnmentally friendly, but they would be saving money on the returns desk. They would argue against this by saying that a blister pack take less shelf space than a box. The reality is that customers won't buy opened blister packs, as they assume the product is defective or missing parts, thus they are actually wasting shelf space with product that won't move.
Just for the record, I don't like plastic bottles either.
Wednesday, May 04, 2005
I'll Take Oxymorons for $100
In an effort to declassify documents for release under Freedom of Information, the boys in Military Intelligence used Adobe Acrobat to blackout the classified text. Because of the layered construction of a PDF, the text was still there, and could be viewed. The user could open the PDF, select the whole document with Ctrl-A, select Edit / Copy, then paste the information into another program. The graphic that overlaid the text was not copied, but the text was.
U.S. military security defeated by copy and paste | CNET News.com
This is so stupid. For over thirty years, the policy was to photocopy the original (which was refiled), declassify the photocopy, make a photocopy of the photocopy (which was released), then destroy the declassified photocopy. This process was needed as the declassified photocopy could still be read, because the toner raised the letters a fraction of an inch above the paper. It was like rubbing a pencil against the second page of a notepad to read the impression of what was written on the previous page.
See, this is why I only is a quill pen and parchment.
U.S. military security defeated by copy and paste | CNET News.com
This is so stupid. For over thirty years, the policy was to photocopy the original (which was refiled), declassify the photocopy, make a photocopy of the photocopy (which was released), then destroy the declassified photocopy. This process was needed as the declassified photocopy could still be read, because the toner raised the letters a fraction of an inch above the paper. It was like rubbing a pencil against the second page of a notepad to read the impression of what was written on the previous page.
See, this is why I only is a quill pen and parchment.
Howto Refresh NFS Exports Without Restarting
Did you know that you can update your NFS configutation without restarting the service? I found out that you can use exportfs -r to refresh your NFS exports without restarting. I guess I've been so use to taking NFS down, executing exportfs -a, then starting the service, that it never occurred to me to look for a better option.
Tuesday, May 03, 2005
Cleaver, but not Smart Enough
A great case of 'human engineering'.
Sober worm spreads like wildfire | CNET News.com
The virus adds a few lines to the bottom of the message that indicates that the attachment was scanned for virus, and is safe to open. In an effort to validate itself, it claims to have been checked by a server on the user's domain. Thus, I got a message saying that it was scanned by dougbunger.com's anti-virus server. Well, I don't got one.
Besides, my mail is routed to my SideKick, which (thus far) has no native virus.
Sober worm spreads like wildfire | CNET News.com
The virus adds a few lines to the bottom of the message that indicates that the attachment was scanned for virus, and is safe to open. In an effort to validate itself, it claims to have been checked by a server on the user's domain. Thus, I got a message saying that it was scanned by dougbunger.com's anti-virus server. Well, I don't got one.
Besides, my mail is routed to my SideKick, which (thus far) has no native virus.
Friday, February 25, 2005
Do Pretty People Earn More?
MSN Careers - Do Pretty People Earn More? - Career Advice Article
This isn't news to me. So, where do I go to get my $78,900.
This isn't news to me. So, where do I go to get my $78,900.
Friday, January 14, 2005
Testing The E-mail Blog Feature
I've enabled Blogger's e-mail post feature, in order to allow me to post
via my Sidekick. Is that ridiculous, or what! I'm not only a nerd, I'm
the Uber-nerd.
What I've learned (the hard way) is that if you attach a image, Blogger discards your message, rather than stripping the attachment. Seems a bit of an odd behavior, but what do I know. I had several failed tests, then did a search on the problem. Turns out the symptom was described in the Blogger FAQ.
RTFM. Imagine that.
-- Doug Bunger
via my Sidekick. Is that ridiculous, or what! I'm not only a nerd, I'm
the Uber-nerd.
What I've learned (the hard way) is that if you attach a image, Blogger discards your message, rather than stripping the attachment. Seems a bit of an odd behavior, but what do I know. I had several failed tests, then did a search on the problem. Turns out the symptom was described in the Blogger FAQ.
RTFM. Imagine that.
-- Doug Bunger
This Is A Test...
...only a test. In case of an actual blog, you would have beentold
where to tune for worthwhile information. I'm transmitting this message
13 Jan, at 0006. There will be an understandable propogation delay as
it travels through the wireless network.
where to tune for worthwhile information. I'm transmitting this message
13 Jan, at 0006. There will be an understandable propogation delay as
it travels through the wireless network.
Thursday, January 13, 2005
See, I Told You It Wasn't My Problem
After all my e-mail posts for the previous week showed up at the same time yesterday, I assumed Blogger's problems were fixed. I attempted another test, but after eight hours, still no luck. I prowler around there site until I found a status page, and they are aware of the problem. Unfortunately, according to Status.Blogger.Com, they have had this problem since 15 December. Of course, technicians are feverishly working toward a resolution.
You know, maybe it wasn't a good idea laying off all those tech people, a few years ago.
You know, maybe it wasn't a good idea laying off all those tech people, a few years ago.
Wednesday, January 12, 2005
Not My Problem
Imagine that. It seems that my posts were being blocked after all. Appearently, Blogger had some nature of problem, and all my failed attempts had been buffered in one of their servers. It took a few days, but they must have found and fixed the problem, as all my test messages posted.
At this point, we need to post another test message to ensure that the problem isn't a programmed delay. Like there would be value in that!
At this point, we need to post another test message to ensure that the problem isn't a programmed delay. Like there would be value in that!
Testing The E-mail Blog Feature (2)
I've enabled Blogger's e-mail post feature, in order
to allow me to post via my Sidekick. Is that
ridiculous, or what! I'm not only a nerd, I'm the
Uber-nerd.
What I've learned (the hard way) is that if you attach
a image, Blogger discards your message, rather than
stripping the attachment. Seems a bit of an odd
behavior, but what do I know. I had several failed
tests, then did a search on the problem. Turns out
the symptom was described in the Blogger FAQ.
RTFM. Imagine that.
On another note: It appears that Blogger blocks mail
from some sources. Are you ready for this... T-Mobile
is one of the sources! So, I guess this was all a big
waste of time.
to allow me to post via my Sidekick. Is that
ridiculous, or what! I'm not only a nerd, I'm the
Uber-nerd.
What I've learned (the hard way) is that if you attach
a image, Blogger discards your message, rather than
stripping the attachment. Seems a bit of an odd
behavior, but what do I know. I had several failed
tests, then did a search on the problem. Turns out
the symptom was described in the Blogger FAQ.
RTFM. Imagine that.
On another note: It appears that Blogger blocks mail
from some sources. Are you ready for this... T-Mobile
is one of the sources! So, I guess this was all a big
waste of time.
Monday, January 10, 2005
20 Year Archive on Google Groups
Once upon a time, there was Usenet, the Internet equivalent of the dial-up bulletin board system. The network allowed anyone to post messages into groups that were usually classified by topic. Others could view the messages, and post replies. Usenet still exists, but has lost much of its appeal in favor of the forum.
In the early 90's a group called DejaNews began to aggregate and web enable the Usenet groups. This allowed for quick and easy searching of Usenet posts. Unfortunately, Deja was a victim of the dot bomb crash. Google came to the rescue, secured the archive, and took over the search function.
Well, appearently, the folks over at Google got bored. They have created a Usenet timeline, 20 Year Archive on Google Groups, identifying important events in Usenet, Internet, and real-world history. Each event is linked to the original post of the event.
The big question for me: Who decided what events are historically significant?
In the early 90's a group called DejaNews began to aggregate and web enable the Usenet groups. This allowed for quick and easy searching of Usenet posts. Unfortunately, Deja was a victim of the dot bomb crash. Google came to the rescue, secured the archive, and took over the search function.
Well, appearently, the folks over at Google got bored. They have created a Usenet timeline, 20 Year Archive on Google Groups, identifying important events in Usenet, Internet, and real-world history. Each event is linked to the original post of the event.
The big question for me: Who decided what events are historically significant?
Saturday, January 01, 2005
New Year, New Adventures
Welcome to the New Year. As they say on VH1: “2005 is sure to be the best year ever!” I don’t watch VH1, my kids do.
A few areas have been retired from the main menus, like Qbasic and Palm Computing. Qbasic has been dead for years. It took some soul searching over the last few months to bring myself to abandon Palm, but they just haven’t kept up with their lead. They’ve been loosing market share, have been dropped by some big licensee’s, and have gone in the wrong direction with their wireless connectivity. (The only upside to Palm’s impending demise is that Microsoft isn’t winning, either.)
Something else I’m having fun with is my new Bunger Tracker. I’ve developed a process of letting people track my movements via my cell phone. (Just for the record, the cell phone companies know where you are, so there is no use whining about it.) The page displays an icon on a map showing current city and movements.It’s been a great holiday, and Monday, we start a big new adventure. Stay tuned.
Subscribe to:
Posts (Atom)