verizon e-mail ‘service’

In the category ‘completely clueless’ Verizon has decided to blacklist half the planet. Or the whole planet, maybe – it would not surprise me given the reports on Broadbandreports, Nanog, Slashdot, and even our local Boston
Linux and User Group
.

They did something similar about 18 months ago where they blacklisted all non-US mailservers. That’s when I stopped caring about Verizon, frankly. Don’t ever trust them with your e-mail would be my advice. If you have to use them for DSL, use a non-Verizon e-mail account if you value receiving e-mails reliably. Gmail, yahoo, your own server, a different ISP, whatever. Just avoid Verizon’s e-mail ‘service’.

Posted in Completely clueless | Leave a comment

phishing

Received a phishing e-mail that made it through ClamAV. Nothing special about the message but the end:

Thank You ,
Commonwealth Bank of Australia Management Stuff

I wouldn’t want to deal with any bank that doesn’t have stuff. Would you?

Posted in Completely useless | Leave a comment

quorn

One of my favorite meat-substitutes is Quorn. It can be hard to find in the US but we picked some up the other day, and today I noticed this bit of text on the packaging:

Happily, Quorn products not only contain mycoprotein, but also have that great taste you’re looking for. That’s why, in Europe, where people are rather peculiar about the way things taste, Quorn is the number one selling meat-free brand.

Not only does it taste great, Quorn even made me smile tonight :)

Posted in Personal | Leave a comment

GNU/linux/apache 1, microsoft/iis 0

A picture speaks a thousand words. This article has 2 images that describe “a complete map of the system calls that occur when a web server serves up a single page of html with a single picture – the same page and picture”.

Just compare the two images, and you will instantly understand why GNU/linux/apache is more secure than windows/iis. You will also understand why GNU/linux is faster and more stable than windows – it’s just better engineered.

The microsoft/iis image really reminds me of … spaghetti code.

Posted in Free Software/Open Source | Leave a comment

horde

Debian released a security advisory on Horde yesterday, so I had to upgrade a bunch of machines.

I run Horde/IMP from source. Upgrading to a newer version is kind of annoying; I lost a lot of time doing it. In case you need to upgrade Horde and/or some of its modules, here’s a (relatively) easy way.

1. Extract the new versions, put imp etc under the horde directory, and symlink imp-h3-4.1.1 (e.g.) to imp to make Horde see it. Do the same for all the other modules you need (turba, kronolith, etc).
2. For every component (this example is for horde itself; adjust accordingly for imp etc):
- check docs/UPGRADE, and do any (database) modifications that are needed
- cd config
- for f in *.dist; do cp $f `basename $f .dist`; done
- touch conf.bak
- cp your-old-horde-setup/config/conf.php .
- chown webserver-user:webserver-group *php *bak
- make any other modifications you made – check prefs.php, hooks.php, etc
- log in to Horde, regenerate the conf.php file for your component from the web interface
- compare the new conf.php with the old conf.php, make any required adjustments

That’s essentially it. The latest Horde has a configuration export feature, so I’m hoping that I won’t have to go through all this anymore…

Posted in Sysadmin | Leave a comment

greed (2)

An update on the Da Vinci Code lawsuit I wrote about earlier. The claimants have lost the case, thankfully. The key quote from the Post article is by a Boston-based lawyer:

Copyright protects the expression, not the idea

That’s pretty much from copyright 101. Good to know that there are still some limits to copyright.

Posted in Copyright, patents, and trademarks | Leave a comment

why I dislike Sony

I’ve had a pretty serious dislike for Sony for a while. I feel Sony management is running the company in the ground by letting the (relatively tiny) content divisions of the Sony empire run the show. This leads to crippled hardware (Sony’s ‘mp3′ players, hah!), and is one of the main reasons why I refuse to buy anything made by Sony these days. I also really dislike the Sony tendency to launch proprietary, overpriced formats that nobody else supports (Memory Stick, Universal Media Disc, HAH!). That’s another reason why I don’t buy Sony.

So how nice it was to get some mail the other day from Sony, addressed to me (name misspelled), as ‘EDP Manager’ (what on earth is an ‘EDP’ Manager?) of a group I used to be a part of, addressed to my parent’s house. The only way they could have gotten this name/title/group/address combination is from the whois database, combined with an serious dose of imagination. Oh, yeah, they got the language wrong too – they sent it in French.
The domain name in question is a .org. This is what the .org WHOIS service says:


The data in this record is provided by Public Interest Registry
for informational purposes only, and Public Interest Registry does not guarantee its
accuracy. This service is intended only for query-based access. You agree
that you will use this data only for lawful purposes and that, under no
circumstances will you use this data to: (a) allow, enable, or otherwise
support the transmission by e-mail, telephone, or facsimile of mass
unsolicited, commercial advertising or solicitations to entities other than
the data recipient’s own existing customers; or (b) enable high volume,
automated, electronic processes that send queries or data to the systems of
Registry Operator or any ICANN-Accredited Registrar, except as reasonably
necessary to register domain names or modify existing registrations. All
rights reserved. Public Interest Registry reserves the right to modify these terms at any
time. By submitting this query, you agree to abide by this policy.

We’ve established that I’m not a Sony customer. The mail they sent me is commercial bulk advertising. That means that Sony in is blatant breach of the Public Interest Registry whois policy. Either they got the data from the whois database themselves, or they bought my information from a sleazy company that did.
What a wonderful new reason to dislike Sony.

Posted in Personal | Leave a comment

SBC traceroute weirdness

I’m in Berkeley for 2 days. I’m using my host’s SBC internet connection. Out of curiosity I did a quick traceroute to www.gnu.org (in Boston):

$ traceroute www.gnu.org
traceroute to gnu.org (199.232.41.10), 30 hops max, 40 byte packets
1 10.xx.xx.xx (10.xx.xx.xx) 0.943 ms 0.897 ms 0.851 ms
2 obfuscated.snfc21.sbcglobal.net (xx.xx.xx.xx) 8.286 ms 9.250 ms 8.614 ms
3 dist2-vlan60.snfc21.pbi.net (216.102.187.131) 9.324 ms 8.748 ms 8.856 ms
4 bb2-10g2-0.snfcca.sbcglobal.net (216.102.176.226) 8.360 ms 8.603 ms 9.277 ms
5 bb1-p4-0.snfcca.sbcglobal.net (151.164.190.189) 8.350 ms 8.893 ms 9.321 ms
6 core1-p6-0.crsfca.sbcglobal.net (151.164.243.117) 9.634 ms 9.797 ms 10.065 ms
7 core2-p8-0.crsfca.sbcglobal.net (151.164.242.74) 42.403 ms 150.050 ms 169.998 ms
8 core1-p3-0.crscca.sbcglobal.net (151.164.242.85) 166.216 ms 158.371 ms 199.028 ms
9 core2-p1-0.crscca.sbcglobal.net (151.164.241.234) 10.563 ms 19.842 ms 10.728 ms
10 core1-p11-0.cranca.sbcglobal.net (151.164.242.82) 23.897 ms 30.635 ms 23.132 ms
11 bb1-p1-0.cranca.sbcglobal.net (151.164.40.90) 23.577 ms 24.392 ms 23.095 ms
12 ex1-p15-0.eqlaca.sbcglobal.net (151.164.41.29) 24.640 ms 24.575 ms 24.886 ms
13 lax1-br1-g4-1.gnaps.net (206.223.123.41) 24.355 ms 24.738 ms 24.485 ms

Compare with a traceroute from another box in Boston:

$ traceroute www.gnu.org
traceroute to gnu.org (199.232.41.10), 30 hops max, 38 byte packets
1 192.168.xx.xx (192.168.xx.xx) 3.846 ms 1.164 ms 1.208 ms
2 er1.nyc1.speakeasy.net (66.92.70.1) 32.227 ms 24.298 ms 21.421 ms
3 220.ge-0-1-0.cr2.nyc1.speakeasy.net (69.17.83.201) 19.663 ms 20.435 ms 19.566 ms
4 nyiix.ge-2-2-0.gbr1.nyc.nac.net (198.32.160.20) 20.477 ms 19.975 ms 20.885 ms
5 0.ge-3-0-0.gbr1.nwr.nac.net (209.123.11.174) 21.901 ms 21.169 ms 21.166 ms
6 0.so-1-2-0.gbr1.ash.nac.net (209.123.11.18) 31.024 ms 26.838 ms 27.968 ms
7 ash-m20-ge0-0-0.gnaps.net (207.99.39.158) 26.719 ms 26.694 ms 26.339 ms

I’ve removed the last part of the traceroute, where it enters the globalnaps network.

The odd thing about the SBC network is the number of hops it requires to go elsewhere. 10 hops within SBC to go from Berkeley to LA? What’s up with that? Doing a traceroute to Europe shows 15 hops within the SBC network, all the way to Amsterdam. I guess I’m spoiled with my (admittedly expensive) Speakeasy connection that takes me from Boston to Amsterdam in 5 hops…

Posted in Everything else | 1 Comment

more OpenSPARC

Yep, Sun kept their promise and released the full chip design for their latest Sparc CPU under the GPLv2. You need a SPARC system with (expensive) commercial software to do anything with the design, but I still think this is a pretty significant moment.

I’m very much looking forward to what will come out of this. The chip as such is pretty amazing (32 threads, 64 bits!) – I can only dream of what people will do with the design. This could be our ultimate defense against all the DRM crap Intel & co are pushing down our collective throats. I certainly wouldn’t mind running Debian or Ubuntu on one of those puppies.

Still one more day in Switzerland – I’m heading back to Boston on Thursday. It’ll be a busy next few weeks between my brother and his wife visiting, the FSF annual membership meeting, and Linuxworld. And a short (business) trip to Berkeley thrown in as well for good measure ;)

Posted in Free Software/Open Source, Personal | 2 Comments

WDS

So I finally got here on Wednesday. We’ve been doing lots of cool stuff meanwhile. I’ve installed a VDSL link between the two main buildings, giving us network access in the Villa. The Zyxel Prestige 841C/841 I bought are reliable, if a bit pricey (total cost for this setup: about CHF 600). Then I hooked up 4 WRT54GL’s to the incoming network feed, connected in WDS. This works surprisingly well. I did some testing of throughput:

3: 0.95MB/s
2: 1.30MB/s
1: 2.80MB/s
0: 8.40MB/s

For this test, unit 0 was connected to the Zyxel 841, and units 3 -> 2 -> 1 -> 0 talked to each other through WDS, in that order. Note that unit 0 got about half of the theoretical bandwith (the Zyxels do 19/17 Mbit/sec over a phone line). But as you can see the throughput falls off quite dramatically going from WRT54GL to WRT54GL.

The most intriguing part of this story is that Apple hardware limits WDS to 3 levels. The dd-wrt firmware I upgraded the WRT’s with does not seem to restrict the number of WDS levels at all.

In the final installation I’ve got more of a star setup, with unit 0 talking to unit 1, which talks to units 2 and 3. I should do some throughput testing to see if that different topology makes a difference.

The four units cover most of the left half of the building, all the way from the basement to the 4th (5th if you’re American) floor. I’ve had to limit the transmission power to 100mw (which is up from the default 28mw, but way lower than the maximum 251mw) because of Swiss law. This is a shame, because with one unit in the basement at 251mw I had coverage all the way to the top floor, albeit with a weak signal. Still, it would have meant that the four units would have been enough for the entire building.

Posted in Free Software/Open Source | Leave a comment