Stefano's World

Shared by tumbleweed
awesome. (and guess who hasn't been reading feeds in a while)

Standalone printer hack via HaD. Good for a prank! Jeroen writes...

To talk to the Laserjet, I decided on using the Centronics parallel port. I could have used the serial port too, but I remembered the parallel port protocol was easy to implement, and the Centronics-port was said to have a +5V from the printer available. That would help me a lot because I wouldn't have to find an external supply of power for the microcontroller. For the microcontroller itself, I decided on my good old pal the ATTiny2313. I could have used an other avr, but I've got dozens of this type laying around and they're cheap enough, so I decided on this one. Read more | Permalink | Comments | Read more articles in DIY Projects | Digg this! awesome. (and guess who hasn't been reading feeds in a while)

Shared by tumbleweed
I'm still a little behind the web... For some years now, the Python development community has been talking about "Python 3000," the far-future release which would allow a complete rethinking of the language to fix the various annoyances which had built up overtime. On December 3, that talk came to fruition with the Python 3.0 release. This release is the end result of a great deal of thought and development; it represents the vision Guido van Rossum and company have for the language into the indefinite future. Now that it's out, the Python community as a whole appears to have stopped for a "now what?" moment.

I'm still a little behind the web...

Shared by tumbleweed
this is like an Internet geek's wet dream. But yes, the home with tails paper is worth a read: http://www.newamerica.net/publications/policy/homes_tails New York.--Senator Robert Bulkley, of Ohio, has made a proposal which is certainly worth considering.

It is as clear as daylight that, to bring about any sort of recovery, somebody must start some new sort of business or some extension of an old business.

It is also clear that nobody is in sight right now who has any notion of doing that — at least not in time to do this country any good as a depression cure.

There is one business which is a public business but is also a private one. This is the road-building business. The Government pays for the roads and hires the contractors. But the roads are built usually by private contractors and with materials furnished by private manufacturers.

If there is one thing needed in this country now, in view of the development of the automobile, it is express highways running east and west and north and south. Why, therefore, cannot the Government go into the business of building these highways?

— Washington News, February 9, 1938

Tough Times for Local Exchange Carriers

This week, the headlines seem to be full of fresh doom and gloom for wireline carriers, who employ people in every congressional district across America. Sooner or later, someone is going to call for Congress to tap some of the hundreds of billions in 2009 economic stimulus to help the LECs through troubled times, save lots of jobs, and preserve the way we do business in our critical last-mile communications infrastructure.

Is this wise? Is there a better way?

Customer Owned Networks

I stumbled across a really interesting paper this week, written by Derek Slater and Tim Wu, and it set me to thinking. Slater is a policy analyst for Google, but not writing on their behalf; Wu is a professor at Columbia Law School.

They propose an interesting thought experiment. What if you could own your internet connection, instead of leasing it from a service provider? In their "customer owned network" scenario, homeowners would literally purchase a strand of glass, running from their house to a common point of presence, where multiple providers would compete for the right to sell services over the fiber. The property rights you'd acquire in the physical network would be quite literal — when you sell the house, your strand of fiber goes with it. It's an improvement to your house.

The optical trunk, or bundle of fibers, that winds its way through your housing development, town, or county would also be yours, owned as a cooperative by all of the individual strand owners, who would pay the equivalent of "condo maintenance fees" to cover repair costs (backhoes do get hungry, you know).

Slater and Wu call this the "Homes with Tails" model, and a 400-home customer owned network is already being built out in Ottawa, in a trial run by CANARIE. In that experiment, the electric company brings your strand to the house, and charges you an additional $0.02 per kilowatt-hour over five years to pay for it (thus encouraging you to save energy in the process).

Have it Your Way

Their key observation about a customer-owned last mile network is that you, the homeowner, would have complete freedom to light your fiber however you like. You can make whatever deal you can make, with whatever provider you can meet at the PoP, who is willing to offer you service over your fiber. You'd strike a deal, they'd set a price, they'd lease you some link-layer equipment for your house, they'd light the fiber and offer you services under contract. But they wouldn't have anywhere near the same kind of leverage that they would if they owned the glass.

Don't like their pricing? Don't like their lack of network neutrality? Don't like the cut of their jib for whatever reason? Just cut 'em loose and get another service provider. It's your fiber, all the way from your house to the exchange point. They meet you where you have the maximum number of choices (the PoP), rather then the fewest (your doorstep).

How much bandwidth would you have on tap? Well, using current laser technology and cheap commodity equipment, it's trivial to push one to ten gigabits per second over that strand. And it gets you to a PoP where you could be paying a provider of your choice tens of dollars a month for the right to sustain those gigabits, and burst to tens of gigabits, across the public internet. Yes, in a competitive environment, where you buy the data service and own the fiber to the exchange point, that's how little you might pay for retail gigabit connectivity, if declines in wholesale internet transit prices continue on their current trendline. And as the switching and transmission technology curve matures over the 15- or 30-year life of your home fiber investment, maybe you end up with terabits per second of capacity. Futureproof, baby.

Getting Off the Launchpad

So this led me to think about the challenges of launching customer-owned networks, most of which focus around the "first mover disadvantage" — if someone starts a program like this in your neighborhood, your best play is to wait until they (the rich early adopters) have paid the freight. Then you jump in a few years later and pay only incremental connection costs. But because the startup costs are really significant, and because nobody wants to look like a sucker, this in essence means that such projects never get built, except in the easiest-to-reach neighborhoods, and then only by a service provider who hopes to extract a monopoly rent over the fiber. Not what we're looking for!

What's worse, the current economic climate also makes it hard to envision anyone starting a new fiber buildout of any scale. Credit has all but dried up, making it increasingly difficult for anyone to justify sinking huge capital investments into projects that might not return dividends for years, if ever, and then only in the densest markets, and then only depending on dodgy assumptions about penetration rates and revenue per user. Verizon is bravely pressing ahead with its FIOS buildout, estimated to cost $20B over 2004-2010 to reach just 18M households in five east coast markets. But then, Verizon just laid off thousands of people, a few weeks before Christmas, as business softens and their competition strengthens. And Verizon is probably among the strongest of the wireline carriers, most of whom are too focused on their collapsing margins and inability to roll commercial paper in this credit environment to think about undertaking significant new fiber-to-the-home projects. Especially if the model (customer-owned fiber) prevents them from exacting monopoly rents when it's all built out.

Time for a New Deal?

You have to ask: wouldn't this be an interesting use for a few hundred billion dollars of government investment? If the new Obama administration is looking for an investment project that would stimulate the economy in the short term, and build a completely new set of national capabilities in the long term, a national-scale customer-owned physical network would be an intriguing possibility. The government would provide the cash and the muscle to build the network, and then transfer it, strand by strand, to its long-term owners: those who own the parcels of residential and commercial property where the fiber terminates.

Start with a mixture of rural areas and midwestern cities: economically depressed areas where carriers have arguably underinvested in the residential fiber plant relative to what might be in the long-term public interest. Send a surge of engineering companies into the field, working in cooperation with municipalities and the utilities to secure the rights of way, open the streets, install the ducts, climb the poles, string the fiber, reach the houses.

You'd have to cover a few million miles of roads, at an average cost of tens of thousands of dollars per mile. You'd have to build some reasonable number of regional PoPs where service providers can meet customers, and maybe subsidize more fiber to help the independent providers carry aggregated customer traffic back to traditional internet exchange points in the big cities. But because it's "just fiber" (no customer premises equipment, no switching, no nothing), and because you're the government, able to lean on regulated industries and secure rights of way fairly cheaply, you're still talking tens of billions of dollars, maybe a couple hundreds of billions, to cover really large parts of the country.

And because we're still focused on leaving this a customer-owned network, ownership of the fiber network would remain with the individual citizens who own the pieces of property where the strands terminate. At the end of the project, the government doesn't own the network (individual property owners do), and they don't operate it (individual service providers do, competing for individual property owners' business). The property rights would be quitclaimed to the individual property owners. The costs could even be recovered from property owners over the next 30 years, perhaps in the form of a few dollars per month surcharge built into new residential mortgages, or as a federal tax on services provided over the new network.

Limited Government Intervention, Private Ownership

None of this is new, of course. Bill St Arnaud has been advocating customer-owned network projects in Canada for a long time (he's the fellow responsible for CANARIE's Ottawa trial I mentioned earlier). And compare Fred Goldstein's vision of divesting the CO and local loops from the switching and service platform to create a set of highly-regulated "LoopCos" for truly competitive universal access. In our customer-owned last mile fiber network, some Loopco-like entities would have to bid the local contracts to maintain the fiber plant, run the fiber exchange points, and so forth, all complications that I've glossed over here.

And the general concept of a national information grid and fiber to the home has been floating around for a long, long time, at least since the PITAC studies from more than ten years ago. To my knowledge, however, the concept of a customer-owned national last mile fiber plant has never received serious consideration. What works in favor of building it this time around is the economic climate, and the size of the effort that most people are now willing to envision for the government's role in rebooting the national economy.

The hundred-billion-dollar costs for building this project are not out of line with the other flavors of economic stimulus that have been proposed. The strategic returns on the investment are potentially far higher. The technology for stringing and laying fiber is well-established, the materials readily available, the expertise distributed among thousands of local small businesses nationwide. And at the end, instead of having poured that money down a hole fighting a war, or buying every American a new Chinese-made plasma TV, you've actually changed the ground rules of the domestic internet infrastructure.. and the American economy itself.

How many gallons of gas would be saved by eliminating half the miles commuted to school and work every day? How many pensioners could live an extra year or two at home, watched over by telepresent family, instead of checking into nursing homes? How much safer would our economic infrastructure be from attack, if the infrastructure of our information economy could be spread thinly around the country? What kind of entrepreneurial innovations might emerge, what new industries might flourish, if any two American street addresses could exchange nearly limitless amounts of internet traffic on demand?

I don't know, but I'd like to find out. It would be a highly nontrivial project, and I have glossed over many of the trickiest parts, such as building and managing the exchange points, and determining who gets to colocate and cross-connect there, on what terms.. In fact, building a nationwide customer-owned last mile network would be so nontrivial in scale, and so disruptive of the existing economics of Internet edge access, that it could only be envisioned during a time of national crisis. Would the payoff to future generations of property owners be worth it? We have a rare opportunity to consider the question.

Disclaimer: These opinions are mine alone, and not those of Renesys Corporation.

this is like an Internet geek's wet dream. But yes, the home with tails paper is worth a read: http://www.newamerica.net/publications/policy/homes_tails

Shared by tumbleweed
heh

With the Internet Governance Forum jockeying with ICANN and the ITU for decision-making authority over the Internet, setting up a listserv incorrectly and enraging journalists isn't helpful to the cause.

Read More...

heh

Shared by tumbleweed
hah. The danger of special variables So I'm running a command in a for loop in bash:

SECONDS=1 for i in 1 2 3 4; do ../my_test -S "${SECONDS}" done And for some damn reason, the test runs for 1 second on the first loop, then 2 seconds on the second loop, then 4 seconds on the next, etc. WTF?

Ten minutes of debugging output later, I finally type "man bash":

SECONDS Each time this parameter is referenced, the number of seconds since shell invocation is returned. If a value is assigned to SECONDS, the value returned upon subsequent references is the number of seconds since the assignment plus the value assigned. If SECONDS is unset, it loses its special properties, even if it is subsequently reset. Geez.

hah. The danger of special variables

Shared by tumbleweed
nice

If you want an unlocked 3G iPhone, you have a couple options. If you haven't upgraded to 2.2, you can try your luck with one of those SIM piggyback wafers; otherwise, you can try importing from a country like Hong Kong, which sells unlocked iPhones officially.

There's a third option, though: take a trip to Hanoi, for 1.2 million dong (snicker! Also: about $80) you can have your iPhone 3G physically unlocked by an industrious Vietnamese mobile phone hacker.

First, a technician opened up the phone and stripped it to the motherboard. In his skillful hands, the device seemed much easier to dismantle than I expected.

The technician then extracted the baseband chip, the component that controls the connection between the phone and the mobile network, from the motherboard. (This is a painstaking task as the chip is strongly glued to the phone's motherboard. A mistake during this process could brick the phone completely.)

Once the chip was extracted, it was Tuan Anh's turn. He used a chip reader to read information into a file. He then used a Hex editor to remove the locking data from the file, and after that, the chip got reprogrammed with the newly altered file. Now it was no longer programmed to work with only a specific provider.

The chip then got reassembled into the motherboard, another painstaking process.

As a last step, the technician put the phone back together, and it looked like nothing had been done to it.

Unlocking iPhone 3Gs -- the Vietnamese way [Crave]

nice

Linux has had this neat feature for quite some time now: since 2.4.19 according to the docs. Yet, it is neither very known nor very used. I couldn’t even find a program that would create a new namespace for its subprocesses, similar to what chroot does with the root of the file hierarchy.

This neat feature allows each process to have a different set of mount points. While you most of the time want processes to share their mount points, there are some cases where you may want to have some processes have a different set of mount points. Combined with bind mounts, it can allow some useful setups.

In case you are not familiar with bind mounts, they allow to “attach” a part of the file hierarchy to some place else. For example:

$ ls /mnt
$ ls /usr
bin games include lib lib32 lib64 local sbin share src X11R6
$ mount --bind /usr /mnt
$ ls /mnt
bin games include lib lib32 lib64 local sbin share src X11R6

Now, take pam-tmpdir, for example. It sets $TMPDIR and $TMP to point to a user-specific temporary directory. Sadly, it is pretty useless for applications that don’t follow the standards of using these environment variables.

Without namespaces, if you’d create a temporary directory and bind-mount it to /tmp, this new /tmp would be visible to everyone, to every process. But with namespaces, you can make this new /tmp only available to subprocesses. If pam-tmpdir were to do this, it would also allow applications trying to write to /tmp without resorting to $TMP or $TMPDIR to be using the temporary space, without impacting external processes, that would still be using the original /tmp.

On x86-64, you can run both 64-bits and 32-bits applications. 64-bits applications would take libraries from /usr/lib, and 32-bits applications would search libraries in /usr/lib32. But badly crafted 32-bits applications could be trying to load libraries from /usr/lib, where only 64-bits versions are available.

With namespaces, the broken 32-bits application could have /usr/lib32 bind-mounted to /usr/lib without the 64-bits applications knowing.

You could certainly get a similar result with the following set of commands:

$ mount --rbind / /chroot
$ mount --rbind /usr/lib32 /chroot/usr/lib
$ chroot /chroot $application

(–rbind also attaches submounts, contrary to –bind)

The downside, here, is that external processes will see all this setup under /chroot. The whole setup would be invisible to external processes if namespaces were used.

Another nice use of namespaces would be to mount encrypted volumes under a different namespace, so that only a limited set of processes would be allowed to read the decrypted data. The sad thing is that you need the admin capability to create a new namespace, so that would need to be done by a setuid root program.

There are, as far as a few hours fiddling showed me, 2 system calls that will setup a new namespace: clone(2), and unshare(2). The second is easier to use, though only available since 2.6.16. But while etch ships 2.6.18, the glibc coming with it doesn’t implement unshare(2), so we need to use syscall(2) instead. The following code will run /bin/sh, or any command given as argument after creating a new namespace. The new process and its subprocesses will inherit the new namespace.

#include <sched.h>
#include <syscall.h>
#include <unistd.h>

int main(int argc, char *argv[]) {
  syscall(SYS_unshare, CLONE_NEWNS);
  if (argc > 1)
    return execvp(argv[1], &argv[1]);
  return execv("/bin/sh", NULL);
}

This tool, once built, is called newns in the following example.

$ mkdir /tmp/abc
$ ./newns
$ mount -n --bind /tmp/abc /tmp
$ touch /tmp/a
$ ls /tmp
a
<in another terminal>
$ ls /tmp
abc
$ ls /tmp/abc
a

When using namespaces, it is better not to have mount fill /etc/mtab, using the -n argument. /proc/mounts will contain the proper mount information about the namespace of the process reading it. /proc/PID/mounts will contain the mount information for the given process.

As bind mounts also work on files, you can override some files. The following will run dash instead of bash (in subprocesses, too, obviously):

$ ./newns sh -c "mount -n --bind /bin/dash /bin/bash; /bin/bash"

Back to the idea of having encrypted volumes only available to some processes, the following should work (unverified):

$ ./newns sh -c "encfs /tmp/crypt-raw /tmp/crypt; /bin/bash"

Only the opened bash, and its subprocesses, would have access to /tmp/crypt.

The newns tool used above could, to allow normal users to be able to fiddle with namespaces, be improved to be a setuid root program that would drop its privileges right after unshare(2) to take the same privileges as the calling process.

As you can see, per-process namespaces have a wide range of possible uses ; it’s astonishing that it’s not more used yet, considering its age.

Additionally to per-process namespaces, there are also a bunch of other (more recent) features that allow to implement vserver-like features with a vanilla kernel, such as networking netspaces (work under progress, though), PID namespaces and utsname (see uname(2)) namespaces. Actually, these features are designed to be used by vserver and openvz.

I am looking forward to having unprivileged mounts implemented, so that users could fool around with bind mounts. Unprivileged namespaces would be a nice addition.

Interesting list of tourist scams:

I have only heard of this happening in Spain on the Costa del Sol, but it could happen anywhere. This scam depends on you paying a restaurant/bar bill in cash, usually with a €50 note. The waiter will take your payment, then return shortly after, apologetically telling you that the note is a fake and that you need to pay again. He will return the "fake" bill to you, and any change you're due. Of course, you gave him a REAL note, he gave you a FAKE note, and you gave him a second real note, so you paid €100 for a €50 meal. What I do now is write unobtrusively on all large notes I get, so I can challenge them if it happens to me. schneier

Shared by tumbleweed
This was one I could easily identify with. While I've never worked under those situations, I've felt those costs again and again. "The weight of a few extra checks that might be easy for General Electric to bear are enough to prevent younger companies from being public at all."


Ad: "Hackers & Painters" by Paul Graham This was one I could easily identify with. While I've never worked under those situations, I've felt those costs again and again.

Shared by tumbleweed
I keep IM logs because I find them useful. When I remember, I gpg-encrypt the archives. We all keep e-mail these days. Hmm.

When he becomes president, Barack Obama will have to give up his BlackBerry. Aides are concerned that his unofficial conversations would become part of the presidential record, subject to subpoena and eventually made public as part of the country's historical record.

This reality of the information age might be particularly stark for the president, but it's no less true for all of us. Conversation used to be ephemeral. Whether face-to-face or by phone, we could be reasonably sure that what we said disappeared as soon as we said it. Organized crime bosses worried about phone taps and room bugs, but that was the exception. Privacy was just assumed.

This has changed. We chat in e-mail, over SMS and IM, and on social networking websites like Facebook, MySpace, and LiveJournal. We blog and we Twitter. These conversations -- with friends, lovers, colleagues, members of our cabinet -- are not ephemeral; they leave their own electronic trails.

We know this intellectually, but we haven't truly internalized it. We type on, engrossed in conversation, forgetting we're being recorded and those recordings might come back to haunt us later.

Oliver North learned this, way back in 1987, when messages he thought he had deleted were saved by the White House PROFS system, and then subpoenaed in the Iran-Contra affair. Bill Gates learned this in 1998 when his conversational e-mails were provided to opposing counsel as part of the antitrust litigation discovery process. Mark Foley learned this in 2006 when his instant messages were saved and made public by the underage men he talked to. Paris Hilton learned this in 2005 when her cell phone account was hacked, and Sarah Palin learned it earlier this year when her Yahoo e-mail account was hacked. Someone in George W. Bush's administration learned this, and millions of e-mails went mysteriously and conveniently missing.

Ephemeral conversation is dying.

Cardinal Richelieu famously said, :If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." When all our ephemeral conversations can be saved for later examination, different rules have to apply. Conversation is not the same thing as correspondence. Words uttered in haste over morning coffee, whether spoken in a coffee shop or thumbed on a Blackberry, are not official pronouncements. Discussions in a meeting, whether held in a boardroom or a chat room, are not the same as answers at a press conference. And privacy isn't just about having something to hide; it has enormous value to democracy, liberty, and our basic humanity.

We can't turn back technology; electronic communications are here to stay and even our voice conversations are threatened. But as technology makes our conversations less ephemeral, we need laws to step in and safeguard ephemeral conversation. We need a comprehensive data privacy law, protecting our data and communications regardless of where it is stored or how it is processed. We need laws forcing companies to keep it private and delete it as soon as it is no longer needed. Laws requiring ISPs to store e-mails and other personal communications are exactly what we don't need.

Rules pertaining to government need to be different, because of the power differential. Subjecting the president's communications to eventual public review increases liberty because it reduces the government's power with respect to the people. Subjecting our communications to government review decreases liberty because it reduces our power with respect to the government. The president, as well as other members of government, need some ability to converse ephemerally -- just as they're allowed to have unrecorded meetings and phone calls -- but more of their actions need to be subject to public scrutiny.

But laws can only go so far. Law or no law, when something is made public it's too late. And many of us like having complete records of all our e-mail at our fingertips; it's like our offline brains.

In the end, this is cultural.

The Internet is the greatest generation gap since rock and roll. We're now witnessing one aspect of that generation gap: the younger generation chats digitally, and the older generation treats those chats as written correspondence. Until our CEOs blog, our Congressmen Twitter, and our world leaders send each other LOLcats – until we have a Presidential election where both candidates have a complete history on social networking sites from before they were teenagers– we aren't fully an information age society.

When everyone leaves a public digital trail of their personal thoughts since birth, no one will think twice about it being there. Obama might be on the younger side of the generation gap, but the rules he's operating under were written by the older side. It will take another generation before society's tolerance for digital ephemera changes.

This essay previously appeared on The Wall Street Journal website (not the print newspaper), and is an update of something I wrote previously.

I keep IM logs because I find them useful. When I remember, I gpg-encrypt the archives. We all keep e-mail these days. Hmm.

Shared by tumbleweed
I like impressive :-)

• PGF (some examples): A TeX macro package for generating pretty graphics, from the same brilliant author who freed me from PowerPoint and Impress. The user-oriented PGF frontend called TikZ is at least as enjoyable as the more traditional PSTricks—and it plays together with both PostScript and PDF!

• Impressive: An OpenGL-based PDF viewer formerly known as keyjnote. Some of its features even make sense, the others are at least nice to watch.

• rlwrap: Readline instead of ^[[D.

• Byte.fm: A professional web radio station all around music. The presenters make this a definite recommendation for German-speaking people.

I like impressive :-)

Shared by tumbleweed
useful blog to follow for webmasters Since we launched enhanced indexing with the Custom Search platform earlier this year, webmasters who submit Sitemaps to Webmaster Tools get special treatment: Custom Search recognizes the submitted Sitemaps and indexes URLs from these Sitemaps into a separate index for higher quality Custom Search results. We analyze your Custom Search Engines (CSEs), pick up the appropriate Sitemaps, and figure out which URLs are relevant for your engines for enhanced indexing. You get the dual benefit of better discovery for Google.com and more comprehensive coverage in your own CSEs.

Today, we're taking another step towards improving your experience with Google webmaster services with the launch of On-Demand Indexing in Custom Search. With On-Demand Indexing, you can now tell us about the pages on your websites that are new, or that are important and have changed, and Custom Search will instantly schedule them for crawl, and index and serve them in your CSEs usually within 24 hours, often much faster.

How do you tell us about these URLs? You guessed it... provide a Sitemap to Webmaster Tools, like you always do, and tell Custom Search about it. Just go to the CSE control panel, click on the Indexing tab, select your On-Demand Sitemap, and hit the "Index Now" button. You can tell us which of these URLs are most important to you via the priority and lastmod attributes that you provide in your Sitemap. Each CSE has a number of pages allocated within the On-Demand Index, and with these attributes, you can us which are most important for indexing. If you need greater allocation in the On-Demand index, as well as more customization controls, Google Site Search provides a range of options.


Some important points to remember:

1. You only need to submit your Sitemaps once in Webmaster Tools. Custom Search will automatically list the Sitemaps submitted via Webmaster Tools and you can decide which Sitemap to select for On-Demand Indexing.
2. Your Sitemap needs to be for a website verified in Webmaster Tools, so that we can verify ownership of the right URLs.
3. In order for us to index these additional pages, our crawlers must be able to crawl them. You can use "Webmaster Tools > Crawl Errors > URLs restricted by robots.txt" or check your robots.txt file to ensure that you're not blocking us from crawling these pages.
4. Submitting pages for On-Demand Indexing will not make them appear any faster in the main Google index, or impact ranking on Google.com.

We hope you'll use this feature to inform us regularly of the most important changes on your sites, so we can respond quickly and get those pages indexed in your CSE. As always, we're always listening for your feedback on Custom Search.

Written by Rajat Mukherjee, Group Product Manager, Search useful blog to follow for webmasters

Shared by tumbleweed
looks funky, must play with it

When working on Telepathy, I've often wanted to be see which D-Bus methods are being called on whom, when signals are emitted, and so on. Timing information is also handy: I'd like to figure out why cold-starting Empathy takes 12 seconds, and it'd be much easier if I could look at a diagram rather than staring at the unreadable output of dbus-monitor.

Previously, Alban wrote a tool that used a patched version of mscgen, and produced appropriate input with a dbus-monitor-like Python script. I wanted some more D-Bus-specific diagrams, and ended up reimplementing both the monitoring component (by forking dbus-monitor, as its --profile output did not contain quite enough information) and the diagram-drawing component (using Cairo). I'm happy to present an initial release of Bustle:

There's a Telepathy-specific hack in the tool to shorten object paths, but it shouldn't make the tool any less useful for looking at other D-Bus traffic.

I haven't made binary packages yet, I'm afraid, so you'll need to grab the source tarball and build it if you want to try it out. In Debian-land, the dependencies are libdbus-1-dev libglib2.0-dev libghc6-mtl-dev libghc6-cairo-dev libghc6-gtk-dev libghc6-parsec-dev; see README in the source tree for how to build and use it.

The astute among you may have noticed from the dependencies that the diagram-building component is implemented in Haskell, using the excellent bindings to Gtk+ and Cairo. I got a prototype going within a few hours, and the strong correctness guarantees that the type system provides meant that I could refactor it mercilessly with confidence. I'm sure that I would have spent many frustrating hours chasing type bugs had I written it in Python, which is a more conventional high-level language for prototyping and writing tools like this. Next time you're frustrated by such bugs, you should give Haskell a try. :-)

looks funky, must play with it

Shared by tumbleweed
worth a read

Using the incremental update feature of pdf files to watch a malware author create his exploit.

worth a read

Shared by tumbleweed
Now, if there was an equivalent for pressing enter in google reader...

browser.tabs.loadDivertedInBackground = True and Firefox 3 no longer steals focus when I open link from external application.

PS: This seems to be most interesting post in my blog, at least when counting email feedback - looks like there was lot of people annoyed by this behaviour and too lazy to search for solution :-).

Now, if there was an equivalent for pressing enter in google reader...

After reading counteless reviews of Ubuntu or Fedora done by long-time Windows users, I have decided that it’s time for a long-time Linux user to review Windows in the same manner.

I am announcing this now in the hope that some of you come up with ideas of things that I should try and document while I’m on my week without my trusty Ubuntu 8.10 install.

My hardware

• Asus P5E-V HDMI
• Radeon X850XT Platinum (PCIE)
• 2x 500Gb Sata-2 hdds
• 2x 22″ LCD panels  (1680×1050)

I haven’t really used windows much since the windows 95-98 times when I moved over to greener pastures in the form of a Linux CD set by ‘walnut creek’ or somethin which had, I believe redhat 4.2 or 5.0 on it. I have had occasional contact with Windows systems in the course of my job, but not very much.

My job exclusively deals with Linux based systems, and the occasional Windows system I encounter is always managed by someone else. I have only very, very briefly seen Windows Vista on the laptop of a colleague.

Now, while I’m obviously biased towards open systems, and I am absolutely sure that I will migrate back to Ubuntu once this experiment is over, I would like to assure you that I will try to be as objective as possible. And refrain from comments such as ‘but I couldn’t fix it, because I couldn’t find a source download’ or something similar

The Vista license and most other stuff will be coming from my employer, but I will list costs of the software should I have had to buy it retail like normal people.

Suggestions, comments? place them at your own blogs or as a comment here I will try and work it in. (I have OpenID now ;))

For interested parties, the whole experience can be followed here

(author unknown)

Shared by tumbleweed
Interesting stats. Those percentages are scarily low. The Washington Post covers an interesting research project which involved taking over parts of the Storm Worm botnet to send out specially modified spam. It looks like a sort of white-hat phishing expedition. "According to their research, about ten percent of those who clicked on the link designed to spread the malware ended up running and installing the malware. Again, extrapolating out from their limited access to the Storm botnet, the researchers concluded: 'By the same logic, we estimate that Storm self-propagation campaigns can produce between 3,500 and 8,500 new bots per day.'" The full paper is available. Interesting stats. Those percentages are scarily low.

Shared by tumbleweed
I think that this is important. What the hell do local council have anti-terror-rights for anyway?

First terrorists, then trash cans:

More than half of town halls admit using anti-terror laws to spy on families suspected of putting their rubbish out on the wrong day.

Their tactics include putting secret cameras in tin cans, on lamp posts and even in the homes of 'friendly' residents.

The local authorities admitted that one of their main aims was to catch householders who put their bins out early.

I think that this is important. What the hell do local council have anti-terror-rights for anyway?

I'm still digesting this piece which ran on CBS this Sunday, but I am only getting around to today. This is deeply upsetting.It was gloomy and wet when we came back to town the next morning. Lamy had arranged to meet a man who would be able to introduce us to some workers. We drove our small car to an appointed corner, he jumped into the back seat, and we drove off. The worker liaison was a small, wiry fellow in a tan rain slicker. He had scarred, dark skin with handsome features and a wary smile. As we rounded a corner and parked against the edge of a building, he told us that the town authorities had recently warned workers that they would spend 30 days in jail if they spoke with foreign reporters. Lamy explained to me that the workers are migrants from other parts of China. Since they’re not official citizens of this province, they have no right to health care or other protections. "I keep thinking that they are totally vulnerable" she said.

Who Was Following Whom? [CBSNews.com]

Shared by tumbleweed
I like teh colour trick

Bash is probably the most common command-line shell in the GNU/Linux world. Although a lot of people use alternate shells (such as Zsh), Bash is still shipped with most mainstream distros as the default. Once you have a lot of different remote machines, all running Bash as the shell, it becomes increasingly difficult to pay attention to the prompt, and typing reboot in a machine different from the one you wanted becomes more likely. I deal with that problem by changing Bash prompts…

First of all, the basics: Bash prompts are just environment variables with special characters you can set and export. Bash has four of these variables: PS1 to PS4, but usually only the first two matters (actually, just PS1 – for a reference on the others, check the manpage). The most common PS1 string is:

spectra@home:~$ echo $PS1 \u@\h:\w\$ spectra@home:~$

This has 4 special characters, escaped with a backslash: \u informing us the username; \h informing us the hostname; \w, informing us the working directory; and \$, which gives us the $ in the end of the prompt (more on this later).

So, essentially, one can change that string to anything else…

spectra@home:~$ PS1="my_shell_prompt\$ " my_shell_prompt$

Pretty easy. You can check a complete reference of the special characters at the section PROMPTING of bash manpage, but the most useful IMHO are the following:

• \d the date
• \t the time (24-hour format)
• \W the basename of the current working directory
• \! the history number of this command
• \# the command number of this command
• \$ shows # if the UID is 0 (is we are root), or $ for all the rest

Also, as part of the prompt string, one can use ANSI Colors enclosed as non-printing characters (that is between \[ and \]). ANSI sequences always begin with an “ESC[” and end with an “m”. (Yes… Really arbitrary… but that’s the way it is…). ESC can be represented as \e… Here is a list of the most common colors in ANSI sequences:

• Black: 0;30
• Red: 0;31
• Green: 0;32
• Brown: 0;33
• Blue: 0;34
• Purple: 0;35
• Cyan: 0;36
• Light Gray: 0;37

Now, notice that there are two numbers separated by a semi-colon… the first is always 0 (zero) in the colors I pointed above, but it actually refers to an ANSI attribute called Select Graphic Rendition… You can use 0 (zero) to normal colors, 1 for bold, 2 to faint, etc. So \e[0;30m refers to BLACK, \e[1;30m refers to DARK GREY. The Wikipedia has a good article on these escape sequences.

Once you’re satisfied with something printed in a color, to go back to the default (to reset), you issue the \e[0m escape sequence.

So, back to my problem… Each different machine gets a different color for the hostname. On “hospital” machine, for instance, my PS1 looks like:

spectra@hospital:~$ PS1="\[\e[1;33m\]\u\[\e[0m\]@\[\e[0;35m\]\h\[\e[0m\]:\[\e[0;32m\]\w\[\e[0m\]\$ " spectra@hospital:~$

With \e[0;35m (Purple) for the hostname. On “home” machine, it may be \e[0;34m (Blue)... On “server”, it may be \e[0;36m (Cyan), and so on… After a while, you get used to the color and end up linking the color to the machine… so that typing “reboot” on a machine with the wrong color gets harder than before.

To make the changes permanent, put export PS1 in one of the config script of bash (.bashrc, .bash_profile, etc). On some systems, /etc/environment holds lots of environment variables definitions.

I just scratched the surface… That’s just what works for me… The Bash-Prompt-HOWTO has some interesting examples, and I actually have a friend who uses more esoterical stuff, such as fancybash or bashish, but I’ll leave this up to you…

I like teh colour trick