The price of our vote

We knew for ~30 years that a day like yesterday would come. We just hoped that it would come later.

Stateful protocols

Mark Crispin writes:

“In particular, doing things with mailboxes in the hundreds of MB in that format takes a while. The authors of Outlook and Thunderbird are victims of a computer science course mindset which, starting in the 1980s, taught their pupils that all protocols are (or should be) stateless. Thus, they believe that IMAP is like HTTP; that when a server fails to respond immediately, that means that the correct remedial action is to disconnect and try again, or just disconnect and assume that everything happened anyway.”

[via imap-uw]

If we were to start all over again…

Terry Zink writes:

“If we were to start all over again, the designers of the Internet would not design it so that anyone could do anything.”

And how exactly do we know that?

The fact is that other more restrictive (with respect to anonymity and openness) systems co-existed with the Internet at the very same time it was developing. Yet the Internet prevailed because it was exactly this: Open providing interconnection between walled gardens and freedom to experiment.

If we were to start all over again, something similar would have emerged.

A simple pf.conf trick

Sometimes when installing new rules in pf.conf from a remote location your connection to the firewall gets dropped. To avoid this you can fire up screen (or tmux if you like) and then execute:

# sleep 5; pfctl -Fall -f /etc/pf.conf

That way you have enough time to detach from screen, logout and then login again to check the proper application of the new rules. Of course there is always the possibility of not being able to reconnect due to logic errors in pf.conf, but hey he who made no mistakes never built anything.

bnx2 and Debian

One way to install Debian on a machine that requires the bnx2 network driver, is to download the firmware, place it on a USB stick and continue as instructed by the Debian Installer. Another quick trick is to use a USB ethernet card and proceed with installing Debian. Then apt-get install firmware-bnx2 and reconfigure the network interfaces appropriately.

system error 1326

Note to self: When CreateProcessWithLogonW returns a 1326 system error (login error basicaly), you can always spawn Sysinternals’ PsExec.

While RunAs accepts the Administrator’s password from the terminal input by design, PsExec accepts it from a command line switch, which means that the source for the password can be the terminal, a file (encrypted symmetrically or not), a window application, etc. Way more flexible, but potentially insecure, especially if the administrator password is stored somewhere in the filesystem unencrypted.

Zebra SL-F1 Mini Expandz

Pretty cool gadget. Thank you UrBaN!

Update: This pen was lost at some birthday celebration for kid[1] and kid[2] :(

Έλεος

“Έλεος είναι κάτι που κανείς δε το θέλει, μέχρι που φτάνεις στο σημείο να βγάζεις το χέρι” –Στέρεο Νόβα, “Ένας μεγάλος κόσμος”

(In-Reply-To:)

How? Where? What?

Reading Alec Muffett’s blog post on Google Chrome’s team decision to remove http:// as redundant geek speak from the browser, I think I cannot highlight enough the following piece:

“The URL represents “how://where/what” – how to retrieve some data, at where, and what the data is called”

Ah the joys of browser ~~intelligence~~ stupidity, while it tries to second-guess the user in order to help him. So when I type ftp.ntua.gr in the address bar, do I want to access it via HTTP or via FTP because the name starts with FTP? Do not second-guess the user because you are not helping him although you think you do.

And if the how:// part is not persuasive enough, let’s see the where part for which I have commented elsewhere. Users seem to expect that http://www.dom.ain should be identical to http://dom.ain. Instead of altering this expectation browsers tried to be helpful enough to connect to http://www.dom.ain when dom.ain does not respond and thus reinforcing it. Yay, right? No! Not only is the browser second-guessing the user, it also assumes the existence of http://www.dom.ain, and that a common administrative domain exists for both dom.ain and http://www.dom.ain. And then along come newer services, like for example OpenDNS that provides working pages for non-existent pages to the user’s dismay and irritation because what they get† is not what they asked for (but technically it is exactly what they asked for). This abstraction (and expectation) implies certain types of architectures that support the expected behavior and there is nothing that guarantees (or mandates) that such architectures are implemented. But hey, the browser is helping the user here by saving him from four keystrokes on two keys.

Since browsers are second-guessing both the how:// and the where, how long before they are going to second-guess the what too?

So please people, when trying to help by “improving” a user interface, ask yourself who (besides yourself) are you really helping. The Law of Unintended Consequences seeks opportunity.

[†] – If you want to be helpful, you do it the OpenDNS way: By giving the user choice. By removing choice for “convenience” you end up with misdirected user irritation, since the users tend to believe that not reaching a page is the administrators fault, where in fact it is the result of a series of choices done for years on behalf of the user without his consent. And we reach today, where the combination of an “intelligent” choice by the browser is incompatible with the user choice (using OpenDNS).]

pwgen for Windows

pwgen is a handy package that runs on Linux (among other systems). According to its description it “generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word”. I use pwgen -1 for “one time only passwords” like when subscribing to mailing lists or web sites that require a username/password combination and I am not sure that I will stick with them. In other words, passwords that I fire and forget.

Unfortunately, it does not run under Windows, which is what I am working on some of these days. The code is pretty standard though, and with some minor tweaking, like borrowing a getopt(3) implementation and using srand(3)/rand(3) instead of /dev/urandom (Windows does have a similar capability) porting it to Windows was easy.

Having the source around is always handy! For those who do not want to do it themselves, here is a link to the (compiled with Digital Mars C++) binary: wpwgen.exe