Appliances

As a computer geek, there are a handful of machines I’d still like to build:

  • A massive, awesome fileserver that just works. Hot-swappable SATA disks, with maybe 5 disk slots on the front, and hardware RAID. And it should just work: I plug it in, plug it into the switch, and it gets an IP. I could set up quotas or permissions through a web interface, but not much configuration should be needed. I don’t want to have to deal with partitions and volumes, or to set up a 100GB “slice” for photos and then realize I wanted 150GB. I want it to just work as one big thing. I want my Windows machines to be able to see it over SMB, and my Mac to see it over whatever Macs use natively. I want to mount it over NFS from a Linux box, and I want to have a web GUI that I can use to view files. (FTP and rsync would be nice, too.) The RAID has to be good, too: when one of the disk dies, I want to pull the lever, yank it out, and put a new one in, and have it rebuilt automatically. It can run something like embedded Linux, but should have a couple gig of RAM (it’s cheap now!) to allow for big buffers and caches. It needs gigabit Ethernet (but that’s pretty much standard now). Bonus points for having USB support (both ways: let me back this up to an external USB disk, but also let me plug my computer into it and see it as a massive disk.)
  • A really, really good firewall/router/proxy/etc. Our OpenBSD firewall rocks. I think I configured it such that the QoS never works, but in theory, it gives things like ssh and games priority, while things like FTP downloads and BitTorrent can just use whatever bandwidth is left over, so that huge downloads don’t impact things. It does the obvious stuff, like NAT and port forwarding. But it also does some stuff your run-of-the-mill router won’t, like using scrub to normalize packets. (And it works both ways: outgoing packets get rewritten to not “leak” data that could be used for fingerprinting, and incoming packets are stripped of any bizarre stuff that could potentially be used as an exploit.) It serves as our DNS server, which gives a bit of a speedup on a LAN. It’s an NTP server that keeps accurate time for us. Ideally, it would also run squid and act as a proxy server, too, but I never set this up because it’d be too much of a hassle. (We could set it up as an explicit proxy that browsers would have to be configured for, but since it’s the firewall, it’s also possible to make it a transparent proxy by routing all traffic through it.) With squid comes some other neat options, like the ability to use ClamAV to do real-time virus scanning of downloads, or to use blacklists so a small office or a family could, for example, prevent the viewing of known porn sites. I’m still fond of the Via C3/C7 line, which are very low-power processors that also have hardware crypto and RNG functions. Oh, and another thing: I want to be able to VPN into my house. The hard part there is choosing what you want: GRE? PPTP? OpenVPN? And I want lots of graphs of everything happening. Something like the Via chip, a gig of RAM (or more for faster cache results), and a small SSD (even a CompactFlash card?) is all that’s needed, along with dual GigE cards. Wrap it up in a nice GUI, and you’ve got something that leaves every store-bought router looking pretty pathetic, yet without being miserable to set up like OpenBSD+pf. (Hint: pfSense gets you 98% of the way there.) It’s got to draw minimal power, but that’s probably something the Via chip would be good at.

It seems odd to me that neither of these products exist. I can buy a Windows Home Media device with a 500 GB hard drive, but it would cost more than buying a 2TB disk and sticking it in an old Linux box. And the ones I’ve seen advertised don’t have RAID, or even support for RAID. Moving to a central fileserver and not supporting RAID is a horrible idea, since a single disk failure will cause you to lose everything.

I’m Ripping Off Kyle’s Idea

Kyle’s recent post with a tag cloud for his site got me inspired.

By the way, having run the site for years, I’m a bit embarassed to admit that I had no clue where the RSS feeds were. (I should really create an aggregated one for all users?) http://blogs.n1zyy.com/USER/feed/ is the answer; obviously, substitute USER for the username. (Oh, and /feed/atom seems to be required to work with the tag cloud generator he linked to.)

Another comment: playing with the generator reveals that I’m unnaturally obsessed with fonts.

I’m slightly embarassed at the most-common words. “Actually” and “though” seem to take first palce. And then it’s words like, “pretty,” “really,” and “like.” I should probably cut all of these words from my vocabulary.

I do contend that it’s not quite fair, since it’s only looking at a handful of posts. Without further ado:

Tag Cloud

Hacking the iPhone?

Since my phone is under warranty, and since the main reason I have it is that I’m on call 24/7 for work, I’m not too eager to jailbreak my phone yet. Sure, it’s tempting, but I’m just not going to do it yet.

But here’s my problem, and the really roundabout way I want to solve it. A monitoring script will send me a text message whenever a service fails on a server. Sometimes it’s just a few messages a week, but sometimes, when it rains, it pours. I probably have a couple thousand text messages on my phone. I’d like to clean them out. For some reason (everyone I know has asked for this feature), there is no way to delete all your text messages.

People who have jailbroken their phones seem to have found that the text messages are stored in something like a Berkeley DB file. That’d be pretty easy to clean out. (Actually, people who have jailbroken their phone can install one of many applications meant specifically for purging your SMS inbox, but I digress. Further digression: someone else mentioned that it seems they’re ‘marked as deleted’ when you delete them, but not actually removed from the .db file.)

Is there a way to mount your iPhone as a disk? I’m yet to find it if there is. There exist tools to create a folder on the iPhone and let you access that on your computer, but not to view the ‘guts’ of the iPhone as a filesystem. I was able to make this happen on my old iPod, but not on the iPhone.

There seem to be a handful of ‘secret’ (not anymore, thanks to the Internet…) ways of resetting the firmware and whatnot. I’m wondering if any of them allow disk access. Thoughts, anyone?

Macs are Hot

I ended up signing out a Mac from work last week. It’s an older Core Duo era MacBook Pro. It’s quite slick, and since I’m used to working in Linux, it took me no time at all to feel right at home. (Except that there’s no /proc partition… When Linux is all you use, you forget that it’s specific to Linux.)

It’s exactly what a computer should be: my first laptop was a huge clunker, so I thought my Thinkpad was amazingly sleek when I got that. But this has outdone that, and is still quite slick. The video card isn’t total junk (I’m driving a second monitor at 1920×1080, with all the fancy graphic effects), the speakers are actually pretty good, the keyboard is really comfortable and backlit (!), the screen is bright, and so on. The MagSafe power cord is slick, too: I’ve rolled over it twice in my chair already, and it simply pops out, rather than pulling the laptop onto the floor. Plus it makes it really easy to plug in: as long as you get the cord pretty close, it’ll pop right in.

But despite all this, I was actually being more literal in the subject of my post. On the left hand side of hte laptop, over the speaker, I find that I rest my hand when I’m not typing. And it’s very warm. Not quite uncomfortably hot, but remarkably warm. I also wouldn’t want to use this laptop on my lap, because the bottom gets pretty warm. But then I discovered that the thin strip of metal right above the function keys (F1-F12) gets insanely hot.

I installed iStat Menus, a slick plugin showing stats on all the hardware sensors. My CPU is running at 65 degrees Celsius, and I’ve seen it north of 70. The GPU is at 59, the GPU heatsink is at 64, and the memory controller is at 57. (The heatsink is warmer than the GPU itself?) After some poking around online, I think I figured out the problem: the fans in the case vent right by the metal strip above the function keys. iStat Menus shows the fans are running at 1000 RPM, though they’re inaudible. I’d really prefer they sped up a bit… Now I’m up to 72 Celsius.

My other major pet peeve is that the battery life is abysmal. Something like 45 minutes. I’ve “calibrated” the battery, too, though it seems as if that simply helps it more accurately predict runtime. It’s at something like 400 charge cycles, which isn’t that much for a machine that’s a couple years old. My old Thinkpad still runs for several hours.

Still, though, I’m pretty impressed. If this were mine to keep I’d probably buy a new battery, but as it is, I tend to work plugged in anyway.

Weekend Tech Deals

A handful of good deals this weekend, too:

  • Acer 23″ LCD, 1920×1080, $220. I was actually ogling this same one at Newegg, where it’s $10 more. It has stellar reviews at Newegg. If you’re just looking for a new LCD, Staples has an 18.5″ for $99.98, though it’s only 1360 x 768. (It’s considerably more at Newegg, and has no reviews.) Or, a ridiculous deal, a 22″ Acer for $49.99, though it’s hopelessly backordered. I paid the $14.99 shipping and it’s expected in stock between 3/14 and 3/28. I don’t have high hopes for this actually being delivered, however; seems like it’s an outlet close-out, so it wouldn’t make sense for them to order more.
  • I could use bigger hard drives all around. Notebook SATA drives? Staples has a 250GB 2.5″ SATA disk for $70, albeit only 5400 RPM. $10 more gets a 320GB notebook drive, though also 5400 RPM. Or hit up Best Buy for the granddaddy of ’em all, a 500 GB notebook drive, $125.
  • Staples has the HP Mini Notebook for $300.

SPF

On the off chance that this affects anyone, I’ve gone through and published SPF records for all domains where I host DNS. It’s something I should have done a while ago, but I was spurred into doing it today after I noticed what seems to be a lot of backscatter from non-existent users, meaning that someone sent spam pretending to be ttwagner.com.

For those who don’t follow mailserver and DNS news, SPF, short for Sender Policy Framework, allows a DNS server to publish a TXT record (fairly obscure outside of SPF) specifying what servers are allowed to send mail from that domain. Normally anyone on the Internet could send mail claiming to be from n1zyy.com or ttwagner.com, but I now have SPF records stating that only 64.191.108.120 is allowed to send mail for these domains. I’ve gone a step further, and added null records (no one is allowed to send mail) for some domains I have that don’t send any e-mail.

“Good” mailservers will now check for an SPF record when mail is sent, and refuse mail forging any domains hosted here. I’ve set a really short (240-second) TTL, so I can change this in 4 minute’s time if need be.

Virus Notifications

At work, I’ve been getting lots of Hallmark E-Cards. They include a file, postcard.zip, which extracts to postcard.exe. Of course, as soon as an address not owned by a real human got an e-card, I knew something was up, but since I was on Linux, I wasn’t terribly afraid of it infecting me.

NoVirusThanks.org describes it in more detail, but the short version is that, after you’re infected, it will e-mail itself around, presumably to people in your address book. (It also gives the virus’s creators control of your machine.)

When the mail is being sent, it identifies itself with the HELO string of hallmark.com. They went pretty far with this one, since few people would think to check the headers. (Though those that do probably wouldn’t be opening a .exe file e-mailed to them anyway.) The IP it uses to connect can’t be forged, though. And this is where my idea is born.

There ought to be a site out there that’s just a giant database of IPs that have sent viruses, what virus they sent, when, and what IPs reported it. It’d be nice for blacklists (it looks like the infected machine sends mail directly, instead of using your normal mailserver), but what I really would love is to see some high-volume sites (I’m looking at you, Google) display a, “12 mailservers have reported your machine is infected with a virus in the past 24 hours” banner, along with a link that shows what virus(es) are reported, and help on reputable anti-virus solutions.

It’s a little creepy and big-brotherish, but it seems odd to me that I know a handful of IPs sending viruses, whereas the people who use those IPs probably have no idea. I have no way of contacting them, though, nor would an e-mail from some random guy saying “You have a virus” be that helpful.