For months there was a really thin, really-light-grey line running down the middle of the page. I was finally able to figure out where it was coming from and get rid of it. (It was a background image, ~1200 pixels wide, with a single grey dot at the right to give the thin line… It was all well and good until I dropped one of the two columns, but I never could trace it down.)

I still consider the main page half-finished; I’d like to get the ‘table of contents’ thing back up and running, as well as make the bottom of the page actually function like I’ve always hoped it would. (Although it’s really not handy to have these things at the very bottom?) And it’s a behind-the-scene thing, but it’s what I do for a living: I want to rework the main page’s code to not rely on memcache. It’s served its role well, but I have 1 MB of RAM (down from 16MB!) devoted to caching about 1KB worth of configuration and cached elements that really don’t need to be forcibly held in RAM anyway. I’m already running APC (which already has a hitrate in the high 90s), so I can just make use of that. (Really, the code for the main page is a set of hacks built upon other hacks, and then I went in and hacked those hacked-hacks to behave differently… For what’s really a simple function, I think it’s time for a rewrite.)

I just logged into Facebook and realized that Facebook is a lot like my work e-mail and Twitter: 95% of the stuff that shows up there is noise that doesn’t concern me at all. Some girl who worked on a group project with me freshman year updated her photo album and then a total stranger that I foolishly accepted as a friend posts some introspective ramblings. And then I turn to Twitter, where very few posts interest me at all. Part of the problem is that I often start following strangers who post something interesting, only to realize that them being interesting was a rare occasion.

I’ve been toying for a while with purging the names I don’t recognize from Facebook and leaving Twitter. But I think, for now, I’ll stick with status quo: checking Facebook once every couple weeks and looking at Twitter every few days.

XKCD is an amazing comic. Sometimes it’s drop-dead hilarious. Sometimes I don’t quite get it. But with frightening accuracy, it’s either an astonishingly accurate picture of me, or it uses a crude-drawn diagram of stick figures to say something I’ve thought for a long time much more eloquently than I could. A recent comic does just that:

>

I think it’s valuable both on its surface and a bit metaphorically. Encryption’s a pretty neat field, with all sorts of applications. And even more mainstream operating systems like RHEL and CentOS are making it easy to encrypt not only your filesystem, but swap. But I think a lot of people hang their hats on technical solutions, where it’s only half the battle. 4096-bit RSA is no good when your passphrase is “passphrase,” though I have to think that crypto-geeks might know better.

The same is true for home security. I really wish I had the link for the article I read in which some ex-burglars were interviewed. They pointed out that those hollowed-out soup can “safes” are a great idea, except that when you have a can of soup on your dresser, it’s going to get stolen. Those hollowed-out book safes are ingenious, except that savvy burglars just knock over you bookshelf. And that having a safe is really pretty foolish, because they’ll just take the whole thing. Or the story about the people who hid hundreds of dollars of cash inside their DVD player for safekeeping. But the burglars weren’t looking for cash, they were looking for electronics they could pawn, so they stole the DVD player.

And how about SSL? I think there are a sizable number of people who know that the ‘lock icon’ of SSL means that their connection to the webserver is encrypted, and therefore it’s safe to give out their credit card number. But they don’t realize that their encrypted connection is to “https://paypal.com:homepage@scammer.example.com” and that they just gave the badguys their information.

In all our time guarding against the million-dollar supercomputer, we forget to guard against the $5 wrench.

The new Kindle is really, really slick.

I just realized a problem with it, though: I rarely pay for books. If the library doesn’t have it, I turn to half.com. $9.99 for a book might be a great deal compared to $29.99 for the dead-tree version, but it’s a rip-off compared to $0.00 at the local library, or $2.99 on half.com.

That said, the opportunity to subscribe to newspapers and magazines wirelessly is brilliant. I always felt  bad for the ailing newspaper industry. Enough so that I might be willing to pay $10/month to get a copy on a Kindle.

I’m a little confused, though, by their “Get blogs wirelessly delivered to your Kindle for as little as $.99 per month” statement. I thought you were able to browse for free. (Obviously, restricted a bit.)

What interests me is the availablity of computer eBooks. I brought home a 1,200 page MySQL tome. Seems like they have a lot, but not centered on the ones I want to buy. I can take there being more books on MS SQL and Oracle (even if MySQL is probably most populous?), but PL/SQL and SQLite? Isn’t an SQLite book like writing a manual for using the Windows calcluator? And discounting a book to $50 for the Kindle doesn’t make me want to buy it. (Psst: The Pirate Bay has a great selection… I don’t want to resort to that, though.)

All this brings up something I’ve thought for a long time: if you release a book for an e-book platform like the Kindle, and then it’s obsolete (like all the MySQL books about MySQL 4 that don’t get to the major changes in MySQL 5), can you please, please offer a heavily-discounted “update” to people who own the old version?

I posted a while ago about p0f, a neat tool that looks at packet structure to determine the operating system speaking to you from a given IP. (It seems like the tool hasn’t been updated in a while, which is a shame.)

I’ve been running it for a while, and log p0f strings for all incoming connections to port 25, i.e. every mailserver trying to connect to n1zyy.com or ttwagner.com. You can see it on the 100 blacklisted IPs page here, showing the IP, country, and p0f string for each connection. (I have it configured to not log ‘guesses,’ which explains why some are blank.)

I’ve noticed that the vast majority of entries are coming from “Windows 2000 SP4, XP SP1+” as an operating system. (This is the IP that’s connecting to my mailserver, i.e. the outgoing mailserver’s operating system. This has nothing to do with people using an ordinary mail client on Windows 2000 or Windows XP.) This doesn’t surprise me a lot: most spam is sent from virus-infected desktop computers these days, and people running old versions are much more likely to get infected than someone who keeps up to date with security updates. (I will caution that p0f isn’t 100% accurate, especially as it hasn’t had a definition file released since pre-Vista.) The other aspect of this is that very few professionals would run a mail server on Windows XP, though there could be legacy systems running on Windows 2000. (Although, man, they’re behind the times!) So if we see an incoming connection from this OS string, we have a fairly good idea that it’s either someone’s desktop or a mailserver run by someone who never, ever upgrades anything.

I’ve posted before about how I’ve found that blacklists are usually very good at blocking spam, but they seem to get better hours or days after the spam has been sent, so what I like to look at in evaluating a DNSBL is how it fares for mail as it’s being delivered to me, not how it looks hours later in a test. The most recent connection, for example, is a “Windows 2000 SP4, XP SP1+” machine in China, but it only pops up in one fairly obscure blacklist. It would have gotten through if I relied on DNSBLs. (Well, except that it e-mailed a spam trap and/or used my IP address as a HELO string, so it got auto-banned…)

What I’ve been interested in for a while is in whipping up a Postfix policy plugin that would do scoring based on multiple factors. This would let me ensure that certain patterns would increase a message’s spamminess score, but that certain things couldn’t tip the scale on their own. I never liked the idea of banning foreign countries, even if most spam comes from China. (I suspect something is wrong with that chart, actually…) But for someone who doesn’t interact with anyone from China, it’s more probable that mail from China is spam. So we can score them a little more highly. And based on what I’m seeing in the mail logs, we would have very good results if we did the same for hosts connecting that ran desktop Windows versions.

Of course, I’m not yet ready to pronounce this a bulletproof idea. For one, I haven’t studied how p0f treats connections from legitimate Exchange servers. It doesn’t seem to show connections from Vista properly, for example, so I worry that such a block might inadvertently snare legitimate Windows server OSs. Plus, the only way I’m noticing this right now is by looking at mail that’s already getting caught at spam; mail that gets accepted doesn’t get listed. More directly, “Most spam is sent from Windows XP and Windows 2000” doesn’t necessarily mean, “Only spammers use Windows XP and Windows 2000 on their outgoing mail servers.”

I sometimes wonder how normal people handle the things that come at them.

My mom’s a first grade teacher, and has been using some sort of website to generate those ‘math minute’ worksheets for addition problems. But she’s teaching certain identities, namely +1 and +0, and now wants to introduce the a+b=10. She asked me about this.

“So what you’re saying,” I asked, “is that you’d like me to write a PHP script to generate these?”

I’m not a total bleeding-heart liberal, apparently. The news has been carrying a lot of stories about the push to require that seatbelts be worn, and I can’t help but hope that the bill goes nowhere.

I think it’s foolish and dangerous to not wear a seatbelt. It’s also foolish and dangerous to smoke, to eat too many trans fats, or to carry too much of a balance on your credit cards. I don’t think we need laws legislating that people shouldn’t do these things.

Kids should be required to wear seatbelts, and parents who don’t make them ought to be considered negligent. Kids can’t make an informed decision about whether a piece of cloth around their waist is worth not flying through the windshield. But that’s already the law.

The other 49 states require that seatbelts be worn, which is one of the reasons people are pushing for the law. But why do we want to be like the other states? Most of the other states have sales tax, too. Let’s not use “all the other states are doing it” as a reason to pass laws. Especially not when our motto is “Live Free or Die.” (Even if, “Live Free and Die” might be more fitting to the circumstances.)

I just came across FelonSpy.com, which is supposed to show you convicted felons living nearby. It’s a neat site, but I didn’t know that I lived across the street from a rapist, half a mile away from an arsonist, and had two people with gang-related violent crimes living in my neighborhood. Oh, and a 73-year-old man convicted of sodomy living in the river.

I tried it a few more times, sometimes changing the center address slightly, sometimes using the exact same one, and I get a totally different set of results every time. It seems hesitant to put anyone on the street you put it, but lots of neighboring streets; by plugging in an adjacent street and trying several times, I was eventually able to get it to show a violent felon at my house.

It’s slightly amusing when you realize that it’s just generating random data, though I suppose it’s also a good reminder to not trust everything you find on the Internet.

I’m a Linux nerd that spends some time in Vista. I tend to be a bit obsessive-compulsive, so I’ve found that I enjoy running CCleaner, defragging, and so forth.

The problem is that Linux isn’t as crazy about accumulating cruft (at least, most things aren’t; if you set up custom log files and don’t set up logrotate to match, then you might… But that’s a problem of your making.) And ext3 doesn’t get fragmented. ( That’s not entirely true, it’s just that fragmentation isn’t a big issue.)

So if you’re like me and have come to miss the housekeeping, here are some things you might want to do:

• Empty the trash. It used to be ~/.Trash, but newer versions (Hardy and on, apparently) keep it in ~/.local/share/Trash, with a “files” and “info” subdirectory. Always be careful with rm -rf, but rm -rf ~/.Trash/* or rm -rf ~/.local/share/Trash/info/* && rm -rf ~/.local/share/Trash/files/* ought to do the trick.
• Some apt-get housekeeping:
  • Check everything over (e.g., for errors): sudo apt-get check
  • Remove old packages not used by anything: sudo apt-get autoremove
  • Clean out your local repository of package files:
    • The soft way, just removing “package files that can no longer be downloaded, and are largely useless.”: sudo apt-get autoclean
    • The hard way, removing most everything from /var/cache/apt/archives: sudo apt-get clean
• Figure out where your disk space is going: du -sh ~/*. This isn’t super-easy to interpret, though. (And it can take a while, since it looks at all of your home directory.) Applications / Accessories / Disk Usage Analyzer is way cooler.) It makes it easier for me to realize that, for example, the reason I have very little disk space is that I have my old 55GB Windows partition backed up. Since that’s copied to another disk, I can pretty safely blow that away, and have 50GB of disk to spare. It also turns up a few DVD ISOs (CentOS 5.1?!) that I definitely don’t need.

The good news is that this did clean up some junk. It saved about 200MB of disk. (Not counting the ~50GB of backups I had created that I don’t need.) The bad news is that this really doesn’t do much that doesn’t get run when dealing with packages anyway. But it makes me feel good.

Compiz is a fairly generic ‘desktop effects’ package for Linux. Ubuntu (and maybe others?) users can enable with System / Preferences / Appearance / Visual Effects, or you can be hardcore and type compiz --replace in a command prompt. (Be warned that it’ll kill your window manager and replace it with Compiz, so don’t do this if you have a lot of stuff open, in case anything goes wrong. Be further warned that if you do this and foolishly Ctrl+Z it hoping to then bg it, you’re going to lock up your desktop, since you just suspended your window manager.)

About all that you’ll notice with Compiz at first is drop shadows. It’s nice, but it’s kind of like buying a Ferrari and savoring the fact that it’s a stick-shift. What you really want is to customize it. System / Preferences / Advanced Desktop Effects Settings is how you do this. If you’re like me and this wasn’t installed with Compiz for some strange reason, you can use Synaptics (or apt-get) to install compizconfig-settings-manager.

Here are some things I do and don’t like:

• Cube, and Rotate Cube. (See my previous post on how to make it work if it does nothing for you.) This lets you juggle four virtual desktops by free-spinning a 3D cube. Once you do it, you realize it’s really intuitive. And insanely awesome. Ctrl + Alt + left-click enables this. (Ctrl+Alt+Right flips it.)
• Expo will “zoom out,” showing all your virtual desktops at once. Handy for an overview, or if you have your mail client full-screen and forget what desktop it’s on, I suppose. Not something I’d use a lot, though. Super-E does this. If you’re thinking that the Super key is perhaps next to the Any key… It’s actually the Windows key.
• Scale does what Mac users probably thought Expo does: shrinks down all your open windows to be simultaneously visible on one screen. You can map this to a corner of the screen, but Shift+Alt+Up is the official key combination. (Let up on the “Up” key and you can use the arrow keys to pan around, or you can just click on what you want.) I find this key combination really awkward, so this is a good place to mention that you can remap any of the key combinations it replaces.
• Shift Switch is a Cover Flow-inspired Alt-Tab window switcher. Shift+Super+S pulls it up, and then you can use right and left arrows to navigate. (Note that the windows loop.)
• Ring Switch lets you “go in a circle” around the open windows, and is Super-Tab, a slightly less-awkward key combination.
• Shelf is bizarre but cool. It shrinks a window down. There are three sizes. Press Super-L once to make it maybe half-size, and press it again to make it about a tiny little window. Press it a third time to restore it. You cannot interact with a “shelved” window, other than moving it around. The window will update, though, so if you have something running and are waiting for it to finish, you can shrink it down.

I doubt I’m going to use all of these, but I’ve enabled all of them right now, and I wrote myself a cheat-sheet. I think after a few days I’ll have a good idea of what’s eye candy and what actually makes my life easier. I think they all have the potential to do so, though.

Oh, a bonus tip? Gnome users, check out System / Preferences / Keyboard Shortcuts. It’s nothing revolutionary, but it’s something any power user ought to tweak to their liking.  (I set F1 up to launch a terminal, a task I must do 50 times a day. It masks the “Help” feature programs love to pop up when I overshoot the ~ key, too.)