vsergu's Journal http://use.perl.org/~vsergu/journal/ vsergu's use Perl Journal en-us use Perl; is Copyright 1998-2006, Chris Nandor. Stories, comments, journals, and other submissions posted on use Perl; are Copyright their respective owners. 2012-01-25T02:20:38+00:00 pudge pudge@perl.org Technology hourly 1 1970-01-01T00:00+00:00 vsergu's Journal http://use.perl.org/images/topics/useperl.gif http://use.perl.org/~vsergu/journal/ Space, the final frontier http://use.perl.org/~vsergu/journal/24043?from=rss <p>The next step in $WORK's continuing quest for cheap semireliable storage is complete. Yesterday FedEx delivered two <a href="http://www.theregister.co.uk/2005/03/30/review_buffalo_terastation/">Buffalo TeraStation 1 TB NAS devices</a>. They're cute, with red, blue, and green blinkenlights. Easy to set up through a web interface. I've configured them as RAID 5, so that's 750 GB each. So far, so good.</p><p>Unfortunately they don't seem to be very hackable. They run Samba and an NTP client and FTP (if requested) and the web interface and not much else. No ssh, telnet, rsync, apparently. There's Linux in there, but it's not accessible. No ports on the box other than USB and a serial port for attaching a UPS monitoring cable. Of course, minimality is part of the point.</p> vsergu 2005-04-06T19:22:43+00:00 journal Dragged into CPAN http://use.perl.org/~vsergu/journal/23945?from=rss <p>Yes, it's ridiculous that I've been programming in Perl for 10 years and have never released a module on CPAN. I got a PAUSE ID a couple of years ago with the full intention of uploading modules, but I never got around to putting anything into CPANable form. It seems that as time goes by the expectations for tests, documentation, and so forth have increased, and the amount of effort required to bridge the gap between usable module and releasable module has gone up. Okay, I'm an easily intimidated lazy procrastinator.</p><p>Anyway, I was playing around with the Text::Brew module and found a bug, which I duly reported on rt.cpan.org and uploaded a patch for. In return the author invited me to take over as the maintainer for the module. I figured I might as well jump in, even though I'm not thrilled with the API or name of this particular module.</p><p>Anyone have any words of wisdom?</p><p><b>Update:</b> I successfully patched the module and even improved its kwalitee a bit. Now I just have to get some of my own modules into shape.</p> vsergu 2005-03-31T02:26:00+00:00 journal 1111111111! http://use.perl.org/~vsergu/journal/23699?from=rss For those who missed the excitement on 8 Sep 2001 when Unix time reached 10 digits, you can catch another interesting number about 10.5 hours from now, at on 20:58:31 US east coast -- just in time for your St Patrick's Day celebration. If you miss it, you may have to wait until 13 Feb 2009 for similar thrills. vsergu 2005-03-17T15:34:58+00:00 journal Delay terminology: Reflections on Metro signs http://use.perl.org/~vsergu/journal/20241?from=rss <p>If a train runs every 10 minutes, what does it mean to say that there's a 10-minute delay all day? It presumably doesn't mean that all trains are delayed by 10 minutes, since then you'd simply be taking a different train at the same time and not notice or care. Perhaps it means that the inter-train interval has increased to 20 minutes, but is that really a 10-minute delay? Or maybe the average wait has increased by 10 minutes, so the inter-train interval is now 30 minutes. I don't think that works either.</p><p>We'll ignore for now the question of how there can be a delay on only part of a line.</p> vsergu 2004-08-04T23:48:49+00:00 journal Unexpected TPR http://use.perl.org/~vsergu/journal/20239?from=rss I came home from work to find TPR 1.0 waiting in my (physical) mailbox. Not sure what I did to deserve it, but it's welcome. vsergu 2004-08-04T23:19:42+00:00 journal Do I need help? http://use.perl.org/~vsergu/journal/18202?from=rss I just saw "Hellboy" and my main gripe is that they misspelled "De Vermis Mysteriis" in the citation for the opening quote. For some unknown reason, someone stuck an "s" at the end of the "De". Perhaps they needed a <a href="http://use.perl.org/~TorgoX/journal/18150">fact checker</a>. vsergu 2004-04-05T04:16:11+00:00 journal SSL yikes http://use.perl.org/~vsergu/journal/17943?from=rss Saw this mentioned in Risks Digest: <a href="http://news.netcraft.com/archives/2004/03/08/ssls_credibility_as_phishing_defense_is_tested.html">"SSL's Credibility as Phishing Defense Is Tested"</a>. SSL includes a "plain text" encoding method (not encrypted), which doesn't require a certificate and so doesn't require any certification authority to vouch for the identity of the certificate holder. It seems to me that browsers shouldn't support that encoding method, but then it seems crazy that such a method is part of SSL in the first place. Isn't the whole point of SSL to be <em>secure</em>? vsergu 2004-03-18T00:47:26+00:00 journal Innumeracy http://use.perl.org/~vsergu/journal/17839?from=rss <p>My latest bank statement included an ad that starts like this:</p><blockquote><div><p> <i>Do you know where your time goes? For instance, in an average lifetime we spend...</i> </p><ul> <li> <i>6 months just sitting at traffic lights</i> </li><li> <i>8 months opening junk mail</i> </li><li> <i>12 months looking for lost possessions</i> </li><li> <i>5 years just waiting in line</i> </li></ul></div> </blockquote><p>Assuming an average lifespan of 72 years, that means that during an average day (including childhood and old age), a person would have to spend </p><ul> <li>10 minutes sitting at traffic lights</li><li>13 minutes opening junk mail</li><li>20 minutes looking for lost possessions</li><li>100 minutes waiting in line</li></ul><p>Now, the first might be believable, depending on where the person lives, but the second and third are clearly too high, and the last is completely insane. Do ad copywriters not have calculators, or do they lead lives very different from ours?</p> vsergu 2004-03-10T05:13:55+00:00 journal Seuss "tribute" http://use.perl.org/~vsergu/journal/17718?from=rss <p>What possesses people to think they can write <a href="http://www.washingtonpost.com/wp-dyn/articles/A21146-2004Mar1.html">Seussian poems</a> to celebrate Theodor Seuss Geisel's centennial? On Rembrandt's birthday, do they pull the easel out of the closet and try to paint in his style? On Bach's, do they dash off cantatas? I haven't even read through the whole thing, but I know it's horrible. These things always are. They can never keep to a meter, and this one doesn't even rhyme for some lines.</p><p>I guess if it's for KidsPost any old crap will do to fill the space.</p> vsergu 2004-03-02T20:46:09+00:00 journal Sorely tempted http://use.perl.org/~vsergu/journal/17091?from=rss <p>In addition to the virus-scanner bounces, now we have to deal with challenge-response spam triggered by the virus. This just came to a catchall mailbox that I check (addresses munged to protect innocent and guilty alike):</p><blockquote><div><p> <tt>From: [name] &lt;[user]@mailblocks.com&gt;<br>To: andrew@[one of my domains]<br>Subject: Re: Hi [Authorize]<br> <br>Hi,<br> <br>You just sent an email to my [user]@twcny.rr.com account, which<br>is now being managed by my Mailblocks spam-free email service. Because this is<br>the first time you have sent to this email account, please confirm yourself so<br>you'll be recognized when you send to me in the future.<br> <br>It's simple. To prove your message comes from a human and not a computer, go to:<br>http://app1.mailblocks.com/confirm2.aspx?ck=B2Fqd2Vpc3MObWFpbGJsb2Nrcy5jb2<nobr>0<wbr></nobr> WYW5kcmV3QHNtb2tlc2NyZWVuLm9yZ9iEEb8*&amp;a=1<br> <br>This is the email message you have sent that is in my Pending folder waiting for<br>your quick authentication:<br> <br>Subject: Hi<br>Sent: Jan 29, 9:07 AM<br> <br>If you have not confirmed within several days, your message will automatically<br>be deleted.<br> <br>-----<br>Email for Humans... Mailblocks<br>Try Mailblocks web-based personal email -- faster, cleaner interface, more<br>storage, bigger attachments, and 100% spam-free.<br>http://about.mailblocks.com/?src=emailspiderauth</tt></p></div> </blockquote><p>Should I click? If he's spamming me to protect himself from spam, I feel like undermining his system, but I guess I'll preserve my record of never responding to challenge-response systems instead. I just hope some reader or robot doesn't <a href="http://app1.mailblocks.com/confirm2.aspx?ck=B2Fqd2Vpc3MObWFpbGJsb2Nrcy5jb20WYW5kcmV3QHNtb2tlc2NyZWVuLm9yZ9iEEb8*&amp;a=1">do it for me</a> within the next several days.</p> vsergu 2004-01-29T17:26:20+00:00 journal Spot the SQL bug http://use.perl.org/~vsergu/journal/16104?from=rss <p>Trying to fix case:</p><blockquote><div><p> <tt>UPDATE users SET state = 'DC' AND city = 'Washington'<br>WHERE state = 'DC' AND city = 'Washington'</tt></p></div> </blockquote> vsergu 2003-12-01T19:04:36+00:00 journal Memento mori http://use.perl.org/~vsergu/journal/15527?from=rss I just saw an episode of <a href="http://imdb.com/title/tt0103466/">"The Larry Sanders Show"</a> that IMDB tells me was from 15 Sep 1993. The guest stars were Elizabeth Ashley, Gene Siskel, Warren Zevon, and John Ritter. These are not old people, but ten years later, three of the four (all except the oldest) are dead. Two of them died 8 and 4 days before the 10th anniversary of the original airing of the episode. vsergu 2003-11-03T04:50:09+00:00 journal Insane return values http://use.perl.org/~vsergu/journal/15517?from=rss <p>From the documentation for the signon() method in Net::AOLIM (emphasis added):</p><blockquote><div><p> <em>Returns undef on failure</em>, setting $main::IM_ERR and $main::IM_ERR_ARGS as appropriate. <em>Returns 0 on success.</em> </p></div> </blockquote><p>Aagh! And most of the other methods in the module seem to work the same way. Is there some strange programming subculture where such things make sense (perhaps there's a taboo against ever returning true values)?</p><p>Of course, I can't get the module to work anyway, so I may go back to Net::AIM, which was sort of working.</p> vsergu 2003-11-02T15:13:17+00:00 journal Kill Bill: Volume 1 http://use.perl.org/~vsergu/journal/15071?from=rss <p>A friend called me early Friday to say he'd gotten passes to the press screening of <i>Kill Bill: Volume 1</i> at 10:30 a.m. and ask if I'd like to go, so I asked my boss for the morning off. The screening was at the MPAA offices, one of many centers of Evil here in DC, but at least I was avoiding giving them money.</p><p>It's not <i>Pulp Fiction</i>, but it's entertaining. It's all about vengeance, starting from the initial screen with the "Klingon proverb" (which apparently was used in <i>Dangerous Liaisons</i> in 1782). Things to expect:</p><ul> <li>Hong Kong&#8211;style over-the-top violence, including fountains of blood and lots of severed body parts</li><li>nonlinear storytelling</li><li>samurai swords</li><li>anime</li></ul><p>Things not to expect:</p><ul> <li>realism</li><li>complex plot</li></ul><p>Just "lay down all thought, surrender to the void", and enjoy it for what it is. Tarantino should probably have kept it to one movie rather than splitting it. It could have used some trimming, particularly in an overlong fight scene reminiscent of the overlong fight scene in <i>The Matrix: Reloaded</i>.</p> vsergu 2003-10-05T19:56:28+00:00 journal Chutzpah http://use.perl.org/~vsergu/journal/15057?from=rss <p>Found on the <a href="http://www.merit.edu/mail.archives/nanog/msg14917.html">NANOG list</a> (emphasis added):</p><blockquote><div><p>VeriSign was directed by ICANN to suspend the Site Finder service by 0100 UTC on Sunday, October 5. <strong>We requested an extension from ICANN to give more notice to the community but were denied.</strong> We will be removing the wildcard A records from the<nobr> <wbr></nobr>.com and<nobr> <wbr></nobr>.net zones beginning at 2300 UTC on Saturday, October 4. The former behavior for these zones (returning Name Error/RCODE=3 in response to queries for nonexistent domain names) will be in place by 0100 UTC on Sunday, October.</p><p>Matt<br> --<br> Matt Larson &lt;mlarson@verisign.com&gt;<br> VeriSign Naming and Directory Services</p></div> </blockquote><p>So breaking DNS requires no notice, but if you're suddenly forced to restore it, then a couple of days is rushing things. Are these scum ever going to lose their contract?</p> vsergu 2003-10-04T00:50:23+00:00 journal 'Swenderful http://use.perl.org/~vsergu/journal/14817?from=rss <p>I was mostly untouched by Sobig, but two of my accounts are being slammed by Swen. Both have been used on Usenet recently (one through a mailing-list gateway).</p><p>For my home account, I had been handling my junk mail by running <a href="http://saproxy.bloomba.com/">SAProxy</a> (which uses <a href="http://www.spamassassin.org/">SpamAssassin</a>), but I got tired of having to download all the viruses before filtering -- plus I was afraid my mailbox would fill up. So I've finally learned the basics of procmail. For now, I'm keeping the headers so I can see how many I get (and contact the sender on the off chance that somehow a real message gets trashed). I'm also keeping a count of the total bytes received. The body of the mail gets dropped, so my mailbox fills much more slowly, and no messages get send into the queue to be retrieved with POP.</p><p> There's probably a better way, but here's the<nobr> <wbr></nobr>.procmailrc file:</p><blockquote><div><p><nobr> <wbr></nobr><tt>:0 HB:<br>*^Content-Type: (application/x-msdownload|audio/x-(wav|midi));<br>{<br>&nbsp; &nbsp;<nobr> <wbr></nobr>:0 hc<br>&nbsp; &nbsp; mail/junk<br> <br>&nbsp; &nbsp;<nobr> <wbr></nobr>:0<br>&nbsp; &nbsp; | wc -c &gt;&gt; junk-mail.txt<br>}</tt></p></div> </blockquote> vsergu 2003-09-21T18:33:44+00:00 journal Hormel turns nasty http://use.perl.org/~vsergu/journal/13175?from=rss It's a little late, especially after posting a <a href="http://www.spam.com/ci/ci_in.htm">statement on the company site</a> saying that using "spam" to mean unsolicited commercial e-mail is okay, but <a href="http://www.washingtonpost.com/wp-dyn/articles/A55892-2003Jul1.html?nav=hptop_ts">Hormel is opposing a trademark application by Spam Arrest</a>. Of course, since Spam Arrest sells one of those challenge-response "solutions" currently plaguing the e-mail system, I can't help but hope that Hormel causes them at least enough trouble to outweigh the free publicity. vsergu 2003-07-01T15:06:11+00:00 journal CPAN maintainers in the comics http://use.perl.org/~vsergu/journal/12671?from=rss Okay, it's really just a <a href="http://www.uclick.com/client/wpc/fu/2003/06/06/index.html">Finnish stereotype</a>, but most of us don't know many Jarkkos. vsergu 2003-06-07T00:56:28+00:00 journal Electronic voting, again http://use.perl.org/~vsergu/journal/12230?from=rss <p>The <i>New York Times</i> has an article today, <a href="http://www.nytimes.com/2003/05/15/technology/circuits/15vote.html?ex=1053576000&amp;en=c08aa2b78db926ae&amp;ei=5062&amp;partner=GOOGLE">"To Register Doubts, Press Here"</a>, in which various computer scientists (including Rebecca Mercuri, of course) insist on accountability for electronic voting systems and various officials of county election boards and voting machine companies insist that there's nothing to worry about. After all, fraud was possible under the old system, so we don't need to concern ourselves with whether fraud might be easier under a new system or how we'd detect it if it occurred. And who would you rather trust, a bunch of academics who haven't even looked at the hardware or software (because they're not allowed) or the people selling the systems?</p><p>The most amusing point is that Theresa LePore is quoted in support of unauditable voting systems. You may remember her as the designer of the user-friendly butterfly ballot in Palm Beach County, Florida in 2000. This time she's explaining that lots of people come in to vote, wait patiently in multiple lines, and then turn in blank ballots because they don't want to vote for anyone.</p> vsergu 2003-05-15T23:28:23+00:00 journal Microsoft embraces RMS http://use.perl.org/~vsergu/journal/10736?from=rss Wonder what <a href="http://www.stallman.org/">the real RMS</a> will have to say about <a href="http://news.com.com/2100-1001-985496.html">this</a>! vsergu 2003-02-22T01:09:56+00:00 journal SpamAssassin thinks I'm a porn spammer http://use.perl.org/~vsergu/journal/10653?from=rss <p>I've been playing around with SpamAssassin and discovered that e-mail containing URLs to one of the sites I help to maintain matches its PORN_4 test. You see, http://tobaccodocuments.org contains an obscene three-character string. Now I know how <a href="http://slashdot.org/article.pl?sid=03/02/16/0218230">Bruce Schneier</a> feels.</p><p>Better check to see whether the test is the same in the bleeding-edge version.</p> vsergu 2003-02-18T19:51:40+00:00 journal Election Risks http://use.perl.org/~vsergu/journal/8851?from=rss <p>The first two articles in the <a href="http://catless.ncl.ac.uk/Risks/22.36.html">latest issue of Risks Digest</a> are about the recent US election and the headlong rush to implement poorly tested, unauditable, opaque voting systems:</p><blockquote><div><p>The general consensus among election officials and voters seems to be that the all-electronic machines are a great improvement, relatively easy to use, and inherently able to prevent overvotes. The general consensus among knowledgeable computer security experts seems to be that almost all of the existing all-electronic systems could relatively easily be rigged by internal fraud in the software and external manipulation of the local polling-place configurations and could also be subject to undetected internal errors, because of an almost complete absence of meaningful audit trails and independent verification of the consistency of votes tabulated with votes cast. Just because an all-electronic machine looks like it might be working, how do you *KNOW* it is doing the right thing? From a RISKS perspective, a perceived potential lack of integrity is a serious obstacle to democracy. </p><p>&#8212;Peter G. Neumann</p></div> </blockquote><p>On the bright side, I seem to be starting to have more to talk about with my conspiracy theorist brother-in-law (and fewer disagreements).</p> vsergu 2002-11-08T20:28:47+00:00 journal Microsoft humor http://use.perl.org/~vsergu/journal/8821?from=rss <p>From knowledge base article <a href="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q138365">Q138365</a>:</p><blockquote><div><p> If you configure the Autodisconnect option to -1 at the command prompt, Autodisconnect is set to the upper value in the registry. This is approximately 8,171 years (not tested), which should be long enough to be the equivalent of turning Autodisconnect off.</p></div> </blockquote> vsergu 2002-11-07T17:32:32+00:00 journal Microsoft tries own switch campaign, fails miserably http://use.perl.org/~vsergu/journal/8372?from=rss <p>Microsoft put up its own switch ad today, <a href=";hl=en&amp;ie=UTF-8">"Confessions of a Mac to PC Convert"</a>, complete with a photo of the unidentified supposed switcher that someone determined was actually <a href="http://creative.gettyimages.com/source/search/detail.asp?source=searchResults&amp;imageIndex=10&amp;hdnSync=%22One+Woman+Only%3AOnly+Women%22+and+%22Coffee%3AHot+Drink%22~0%2C12%2C449%2C3%2C15%2C1%2C0%2C0%2C0%2C12287%2C0%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cen-us%2C1%2C%22One+Woman+Only%3AOnly+Women%22+and+%22Coffee%3AHot+Drink%22%2C389%2C257%2C1%2C&amp;hdnCurrPage=4">a stock photo</a>. Most of the claimed Windows advantages are things that Mac OS X has as well.</p><p>After overwhelming ridicule from the usual suspects on <a href="http://apple.slashdot.org/apple/02/10/14/1232229.shtml">Slashdot</a> and <a href="http://www.metafilter.com/comments.mefi/20798">Metafilter</a>, Microsoft took the page down, and it's now available only from Google's cache.</p> vsergu 2002-10-14T21:52:57+00:00 journal Defying death http://use.perl.org/~vsergu/journal/8346?from=rss <p>I've just done my brave deed for the day: eating dinner at an outside table at a DC restaurant. Of course, it's safer than stopping at a gas station in the suburbs.</p><p>The bhindi masala (okra curry) was good, and there were no signs of sniper-carrying white vans.</p> vsergu 2002-10-13T01:12:42+00:00 journal Microsoft amazed by 80/20 rule http://use.perl.org/~vsergu/journal/8302?from=rss <blockquote><div><p>"We've been amazed by the patterns revealed in the error reports that customers are sending us," Ballmer wrote. "About 20 percent of the bugs cause 80 percent of all errors, and -- this is stunning to me -- one percent of bugs cause half of all errors." </p><p>&#8212;<a href="http://biz.yahoo.com/rc/021002/tech_microsoft_ballmer_1.html">"Microsoft says 1 pct of bugs cause half of all software errors"</a> </p></div> </blockquote><p>Another news flash: Microsoft discovers <a href="http://news.com.com/2100-1040-961376.html">people aren't interested</a> in buying computers crippled to keep Hollywood happy.</p> vsergu 2002-10-10T17:34:34+00:00 journal Advertisers are not like you and me http://use.perl.org/~vsergu/journal/8276?from=rss <p><a href="http://www.theregister.co.uk/content/59/27524.html">More evidence.</a> The sad thing is that some morons probably did buy the service after getting the insult (the same people responding to spammers and telemarketers).</p> vsergu 2002-10-09T18:36:21+00:00 journal Always check user input http://use.perl.org/~vsergu/journal/8264?from=rss <p>The latest issue of <a href="http://www.risks.org/">Risks Digest</a> brings the stories of <a href="http://catless.ncl.ac.uk/Risks/22.28.html#subj1">a teacher who received an unexpected bonus</a> and, right after it, the accidental sale of hundreds of millions of dollars worth of stock (caused by confusion between "million" and "billion").</p><p>At least the erroneous stock sale was at the right price, unlike <a href="http://catless.ncl.ac.uk/Risks/21.81.html#subj1">this one from last year</a>, in which the price and number of shares were switched, resulting in a $100 million loss.</p> vsergu 2002-10-09T13:08:09+00:00 journal Buffy the theologian http://use.perl.org/~vsergu/journal/8098?from=rss Nat's nominee for <a href="http://use.perl.org/~gnat/journal/8043">UN secretary-general</a> has been named <a href="http://www.thedoormagazine.com/buffy.html">theologian of the year</a> by the Christian satirical magazine <a href="http://www.thedoormagazine.com/home.html"> <i>The Door</i> </a>. vsergu 2002-09-30T16:36:19+00:00 journal ... but I play one on TV http://use.perl.org/~vsergu/journal/7562?from=rss <p>The winner of Fox TV's "American Idol" competition will be <a href="http://www.washingtonpost.com/wp-dyn/articles/A34942-2002Sep3.html">singing at the Lincoln Memorial</a> September 11. Earlier, callers to Operation TIPS (the denounce-your-neighbors program) were <a href="http://www.salon.com/news/feature/2002/08/06/tips/index_np.html">routed to the "America's Most Wanted" hotline</a>.</p><p>In other news, homeland security czar Tom Ridge has tapped the producers of "Big Brother" to coordinate domestic surveillance efforts, and Anne Robinson will be helping to ferret out the weakest links in the intelligence agencies.</p> vsergu 2002-09-06T12:49:17+00:00 journal