Advogato – 18 May 2000

18 May 2000 »

work
The basics are done. I need to dot the i’s and cross the t’s. Then I can spill beans.

hackery

Downloading a big iso image for Blossom, my alpha at a massively unimpressive 10.37 kB/s. ftp.suse.com is too far away. Thinking of becoming a tempoary kernel hacker to ensure that I can use both of my processors on 2.4 before 2.3.99-pre is declared it. Also, since no one seems to be picking them up, I might have a go at fixing the outstanding security issues on Alan’s TODO list.

Advogato – 12 May 2000

12 May 2000 »

work
Fellow master procrastinators, I paid big time today. My fingers are mucho sore from doing much typing. Good thing I don’t have bad wrists (yet!).

work morphs into hackery or vice versa

But joy! A wonderful thing has happened! More on this issue once the paperwork has been done. There’s a delicious irony due at the SAGE-Au conference, which I’ll let everyone know about once the i’s are dotted and t’s are crossed (Chris/Markus if you’re reading this, don’t worry, it’s funny!).

security and punks like you!

decklin wrote:

More importantly, how do I get someone to do something about it without looking like some l33t cr4x0r?
Decklin, my advice is to write a review of your findings with recommendations required to address the issues by applying whatever set of patches or configurations required, and do some research and cut-n-pastes with references.

Now, the tricky bit. Go to the sysadmins. As long as they are not already out for your blood and have their handy LART at the ready, talk to them mano a geek. Help them understand the problem and present your review. They should fix the problem(s) you have found. If they don’t help, find their boss and present a business reason for her/him to get his/her staff to fix the problem. That’s as high as you need go. If they bite your head off, send em to me, whilst I make them aware of the SAGE-Au’s Code of Ethics, which sort of prohibits sys admins biting user’s heads off.

Now, the problem remains: if you did the equivalent of testing a bunch of locked doors by using a security scanner like nessus, nmap, or just read something interesting on bugtraq and tried it out on the school machine, I don’t blame the school for going after you. I would in their place. Do it on your own machine and learn.

If you need to repair bridges, try a packet of Tim Tams. They’ve always worked for me. If you’ve been a bad entity, double coated or bust.

Advogato – 6 May 2000

(This is a re-post from Advogato, which I no longer use.)

6 May 2000 »

life
mazeone: Sad to hear about your FOAF. One of my friends is suicidal from time to time, and I get the 2 am calls asking for help. I know I don’t know you, but mail me if you want to talk.

geeky stuff

Getting closer to reiserfs 3.6.5+ utils from working under Linux 2.3.99pre6/alpha. There’s much cruft in there. The actual module compiles and runs okay, but without a filesystem to work with, it’s all moot.

work

A client of a client is causing one of my workmates to put in zillions of hours of work per week. He only gets paid for 40. He is still there at 10.15 pm on a Saturday night. This is just wrong. This is the same client that caused me to start work at 5 am two days in a row and expected the document describing it all, including statistical analysis available approximately 30 minutes after we had finished measuring our test runs. They go live Monday. Good luck.

Advogato – 3 May 2000

(This is a re-post from Advogato, which I no longer use.)

3 May 2000 »

life
Working on getting my machine stack back in working order after an abortive attempt by Dan, my TLINetBSDG* to install a PC Card adapter into his Alpha desktop, which happens to be my cable modem’s gateway (long story). The adapter is PnP, and NetBSD’s PnP support is limited to x86, and so it’s looking grim unless he does some kernel hacking.

* Tame Live In NetBSD Geek

work

Working at A Big Client(sm) can be rewarding and fun occasionally. Tomorrow is no different: I get to wake up at 4 am for a 5 am start, because they go live on Monday, and are currently scheduling all the contractors out of hours so the market research people can work between midday and 5 pm before the contractors go back to work in an effort to make a stupid made-up deadline (see Death March, E. Yourdon, for reasons why this stuff is moronic). It’s a good thing that the work is really cool and Resume Enhancing ™.

email

E-mail was a mixed bag today. I don’t normally write about correspondance, but it was an interesting day. I got e- mails from my company saying that the possible US trip was off (bad), and another asking when my house lease was up (bad – they pay about 60% of the rent after they relocated me). Then I got another e-mail asking if I’d like to join another organisation. I think this may actually be ironic. Or it could just be karma. Buggered if I know. If you’re ever in the position of having to look after geek employees, here’s Andrew’s really easy method to look after them and make them happy:

Don’t fuck them around on the little things. Saving a few thousand per annum versus finding qualified new staff is not a saving. Penny wise, pound foolish.

Toys, big monitors, decent amounts of RAM and disk space are cheap. Good people aren’t.

Interesting and varied work with realistic and reachable deadlines is more important than pay

Pay them what they are worth in the market – but don’t be surprised if pay means little or nothing to geeks except as a method of keeping score with their peers. If you say you’re going to pay $x in bonuses, pay $x or more.

Advogato – 3 April 2000

(This is a re-post from Advogato, which I no longer use.)

30 Apr 2000 »

life
Back from Melbourne for my easter break. Had fun with many friends and visited heaps of people. Meebles’ tail had a chunk taken out of it by another cat. So it was off to the vet on Friday. He’s okay, but his tail has a gaping hole, and I have to give him a pill twice a day (oh fun!), and spray his tail with stingy stuff three times a day (he really hates that, so I surprise him with it).

On Saturday, I went to Wollongong to catch up with my friends Paul, Steven, Rory & Jane. They were there for an Apple University Consortium do, and were staying in the Nan Tien Buddhist Temple, which is very large and nice. We had lunch in the town. I pigged out on pancakes followed by more pancakes.

After lunch we went back to the temple and had fun looking around, then we took part in the chanting ceremony finishing the day off. Much genuflecting was done. Compared to other religions, Buddhism is cool.

Advogato – 21 April 2000

(This is a re-post from Advogato, which I no longer use.)

21 Apr 2000 »

Still observer, must have someone with negative karma certifying me. Oh well. It’s not important.
Installed RH 6.2 and it installed a SMP kernel, and finally it was clear to me why my box never took one of my carefully handcrafted kernels on Caldera; my HP XU 6/200 DP has a funny IO-APIC settings, and Linux 2.2.14 does it wrong on my machine, whereas Linux 2.2.10 doesn’t. 2.3.99- pre5 (which is what I need to hack on for reiserfs) also does the wrong thing. So I have a choice: lose a processor, or become a temporary kernel hacker. I don’t have time for the latter, but it looks as if there’s approxmiately one of us on this planet using XU 6/200 DP’s and Linux together.

The cool thing is that through Dan Carosone, my tame NetBSD live in, it’s because my machine already maps the second processor at ID 16, whereas the OS’s expect only a 4 bit field here, and flake out. I might make it a modulus and see what happens.

2.3.99-pre5 freezes when I use X. Good thing: when I don’t use X, reiserfs-3.6.4++ works just fine.

Advogato – April 15, 2000

(This is a re-post from Advogato, which I no longer use.)

15 Apr 2000 »

It seems that I have somehow managed to lose Journeyer status (can’t post a reply to an article), but I checked my certs and they’re all consistently Journeyer. WTF?
hackery

Working on adding extended attributes to reiserfs. As usual, it’s likely someone else will beat me to the punch. I’m working on noatime at the moment (the default is atime, which is slow for news and other spools where you literally don’t care what the atime is).

work

Managed to get Win98 onto a corrupt CD-less libretto CT100 via using a NetBSD boot disk, mounting the cd via nfs, copying across the additional utility that I thought would work (newfs_msdos) but NetBSD is so creaky that newfs_msdos is no where near as advanced as the various tools on Linux (ie works with hard drive partitions). This is why NetBSD will never win 😉 However, tomsrtbt-current didn’t boot the Libretto, so NetBSD won in this case. The yukky OS is now installed, but can’t see the PC Card floppy because there’s no driver for it. yay.

Advogato – 12 April 2000

(This is a re-post from Advogato, which I no longer use.)

12 Apr 2000 »

My bill paying life is being security architect, which is a fancy term for a prostitute(security+++). I hate it occasionally on days like today. Visited a nice startup located in the deepest darkest recesses of Sydney town (Bligh St) and went through them like a bowl of ripe prunes followed by a calming laxative. But the worst part is that they’re nice people, the product is way cool, but they can’t do security to save themselves. Tips of the week:

  • Program defensively; users will submit crap data to you from cookies, form and URL data, and anything else they can send your way. If you do not want the data from your app to appear on the front page of your morning paper, do not install the database on the web server, and do not have the dbms available to public facing networks
  • Even if you have packet filtering, ipchains or a firewall, you need to look after the remote services you offer in case the countermeasures fail, or the filter/firewall lets something through that kills you another way.
  • If you don’t have IDS tools (like tripwire/AIDE, etc) installed, your customers will tell you when you’ve been successfully attacked.
  • If you have static data, host it on a CD-ROM. It’s impossible to change this. It is possible to point the DNS entry, the web directory, and the web server somewhere else, so it’s not a panacea, but it can help. It’s all cached once read in the first time.

Dan and myself (mostly Dan) reorganised the home machine room to make the server stack much more cable friendly and moved my dual PPro back into the machine room. It’s going to get toasty in here. Three PPro’s, three Alphas, and my PII laptop should all contribute to the heat death of the universe.