« September 2004 | Main | November 2004 »

October 30, 2004

Co-Op

Revision Control

Thud. To summarize and paraphrase, centralized revision control is better than decentralized because it’s easier to implement and understand, and because it creates and enforces provably better development practices.

I talked to Michael about the Co-op and it looks like everything is going to work out just fine. Tomorrow, when Subversion 1.1 is actually finally installed, I’m going to set up a WebDAV repository using mod_auth_pam for access control and make it all happen. I’ve selected FSFS because BDB sucks major ass, causes locking problem, consistency, and permission problems and seems widely loathed. I’ve selected WebDAV because, even though it is slower and more complex, it will permit more interesting authentication scenarios. I’ve selected mod_auth_pam because, the password going over the network is less of a problem if it’s encrypted and I’d rather not have to maintain several separate password databases if one will do. I’ve selected subversion, because we happen to have a handy centralized server, and because Arch is a pain in the ass and I don’t imagine Monotone is less of one since we’d have to come up with our own way of exchanging the changesets. Plus, BitKeeper probably is better than all the others so we might as well use the best, most sophisticated centralized one, since centralized is better anyhow.

The Grudge

This is the best horror movie ever. Go see it.

Mastodon - Leviathan

This is a really, really good metal CD. I heartily recommend it.

Today

It rocked. I’m tired. See you assholes tomorrow.

Posted by FusionGyro at 04:05 AM | Comments (0) | TrackBack

October 26, 2004

TeX Shit

A short recap of 49’ers: it was awesome, thanks to everyone I got to see. I had an awesome time and it took me a day to recover. :)

Baird caught me for just a few minutes and we talked about revision control, blogging and DocBook. I told him about my recent troubles and he found for me something called dblatex which apparently lets you deal with DocBook from LaTeX. Then I found out on my own about this thing called ConTeXt, which is a completely different macro package from LaTeX with a different design, but attempting to do many of the same things. I intend to look at it in more detail and see if I like it but it doesn’t look as though there is anything like the LaTeX books for it (yet).

ConTeXt is nice looking for at least a few reasons:

  1. It has an XML processor built-in, so if you want, you can just define macros for elements and so forth and process your XML directly
  2. It looks cleaner and more flexible than LaTeX
  3. It doesn’t break anything in TeX to make it happen (not that I really cared before)

All of the example shit I see made in it looks really elaborate and pretty, especially compared to LaTeX. On the other hand, there isn’t much written about it. I may consider it for my book, or DocBook using it to create the printed version.

Baird wanted to talk about revision control. I basically go with Subversion now, not because Arch and Monotone aren’t cool, but because I’m actually lazy and I find Arch non-aesthetically pleasing. I really should check out Monotone. If anyone has, and has something good to say about it, they should tell me about it, particularly if they’ve used the other two as well. CVS is just nasty.

Anyone who likes metal or opera or awesomeness should go listen to the new Nightwish album “Once.” It rocks pretty hard.

I really should put up a page with projects I aim to work on someday.

Posted by FusionGyro at 11:13 PM | Comments (0) | TrackBack

October 21, 2004

The Pain of Filesystems

Dammit, right after my Mac comes back, the monitor on my box starts going again. Now I’ve got dark horizontal lines wherever something dark is. I’m ready to slay Sylvania, this is the second time this monitor has died on me in three years.

So, here I am thinking about what a fucking disaster networked filesystems are currently, when I get this weird idea.

You see, I just tried to install Coda on FreeBSD. There is apparently a kernel module for Coda, though I’m not sure what version. Coda version 6 builds and installs on FreeBSD, both client and server. Setting it up is such a nightmare, they’ve included a helpful script to get you going with it. You discover during this set up that it wants partitions to hold log files and “RVM” data, that it hates changing any of these configuration parameters after being installed, that it needs about 6 servers to be running, and that it’s very picky about the values in the configuration file. So fuck it.

Then I thought, all I really care about is that people be able to get at certain files in a securely authenticated, encrypted tunnel kind of way. I’d like it to look like it’s in the local filesystem, but I can’t actually say that I care. So maybe what I really want is Subversion. That way, the nimrods get access to the files, they don’t get to write unless I want them to, plus we have all this handy-dandy distribution. I could rig some sort of replication into it, too, have some other damn server just pull the changes every few hours and set up failover to it.

So the question is, can Subversion be the next distributed filesystem? Is it possible that all I really want is some way of “mounting” a Subversion server locally and then notifying the remote server a la COMMIT and ROLLBACK from a database?

It looks like others have had this thought too but nothing seems to have come of it. Plus I don’t really want it backending into shitty WebDAV or messy Coda, if it could backend into (say) FTP or NFS.

This of course brings us up to the state-of-the-art of VMS in the mid-70’s, with a correctly versioning filesystem. Except not, because the transaction concept is still manual. I’d like to be able to copy a file, make a bunch of changes to it (saving between each one) and then say “actually, roll those uncommented commits into a single commented commit with this text.” Of course, the system would preserve the original transactions, but would by default show me the named ones for convenience. Or something.

I think this bears scrutiny. Kerberos is based on the concept of having a single auth server and then a bunch of app servers, with the user being at home on their own box. It doesn’t really fit with this model to have this huge monolithic file service running on a shit-ton of iron in the back room just to serve me my Nethack high scores, not when I could just check out the stuff I intend to modify, work on it, commit it, and then have a transactional, fully versioned FS on top of it. I mean, consider it—99% of the time, when I access a file on the networked server, it’s either some fucking binary, or something that’s just mine. In the cases where it’s some fucking binary, we might as well use goddamn NFS, or just have fucking copies and use rsync to update ‘em. For that matter, if speed were to become an issue with the initial checkout, use rsync to make every client a peer for it’s own files, and then when the original server comes back, synchronize. The beauty of Subversion is all the mystical merging it can do anyway, right?

So what do we wind up needing? Some sort of hierarchical failover for Subversion, and a few scripts to checkout and checkin on login and logout. Kerberos support for Subversion, but we could just as well use subversion over SSH, and have Kerberos auth it to that.

What do yall think?

Posted by FusionGyro at 10:32 PM | Comments (1) | TrackBack

October 20, 2004

Kerberos 'n Shit

The laptop came back yesterday. That was 5 days (over a weekend, no less) out of an anticipated 14-21 days. Go Apple! Next time I’m definitely getting the fucking AppleCare.

I’ve got Kerberos working at home, not quite sure why the fuck I care because it’s not exactly going over the network. I guess it was partly because I want to be using AFS or something similar to it for Project SOULTRAIN. There isn’t much to be done about the fact that files need to be shared, and though I’m happy to implement all of the meta crap in Lisp and Prolog, I just don’t feel like implementing a distributed filesystem in it.

Since my blog tends to have lots of lists, here’s me knocking down all the network filesystems out there:

Apparently, the concept of a portable, distributed/cluster/network filesystem is just a far-off dream. You can have portable, or you can have distributed/cluster/network filesystem. Oh wait, I just realized, I forgot NFS4, which is like NFS but without the locking issues, with Kerberos authorization, with failover and volume management, and without a single open source implementation. :-P Someone needs to get out there and implement this in a way that’s secure, that scales, that doesn’t suck and maybe works on all free and a few commercial UNIXes. This can’t be that hard.

Some fuck is going to reply saying “Why don’t you just run Linux?” Well, the point isn’t that I hate Linux or won’t use it again. In fact, today I found out at work that I’m going to be in charge of a new hosted server, probably from 1and1, and you just know I’m putting Gentoo on that mofo. The point is, when I have a computer in the back room running some-fuck-platform, and a Mac, and this ancient cube POS I just adore running OS-du-jour, I’m going to want to be getting at my files from any of ‘em. I’m not installing Linux on my Mac to get at my music. So, it’s got to be cross platform. Which means, in all probability, it’s got to be NFS, or Samba, or Netatalk, or some other ridiculous thing that is meant to work (poorly) anywhere.

Code Note: The ./configure didn’t work, but according to README.BSD, I’ve already got Coda in the kernel. Which would be a great alternative to all this sucking, now it’s just a matter of making it work with Kerberos and, I dunno, building the fucking server.

On the job, today I wrote my secondish threaded program. It was a complete disaster, and I don’t think it was my fault (though I’m not sure I can prove it). Basically, I was creating 50ish threads to do DNS resolutions and write them to the database. With a timeout of 5 seconds, we should have seen them all retire within 5 seconds. Instead, they were all retiring for the first time in ~4 minutes, which is consistent with multiplying the numbers together. In short, what I’m afraid may have happened is this: App creates a thread 1, which creates threads 2 through 51. Thread 2, upon waking, resolves some server, resulting in an OS-level block. If the threads were implemented as user-threads, in other words with RB cooperatively tasking all of my Threads in the one “real” OS thread, then I would see this behavior, and the linear behavior we see. If the threads were implemented as OS threads (the right way, we’ll call it) then we should have seen no lag, non-deterministic responses, and it would have been fast.

Well, what we did see was random in a deterministic way. What I mean is, it would do 3, then 10, then 13, then 14, then 15, then 21 etc. The second time around, it would do 3, 10, 13, 14, 15, 21. Not linear, definitely deterministic, but not… correct. Furthermore, it would always go down the list, wrapping once it hit 50 or so.

This smells like shitty threads to me, not really my fault. Tomorrow I’m rewriting it to work with a Ruby script executing 50 of these in parallel. I think I can do this with something gross like this (in sh-like pseudocode, for those not fluent in Ruby):

function next_id() { ... }
function more_ids() { ... }

# start the initial 50
for i in $((seq 50)); do
    looker-upper next_id &
done

# start another process everytime one of the 50 dies, until we run out
while more_ids && wait; do
    looker-upper next_id
done

# cleanup; wait for our kids to die, or else we'd just slay 'em
# and nobody wants that in software
# (49 because one of 'em already died to get us here, or else I'm thinking
#  too hard)
for i in $((seq 49)); do
    wait
done

So, yeah, I’m pretty much basically just offended. Fuck.

In better news, I’m looking forward to 49’ers. I’ll probably get drafted to carry or something, which I’ll do a little bit of in a half-assed way, then realize I’m not even a student and fuck it. Should be fun, I haven’t seen any of my friends in the flesh in months. It will be good to get away from the computer for a little while, and go fix Harry’s. :)

Posted by FusionGyro at 10:52 PM | Comments (0) | TrackBack

October 14, 2004

Scriptions

Today I took Alex to the doctor. We basically got all of her medical problems dealt with in one day, in about 2 hours, for which I’m completely amazed. So we have prescriptions for Zoloft and her thyroid medicine, and we also dealt with the whole birth control issue. Fortunately, her prescriptions are pretty cheap, and there’s some kind of program where the pharmaceutical companies will pay for your medicine in certain circumstances, and we’re going to try and get in on that action.

When we were getting the prescription filled, I notice an awesome clock in the pharmacy part of Nambe Drugs: instead of numbers for the hours, it had alchemical symbols! Plus, it was this nasty yellow color that made it look at least 40 years old (though I really have no idea). I think next time I go in there I’m going to ask ‘em where they got it or offer to buy it or something.

As for FreeBSD, I must say, I am liking it better than Linux right now. I’m not sure why although it seems to be more stable and solid. Plus, there’s the whole fewer G’s angle. I don’t have to put a “g” in front of every command I type. That’s gotta count for something.

I’m running 6.0-CURRENT, which means basically bleeding edge “don’t use it unless you’re a developer for FreeBSD, it’ll suck, we warned you!” It’s pretty damn slow right now, but I’m making a new kernel for it as I write this, and apparently I had all the debugging conceivable turned on: spinlock debugging, debug mode, debug symbols, built in debugger, etc. So it’s not very snappy yet but it also doesn’t seem as prone to wacky failures like missed mouse clicks or weirdness. I also once again seem to have found a configuration for my monitor in which it fucks up less, here’s hoping tomorrow it still is behaving well.

That’s about it.

Posted by FusionGyro at 11:45 PM | Comments (0) | TrackBack

October 13, 2004

Bill!

So, Bill has now explained that his situation is basically what mine was with Nikki and Kim; he can “date” Erin and still be with Talia. So I guess I have to eat my words again. :-P Fuck you Bill, for making me eat my words. You just can’t win.

I discovered today that KDE isn’t as good as I remember. I’m using 3.3, the newest version. Having basically been using nothing but a Mac for the past six months or so, this sucks. Every app has it’s own weird quirks, there is no UI cohesion, a complete lack of polish. I got Harry to use Firefox, because it’s really good, and he was asking me tonight if he needed to put a disk in to save something, because Firefox says “Save to Disk?” instead of, well, “Save.” I tried to drag an icon off the task bar to get rid of it, and it was like “you want to make a link on the desktop?” The most annoying has been telling Alex how she changes to her login: you hold down control, alt and F10, but they have to be left control and left alt. On the Mac, you go to the upper right corner with the mouse and pick your name

This is annoying me even more, because these little touches are easy to program—trivial, compared to (I don’t know) the browser they’re sitting in. The X-windows switching thing wouldn’t be very hard either, but we don’t implement it. Why not?

I think we aren’t doing it for several reasons:

So I’m looking at needing a new computer, potentially very soon but hopefully not for a while, and I’m thinking “Gee, I could build me a sexy mini-ITX form factor computer for like $1000 or spend $3000 on a Mac desktop or notebook.” But I’m starting to see that when you buy a Mac, you aren’t getting “a computer.” You’re getting a computer with no heartache and no headaches, in which actual thought has gone into just about every step of the process. I’m a professional programmer, I have no difficulty using pure Unix. It’s just such a hassle for day-to-day life. Isn’t that why we have these personal computers anyway?

Today there was rain and snow. I hoped it would calm down these fucking Españolan fucksack drivers, but no, they’re quite happy to go 15 over the limit through puddles of water in fog with zero visibility. And you know, I can understand driving that way—to get out of Española, but not to get into Española. How can you be in such a hurry, you don’t care if you survive to get where you’re going? At least in Albuquerque and Socorro, people go ~5 miles over the limit. Up here, people go ~15-20 miles over the limit. Frankly, it’s frightening and exasperating.

So now I’m installing some new fonts so that I can look at my screen and not have my eyes bleed. It looks like it’s going to take a while.

I’m not sure if I mentioned it already or not but the laptop’s logic board is fried. This is considered a known issue, Apple’s sending the box overnight, we should get it tomorrow. We put the computer in the box, get it back in three weeks with the board fixed. I’m glad I don’t have to pay for it, but otherwise, I’m pretty let down about the whole thing. I guess that’s life. Even Apple makes shit from time to time.

Posted by FusionGyro at 11:50 PM | Comments (1) | TrackBack

October 11, 2004

Clan Melodrama

Allan’s back. He’s being tight-lipped about why he went to Austin.

Bill apparently lost the clue he had briefly regained. He’s now officially going out with Erin. Bill, I think I speak for everyone sane when I say: you’re pathetic.

Netflix

Alex and I have been Netflix subscribers for about 3 weeks now, and we decided to upgrade to the 5-at-a-time plan. This apparently made our next set of movies a day early—they’re coming on Friday rather than Saturday. I hope that keeps up.

The Weather

I’ve been meaning to mention this for some time. The weather around here has been fantastic for the past week. There have been interesting, bizarre cloud formations for the past week. Last Monday, there was fog in the morning, and there was that bit of hail that was really only felt in Socorro. It’s been dreary and rainy. Truly beautiful, makes me think of far-off lands where moisture is common, maybe even under-appreciated.

Eric says we’re undergoing a climatological change due to global warming and so forth. He could be right. This is definitely the wettest year I can remember, and no matter what those fucksacks on TV say, NM hasn’t been in a drought these past N years—NM is a fucking desert. And now, it’s moist.

How strange.

Posted by FusionGyro at 08:23 PM | Comments (0) | TrackBack

October 10, 2004

Happiness of the Katakuri's

This movie gets the big raised eyebrow.

The plot concerns an extended Japanese family who run a small bed & breakfast on the unpopulous side of Mount Fuji. They apparently purchased it run-down, and fixed it up. As the movie opens, they still haven’t had any guests. Under strange circumstances, they have five sets of guests over the course of the movie, of which three sets perish—not killed by the Katakuri’s. To save the guest house, they decide each time to bury the bodies down by the lake, as it would be fiscal suicide for their first guest to die under strange circumstances.

The film uses a variety of techniques that seem cribbed more-or-less outright from Peter Jackson: claymation, disgusting food scenes, and strange musical interludes. Indeed, there were at least four moments when suddenly, the movie presents you with musical theatrics replete with singing, dancing, and (in one case) a sing-a-long.

If you like strange movies, you should check it out. I’m not sure what I think of it.

Posted by FusionGyro at 10:21 PM | Comments (2) | TrackBack

Kwaidan

We actually watched this movie last week. It was in the horror genre on Netflix, but Alex and I agree that it really wasn’t scary. The only other genre it might belong in would be mythology, if that were a film genre.

The film is set up as four short ghost stories. The first was predictable, the last was sort of a directionless Lovecraft rip with too much silly combat. However, the middle two make it one of the better Japanese movies I’ve seen lately. The second story concerned The Snow Maiden, and was both effectively creepy and romantic. “It was beautiful, that’s what it was” says Alex. The third story was an excellent restless spirit tale.

The movie overall gets recommended for the excellent sets, colors, tone and mood. I intend to own it someday, because it was captivating and immersive in a way that few movies are. I’d give it 4 stars. Alex wasn’t all that impressed however.

Posted by FusionGyro at 10:08 PM | Comments (0) | TrackBack

Allan's Back

Apparently, Allan went outside for a breath of fresh air, decided there wasn’t enough air in Socorro, and went to Texas.

I patiently await the full story.

Posted by FusionGyro at 09:37 PM | Comments (0) | TrackBack

October 09, 2004

Allan is Missing

Allan Poindexter is missing. He’s been gone about 22 hours. I don’t have room for anything else in my head right now.

Posted by FusionGyro at 07:03 PM | Comments (0) | TrackBack

October 08, 2004

Elucidation

So, clan update.

By the way: when I say “it has been pointed out by many people that there are inaccuracies in the below entry” it means “bitch, be cool, don’t email me just yet I’m getting there.”

The Events

Bill didn’t drink. Mattax did, a little, but took off his top because that’s how he relaxes. So Bill has no excuse for what he was thinking about doing.

Bill deserves commendation, both for his extremely frank email to me, and also for realizing the error of his ways. As far as he’s concerned, a full ROLLBACK to the pre-Friday. So, no Erin, more Talia. Go Bill!

Mattax still dumped Julie in a rather nasty way. He may or may not wind up with someone else, when he’s good and ready.

Bill says there isn’t much drinking at the clan apartment. He says it’s just your normal college kid drinking. I say, fuck you Bill—we all know there was functionally zero clan drinking at the outset. Jarrod always drank, but never made it a Clan thing. Then you brought your booze over when you moved in from West, and occasionally drank with your old I6U buddies. Then Mattax wanted in. Then it was just you and Mattax. And now everyone does some. This offends me, but whatever. If you guys sell out, waste money, kill brain cells, and have a shitty time, that’s your business. You’re still my friends. Even if you all decide to wear no clothes but smear mud and pigshit all over yourselves, constantly jacking each other off in the filth while feasting on rotting entrails and scabs, you’re still my friends. I still care about you. “Your data is safe.”

Of course, I’d probably say these things either way.

To The Maligned

As far as I can reconstruct, nothing really of any importance occurred, apart from Julie catching Mattax half-naked with her perceived replacement. As of right now, all that’s really come of this is Julie (rightly so) feels slighted. I don’t think anything else will come of it.

Weiss: I find drinking distasteful. When I say “wait for corrections” I don’t mean “bitch about lack of corrections.” I mean, calm down or get your own blog. Your actions lately, however, are highly commendable. I’m glad you figured out that no sleep + 3 jobs + 17 credit hours + fucking Compilers + a girlfriend + gaming + (gee) a little booze equals “I’m fucking confused, and shouldn’t make important decisions right now.” You should consider teaching this to the rest of the gang.

Mattax: What you did to Julie is Wrong. I say this because I haven’t talked to anyone who thinks you did it the right way. You yourself said, you didn’t intend to break up with her, things just worked out that way. Well, next time, make them work out a better way. As for anything else—your prerogative. FWIW, I believe your story, and I don’t think you would really be stupid enough to expect anything to develop with Jenna. Now get a damn blog so others can get it from the source. This is, after all, what blogs are for and about. I’ll even help you install a spell-checker.

Everyone else: Y’all are a bunch of fucksacks for giving Allan shit. I spoke to Allan and Eric before making my first post, since then I spoke to Major, Bill and Mattax too. Nobody hid a damn thing from me. Which is good, because even if you were hiding it from me, I’d still be hearing it from Eric, who was hearing it from non-Clan people. That’s right, the hideous details of our social lives are such a non-secret, it’s difficult finding people who don’t know about them. So when I call, yeah, I want to know, and yeah, it’s probably going on the blog, and yeah, you shouldn’t give a fuck. Eric was right in calling it “Days of Our Spum.” Grow up.

Special Message to Brian, Jarrod et. al.

You were right, this shit should have been addressed before I left. I want to talk to you guys about implementing your plan for decentralizing this club, getting some fresh air in, and reducing the level of wack inbred antics before they actually start to become as interesting as I was lead to believe they were. I’ll be emailing you both about this soon. Anyone else who was party to this should let me know so they can get in on the emailings.

Things of Greater Importance: Lisp’s CLSQL

I discovered by far the best object-relational mapping system, unsurprisingly, for Lisp. It’s called CLSQL. It works via a slight modification to the class system and a reader macro for generating SQL. So you have basically two ways of interacting with it: proper row object instances, overloaded with whatever methods you like, and nifty Lispy SQL statements. You get complete database interoperability, including multi-value primary keys and foreign key constraints. This library is the shit. Check it out, if you know what’s good for you.

Things of Still Greater Importance: Paul Paquette’s Blog

Paul has rejoined us!

Posted by FusionGyro at 12:08 AM | Comments (4) | TrackBack

October 04, 2004

More on the Clan, Film at Eleven

It has been pointed out by many people that there are inaccuracies in the below entry. I will be fixing the inaccuracies tomorrow when I have what I consider to be a fair and reasonable picture of everything that has occurred. In the mean time, all I really have to say is: disregard the comments about Brian, which are untrue (he was not involved in the Erin being topless portion) and note that Major has now decided to excommunicate himself. I believe he may be the only person involved more-or-less directly with the situation who has responded appropriately.

Lame, ill-informed, foolhardy actions are being taken by several members of the clan. I cannot talk them out of it, though I would like to. In fact, it’s really not my place to try. I will keep my harsh words limited to this forum because I don’t have any real reason to hide anything here, where basically no one reads.

I will try to remain friends on a personal level with as many members of my soon-to-be defunct clan as I can. I will try to make it 100%. I just know I can’t abide by the level of random stupidity which is now considered normal.

I’ll talk about this more tomorrow.

Posted by FusionGyro at 11:50 PM | Comments (0) | TrackBack

October 03, 2004

Failure

My clan apparently has devolved into a group of slobbering drunks. Don’t get me wrong, I still love ‘em, but Allan told me about Thursday night’s sexual weirdness and I think you’ll agree, it shows that stupid repressed sexual urges should probably stay stupidly repressed rather than revealed in the context of drunken shenannigans.

Evidently, everyone was drinking, which is now normal, and somehow Bill, Brian, Mattax and Erin wound up topless together in some room. This strikes me as doubly asinine because:

  1. Brian is married
  2. Bill and Mattax both have attractive girlfriends
  3. Erin is… Erin

Julie showed up, wasn’t allowed in the room, Jenna and Mattax left the room (apparently she could contain her excitement), Mattax goes back in the room, Allan wises up and leaves.

So the question of the hour is, by God, did you morons have any idea drinking could lead to this much fun? I bet I get a lecture from Brian about it being none of my business. He’ll be right, but goddamn. I can’t conceive of an explanation for this which will make it sound reasonable or understandable. The story itself just oozes with the kind of lame foppishness I don’t expect from my clan, the style of overblown sexual tension that makes theatrical British matrons giggle that shrill, soul-offending way. Imagine an X-rated, tit-out Jane Austin novel—gleefully retarded, socially reprehensible yet socially obsessed, and you may come close to what I’m picturing—a scenario in all ways deserving of immediate decimation with extreme prejudice.

Wake up, you tards. You aren’t having “more fun,” you just managed to dull your senses enough that you can’t tell that you aren’t. The glory of the old clan was that we could all be ourselves around each other. The most obvious symptom of a failure of this system is the need to inebriate to tolerate and converse. We used to like each other. We didn’t need to get drunk to socialize.

Insert Major-esque “I’ll feel bad about this in the morning and wish I hadn’t said this” disclaimer here.

On to the usual computer shit.

On Thursday, Michael and I spent 3 hours trying to get an SSL certificate installed from GeoTrust. For those who do not know, SSL is a complete and evil racket. The idea behind SSL is that you trust the host you connect to, because some certificate authority or CA signed the certificate. In actual fact, people trust SSL because it’s so hard to crack (ha! at Bill’s work they crack it every day). Meanwhile, in the real world, we treat SSL as being nothing more than an encryption mechanism, and rightly so.

Look at who created SSL: Netscape. Everyone liked their browser the best because, among other things, it gave very thorough security information. But the security information was used as a ploy, because Netscape more-or-less invented SSL, and if self-signed certificates were just as good as “official” certificates, nobody would pay $400 for them. Netscape knew the browser market was going to fall apart, it had to. Not-too-unfamiliarly, Netscape created a great deal of fear through the browser warnings, which were quickly replicated in IE; this fear propelling SSL certificate sales. Today, most people are unaware of the trust angle—because it’s irrelevant.

Do you know where the trust comes into it? When buying a certificate, the CA is supposed to go to great length to verify your organization, your ownership of the domain in question, and all the other data you provide. In practice, they delay for a few minutes and then give you the certificate. There are tons of CAs that specialize in bargain-price certificates, but it doesn’t matter, because as long as your CA is signed by one of the toplevel CAs, all browsers will trust them.

Suppose I have some secret data. I give it to three people I trust: Alice, Bob and Oscar. Alice and Bob always verify who they give this data to by going to great lengths checking their character. Oscar, on the other hand, says “give me $20, and I’ll let you know.” Is it safe for you to assume that the secret is safe? Would it be reasonable to program all computers everywhere to trust in the secret data? Because that’s how SSL works.

Anyway, yesterday the main failure was seeing the guy pulled over in the left turn lane, standing in the door of his truck, taking a leak. In the middle of the road. During rush hour. God I hate this town.

There were other intermediate failures though. I was setting up Mail.app for Alex, and apparently it doesn’t take too well to being told where its folders are going to go unless you have two accounts set up in it. I was only setting up one. I tried to do a pvmove on my Linux box so I could free up a hard drive and install OpenDarwin, FreeBSD or OpenBSD on it. Well, the LVM2 implementation for Linux 2.6 doesn’t support ioctl msg 9, meaning doing a pvmove /dev/hda5 caused it to make a big temp logical volume but not actually move any data. I downloaded the newest version of LVM and 2.4 kernel, because they fucking don’t support 2.6 anymore. It did get done though, eventually.

At one point in time, I told all my friends to go with LVM. At the time, I was right. We’ll call this period of time “the Golden Age of LVM” and we’ll say it lasted basically from LVM 1.0 to when Linux 2.6 came out, a period of about a year. Then we had to upgrade to the new device-mapper/LVM 2.0 buttsex, which didn’t work for a while and then was painful to use. Apparently they never implemented pvmove in 2.0. Now they have, but they haven’t made it work on the modern 2.6 kernel. So fuck them, I was wrong, avoid Linux Logical Volume Manager like the plague. It is ass. You’re better off with RAID anyway, so just fucking do it. This was apparently a mistake along the same caliber as recommending XFS, and I apologize.

Why OpenDarwin, you ask? Because I’ll be taking this box in to work and using it as my own private staging server, and it will be helpful if it is running an OS comparable to Mac OS X. But it’s a PC. OpenDarwin is as close as I can get, and I think it will be just fine. All of my hardware is supported. I reserve the right to eat my words—I’m already expecting to put FreeBSD 5.3 on it instead.

Posted by FusionGyro at 01:28 AM | Comments (1) | TrackBack