I happened across a job posting at ILM tonight. Holy shit would that be cool. I've wanted to work there since I was 10 years old.

Once it's filled that page will likely go away, so here are the job reqs:

Systems/Tools Programmer (Python)

Department: Information Systems

Position Summary: Develops tools and applications to assist productions and CG Resources in managing resources, render processes and CG assets. Provides support to individuals and groups using these tools.

Responsibilities:

• Improves, develops, tests, maintains, and documents script libraries and large-scale applications for use by CG Resources and ILM Productions.
  
• Develops and distributes new systems and script releases and maintains relevant versions and libraries; assists with and follows up on integration.
  
• Receives requests and changes from Resources and Productions. Performs analysis, develops and integrates these changes into existing scripts and applications.
  
• Troubleshoots specific tools/applications issues with users and provides guidelines and assistance for all new development occurring outside the department.

Education, Experience and Skills:

• Bachelor's degree in Computer Science or other technical degree with 2-3 years experience in a professional software development environment required. Demonstrated ability to serve as an effective contributor on mid to large scale development projects.
• Proficient in UNIX.
• Python experience required. Shell and scripting language such as TCL or perl WBN.
• Experience with C or C++.
• Experience with computer graphics production a plus.
• SQL and database experience a must.
• Familiar with software development and Quality Assurance practices.
• Good communication and organization skills.

I got a darn good gig, but that right there is my dream job.

Google got named the Best Company to Work For in America. I certainly think it is (can't seem to convince any of my former co-wokers of that, however). Couldn't imagine a better place to work, in fact.

I was reading through the article and on a lark took their quiz to see if I was fit to become a noogler. My results:

Score: 50/60 points

ANALYSIS:
You've got the basics, but you're not ready to be a Noogler yet.

Oh well. I guess I'll give my resume to Yahoo.

Seriously though, the quiz is wrong. Question #5 has one wrong choice and one partially wrong choice. I chose the more obviously wrong option, and was in turn "wrong". I should write them and have them fix it.

Also, I though this list of interviewing do's and don'ts was interesting. In all the interviews I've done there, I haven't brought up GPAs once. It's on the resume you see before the interview, you note it, and move on. Nobody wants to "talk about any B's you might have received". Baloney.

Under the don'ts, the only one I have an issue with is #4. People mention the competition all the time (especially if they've worked there). I couldn't give two shits where you went to school and what your grades were, but if you worked on some kickass project at a cool tech place, by all means talk it up! Don't go into the interview with code samples and internal documents (it happens, and it means a really quick end to the interview process), or discuss anything confidential or proprietary while there, but there's not a single bit of harm in relating what you did to solve a particular issue at Company XYZ (even if, and maybe especially if, it had nothing whatever to do with tech). Talking about conclusions you came to and decisions you made can lead to some interesting discussions, even when it's very hypothetical or the nitty-gritty details are necessarily obfuscated.

It's all about how you solve a problem and how you think about problems that matter most. That's what the interviews are about, for me anyway.

That and, well, making sure that you don't smell weird.

I've been reading this comic kxcd, and I'm loving it. I had come across it before (the sandwich one got forwarded around a lot), but hadn't bookmarked it I guess. I started from the beginning and went back to read them all. My favorite comic so far:

Though they are all pretty good (this one I found especially amusing). Surrealist, absurdist geek humor gets me in the gotcha.

Came across a really great .sig tonight:

The two loudest sounds in the world: a bang when you expected a click, and a click when you expected a bang.

Heh heh...

First off, I'm really sorry that you're going to have a bad Monday morning. I'm sure there's some procedure for recovering or resetting a password on whatever brand of ATM that you have there, so things won't be too bad for you. I promise that I didn't mess with anything but the password. I'm not cruel or vindictive, I just wanted some beer money. You have to understand, however, that it's really your own fault, anyway.

When the printer cable fails or gets disconnected from the printer in the ATM, the machine should page someone -- it's connected to a network, for crying out loud, and it can do that sort of thing. It shouldn't sit there saying "Printer cable attachment failure" with an option to go into admin mode. People tend to stick their card into an ATM before they read the screen, especially if the screen in question looks like it has a normal "Welcome" message and side-button options. God forbid someone get it stuck in there. I consider myself lucky I saw the screen before I tried. And it really shouldn't say any of these things when it's the only ATM in a 4 block radius from the cash-only bar my friends were at.

Really, the machine should display something like "Out of Order" in a big flashing font. Or it should shut down completely. It shouldn't taunt users with the fake promise of twenty bucks. It definitely should not taunt chronic button-pushers like me with words like "admin mode". Some things should never be done.

In spite of your hardware failure (and lack of response to same), we got a couple drinks no sweat; everyone understands that these things come up. But your error message (or lack thereof) annoyed me. Apparently it annoyed someone else, since your machine had been out of order long enough for grafitti to be written on it saying that it was busted. I don't know how long it takes a non-working ATM to be vandalized before the punks with sharpies get uppity, but it was that grafitti which caught my eye as I was leaving the pub and walking past the annoying ATM again. I'm not sure how I first missed the message the miscreants left, but they were more helpful than you guys seem to have been.

Having said all this, you guys need to either:

1. Pick better admin passwords
2. Change the lame default admin passwords

Otherwise, some annoyed person with a couple beers in him will be walking past the machine which failed him an hour earlier and he will find your lame password, and then he will poke around in the admin menus until he sees the "" option. At that point, a bad day for you (whenever you do decide to fix your ATM) is an eventuality. It's just not my fault, see. Those sorts of menu options are like crack for some people.

Anyway, I'm sorry if I made your life temporarily difficult -- I've never had root on an ATM, and it was too much fun to resist. But you try harder to keep your ATMs working, and I'll try harder to push fewer buttons, OK?

Signed,
? ? ? ? Wee

P.S. No, I will not tell you what the password was changed to -- you'll just have to guess. But here's a hint: if you were texting someone with those 5 numbers, you'd be able to use the letters "f", "u", "c", and "k". You might even be able to re-use a letter...

Been playing EVE Online since May. I started out doing low-level missions, mining, stuff like that. I started training up combat skills early on, and I guess it paid off. I had 4 ships on me and I killed 3 of them, with a friend. Here are the stats of my third battle.

My first battle, I died horribly: never got a shot off in fact. I was 2 weeks old. My second battle was last night. I was in a cruiser and got a battlecruiser to run away after a long fight. Tonight I saw a guy in a frigate dock at the station I was docking at. I called in a corp friend and we waited for like an hour.

After a while I left the station, figuring he'd forgot about me. Turns out he got 3 friends to dock in the meantime. I go to redock, and 4 of them pop out, all spewing drones. My corp friend was elsewhere, looking for the guy we were waiting for.

I killed one guy fast. I think he was in a frigate. The other three were one frig and two cruisers. I yelled for my friend, started shooting one cruiser. Friend showed up, the cruiser died. Friend trapped the other cruiser, we killed him. The last frigate ran off.

Turns out I have pretty good missile skills, and not a bad tank. I was wondering about that.

It was some of the best online gaming I've ever experienced. I was scared to death. In a online gaming way, I mean. In EVE, if you lose something, you lose it. You don't respawn with the same ship. You're dead. So it's a little different than games I'm used to playing.

Here's the corporate chat of the event:

Aggravated > i love the rupture best cruiser thier is imo
Sidiion > rup is nice rax is 2nd
Ico Seduvaar > I killed a rax tonight.  with my caracal. :-)
Sidiion > my rax is not a newb rax thou
Ico Seduvaar > I bet
Ico Seduvaar > in the end, skills are what matters
Sidiion > 5 t2 small nuetrals
Sidiion > big tank =)
Aggravated > ico like insta popped a rax, rifter and a celestial
Ico Seduvaar > I've been training a little bit.  but need more pvp time
Sidiion > plp must not have had any armor or resists on
Sidiion > rof only bonus i see diffrent really between rax/rupture
Aggravated > well the celestial had a t2 med rep dunno what else
Ico Seduvaar > he died pretty quick.  but I have no other real battles to compare 
against.  except that brutix last night.  he ran off

I've been training PvP skills for 3 months, not knowing how they play into the fabric of the game, just guessing that "this might be good to have". Then I get a decent run one night by accident -- and I got cred with the corp, too! Been there a month, haven't done shit with them. Having a corp-fellow say I do well is nice. And now, I want to go full pirate. Y'arr!

I have a sneaky suspicion that I'll start seeing a lot more enemies around that system I was in. And I'm sure I'll get killed before to long (it's inevitable, really). But it was cool that my first real battle worked out in my favor.

I thought I'd add that any geek ought to read The Daily WTF. There's some really good stuff there.

If you make changes to the source of an application that you're writing, you have to recompile the app before you can see the changed behavior when your binary runs. Really! Who'd have thunk it? It's an amazing revelation, I know.

Talk about brain farts. For the past 10 minutes, the entire office has stunk of them...

For some reason I find stuff like this fascinating. That's a distribution of names from the last U.S. census. Looking at the surnames file, I can see that my last name is the 297^th most common surname in the country, with 0.037% of the population sharing my last name. I thought it was more common than that.

Varga is 6248^th (0.002%), Crawford is 132^nd (0.068%). Brown wins at 5^th place; 0.621% of the U.S. has that name. Lo isn't doing too badly at 3049^th place (0.004%). Suiter is way down there at 7179^th (0.002%), Walker is 25^th at 0.219%. That's more popular than I thought. Marion comes in at 1873 (0.007%). Probably not surprisingly, Kennedy is at 137 (0.067%).

I guess if I had to steal an identity, my new name would be "Brown".

This is one of the funniest pictures I've seen in a long, long time:

One of the few times I've actually L'ed OL when seeing something online.

I've been aiming to set up my router with a special version of Linux. It makes it handier for certain things. Trouble is, the newest routers fron Linksys are hobbled. You need formware version 4 or below to do anything special with them. The best way to tell which version is which is by looking at the first four characters of the serial numbers (which can be found on the bottom of the retail box). Here's the breakdown:

CDF0 = wrt54g v1.0
CDF1 = wrt54g v1.0
CDF2 = wrt54g v1.1
CDF3 = wrt54g v1.1
CDF5 = wrt54g v2.0
CDF7 = wrt54g v2.2
CDF8 = wrt54g v3.0
CDF9 = wrt54g v3.1
CDFA = wrt54g v4.0
CDFB = wrt54g v5.0

Anyway, maybe I'll head out to the Circuit Shitty and pick one up for playing with. And now I have this handy reference for when I do! Ain't that just something?

This guy makes some really cool movies. I liked Tetra Vaal the best.

There's a company called Retrobikes which makes a new version of the Honda Trail 70. It's nearly authentic, too. Except they give it electronic ignition, 12 volt electrics and a better clutch. That has got to be hellaciously fun.

Man, that's just the coolest thing I've seen in a long, long time. I think I've got to get my old, rusty 1971 Trail 70 back from my brother and see if I can get it running again.

So my new radio station has it's first DJ. He doesn't have a name, per se, so I'll have to think one up. But the guy is tireless, a real workhorse. He's on the air 24/7. Though he can be a little hard to understand at times. That's because he's from Scotland.

He reads the song titles every once in a while, has a selection of 8 different pithy sayings involving the callsign and frequency, tells you the time every so often, and even belts out a random quote or two from /usr/bin/fortune a couple times a day. I had him reading the first chapter of "War of the Worlds" earlier as a test. Guy didn't mind a bit. Pretty soon he'll be able to tell us the time, the weather forecast for Sunnyvale, and a couple of stock quotes at the top of every hour.

On a related note, I've been doing some testing, and I wound up having to change my frequency. 106.7 was really crowded. Or, I should say, far more crowded than 107.9 which has only basre static on it. And it's kinda nice being at the end of the dial.

I've had this idea for a long time where I pipe my MP3 collection throughout the house to where ever I need it. I used to have everything running through these crappy RCA wireless speakers when I wanted tunes outside. Sometimes I pulled a speaker into garage. But it was mono, and the frequency response was appaling. I'm no stereophile by any means, but when the static is as loud as the music, it's better to listen to the birds chirping and cars driving by.

For regular use, I've got an Audiotron hooked up to my home stereo. But to get sounds from there to outside, I'd need to run wires. So the idea hit me that if I could get an FM transmitter hooked up to one of the spare computers I've got laying around, I'd be able to have tunes anywhere I care to place a boombox!

Well, my FM transmitter came in the mail today, so I had to stop everything I was doing and get it hooked up.

Some twiddling with mounting Windows shares and a few perl scripts later, I'm glad to annouce that KWEE 106.7FM 107.9FM -- Super Sounds of Silicon Valley is on the air! If you're in the area (within about 150 feet of my office), give us a listen!

So far it's played Mozart, They Might Be Giants, Billy Preston, and Louis Prima. Got another 996 songs to go on this playlist, but it'll refresh at 3 am. You'll never hear the same song twice in the same day on KWEE 106.7FM.

All that's left to do is hook up the Festival text-to-speech software to the bit that reads the song title and artist, and I'm good to go. Until that's up and running, I made some little WAV files of me saying various things, and those little clips get placed between every few songs. I can't wait to hear the voice synth, though. I want Stephen Hawking to be my DJ!

UPDATE: The wonderful strains of the Pipes and Drums of the 48th Highlanders just came on over the radio in the living room. Success!

It had to be done:

admin@TERASTATION:~$ uname -a
Linux TERASTATION 2.4.20_mvl31-ppc_linkstation #15 Tue May 31 10:18:19 JST 2005 ppc unknown

w00t!

Transferring that new, hacked up firmware image makes for a scary couple minutes, however. It was a nail biter, especially when the progress meter stopped midway through. But I couldn't help myself; I had to tinker.

There's just so much more I can do with it now that it is running an ssh server. Like, adding a radio transmitter to it. Screwing with the web server so I can stream MP3s. Poking at all the Perl scripts under the web admin GUI. Adding NFS kernel patches. Fun stuff.

For now, though, I have to go submit the box's BogoMips rating to the Linux doc guys. I already gave 'em numbers for my AOL touchscreen thing and the cash register. Can't stop now...

My old fileserver is on its way out, and has been for a while. It's the same box we used to play Tribes2 on back at S4R (when we had it down at the Verio datacenter, stuffed sideways into an empty cabinet in the corner by itself so that nobody would see the little beige mid-tower case poking out). It's had a long happy life with its Red Hat 6.2 install and served us well. That 80GB of RAID1 storage has lasted about 5 years; we hit 98% full just last week as I was copying music over to it. But its time has come. Goodbye, tiny Athlon 600.

One of the fans in it somewhere has been getting progressively louder, and if you try to transfer too much over the network, it locks up. Actually, I think that it locks up every couple days, and just happens to when I'm trying to back stuff up off my PC. Clearly it has hardware issues beyond pure age and something new is needed. Disk corruption kinda goes against the entire grain of storing files redundantly, you know?

For a long time now, I've been meaning to go pick up a 3Ware RAID card and a brace of hard disks and build a new box. Even downloaded a copy of CentOS for the OS. So when Tracy and I were at Fry's last night buying a fridge for our new house, I figured I'd saunter on over to the computer hardware aisle and see what they had in the way of RAID stuff. And I sure do love the smell of new electronics.

I find a decent card, and the cart has a stack of 4 cheapo hard drives in it, I'm totalling up how much it's all going to be, what I'll have to tell Tracy, and a sale sign catches my eye. They had a deal on a self-contained NAS box, that day only. I'd never heard of the the company, Buffalo, nor the product, the TeraStation. I'd seen consumer-grade NAS appliances before, and had always dismissed them. They were either very expensive (three or fours times more for what I could build on my own using whitebox PC parts), or lacking in features (what the hell good is a network storage device that doesn't offer any sort of failure protection?! One disk? Or two in non-redundant RAID0 Mode? Useless!). But the TeraStation actually looked kinda cool.

So I start totalling up what I got: $1,050 and change in materials, one long weekend fussing with screwdrivers and setting up filesystems and accounts (and a machine I have to minimally admin). The TeraStation is on sale for $640, and has $125 in rebates. Hmmm, compelling. Then I look at the TeraStation's box in detail to see what features it's got. Users and groups permissions on a per-share level, 4 USB 2.0 ports, super quiet operation, gigabit ethernet, XFS filesystem ("So it runs Linux... I wonder if I can get ssh and NFS support on there..."), UPS support for automatic shutdowns, web-based management, backup software for PCs, and hardware RAID 1, 10, 5 or JBOD with 4 160GB disks.

Let's see here... that's half a terabyte in RAID5 mode. In an appliance-style box (with das blinkenlights!). That I don't have to fuck with all the time. Comes with a print server, too? Sold. All that other shit goes back on the shelf...

I would have liked to have gotten the next model up, but it wasn't on sale, and they weren't in stock anyway. It would have been $400 more, and would have netted me another 400GB; it's a buck a gigabyte either way. Turns out that if you get another terastation, you can sync the two up. And seeing as how it took 5 years to fill 80GB, I'll get at least 3 years out of six times that amount of space. Who knows, maybe in 3 years I'll get the screwdriver out and stuff four 1TB disks in the thing.

Anyway, setting it up was a breeze, and I've got some stuff moving on over to it right now. I just wish I hadn't packed away all of my networking stuff. All I have here in the temp apartment is the crappy hub I used for the Tivo back at the old house. It takes a while to move 75 gigabytes of data at 10 megabits per second. About 16 hours, in fact. I think it's time to get with the 21st century and move on up to gigabit ethernet.

The only thing that it's missing is disk quotas and logging. I'd like to be able to say "this is the junk share, anyone can write to it, but it's only 100MB in size". You can't do that. But since it's only me and Tracy on the thing, I don't care too much about that. Having some sort of remote logging, so that you could see what went wrong and when or get stats on disk usage, would have been nice. That's not really a show stopper either.

It was a good buy, I think. Expensive, but worth it. And seeing as how we opted not to get the fridge with the TV built into it, it was virtually free!

UPDATE: I should have moved to gigabit ethernet a long, long time ago. Wow.

Ever hear anyone talk about Gentoo? Yeah, me too. And I'm convinced that Gentoo is for ricers.

I just finished reading a book I picked up in the airport called Shadow Divers. It's nominally about these dudes who discover a WWII German U-boat that was sunk off the coast of New Jersey during the war at some point. Lots of trips to Germany and visits in deep water to find out what sub it was. Nova did a show about it. (If you read the pages at that link, you spoil about 75% of the book.) Ridley Scott is making a movie about it. That probably explains why it was among the limited selection of books at the tiny post-security gift shop at the Norman Y. Mineta San Jose International Airport.

So anyway, I was poking around the web looking at U-boat stuff. I really need to get p to Chicago to see the U-505. Be awfully cool to walk around inside a U-boat. I've already been up to the USS Pampanito at Fisherman's Wharf, and had a really good time banging my head on things inside it. Having the European perspective on WWII submarines would be interesting.

I found myself reading a web page called A Tutorial Introduction to GNU Emacs just a bit ago. I just had it in my head that I need to start using a real editor and not vi (or kate). So I thought to myself "Maybe I'll take a look at emacs again; it's been like 10 years since I last looked at it..."

I'm not sure what is happening to me, but I fear this change.

Wy gave me an idea for a domain name during an IM session yesterday:

wee@hostname:~$ whois gunsandmeat.com

Whois Server Version 1.3

No match for "GUNSANDMEAT.COM"

I'm all about guns and meat...

I'm staying up way too late. And for keyboards. I think I may have a problem... But check out the mboard that pimps! That's just so completely... boss. I'm humbled and in awe.

I might have to mod one of my Model Ms. Like use tri-color LEDs and then set them each up to go through it's color cycle sequentially when CPU load goes up. Or as a VU meter with my MP3 software or something. No harmful-to-vision UV LEDs, though.

Dan's got a new article about clicky keyboards going. It's pretty good reading from Dan, as always.

He came across a site called Clicky Keyboards. It looks like part museum, part antique keyboard store. The buyer's guide is especially helpful. I really liked their identification chart. I've got something like a dozen Model M keyboards, so it's nice to know the Lexmarks from the older Scottish-built IBMs.

One of the best finds from Dan's article was this little adapter. It's apparently reliable enough to allow the PS2 connect on the old IBMs to hook up to a modern day USB port without issues. I'm going to have to pick up a few of them (I'll definitely need one if I ever get a Mac). The PS2 port is going to die for good at some point soon, regardless of platform.

All this means the spare 1984-era Model M languishing in a box near my feet can finally make it on over to my machine at work (via the USB-only KVM that sits between the input peripherals and the desktop PC and laptop docking station). My cubemates are going to love me. Maybe I ought to take over the quieter 71G4644 version instead. If anyone gives me crap about having a loud keyboard, I'll bring the really clicky one that I would have otherwise brought in and give them a choice between the two. See? I decided on that particular quieter one because I was thinking of their needs!

At any rate, wrist and finger numbness from a long day at work are over. woot!

UPDATE: The site had a link to the patent for the buckling spring mechanism used in the Model M keyboards. That would be United States Patent #4,118,611: BUCKLING SPRING TORSIONAL SNAP ACTUATOR to you and me. Here is how it all works.

I also found a link on how to clean them. They thoughtfully included a set of "Model M pr0n" links, saving me from the trouble of doing so.

You could say that I'm a snap actuator fan..

I happened to see today that Verizon has this new service/product called Fios. Fifty bucks a month for 15mbps downstream? I think I could handle that...

I was moving some stuff across servers and noticed that I had a 2GB access log for the last 6 weeks. That's, well, kinda friggin' huge. Wonder why? Turns out that a couple nimrods set their Henry Earl Firefox extension to update once a second. Assholes. I update the source XML file that that extension reads once per night. So once a second isn't nice. The firewall has them blocked.

But as I was looking through the log stats for other leeching, I saw a lot of bandwidth from Yahoo. Buh? Apparently somehow I have on my web site. Hmmph!

I guess it is kinda funny. But not as funny as the one I'll make when my Greasegun arrives sometime next month. How many people do you know who have even held a Greasegun, much less owned one?

I was walking to another building at work the other day, and I came across a tech talk that was just getting started. It was by a guy named James Whittaker, and called "How to break software". The talk was based on research done for a book of the same name. I didn't have anything that couldn't wait an hour, so I grabbed a piece of floor and listened in.

This Dr. Whittaker was engaging and funny, but pretty amazing from a technical perspective. Over the course of many years, he and his students distilled 10,000 reported software failures found on the Net to just four root causes. And so he then figured that you can test in those four areas and make your software better by finding nearly all the bugs before they ship out with your product.

I'm definitely buying his book.

Everyone seemed to completely miss my point, so the original post is gone. I was simply wondering if I had made the right decision from a cutural standpoint, not a technical one. I was wondering if I'll fit in or not, or whether I was out of my league.

That's what I was trying to say. My fault for being bored enough to write a novel.

Part of my job involves once-weekly dealings with a website which requires user interaction every so often -- usually between 5 and 30 minutes. Overall, these weekly dealings can take anywhere between 6 hours and two days. As you can imagine, it's hard to get much of anything done when you're constantly having to stop whatever it is you're working on at nearly-random intervals and interact in a very exacting, meticulous way for 10-20 minutes at a crack.

So in my "down time" -- that lull between responsiveness -- I've been trying to get some stuff done which doesn't require long periods of thought. That's another way of saying "I browse the web while I wait for a slow website to respond". However, I've been browsing tech web sites and tutorials and so forth, looking for good stuff I can soak up in 10 to 30 minute sessions.

Another part of my (future) job will involve writing a lot of software in Python. So today I spent some time looking for a "Python for Perl Programmers" sort of site. I was trying to compile a list of things that I can do (like use exceptions) and can't do (like use the autoincrement operator) in Python.

During one such browsing session I came upon the one true definitive comparison between Python and Perl. And I pretty much had to stop working for the day right then and there.

There exists a web site devoted to collecting and archiving programs that can count down the 99 bottles beer from the song. They have that one basic program written in 621 variations. That's just unbelievably cool.

They even have InstallScript (the language used in InstallShield Windows installers) as well! That's something the Hello World in many languages site didn't have. (I actually submitted an InstallScript hello world example to them many years ago but that site is somewhat stale.) Of course, they don't have a PHP example either (which is the simplest Hello World program known to man: you simply put the text 'hello world' in a file and PHP will happily spit it out for you.)

And while they have an example of one of my favorite langauges, Brainfuck, they are missing another of my favorite languages: Chef. So of course now I have to write a '99 bottles of beer on the wall' program in Chef and submit it.

Yes, I am a dork.

I'm keen on getting Fastrak set up. It'll cut probably 20 minutes off my commute. I hit their website, read about how you have to fill out a form, then downloaded the PDF I'm supposed to fill out and send in.

I thought PDF was supposed to be "portable", because all I see is this. Buh?

I think my work computer is from space, and I cannot speak its language.

I'm !! In your face, Heckler & Koch!

w00t!

Linux on a used cash register, part deux. Had quite a bit of mail about it, too. Seems there's quite a few folks that have old registers and want to use them with non-Windows (or non-SCO, AIX, whatever).

It's sad that I have to tell those guys that I never finished that point-of-sale software thing I started, and that the old cash register has been doing triple duty as a web server, remote login server, and weather station.

My work on getting the led-on-a-stick? has been well-received, however. I've already sent out two tarballs of sample code.

I saw this picture on one of the aliens prop-making web boards I've been frequenting lately. The dude's using his kid as a host! For making tiny little fuzzy aliens!

For some reason, I can't stop chuckling at this. And I know this isn't going to come out like I mean it, but it sort of makes me want to be a father even more than I already do.

Recently, Hurricane Electric (where I and many other people I know) get hosting sent out an email asking people to turn off a feature they offered called "email wildcarding". In a nutshell, email wildcarding is where any address at a domain which is not already spoken for goes to one catch-all address. I use it dozens of times daily in order to weed out spam. For instance, when I buy something at Fry's online store, I always use ''. When I buy from Amazon, I use ''. That might seem like a bizarre scheme, but I can't tell you how may "throwaway" addresses I've got permanently blackholed because some online retailer didn't live up to their bogus privacy statement.

So when HE said that I have to turn that feature off, I was annoyed. It was one of the reasons I liked HE so much. And I use it a lot. But apprently spammers have been finding and using catch-all domains in their spam campaigns.

What they do is have their spamming software generate random addresses at example.com, and then go hit that domain's mail server to see if it'll bounce. When it doesn't, they use that address @example.com on a few dozen spams as the reply-to address. Which means when someone sends the spammers a nastygram reply or the spam email bounces, the person with the catch-all domain gets the reply. Lately, I've been getting around 500-600 bounces and replies per day. I can see why the HE tech was saying that spammers are causing the server load to get too high. My annoyance level has been high. So far, procmail filtering means I don't get to see many of these emails.

However, using procmail isn't the best solution. Turning off wildcarding is. Then the spammers will eventually find out that there's nobody home, and that means the target of their spams probably won't accept their email. I'm all for hurting spammers, even if it means a little hurt for me. (Truth be told, I'm all for the death penalty for spammers, but that's another post. Or a previous one. I forget.)

Anyway, what you have to do if you have an HE account is get all the addresses you want to use (or have used, actually) into your aliases file, pointing to your main account address. The problem is that remembering all them is near to impossible. So I wrote a small perl script that went through all 150+ MB of email I've received in the last five years and found all the addresses that I'd need to add to the aliases file. The script is right here.

Put that in your home directory, make it executable, and then run it. It'll tell you what it needs. Once you have the list, go through it and add whatever you want to your .virtualmail file, then you can turn off wildcarding. You're good to go. Unless you want to make up any new throwaway address, that is. HE only updates their aliases once every three hours, so if you need one, you'll have to know that in advance...

Check this Russian motorcycle out. Does't that look funner than hell?

Before the Soviets went to war with Germany in WWII, they decided they needed an offical motorcycle for their armed forces. They studied various designs, and finally settled on the BMW R71. They nabbed a few examples of the motorcycle and completely reverse-engineered them (much like they did with the B-29 Superfortress). And they've been making them ever since.

I don't think there's a way in which one could ride on of these without looking completely goofy, but I also don't think that would stop me. If past history is any indicator, the risk of being a dork hasn't really been as an effective deterrent for me as it should have been.

I have this feeling that if I get into a mid-life crisis, it's going to be really, really bad. Did you know that you can buy an armored personnel carrier over the Internet? Talk about your ultimate camper...

(I saw all this on Slashdot, but I figure it'll benefit from a little examination. And not all of the three people who will read this frequent Slashdot, so there's no repetition anyway.)

The latest Net craze is phishing: bogus emails, pop-ups and spams which attempt to get the recipient to disclose personal or financial information. Ebay, PayPal and large banks/credit cards are the primary targets. In a nutshell, these fake messages usually try to get people to update or verify their account information. Some say that an account might be deactivated unless the person goes through some steps to keep everthing current. Others ask for an address or phone number update, but you need to "verify your identity" first. The most audacious ones inform "the customer" in as scary a way possible that someone's stolen their account info, and may even tell them to be careful of phishers when reinstating their account. Nearly all offer handy and helpful links or buttons that the user can click on to get started with the information exchange immediately. Isn't that nice of them?

Usually what happens is that those links and buttons are crafted so that they exploit features or weaknesses in most browsers and email clients such that you think you are, for example, going to Household Bank's web site. But you're really going to a very real-looking but completely fake mock-up of a Household Bank page on, say, a Russian web site. This bogus web page saves the personal information you give it, and then the people running the scam either bilk you outright or sell your personal information to people who will then either bilk you or steal your identity. Some of the more fancy phishing schemes even dump you back on a page at the real, official web site after the update or verification or whatever is over. All the better to make people think they were at Citibank's site all along, I guess.

You'd think that emails saying "Hi, we here at Paypal would like you to click this link and enter all your financial and personal information please" would get immediately canned, but phishing apparently has a success rate of about 30%. It's very scary how real some of the phishing scams can look. How many times do you look at the "hover text" when you mouse over a link? How closely do you look at URLs when you finally click that link? How many times do you open a new browser window before going to a web site where you'll have to enter confidential information? When did you disable HTML content in email? Yeah, I thought so. It's a pain in the ass to conduct yourself securely online, so most people don't.

Go take the Phishing Test and see how you do.

By the way, I got 10 out of 10 correct. Whether that's because I knew what to look for in a fake or because (I use a text-only email client) I've never seen a real email from a bank before and so couldn't get lulled into complacency by a logo or whatever, I don't know. I suspect a combination of the two. Because they were all basically new to me, I did read over the email for each question pretty carefully looking for clues. Any spelling or grammar errors, for instance, immediately got it tagged as fake. Whether I'd scrutinize an email in my inbox that closely I don't know. I would pick up on fake URLs. I have to manually copy links in emails and paste them in a separate web browser window in order to view them, and I'd probably notice I was pasting links like http://. Actually, I'd probably just delete the email, even if it was legitimate. If my bank or credit card company wants to deal with me, they can buy a stamp. There are some things the Internet isn't good for.

I've always loved Javadoc. It made it really easy to create documentation along with your code. While I'm a commenting freak (even when I'm in a huge rush I sometimes add comments while I work), I've found myself leaving out comments when I should have taken the time to add them. "I'll add comments later..." almost never happens. If you don't have the time to do it right the first time, why would you htink you'll find the time later?

So I've been wanting a Javadoc-style commenting/documentation system for PHP (which is what I've been 80% of my code in the last couple years). By lucky chance, I happened on PhpDoc. It parses comment blocks and creates documentation. Way cool. I think I'm going to start using it, see if I like it.

If you've been wanting to upgrade Fedora Core 1 to Fedora Core 2 using a tool like yum or some such, here's how you do it.

That recipe was based on lots of online help and lots of trial-and-error. And it works. I'm typing this on a machine upgraded via the above method. w00t.

The other day at work, I had some free time and decided to do a little housecleaning. The project that inspired me involved converting at Access database (which had started with Ingress, then moved to two other RDBMS' I can't recall) to Sybase. It was a very, how do you say, "icky" project.

The ickiness came not from the unrelational, completely nonsensical nature of the data, although it was bad. (Seriously: do you ever need to have a whole separate table called "us_resident" containing only two rows with 'yes' and 'no' in it? No. You never need that in a modern database. You use a SET or ENUM or some other list column type in your table.) The ickiness was caused primarily because some tables were keyed by student ID number, and some were keyed by the student's social security number. And of the other 40+ tables, only 1 (one!) had both. I called it the "rosetta table", and I had to do some fairly fancy footwork with its data in order to get at the rest of the database. I just sort of ignored all the thousands of orhpaned records I sometimes found. The admin folks weren't even really sure what all they needed, and I wasn't about to spend my life digging through everything. Student data-enty labor is cheap, and so I made lots of printouts. Some poor undergrad will be unknowingly cursing my name this summer.

This ickiness was further exacerbated by the fact that California passed a law last year called SB 25, and it means that anyone who has SSNs anywhere on a computer had better think long and hard about the delete key. The upshot of the law is that if the machine on which the personal data is stored on gets compromised, you have to let everyone who might be affected that they could, maybe, possibly be a victim of identity theft at some future point. Basically, that's what it said, and everyone on campus has been dumping data with SSNs left and right. Old backup tapes are "going away", email spools are being cleaned, etc.

So this info I was dealing with on my workstation had SSNs all through it, and now that the project was done, I wanted the data gone but permanent like. But the rub was that I needed copy of all the data to have around in case the admin dudes wanted something else from it all at some later point. So I burned a CD of the data to give to the admin group. I figured they could keep it on the shelf (which would satisfy SB 25) and pop it in whenever they needed to find something. To further this aim, I made a little navigable index.html page to all the student info, and I even put in an autorun file which would launch (under Windows) the browser with that index page on it so that the admin people could see all their old data without having to dig too much. That's just the kind of guy I am. Well, that plus I wanted it to be easy for them to find stuff on their own instead of call me. And finally because everyone feels better holding dead trees, I also made some relevant printouts for those same admin folks, and then I had a shredding party with all my work docs. Clearly, my work was done.

While I was shredding the physical media, I got to thinking about the digital media: shredding data on my workstation's hard drive. Simply deleting a file doesn't really delete shit, and my knowing that means that any lawyer in the world could easily prove I should have tried harder to get rid of the copious amounts of SSN-based data I had. That's if I wind up in court, being sued by one or more persons who had their identity stolen based on my negligence in getting rid of their data. Not a likely prospect, but why take chances that don't lead to a payoff?

In talking to my boss about the issue, he mentioned that he recently discovered that there's an app called srm installed by default on his on his Mac OS X laptop. Being similarly concerned about SB 25-ish things, he went and found the aforelinked SourceForge page, and sent me the URL. I was more than happy to use it, but I couldn't get it built onmy Fedora Core 1 system. And I tried, believe me -- but only for a half hour or so.

I only tried for 30 minutes because I realized that I could get the very same thing working in like 15 minutes if I wrote it in something portable, like Perl. So I did. Here's my code:

#!/usr/bin/perl -w

#
# sremove.pl - Removes files psuedo-securely by overwriting the file contents
# ? ? ? ? ? ? ?with zeroes a user-defineable number of times, then truncating
# ? ? ? ? ? ? ?and then unlinking the file. Probably not DOD secure, but
# ? ? ? ? ? ? ?seems to work.
#
# Free for non-commmercial use, with no warranty of fitness expressed or implied.
#
# Wm. Rhodes 4/2004
#

use strict;
use File::Find;
use Getopt::Std;

$|++;

# How many times to overwrite the file with zeroes. A default of 7 seems to be
# an OK number.
our ($opt_p);
getopt('p');
my $num_passes = $opt_p ? $opt_p : 7;

foreach my $file (@ARGV) {
? ? ? if (-e $file) {
? ? ? ? ? ? find(\&RemoveFile, $file);
? ? ? } else {
? ? ? ? ? ? print "File not found: $file\n";
? ? ? }
}

# This overwrites our file with zeroes $num_passes number of times, then
# truncates it to some smaller size, then unlinks it.
sub RemoveFile {
? ? ? my $length = (stat())[7];
? ? ? print "Deleting file '$_' (",
? ? ? ? ? ? commify($length),
? ? ? ? ? ? " bytes) with $num_passes passes... ";
? ? ? for (my $i=1; $i<=$num_passes; $i++) {
? ? ? ? ? ? ReWrite($_, $length);
? ? ? }
? ? ? ReWrite($_, $num_passes);
? ? ? unlink($_);
? ? ? print "Done.\n";
}

sub ReWrite {
? ? ? my ($file, $length) = @_;
? ? ? open(FILE, ">$file") || die $!;
? ? ? print FILE '0' x $length;
? ? ? close(FILE);
}

sub commify {
? ? ? local $_ = shift;
? ? ? 1 while s/^(-?\d+)(\d{3})/$1,$2/;
? ? ? return $_;
}

Now, I'm no computer forensics expert by any stretch. But I did take the time to read through the source of srm, and I did take the time to do some empirical testing in order to make sure that my data was gone.

I installed the Coroner's Toolkit. It's a cool set of apps that lets you recover deleted files. And it will recover anything. I recovered a file from when my two year-old Linux workstation had Windows XP on it (which was only for like two weeks, when I first got it). And, yes, installing Linux over a previous Windows XP installation means a format of the hard drive. And yet I still found WinXP data on the partition that I recovered. I didn't think that was possible, but I saw it with my own eyes. So if formatting a hard drive maybe doesn't really permanently erase data, I was very keen to see if my little Perl script would.

I wound up spending the bulk of a workday testing it. I created a file with a text string that I knew wouldn't be found on my machine. I created the file on a small partition and then deleted the file. Then I ran the Coroner's Toolkit over that partition and recovered all the files I could. I found my deleted file. I then made a new file with another distinctive string on another partition and did the same delete/try-to-recover thing. I found the file. I then made a distinctive string-containing file, erased it, then made a new one with the same name but different contents. I found both of the files. Admittedly, this was not a busy system, but that scared me.

Then I reproduced all those tests after deleting a file using my script above. I couldn't recover any of the file's contents. I even tried it a few times in various places more and got nothing. So I'm pretty sure that the above script works. It appears to work anyway and I'm confident that all that SSN data is gone forever.

Having said that, if you use the above script you are on you own and I make no warranties about its fitness for any purpose. It almost certainly works as advertised, but until I get to see what the NSA can do, I ain't promising shit. Further, if you use it and something breaks, you get to keep both pieces. But I'm feeling good that I did something better than simply 'rm' all those people's personal info, and I think the script is relatively safe to use (although it's not terribly robust as far as error checking and whether files are directories and whatver; it worked for my purposes, so I was done with it).

Anyway, use it if you like.

I was checking on how much bandwidth I used last month on my other site, and I noticed a spike this month already. A glance at the logs tells me that I got posted to Slashdot again. Last time it was about my fooling around with putting Linux on a spare cash register I grabbed from my mom's store. This time, it was an archived copy of the Gopher Manifesto I dumpster-dived from the Google cache of a dead web site at my brother Trey's urging.

Apparently, the news is that someone implemented the gopher protocol in Apache version 2 and the guy who wrote the Perl module linked to my site.

Ok, sure. I used to be quite the fan gopher of gopher (it was the best way to get geological information way back when I had a text-only SLIP connection to the Internet). I guess I looked back on gopher fondly enough to archive the Manifesto, and I did have a gopher server running for a while out of curiosity, but I'm not altogether certain why this is news. The Web has pretty much taken over and there just isn't much room for gopher anymore. I guess some people might need a modern-ish gopher server for something -- like maybe migrating old gopher-only content in alongside a regular web site layout. You'd get to use all the normal web production systems, and serve gopher and HTTP traffic. That's cool, I guess.

BTW, I now have enough first-hand evidence that I can safely say there's nothing like plain, static web pages for surviving a sharp spike in requests. My server was fine both times.

I finally happened upon something I've been searching for a long time now: how to automatically rename the tabs in Konsole so they show what remote host you are logged into, or what your current working directory is (if logged in locally). I tried this new thing out today, and it seriously makes me happy.

So if you use Linux...

[crickets]

And KDE...

[more crickets]

And you use Konsole as your terminal application...

[still hearing crickets]

Then you should really, seriously have a look at Konsolewrap. It'll definitely help you get around in Konsole, especially if you tend to ssh into lots of remote hosts, and depend on Konsole's tabs to keep everything organized.

(The tabs on the bottom in that screencapture would normally say "Shell No. 1", "Shell No. 2" and so on. It's not very helpful because you can't see what each terminal is doing. Plus, KDE version 3.2 has a feature which will pop up a little gray tooltip-like window on the taskbar every time it detects the system bell on one of those terminals. And instead of that tooltip saying "Alert in Shell No1", it'll now say "Alert in fast", and I know that I've got new mail or whatever on the machine called fast.)

I'm very happy. It's the little things in life, you know.

At work today, I turned a perfectly good Linux machine into a Windows XP machine. Windows -> Linux is the wrong direction to be going, but I'll be doing some InstallShield development in the coming months, so I had to go to the Dark Side.

I shed a tiny tear.

I've been catching up on the news. Seems Microsoft went open source. I'm at once amused and sad. Regardless of how I feel personally, the outcome likely won't be good. MS doesn't exactly have a shining record when it comes to security or releasing patches for holes. Now that the ne'er do-wells can see part of the source to windows (albeit an older version), you can bet that they will be pawing through it looking for exploits at maximum speed. I'm betting that we can expect a bunch of Windows security flaws announced in the coming weeks and months.

So it seems that a refresher on the nature of the computer virus is probably warranted. And given the size of the huge gaping hole that recently opened, there'll likely be more than one virus floating around. Which brings us to everyone's favorite topic: the plural form of the word 'virus'.

I came across a Straight Dope article about plurals for latin nouns, and it has some good information. More than I ever wanted to know, as a matter of fact. One part in particular applies here:

There is one more common English -us word borrowed from Latin that doesn't follow any of the rules above: virus. To the Romans a virus was a dangerous or disgusting substance, anything from snake venom to body odor. Ancient grammarians couldn't agree whether the word was a third-declension noun, a fourth-declension noun or in a class by itself, but the one thing they could agree on was that it didn't have a plural form. Ever. To the Romans, it was a mass noun, not a count noun. That hasn't stopped English writers from inventing pseudo-Latin plural forms to cover the modern countable senses of the word. Viri is formed on the false assumption that virus is a second-declension noun. (Viri in fact is the plural of Latin vir, "man".) Virii is an even worse mistake. Only Latin nouns that end in -ius form the plural with -ii. There are no really common English plurals in -ii other than radii. That hasn't stopped people from trying out such atrocious forms as virii and penii. Virii would be the plural of virius, if such a word existed in Latin. Other suggested plurals include virora, vira, virua, and vire. For more on the debate, see http://www.perl.com/language/misc/virus.html. The one inescapable fact is that in classical Latin, there was no plural of the word. In English, the only correct plural is viruses.

And that, I think, is just about enough on the topic of viruses for the foreseeable future.

I've got ths Linux box at work that I use occasionally. It was built using one of our "offcial" images, but I recently found out that the automated updating process wasn't hitting this particular machine. "I thought you were updating that box youself..." is what I heard. So a-patching I will go.

Since it's a Red hat 7.3 machine, it's no longer supported by Red Hat's up2date service. So installing apt seemed like a good solution. Turns out this machine was more out of date than I had imagined:

wrhodes@foo:/tmp $ sudo apt-get dist-upgrade
Reading Package Lists... Done
Building Dependency Tree... Done
Calculating Upgrade... Done
The following packages will be upgraded
4Suite Canna Canna-devel Canna-libs FreeWnn FreeWnn-common GConf GConf-devel ImageMagick LPRng ORBit ORBit-devel Omni Omni-foomatic PyXML SDL SDL_image SDL_mixer SDL_net SysVinit VFlib2 VFlib2-devel WindowMaker WindowMaker-libs Wnn6-SDK Wnn6-SDK-devel XFree86 XFree86-100dpi-fonts XFree86-75dpi-fonts XFree86-ISO8859-15-100dpi-fonts XFree86-ISO8859-15-75dpi-fonts XFree86-ISO8859-2-100dpi-fonts XFree86-ISO8859-2-75dpi-fonts XFree86-ISO8859-9-100dpi-fonts XFree86-ISO8859-9-75dpi-fonts XFree86-cyrillic-fonts XFree86-devel XFree86-libs XFree86-tools XFree86-twm XFree86-xdm XFree86-xfs Xaw3d Xaw3d-devel Xconfigurator a2ps abiword alchemist amanda amanda-client ami ami-gnome apel apmd arpwatch arts aspell aspell-ca aspell-da aspell-de aspell-en-ca aspell-en-gb aspell-es aspell-fr aspell-it aspell-nl aspell-no aspell-pt aspell-pt_BR aspell-sv audiofile audiofile-devel aumix authconfig autoconf autoconvert autoconvert-xchat autofs automake autorun balsa bash bc bg5ps binutils bison blas blas-man bonobo bonobo-devel bug-buddy bzip2 bzip2-devel bzip2-libs cWnn cWnn-common cdecl cdlabelgen cdp cdparanoia chkconfig cipe console-tools control-center control-center-devel cpio cpp cracklib cracklib-dicts ctags curl curl-devel cyrus-sasl cyrus-sasl-devel cyrus-sasl-md5 cyrus-sasl-plain dateconfig db1 db1-devel db2 db3 db3-devel db3-utils ddd ddskk dhcpcd diffutils docbook-style-dsssl docbook-utils docbook-utils-pdf dos2unix dosfstools doxygen dump e2fsprogs e2fsprogs-devel ed eel efax eject emacs emacs-leim enscript esound esound-devel expat expat-devel fam fam-devel findutils firewall-config flex foomatic fortune-mod freetype freetype-devel ftp fvwm2 fvwm2-icons gaim gal galeon gawk gcc gcc-c++ gcc-chill gcc-g77 gcc-java gcc-objc gdbm gdbm-devel gdk-pixbuf gdk-pixbuf-devel gdk-pixbuf-gnome gdm gedit gettext gftp ghostscript giftrans gimp gimp-devel glade glibc glibc-common glibc-devel gmp gmp-devel gnome-applets gnome-audio gnome-audio-extra gnome-core gnome-core-devel gnome-games gnome-games-devel gnome-libs gnome-libs-devel gnome-print gnome-utils gnome-vfs gnome-vfs-extras gnorpm gnumeric gnupg gnuplot gphoto gpm gpm-devel gq grep groff groff-perl grub gtk+ gtk+-devel gtk-engines gtkhtml guile gzip hdparm hotplug htmlview hwbrowser ical imap indent indexhtml info initscripts ipchains iproute iputils jadetex jisksp14 joe kWnn kakasi kakasi-devel kbdconfig kdbg kdeaddons-kate kdeaddons-kicker kdeaddons-konqueror kdeaddons-noatun kdeadmin kdeartwork kdeartwork-locolor kdebase kdebindings kdebindings-kmozilla kdelibs kdelibs-devel kdepim kdevelop kdoc koffice kon2 kon2-fonts krb5-devel krb5-libs krbafs krbafs-devel ksconfig ksymoops kterm kudzu kudzu-devel lapack lapack-man less lesstif lesstif-devel lha libao libao-devel libcap libgal7 libgcj libgcj-devel libglade libglade-devel libgnomeprint15 libgtop libgtop-devel libjpeg libjpeg-devel libmng libmng-devel libogg libogg-devel libole2 libpcap librep librep-devel librsvg libstdc++ libstdc++-devel libtabe libtabe-devel libtiff libtiff-devel libtool libtool-libs libungif libungif-devel libuser libvorbis libvorbis-devel libxml libxml-devel libxml2 libxslt licq licq-gnome licq-kde lm_sensors locale_config lockdev lockdev-devel logrotate logwatch lokkit losetup m4 magicdev mailcap man-pages mc mew mingetty miniChinput mkbootdisk mkinitrd mktemp mkxauth mount mouseconfig mozilla mozilla-chat mozilla-devel mozilla-dom-inspector mozilla-js-debugger mozilla-mail mozilla-nspr mozilla-nspr-devel mozilla-nss mozilla-nss-devel mozilla-psm mpage mpg321 mt-st mysql mysql-devel mysql-server nautilus nautilus-mozilla ncftp ncompress ncurses ncurses-devel net-tools netpbm netpbm-devel netpbm-progs newt newt-devel nfs-utils njamd nmap nmap-frontend nscd ntp ntsysv nvi-m17n nvi-m17n-canna oaf oaf-devel octave openjade pam pam-devel pam_krb5 parted passwd patch pax pciutils pciutils-devel pcre pcre-devel pdksh perl perl-CGI perl-CPAN perl-DB_File perl-DateManip perl-Digest-MD5 perl-File-MMagic perl-HTML-Parser perl-HTML-Tagset perl-MIME-Base64 perl-NDBM_File perl-Parse-Yapp perl-Storable perl-URI perl-XML-Dumper perl-XML-Encoding perl-XML-Grove perl-XML-Parser perl-XML-Twig perl-libnet perl-libwww-perl perl-libxml-enno perl-libxml-perl perl-suidperl pidentd pine pinfo pkgconfig popt portmap printconf printconf-gui procmail procps psgml psmisc pspell pwdb pygnome pygnome-libglade pygtk pygtk-libglade python python-devel python-docs qt qt-designer qt-devel radvd raidtools rdate readline readline-devel redhat-config-network redhat-config-users redhat-release reiserfs-utils rep-gtk rep-gtk-gnome rep-gtk-libglade rhn_register rhn_register-gnome rmt rpm rpm-build rpm-devel rpm-python rpmfind samba-client samba-common sane-backends sane-backends-devel sane-frontends sawfish screen scrollkeeper sed semi sendmail sendmail-cf sendmail-devel sendmail-doc serviceconf setserial setup sgml-common sh-utils shapecfg sharutils skkdic skkinput slang slang-devel smpeg sndconfig sox specspo stat strace sudo swig switchdesk switchdesk-gnome switchdesk-kde sysklogd sysstat tWnn taipeifonts tcl tcpdump tetex tetex-afm tetex-dvilj tetex-dvips tetex-fonts tetex-latex tetex-xdvi texinfo textutils time timeconfig timidity++ tix tk tkinter tmpwatch traceroute tree ttfonts ttfonts-ja ttfonts-ko ttfonts-zh_CN ttfonts-zh_TW ucd-snmp ucd-snmp-utils units unix2dos up2date up2date-gnome urw-fonts usbview usermode util-linux vixie-cron vnc vnc-server w3c-libwww wget which whois wine wl words xawtv xchat xcin xdelta xemacs xemacs-el xemacs-info xinitrc xmms xmms-gnome xpdf xsane yp-tools ypbind ypserv zip
The following packages will be REPLACED:
Mesa (by XFree86-libs) Mesa-devel (by XFree86-devel) XFree86-KOI8-R (by fonts-KOI8-R) XFree86-KOI8-R-75dpi-fonts (by fonts-KOI8-R-75dpi) XFree86-jpfonts (by fonts-ja) docbook-dtd30-sgml (by docbook-dtds) docbook-dtd31-sgml (by docbook-dtds) docbook-dtd40-sgml (by docbook-dtds) docbook-dtd41-sgml (by docbook-dtds) emacs-X11 (by emacs) emacs-nox (by emacs) im (by mew-common) kdegraphics (by libkscan) kdelibs-sound (by kdelibs, arts) kdelibs-sound-devel (by arts-devel) kdemultimedia (by noatun, kdemultimedia-libs, kdemultimedia-arts) kdenetwork (by lisa) kdesdk (by kdesdk-kspy) kdeutils (by ktimer) lclint (by splint) links (by elinks) sgml-tools (by linuxdoc-tools) vorbis (by vorbis-tools)
The following packages will be REMOVED:
opera
The following NEW packages will be installed:
Distutils Glide3 XFree86-base-fonts XFree86-font-utils arts-devel atk cdparanoia-libs cups-libs db3x docbook-dtds elinks fonts-KOI8-R fonts-KOI8-R-75dpi fonts-ja glib2 gnome-mime-data gtk2 hesiod hwdata intltool kdemultimedia-arts kdemultimedia-libs kdesdk-kspy ktimer libgal19 libglade2 libid3tag libkscan libmad libusb libvorbis10rc3 linuxdoc-tools lisa mew-common noatun openmotif pango postgresql-libs pygtk2 pygtk2-libglade python-clap python2 qt2 splint usbutils usermode-gtk vorbis-tools wl-common xml-common
560 packages upgraded, 49 newly installed, 23 replaced, 1 removed and 0 not upgraded.
Need to get 711MB of archives.
After unpacking 92.2MB of additional disk space will be used.
Do you want to continue? [Y/n]

OK, that's just silly. Wonder how long this will take to run...

I broke into 5 computers today (well, 4 servers and a Cisco router). They weren't my computers. I've never had root on a machine that wasn't mine before (although I have had root on some interesting, if not completely 100% legitimate, places), but today I was encouraged to compromise a bunch of machines in any way I could -- and I was even give tools to do so. It was hellaciously fun and 100% legitimate.

My friend Scott had me and some other local tech folks over at a hands-on presentation/demonstration at his place of work. Since Scott works for a company that "deals with national security", and his job (as I understand it) is to make sure that "people" can figure out how ne'er-do-wells are breaking into their networked computer systems by teaching them how to break into machines themselves, the subject of today's exercise was geared toward throwing us at an array of machines and seeing how many we could crack into. It was a contest, in other words. I didn't do too bad, I guess. Five out of 7 isn't so bad, I figured. For a newbie and all. It's my first time being a bad guy...

Scott's got this entire lab of a couple dozen machines set up with like 9 operating systems, some old workstations running Solaris, and a private network (off the 'Net). We had all these tools, and a 45 minute slideshow overview on network security, what tools people use, etc. Then we were given a host to log into and told to go at it. That's simplifying it greatly, but since I'd seen very few of the tools used, it was all pretty foreign. I'm used to looking at security from a "best practices" point of view. You keep everything patched, keep stuff turned off if you don't need it, look for intrusions on a regular basis, and so on. This was on the other side: we had to be the aggressor and get into these machines, and all we knew was their IP addresses.

So I had a good time today. Mostly it was a matter of nmapping the subnet, then nmapping each host in detail. Then you had to figure out what OS was running on that host (their version of namp doesn't accept the -O flag, so that was sometimes fun), and what exploit was likely given that and some guesswork (hint, hint: even one password is a huge nugget for a bad guy to get, and if they can get one, it's way easier to get others). If you have a user account that can be accessd via a network connection, make sure it a good one.

There's a really good tool called Hydra which will try a