Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Journal Journal: Firewalls, H323, Abstraction

Last month, my work got a new H.323 video conferencing unit, and today we had our first real test: a lecture given at SFU that was streamed to us. For the most part, it went really well; there were no big screw-ups and everything went as planned. During the second half of the conference, though, the audio was intermittently choppy. I'm not certain, but I think that a local user's Internet radio stream may have caused the problems.

If that's the case and it would surprise me, since I'd assumed we had a pretty damned fast connection to the Internet then I'll need to start adding traffic shaping to our firewall. Working on the firewall is something I've been putting off for a while, since it's a bit obscurelovely pf firewall, littered through with quick rules. But there's a good tool for pf unit testing I've been meaning to try out since I heard about it at LISA. Probably won't be as big a help with the traffic shaping stuff, but at least I'll be reasonably sure I'm not screwing anything else up.

And now I'm wondering just how hard it would be to come up with (handwave) something that would combine automatic form generation, web-based testing code and summary code. We have these multiple conferences that need registration pages; while some of the information is the same (name, email address) some is different (one conference has a banquet, another wants to know if you're going to be attending all three days). Putting all this in a database and using something like Formitable to generate the form seems perfect.

Since I'm already using Perl's WWW::Mechanize and Test::More to test the pages, it'd be nice to have it look at the stuff used to generate the form and use that to test the page. (That's not the clearest way I could put that, but if I don't write this down now I'll never write it down.) And if I could add something that'd automatically generate summary pages for conference organizers, it'd be even better; stuff like email and address is always easy, but being aware of special questions would be nice too. (Though maybe not necessaryhow hard is it to generate summary pages?)

Trouble is, this is a lot of deep thinking that I've never really had to do before. I suspect this sort of thing is a good programmer's bread and butter, but I've never been a programmer (good or otherwise). The more I think about this, the more I can't decide whether this is really hard, possible but too much effort to be worth it, or already done by something I haven't come across yet.

The little things I can handle, though. This crash looks like it's happening because of a mixup between rand(3) and random(3). In Linux, both have a maximum of RAND_MAX, but in Solaris the latter has a maximum of 2^31. This wreaks havoc with the let's-shuffle-the-playlist routine in XMMS, and we end up with a crash. Once I figure out how to program in C, it shouldn't be too hard to get it fixed. :-)

User Journal

Journal Journal: Didn't even drown or anything!

This was Arlo's first time going all the way under water. He was definitely surprised by the whole operation, but he didn't panic or cry or anything. Such a trooper.

Journal Journal: pkgsrc + RT 2

I installed RT at work a couple days ago using pkgsrc. This was the first time I'd ever used pkgsrc, and I have to say I'm impressed. Yes, it's just like a portable ports tree -- but it's just like a portable ports tree, and I'm starting to think that's a very, very powerful idea.

RT went well except for the final install, where it complained and died. Fortunately, it turned out to be susceptible to exactly the sort of one-line patch that I have an affinity for. Not as cool as correcting Theo de Raadt's code, mind you :-) but still a good feeling.

Ah...RT, I've missed you.

Input Devices

Journal Journal: More stuff to read

  • Word-by-word diff of GPLv2 and v3
  • New version of Unix Backup and Recovery, by W. Curtis Preston. The first was amazing; this one covers Windows and Mac OS X as well. WANT.
  • Good reading and good suggestions. I need to alias ls, fg, mutt, sudo, and to shorten my alias for SSHing to my webserver.
  • I think I finally figured out what was going on when my desktop machine at work had a suddenly borked mouse/X relationship: double-clicking was inconsistent, single-clicking was inconsistent, but the keyboard still worked. It happened again a few days ago, and I managed to run xev and verify that things really were messed up: the mouse and all its clicks and motions just weren't registering at all. I managed to figure out what was (probably) going on when I came across this link. In the end, what worked for me was switching to a console and running cat /dev/input/mouse1. Don't know why (yet!) but that seemed to reset everything.

Still to come: Why upgrading is the most important thing EVAR.

User Journal

Journal Journal: Okay, so maybe I'm wrong

People have been calling me out on my last post, and that's good; I love a good argument^Wdebate, and doubly so when it comes from people w/more experience than me. So I'm going to start responding to the comments, laying out where I'm wrong and where I still think I'm right.

I said:

OpenSolaris: If I wanted to upgrade everything by hand, I'd stick with Slackware.

Bzzt! As I found on on a recent episode of BSDTalk, NetBSD's pkgsrc is available for over nine hundred thousand operating systems, including Solaris and Slackware Linux. Tha's right, both premises in that statement were wrong.

Not only that, pkgsrc can be tucked out of the way so that it doesn't interfere with the rest of the I could even throw it on Thornhill right now, Slackware and all, and start using it instead of my own half-assed build script for Apache/SSH/PHP/OpenSSL/mod_ssl (which, in my own defence, works pretty darned well).

In fact, tomorrow I'm heading out to The Other University to set up two new X4200 servers, and I'm seriously considering adding pkgsrc to them -- if only to avoid having to compile (and botch) Lapack and Blas. If that goes well, I may start adding it to the main server here so that we can easily get more up-to-date versions of Firefox et al. (Though I could probably get them from Blastwave...this has been a low enough priority for me so far that I haven't really looked into all my options.)

That is not to say it's perfect:

  • While it has six thousand packages or so in its tree, only (...) something like two or three thousand compile.
  • Upgrading is less than perfect; as you'd expect, the process is basically remove-and-recompile...and since that goes for dependencies as well (at least in the default case), it can potentially be a while before it all gets back to a useable state:

    It is possible, and in the case of updating a package with hundreds of dependencies, arguably even likely that the process will fail at some point. One can fix problems and resume the update by typing make update in the original directory, but the system can have unusuable packages for a prolonged period of time. Thus, many people find 'make update' too dangerous, particularly for something like glib on a system using gnome. To use binary packages if available with "make update", use "UPDATE_TARGET=bin-install". If package tarball is not available in ${PACKAGES} locally or at URLs (defined with BINPKG_SITES), it will build a package from source. To enable manual rollback one can keep binary packages. One method is to always use 'make package', and to have "DEPENDS_TARGET=package" in /etc/mk.conf. Another is to use pkg_tarup to save packages before starting.

    From the Swedish NetBSD wiki. Though it's nice that manual rollback is doable; that's always my big paranoia when it comes to source-based upgrades.

  • Upgrading Gnome in particular is a fucking bear.

That last complaint is not as fair as it could be. I mean, I'm not going to be upgrading Gnome on either Thornhill or the two new Sun machines. And at around 80 packages, it would be damned difficult to try and recompile it all without starting with a clean slate. But this sort of nonsense with Gnome is what put me off the ports tree in FreeBSD.

(I was going to put in something about how Debian doesn't need that sort of thing, but I should research that first.)

User Journal

Journal Journal: Wish I'd known about that earlier...PLUS: Special update! 2

First off, a special catch-up entry for my very, very special Slashdot friends. :-) I've been slack at cross-posting entries from my blog since about halfway through LISA. I'm going to do my best to fix that, but I won't be posting old entries here...too much work, and Slashdot has no way of backdating old entries.

I've set up a new blog on my site, using a combination of Perl, ASCIIdoc, Make and email. It's working well, though there are some bugs and missing features. The main things I like about it are that it's plain text and there's no PHP. At last, I can edit things in emacs without using Mozex!

And so, on to today's entry in which I make a fool of myself by denigrating different operating systems based on experiences from three years ago. As always, there are comments both here and on the website...including a FreeBSD committer who cordially invites me to put my money where my mouth is. Fair point, and I'll be responding to that later. (Along with admitting my ignorance about pkg-src on Solaris.)

On with the show!

libpst is a command-line tool that converts Outlook .pst files into standard mbox files, the way T&R intended.Wish I'd known about this before... One of the outstanding feature requests is listing and extracting individual messages. Maybe I'll take a look at this.

In other news, I borked my home machine (Debian testing) by trying to extend a partition w/ReiserFS. That gave me a perfect excuse to upgrade to a bigger disk and reinstall Debian.

Next up is maybe looking at replacing my venerable copy of Slackware 9 with a Debian install, too; the ease of installing and upgrading Debian packages is just too good to pass up.

I did consider other OSs:

  • FreeBSD: Even after three years, port-upgrade still scares me.

  • NetBSD: meh, what's exciting about that?

  • OpenBSD: Secure, yes, and God knows I'd like to use pf. But not easy to upgrade, either ports or releases.

  • Dragonfly: Not yet.

  • BSDs in general: I want a journalled FS.

  • OpenSolaris: If I wanted to upgrade everything by hand, I'd stick with Slackware.

And yes, I realize I'm damned ignorant, and that a server should not be exciting. But I'm convinced that a big part of running a server successfully is ease of upgrading, whether security fixes or new app versions, and Debian is just wonderful.


Journal Journal: Why is the system load 200? 1

Here's a fun game: create a large (>1GB) file in your home directory called core and start Firefox. Have a look at this part of

if [ -x "$crc_prog" ]
if [ -f core ]
crc_old=`$crc_prog core | awk '{print $1;}' `
## Run the program
"$prog" ${1+"$@"}
if [ -f core ]
crc_new=`$crc_prog core | awk '{print $1;}' `
if [ "$crc_old" != "$crc_new" ]
printf "\n\nOh no! %s just dumped a core file.\n\n" $prog
printf "Do you want to debug this ? "
printf "You need a lot of memory for this, so watch out ? [y/n] "

Care to guess what'll happen? That's right: Firefox will take 10 seconds to start up because it's busy md5summing a big-ass core file. The user will think that it hasn't launched at all and will click again. Rinse and repeat, with more and more clicking every time. By the time I figured out what was going wrong, the system load was about 200. Fortunately, it's a simple thing to add DEBUG_CORE_FILES= judiciously (not DEBUG_CORE_FILES=0; I keep forgetting that a simple [ $FOO ] simply tests whether $FOO is empty, not whether it's non-zero).

Also: the advantage to being in a small shop is that if you're the only one running Linux on the desktop, you can just go ahead and add things like the latest version of Firefox (now without the amusing bug that makes a search work on some other random tab, instead of the one you're looking at) and the MySQL DBD connector for Perl. It's really incredible how much irritation those two things are gonna save me.

Finally: this is just plain cool. As he did during the Bash scripting BOF, Wout takes me to school. Didn't know about: ssh -t, COLUMNS/LINES environment variables, tput, or just how much Applescript can do.


Journal Journal: Insert regex here for GPG and PGP 1

Memo to myself: Don't eat the Turkey sashimi.

In other news: I don't usually post links to things just to say "go read this". However, I'll make an exception in these cases.

First, I was recently going to use the word "Manichean" to mean "dualistic, good-vs-evil view of the universe, with an implied inevitable battle between the two". However, when I Googled for it to check the spelling, I came across this article explaining why that wasn't a terribly accurate use of the word. Interesting stuff...I certainly didn't know there were any Buddhist-influenced ascetics hanging around Baghdad in the 3rd century.

Second, there's some interesting and contradictory stuff on the procedures for GPG/PGP keysigning parties here and here. Why does publicizing a public key "slightly reduce the security of a key pair"? I don't know. I've had a quick look through my copy of Applied Cryptography (3rd Ed.), donated by the kind man behind Pangolin Systems, but can't find anything from Saint Bruce about this. Anyone?

Third, there's an excellent set of tools for keysigning parties available here. One of the people who signed my key at LISA had used caff to send it back, which is a nice wrapper around the whole procedure (grab the key, sign the key, encrypt the key with itself, email it back to each of the key's email addresses). The lack of understandable (but see next paragraph's self-ass-kicking) documentation for GPG means that a) this automation is very nice, and b) I'm kicking myself for not buying Michael Lucas' book from the No Starch Press booth at LISA.

Fourth, if'n you've got GPG, it's worth reading the documentation, like the FAQ or the GNU Privacy Handbook. Shame on me for not doing that previously. (And shame on me for taking so long to email people's keys back to them.)

Fifth, you can find some pretty stats here, or the trust path from me to Wietse Venema. Geek Pride!

Sixth and finally, there is this handy little page about how to set up a CPAN library in your home directory. Since it took me a while to track this down, I'm throwing it in here so's I can find it quicker next time.


Journal Journal: Sweet Odin's Raven! 2

I've just come across AsciiDoc, and this is SO CLOSE to what I want: Ascii-based markup, still intelligible, and rendered into pretty CSS-compliant whatnot.

For a while now I've been toying with the idea of leaving WordPress behind and just writing all my stuff in Emacs, the way RMS intended, and converting it all to pretty HTML through <handwave>some sort of script or Makefile</handwave>. But this...this is perfect. See this? If it were a black monolith orbiting Jupiter, I would say "My God, it's full of stars!" It's clean, it's spare, it looks good, and it does not require verdammnt patching to stop it from throwing in br tags every time it sees a newline. And you know what it requires? Python! That's it!

I know what you're saying: this is like wiki markup without the wiki. EXACTLY! It's easy to write, easy to read, it looks good and it's just static: no PHP remote inclusion waiting to happen, no heavy load, just simple plain text and html. Oh yes.


Journal Journal: WWW::Mechanize and the values of testing

One of the great things about going to LISA is that you get the proceedings and/or training for everything on CD or dead tree. (Well, nearly everything...I've heard that some people didn't or couldn't make their training materials available (though I've not been motivated to confirm this yet), and some of the talks didn't do this (Tom, where are your slides?)). There is some wonderful stuff to be found in them... WWW::Mechanize, which is just perfect for testing out this conference registration form I'm working on. Only I've run into a bug that comes when trying to specify which button to click on:

$agent->click_button(value => 'Okay to submit');

That li'l chunk gave me this error:

Can't call method "header" on an undefined value at /home/admin/hugh/perl/lib/perl5/WWW/ line 2003.

One guy reported the same trouble, but got no response. And the RT queue is fulla spam.

But aha, I found out how to use the Perl debugger in Emacs (M-x perldb. Shhhh!) and was able to track things down. Turns out there are a couple things going on:

  1. In the page that I'm parsing, there are actually two forms, not one; one sends you back to correct mistakes, one sends you forward to keep going. Since I was not specifying which one to use, it used the first...and in that one, there is no button labelled "Okay to submit". One I specified the right form ($agent->form_number(2);) everything was good.
  2. But of course, this sort of thing shouldn't happen, right? Right.

There are a couple subroutines/methods in this module that aren't testing for the right number of arguments. One of 'em is click_button, which has this loop:

my $request;
elsif ( $args{value} ) {
my $i = 1;
while ( my $input = $form->find_input(undef, 'submit', $i) ) {
if ( $args{value} && ($args{value} eq $input->value) ) {
$request = $input->click( $form, $args{x}, $args{y} );
} # while
} # $args{value}

return $self->request( $request );

No test/case for not finding a button named whatever, so it just blithely returns $self->request( $request ). But of course, request does the same thing:

sub request {
my $self = shift;
my $request = shift;

$request = $self->_modify_request( $request );

if ( $request->method eq "GET" || $request->method eq "POST" ) {

$self->_update_page($request, $self->_make_request( $request, @_ ));

Again, no test for the right number of arguments. And having just read the Test::Tutorial manpage, I'm all about unit testing and such, baby.

GNU is Not Unix

Journal Journal: My Street 1

Cities and circles drawn perfect, complete
These are the fables on my street, my street, my street
"My Street", The New Pornographers

Okay, my (lawyers, please note) TOTALLY ACCIDENTAL stalking of Tom Limoncelli continues. I met another sysadmin from Boston (who, BTW, is into LISP. Call that accidental? 'Cos I don't) (alsoplus he's the third guy I've met from a small shop, which is damned reassuring in a conference full o'people from multi-continent corporations/teams) who invited me along to the LOPSA hospitality room. I talked to David Parter from LOPSA about why I should join. He also gave me the sad news that the Burritos-as-big-as-your-head place in Madison, WI is closed. Noooooo!

Nice bunch of people, who'll probably be getting a membership fee from me post-haste. Totally unrelated to the free beer. I met a guy from a Scandinavian hosting company that has, like, 300,000 domains (!). We talked about spam for a while, and PHP's ability to include files remotely (he's a big fan. Oh, wait, no) ("When I meet the guy who put that in..." "You'll punch him in the cock?" "Oh, that's just the start of it."), and Perl vs. C vs. LISP vs. Dvorak keyboards vs. I don't know what all.

And who else is in the room AND stared at my badge trying to figure out who the hell I was? That's right, Tom! Still no chance to lean over casually and say, "So I hear Google's trying to figure out what to about TCP scalability bringdown. 'Cos, like, my enterprise-fu PHP taint mode will totally nebbish your gubbins. Scalable. Solution. Moving forward. Come back!"

Also went to the: Free Beer and Ice Cream BOF, PGP/CACert BOF, and the Bash scripting BOF. Last challenge: using Bash built-ins only, check to see if a given TCP port on a given host is open. Welp, I did know about Bash's built-in /dev/tcp/host/port, but totally foundered on syntax. We were told to email our scripts to sounded familiar, and it should, 'cos was Alex Polvi, who works at Oregon State University Open Source Lab, they who provide bandwidth to such as Gentoo, Mozilla and Kerneltrap. At one point, a few friends of his came in and sat down close to where I was, and he came over and talked to them during one of the challenges. "I think everyone would get freaked out if they knew a Google recruiter was here," he said, laughing. Worked for me.

And, BTW, I thought I was at least quarter-decent at Bash. Hah! It is to laugh.


Journal Journal: Letter From An Occupant

What the last ten minutes have taught me:
Bet the hand that your money's on
"Letter From An Occupant", The New Pornographers

Attended my first BOF last night on wikis for sysadmin documentation -- amazingly fun and informative. I even managed to contribute to the conversation. And when I told the war story about recovering my wiki from spammers (that's right! because PHPWiki sucks!) I got a gratifying look of sympathy from the audience.

Today's talk was "Habits of Highly Effective Sysadmins". It was aimed at folks like me who've been mostly self-taught, and I thought they hit the mark extremely well. (I've heard lots of people here say that they'll go see anything put on by Lee Damon or Mike Ciavarella just on principal (principle?).) Very, very informative and great teachers, too.

I found out today that Tom Limoncelli's name is pronounced "li-mon-sell-ee", not "li-mon-chell-ee". W/luck, this will save me embarassment later.

Tonight the BOFs start in earnest, including the one that offers free beer and ice cream. Sadly, I will be attending the one on pet counting instead. I will die a little bit inside.

United States

Journal Journal: Choose It

Two sips from the cup of human kindness, and I'm shit-faced
Just laid to waste
If there's a choice between chance and flight,
Choose it tonight.
"Choose It", The New Pornographers

Just got back from a whirlwind walk from the Lincoln Memorial to the Washington Monument to the White House. Beautiful, all of it...though a) the White House is small and b) there was something being filmed/videotaped in the courtyard, which made me think of Vancouver.

Training again. AFrisch was good, convering Cfengine quite well; would've liked to see more info about expect. (Apparently there are Perl/Python bindings...I had no idea.) Afternoon course was "Interviewing For System Administrators" by FIXME, and that was great -- lots of things I didn't know, lots of tips on doing it better next time.

Saw Tom Limoncelli in the hall during a break. Managed to restrain myself. I have the reputation for quiet restraint of a nation to uphold.

Very tired now. Time to go get beer.

Sun Microsystems

Journal Journal: Bones of an Idol(2) 1

As we sift through the bones of an idol<
We dig for the bones of an idol
When the will is gone
'Cause something keeps turning us on
"Bones of an Idol", The New Pornographers

Today was Solaris 10 Administration, an all-day course that introduced all the nifty features of Solaris 10. I've only worked with Solaris since July, but I've been reading so much about Solaris 10 that most of the stuff presented (dtrace, SMF, zones) was familiar to me. OTOH, the course was aimed at admins of older versions of Solaris (2.veryearly through 8 and 9), and so the explanation of the differences assumed a lot more familiarity with Solaris than I had. It was a curious sensation.

Still, though, it was worth going to. Good quote: "Oracle DBAs are the most Kool-Aid drinking people I've ever met." And another: "Zones are the most controversial thing we'll be talking about today, and spending the most time on. I saw someone carrying two cups of coffee -- that's the right attitude." Also, Bill Lefebvre, the man I was going to accuse of stealing my underwear, wrote top(1).

Oh, and it's a good thing I brought a second wireless network card; the onboard one in the laptop kept dying, with an entry in syslog that read "fatal firmware error". Now I've got an Orinoco Gold in here, and it's working just fine.

Met a sysadmin today who works in the VOIP department of a phone company; they've moved most of their stuff from racks and racks of old-style Alcatel equipment to one rack of Solaris machines acting as soft switches. I was curious about the difference in reliability and uptime; my understanding is that the demands on telecom equipment are worlds above anything that can be provided by COTS Unix, and asked him how it worked for them.

He said that, yes, you'd get situations where a phone call would be delayed because of a system crash: instead of taking one second to connect, it might take two or even three. And if that was anything beyond a small fraction of their customers, that would be a big problem. However, the soft switches had much better failover ability than the old stuff; the old stuff would be up much longer, but when it failed everything would cascade and the whole system would come tumbling down, at which point a customer would hear "Your call cannot be completed as dialed."

Met another guy who was very excited about ZFS, because of an app at his work that writes 4 TB of data in individual 4 KB files. The best they've heard from their current storage vendor of choice is a block size of 8 KB...which means doubling their storage requirements just to deal with filesystem overhead.

I had alligator jumbalaya. It's official: it tastes like salty chicken.

United States

Journal Journal: Jackie

Jackie, you yourself said it best when you said
There's been a break in the continuum
The United States used to be lots of fun...
"Jackie", The New Pornographers

10am CST: Welp, I'm in the air on my way to Chicago, and from thence to Washington for LISA. The laptop is running well (stress-tested by Sloan, The New Pornographers and Yo La Tengo), and I'm using my time to skip watching "Lady in the Water" (not how I want to see this film for the first time) and work on AsciiDoc. I think this is going to work pretty well for my plan: to start having my blog in just plain text for source, and plain HTML for output. I like it a lot, and the less PHP I have to audit the happier I am. (Not that I *do* audit PHP. But I feel guilty when I don't.)

Turned out I was rather stupidly cautious at the airport. The flight left at 6.15am PST, and I was there at 3.45am. What I didn't realize is that the ticket counter didn't open til 4.30am, and customs not til *5am*, thank you. But once they got started, everyone moved along pretty quickly.

I did get pulled over for extra searching, but nothing serious: where was I going, could I open the bag, where do I work. Once that was done, the officer was quite friendly; he urged me to take time to go see the sights, since work was paying for this. I expected worse.

But man, I don't know when I'll have the time. Training starts tomorrow with a full day of Solaris 10, and it just keeps going from there. Plus, of course, there's the free beer and ice cream. The time, she flies, no?

I need to get a haircut. I haven't shaved my head in two weeks, so I've got a damned dirty commie hippie head of hair at the moment.

Wow...over somewhere midwestern now, and the patchwork of land is neat to look at. Not half as beautiful as a city at night from 3000 metres,, that's God's own set of Xmas lights.

12.30pm CST: Later...In O'Hare at Chicago, taking advantage of the free electrical outlets for charging laptops. The wifi access is charged-for, though, same as in Vancouver. And me without OzymanDNS...

10.20pm EST: Now in my hotel room. No wireless from USENIX up here, but it does work in the lobby where there's simply an amazing amount of very dressed-up corporate types. I think it's some sort of Xmas party. The contrast between them and the t-shirts-and-jeans crowd (not to mention me typing away alone on my laptop) is stunning. (Incidentally, my grandmother was both shocked and appalled to learn that not only was I not purchasing a new suit for this conference, I would not be wearing a suit at all.)

My luggage, I found out after an hour of waiting, is currently wending its way here from Chicago; I imagine some sort of Die Hard 2-esque leap across the tarmac that failed, but only barely. Allegedly United expected it here at 7pm and will courier it over Real Soon Now. We'll see.

By the time I finally made it to the hotel and checked in, it was 6.30pm . It had been a long time since I'd had anything but Mountain Dew (SPECIAL CAFFEINATED US VERSION!) to eat, so I was just starving enough to go for the -- wait for it -- $13 (US!) cheeseburger in the lobby. That and two Guinesses pretty much blew my budget for the week; at this point, I'm looking into the carb count in a BSSID beacon frame. (Yes, I'm making that term up.) Worth it, though; my roommate and I exchanged war/horror stories with a Sony engineer/sysadmin from San Francisco over the beer. Good times.

I'm pretty sure I saw Aeleen Frisch in the lobby. I think I saw William LeFebvre, the program chair, at the airport picking up baggage from the SAME BAGGAGE CAROUSEL where my stuff was supposed to be. There's this thing called USENIX bingo, where they give you cards with organizers' photos in it and you're supposed to get them to sign it. I think I'm going to tackle LeFebvre and ask him where my underwear is, then get him to sign my card to affirm that he didn't steal it.

I have not yet seem Tom Limoncelli, and I wouldn't recognize Dan Kaminsky if he queried my DNS server via avian carrier, so my plans to see what they've done with my underwear are, as yet, hazy. If my underwear doesn't show up, I may have to go shopping. I think the nearest Wal-Mart is in Tennessee.

I have a theory that it's impossible to prove anything, but I can't prove it.