Follow Slashdot stories on Twitter


Forgot your password?
User Journal

Journal Journal: So, Farewell, MacMiniColo 1

Some time around 2005, Slashdot ran an article about a new hosting company, MacMiniColo that was taking advantage of the new machines that Apple had just released to offer cheap hosting. I got in contact with them, and a little while later, I had a Mac Mini, sitting in a rack somewhere, running OpenBSD and acting as my dedicated server. A 1.42GHz G4 CPU, 512MB of RAM, and an 80GB disk was (and still is) more than adequate for my needs. The biggest load on it is eJabberd, and even that only used under 1% of the CPU.

I had really great service from these people. The hard drive failed a little under a year after I bought the Mini, and Apple refused to honour the warranty because they couldn't find the records of the sale (then, a few weeks later, they could, but by then it was out of the warranty period). MacMiniColo replaced the disk for me at their own expense.

After five years with them, however, I had a little look around and noticed that VPS hosting has gone down in price a lot. I've written a book on Xen, so I thought I might try a Xen-based VPS now that FreeBSD has Xen support.

GigaTux only claims to offer Linux, but I dropped them an email and they were happy to install FreeBSD for me. I still haven't tried the Xen-enabled kernel yet; they installed the stock x86-64 kernel in an HVM domain for me and performance has been fantastic.

I'm sharing a server with 64 other guests and in spite of that performance tends to be better than my ageing Mac Mini. I was getting 1000IOPS while untaring the ports tree, which is far more than the Mini's old 2.5" laptop drive could handle, and is amazing considering that it's going via the slow, QEMU-derived, emulated device, rather than the fast PV driver. I've been installing software from ports, so everything is compiled on the machine, and even that has been fast.

And my Mini? They found someone else who wants it, and offered me about a third of what I paid for it originally - not bad depreciation after five years of constant use. Shipping it back to the UK would have cost almost as much as buying one on eBay, so I sold it on. Hopefully someone else will get some good use out of it.

As an aside, I've been really impressed by how well OpenBSD works on Mac/PowerPC hardware. If you've got an old Mac Mini lying around, chuck OpenBSD on it and you've got a reasonable low-volume server. The newer ones, of course, are x86 hardware, so will run just about anything.

GNU is Not Unix

Journal Journal: Why I don't use GNU/Linux 6

There are two reasons why I don't use GNU/Linux: One is GNU, the other is Linux. Of these, the larger reason is GNU, and specifically the glibc part. The most recent reinforcement of this is Ulrich Drepper's inability to read the C specification.

For those not familiar with the C specification, all identifiers that start with an underscore are reserved for the implementation (see section You should never use them in your own code, because your compiler is completely free to do whatever it wants with them. By convention, single underscores are used for global non-standard libc extensions and double underscores are used for compiler builtins.

You can find a number of these in existing compiler. Microsoft exposes SEH with keywords like __try. GCC provides __asm for inline assembly, ICC uses __cpuid for accessing the CPUID instruction, and so on. Clang added __block as a type specifier for their variables that are copied to the heap for use by blocks (closures).

Unfortunately, it turns out that the glibc headers use __block as a parameter name. There are several things wrong with this. One is that they use double underscores at all. By convention, these are reserved for the compiler, while single underscores are reserved for the libc. The second is that they used underscores at all in a parameter. Parameter names are not in the global scope, so they can be anything to prevent name clashes.

The result of this is that, if you use glibc, you can't also use blocks. This is a shame, because we (Etoile) were shipping a working blocks implementation six months before Apple. Well, working on *BSD and Solaris (and probably Windows, QNX and Symbian with PIPS, but not tested there). This problem means that it doesn't work on GNU/Linux.

No problem for me. I only use platforms with libc implementations written by people who can read specs. It may be a problem for some of you, if you use a broken platform with a libc maintained by someone who'd rather salvage his ego than fix a problem, and if it is then I'm sorry for you. My suggestion is that you remember that there are other options.

Operating Systems

Journal Journal: Well, that'll teach me to run betas... 2

I saw recently that FreeBSD 8 was in BETA state. I ran 7-CURRENT for a while, because it had features I wanted to test (improvements to the OSS implementation mainly), so I thought I'd give it a try.

This time, rather than doing my usual source install, I tried a binary upgrade using freebsd-update. What a disaster. While the source upgrade procedure uses mergemaster to update configuration files, letting you just keep the new version of files you haven't modified, freebsd-update makes you merge them all by hand where there is a conflict. This wouldn't be a problem, except that all of the config files have a version line at the top, which conflicts between the two versions.

Inevitably, when manually handling the merge for a few dozen files, I missed an important bit so my first boot failed with an error complaining about the diff lines still being in the file. I fixed that, and rebooted.

My next boot failed because one of the startup scripts had replaced an if statement with a case. Unfortunately, this hadn't shown up as a conflict, so it had just taken the start of the case statement and the end of the if, giving nonsense. Fortunately, I was able to find the correct version in CVS and copy it out.

Next boot, my network interfaces weren't working. Actually, this was a problem I'd found earlier. When you update FreeBSD, you update the kernel, reboot, then update the userland (the new kernel is guaranteed to support the old userland, but the converse is not true). The em driver for Intel GigE cards complained that they both had invalid MAC addresses. Not a huge problem; it's a VM so I could just change the kind of virtual network card it was providing to the machine, but checking the bugs database I discovered that it's giving the same error for people with ThinkPads that actually do have this kind of hardware built in. Great.

Finally, my system decided to fail to boot with the error:

mounting /etc/fstab failed, startup aborted

Strange, I thought, I wonder which disk is failing to mount. A quick check in single-user mode showed that everything in fstab had mounted correctly. I eventually tracked this down to a bug in /etc/rc.d/mountcritlocal. This is not present in CVS, so it's probably introduced by the merge process. The value of $? (the exit value from the last command) is stored in $err, another command is run, and then there is supposed to be a switch statement branching on $err, which instead is branching on $?.

I've run betas, release candidates, and even the development branch of FreeBSD before, but 8-BETA2 is the first time I've ever had a FreeBSD install that feels like a beta. The merging done by freebsd-update seems completely broken; it prompted me for things it could have trivially done automatically, but failed to prompt me when it broke random system files. My system is now working again, but it's irritating to have to spend this much effort on an update.

PC Games (Games)

Journal Journal: Transcending the Frontier 1

Does anyone remember Frontier, a space trading game from the '90s? No, not that one, but a much lesser-known top-down game that only ran on Windows NT. It was released back in '95 and I found it a couple of years later when I was running NT 4 on my PC.

The game was incredibly addictive, but it was unfinished. The version I had was 0.5, and Altavista (this was a few years before Google) was unable to find a newer version. The gameplay owed a lot to games like Nethack. You started off in one solar system and then got to the next through a jump gate (analogous to descending to the next dungeon level). Over time, you'd upgrade your ship, with better shields and weapons, and progress further. Being a 0.5 release, there were a few things missing. The lack of sound was a shame, but the real killer was that there was no save system. You could play for an hour, then get hit by a stray nuclear warhead and have to start from the beginning. A game with so much potential, but it never went anywhere...

...or so I though. Over the weekend, some random googling turned up the author's web site and it turns out that he has recycled a lot of the ideas into a brand new game: Transcendence. This has a improved graphics, sound, and working savegames (nicely integrated into the game so they aren't a crutch). The story line is much expanded on Frontier (which was basically 'you are in space. Have fun') and the universe is much richer. Things I liked in the original, like the randomly-generated solar systems, the black market and the different possible gameplay styles are all still there, but now there is a rich backdrop and the player can choose to help the military, fight pirates, provide comet-grown food for expensive restaurants, or any combination.

There's one down side: It's still Windows-only, and I don't have a Windows machine anymore. Fortunately, it runs very well in WINE. I've playing it on the Mac in the free version of CrossOver Games that was released last year.

Oh, and if anyone's interested, you can still download Frontier 0.5. It does have one advantage over the newer game; the AI didn't have any sensible friendly-fire logic, so you could easily destroy (and loot) friendly space stations by getting one of the ships defending it to fire while docked. This was easy to do: just get the pirates to chase you there and when their stray shots hit the station all of the docked ships will launch firing. This works really well for the black market outpost, which is protected by very powerful ships and is full of fun technology to steal.


Journal Journal: Is your company new to the Mac or the iPhone? 1

1) Mac users are highly sensitive to the quality of your products' user experience. What this means is, go native or don't bother. Even though Google Earth and Photoshop are rife with UI atrocities, don't imagine that you can get away with ignoring the rules like they can. They're 500-pound Gorillas, and you're not. If you are Google or Adobe, get with the program and write a Cocoa UI, already. It's about time.

2) The native language for the Mac and the iPhone is Objective-C. Get used to it; it's not hard to learn. Any developer familiar with C should be able to learn Objective-C in a day, and be an Objective-C language lawyer within a week if he cares to. Yes, there are Ruby, Python, and other bridges you can use, and they work just fine, but limit this to integrating existing libraries with your apps. DO NOT try to use the bridges as a way to avoid learning the environment you're working with.

3) A cross-platform GUI is neither feasible nor desirable. You can't #ifdef the difference between Cocoa, xlib, and Win32. Don't believe me? Look at OpenOffice. (If OpenOffice looks OK to you, then please, forget about offering your products on the Mac. You'll only cause us pain.)

4) Don't bother with third-party cross-platform GUI libraries like Qt. Yeah, you can make it sort of work, but you'll get a lot of complaints from your Mac customers, and it will be more expensive than properly factoring your code and writing a native GUI for each platform. For every Mac customer who complains about a bad UI, there are many more who took one look at it and decided never to do business with the vendor in question. I just learned from a friend that Qt is far worse than I'd realized: if you use Qt, you wont' get any hardware acceleration , and you won't be able to deliver ADA compliance.

5) If you're shopping for people with years of experience in Cocoa and Objective-C, you should know that they're pretty scarce due to the flood of iPhone projects going on these days. I'm hearing about people getting $200 to 250/hr for iPhone projects. Keep in mind that you're also competing with Apple for those developers, and chances are your project isn't as interesting as Apple's. If you're a start-up and you can offer equity, then it's not too hard to find people who are willing to gamble with you if they believe in your business plan. Mac and iPhone developer tend to be somewhat less risk-averse than the average engineer, in my experience.

6) If you can't afford experienced Mac developers, you'll have to make your own. Save yourself a lot of time and money by sending your people to a class. I recommend Big Nerd Ranch, that's where Apple sent their own people when they quit doing Cocoa training in-house. Keep in mind though, that once your newly-minted Cocoa developers have a year or so of experience under their belts, you'd better be prepared to offer them market rates, or you'll lose them. Back in the NeXTSTEP days, Fannie Mae insisted on low salaries, and they lost people steadily to other NeXTSTEP shops. Attrition is expensive; it will cost you more than you think when your institutional knowledge of your product scatters to the winds.

7) Send your people to the Apple developer conference every year. I can't emphasize this enough. Time is money, and the connections you can make there with the Apple engineers you need to know can save you weeks or months of trial and error.

That should do for starters.

Addition 8/24/09:

8) When interviewing an Objective-C expert, DO NOT try the "Microsoft style interview". (See #5 above.) We are not entry-level, fresh-out-of-DeVry kids who have the time for solving the little brain teasers that someone looked up on the web last night. Talk about the actual work at hand, how the candidate's previous experience is relevant to what you need to do, and ask for some examples of creative solutions they've come up with before.

9) Probably the best place to advertise for iPhone or Mac developers is the cocoa-dev mailing list at You have to be a subscriber to the list, and you have to send your ad to the moderator for approval first. In any ad on Cocoa-dev, be very specific about what kind of developer you're looking for, and what the job entails. This is not the place to just list buzzwords or try to lowball anyone.

10) When advertising for candidates, don't hide behind a webform or an e-mail address. Put a phone number in your ad that reaches a human being. People with skills that are in high demand aren't going to mail their resume to recruiter@companyNobodyEverHeardOf, because that kind of thing gets you spammed.


User Journal

Journal Journal: A Rant

This goes out to every left- or right-wing power seeker, who believes that everything will be just dandy if only they get the right bunch of little tyrants in office.

Ok, time for a bucket of cold water in the face, kids.

First, income is not "distributed", it's earned, and it belongs to those who earn it.
Second, you have no moral right to take someone else's earnings, even if they have more than you do. It doesn't become moral if you hire a thug to do it for you, and it doesn't become moral if you have a group of hundreds of thousands of thugs and bureaucrats to do the dirty work.

The legitimate power of the state can ONLY derive from a delegation of the rights of the people. Free people institute governments to secure our rights, not to interfere with them.

We have a written constitution in this country, and despite its having been routinely ignored whenever government found it inconvenient, it is nevertheless the entirety of the legal basis for the government's existence. If the government doesn't want to follow the constitution, then the government has no legitimate authority, at all.

Maybe you can make a compelling utilitarian argument for some of the currently unconstitutional activities that the federal government engages in, and if so, then propose an amendment, let's have that national debate, and maybe you can get your amendment ratified. Until and unless that happens, the federal government has no legitimate basis to harass sick people for using marijuana, to take our hard-earned wealth and give it to failed banks, to "redistribute" our earnings, to interfere with the choices we make for our health care, to prevent us from traveling to any country we care to visit, or to draft us into "national service."

We are not the property of the state. Get that through your power-hungry little minds.



Journal Journal: A Simple Solution to Spam

I noticed a while ago that my spam filter was 100% accurate on all plain-text emails. Spammers are now forced to use obfuscation techniques like embedded images and HTML. It seems to me that this provides an easy way of totally eliminating spam:

  1. Bounce anything that is not from a whitelisted sender and contains an non-plain-text MIME section.
  2. Auto-whitelist anyone I send a mail to.

This means that anyone I email is free to send me whatever they want. Anyone can still contact me, but they are restricted to sending me plain text for the first email, until I reply to them.

Of course, spammers could start sending out messages saying 'I tried to send you some spam but your filter blocked it, please email me.' These will be caught in grey-traps for 8 hours, and by the end of the 8 hours there's a very good chance that the email will have been caught and the sender added to an RBL.

I'll probably try implementing this when I have time, but if anyone has time before me then please do and let me know how well it works.

User Journal

Journal Journal: Back to Freelancing

My current contract at the university expires a week on Monday. It's been fun. I've been employed to set up a History of Computing Collection - a chance to indulge one of my hobbies for a bit after finishing my PhD and relaxing after the immense stress of writing a book and a thesis (in more or less unrelated areas) at the same time.

Now I'm back to freelance writing and spare-time hacking. If anyone wants to employ me for a bit, let me know...

User Journal

Journal Journal: Another day, another dead hard drive

A couple of weeks ago, one of the hard drives in a FreeBSD box of mine died. This was mildly inconvenient, but since it was one of a RAID-1 array, not totally catastrophic. It seems to be the season for drives dying, because the disk in my MacBook Pro just died this evening.

The machine had been being a bit slow and randomly pausing for a while for no apparent reason. I now realise that the random pauses were caused by I/O errors causing userspace processes to block waiting for kernel locks to be released. Ho hum.

Over the last month, I've been becoming progressively more concerned about how long it had been since my last backup (October 2007!) and last weekend I finally got around to running a full backup of my home directory. As such, I haven't lost very much. Most of the work I did in the last week is in svn and the grant proposal I've been working on was rescued just before the drive died completely. I lost a paper I was working on and some emails and chat logs, but nothing particularly important.

I think my next laptop is going to be solid state. Mechanical storage is more trouble than it's worth.

GNU is Not Unix

Journal Journal: LGPL Pain 2

I'm not a huge fan of the GPL. While I agree with the FSF on most things, I can't help feeling that the GPL shows a certain lack of faith in the whole idea - if the open source development model is so much more efficient, and Free Software is so much more valuable, then why do they need such a mass of legalese to protect them?

From a more pragmatic standpoint, the GPL is about the most incompatible Free Software license around. If you write GPL code, you can't use it in a BSD, Apache, X11, MIT, or Mozilla licensed project.

I was fairly happy with the LGPL until recently, however. It is a bit more restrictive than I'd have liked, but as long as you dynamically link to it it doesn't taint your own code. This is a story about the pain caused when lawyers get in the way of writing code.

It turns out that the LGPL, as it stood, wasn't restrictive enough for the FSF's ideology. You can't have freedom without a lot of restrictions (apparently) and so they added a load more to the venerable LGPL 2.1, and created the new, improved, twice as restrictive, LGPL 3.0, and encouraged all GNU projects to upgrade.

One such project, which I'm directly involved with, GNUstep, did so. Then we started having problems. It turns out there's this other license that has a clause stating that it may not be used with any conditions that are not in the license itself. This is the (GNU) GPL. Version 2 of the GNU GPL is incompatible with version 3 of the GNU LGPL, and since it's viral you can't even link code under the two licenses.

That's okay though, right? The FSF has been telling everyone that they should use the 'or later versions' clause when they use the GPL, just in case they want to make it more restrictive in the future. And everyone's done that, right? Well, it turns out, xpdf didn't. And the xpdf code was extracted to form the Poppler library. And the Poppler library, in turn, was wrapped in PopplerKit, an Objective-C framework for rendering PDFs. And so, by the transitive property, all of these GNUstep apps were GPL 2. Which is incompatible with LGPL 3. Which meant that suddenly they couldn't use the latest GNUstep. By the way, PopplerKit isn't the only GPL2-only library used by GNUstep apps.

This is a bit of a problem. So big, in fact, that Debian decided not to carry the latest GNUstep, because it would have meant dropping a load of GNUstep applications from the next release. The eventual outcome? GNUstep has reverted to LGPL2.

This isn't an unusual situation, by the way. A number of big libraries, such as GNU libc (an abomination that needs to die, but for technical, not legal reasons) is having the same problem - the FSF wants to 'upgrade' it to LGPL version 3, but that will mean any Linux distro that ships the new glibc will not be able to ship any GPL 2 apps.

And people wonder why I prefer the BSD license family.

User Journal

Journal Journal: Parsing our National Anthem.

I happened to hear a recording of a fine performance of our national anthem a short while ago, and the question posed at the end of the song suddenly caught my attention.

"O, say does that star-spangled banner yet wave, over the land of the free, and the home of the brave?"

That's really the most profound thing that Francis Scott Key ever wrote. The question isn't whether the symbol of freedom still exists, we can see that it does. The question is: are we still free? Are we still brave enough to demand and defend our liberty?

A year ago, I would probably have said no. Today though, with Ron Paul's book at #1 on the New York Times' bestseller list, I'm rather more hopeful than I have been in a very long time.



Journal Journal: I Hate Mobile Providers

It's that time of year again, where I realise I'm paying more than I need to for my phone and think about switching providers. Currently I'm paying abut £14 a month, for 100 minutes of calls and 40MB of data. I rarely make more than 60 minutes of calls in a month (I hate telephones), but I'd like more data so I can use my 770 as intended.

For the last four years, I have been looking for a service like this, where it provides calls but is mainly focussed on data. I am looking (somewhat half-heatedly, I admit) for jobs and the moment and so I don't know how long I will be staying in the UK for, making any contract with a minimum period unacceptable. This shouldn't be a problem, since I already own a phone so no network needs to make and recoup any investment (and yet most of them still require a minimum period of a year for a contract, and Three don't even offer SIM-only contracts).

Does anyone know of a UK operator which doesn't suck, and does provide intermittent data use for a reasonable rate? I am starting to think I should invest in WiMAX companies; at this rate they're going to make a killing when they start deploying over here...


Journal Journal: A Leopard ate my ~

There is no way I could feel more disdain for Apple's QA department than I do right now. It seems that, in spite of the fact Leopard was in development for over two years, no one bothered to test what happened when you updated an account using FileVault from Tiger. My experience was:

  1. The installer worked fine.
  2. I logged in, and used the OS for a day.
  3. The kernel paniced.
  4. On rebooting, my home directory was inaccessible, and Disk Utility was unable to repair the disk image.

Oh well, I thought. It's an occupational hazard when using an encrypted disk image for your home directory; if you don't get a clean shutdown then you can lose data. So, mindful of this, I restored from a recent backup and rebooted. Sure enough, there I was logged in again. Then, a few weeks later, I upgraded to 10.5.1, shut down cleanly, rebooted, and... couldn't log in. Apparently the disk image was corrupted. Worse, it turns out this is a known fault: Leopard always leaves FileVault home directories created with Tiger in an unmountable state when you log out.

I'm going to say that again:

Leopard always leaves FileVault home directories created with Tiger in an unmountable state when you log out.

What kind of monumentally incompetent design is this? I have no idea. Anyway, enough of the ranting. I'm sure what people really want to know is 'what do I do when my shiny new OS has just eaten 30GB of personal data.' Step one is to swear at Apple. A lot. Step two is to realise that this 'corrupt' disk image, with a 'bad superblock' actually mounts fine in Tiger still. Fortunately, I haven't 'up'graded my Powerbook to Leopard. I booted the MBP in target mode, mounted it on the PowerBook, mounted the disk image and copied all of the files out.

I now had /Users/theraven/theraven.sparseimage containing the disk image that Leopard was too inept to use and /Users/tr containing my files. After swapping these over, I rebooted. Could I log in? No. Now it didn't think that the disk image was corrupt, it just couldn't find it. A problem.

This lead to the question of how to tell OS X that I was no longer using FileVault. Apparently this isn't documented anywhere I could find via Google and so I had to spend a long time hunting through the filesystem. Thanks again Apple.

It turns out that the relevant file is /var/db/dslocal/nodes/Default/users/theraven.plist (where theraven is my username). To edit this, you have to log in as root. I did this by booting to single user mode (hold command-s on boot). Inside this file, you will find a key-value pair where the key is home_loc and the value is an array. If you delete this key, then it will fall back to using the home directory as a directory, rather than a mount point. You can then reboot (or just exit from single user mode) and log in. You can probably then reenable file vault and have it re-encrypt your data, but I think I want some confirmation from Apple that they are only mostly incompetent, rather than completely inept before doing this.

Once upon a time, Apple was known for attention to detail and thorough testing. I suppose their current activities are good news for Étoilé, but I'd rather we competed by raising our standards than by Apple lowering theirs.

User Journal

Journal Journal: Improve your posts and end world hunger 4

Someone just sent me the best link I've seen in a long time:

It's a simple vocabulary game which asks you to pick the closest synonym for a word from four options. It shows you adverts, and for every word you get right they donate 10 grains of rice to the UN World Food Program. It adjusts the difficulty based on how many you've got right so far, up to a maximum of 50. I seem to be hovering around he 40±2 mark at the moment.

EDIT: I got to 47 for a bit, but then dropped down again. Still haven't made it to 48, which they claim few people beat.


Journal Journal: Decrypting the OpenBSD Theme Song 5

OpenBSD has just released the theme song for the 4.2 release. The song title is 100001 1010101. What does that mean?

Converting them to decimal, we get:

100001 = 32 + 1 = 33
1010101 = 64 + 16 + 4 + 1 = 85

As ASCII codes, these are ! and U. Not particularly meaningful, but it gives us a hint. Considering the song's subject some connection to money could be a good guess. Considering OpenBSD's focus on cryptography, it seems like it might be encrypted in some way, but presumably some way that's known to be insecure enough that someone with only two characters and a knowledge of the context can decrypt it. A Caesar Cypher is an obvious bet. Since it's in binary, a power of two seems like a nice bet for an easy-to-guess key. We want one that leaves both characters in the letters region of the character set (65-90, 97-122). Picking 32, we get:

1000001 = 64 + 1 = 65
1110101 = 64 + 32 + 16 + 4 + 1 = 117

This corresponds to the letters A and u. Since Au is the chemical element for gold, this is probably the answer.

Of course, with only a two-letter cyphertext and no knowledge of the algorithm or key, we can't be sure, and the 'real' decryption could be anything, but it seems likely that the correct answer is gold considering the subject of the song. Assuming it is a Caesar Cypher, we know that the distance between the two characters must be 52, so we can write a simple program that will output them all:

#include <stdio.h>

int main(void)
for(int i=0 ; i<128 ; i++)
printf("%d: %c%c\n", i - 33, (char)i, (char)(i + 52) & 127);
return 0;

The only results where both are in the letter range are:

32: Au
33: Bv
34: Cw
35: Dx
36: Ey
37: Fz

Of these, only Au is an atomic symbol. The others might have some other meaning, but Au still seems like the best bet. No other powers of two give us a value in the letter range, although 16 gives 1e, which might mean something to someone (decimal 30? ASCII code for record separator?).

In summary, the title for the new OpenBSD theme song could be anything, but is probably Gold. Also, I am definitely a geek.

Slashdot Top Deals

The two most beautiful words in the English language are "Cheque Enclosed." -- Dorothy Parker