Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Spam

Journal Journal: A Simple Solution to Spam

I noticed a while ago that my spam filter was 100% accurate on all plain-text emails. Spammers are now forced to use obfuscation techniques like embedded images and HTML. It seems to me that this provides an easy way of totally eliminating spam:

  1. Bounce anything that is not from a whitelisted sender and contains an non-plain-text MIME section.
  2. Auto-whitelist anyone I send a mail to.

This means that anyone I email is free to send me whatever they want. Anyone can still contact me, but they are restricted to sending me plain text for the first email, until I reply to them.

Of course, spammers could start sending out messages saying 'I tried to send you some spam but your filter blocked it, please email me.' These will be caught in grey-traps for 8 hours, and by the end of the 8 hours there's a very good chance that the email will have been caught and the sender added to an RBL.

I'll probably try implementing this when I have time, but if anyone has time before me then please do and let me know how well it works.

User Journal

Journal Journal: Back to Freelancing

My current contract at the university expires a week on Monday. It's been fun. I've been employed to set up a History of Computing Collection - a chance to indulge one of my hobbies for a bit after finishing my PhD and relaxing after the immense stress of writing a book and a thesis (in more or less unrelated areas) at the same time.

Now I'm back to freelance writing and spare-time hacking. If anyone wants to employ me for a bit, let me know...

User Journal

Journal Journal: Another day, another dead hard drive

A couple of weeks ago, one of the hard drives in a FreeBSD box of mine died. This was mildly inconvenient, but since it was one of a RAID-1 array, not totally catastrophic. It seems to be the season for drives dying, because the disk in my MacBook Pro just died this evening.

The machine had been being a bit slow and randomly pausing for a while for no apparent reason. I now realise that the random pauses were caused by I/O errors causing userspace processes to block waiting for kernel locks to be released. Ho hum.

Over the last month, I've been becoming progressively more concerned about how long it had been since my last backup (October 2007!) and last weekend I finally got around to running a full backup of my home directory. As such, I haven't lost very much. Most of the work I did in the last week is in svn and the grant proposal I've been working on was rescued just before the drive died completely. I lost a paper I was working on and some emails and chat logs, but nothing particularly important.

I think my next laptop is going to be solid state. Mechanical storage is more trouble than it's worth.

GNU is Not Unix

Journal Journal: LGPL Pain 2

I'm not a huge fan of the GPL. While I agree with the FSF on most things, I can't help feeling that the GPL shows a certain lack of faith in the whole idea - if the open source development model is so much more efficient, and Free Software is so much more valuable, then why do they need such a mass of legalese to protect them?

From a more pragmatic standpoint, the GPL is about the most incompatible Free Software license around. If you write GPL code, you can't use it in a BSD, Apache, X11, MIT, or Mozilla licensed project.

I was fairly happy with the LGPL until recently, however. It is a bit more restrictive than I'd have liked, but as long as you dynamically link to it it doesn't taint your own code. This is a story about the pain caused when lawyers get in the way of writing code.

It turns out that the LGPL, as it stood, wasn't restrictive enough for the FSF's ideology. You can't have freedom without a lot of restrictions (apparently) and so they added a load more to the venerable LGPL 2.1, and created the new, improved, twice as restrictive, LGPL 3.0, and encouraged all GNU projects to upgrade.

One such project, which I'm directly involved with, GNUstep, did so. Then we started having problems. It turns out there's this other license that has a clause stating that it may not be used with any conditions that are not in the license itself. This is the (GNU) GPL. Version 2 of the GNU GPL is incompatible with version 3 of the GNU LGPL, and since it's viral you can't even link code under the two licenses.

That's okay though, right? The FSF has been telling everyone that they should use the 'or later versions' clause when they use the GPL, just in case they want to make it more restrictive in the future. And everyone's done that, right? Well, it turns out, xpdf didn't. And the xpdf code was extracted to form the Poppler library. And the Poppler library, in turn, was wrapped in PopplerKit, an Objective-C framework for rendering PDFs. And so, by the transitive property, all of these GNUstep apps were GPL 2. Which is incompatible with LGPL 3. Which meant that suddenly they couldn't use the latest GNUstep. By the way, PopplerKit isn't the only GPL2-only library used by GNUstep apps.

This is a bit of a problem. So big, in fact, that Debian decided not to carry the latest GNUstep, because it would have meant dropping a load of GNUstep applications from the next release. The eventual outcome? GNUstep has reverted to LGPL2.

This isn't an unusual situation, by the way. A number of big libraries, such as GNU libc (an abomination that needs to die, but for technical, not legal reasons) is having the same problem - the FSF wants to 'upgrade' it to LGPL version 3, but that will mean any Linux distro that ships the new glibc will not be able to ship any GPL 2 apps.

And people wonder why I prefer the BSD license family.

Cellphones

Journal Journal: I Hate Mobile Providers

It's that time of year again, where I realise I'm paying more than I need to for my phone and think about switching providers. Currently I'm paying abut £14 a month, for 100 minutes of calls and 40MB of data. I rarely make more than 60 minutes of calls in a month (I hate telephones), but I'd like more data so I can use my 770 as intended.

For the last four years, I have been looking for a service like this, where it provides calls but is mainly focussed on data. I am looking (somewhat half-heatedly, I admit) for jobs and the moment and so I don't know how long I will be staying in the UK for, making any contract with a minimum period unacceptable. This shouldn't be a problem, since I already own a phone so no network needs to make and recoup any investment (and yet most of them still require a minimum period of a year for a contract, and Three don't even offer SIM-only contracts).

Does anyone know of a UK operator which doesn't suck, and does provide intermittent data use for a reasonable rate? I am starting to think I should invest in WiMAX companies; at this rate they're going to make a killing when they start deploying over here...

OS X

Journal Journal: A Leopard ate my ~

There is no way I could feel more disdain for Apple's QA department than I do right now. It seems that, in spite of the fact Leopard was in development for over two years, no one bothered to test what happened when you updated an account using FileVault from Tiger. My experience was:

  1. The installer worked fine.
  2. I logged in, and used the OS for a day.
  3. The kernel paniced.
  4. On rebooting, my home directory was inaccessible, and Disk Utility was unable to repair the disk image.

Oh well, I thought. It's an occupational hazard when using an encrypted disk image for your home directory; if you don't get a clean shutdown then you can lose data. So, mindful of this, I restored from a recent backup and rebooted. Sure enough, there I was logged in again. Then, a few weeks later, I upgraded to 10.5.1, shut down cleanly, rebooted, and... couldn't log in. Apparently the disk image was corrupted. Worse, it turns out this is a known fault: Leopard always leaves FileVault home directories created with Tiger in an unmountable state when you log out.

I'm going to say that again:

Leopard always leaves FileVault home directories created with Tiger in an unmountable state when you log out.

What kind of monumentally incompetent design is this? I have no idea. Anyway, enough of the ranting. I'm sure what people really want to know is 'what do I do when my shiny new OS has just eaten 30GB of personal data.' Step one is to swear at Apple. A lot. Step two is to realise that this 'corrupt' disk image, with a 'bad superblock' actually mounts fine in Tiger still. Fortunately, I haven't 'up'graded my Powerbook to Leopard. I booted the MBP in target mode, mounted it on the PowerBook, mounted the disk image and copied all of the files out.

I now had /Users/theraven/theraven.sparseimage containing the disk image that Leopard was too inept to use and /Users/tr containing my files. After swapping these over, I rebooted. Could I log in? No. Now it didn't think that the disk image was corrupt, it just couldn't find it. A problem.

This lead to the question of how to tell OS X that I was no longer using FileVault. Apparently this isn't documented anywhere I could find via Google and so I had to spend a long time hunting through the filesystem. Thanks again Apple.

It turns out that the relevant file is /var/db/dslocal/nodes/Default/users/theraven.plist (where theraven is my username). To edit this, you have to log in as root. I did this by booting to single user mode (hold command-s on boot). Inside this file, you will find a key-value pair where the key is home_loc and the value is an array. If you delete this key, then it will fall back to using the home directory as a directory, rather than a mount point. You can then reboot (or just exit from single user mode) and log in. You can probably then reenable file vault and have it re-encrypt your data, but I think I want some confirmation from Apple that they are only mostly incompetent, rather than completely inept before doing this.

Once upon a time, Apple was known for attention to detail and thorough testing. I suppose their current activities are good news for Étoilé, but I'd rather we competed by raising our standards than by Apple lowering theirs.

User Journal

Journal Journal: Improve your posts and end world hunger 4

Someone just sent me the best link I've seen in a long time: http://freerice.com/index.php.

It's a simple vocabulary game which asks you to pick the closest synonym for a word from four options. It shows you adverts, and for every word you get right they donate 10 grains of rice to the UN World Food Program. It adjusts the difficulty based on how many you've got right so far, up to a maximum of 50. I seem to be hovering around he 40±2 mark at the moment.

EDIT: I got to 47 for a bit, but then dropped down again. Still haven't made it to 48, which they claim few people beat.

Unix

Journal Journal: Decrypting the OpenBSD Theme Song 5

OpenBSD has just released the theme song for the 4.2 release. The song title is 100001 1010101. What does that mean?

Converting them to decimal, we get:

100001 = 32 + 1 = 33
1010101 = 64 + 16 + 4 + 1 = 85

As ASCII codes, these are ! and U. Not particularly meaningful, but it gives us a hint. Considering the song's subject some connection to money could be a good guess. Considering OpenBSD's focus on cryptography, it seems like it might be encrypted in some way, but presumably some way that's known to be insecure enough that someone with only two characters and a knowledge of the context can decrypt it. A Caesar Cypher is an obvious bet. Since it's in binary, a power of two seems like a nice bet for an easy-to-guess key. We want one that leaves both characters in the letters region of the character set (65-90, 97-122). Picking 32, we get:

1000001 = 64 + 1 = 65
1110101 = 64 + 32 + 16 + 4 + 1 = 117

This corresponds to the letters A and u. Since Au is the chemical element for gold, this is probably the answer.

Of course, with only a two-letter cyphertext and no knowledge of the algorithm or key, we can't be sure, and the 'real' decryption could be anything, but it seems likely that the correct answer is gold considering the subject of the song. Assuming it is a Caesar Cypher, we know that the distance between the two characters must be 52, so we can write a simple program that will output them all:

#include <stdio.h>

int main(void)
{
for(int i=0 ; i<128 ; i++)
{
printf("%d: %c%c\n", i - 33, (char)i, (char)(i + 52) & 127);
}
return 0;
}

The only results where both are in the letter range are:

32: Au
33: Bv
34: Cw
35: Dx
36: Ey
37: Fz

Of these, only Au is an atomic symbol. The others might have some other meaning, but Au still seems like the best bet. No other powers of two give us a value in the letter range, although 16 gives 1e, which might mean something to someone (decimal 30? ASCII code for record separator?).

In summary, the title for the new OpenBSD theme song could be anything, but is probably Gold. Also, I am definitely a geek.

User Journal

Journal Journal: Squash Ball: 1, Eye: 0 2

I recently started playing squash. It's quite fun, you put two people in a small room and they try to hit a small ball past each other. It turns out, this ball is almost exactly the same size as an eyeball. It also turns out to be somewhat more resilient than an eyeball. When I played last Thursday, the ball left my opponent's racket and went straight into my right eye.

This, perhaps unsurprisingly, way quite astonishingly painful. After about five minutes, my vision started to go cloudy, so I went to the hospital. One of the nice things about Swansea is that there is a hospital right next to the sports centre, which specialises in eyes. After waiting for a little while, someone shined a bright light in my eyes, poked them a bit, and gave me some drops to take. Apparently my iris was bleeding (hence the cloudy vision). I had to use two kinds of eye drops and go back the next day. By this time, it was hoped, the cloudiness would have cleared enough for the doctor to see into my eye and see if my retina had detached.

The next day, the cloudiness hadn't cleared much, but the doctor couldn't see any damage (but I have to go back after another three weeks to make absolutely sure).

Today, for the first time since the accident, I can see clearly. Unfortunately, the pupil on my right eye is still very dilated (I think this is the eye drops, but I'm not completely sure), and so I am having to wear sunglasses and sit in a dark room to avoid being dazzled. The good news is that the week-long moratorium on exercise is lifted tomorrow, so I can go to salsa in the evening.

Intel

Journal Journal: Intel Adds Vertex Shader Hardware Support

According to El Reg, Intel have added hardware vertex shader support to a number of their GPUs. Those affected by the driver update include the Q963, G965, 945G and the mobile GM965. Previously these parts only supported pixel shaders in hardware, and used a (slow) pure-software implementation for vertex shading. The hardware contains a mixture of fixed-function and programmable hardware; this driver update will use the programmable hardware to run vertex shaders.

The new drivers are Windows-only, but the existence of this functionality provides some hope that their Free Software drivers will also gain vertex shader support at some point.

Graphics

Journal Journal: Is 3D Hardware still Hard?

First generation video cards were basically a blob of memory and a DAC. Then came simple 3D cards that were basically rasterisers. Then the cards started doing transform, clipping, and lighting calculation all in hardware. Then manufacturers started moving away from the whole fixed-function concept. Modern graphics cards are basically floating point vector stream processors.

While the Open Graphics Project is aiming to build a fairly simple fixed-function device, I wonder if this is the best approach. It seems that it would be simpler to start with something like the OpenRISC core and:

  1. Remove the integer units (not needed).
  2. Increase the floating point pipeline width to 128 or 256 bits, giving 4-way SIMD on every operation.
  3. Add hardware support for trig operations.
  4. Stamp a few dozen of these cores onto a die.
  5. Do everything else in software.

You'd get a chip that is heavily optimised for doing graphical operations, but still a general purpose design, a lot like modern GPUs. The other benefit is that there are a lot more open source developers capable of writing software OpenGL implementations for this kind of device than there are able to make meaningful contributions to GPU design.

For bonus points, you could add a few stock OpenRISC cores, a memory controller, USB controller, etc to the design, and have a completely open source system-on-a-chip design.

User Journal

Journal Journal: DRM-Free iTunes 3

Apple launches a DRM-free version of iTunes, and the Slashdot coverage is an article bitching that it adds your name, email address, and date of purchase in the metadata.

The rest of the world seems to be having a slightly more positive reaction, judging by how badly lamped the iTunes store was when I tried checking it last night (song previews were failing to load, individual pages took thirty seconds or more, and the two albums I upgraded last night are still downloading).

Album upgrades cost 25% of the original price, which isn't too bad for doubling the quality and ditching the DRM. I'd bough 12 albums from iTMS (including one EP) before the DRM started irritating me by being incompatible with devices I wanted to use to play back music. Of those, only two were available DRM-free.

I plan on buying a few albums DRM-free in the next week or so. I hope other people will too, so that Apple can point at the proportion of DRM-free downloads and say to the other labels 'look how much money you are losing by not selling your tracks DRM-free.' Then all they need to do is get the price down to EmuSic levels (or, at least, the same price they have in the US, for those of us in the UK).

User Journal

Journal Journal: Hosting Resolved

I had another chat with my hosting company's CEO today, and he agreed to give me one of their standard plans for slightly less than it usually costs with twice as much bandwidth and a second IP. While this is still a bit more than some other companies, knowing that if stuff goes wrong I have email and IM addresses for the CEO, CTO and head tech and can bitch at them until someone fixes it probably makes it worth while. They extended my existing contract by a month to give me time to shop around for a new host, and then agreed to the suggestion I felt fair after I'd looked at some of their competitors.

Mac Mini Colo are now back on my 'would recommend' list. Anyone looking for hosting that falls somewhere between low end dedicated servers and high-end virtual private servers would do well to check them out.

In a year, I will probably move to a Xen-based solution, but at the moment they tend not to have enough RAM or disk space. Anyone looking at starting a hosting business should take note of this. There is a serious shortage of VPS solutions with decent amounts of disk space and RAM. Get some 750GB disks (maybe RAID-1, two per machine), and 5-6GB of RAM, and you can put 10 VMs with decent specs in each node. CPU is rarely the limiting factor for budget hosting, and live migration can help out a lot here if you choose to go for a SAN backend and just have a lot of disks somewhere in your rack.

Networking

Journal Journal: Anyone know of a cheap dedicated hosting company? 2

My current hosting company wants to put their prices up. I currently have a Mac Mini running OpenBSD colocated with them. I am looking to move, and have the following minimum needs:
  • 1GHz CPU,
  • 512MB of RAM,
  • 1IP,
  • 50GB/month of transfer,
  • OpenBSD or FreeBSD.

I am flexible in terms of storage space; I currently have an 80GB disk, but I'm using less than 5GB of it. I'd like to start using a bit more, but not having more bandwidth makes this difficult.

Can anyone recommend a hosting company that would offer this kind of set-up for under about $50/month? DedicatedNow seemed like they had a reasonable offer, but they had some quite unreasonable demands, such as needing a copy of my passport faxed to them to complete the transaction (and I don't do that for any business, particularly not one I have had no prior dealings with).

In unrelated news, it looks like I'm getting a Google-sponsored minion for the summer. The SoC results were announced this morning, and the project I am mentoring got accepted. Should be fun.

Slashdot Top Deals

The person who makes no mistakes does not usually make anything.

Working...