I hate deb-slashdot...

Submitted by gwolf on Tue, 12/28/2004 - 13:32
I wanted to create a little new meme. I posted a world map with visited countries. It was nice. It was good. The meme started to spread... And then the server choked after a deb-slashdotting :-(
Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET /projects/visitedcountries/. Reason: Could not connect to remote machine: Connection refused
What can I say? Sorry, douweosinga.com :-(
( categories: )

Is it slow? Nah, it is just December

Submitted by gwolf on Mon, 12/27/2004 - 20:03
Almost two weeks, not a single post? Well, yes, life tends to slow down for the holidays. Although I have been mostly working, at least a couple of hours every day, I have managed to do very little this last weeks. There has, though, been some activity. I have sat down to hack on Comas quite a bit. [friend]Mig[/friend] has done his good share as well. I am happy about it. And we are gathering more people in the project - Comas will be used for the Bolivian Free Software Conference, for a German Perl workshop... And it seems we are getting more hands. This is getting fun! :-D I was also busy printing and selling with Nadezhda some very nice Debian T-shirts, just like the ones I took to the last GULEV conference. Very nice T-shirts, I really liked the result, and I have sold them at a nice pace - even being vacations and all. Now... While browsing around, I came around the very nice Visited Countries site. Of course, my ego did not let me go away just like that... So here it is: ...Although it seems quite unfair that a visit to Montreal or a visit to Porto Alegre are good for such a huge impact area, this little map is something I long wanted to do. Now, why doesn't he have one of the Mexican states? ;-) But nothing beats the world-map-on-a-corkboard-with-lots-of-tacks I want on my wall ;-)
( categories: )

WTF is this?

Submitted by gwolf on Tue, 12/14/2004 - 11:22
Ok... If you know me, you will be perplexed to find this as my current desktop. Yes, people that know me know that I dislike integrated desktop environments. I am a very happy WindowMaker user, have been faithful to WMaker for at least seven years... But anyway, I have found myself recommending Linux to almost-average users... So I decided to force myself to use a computer as they would for a couple of days at least. I am trying to get the whole user perspective, even the settings they would use (i.e., graphical smileys in Gaim... That's bad!), even using one of the pieces I most often loathe in favor of the traditional terminal: The file manager. Well... Almost anything - Just don't take away neither mutt nor Emacs. So far, after some four hours and thinking as a user, I like Gnome. I do think some things should be different, but before screaming about them, I'll play more with it. I had not used it since... The 1.4 days, I think. 2.8 has just entered Debian, and it is amazingly smooth. I plan to submit myself at least to two days of Gnome torture, then two days of KDE torture... If time allows, I'll even torture myself again with xfce, although I tried to do so in the past, and never liked it :)
( categories: )

The stars above us

Submitted by gwolf on Mon, 12/13/2004 - 22:25
So today we have the Geminid meteor shower, right? Well, what could we do besides printing a sky chart of Mexico at 20:00 (actually, I printed it for 18:30, but was able to infer +- the position of Gemini) and drive to our dear and nearby Ajusco. We got to a nice spot, with no light around us besides the road (which was quite bothering, but bearable), and... Well, we had a nice view of the Southern and Western parts of the sky... But the East and the North were cloudy, and Mexico City was just North of us, so the city lights reflected on the clouds... So after some minutes, we headed back home. When we were mostly back into civilization, Nadezhda told me she was hungry. And you know how hard it is for me to please my woman when she wants food... Some days ago we were remembering a very good place to eat [term]pambazo[/term]s, [term]quesadilla[/term]s and such, very close to the center of Magdalena Contreras. Contreras is a beautiful (although mostly poor) area, struggling between its identity as a little town and its reality as part of a huge city. Nadezhda was born in Santa Teresa just in the border between the towns uphill and the city in the valley, between the opulency down in Pedregal and the poverty towards Contreras, and she knows quite well the area. It was very nice to hear her talk about her childhood, stories about her father driving like crazy on those impossibly twisted streets, places she went to as a child... This little restaurant is on Álvaro Obregón street, and has not changed at all since she first took me there about eight years ago. She insists it has stayed identical since her father took her and her brothers there 25 years ago. We just had our dinner, walked a couple of blocks, and came back home. Yes, you might ask why should I blog something as irrelevant as this... Well, the thing is, I really enjoyed the evening out :-) BTW: I thought I would never see a harder place to drive in than Sucre or Potosí, in Bolivia... Well... Contreras does not fall behind :)
( categories: )

Pascualina / EsMasPC

Submitted by gwolf on Sat, 12/11/2004 - 13:14
It seems that after yesterday's rant SEPOMEX decided to stop playing me tricks, and they finally left me at home a final call stating I could go to my area's post office (which is not in my area at all, there are at least two post offices much closer, but anyway) to pick up a package. Now... A final call? Yes... I never got the first or second ones, and my package was about to be either sent back to the sender or discarded. Well, I went to the post office, got there past 16:55 (it closes at 17:00 - and believe me, mexicans are really punctual when it comes to going home after work). I was expecting this package for a long time: Five Pascualinas I asked the good [friend]MAVE[/friend] (this guy)to send me for my nieces when I was in Chile! I want to open them, but of course, it is not up to me - The girls must do it. Thanks a lot, man! :-D Later that night, [friend]Arareko came for a T-shirt I had promised to keep for him, and [friend]Kbrown[/friend] came to show me an EsMas PC, as I was quite curious about it. What is this EsMas PC? Well, first of all: EsMas (literally: ItIsMore) is the Internet name for Televisa, the largest commercial TV chain in Mexico. This computer they sell for around US$250 is the first attempt I saw at making the PC into a commodity - Clearly following the iMac's design, it is a fully integrated unit. Now, just as the original iMac, it is a very dated machine - 300MHz Celeron, 64MB RAM (of which 8MB are allocated to video). The interesting thing is that they ship the system with Linux - And not just any linux, it is a Debian Woody system with KDE 3.2, Gnome 2.4, Mozilla 1.4, OpenOffice 1.1beta2, and some extra propiertary stuff (Netscape 7.1 IIRC, RealAudio player). It comes with a nice (although cheap-feeling) USB keyboard/touchpad that has just the exact laptop size and arrangement. I love my laptop's keyboard, so I'd like to get hold of one of those - Except that it lacks many keys, it is very similar to the HappyHacking keyboard. It has only five rows of keys - That's right, no Esc, no Function keys, cursor keys are only the arrows (no PgUp/PgDn/Home/End). Wait - It does have function keys... Only they masquerade as extra launcher buttons. They are not mapped correctly - Home is F1, Network is F2, and so forth. Silly. The offer seems quite good (although with limited hardware), and I asked Kbrown to lend me the machine for a couple of days just to test it, once again, thinking about my nieces - they would really like having a computer like that. But I soon got disappointed. The machine is really slow. It would be much better if they cared to ship it with 128MB instead of just 64. We measured it, and just after opening, Mozilla used some 25MB. Opening a page with a Java applet required the JVM - 30MB more. Add to this X and Metacity, and... Well, happy swapping. Oh, and don't even try to open OpenOffice as well. And if you do, make sure that's it - I opened some other programs... And the kernel decided to kill X as it ran out of memory. Kbrown has this machine because he wants to offer EsMas the quite amazing computadora.de service he is working on - He is no Debian user, so he came to me to help him install Firefox, hoping it would be lighter. Well... Upgraded the machine to Sarge. It took a couple of hours, but in the end it worked. We finished at 4:30 AM. The results? Well, nowadays Firefox is as resource-hungry as Mozilla. I would just not recommend this machine to anyone for any use. The machine is also not usable as a terminal for computadora.de. Probably with 128MB the system would be quite usable for many more people, and with 256MB I would definitively recommend it. Well... Off to bed at 4:45 AM. Woke up at 7:45, as we had some things to do in the morning. For some reason we don't have running water at home today, so no shower for me. Back home, I was falling asleep. I had a cup of strong coffee, some Bolivian coca tea, and... Well, I am still longing for my morning shower :-(
( categories: )

So Mexpost is...

Submitted by gwolf on Fri, 12/10/2004 - 13:11
Unbelievable. I have a package pending to be sent to my mother, who lives in Sweden. I have delayed a lot with it... After all, I have to get to a Mexpost office to have it delivered. Mexpost defines itself as an accelerated courier service. It is part of SEPOMEX, Mexico's postal service. Traditionally, it has been the cheapest courier service in Mexico. I would not trust sending five CDs and a book by regular mail... Ok, so today I got to a Mexpost office. Twenty minutes to get the lady in charge to write down the data on the computer (some ten lines of text - Of course, I had to help her to write Förläggerevägen ;-) ). Only then, she tells me it costs something around MX$360 (some US$34) to send this 300 gram package. Shit, I don't have enough money on me. And, of course, at a public office she will not accept my bank card. From my office, minutes later, I call DHL. Yes, they will pick it up at my home. Yes, they assure me it will take only 2 work days to be delivered. Yes, they will charge me - MX$320. ...Now, why does SEPOMEX complain it is losing clients, is it for the higher prices, for the lousier service, for the hardness to reach their office, or what?
( categories: )

MD5 to be considered dangerous?

Submitted by gwolf on Wed, 12/08/2004 - 14:13
Today I found a quite disturbing mail sent to Bugtraq, in which Dan Kaminsky shortly describes a way to generate more than one file with the same MD5 hash, and links to a paper explaining it further. And if that were not enough, Pavel Machek sent another mail telling a little story and demonstrating Kaminsky's claims with a little story about a scam. I checked the files attached to his mail, and yes, we have two similar (but different) files with the same MD5 hash: [code="bash"]~$ md5sum /tmp/msg1 /tmp/msg2 ; diff --brief /tmp/msg1 /tmp/msg2 57ce330a6c6ca8e9ffab4f3b36b2a1a5 /tmp/msg1 57ce330a6c6ca8e9ffab4f3b36b2a1a5 /tmp/msg2 Files /tmp/msg1 and /tmp/msg2 differ [/code] This attack is still not practical for real scamming or supplantation. If we are signing files that will be processed by a computer (say, Debian packages, .tar.gz, ISO images, whatever), they will not be in a valid format to be installed. If, as in Machek's story, the files are to be human-parsed, there is too much cruft around the text for a human not to get suspicious. But anyway, this is a proof of concept, and it will surely be refined in the future... All hashing functions will somehow present collisions, I know. They must, however, not be artificially generable with choosable content. I am not a cryptologist, nor I claim I will ever be.. But anyway, probably we will end up losing confidence in MD5 hashes, in favor of another hashing algorithm. Directly signing/verifying the whole file is not quite feasible, as assymetric keys are just too heavy to do such work. However, the installed base and trust that MD5 currently has will be challenged... Let's see what comes out of this.
( categories: )

A night at the Caribe

Submitted by gwolf on Sat, 12/04/2004 - 09:49
Yesterday night we went to a small bar quite close to our house (Caribe, just outside Metro Universidad) to see three groups, Sanatorio São Patricio, Huevos revoltosos and Ballet Parkingson. We were invited by our friend Héctor Pisano, who is part of the first and third groups. And just by chance, once we got there Nadezhda recognized the place as one of her usual highschool hangouts, and Huevos Revoltosos as the in-house band for well over 10 years. Nice night. It is good to have some time just to escape :-)
( categories: )

IMAP namespaces

Submitted by gwolf on Thu, 12/02/2004 - 00:00
How come seemingly no one ever gets RFC 2342 right? I recently set up a Courier IMAP server for a new client. A nice setup, all in all... But my client was complaining he could not create any folders in it. All he ever got from the server was a not-so-nice Invalid mailbox name from the server. Dive into Courier's documentation and into RFC 2060. Having done some work wrapping network services (and, by far, most of my work was devoted to fully understanding and implementing SMTP and POP3), it was easy to get to this point: $ telnet my.server 143 * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information. 0 login gwolf@my.server passwd 0 OK LOGIN Ok. 1 list "" * * LIST (\HasNoChildren) "." "INBOX" 1 OK LIST completed 2 create dirname 2 NO Invalid mailbox name. 3 logout * BYE Courier-IMAP server shutting down 3 OK LOGOUT completed Why? Well, some more digging into Courier's docs (and knowing what to look for) got me to the answer: Courier expects the full hierarchy of mail directories to be located under INBOX. - So now, substitute 2 for: 2 create INBOX.dirname 2 OK "INBOX.dirname" created. 3 list "" * * LIST (\HasNoChildren) "." "INBOX.dirname" * LIST (\Unmarked \HasChildren) "." "INBOX" 3 OK LIST completed A-ha! Now... Isn't it assuming a bit too much to ask potentially millions of non-computer-savvy users to be able to understand all of their folders must be under a strange INBOX? Even more, users whose native tongue is _not_ English? Yes, of course. It was taken care of too - This RFC guys are not dumb at all! Just take a look at the just mentioned RFC 2342, an extension to the IMAP4 protocol (published on May 1998, 2.5 years after the IMAP4 standard came along) that allows a mail client to query the server on what its namespace is. And, guess the best thing, Courier _does_ implement this extension (check the greeting banner on my first snippet) 2 namespace * NAMESPACE (("INBOX." ".")) NIL (("#shared." ".")("shared." ".")) 2 OK NAMESPACE completed. Ok. Roll back 4.5 years into the future, until December 2004. You would expect every mail client on the surface of this ball to have this quite simple extension implemented, right? Think again. No, MS Outlook (as my client complains) doesn't. Horde's IMP doesn't either (although you can do some strange configuration on its servers.php file - in my case, I had to specify INBOX. both in the folders and namespace keys to satisfy a regular user's desires). Not even, I must admit, my dear Mutt gets this one right! (although in this last case it can be a case of by forbidding the user to do something stupid, you'd also be forbidding him to do a thousand clever things) I simply cannot understand why. :-(
( categories: )

Back from GULEV

Submitted by gwolf on Mon, 11/29/2004 - 02:12
Ok, I spent a good part of last week at the annual GULEV conference, in Veracruz. I had the opportunity of spending almost five days (travel time included) full time with my friends from the Mexican community and, sometimes, from abroad, catching up on what each of us is doing, having some beer (or a bit more than that), etc. Although many of the regulars didn't show up this time, we had quite a nice time. I have currently no photos available, but I hope to have them ready by tomorrow on my blog. Something strange happened this time in Veracruz, and many of my friends ([friend]Tacvbo[/friend], [friend]P4ola[/friend], [friend]Sonny_taz[/friend], [friend]Toxickore[/friend], Liss, Diego, Alex, Taur, Sandino and Tania) got sick while there. I hope not to join the ranks of sick geeks any time soon. Yesterday I got home past 12AM, and today I was busy most of the day sleeping and spending some time with Nadezhda, so (although I stomped on two RC bugs on Friday/early Saturday and did some uploads tonight) I mostly missed Debian's bug squashing party. It is 1AM already, so the BSP is over in most of the world (except for Western USA and Canada)... Well, until next time!
( categories: )

Debootstrap/Fedora - Debootstrap/MIPS - Veracruz

Submitted by gwolf on Wed, 11/24/2004 - 03:37
Ok, so I finally migrated my client's server to [term]Debian[/term] (from a very ugly Fedora install). The process was mostly painless, but I did stumble upon a couple of details. A quick summary, for those not familiar with Debootstrap. I want to do a nice document later, although my experience was mostly based on Cross install howto for Debian. First of all, a primer for those not familiar with it. Debootstrap is a program that allows for setting up Debian installations within chroot environments - Both the old and the new Debian installer use it behind the scenes to set up minimum workable Debian installations. My first problem was with Fedora's quite strange kernel. Once I had the debootstrap in place, whenever I tried to chroot into the new system, I got this strange error message:
Inconsistency detected by ld.so: rtld.c: 1192: dl_main: Assertion `(void *) ph->p_vaddr == _rtld_local._dl_sysinfo_dso' failed!
. Originally, I thought it happened because of some clash between the running glibc and the one in the chroot. Well, I was wrong, turns out the Fedora kernel is compiled to somehow depend on the specific version of the glibc it was compiled with... So I installed the whole system, and when I rebooted with my new root partition, the machine stayed in the limbo. The kernel reported the same inconsistency when trying to start init. Strange... But well, fortunately after sending my own kernel, I had a nice, working Debian system. Enter my other task: The Origin 200. In much shorter lines: I finally got a working kernel (thanks, ths!). After a couple of iterations of generating a ext3 root image on my laptop, and copying it over, I got the system running. I found two exciting R10k processors with a whooping ~160MHz clock. The Linux kernel is not really stable in there. I hope my boss understands the machine is not worth trying to run as a server... I expect it to be a nice toy for me, but not really worthy for the institute. We'll see. On other news, I am writing this from Veracruz, where I came for Congreso GULEV 2004. We intended to leave Mexico from the Ximian offices yesterday at 16:00 - Gerardo's car broke down two blocks from there, so instead of confortably going 3, 3 and 4 persons per car, we had 5 per car. Anyway, we got to Veracruz at 22:00. The conference is just starting. It seems it will be smaller than last year, but anyway, some beers are expected to come this way in a couple of hours. Most of the Mexican FS community is here. Some talks are interesting, some of them are just an opportunity to chat a bit ;-)
( categories: )

Mexican governement and telco against *BSD use?

Submitted by gwolf on Thu, 11/18/2004 - 14:24
This is surprising... It seems that the Mexican government, together with Telmex, our main phone company, have decided not only not to use but to fight *BSD installations everywhere. [update] Some people have told me that I have to be fair... Well, I will. In Mexico, we call diablito (little devil/demon) the unauthorized connections to the electric network - If you are not paying the electricity bill but you still have service, you have a diablito. This phone cards are sponsored by Luz y Fuerza del Centro, the state agency that brings electricity to central Mexico.
( categories: )

IIEc-UNAM - Day 1

Submitted by gwolf on Wed, 11/17/2004 - 11:51
While I will be formally hired starting January 1, this is my first real day of work at IIEc-UNAM. I am very happy about this, as this has been my goal for many months already. So, what is it there in store for me? First of all, IIEc has an Origin 200 server, bought some six years ago, which has never really been used. I know this machine is, by today's standards, far from amazing... But my first task is to get some life into its old circuits. What does it have? >> hinv -v -m -mvvv IP27 Node Board, Module 1, Slot MotherBoard ASIC HUB Rev 3, 90 MHz, (nasid 0) Processor A: 180 MHz R10000 Rev 2.6 Secondary Cache 1MB 120MHz Tap 0x9 , (cpu 0) R10010FPC Rev 2.6 Processor B: 180 MHz R10000 Rev 2.6 Secondary Cache 1MB 120MHz Tap 0x9 , (cpu 1) R10010FPC Rev 2.6 Memory on board, 256 MBytes (Standard) Bank 0, 128 MBytes (Standard) <-- (Software Bank 0) Bank 1, 128 MBytes (Standard) BASEIO Origin 200 IO Board, Module 1, Slot MotherBoard ASIC BRIDGE Rev 3, (widget 8) adapter PCI-SCSI Rev 5, (pci id 0) peripheral SCSI DISK, ID 1, SGI IBM DGHS09Y peripheral SCSI DISK, ID 2, SGI IBM DGHS09Y peripheral SCSI DISK, ID 3, SGI IBM DGHS09Y adapter PCI-SCSI Rev 5, (pci id 1) peripheral SCSI CDROM, ID 3, TOSHIBA CD-ROM XM-5701TA adapter IOC3 Rev 1, (pci id 2) controller multi function SuperIO controller Ethernet Rev 1 ...Looks nice. It currently has Irix 6.5 installed, which I would sysadmin if it were my only choice, as it doesn't seem to be supported by d-i and Linux resources in general are quite scarce about it... But there are some reports stating that Debian can be installed in it. (yes, I am pasting this URLs in order to use my blog as a bookmark holder ;-) Congratulations: I now have three machines of non-common architectures waiting to be installed: The m68k Quadra 950 that Pop's brothers gave me, the Multia that Alexander traded me for an old laptop and this new monster. I hope not to repeat Iztacala's RS6000 history :-}
WOW. My /etc/apt/sources.list now points at http://nisamox.fciencias.unam.mx/debian/. I downloaded 145MB (had not updated my laptop for ~2 weeks). I got an average of 550kBps, peaking at 700kBps. Hell, my local network at home is slower than that! (yes, wifi) I am gonna be very happy here.
( categories: )

Java is scary

Submitted by gwolf on Thu, 11/11/2004 - 13:21
A friend asked me to become the sysadmin for his machine - Great. A crappy Fedora Core 2 system, terribly installed (it has EVERYTHING in there, three MTAs, the whole X environment...). I have been cleaning up the mess, but decided to debootstrap Debian instead. Now, the system configuration the ISP gave them is even crappier that the Fedora install they made - a dual Xeon at 2.8 with 128MB RAM?! Now, my friend complained that JBoss was running too slow. Ok, I had a 0.00, 0.00, 0.27 loadavg - Memory was quite fine, using only about 10% of the 1GB swap. I launched top... and instantly I had a 300MB Java monster (which in few seconds grew up to 400MB). It gobbled up to 70% of the running memory (at least parts of it could be nicely swapped). The top running process was, of course, kswapd. I ask him, what is JBoss doing? Nothing yet, he says. Shit. Java sucks, no matter what they say. :-/
( categories: )

Postgres, Perl, BYTEA and a productive night

Submitted by gwolf on Thu, 11/11/2004 - 11:02
I have been working a bit on [term]Comas[/term]. Our original implementation allowed only one file of accompanying material per proposal, and I didn't think it was enough -- Yes, an author might tar his different files together... But that's a kludge. Our current implementation also stores the material as files on disk, not in the database. Now, I want _everything_ to be in the database, as it is much cleaner, much easier to back up, and requires much less hassle for the local administrator. For doing this, I decided to use Postgres' bytea data type... Now, before [term]RTFM[/term], my uploads were being truncated usually before the 10th byte. Why? Go RTFM:
When entering bytea values, octets of certain values must be escaped (but all octet values may be escaped) when used as part of a string literal in an SQL statement. In general, to escape an octet, it is converted into the three-digit octal number equivalent of its decimal octet value, and preceded by two backslashes. (...)
Ok, so I came up with this hack: [code="perl"]sub _octal_escape { my ($in, $out); $in = shift; # Split the string character by character. Each of the characters will be # checked, and if it is not a printable character (32-126 base 10), it will # be escaped. Reassemble the line, hand it over. $out = join('', map { my $ord = ord($_); ($ord >= 32 and $ord <= 126 and ord != 92) ? $_ : sprintf('\%03o', $ord); } split (//, $in)); return $out; }[/code] Works correctly... But performance hurts. It took about 90 seconds for a 1.5MB upload, which I consider a typical upload. I thought also of using uuencode/uudecode, which are very nice performance-wise (less than 13 seconds for encoding or decoding over 100MB), and very easy to code in Perl: [code="perl"]sub _uuencode { my ($in, $out); $in = shift; $out = pack('u', $in); return $out; } sub _uudecode { my ($in, $out); $in = shift; $out = unpack('u', $in); return $out; }[/code] ...The problem with that is that I lose many advantages, such as the ability to query the database for length(data) to get the filesize, or --if I _really_ wanted to do it-- perform searches on the contents of the field itself. Also, a bytea field would then become a regular text field... But what hurted most about this idea was that each time someone downloaded a file, it would have to be decoded... And I expect downloads to be _much_ more frequent than uploads. After asking to some friends and some IRC channels, I thought on diving into DBD::Pg. Then I found this:
NOTE: The undocumented (and invalid) support for the "SQL_BINARY" data type is officially deprecated. Use "PG_BYTEA" with "bind_param()" instead: $rv = $sth->bind_param($param_num, $bind_value, { pg_type => DBD::Pg::PG_BYTEA });
So... That 90-second upload is down to a 15-second upload (for a local connection), very acceptable giving that I am moving 1.5MB between my filesystem, Mozilla, Apache, Comas (which is a mod_perl module) and Postgres. And waiting 15 seconds after an upload for a DSL user will not be _that_ unacceptable. I am happy. Now... If just somebody helped me with my blog's performance, I would be ecstatic... Can't figure out why it is so goddamn slow... Well, yes - I am running it on a P120 with 48MB RAM... But anyway, it's just [term]jaws[/term] - PHP+MySQL! :-(
( categories: )
Syndicate content