Ian Murdock's blog appears to have been removed from the Planet Debian blog aggregator, with a request to not provide Progeny commercials, as Joey Hess noted.

Now, I agree that Planet Debian shouldn't be a general advertisement platform. That's not what it's meant for, and it shouldn't be abused as such. OTOH, Progeny is a Debian-focused company, and Componentized Linux is Debian-based. In short, news about Componentized Linux is as interesting as news related to Ubuntu, of which we have also recently seen samples on Planet Debian.

Additionally, this had some rather nasty impact on the mindset of some other people:

<Overfiend> Huh.  Guess there's not much point in me starting a blog *now* :)
<Yoe> why not?
<Overfiend> Apparently, Planet Debian has to be a Progeny-free zone.
<Overfiend> and since that's still the company that signs my paychecks...
<Overfiend> I might inadvertently mention them from time to time :)

Please, Scott; either create and enforce a clear and public policy about what can and cannot be mentioned on Planet Debian, or stop censoring like that. Thanks.

EtherApe is cool

We all probably know Ethereal, a GPL'ed network sniffer that must not be missed in any network administrator's toolkit, and which is packaged by fellow Belgian Debian Developer Frederic Peeters. When trying to decipher obscure network problems, it often helps to have a look at what actually goes over the wire, and see whether anything is out of the ordinary.

Such an approach works reliably well if you have a general idea of what the problem is, and what you should be looking for. If you do not, then looking at the thousands of packages in your sniff log may not be the ideal way to find the solution.

Tune in EtherApe, which is also packaged.

EtherApe gives you a graphical representation of the network traffic it sees, allowing you to quickly track where the problems are. It uses libpcap to sniff the network, but can also work on files. That specific feature makes it extremely interesting -- you can go to a customer's network, let Ethereal sniff away and store the sniffer's results to a file, and analyze that file with both Ethereal and EtherApe to find out what the heck is going on.

Where was I when woody released?

Gunnar Wolf has this cool meme idea where you would tell where you were when Woody was released. I find this a nice idea, and I'd participate, except it's so freakin' long ago that I don't remember.

Considering the time of the original announcement (Date: Fri, 19 Jul 2002 23:59:59 +0200), I was probably at home; but it could also be that this was during the trip to the French Ardennes that I made around that time. As I said, I don't remember.

Why computers stop working

Todd Troxel pointed us to an 80s-era article entitled Why Do Computers Stop and What Can Be Done About It?, which makes some nice reading, especially when comparing it to the state of the art as it is today. Quote:

To give an example, modern discs are  rated for  an MTBF  above 10,000
hours -- a hard failure once a year.

If anything, it would appear that the state of the art has decreased in that area. Oh well.

It's funny to compare how the state of the art in editing text changed, too. I suspect the article (which can only be downloaded in PDF form) was printed using a daisy wheel printer.

End the arms race

Spam has been a problem for a long time now. It reduced the usefulness of the email system, requiring people to filter their mails in order to make it useful again. This filtering has led to an arms race between spammers and people writing anti-spam tools: every time the anti-spammers write better filters, it will take just a short while before the spammers find a way to circumvent the better filters, and there we go again.

Of course, the spammers have an interest in reaching you. Some of the spammed people are probably interested in what they're being spammed with, and react to whatever is in the spam mail, increasing the amount of money in the spammer's bank account.

A portion of these spam mails, while annoying, don't contain illegal content, nor do they try to trick you into giving the spammer money without him giving you anything in return. Still, those spams try to subverse our spam filters because otherwise, they wouldn't reach anyone

This is silly. So people outlawed most types of unsolicited email sending, making it legal under only certain circumstances. Unfortunately, the regulation that exists today in the United States seems entirely unhelpful -- adding some lines of prescribed text to your email will make it look legal, but it really isn't; this makes prosecution very hard.

I'm proposing another type of regulation: rather than throwing all types of email on a hoop, require that people who send unsolicited bulk mail add some headers to the email — say, things like Precedence: bulk, Advertisement-Type: unsolicited, and Category: porn, for example. Then the people actually interested in porn spam (if any) could set their filters so that they do get it in their inbox, while everyone else can easily throw the junk away. Without requiring 90% of their CPU to be spent on spamscanning, and without too many false positives.

This will of course not make the entire problem go away — consider 419 scams, fishing and other types of social engineering where people try to help you get rid of your money in unlawful manners; but I think it will go a long way towards the goal of not getting any unwanted email in your inbox.

VCS comparison

I've been looking for a comparison of the different available Version Control Systems for a while now. The best I could find is the list available over at bitkeeper, which is more a BitKeeper marketing tool than anything else. In other words: not helpful.

Thus, I've just started something like that BitKeeper page on my own website, but without the bias -- at least, that's the intention. I'm probably not doing it right, yet. Corrections and (especially) additions are very welcome.

Discontinued VCS page (already).

I received a lot of feedback from quite a number of people regarding the VCS comparison I had started. Many of those pointed me to the Better SCM initiative. At first, when quickly having a look at that page, and following the 'Alternatives' link in the menu at left, I found a short description of some 8 version control systems; interesting, but in no way similar to what I was writing. I wasn't sure why these people kept pointing me at that -- until I found that they actually meant me to look at the Comparison section. Which contained about everything I already had, plus much, much more.

Since there's not much point in duplicating such an effort, I just tore down the page.

Thanks to those who contributed, though. You know who you are.

Apple-computer.us and scarsly dressed women

Adam Kessel blogged about apple-computers.us. He concludes it is not a trustworthy site, in part because of their logo – a cartoon of a scarsly dressed girl that has elements of the original iMac's design in the clothing she does wear.

What's funny about that is that I recognise the image – it is used in the Aqua theme for the Enlightenment windowmanager as an opening image (appearing before the desktop is shown, on those opening shutters). Apple-computer.us don't appear to be giving proper credit...

Speaking of scarsly dressed female figures, there was an item in the news yesterday about how the U.S. state of Texas is in the process of introducing a new law that would regulate the moves cheerleaders can make (see this google news search for English-languaged coverage of the bill). It's been a long time since I had such a good laugh... this type of idiocrasy can only be seen in some of those overly-catholic US states, such as that of Texas. Oh well.

Just another day...

...that happens to be the day after my birthday. Apparently, this means I was born on exactly the same day as Mike Beattie. Heh.

I got some presents, too (mostly personal stuff, not really appropriate to mention it here); but my brothers and sister will also give me a present in a few weeks; I've been told I need to make sure I'm at home the 19th, at 19h. That's all I know.Jokingly, I asked them not to let me wait for 19 minutes and 19 seconds or so, but I'm quite curious what it is I'll get. Watch this space...

Quickstep booting again.

A week or two ago, quickstep suddenly didn't live anymore on the network. I couldn't ssh into it, I couldn't even ping it. Since, for various reasons, I couldn't physically access quickstep until today, it remained down -- meaning that for a while, there was no m68k/experimental buildd anymore (quickstep's the only box who does that).

I just went to look at quickstep's console to find out what's going wrong. Apparently there was a kernel panic (jaiks!) after the box had had an uptime since the end of Februari -- the weekend after FOSDEM, specifically.

It's now running fsck over its 18GB ext2 partition. At 25Mhz, this will probably take over an hour. Yes, I'll convert it to ext3 once it's up.

On ID cards

Robert Love blogs about some regulation that the US government is working on, which would standardize state-issued identification documents such as drivers' licenses. He's mainly concerned with the cards' "lack of real security accompanied by a false belief that it brings us some sort of protection from terrorists and its affront on state's rights and small government."

As I'm living in Belgium, where everyone from the age of 12 has an ID card, and everyone from the age of 15 is required to carry it with them at all times, I find these remarks quite funny. So now your airliner will see a standardized ID card rather than something which may differ from state to state. Oh gosh!.

Compare to changes that are happening over here: the government is migrating away from 'paper' ID cards (plastified ones, really) to digital ones (smartcards). Whereas with the first ones, you have some control over who writes down your ID information, it is impossible to say with a smartcard who simply reads your information from the card, vs who will store the information on their hard disk. To add to the problems, the electronic ID cards don't even carry your home address on them anymore. I find that a much greater problem than the standardization of the layout of documents which, in essense, are in effective use already, today.

Oh well.

Installed greylisting

Unhappy with the high amount of spam that was making it through to my mailbox, I enabled yet another trick to slow down spammers. This time, it was greylisting. The greylistd package makes it quite easy, although I don't quite like the offered script that will help you update your exim4.conf; it adds the (slightly expensive) greylist check to the begining of the ACL, before the (cheap) checks on email address validity, which is silly. Then again, of course it doesn't have any other choice, as my exim4.conf is handcrafted from the example.conf, and is quite different from an exim4.conf as it comes with the Debian package.

Anyway. The greylisting has been running for quite a while now, and it seems to work. Flawlessly. Haven't received a single uncaught spam mail since I installed the thing. And of course I still have some cards up my sleeves, should the spammers ever circumvent this particular countermeasure, too.

Doing the Helsinki paperwork

Now that everything's been confirmed with sponsorship and the likes, I went out to the local government building to get the paperwork done. Even though I don't really need a passport to go from Belgium to Finland (both are part of Schengenland), I think it's better to play safe and bring it anyway.

The lady at the office where they issue such things, however, told me that I need to turn in my previous one because it's still 'registered', whatever that may mean. No, it does not mean 'valid', because it was only valid for one year, and according to that lady, it was issued in 2002 (which sounds about right, that was for the trip to .au).

2002. That's, like, 3 years ago. Do they really think I still have the bloody thing after all that time? Especially if it's been invalid since more than half that time? Grmbl.

Oh well. The alternative is to go by the local police station, tell them you lost it, and ask for an official piece of paper that states I did so. I think I'll go for that option — I can't find it in the mess I call 'bedroom'.

Blogging software

I agree with Joey: weblogging software should not rely on a CGI script to produce RSS output, that's silly. And I'm still using blosxom... uh?

Well, blosxom has this neat static output thingy. In my /etc/blosxom/blosxom.conf I have, amongs other things:

$datadir="/var/local/blosxom";
$static_dir="/srv/www/grep.be/data/blog";
$static_password="foo";
@static_flavours=qw/rss php/;
$static_entries=1;

And then I have a /var/lib/svn/blog/hooks/post-commit that looks like this:

cd /var/local/blosxom
svn up
for i in $(svnlook changed /var/lib/svn/blog | awk -F' ' '{print $2}')
do
  touch -d "$(svnlook date /var/lib/svn/blog -r $(svnlook history /var/lib/svn/blog $i | tail -n 1 | awk -F' ' '{print $1}') | sed -e 's/(.*$//' | awk -F'(' '{print $1}')" $i
done
/usr/lib/cgi-bin/blosxom -password='foo' -quiet=1

(the whole svnlook crap is to make sure a file doesn't get a different date set on it when I make an update)

So I can just 'svn commit' anything, and it works. One note, though: make sure you don't use .txt as your blog entry file extension (can be set using $file_extension in blosxom.conf), because .svn directories contain little files called README.txt in them, which you probably don't want to see in your blog...

(on a side note, I find the whole static password thing pretty pointless; if you're logged in to a system and have write access to whatever blosxom writes to, it's probably too late to block it using a password anyway; and if you do not have write access, then knowing the password isn't going to help you...)

Why email address munging is harmful.

See?

If you can figure out what's happening there without cheating (thus, without looking at other versions of that mail), then please lend me your crystal ball sometime.

Obfuscated C is not source!

As I read over on Kernel Planet, two moronic companies called SiLabs and MCCI think they can satisfy the GPL by distributing "source code" that looks like this:

#define \
BAUD_CLK \
  \
(0x384000)
struct
O111111011
{
struct
usb_serial_port
*
l111111100
;
int
l111111101

(just a snippet, of course)

About to receive my birthday present...

The 6th, which is my birthday, I was told by my brother to be at home the 19th at 19h. Which is, like, now. Well. Two minutes from now.

It happens to be the case that tonight, Star Wars Episode III premieres. This could be a coincidence... we'll see.

Jörg Schilling has a blog.

Or so it seems. For those who don't know Jörg Schilling: he's the guy who wrote cdrecord.

He's also the guy who's been whining about the Linux Kernel, how it doesn't support the totally non-intuitive SCSI addressing scheme for everything, and claimed that some subsystems in the kernel weren't being maintained because they didn't accept his senseless patches. He's also the guy who changed his license to something not even internally consistent (and, thus, non-free) when the Debian maintainer of cdrecord decided to (finally!) remove the completely useless and bogus warnings that were cluttering the cdrecord output since ages for no other reason than to pester those who don't agree with him.

One of his recent posts is about OpenSolaris vs Linux. The one and only comment down the bottom:

Andrew Pinski said...
Can you fix the word wrapping, it looks a 3 year old made this blog.
7:31 PM

Well. Spot on.

WWW is deprecated.

Prompted by a post on Planet Debian, I read no-www.org, and decieded that they're right. So, my website is now also available as grep.be in addition to www.grep.be

OpenSolaris

So, Sun is in the process of making Solaris free software. Hopefully that'll they'll get rid of some of the extreme braindamages in Solaris, such as the fact that it requires you to pretty much test how many characters you can put in an environment variable (say, $PATH) if you want to do anything useful.

Oh well. I went and had a look. I planned on downloading the thing, but that apparently isn't possible yet; currently, all you can find on the OpenSolaris website is a bunch of blatter, the source to something called 'dtrace' (including a suspiciously high amount of praise from Sun execs about that thing) and a roadmap.

When they plan on making the kernel and libraries public, they're also planning on providing people with, amongst other things...

• Community-support tools:
  • Mail lists, Forums, Community Blog aggregator

Heh. So you don't exist as a community today if you don't have a planet, apparently. Well, it's not as if I disagree. I guess.

Seriously now. Of course, OpenSolaris would make things such as 'Debian GNU/Solaris' possible, if there is interest. We still have some unused Ultra10s at the office...

Received my tax letter in the mail yesterday.

Looks like they finally modernized the Belgian ministry of Finances. Rather than sending me the outcome on a paper of which it is blazingly obvious that it was printed on a dot matrix printer¹, they now appear to be having a laser printer; and the new layout of the thing suggests new software, too.

Anyway. Since this is my income tax for the year 2003, in which I had a paid job for only two months (after which I quit to co-found NixSys), my income over the whole year was so low that I didn't earn enough to be due any income tax. However, since, by Belgian law, your employer has to pre-pay the ministry of finances in your name by keeping some of your wage and sending that to the government, I'll be getting quite some money back.

Of course, we're talking about a government agency here. So it'll take them still quite some time to do so — a few months. But still.

¹ which they need to do for all Belgian citizens who have an income — I wouldn't want to be near that room!

Spam filtering.

A few days ago, I opened my ~/.mutt/muttrc and added the following:

macro index,pager S s=spam/gemist<enter><enter>

=spam/gemist is my folder for, well, missed spam. False negatives. Mails in that folder get read by a cronjob that feeds them to sa-learn --spam, and I found I was having way too much of those lately. I was already tagging them per mailbox, so that I could throw them to the false negatives box all at a time, but these were still way too many characters. Hence, the macro to throw spam away with only one keystroke (well, two if you count shift).

While doing this and looking at my mails more closely than normal, I found out why I was having too much of those, too: the score of the BAYES_99 test (meaning, the bayesian filter was 99 to 100% sure that the mail was spam) was set to 1.9! Freakin' idiot. Modified it in my local configuration to say 4.0 rather than 1.9, and suddenly a lot more spam was caught.

Happy happy, joy joy.

Not sure whether this is my bug or whether it's in the package; I'll have to review that.

How do search engines work?

Adam Kessel recently commented in his blog about how MSN found his 'hidden' domain. Adam appears to think that by not spreading a URL of a webserver, he can hide the site from search engines.

As Google explains, however, hiding a site in such a way is plainly impossible.

That being said, of course MSN should honour robots.txt... if it really is MSN. Adam doesn't provide the IP address of the robot that crawled his 'hidden' webserver; but of course, if he runs whois <IP address of the bot requesting the page>, he can easily figure that out... and complain if required.

Sick

I didn't feel too well tuesday and wednesday either, but today it totally hit me. Yesterday and the day before I thought I was hay fever playing with me; but after doing a 2h bus ride today, it became totally obvious that this wasn't just an allergic reaction; I've got a fever (didn't take my temperature, but I feel like I could explode from the heat), I've got a headache, my stomach isn't playing nice, and my nose is dripping. Oh, and I've got a nasty cough, too. All feels like a cold, or perhaps influenza. And then I still had to take the bus back to get to my bed...

Which I've reached now. Unfortunately, the nose is keeping me awake. I usually don't mind being sick; in normal circumstances when I'm sick, it's all gone after one day. But of all the illnesses and deseases one can have, having a dripping nose makes me go crazy. Especially if there's an occasional sneeze, as is the case right now.

...

Hm. It just occurred to me that people reading all this might not be interested in so many details.

Well.

Sorry.

Hopefully I'll be able to find some sleep now. See ya all in the morning.

Back to basics

I created a new layout for my website. It's a very simple one — it doesn't do much more than specifying some colors.

Meaning, I now have three lay-out options for my website. Changing the stylesheet changes the entire look and feel of the thing. Gotta love CSS.

Flooding planet

It appears that the maintenance I just did to my webserver somehow confused Planet Debian, since I'm now all over there. Sorry; I'd fix it if I knew what went wrong, but I can't seem to figure it out.

This may sound as whining now that I broke the flood for a change; but I think it's a bug in planetplanet to accept posts that are 'very old' as new. I overcame my python antipathy for a few minutes to try and find out whether I could provide a patch, but, well. It's still python, you know.

In any case, if the planet maintainers could throw out too old posts (or tell me how to fix my RSS feed), that'd be nice.

Finally a Patch that works!

A mail with that as subject appeared on the debian-l10n-dutch mailinglist today.

Unfortunately it has nothing to do with computers.

Starting a pool

So, now that the release is getting extremely close to actually being there, I feel we should get up and prepare to party. Prepare, that is, because it isn't right to party for something that hasn't happened yet.

So, I propose a pool: we all vote on "When will Debian 3.1 actually release?"

A few ground rules:

1. You need to specify a date, time, hour, and minute. All times are assumed to be in UTC, unless otherwise specified.
2. The exact time of the release is taken by the Date: header from the mail that is sent to -announce or -devel-announce (whichever is first), as it appears in my mailbox.
3. In the interest of fairplay, Release Managers are excluded from betting (sorry guys), unless someone convinces me otherwise with serious arguments.
4. If you place a bet, you pledge to pay one drink to the winner at the upcoming DebConf5 in Helsinki. This can be an alcoholic beverage, but it does not have to be; if the winner prefers a cola, you'll pay him a cola.
5. Obviously, this means we have to see you in HEL. If you're not coming to DebConf5, you can't participate. Sorry.
6. You can place multiple bets, but that also means you get to pay multiple drinks.
7. One bet is defined as 'one named minute'. If you think you're funny and say "Every minute from now 'till the day the world ends", that's a lot of drinks...
8. All votes that are received within 48 hours of the actual release time will be declared invalid and thrown out of the pool (they won't have to pay a drink, either).
9. All votes that predict a release time after 2005-07-01 are declared invalid, for reasons of optimism and practicality (no fun in winning a prize which you cannot ever get anymore).
10. Bets will be anonymized and published on my website as I process them (which will likely be done manually).
11. If nobody gets the exact date and time right, the person who was closest wins.
12. If there's more than one winner, they get to share their prize. It'll be up to them to find out how.

Other than that, everything's fair game. I think. If I find additional rules are needed (don't think so), then I'll announce them here.

Bets can be sent to <wouter+release-pool@grep.be>; you should receive an acknowledgement within 48 hours. If you don't, yell.

Received the first bet

I've received the first bet to the Release pool this morning.

Come on, people! Paying someone a drink isn't much, is it? And since 'only' about 200 people are coming to debconf, your chances are significantly higher than on an average lotto.

In any case, the "list" of placed bets is available

GUADEC

wouter@country:~$ wget -q -O- http://planet.gnome.org | grep -ci 'stuttgart'
22

I think the GNOME people are in Stuttgart currently. Not sure, though.

"usability"

On Planet Gnome, I found a post by Nat Friedman regarding user interfaces. One example that is given there is called 'Mezzo', which is has the following "feature":

Bumper boarders:
Windows cannot go beyond the edge of the screen. Period. The edge of the screen is a hard edge, a 'bumper', preventing users from moving content outside their view.

That is evil. Period.

Why is it that English is so hard for people?

I've received several notions now from people who think it's "Poll", not "Pool".

Can't you people use a dictionary?

wouter@country:~$ dict pool
[...]
     4. Any gambling or commercial venture in which several
        persons join.
        [1913 Webster]