Tim's Bits and Pieces: Computers

@uninstallfirefox

TimP — Mon, 07 Apr 2014 00:30:17 +0200

I'm stopping using Firefox (and other Mozilla programs like Seamonkey and Thunderbird) over this whole Brendan Eich scuffle, and you should consider it too.

For those who don't know basically what happened was that one Mr. Brendan Eich donated $1,000 to a pro-Proposition 8 (anti-gay marriage) lobby a few years back. Recently Mr. Eich, the inventor of JavaScript (one of the key web technologies), became the CEO of Mozilla, and the Gay lobby became upset, and several members of Mozilla's board of directors joined them.

The situation escalated to the point where he "resigned" as CEO. So, basically what's happened is that a man has lost his job despite his major technical contributions. Or essentially the board of directors has said that ideological conformity is more important than actual technical of business skills. In that case I'm going to go elsewhere for my browser.

Speedup of Trac Static Content

TimP — Wed, 25 Aug 2010 23:03:54 +0200

At work I recently spent some time working on getting our hosted Trac to run faster. I found one simple little trick that gave up to a 20% speed improvement, so I thought I'd share it here.

The basic idea is that Trac has a lot of overhead due to executing a pile of Python code for each requested file including static content like the logos, background images, CSS, etc. If you tell Apache just to skip the Python code for the static content you can save a lot of time and processing power. All the default static content is under "/python/library/path/site-packages/trac/htdocs" which Trac servers up as "/chrome/common/". Basically a request for http://server.com/trac/chrome/common/logo.png will get a file from somewhere like /usr/lib/python2.5/site-packages/trac/htdocs/logo.png on the harddisk. To skip Trac for this we want to add something like the following to the Apache configuration (AliasMatch is part of mod_alias):

 	AliasMatch ^/(.+)/chrome/common(.*) /usr/lib/python2.5/site-packages/trac/htdocs$2

This matches any request for a path that matches /something/chrome/common/something_else, and then sends back the file located at /usr/lib/python2.5/site-packages/trac/htdocs/something_else; preventing the Trac Python code from running. Since there is about a dozen images, CSS files, and JavaScript files for each Trac page the time saved by this very quickly adds up.

Joel on DRCS

TimP — Mon, 22 Mar 2010 23:03:54 +0200

We where talking about merging today and one of my co-workers pointed out that some of the advantages of Distributed Revision Control Systems (DRCS), are actually more of a case of "distributed rcs rules because I never read the manual for svn and drcs is complex enough that it forced me to read the manual". For example Joel Spolsky (of Joel on Software) writes about Mercurial:

The interesting part is that these systems think in terms of changes, not in terms of versions.

That's a very zen-like thing to say, I know. Traditional version control thinks: OK, I have version 1. And now I have version 2. And now I have version 3.

And distributed version control thinks, I had nothing. And then I got these changes. And then I got these other changes.

Uhmm, no, that's not quite right. On the back-end Subversion stores changesets not versions, and since way back in the 1.0 days the documentation has always encouraged a model of thinking about changes not versions, see the section on merging in the old Subversion book for instance. The difference is that when he didn't understand Subversion it was forgiving enough that he could still use it, but with Mecurial he had to go and read the manual. Not that there aren't real benefits to using Mecurial or Git, but they often "solve" problems with Subversion that are just as well solved by reading the Subversion manual.

By the way Technically most revision control systems store changesets rather than versions, and then generate the "version" you need when you request it, at least back to RCS from '82. Though some would encourage you to have a mental model of versions instead of changesets.

PS. I use Git myself for most of my personal projects, and the company I work for (Codesion) plans to add support for Git some time this year, and also switch our internal development over to Git at some point, so it's not like I have some sort of hatred of DRCS.

The Government Will Make Everything Safe

TimP — Sun, 07 Mar 2010 23:03:54 +0200

Professor Proposes Laws Against Insecure Computers:

A leading Internet security specialist is calling on governments to make it illegal for computer manufacturers to sell products that are vulnerable to attacks from cyber criminals.

His call coincides with the arrest in Spain of three of the alleged ringleaders running one of the world's biggest networks of zombie computers.

The botnet spread into some of the biggest global companies, government agencies and more than 40 major banks, including more than 100 cases of virus infection in Australia.

[Professor Bill Caelli said,] "Governments throughout the world have to recognise that they have to start regulating the IT industry itself."

Oh, yes the Government will make it all better. As a result of reading that article I have written the following open letter to the Parliament of Austrlia¹:

Dear Sirs and Madams,

I recently read an article on ABC news (http://www.abc.net.au/news/stories/2010/03/04/2836693.htm) which stated that Professor Bill Caelli of the Queensland University of Technology was recommending that it be made illegal for computer manufacturers to sell products that are vulnerable to attacks from cyber criminals. I wish to take this opportunity to respectfully disagree with Professor Caelli on this matter.

There are several problems with such a suggestion, with a few of the most major being:

How do we decide whether a particular computer system is sufficiently secure to be used by the Australian public? Do we decide Windows + 12 month subscriptions to several security suites is enough? This would not offer an improvement over the current situation, but would simply add an extra layer of bureaucracy and expense. What about longer subscriptions? That would make computer systems a lot more expensive (~$50 per year of subscription probably), while having debatable benefits. Would we not allow Windows at all anymore? Though I don't use Windows, this would be a disaster for many people, and once everyone stopped using Windows, crackers would start concentrating on the other Operating Systems, and while Mac OS and Linux are less vulnerable in theory, large number of Windows Admins would not know how to properly secure other operating systems, which would probably result in those companies and individuals being less secure.

Another concern is that such a law would make it very difficult for small computer companies to exist. If they had to get ever combination of software checked by a government agency it would be expensive and time-consuming. This expense would be annoying for a large company, but fatal for a small company. At the present I can by a computer constructed in Australia (from foreign made parts) by a small local computer shop, if such a law was introduced this would most likely no longer be the case.

It would slow down access to new software suites for Australians because every new software package would have to go through a long government testing process. It could also result in increased software piracy, due to the increase in cost of software, and the extra delays in releasing it.

--
Timothy Pollard
Bachelor of Information Technology (Software Development)
http://blog.timp.com.au

1. I've emailed this to the ABC, my local member, and the Federal Minister and Shadow Minister for Broadband, Communications and the Digital Economy.

IE is Being Mean to Me

TimP — Wed, 03 Mar 2010 23:03:54 +0200

A song about Internet Explorer. I don't actually have to develop for IE, but whenever a customer finds a bug before our testing team I'm the first to hear about it.An interesting thing I've observed from these various bug reports is that nearly every display bug happens in only one specific browser; can you guess which one?

Meth Addicts as a Security Risk

TimP — Sun, 17 Jan 2010 23:03:54 +0200

Linux Magazine: Intrusion Stories:

...
Network intrusion isn't just for pranksters anymore. Spammers, credit pirates, meth addicts, and countless other n'er-do-wells are all looking for a way in.
...

"Wait, meth addicts?"

Which lead me to an interesting web search. For instance see msnbc's "The meth connection to identity theft". Huh, you learn something new every day.

Bulk emails should not come from support

TimP — Fri, 18 Dec 2009 23:03:53 +0200

Today my company sent out a bunch of emails about a service update to our customers. Approximately 16,000 emails. To make things easy for customers who wanted to ask questions about the changes we set the reply to field on the emails to be our support email address. This was a mistake. The first problem is that out of 16,000 people a reasonable number are going to be out of the office a week before Christmas, but that was OK, you just delete the dozen or so new Cases with "Out of Office Auto-reply" in the subject. No, the real problem was the infinite loops of auto-replies that our case management system created with some customers ticket systems.

rm *

TimP — Wed, 30 Sep 2009 23:03:57 +0200

I just reminded myself how dangerous 'rm *' is. I deleted the copies of all the posts on my blog from my local system. Fortunately I had backups of all but the most recent 8 posts, and I could recover them easily enough, but this has reminded me to make my "daily" backups more regular than once a fortnight, and convinced me to add 'alias rm="rm -i"' back to my .bash_aliases.

Tech Support

TimP — Tue, 22 Sep 2009 23:03:54 +0200

Tech Support Cheat Sheet

[...]

Progress Quest

TimP — Mon, 27 Jul 2009 23:03:54 +0200

You might have noticed that I haven't posted for a while. I blame Progress Quest, a truly exceptional MMORPG. It's got an engrossing plot, phenomenal graphics, truly zen sound, and is generally all round great. I've spent over 10 hours playing it Today alone.

Truthfully it's not for everyone, but it's a very small, free download, so I strongly suggest you try it out.