HOWTO: Configure XChat Azure on OS X to connect to Freenode using SASL + Tor

Tags: , , , , ,

With all the recent news about the NSA, Prism Surveillance Program and the US Federal Government actively spying on its citizens without cause, I decided to update the detailed HOWTO I posted in early 2011 describing how to connect to Freenode using Xchat (on Linux/FreeBSD) using SASL + Tor. The process is relatively simple, but there is a simplified version now, and it works seamlessly with XChat Azure on OS X, as well as Linux, without having to compile any plugins using GCC.

A win, win, all around! Let’s get started! (click the images below to zoom to full size)

Installing Tor on Your OS X Machine
Configuring Browsers to use Tor (to validate Tor functionality)
Configuring XChat Azure to Speak Through the Tor Proxy
Adding a Freenode Tor Network Server to XChat Azure
Installing the SASL Perl Script to Manage SASL Connections
Connecting to Freenode using SASL + Tor

 

Installing Tor on Your OS X Machine

To get Tor running on your OS X machine, you’ll need to install it. There are several ways to do this, but the easiest is to use the TorBrowser Bundle, package for OS X.

It’s straightforward to install that, just download and install it as you would any other OS X software. Once you’ve got it installed, you’ll see the main Control Panel, shown here:

Vidalia Main Control Panel

If you see the green “onion” icon in your Finder menubar at the top of your screen, you’re up and running and connected to the Tor network. You can check this further by looking at the “Bandwidth Graph” to see if bytes are actually flowing across your connection.

 

Configuring Browsers to use Tor (to validate Tor functionality)

Now you’ve got Tor running, you’ll need to verify that it actually works and that you can send and receive traffic over it.

Open your browser of choice (I use Firefox but any browser will work) and find the configuration option in your browser’s Preferences pane for setting a “Proxy Server”. You’ll want to point it to a proxy server address of 127.0.0.1, port 9150, as shown below.

The reason this isn’t the “standard” Tor port of 9050, is because the Tor Browser Bundle project wanted to ensure that they didn’t collide with a system-installed version of Tor, so they went with 9150 instead.

Firefox Vidalia Proxy Configuration

Once you’ve got that configured, point your browser to the Tor Check Site. You should see output that looks like this:

Tor Browser Check Results

If you’ve gotten this far, you’re almost there! If you see an error message or cannot connect to the Proxy, make sure Tor Browser is running, that it’s showing ‘green’ in your menubar, and that you’re using port 9150, not 9050 in your Proxy port configuration.

 

Configuring XChat Azure to Speak Through the Tor Proxy

Now let’s configure XChat Azure. Open up your XChat Preferences (Command-,) and go to the “Network setup” page. Here is where you’ll configure similar parameters we just used for Firefox above to permit XChat Azure to communicate across Tor.

Configure it to look like the following values:

XChat Azure Vidalia Proxy Configuration

Now ALL of your networks will attempt to use Tor, which may not be what you want. We’ll go over that in a moment, so you can exclude (“bypass”) the proxy for public networks.

 

Adding a Freenode Tor Network Server to XChat Azure

To add a new Network in XChat Azure, you’ll want to go to “File => Network List”, or use Command-S. You’ll see a default network list here.

Click the [+] sign in the lower-left corner to add a new network. You’ll name this “Freenode_Tor” or something similar. Don’t put spaces in the name, this is important.

When you add this network, you’ll want to click on “Show Details” and configure it to look similar to the following two screenshots.

The first tab, you’ll want to double-click the server name line and add a server with the name:

p4fsi4ockecnea7l.onion

And the port:

6697

Make sure you also check the “SSL” box there. This is the SSL port for Freenode servers.

XChat Azure Freenode Onion Tor Configuration

On the second tab, you’ll want to check the two boxes shown. If you want to reject invalid SSL certs (not a bad idea), uncheck that second box.

XChat Azure Freenode SSL Configuration

You’ll also see a checkbox that says “Bypass proxy server”. You’ll want to check that box for all other non-Tor networks, but not this one. We actually want to use the proxy server here, so leave it unchecked.

 

Installing the SASL Perl Script to Manage SASL Connections

Next, we need to install a small script that will be used to manage our SASL connections under XChat Azure. You can find several of those on the Freenode SASL page. I haven’t tested any of the scripts there except the Perl script, so we’re going to use that one for this HOWTO.

Download that Perl script using whatever tool you use, and put it into your $USER/.xchat2/ directory using iTerm or Finder.

Now when you start up XChat Azure, you should see something like this at the top:

[07:58]   Perl interface loaded
[07:58]   Python interface loaded
[07:58]   SASL: auth loaded from /Users/setuid/Library/Containers/org.3rddev.xchatazure/Data/Library/Application Support/XChat Azure/sasl.auth

We need to make sure we set some auth values while this script is loaded. To do that, you’ll run the following command inside the XChat Azure text box:

/sasl set Freenode_Tor <username> <password> PLAIN
/sasl save

So if your Freenode username was ‘foobar’ with a Freenode NickServ password of ‘MyS3cretPas5word’, you’d type:

/sasl set Freenode_Tor foobar MyS3cretPas5word PLAIN
/sasl save

Now your SASL authentication is saved, and you’re ready to connect!

 

Connecting to Freenode using SASL + Tor

Using Command-S (or File => Network List from the app menus), highlight your “Freenode_Tor” network and click the “Connect” button. It will take a few moments, but you should see something that looks like the following:

XChat Azure Freenode Successful Connection
If you see that, you’re all set! Now you can join any channels you wish and be sure that your IRC communications are being anonymized behind the Tor network.

Note: Sometimes you’ll see an error that looks like the one below, when you randomly reach a Freenode server with a wildcard SSL cert.

XChat Azure Freenode Wildcard SSL Cert Error

If you run into this, just close XChat down and restart, or attempt to reconnect to the “Freenode_Tor” network again until you get a proper server in the randomized list.

That’s it, good luck!

HOWTO: Configure Tor + SASL + irc to connect to Freenode

Tags: , , , , , , , , ,

I fought this problem on the train into the city today, because my MiFi‘s hostname was not correctly reversing to it’s given IP (verified by dig) and Freenode was denying the connection; it looked like this:

Mar 22 06:51:41 *       Looking up irc.freenode.net
Mar 22 06:51:41 *       Connecting to chat.freenode.net (86.65.39.15) port 6667...
Mar 22 06:51:42 *       Connected. Now logging in...
Mar 22 06:51:42 *       *** Looking up your hostname...
Mar 22 06:51:42 *       *** Checking Ident
Mar 22 06:51:42 *       *** Your forward and reverse DNS do not match, ignoring hostname
Mar 22 06:51:55 *       *** No Ident response
Mar 22 06:51:55 *       *** Notice -- You need to identify via SASL to use this server
Mar 22 06:51:55 *       Closing Link: 166.199.4.113 (SASL access only)
Mar 22 06:51:55 *       Disconnected (Remote host closed socket).
Mar 22 06:52:05 Cycling to next server in Freenode...
Mar 22 06:52:05 *       Disconnected ().

I wanted to connect, to talk to the folks in #linux, and ask them about another question I had (see newer blog post about fullscreen VMware session for that). This was yet another example of the kind of Yak Shaving I deal with on a daily basis.

At first, I tried installing a few identd daemons, then some of the spoofing identd daemons, then purged them all and decided to try identifying using SASL like it suggested.

I did a few seconds of Google’ing and found a helpful website with a SASL plugin in C. I compiled that, installed it into /usr/lib/xchat/plugins, restarted XChat, and attempted to authenticate and identify using this plugin and the instructions.

If the site goes down, I have local copies of the files you need, just email me.

You’ll need to create a file called cap_sasl.conf and put it in ~/.xchat2/, which includes the following syntax:

/sasl [nickname] [password] FreeNode

So if your nickname (username on Freenode) was ‘foobar‘ and your password was “MyS3cretPas5word“, you’d put the following in that file:

/sasl foobar MyS3cretPas5word FreeNode

If you compiled this correctly and put it in the right place, you can also just issue a simple /help sasl command to get the syntax:

Usage: SASL <login> <password> <network>, enable SASL authentication for given network

When you load up XChat, you should see something like this in the main window (if the plugin works):

 Python interface loaded
 Display amarok loaded, type "/disrok help" for a command list
 Perl interface loaded
 Tcl plugin for XChat - Version 1.63 
 Copyright 2002-2005 Daniel P. Stasinski
 http://www.scriptkitties.com/tclplugin/
 Tcl interface loaded
 Loading cap_sasl.conf
 Enabled SASL authentication for FreeNode
 cap_sasl plugin 0.0.4 loaded

The last two lines are what you’re looking for. Now typing “/sasl” will show you the following:

 foobar:MyS3cretPas5word at FreeNode

This too, failed to authenticate me and validate my (incorrect) reverse DNS problem. What I saw was this:

Mar 22 20:24:02 *       Looking up irc.freenode.net
Mar 22 20:24:05 *       Connecting to chat.freenode.net (140.211.167.98) port 6667...
Mar 22 20:24:05 *       Connected. Now logging in...
Mar 22 20:24:05 *       *** Looking up your hostname...
Mar 22 20:24:05 *       *** Checking Ident
Mar 22 20:24:06 *       *** Couldn't look up your hostname
Mar 22 20:24:19 *       *** No Ident response
Mar 22 20:24:52 *       Closing Link: 32.138.186.102 (Connection timed out)
Mar 22 20:24:52 *       Disconnected (Remote host closed socket).
Mar 22 20:25:02 Cycling to next server in Freenode...

I decided to investigate a different solution: Tor!

Read the rest of this entry »

AT&T charges customers more to pay with cash

Tags:

I thought it was a joke when someone spoke about this in IRC, until I Googled around and found the actual story. Shocking!

Rhonda Payne went to an AT&T Wireless store in Calhoun, Ga., recently to pay her phone bill in cash. She’d been hit by ID theft and was forced to close her checking account, so she was worried she wouldn’t be able to mail a check on time. But when she arrived at the store, she was in for a surprise.

Paying in person, she was told, costs extra — $2 extra.

Payne objected to the “administrative charge” that was added to her bill but got no sympathy. Instead, she said, she was told she should consider herself lucky because the fee was about to go up to $5.

“I was told that it was a courtesy to take cash” she said. I said, “Are you kidding me?”

It’s no joke. Beginning earlier this year, AT&T Wireless began to charge customers who pay their bills in their stores.

“It is a way of saving money … it helps us keep our costs lower,” said AT&T spokesman Mark Siegel. “We want our associates to spend their time helping customers as they are thinking about their wireless plans or looking at phones.”

Since when was it a penalty to use REAL cash to pay your bills? What about people who don’t have a bank account (and the number is growing, as the economy crumbles down). What about people who can’t pay electronically? What then?

I can’t help but think this is also related to the fairly recent advertisements from VISA Check Card where they make it seem like paying with real cash is embarrassing, annoying, slow, etc.

In fact, as the commercial below shows… all this industry wants to see is cash flowing in, as fast and efficient as possible, with as few interruptions as possible. If you pay in cash, people groan at you, look at you funny, and make you feel like you’re some sort of outcast.

If you haven’t seen The Zeitgeist Movie yet, please take the time to watch it. You can watch it online, download a copy or purchase the DVD version for yourself or your friends.

It goes through exactly why we’re seeing this shift away from physical money, and how it’s happening at very subtle, almost imperceptible levels in all facets of our society.

I STRONGLY recommend watching it, and passing the knowledge you glean from it on to others who might want to know more.

When all of our cash transactions are digital, when all money is digital and no longer physical, you can be monitored in ways you’ve never even thought of before. Not only that, but your ability to transact business in the world can now be shut off in one keystroke.

BAM!

No more groceries.

No more gas.

No more airline flights.

Nothing.

Accidentally have the same last name as someone else on a list you can’t get yourself removed from? Oops, now your life is literally turned off.

Perhaps Morpheus wasn’t so far off after all… maybe in the eyes of the current government we’re a lot closer to these than we think.

We're all just batteries

Down with Pidgin, Round II

Tags:

Down with PidginI’ve been using IM in various formats since back in the BBS days with a program called IceChat that I ran under RemoteAccess Pro BBS.

I moved on from dial-up BBS systems to Internet Relay Chat (IRC), and have continued to use IRC for the last 14 years near-daily for personal and professional business needs with a program called Bitch-X (text-mode) and then later a program called X-Chat (gtk+ based with support for lots of plugins).

A few years ago there was some controversy about the licensing of X-Chat, specifically for Windows. If you want a completely free, unencumbered version of X-Chat for windows, use the version from Silverex instead.

Then I moved on to using Instant Messaging (IM), via a program called ‘gaim’, which was a multi-protocol IM client. Within the same interface, you could aggregate your AOL AIM, MSN, Yahoo Messenger, Jabber, ICQ and other accounts into one place. Life was good.

Then the developers began having internal turf wars, and they broke it. Badly.

Then they renamed it.

Then they removed all of the previous gaim releases (which is actually a potential violation of the GPL licensing which binds gaim and is also directly violating the Terms of Service of Sourceforge, ahem).

Then they began removing more and more of the useful features of the client.

Then they broke it again. And again. And again.

Then they closed off their irc channel and began banning people who differed with their philosophical opinion on what features should and should not be allowed in the client. Right now there are 172 users in the project support channel (##pidgin on Freenode), and 45 of those users are permanently banned.

Now they’ve removed the ability to let the window manager decide where it should place the application’s windows and you can no longer resize the edit box. Because of all of the turf wars and in-fighting, Jabber servers outright block pidgin clients from connecting (but those same Jabber accounts work fine from other IM clients; Linux, Windows and Mac OSX).

And now there are enough pissed-off users of pidgin that a group of developers have released a project called “Funpidgin“, which puts back most of the features that the core Pidgin developers removed, and Funpidgin promises to remain in lockstep with the core pidgin releases.

Open Source projects like X-Chat and Gaim should not undergo this kind of turmoil. We’re here to HELP, and to create communities, not to act like children and crack and sever communities apart.

But it looks like my professional and personal colleagues and friends will be migrating away from these “kiddie war” applications to Skype and FWD, where adults work on the code.

Pidgin has Flown the Coop

Tags:

Pidgin, a pile of bird droppings that used to be a useful IM clientI am a long-time fan of Gaim, the multi-service IM chat client. With it, I can chat with friends and colleagues on MSN, AIM, Yahoo! Messenger, Jabber, Google Talk, ICQ and so on. I’ve used it for years, and it works great.

Then the developers decided that it had too many useful features, so they renamed it “Pidgin” and ripped out just about everything useful about it. Now it’s just a pile of broken garbage, and I’m not the only one who is upset about the changes.

If you look at the Pidgin bug reports, there are thousands of users who are upset and angry about the direction the project has taken. Here are two example bug reports and associated comments.

Read the rest of this entry »

When Networks Go Bad

Tags: ,

I run some services here for lots of projects. Let me rephrase that, I run a LOT of services here for various projects, development and customers for the two different companies that I own. At any one time there are at least 7 servers up and running here doing various things; generating content, serving webpages, building software, whatever.

This includes personal mail for users (with imap and webmail access), about 2-dozen mailing lists, web hosting for about 70 different domains and projects, bug tracking, blogs, portals, revision control for Open Source projects, irc for developers, torrent tracker for releases, compile farm, and quite a few other things I can’t think of at the moment. All of this requires solid, reliable, 24×7 bandwidth to sustain… and clean power.

All of this comes out of my own pocket: bandwidth, power, servers, hardware, time. Its not cheap.

network rack

About a month or so ago, I decided to double the speed of the incoming bandwidth on the server’s dedicated lines (hosting the services above) and my inbound DSL connection. The DSL is my own “personal” Internet line, and the other lines are dedicated to the servers themselves. This also doubled the price I pay for the bandwidth, but the Google Ads seem to be sustaining most of that now.

I graph and monitor all the inbound and outbound traffic with quite a few different tools, so I can track and notice trends, attacks, statistics for customers, and many other things. Things were good for about two weeks… but then it started sliding downhill.

Here is an example of a recent Slashdotting that we cleanly survived:

The Slashdot Effect

Over the last two weeks, I’ve noticed the VPN to IBM that I keep open has been dropping out many times per-day. I’d try to restart the VPN and get errors. I went into the server room (where the DSL and other networking lines come in) and noticed that the DSL modem didn’t even have a line to the CO. A quick power-cycle of the DSL modem would cure it for a few hours. It started happening late at night and early in the morning, during lower traffic times for me.

Fishy. I checked to see if I was being “packeted” by some script kiddies or attacked, and nothing obvious showed up in the graphs. A call to my provider after 2 weeks of dozens of dropouts per-day seemed to provide some action. They believe the problem is with the port I’m using at the DSLAM, specifically that it is “over-provisioned”. They tried capping my line down a few Mbit, which helped for a day or three, but then the dropouts started again.

Its gotten significantly worse now, and my speed on DSL is slightly slower than a 28k dialup modem. I can barely use the web now because of it. Its painful to watch servers and DNS queries time out, because I’m browsing at less than 5k/sec. Yowch!

If my provider can’t fix this (and credit me for the horrible speed and downtime), I’m going to explore moving to cable modem service again, like I had in Westerly.

Is providing broadband REALLY this difficult? I pay $180/month for 1.5Mb-6.0Mb/384-608Kb here and I barely reach the low-end of that scale. I’m 8k feet from the CO, so I should have a nice solid signal. Other countries have 10-times the bandwidth and pay pennies for it.

To their credit, my provider has been very patient and helpful during these stressful times, and we’re working through the issues to try to solve it, but… its been two weeks now. Let’s hope they solve it tomorrow when the landline provider shows up to test the lines and figure out the problem.

I use the Internet every day for research, for my job, and for other development purposes. I can’t have it go down like this, at these speeds now.

This is ridiculous.

I Am Not a License Nazi

Tags:

I Am Not a License Nazi (part I)

    Saturday morning, I decided to get back to some wine testing, in an effort to get the new Palm Tungsten Simulator working, so I could test some applications in and against it. (Curiously enough, there are two simulators for these two Palm models, one is modeled after the OS itself, minus the new applications that are shipping on these models in real-life, and the other models exactly what you get when you purchase one of these devices in a store. They aren’t the same, and they are not available from the same location).

    As expected, the Simulator fails to run in wine, including release, nightly, and cvs versions of wine. The problem lies upstream in either the Palm code, or the MMDRV_ portions of wine. I’m narrowing in on a workaround, mostly thanks to the helpful people in #winehq on irc.debian.org.

    So I decided to see if wine worked at all on some of these recent Windows InstallShield/Catapult installers. I dug around in my shared Windows downloads directory (I don’t have any Windows machines, only directories of downloads, which are mapped to my vmware sessions when they are booted).

    I found an application called “Foo Install.EXE” (not the real name, more on that in a moment). It purports to perform a certain action on a Palm device, in Windows, bypasing the standard Palm tools to do so. Running it in wine, threw a few errors, because wine doesn’t support USB hardware, which this device tried to communicate with. Normally, in Windows, this would be launched with a double-click, hiding any errors which might appear, behind context. Oddly, when the application errored out, I recognized the error message.. because I wrote it!

    “Wait a minute. How can a commercial Windows application contain an error message I know I wrote, which exists in a project I maintain…”

    I ran strings on the executable, and sure enough, this application has 5 function names directly copied from our library and headers, and includes one string which only appears on POSIX systems, and never actually is output from the Windows executable. The application has cut-n-pasted code from our LGPL library into their Windows tool, and were using it to talk to the Palm device, in Windows.

    I decided to try some of the company’s other Palm applications. 3 of the company’s 5 commercial applications uses this same code. I couldn’t test the other two, because they didn’t have any “demo” versions for download, and were clearly commercial-only. I can only assume that if they put the code into 3 of them, they put the code into the other 2.

    Now, normally this would appear to be a mistake, and I like to give companies the benefit of the doubt, but in this case, I think it was much more maliscious than that. Not only was the code clearly marked as being LGPL, but it wasn’t designed for use in Windows. This means someone took the code from our library (and potentially our headers), and put it into their Windows products, modifying the code a bit to work on that platform (/dev/ttyUSBx vs. USB::, etc.), but they neglected to add the required LGPL notices to their downloads. They also have their own license, which adds restrictions on use of their product, and they have a bland copyright notice of their own, right on the About and Help screens of their application. This could be construed as a “Lanham Act” violation (“False designation of origin…”).

    I fired off a message to their contact address, including a copy to licensing@gnu.org, so everyone can be in the loop. I expressed our concerns, detailed our findings, and requested an explanation and requested that they make an effort to bring themselves into compliance. I try to give everyone the benefit of the doubt first, until they reject that offer.

    So far, no reply yet.

I Am Not a License Nazi (part II)

    I jumped on over to Freshmeat to look at some of their new Palm projects (which I do from time to time, to get a feel for the direction people are going with their Palm code), and did a search for handheld there. I found something called “BearOps Handheld”, and decided to try to download it and give it a try.

    Not only is there no download available, but their site claims that they’ve exceeded their bandwidth allocation for the month, and that downloads have been suspended. I fired off an email to tell them that I’d gladly be a mirror, but they didn’t respond. This means their email is working, and didn’t bounce.

    Ok, off to Netcraft to see what their provider is.. and I notice that they’ve switched providers in the last few years. Could they really have exceeded their bandwidth every month, across multiple providers?

    Off to The Internet Archive, and I see that they’ve been up since at least July 20, 2001. Drilling down into September 28, 2001, we see the same “suspended downloads” message on their site. Odd, is it really possible that for over 2.5 years, they’ve exceeded their bandwidth with 2 separate providers? Not likely. I’ve never even heard of BearOps, and if it was that popular, I’m sure it’d be somethiing I’ve heard of. It’s based on Debian, after all.

    I brought this up with some other handheld/Palm people in the Free Software community, and the concensus was that emails asking for the source go unanswered, offers for mirrors go unanswered, and the company simply refuses to supply any details about their distribution, unless you purchase it.

    Another possible GPL violation? Or just non-existant/dead/ignorant people?

There Is Much More To This…

    There seems to be an ever-increasing abuse of the GPL and other Free Software licenses lately. Most-recently, the MPlayer discovery of several GPL violations by a company called “Kiss Technology”.

    There’s also the BusyBox project, who keeps an active list of license violators stealing their code without complying with the license.

    I spoke with my girlfriend Erika, an avid Wall Street Journal reader, and she suggested I write an editorial/letter to the WSJ, explaining all of this. The problem, she said, was that companies and “normal people” don’t know this is happening, and that nobody reads those “geek webpages” (groklaw, slashdot, advogato), so none of this information gets where it needs to be… injected into the public media.

    The synopsis of this, is that companies are actively stealing software, violating copyright, selling products based on that stolen code, increasing their profits, firing/laying off staff (“We found something on the the web that does exactly what we’re paying you to write for us, so we don’t need you anymore. Pick up your last check at the door.”), and the economy increases, due in part, to theft, and jobs being lost.

    The economy is improving because jobs are being lost. There is this mentality among well-funded companies, that they are “safe”, because “..those unemployed Free Software hippies” don’t have enough money to bring them to court. They’re wrong. A bit of a media campaign with some truth, can be much more damaging than any lawsuit.

    We can’t let this continue like this. Chasing all of these companies down, is getting to be exhausting.

IBM Lemon Law Continues…

Tags: ,

My T23 is being shipped back to IBM for the 4th time in less than 35 days. More hard-lockups. Here’s how to cause it to happen:

  1. Pull out IDE drive, leaving only laptop + RAM
  2. Power up on AC or Battery power
  3. Hit F1 to enter BIOS Configuration Screen
  4. Select Config->Parallel Port
  5. Hit enter on Enable/Disable option
  6. Hard-lockup

The same happens on Serial, USB, PCI configuration options, and also happens with or without a drive in the laptop, and with two different sets of SODIMMs.

How many times do I have to send this back to them before I get a 100% functional unit?

DNS Expiring

    At the suggestion of rasmus last year, I signed up for EasyDNS and grabbed a 25-domain block. They’ve been nothing short of stellar with their service, both in actively stopping spam coming through their backup MX, and DNS configuration issues.

    Now that I haven’t successfully found gainful employment, and the renewal bill came in at $349.00, I can no longer afford to use them. I decided to learn bind, get DNS set up on a master and slave, and found out that EasyDNS doesn’t let me cut them off as my primary nameserver. Not cool, so I went to NSI and tried to change my entries there, and now NSI decides that it doesn’t know who I am.

    I have 4 days, lest 18 of my important domains fall off the net.

Beach Assault

    The caveman that jumped me at the beach on 6/30 and broke my nose in front of about 200 witnesses has plead guilty in his pre-trial, and has been ordered by the court to pay all of my medical expenses.

    Since I don’t have a job, and hence no medical insurance, the broken nose healed before he was ordered to pay. Ideally it’s good to get the nose fixed within 2-3 days after the initial break, or it’s harder to work on. Since that 2-3 days was over the July 4th weekend/holiday, I couldn’t get in to see the ENT. Now it looks like there’ll have to be some very expensive surgery/reconstruction to go in and fix the breathing passageways.

    Two attorneys I spoke with both assured me that the civil case is a “slam dunk”, and that the bidding starts at $50k for such an unprovoked brutal attack. Lucky for me just before I got headsmashed by this caveman, I took my sunglasses off, otherwise I’d have lost an eye, and that would have gotten him 20 years in prison and a $20,000 fine in Rhode Island.

pilot-link 0.11.0, 0.11.1, 0.11.2

    Three releases of pilot-link in less than a month’s time. It’s good to see lots of contributions, patches, bugs reported. Thanks go out to everyone that has helped.

    It definately helps to have good active facilities backing a project. I’ve set up HOWTOs, irc, the mailing lists, a search engine across the past 5 years of pilot-related lists, an active public CVS, and the bugtracker. They’re not as tightly integrated as I’d like them to be right now, but that’s going to change pretty quickly. Many users now are finding solutions to their problems without having to even resort to posting on the lists and irc services.

    It’s a healthy metamorphosis from what I’m used to seeing in the newer linux and community contributors. I highly recommend it for those who are managing or maintaining projects that may involve community testers or contributors.

    I should be releasing 0.11.2 on Wednesday if nothing else breaks in the meantime. This’ll be the first cut with native USB support for FreeBSD users. I still need people to help port the USB calls over to OSX, Win32 and OS/2, but if nobody steps up, that’ll stagnate for now.

Employment

    Status: None, 253 days.

Banging the Tin Cup

Tags: ,

I see lilo is up to his “banging-the-tin-cup” again in his latest antics on OPN. Let’s review some history of when I caught him doing this well over a year ago:

**** BEGIN LOGGING AT Sun Apr 15 16:02:17 2001
16:04:30 <lilo> listen, I am not paid to talk to perennially angry 
   people
16:04:39 <lilo> such I judge you to be at present 
16:04:55 <setuid> Are you saying you draw a salary based on 
   donations from the community?
[...]

dopey…and let’s not forget that OPN is a private network, not a public one.

**** BEGIN LOGGING AT Sun Apr 15 16:02:17 2001
16:07:10 <lilo> please see paragraph 2 of the motd 
16:07:19 <setuid> I've seen it, which you are legally violating.
16:07:23 <setuid> Which has also been noted. 
16:07:28 <setuid> Next? 
16:07:28 <lilo> this is a private network
16:07:37 <lilo> your access may be revoked at any time
16:07:40 <lilo> that part
16:07:44 <setuid> That's fine with me.
[...]
16:08:33 -lilo- lilo is ignoring you

What’s funny about this particular interchange (one of dozens lilo and I have had) is that I was g-lined from OPN for putting lilo on /ignore awhile ago, but he sees fit to put me on ignore.

Sorry, OPN is not “open”, nor friendly, nor does it in any way contribute to the furthering of any community spirit. When it ceased to be Linpeople, it become another entity entirely. Looking at all the suspicious things going on behind the scenes at OPN, I’m definitely directing people away from it. There are dozens of other freely available irc networks that cater to specific tastes, including my own server, that don’t force this level of “management” down on it’s userbase.

lilo, really. I’ve personally been out of work for over six months, and I’m not begging for money from anyone. I could always break down and work at McDonalds or as a school janitor, or mowing lawns. Drop the ego, and do what you must to support your family. This is getting ridiculous.

You don’t “deserve” a salary for setting up OPN, just as I don’t “deserve” one for all the unselfish giving I do for the community, in mailing lists, CVS hosting, gratis web development, IRC servers, and so on. I do it because it needs to get done, and it benefits the community as a whole. You also don’t have to personally micro-manage the network. An irc network, properly configured, runs itself. Delegate out the responsibilities, if you must. Let it be what it needs to be.

Enough already.

When Friends are Slain

Tags: ,

Dear Diary:

It’s been awhile since my last entry, and a lot has happened.

An acquaintence and friend of mine was murdered yesterday. Rex, you will be missed. I was just in CT last week, and he was asking about me through another friend. I should have stopped by his place and talked to him. Maybe that would have been even harder to swallow if I had.

Talking to a friend of yours, and then hearing that he’s been slain two days later.

And then there were none…

    I have resigned my job at Linuxcare after 21 months working there. My future employment situation is uncertain. Sparing gory details, I was never tasked with doing what I was hired to do; develop, support, and promote Open Source software.

    As a result of having no spare time to myself, my own Open Source projects suffered and lagged behind.

Turkey Day

    I spent Thanksgiving with my girlfriend and her family in Buffalo,
    NY.
    Very cozy.

    I don’t really have a family of my own, so this was a bit… new. I got to go to the Buffalo Zoo. I don’t ever recall being at a zoo before, so this was neat. There was a very active “rhino” there, chasing elk in
    her pen, some very intelligent monkeys, and lots of other neat things.

    I managed to surprise her with a new Alpine stereo when I borrowed her car. It made the 7-hour drive to Buffalo much more tolerable. Her stock Audi stereo was just not going to cut it with that cassette-to-cd-walkman contraption.

Security by Media Assertion

    Flying has gotten easier now since the September 11 tragedy. After being on 6 flights in less than 6 weeks, I have yet to stand in a line longer then a handful of people, and I’m in the airport and through the ticketing, check-in, and frisk-and-search procedures in under 30 minutes total. Quick and painless.

    I’m used to the routine anyway though. It’s funny, the “random” searches that they execute are anything but.. I’ve been talking to the security guards and staff, and it’s purely visual profiling. I have been searched on 6 consecutive flights without a single lapse. The computer will pick out people who are flying one-way or paying cash for tickets, but the rest are picked out of a crowd visually.

SourceFubar.net

    Since the article on SourceForge drifting, I have received dozens of emails from people asking to relocate their projects from SourceForge to my public cvs respository instead. I should automate the signup soon. This is really getting interesting now.

Friends from a Forgotten Past

    I located someone online that I used to know about a decade ago, but cannot really recall details much. I am not sure if this is just flush() happening in my
    brain, or if it’s due to the long-term memory loss I’ve been dealing with since 1992. I met up with her brother when I was in CT several months ago in an electronics store, but he and I weren’t really good friends. Weird how things always circle around like that.

    I’ve been trying to piece together my life prior to 1992 slowly, and locating people I talked to, hung around with, or went to school with may help me put it all back together.

    Another odd soap opera event is that someone [1] who had a major crush on me in high-school, and whom I [2] rejected all advances from, is now dating the roomate [3] of a friend of mine [4], who also had a crush on me [4], a roommate [3] with whom she [4] had a torrid relationship with for months. It would make a great book. When she reads this, she’ll [4] hate me, but not for long.

Open Sores Projects

    pilot-link rewrite is coming along. We have USB working now, and HEAD in cvs contains (or will be weekend’s end) the full GNU/autoconf conversion, as well as the cleaned up getopt() mess, so we can get rid of the “rotten cake” that we’ve inherited with the previous codebase.

    Why does this fail?

Nimda Has Not Slowed Down

    I’m blocking about 20 new IP addresses a day now, Nimda definately has not slowed down. I think I have 612 hosts blocked total now with iptables. Nearly all of the
    63.x.x.x, 64.x.x.x, and 66.x.x.x subnets are blocked now. Lovely. Thank you Microsoft.

New Things

    Next on the plate is the public ssl-wrapped irc servers, some more cleanup of the web goop, and then marching into the other projects I’ve left open and stagnant, so I can clean them up. PerlMonks has helped considerably. Lots of talent hangs out on the ChatterBox.

    Now that I have more time to focus on the things that have been dormant, I can catch up with everything I need to, and start chopping my way through these books and cranking out some serious code (or trying to learn how to solve problems with code in different ways).

Lots to do.. lots to do.

Bad Behavior has blocked 1694 access attempts in the last 7 days.