Archive for July, 2001

Neuter his parents so they can’t breed anymore

chakie, yakk: Guns don’t kill people. It’s those small pointy lead things traveling at a high velocity that kill people.

Seriously though, this kid knew exactly what he was doing with the gun. When the courts, defense attorneys, parents say that the child is too young to understand, I have to laugh. He loaded the gun. He packed it in his bag. He brought it out when the taught refused to listen to him. He cocked it and put it to his head when the teacher further refused to listen. He pulled the trigger and fired. At the trial, when asked

…and what did the
teacher do after you shot him?..

and the 14-year old kid responded

What do you think he did?

Sorry, guilty.

The parents should be neutered so they can’t breed any more, and be forced to go to weekly counseling at the prison for the same duration that their son is there, just like probation. At their expense, not ours.

I’m not thrilled at the prospect of paying for families on welfare that pump out kids annually, using my hard-earned tax dollars, so they can get another $500/head for them, then pay for these kids to shoot my relatives and friends in schools, then pay for their stay in prison while they earn a college degree in prison that they’ll never be able to use. Some of these families make more money than I do, and they’re unemployed.

No thanks.

Maybe I’m just bitter because I keep being the target of theft and people are just sucking off me like leeches. I’m tired of feeding everyone else but myself.

Professional Thieves and Bad Luck

compiler, they sure don’t get how to make a website. White links on a white background? I thought something was wrong, and there is.. their code.

Professional Thieves Issue #2

    My truck was broken into again. This time it was parked in the locked, gated, remote-controlled-access parking facility that my condo provides.

    Only one item was taken, the remote control which opens the sliding gate to the condo facility parking garage which about 20 other tenants use to park their cars in. It was definately a professional thief this time, judging by the way they got into my rear sliding windows. They must have been interrupted though, since they neglected to cover up the entry point. If they had, I might not have known.

    I’ve put up signs around the facility directly implicating management for a faulty “back door” in the garage which allows people to get in without a key. When I was posting them, a tenant told me several months ago, she had the same problem, her car and stereo were ransacked, and management said they were not responsible. This time, they are…

    I’m going to attend the “Condo Association” meeting this month and let my voice be heard. Believe me, mine is not a voice you want to hear when I’m pissed.

    This is two break-ins in less than two months. Why is my truck a target? After two incidents of vandalism at dsifry‘s place causing several hundred dollars in repairs, to the slashed tires, and now these. It’s a bit unnerving for a 13-year old Jeep pickup to be singled out in this way.

How many mirrors do I have to break?

    Following my wonderful luck streak, after 7 weeks of waiting and doing the dance with a local DSL provider and the telephone company (explain to me again how the telco that provides my line for my analog service can’t verify my address, when it’s on the bill every month and I’ve emailed it to them three times), my DSL is scheduled to be installed on Monday morning from 8am to 12pm. GREAT!

    Then I get an email that my presence is required onsite Monday, all day at the office. Now I have to wait a minimum of 5 more weeks to reschedule the DSL install.

    Why did it have to be Monday?

    Anyone know a good witchdoctor that can remove this vex from my life, please? email me if you do. I don’t understand why people who are so giving of themselves, so self-sacrificing, get this type of return. I think it’s time I got a little break here.

    My girlfriend is racing today. I hope she does well. She’s coming out next week for a former coworker of mine’s marriage. This should be interesting. For a relationship separated by 3,051 miles, we’re seeing quite a lot of each other lately. She’ll be back out here on the 19th as well to see my friend Kerry play in Berkeley at Blakes. If you haven’t seen her play yet, and are in the Bay Area, definately go. You might even get to meet me (can’t miss the tattoos).

    Ok, back to the task list I go.. busy weekend it will be!

ROT13 Super-Optimizations


Mon Jul 23 01:41:59 PDT 2001

ROT13 Super-Optimizations

It’s funny what a group of geeks with nothing to do sitting in an irc channel late nights can come up

me: main(c){while(c=~getchar())putchar(~c-1/(~(a|32)/13*2-11)*13);}

me: perl -pi -e 'y/A-Za-z/N-ZA-Mn-za-m/;'

dave707:tr '[a-m][n-z]' '[n-z][a-m]'

anon: sed 'y/abcdefghijklmnopqrstuvwxyz/nopqrstuvwxyzabcdefghijklm/'

Some more tinkering has now produced an in-channel {en|de}coder for my hacky rot13 X-Chat plugin. Interesting puzzle problem solving skills come into play here.

One of the guys came up with the idea of using “compression” in the string, and randomizing the key used to encrypt the outgoing text. Has interesting possibilities, though we’re not in rot13-land if we go this route…

It’s fun to do “weekend crossword puzzles” like these. I need more of these kind of problem solving tests to get my neurons flowing.

Unable to sleep again. I hope this isn’t a trend.

ROT13 plugin for Xchat (in C)

10 seconds of hacking produced a ROT13 plugin for XChat (in C).

Now I’ll have to add nick completion support and decoding of encoded channel text. Just something fun to tamper with for 10 minutes. Was an easy distraction.

Here’s the meat of the plugin:

int main(c) {
    while ((c = getchar()) + 1)
        putchar(isalpha(c) ? tolower(c) < 'n' ? c + 13 : c - 13 : c);

Ok, back to Embedded Linux and RSI.

Finding Earthquakes

Does anyone else find it odd that Coso
Junction, CA
has had over 1097 earthquakes since the year began, and that over 31 of those earthquakes in the past week in Northern California were rated over 3.0 on the Richter… odd…

Code Consolidation

The word of the day is “code consolidation“…

Spread the word.

kandalf, you need “-nolisten tcp

Shadows from the Past


    First thing’s first.

    I haven’t posted in awhile, but I must say I think I’ve had my first “real” birthday. Unbelievable. Definitely won’t forget this one. Nonstop stuff from all sides.

    How did I end up doing so much in only 3 days? Missed the flight out, got put on standby, caught that flight, stuffed in the middle seat. Massages, boat shopping, homemade gluten-free chocolate-chip cake, Jet Li movies, a new DVD player and some new DVDs (has anyone noticed that the dubbed version of Crouching Tiger, Hidden Dragon on the DVD is entirely different than the subtitled version? It’s really apparent when you turn on English dubbing with English subtitles), reclaimed gnu-designs server from colo, mall shopping, talked to “Mom”, broken email, presents presents presents (the most memorable was in a glass jar).

    Apparently when you have a round-trip ticket, and miss the outbound flight and are put on standby, the return trip is automatically canceled. I don’t see the logic there. Once again, my PhD in Social Engineering wins. I managed to get a free flight out, connection was made without any standby hassles, and the return flight was canceled then re-established, transparently, by the ticketing agent at the airport. Whew!

    It’s funny the things and people you meet on an airplane. I could write volumes of material on the experiences I’ve had talking to people and sitting on airplanes. Maybe some later diary entries.

    So now I’m 30. What’s that supposed to feel like? I think even when I’m 90, I’ll still not even feel like I’m 30.

    deven, dsifry, thanks for the birthday wishes.

    Now down to business…

ROT13, Adobe, Hacking

    It seems that another one of our own has been snatched up by the “Gubbermint” for doing nothing wrong.

    This time, the DMCA (note the ironic link to the DMCA (different link) in Adobe PDF format on the page) has decided to enact “prohibition on circumvention of technological measures that control access to copyrighted works”. This includes ROT13, Base64/XOR (ala :CueCat), and others.

    Simply put, if a vendor implements a weak encryption system on their software or hardware, and someone figures it out, and documents it, codes around it, or in any other way brings it to public view, they are now liable and in violation of the DMCA.

    Does this mean I’m now liable, because I figured out the encryption used in the new PalmOS4 devices and have documented 4 exploits possible using said encryption? I have had my own
    Adobe PDF reverse-engineering fun back in May too with their Windows-only PalmOS reader.

    A Russian developer, Dmitry Sklyarov, was attending Defcon 2001 (which
    unfortunately, I could not make it to this year, but a friend of mine that was in attendance emailed me this Alexis Park Hotel staff fax. Could be a hoax, but…) and was presenting a paper on eBook security. He wrote a small program which demonstrated how to decode the protected pdf’s created with Adobe‘s tool, and manipulate them as unprotected. Adobe decided to use this wonderfully inept method to protect their pdf documents.

    What Dmitry did, some (the media) would call this “cracking”, however, you still have to buy the protected version of the pdf, or “warez” it, however, Dmitry is not responsible for people warez’ing protected pdfs. If our wonderful government decides so, he will be made an example of and probably blamed for that as well. What I find interesting though, is that Adobe’s software is ILLEGAL to use in Russia, Dmitry’s home country. Adobe forbids backups to be made, and Russia requires them. Interesting quandary.

    This “crime” is akin to someone saying “Yale locks are insecure, you can break them open with a flat-bladed screwdriver”. Am I now responsible for every house that is a result of that crime? Can someone slap a class-action lawsuit on me? They probably could. It is right? No!

    This reminds me of a case that was not made too public back east when I lived in CT which involved the Foxwoods Casino (biggest casino in the world, I lived about 10 miles from it). An elderly couple had saved all their lives for this one plot of land they purchased, and were going to put a Dunkin Donuts on it and retire on that. Foxwoods, however, had different plans. They wanted to use the land for a parking lot of some such. They took the elderly couple to court, drained them of their entire life savings while dragging the court case on, and then finally, the elderly couple decided to give the land to the casino, just because they couldn’t afford to pay for any more legal fees. The couple owned the land. They had every right to the land, but the casino sucked their entire life savings dry.


    One of my friends was at Defcon and said that there were Feds all over the place, and at one point, during a Social Engineering Contest, they had apparently said that they would haul them off if they completed the phone call they were in the process of making. (the contest was to cold-call someone, pick a random ‘thing’ to get from them, and see how long it would take to get it. For example, they would call an ISP, and see if they could get the technician who answered the phones password, etc.)

    Now if I call someone and ask them for their password, and they give it to me, in some twisted way, I’m responsible?! Run that by me again? What the hell is our country coming to?

    In any case, there’s more information available on the Boycodd Adobe site for the curious. Also, if you haven’t already joined, join the Electronic Freedom Foundation (EFF) to help fight these ridiculous cases. This kind of stuff boils my blood. From the random garbage that Kevin Mitnick had to deal with (4am rides in a van to nowhere, which ended up smashing into a telephone pole, hospitalizing Mitnick) to other common assaults on innocents.

    There is nothing wrong with what he’s done. DMCA is slowly trying to clamp down and regulate what we can and cannot do with our own software that we’ve bought, paid for, and paid taxes on. People like Dmitry and others are trying (as with anyone else in the security community) to point out flaws in common security measures, the result of which should be stronger security, not federally-executes search and seizure cases which end up in lawsuits.

    Relevant EFF article links are here.

Shadows from the Past

    Interesting that my good friend Valerie’s roomate “Dave” is dating a girl that had a crush on me in high school.

    My only memories of her or her crush are from dozens and dozens of notes that she gave me throughout the two years I was in school with her. This cobweb of friends keeps getting more and more tangled. What irks me though, is that she said I was a “…big time bullshit artist…” in high school. Grr. I hate small town rumors.

Kerry Lauder Band

    My friend Kerry is coming out with a new album soon. She’s going to be traveling around California, Oregon, Washington soon. Check out her concert date book here. If you haven’t seen her play before, go see her soon!

So much going on these days.

My Plate Overfloweth

Xamurai, hit me in private email. I’ve got a lot of projects you could help with, in varying levels of skill and difficulty.

“My plate overfloweth”

…and welcome aboard!

Some random things about Advogato certification

Tags: , , ,

Bug Tracking

ishamael, the bug tracking package you seek is called Mantis. I use it quite extensively now on my server, and it works very well. I had to change some of the UI a bit and move some things around, but generally, it’s rock-solid. You can see it in action on one of my bug sites. Another you can look at is called RoundUp, and is really good. I tested 11 separate packages before narrowing down on these two. I chose Mantis in the end because it was PHP, and I didn’t want to have to burden my box with Python code, runtime, in the browser. You may also want to go here and see the other dozens of alternatives.

I can’t post much, in the middle of too much hardware hackery, but I’ve been reading all the diaries today and yesterday regarding the whole certification and trust metric issue and have to make some points.


deven, you realize of course that by removing your certification of others when you were certified as Apprentice, that you have lowered their ranking, just as I removed your Apprentice status altogether by removing my certification of you. This is how the trust metric works, and it works well. Your point regarding the “Good ‘ol Boys Network” is completely unjustified, since you clearly don’t understand why Advogato exists. Nobody here is refusing people access to Advogato. Anybody can join. Anybody can post their diary entry. Anybody can contribute.

Your comment of:

“..Since most of Raph’s writings here seem to focus on effectiveness in keeping out the bad people, it’s not clear whether he ever paid close attention to the flip side of the coin, letting in the good people…”

If this were nothing other than a web-based forum without a hint of any certification metrics, created solely to discuss open source projects, like Blogger, would you have the same complaints? I would guess not.

To quote George Carlin:

…a radio has at least two knobs; one changes the channel, and the other… turns it off!

The value of certs here is not linear. If 10 people certify you as Apprentice, and they themselves are not even holding an Apprentice certification, you do not get an Apprentice certification. However, if raph or lilo or alan or myself certifies you as Apprentice, at the next sync, you will now be holding an Apprentice cert, even if nobody else certifies you. There is a very logical reason for that (and I wish it was applied to Slashdot and other projects as well).

You are measured here by your peers for your contributions to the free software community (and sometimes, non-free contributions, as some people here have talked about before). You are not “given” certifications. You earn them.

Again though, my desire to post my diary here has absolutely no bearing on the color that my name appears in. I didn’t start coming here because I wanted to gain some sort of status. I wanted to have a place to share my contributions, let people know what I’m doing (and if you read my diaries, they can be quite personal, ugly, and graphic at times, I have nothing to hide).

There’s a lot of cool things I do, as well as other people. I like to see what’s going on in the community I’ve been a part of for over a decade, and I like to watch it grow.

In your July 31, 2000 diary entry, you decided to certify yourself as Master, and I’m still trying to see what “important” free software project you are the author of, or what groups you mentor. Can you help me find it?

Your comments regarding the certification of God, Satan and Jesus are important, because they point out the lack of clarity in the people who are certifying these accounts. Look at rms for a perfect example. People don’t take the time to really understand the accounts before they go and waste certifications on them (hint: That’s not really Richard Stallman’s account).

As raph points out, there is a bit of weirdness going on in the certifications right now, and you have seen the trend also, but it fits exactly into the model which works here. The more people who join, the more uncertified users will exist, who are then going to be certifying already-certified users (sometimes wrongly, in the case of rms and others as above). This must be how you determined the system to be a “Good ‘ol Boys Network”, since the new users are the ones creating the dilution as you call it.

Here’s a tip: Ignore the certification altogether. Simply post your diary as you would have for any other site, and talk about what you’re doing in the community, free software space, open source space, or whatever. Relax. Have fun. If people respect you, and feel you’re doing “the right kinds of things” (subjective), then you may find yourself with a certification… or maybe not, but who cares. This is not gaining you PayPal bucks, or being used towards grading your GPA.

I respect the fact that you are doing development, and that you have taken the time to report some Mozilla bugs, but at the same time, you blather on about certifications. The two don’t jive. Free Software advocates and contributors give of themselves selflessly, often sacrificing deep into their personal lives to do it, and many times, unrecognized and uncompensated. Keep up the work, push hard, advance the status of free software where you can, and ignore what people think of you. There’s a famous quote I live by:

“There’s no defense for the truth”

If this isn’t working for you, there’s always Badvogato and Blogger.


I am having nothing but trouble with my hardware here, and right when I need it the most, it fails me in exactly the ways I require of it to be working.

I have a single bootable RedHat cdrom I found in the back of a book here (Out of all of my linux cdroms, the only one I found to be bootable was in this RedHat Bible book, pft! No, bootable floppies were not possible, since I had no floppy drive, and even if I could install one in this machine, there was no way to get the images onto the disks, ugly all the way to the bank on this one).

After having to gut a production machine to get a the build onto the drive, it neglected to install perl (apparently Perl is not part of a ‘Development Workstation’ according to their installer, gar!). I decided to mount the cdrom in another drive, and map it over nfs.

But wait, my 3c905 Vortex NIC decides to start spouting packet errors and ghosted frames. I rummaged through my storage and spare parts and found one lone 3c509 ISA card, and put it into the box. Try again, no video. Wiggle some cards, move some slots, now I get video, but the cdrom in the other system fails on one lone file… guess which file I can’t read from the cdrom: perl_5.005.*.rpm. ARG! I can’t get a break!

dyork, you’re not off of the XML/XSLT hook with me yet… I have quite a handful of questions to toss your way. I’ll try to keep them en anglais for you.

Enough for me for today. I’m just not going anywhere near hardware right now. Maybe a good movie will get me distracted enough to concentrate on this when I get back tonight.

Advogato Certification Redux

deven, firstly, I was testing a theory about certification, and in the process, wasted one of my certs to test it out. Secondly, if you read the Certification Overview, an Apprentice ranking is earned by

someone who has contributed in some way to a free software project, but is still striving to acquire the skills and standing in the community to make more significant contributions”.

Looking over your diary entries, since you’ve joined, you’ve consistently complained about your certification level, including requesting of others that they certify you as “Master”, yet you still
haven’t identified any free software projects that you are contributing to.

If fixing the certification is your main goal, go ahead and add yourself to mod_virgule and begin contributing in some way. Doing so will then begin earning you the certifications you desire. Right now, you have no projects, and from what I read in your August 8th 2000 diary, you don’t plan on it soon.

Yes, I will make significant contributions to free software. Of that I am certain. I can’t say for certain when, but I will. However, until I have something significant to point to (and maybe beyond then), I am staying out of this self-certification morass.

You currently have an Apprentice ranking, which is a bit above what your current diary entries indicate. Now let’s begin adding yourself to some projects and work towards meeting that ranking.

Worry more about contributing to the community, not about what one lone website certifies your community status at. That’s all.

Bad Behavior has blocked 1809 access attempts in the last 7 days.