random neuron misfires

Another in a series of my “Dragons” posts, this time about more invasion of my rights. This Guardian Unlimited article talks about the police wanting to make it illegal to withold encryption keys when asked for them.

“They also want to make it a criminal offence for suspects to refuse to cooperate in giving the police full access to computer files by refusing to disclose their encryption keys.”

Let me just publically reply to that with one word: NO.

My encryption keys are put there to keep YOU out, permanently. If you do not have the right to see the information, data or other bits encrypted by my (exceptionally-strong) keys, you simply won’t get access to it.

Threaten me with jail, throw me in jail, do what you think will work to get me to turn over my keys… it will not work. I would rather spend a lifetime in jail protecting my data, than give you the irrevokable right to invade my privacy and freedoms and the freedoms of others who would come after me.

The persuit of freedom and upholding those freedoms is worth more than my life or the lives of any of my friends or family. They don’t have my keys and torturing them will not get me to give them up. I have an incredible tolerance to pain, some would say inhuman in some cases (I’ve had doctors tell me this several times, as I’ve undergone several medical procedures without any numbing agent).

Shipping me off to some other country that allows torture to try to extract my encryption keys will result in one of two things:

1. A frustrated torturer, who is unable to extract my keys
2. A dead suspect, after enduring hundreds of different torture methods, unsuccessfully

Either way, you don’t get my keys, or my data, or anything I don’t elect to give you. Pain, medications, whatever you think will work, will not. My willpower and tolerance is stronger than anything you have.

Let me reiterate, you will not get my encryption keys, under pain of threat, physical pain, medication or otherwise. Either I will be dead, or you will give up. Either way, you have nothing.

Are we clear? Good.

I found this interesting article on Google News:

The British police on Sunday accepted ‘full responsibility’ for shooting a Brazilian who turned out to be totally unconnected to the July 21 London blasts, but said they will have to shoot suicide bombing suspects in the head to prevent them from detonating explosives.

“There is no point in shooting somebody’s chest because that’s where the bomb is likely to be. There is no point in shooting anywhere else because if they fall down they detonate it. This is drawn on the experience from other countries including Sri Lanka,” London’s Police Chief Ian Blair said about the way Jean Charles de Menezes was killed on Friday in South London’s Stockwell underground station.

Another article makes an interesting point on the murder of this Brazilian by these officers:

“They had to kill someone to show the whole population they are working and make the country safe,” Pereira told the BBC.

I’m sorry, has everyone gone insane? Not only did they kill this 27-year old kid by accident, but 3 cops held him down and then shot him in the head.. 5 times!!!

Shooting someone in the head does not stop them from detonating a bomb. A grenade is a perfect example of this. Pull the pin and carry it in your hand. Now, if someone were to shoot the person holding the grenade in the head, especially from a distance, muscle control to the hand would relax, and the grenade’s handle would spring out. Of course a more sophisticated system would be necessary to work with a “chest-mounted” device as this article claims, but come on now.

If a terrorist is willing to blow himself up (and any other people who happen to be in the vicinity), do you really think threatening to shoot them in the head is going to stop them? They don’t care about their “human shell” of a body, that’s not the point. They don’t value life in the way that many other cultures do. These threats will do nothing to stop them, and in fact may just motivate them further. There are probably more terrorists out there (or supporters of terrorists) in any one location than cops-with-guns to stop them..

This is nothing more than the typical fear-mongering running rampantly out of control in our society. You can’t control people with fear, and guess what… THAT IS THE DEFINITION OF TERRORISM.

Main Entry: ter·ror·ism
Pronunciation: 'ter-&r-"i-z&m
Function: noun
1 : the unlawful use or threat of violence esp. against the
state or the public as a politically motivated means of attack or coercion
2 : violent and intimidating gang activity <street terrorism>

—ter·ror·ist /-ist/ adj or noun —ter·ror·is·tic /"ter-&r-'is-tik/ adjective

I found a great comment on Slashdot that touches on some of these exact issues. Its a bit long, but well worth the read.

The irony of all of these attacks, is that Osama has already stated that the attacks would stop when we pulled out of Saudi Arabia. We all know why we can’t, however. I’ve been wondering what $182,862,244,509.00 (the current cost of this “war” so far) would have done if we invested it in alternative fuel solutions instead. Maybe dig a 300 mile lake in the middle of the Sahara Desert to help feed the millions of people there. We could have used it to do hundreds of things other than try to steal someone else’s property (cough, oil) under the pretense of a false war.

The Saudi’s attacked us on 9/11, why are we in Iraq? Why don’t we have Osama? Where are the WMD? What happened to all of these stolen, lost and faked votes from the 2004 election? Why aren’t we aggressively persuing these answers?

The current state of affairs sure is making George Orwell’s world seem closer to reality. I have to wonder if someone in office isn’t reading the book “1984” and confusing it with a congressional guidebook to running a country.

“Declaring things that clearly aren’t terrorism as terrorism is terrorism!”

One final thought: Our founding fathers were terrorists, by definition. Terrorists created this country. Repeat that over and over and you’ll see what a sad state of affairs we live in now.

Apologies for the rant, but this country and the growing invasive policies of other countries makes me so sick I could vomit.

I just found out that James Doohan, aka “Scotty” from Star Trek has passed away at the ripe age of 85. Doohan died at 5:30 a.m. at his Redmond, Wash., home with his wife of 28 years, Wende, at his side, Los Angeles agent and longtime friend Steve Stevens said. The cause of death was pneumonia and Alzheimer’s disease, he said.

From 1966 to 1969 he starred in the Star Trek series until NBC ordered it cancelled due to ratings problems. He also starred in the 6 Star Trek movies and several other Star Trek related appearances over the years.

James Montgomery Doohan was born March 3, 1920, in Vancouver, British Columbia, youngest of four children of William Doohan, a pharmacist, veterinarian and dentist, and his wife Sarah. As he wrote in his autobiography, “Beam Me Up, Scotty,” his father was a drunk who made life miserable for his wife and children.

At 19, James escaped the turmoil at home by joining the Canadian army, becoming a lieutenant in artillery. He was among the Canadian forces that landed on Juno Beach on D-Day. “The sea was rough,” he recalled. “We were more afraid of drowning than the Germans.”

The Canadians crossed a minefield laid for tanks; the soldiers weren’t heavy enough to detonate the bombs. At 11:30 that night, he was machine-gunned, taking six hits: one that took off his middle right finger (he managed to hide the missing finger on the screen), four in his leg and one in the chest. Fortunately the chest bullet was stopped by his silver cigarette case.

For those of you who can, or have the means.. please consider donating to the Alzheimer’s Association so others can live long and prosper without suffering from a horrible disease like Alzheimers.

I’m sure I share in the feelings of millions of science fiction fans around the world when I say “Mr. Doohan, in your new journey, go as boldly as you did when you led us in all your journeys on our television sets over the years, in our hearts and in our imaginations.”

You will be missed.

I run some services here for lots of projects. Let me rephrase that, I run a LOT of services here for various projects, development and customers for the two different companies that I own. At any one time there are at least 7 servers up and running here doing various things; generating content, serving webpages, building software, whatever.

This includes personal mail for users (with imap and webmail access), about 2-dozen mailing lists, web hosting for about 70 different domains and projects, bug tracking, blogs, portals, revision control for Open Source projects, irc for developers, torrent tracker for releases, compile farm, and quite a few other things I can’t think of at the moment. All of this requires solid, reliable, 24×7 bandwidth to sustain… and clean power.

All of this comes out of my own pocket: bandwidth, power, servers, hardware, time. Its not cheap.

About a month or so ago, I decided to double the speed of the incoming bandwidth on the server’s dedicated lines (hosting the services above) and my inbound DSL connection. The DSL is my own “personal” Internet line, and the other lines are dedicated to the servers themselves. This also doubled the price I pay for the bandwidth, but the Google Ads seem to be sustaining most of that now.

I graph and monitor all the inbound and outbound traffic with quite a few different tools, so I can track and notice trends, attacks, statistics for customers, and many other things. Things were good for about two weeks… but then it started sliding downhill.

Here is an example of a recent Slashdotting that we cleanly survived:

Over the last two weeks, I’ve noticed the VPN to IBM that I keep open has been dropping out many times per-day. I’d try to restart the VPN and get errors. I went into the server room (where the DSL and other networking lines come in) and noticed that the DSL modem didn’t even have a line to the CO. A quick power-cycle of the DSL modem would cure it for a few hours. It started happening late at night and early in the morning, during lower traffic times for me.

Fishy. I checked to see if I was being “packeted” by some script kiddies or attacked, and nothing obvious showed up in the graphs. A call to my provider after 2 weeks of dozens of dropouts per-day seemed to provide some action. They believe the problem is with the port I’m using at the DSLAM, specifically that it is “over-provisioned”. They tried capping my line down a few Mbit, which helped for a day or three, but then the dropouts started again.

Its gotten significantly worse now, and my speed on DSL is slightly slower than a 28k dialup modem. I can barely use the web now because of it. Its painful to watch servers and DNS queries time out, because I’m browsing at less than 5k/sec. Yowch!

If my provider can’t fix this (and credit me for the horrible speed and downtime), I’m going to explore moving to cable modem service again, like I had in Westerly.

Is providing broadband REALLY this difficult? I pay $180/month for 1.5Mb-6.0Mb/384-608Kb here and I barely reach the low-end of that scale. I’m 8k feet from the CO, so I should have a nice solid signal. Other countries have 10-times the bandwidth and pay pennies for it.

To their credit, my provider has been very patient and helpful during these stressful times, and we’re working through the issues to try to solve it, but… its been two weeks now. Let’s hope they solve it tomorrow when the landline provider shows up to test the lines and figure out the problem.

I use the Internet every day for research, for my job, and for other development purposes. I can’t have it go down like this, at these speeds now.

This is ridiculous.

My daughter has taken to “exploring” her environment by picking up, touching, and walking around with anything she can. Its great to see her combine things in her environment, learn how to put things together, and where things go.

Unfortunately, she walked off with my Sony earphone buds, and nobody can find them… I’m sure she put them down somewhere, but I’ve searched every crevace in the house and I can’t find them. They were a bit old anyway, so I decided it was time to replace them.

My other headphones were a pair of BOSE QuietComfort noise-cancelling units, but over the last couple of years, the headphone cups deteriorated, leaving little rubber pieces of “goo” on my head when I would take them off. Too bad that BOSE can’t make a good pair of headphones for $300 that do NOT deteriorate. Ironically, their warrantee covers everything except the exact kind of deterioration that I suffered. Obviously they knew about it ahead of time.

Sigh.

So I went out in search of a replacement set. I have simple requirements:

1. Must be ergonomic to fit in my ear
2. Must NOT be white, I don’t want that iPod “cool” look, period.
3. The cord must be symmetrical. I don’t want the cord running down one side of my chest, and I certainly don’t want to have the cord running down the back of my neck and around my arm.
4. They must be able to handle 10-20k Hz, minimum. A lot of the music I listen to is bassy and has lots of highs (ambient, electronica)

That’s it. Simple… Nothing magical, ergonomic ear buds with a symmetrical cable, in black, that can reproduce a decent range of frequencies.

I went to about a dozen different stores to find some earphones. I went to OfficeMax, Staples, FHM, Radio Shack, Best Buy, Target, WAL*MART, and some other local no-chain stores. The one with the widest selection was FHM in the local mall here. Note to self: Do not go to the mall on a Friday night when school is out. It felt like a high-school hallway in every store.

FHM had about 20 pairs of headphones, none of which I could take out and try. Most of them had these wacky wrap-around-the-back-of-the-head earbands with huge earcups. Their buds were big, round, and non-ergo, and the others had white cords, for the trendy iPod crowd. I don’t want to look like I have silver dollars in my ears. They should be unobtrusive, black, and ergonomic, so they fit in my ears without any gaps to let sound (i.e. bass) escape.

Best Buy had a good selection also, but their headphones had that cord-down-one-side thing that I hate (because my laptop’s input is on my left and the cord went down on the right, I’d have to have the cord draped over or under my arms as I type. No thank you. There was a set of KOSS buds there, non-white cord, symmetric, but went from 70Hz to 20k Hz.

These are NOT ergonomic headphones, people…

What the heck is this? Quark from Star Trek?

For the last time, NO NO NO NO NO!

Come on vendors, just make some useful headphones, and don’t make them out of recycled milk cartons, and people will buy them. People who care about reproducing their music at more than 128k… you know, REAL audiophiles? Remember them?

Somewhere there is a design team who thinks their customer base is actually ASKING for this kind of garbage. Do some research, talk to your customers, stop calling them “consumers”, and treat them like people. You’ll find your products are not even remotely close to hitting the target market you’re trying to penetrate.

Sigh.

All I wanted was a set of earphones. I ended up coming home with NOTHING. Its depressing. The whole world’s products are turning to disposable garbage, mass-produced, without a hint of quality. The 5-year old headphones I had were ten times better than what you can find today, and today’s headphones are almost twice as expensive.

I’ve been noticing a sharp increase in trackback spam from zombied Windows machines. The interesting part of this is that they “broke” the URL by lowercasing it… the 2q2000 should be 2Q2000.

Well, after over 2,000 hits from over 248 unique IPs, I decided to take some retaliatory action. I wanted to try to resolve the IPs down to a really granular level (ISP name, gps coordinates, whatever), but there really aren’t good tools to do this yet (not without lots of manual checks).

Originally I wanted to craft up a quick mod_rewrite rule to bounce the “broken” request to the valid one.. but that would be espensive on the Apache side. Since I value elegance and simplicity, I just created a symlink from the original directory to the “broken” directly. Problem solved!

So now instead of getting thousands of 404 requests per day from these countries, each request goes to a valid page which either earns us some revenue for impressions, or causes Google to index our pages by initiating the hit.

Either way, a win for us.

I purchased an external 2.5″ drive from a company online, which is basically a Yahoo! store behind it. The drive enclosure I received wasn’t exactly what I had ordered. I wanted the IEEE1394a (Firewire 400) model, and received the IEEE1394b (Firewire 800) model. Since I don’t have fw800 ports, I’d have to use the usb2 connection. The problem there, is that Linux doesn’t support the Oxford 922 chipset on this drive. I mentioned this in a previous entry.

I went out and purchased a bilingual cable to make the drive work, and it did, though it was not bus-powered, as the original product spec sheet indicated. It doesn’t work with USB bus power or with Firewire bus power. After about a week, the power supply on the external enclosure just stopped working outright. It takes a lot of weird twisting and turning of the power cable and the drive enclosure itself to find the exact position that lets it power up. I should just be able to plug it in and not worry about it.

I received an email this morning from Yahoo! asking me to rate the vendor that sold me this drive. . I rated them with an “F”. Their customer service is non-existant, their entire website has zero contact information, there is no customer service number, there is no information on their privacy or returns policy, and many other shady things.

5 minutes after I submitted the review, I get a phone call from someone representing the company. He basically asserted that I was “an IDIOT“, and that I couldn’t read, and many other interesting and colorful profane phrases. Instead of finding out why I rated him with an “F”, he just proceeded to try to insult my intelligence with slander and libel. I calmly tried to explain that the device wasn’t what I thought I was getting (bus-powered, IEEE1394a), and that the PSU had died on the unit.

After several more insults and swears from this individual, I asked if he knew what slander was, and he said he did, and basically suggested I “go ahead and sue” or something to that effect. Then he tells me he is recording the whole conversation (also illegal, since he did not notify me of this at the beginning of the call, which is required by law. He wasn’t recording anyway, another series of lies).

Then he breaks down and tells me to send the drive enclosure back to him for a full refund, because “…he doesn’t want to do business with people like me.” I’m not sure if he was being discriminatory there or just ignorant, but these things didn’t bolster his side of the case.

We terminate the call and then I see in my email, a copy of a message he apparently sent to several others, calling me a “fucking idiot“, and then states “As posted on our checkout page prior to any purchase we do not do business with IDIOTS” (obviously their checkout page says no such thing, another lie on his part). I’ve made a local copy of their entire website, just in case they try to get smart and change what it says.

Here is a copy of the relevant parts of that email (maybe it wasn’t supposed to go to me?)

Date  Wed Apr 6 09:18:56 PDT 2005

Mark Reason  Other (every pages has our policy, and
our checkout page is very clear what a fucking idiot!)

It seems that you must not know how to READ, please
try to read your invoice and send item back for refund.

As posted on our checkout page prior to any purchase
we do not do business with IDIOTS

TKS

I’m sure if I was to send him the enclosure back (I will be anyway, certified mail, through the USPS, not Fedex or UPS, since it is defective) that he would just keep it, and my money, and not refund anything. The Better Business Bureau in Clearwater, FL has already been notified, as has my local BBB in CT.

I don’t tolerate or appreciate lies, deceit, insults, slander and libel being wrongfully directed at me. This person has absolutely no idea who he is dealing with.

In any case, if you are online looking for peripherals, avoid this company as much as you can. They’re shady, and they clearly don’t care about their customers.

My shiny new Thinkpad T42p came with an UltraBay Slim DVD-RW drive, which is nice and fast. Unfortunately, it also came with a 60gb primary IDE drive, which isn’t enough to hold my source, documents, projects and all of my VMware images for development and testing. On my Thinkpad T23, I had always used the UltraBay slot to hold a second IDE drive for these images.

This puts me in a quandry, because I’d like to use the DVD-RW, but also use my VMware images..

I decided to look into getting an external 2.5″ usb2.0/Firewire enclosure to hold a spare 60/80gb drive for the VMware images. I went with one based on the Oxford chipset, because I’d read that they were the fastest external chipset out there for these kind of enclosures.

I received the enclosure yesterday, and there were a few problems with it right off the top:

• The Firewire interface was 1394b, not 1394a (Firewire 800 vs. Firewire 400). I only have Firewire 400 peripherals, so this connection is useless to me, and the Firewire 800 pcmcia cards out there don’t have a usb2.0 combo interface, so I’d be swapping out pcmcia cards for each device. Not fun.
• The enclosure doesn’t run without external power when using the usb2.0 connection. One of the selling points of this enclosure was that I could use it without having to carry around a separate power “brick” with me when I travel. With usb2.0 being the only possible connection interface, this was important. Unfortunately, it requires a wall plug to power up the drive when using usb2.0. Ugh.
• It doesn’t work with Linux. Double-ugh. I thought it would “Just Work™”, but apparently not. I found this informative post from someone who had done some pretty extensive testing, and found that the Oxford 922 chipset is buggy, and doesn’t work with Linux. I wish I found this before I bought the enclosure!

The errors I’m getting look like this:

Apr 11 17:04:15 angst kernel: usb 5-2.6: khubd timed out on ep0in
Apr 11 17:04:15 angst kernel: usb 5-2.6: device descriptor read/8, error -110
Apr 11 17:04:15 angst kernel: usb 5-2.6: new high speed USB device using ehci_hcd and address 10
Apr 11 17:04:20 angst kernel: usb 5-2.6: khubd timed out on ep0in
Apr 11 17:04:20 angst kernel: usb 5-2.6: device descriptor read/8, error -110
Apr 11 17:04:25 angst kernel: usb 5-2.6: khubd timed out on ep0in

These are fatal, and the drive isn’t recognized. I use a LOT of external usb and firewire peripherals, so this was unusual for me. I tried about 7 different kernels and different suggestions from the community about ACPI and noapic at boot, but those didn’t seem to help.

So now I’ve got an enclosure that seems flaky with Linux, and doesn’t have the interfaces that work with the rest of my peripherals.

But.. I found a possible solution, a bilingual cable! Basically this cable takes Firewire 800 (1394b) and transforms it to Firewire 400 (1394a).

It was fairly cheap, so I ordered it. Hopefully this will let me use the drive on bus-power only, and in a way that Linux will recognize. Otherwise, I’m going to have to eBay the device. The company I purchased it from had a policy (that only showed up after my order was confirmed) that allows repair or replacement of the same device, but no exchanges. Ugh.

A couple of years ago, I purchased a Western Digital external combo drive to back up my laptops and a couple of the critical servers here. It was also partitioned for holding the digital images we take with our Minolta DiMAGE 7Hi. It was only a mere 120gb of capacity, but it lasted for quite a long time… but it was time to upgrade it.

The enclosure has two interfaces: usb2.0 and Firewire 400 (1394a). It works great, and has served me well for the couple of years I’ve had it. No complaints at all with it.

I recently went out and bought two Maxtor MaxLine Plus II 250gb drives; one for the main server, and one to replace the 120gb drive in the WD enclosure.

The upgrade of the external enclosure’s drive went pretty smoothly (full details of the disassembly), and recognizing the new drive went smoothly. I proceeded to back up 3 of the servers here to the drive, including making a duplicate copy of what was on the 120gb WD onto this new 250gb drive. I made sure to verify the backups to be sure things were intact. I’ve had a LOT of bad luck with storage and computer peripherals in general, so I was taking no chances.

The other drive went into the main server here, and that wasn’t so easy. I did an rsync of the existing running data to the Maxtor while installed in the primary slave location. So far, so good. I wanted to chroot to that drive’s mountpoint and just re-run lilo to create a working mbr on the slave, but that didn’t work so well.

Ok, second plan: switch the drives, boot the server to KNOPPIX and chroot from there, and run lilo. Nope, of course not. My KNOPPIX disks, which I use almost weekly were all no longer recognized in the CDROM drive in the server. In fact NO cdrom was recognized in that drive. Arg!

So I had to put the original drive back in as slave, switch the bios to allow me to boot to that second drive, and then re-ran lilo from there, which put the right mbr on the master. Whew. A few hiccups with some startup scripts, and I was back in business. The drive is pushing about 1gb/sec. over cache, and 49mb/sec. over disk reads. Not bad at all.

Once I wiped the servers after doing the backup, I stupidly decided to try to defrag the ext partition. It was ext3, so e2defrag barfed on it. I used tune2fs to take off the has_journal and dir_index bits from the drive metadata, and tried again.

This time it got as far as calculating the inode indices, then crashed. Ut oh. I ran e2fsck on the drive, and it segfaulted about 70% into the process. Double-ut-oh! I ran it several times, all segfaulting in the same place. Running it under gdb produced the following barf:

     0xb7fcf45b in ext2fs_unmark_generic_bitmap () from /lib/libext2fs.so.2

Rut-roh! So I decided to yank all of the data off of the backup drive onto other systems with enough free space to hold it, and reformatted it to XFS instead. After restoring the data across, all seems well.

Whew!

Well, we finally did it. After debating for months about whether or not to get an SUV, a truck, or a minivan, we’ve decided that a minivan makes the most sense right now in our lives with Seryn and our frequent travel and storage needs.

We’ve test-driven many vehicles in our quest, including the Hummer H2, Toyota Sienna, and others. The Hummer H2 is a funny vehicle.. exhorbitantly overpriced, absolutely horrible gas mileage (6mpg, so low in fact, that they can’t even print the mileage on the invoice sticker), and its heavy as a tank. Unfortunately, its about as useless as a tank too. Hummers are really REALLY fragile too. They are so vastly different from the original Hummer, that its funny they chose to use the same name.

The Toyota Sienna was a really nice van too. Smooth ride (though a bit loud in the cabin), lots of power outlets, and an obscene amount of cupholders. I think I counted 18 of them throughout the car. It doesn’t really look like a minivan either, which is a plus, but at $42k for the options we wanted, we might as well just get a full-blown Toyota Sequoia instead.

We also had the pleasure of renting a “Dodge Grand Caravan” for a trip to Buffalo, NY.. land of snow. For the most-part, Erika and I liked it. It was fairly roomy (though we packed it fully of Christmas goodies, luggage, and Seryn’s stuff), and it had the “Stow-n-Go” seats that fold flat under the floorboards. Of course, we got the “baby blue” model. Yuck.

The van handles and drives well, even for a 2-wheel-drive model (AWD is available, but not on the rental we had). There was room to get up and walk around inside, and the captain’s chairs were fairly comfortable. Its still a minivan, but it wasn’t bad.

So today we went down to the local Chrysler dealer and looked at their “Town & Country” minivan.

Note: The Chrysler Town & Country and the Dodge Grand Caravan are exactly the same, except for the company logo on the front grille. Everything inside is identical… seats, dash, floormats, everything!

The vans they had were fairly nice, though we didn’t get to test drive it. We decided that we could save about $12,000 if we went with a 2005 program version, vs. buying a brand new 2005 off of the lot. With the savings, we could also end up trading up for their “Limited” model, with leather, sunroof, and all the extras.

So that’s what we did, and the dealer is trying to find one in our color and style for us as I write this. We put a deposit down to secure the van if he can find it, and if he can, we’ll probably be proud owners of a new 2005 Chrysler Town & Country minivan.

NOT in baby blue, of course.