UTOSC Day 1

My first day at the Utah Open Source Conference is just about done. I really need to get to bed so I don't fall asleep during my presentation tomorrow. That would be embarrassing. I only made it down at 6:30pm for the dinner and keynotes, which I'm glad I attended. Mac's talk was great and so was Paul's, although it did seem to drag on. Maybe that's because I needed to go to the bathroom. I also had a chance to visit with a few Linux newbies at my table, which is always fun. But the highlight of my day had to be meeting Harleypig. Thankfully, no speedos were involved.

tags: 

The Truth Comes Out

I have long been a critic of many things our current government, as faithful readers are aware. I came across a very insightful interview with Michael Chertoff which I found both surprising and depressing.

The good news is that in some ways, Chertoff has some good ideas. For example,

The larger challenge -- and frankly one that is further out -- is to find a way to partner with the private sector to enable and encourage them with some to the capabilities that we have to increase their defensive capacities, but on a voluntary basis, meaning not making them do it or regulating them into doing it. But instead offering them the opportunity -- much the same in the non-cyber-world, we go to people who run power plants and dams and we share information and best practices that they can use to defend their own assets.

That's a great use of government resources. It's not in private industry's interest to make security a priority, since security is a cost with no immediate return. The government can fund research, encourage secure practices and require security. That makes us all better off and combines the advantages of legislation and free markets.

Next he addresses the recent hubbub about laptop seizures,

The only thing that happened recently is that I ordered the policy to be put online in the interests of openness and transparency. We get about 80 million people a year coming to our airports, and a very small number are put into secondary inspection and that's based on some suspicion that the inspector has about the person.

It is that pool of people in secondary that have their things gone through, they can have their luggage and documents gone through. And nowadays because you can bring contraband through on a laptop, they can have their laptop looked at.

If things are really as he describes, it really doesn't sound that outrageous. What I think is that the policy they posted is written poorly and doesn't indicate what's actually going on. So if this policy only applies to those who are suspected of something and therefore brought in for secondary screening, put that in the policy already! This whole flap would have been avoided.

Now, on for the more interesting bits. Wired asked him about the huge mess knows as the no-fly list. He says,

In the airport environments, supposing there is a terrorist Jim Smith and that person should be on the watch list, the question is how do you distinguish them from the other Jim Smiths and the answer is you need an additional bit of data, such as a birthday.

That would override or eliminate most false positives.

So the solution to a bloated list is to make the list even bigger? Mr. Chertoff, when you realize you're at the bottom of a 10 foot hole, the first thing to do is stop digging. There is no way that 1,000,000+ terrorists are walking around in this country just chomping at the bit for their chance to hop on an airplane and blow it up. It's not realistic. Given that 99% or more of that list is cruft, of course you're going to have false positives. That's all you're going to have and even in the off chance you find a bad guy, everybody will assume it's just another incorrect assessment. The whole no-fly list needs to be junked.

And then the shoe drops. He reveals the true motive for most of the "security" measures deployed of late.

If you stopped using the watch list and basically anybody could get on a plane without knowing their identity, sooner or later something would happen -- and people would lose their lives, and then there would be another 9/11 Commission and we'd hear about how you had this system and you would have kept them off and these people lost their loved ones on a plane.

Let me rephrase that for you. "If something happens, even if I had no way of actually preventing it, my butt is going to be dragged before Congress. I would rather inconvenience hundreds of millions of innocent people than risk that to happen. At least then I would be able to say I had 'done something'."

What we really lack here is a way to effectively measure how well security mechanisms are working because terrorist events are very rare. Between the time the World Trade Center was bombed the first time and when it was attacked on 9/11, we very well could have said "whatever it is we're doing, it must be working". Well clearly it wasn't but how would we know that? Chertoff even gives us a great example of this,

I don't know if they do it anymore, but when I was a kid we all had polio shots, and after a while, you just don't know anyone with polio. And the question was raised was, why are we taking these shots? There's not that much polio around. And one of the reasons there's not that much polio around is that everyone is getting inoculated.

It's very easy to measure whether a polio vaccine is working because it was so widespread and results were quickly available. It's simple to see that spending money on the polio vaccine is worth the money. The same is definitely not true of terrorism. We can spend billions (as we have) and still not know whether we've actually made a difference or not. That's money wasted for no appreciable amount of security, and that folks is the current motto for the Department of Homeland Security.

tags: 

Recovering After a MySQL Replication Failure

I just solved a weird MySQL replication problem and thought I would share with you all. First, the background. I have a master and slave running with one-way replication. The slave just sits by waiting for his time to shine, but otherwise doesn't do anything. Well, last week the master had a problem with the filesystem. I can't recall exactly what it was, out of space or something. It confused the heck out of the master and so it basically shut down. One of my co-workers fixed the problem and got the master running again, but the slave was in a pickle. Here is the error it was showing:

Relay_Master_Log_File: mysql-bin.031
     Slave_IO_Running: Yes
    Slave_SQL_Running: No
           Last_errno: 0
           Last_error: Query 'DELETE FROM foo WHERE bar = 1' caused different errors on master and slave.
                       Error on master: 'Got error %d from table handler' (1030), Error on slave:
                       'no error' (0). Default database: 'baz'
  Exec_master_log_pos: 118871

Because it thought the command failed on the master, it refused to continue. I can't say it's an altogether bad plan since data integrity is generally the main theme of a database (yes, cue the jokes about my using MySQL in the first place). The question became, how do I get the slave to start up again. "SLAVE STOP; SLAVE START" didn't have any effect.

The trick was suggested to me by a post at mysql.com which pointed out a tool new to me, mysqlbinlog. See I figured the simplest thing would be to restart replication at the step just after the "failed" transaction, since I knew that transaction had actually succeeded. But I have no idea how the binlog counters work, so I couldn't just make up numbers. It's some kind of binary offset. Well, mysqlbinlog will show it to you.

# mysqlbinlog mysql-bin.031 -j 118871 |less

Which of course showed me this:

# at 118955
#080605 18:59:09 server id 1  log_pos 118955    Query   thread_id=3218  exec_time=0     error_code=0

So on my slave I restarted replication at offset 118955 and like magic, the slave ripped through the binlogs and caught up in practically no time at all.

tags: 

Scope Creep

Accordig to The Register a man was indicted on fraud charges for opening thousands of accounts with ETrade and Charles Schwab. He had them send micro-payments, just a few cents each, and then collected the booty. Interesting story and may he rot in jail. But what I find particularly interesting is that his "undoing came as a result of the USA Patriot Act, which requires financial businesses to verify the identity of their customers". Wait, wait, wait. I thought the Patriot Act was to catch terrorists. Surely that isn't what they're claiming.

Make no bones about it, all these new laws to fight the "war on terror" have ulterior motives. Sure, they may help find terrorists but there is no doubt that LEAs have received a carte blanche for laws they've always wanted. They've learned well from Microsoft, it appears, and have passed around so much fear, uncertainty and doubt (FUD) that our lawmakers have given them pretty much whatever they want. What we really need is to settle down and quite acting out of instinct and fear, and instead use a little of that logic stuff.

tags: 

Book Review: Starswarm

Title: Starswarm
Author: Jerry Pournelle
Published: 1999 by Tor
ISBN: 0812538935

It's been a while since I've read a work of fiction, and even longer since I picked up any science fiction. That's a real shame because there's some good stuff out there. I learned about Jerry Pournelle from the TWiT podcast, which I listen to regularly. On the show he seems to be quite abreast of technology and somebody (could have been him, not sure) recommended Starswarm as a good first read of his. That's how this book and I became acquainted.

The story is about a boy named Kip who lives on a planet named Paradise, somewhere far far away from Earth. It's a colony run by a corporation named Great Western Enterprises. The planet is fairly earth-like, although not a clone by any means. First thing you might notice would be the blue sun. The local flora and fauna are different, although similar too. Some of the notables include centaurs, haters and the lovable starswarm. The latter is some kind of a water based plant which can grow to immense proportions but is largely misunderstood by the humans.

Well it turns out that Kip isn't an ordinary boy. For starters he has a computer chip in his head which he can use to talk to a mainframe computer. He's also not who he thinks he is. During the course of the book, he does eventually find the truth (which I'm trying hard not to give away). The events leading up to the discovery and those that unfold afterwards are pretty interesting and exciting.

I was rather pleased with the book. It held my interest well and I finished it in about a week. The story flowed smoothly and the science all seemed to fit in with the environment.

The one complaint I might make would be that the book ends rather abruptly. One page there's an intense standoff and the very next the book is over. There is very little in the way of resolution beyond a quick hand wave that "they lived happily ever after". In one way that might be a good thing as it left more pages to be filled with helicopter chases, gun fights and other assorted excitements. On his website, Pournelle indicates that Starswarm may be developed into a series, something that I'm certain it would be well suited for.

I enjoyed the book immensely and would recommend it to others. I undoubtedly will read more Pournelle novels.

tags: 

Switching To Digital TV


Way back on the 2nd day of this year I signed up for a digital TV converter box coupon. Actually I visited the site at about 2am on January 1st, but apparently they hadn't launched the site yet. Just this last week, on Tuesday in fact, my coupon finally arrived. I only got one because we only have one TV and if we were to ever get another TV, it would be digital so there really wasn't any point.

We had the option of shopping at Best Buy, Radio Shack, Circuit City and Walmart. Since I've sworn to never shop at Circuit City and to never buy electronics at Walmart, that left only two options. And Radio Shack kinda gives me the willies, so really I only had the one option. That's OK though. Best Buy hasn't ticked me off yet. Well, except that every time I go in they manage to slip my purchase into a plastic bag before I can ask them to use my canvas shopping bag. Oh, well.

I was hoping to have a few choices, which is why I took along the list of approved devices, but it turned out that Best Buy only carried a single model, the Insignia NS-DXA1. That made that easy. It was $59.99, which of course dropped to $19.99 with the coupon (plus tax).

For a quick review, I'll just say that the box works just as it is supposed to. We plugged it in, it scanned the frequencies and found every available channel. I was worried that I would have to get up and reorient my antenna (a large boom secured to my chimney). I was therefore extremely relieved that it Just Worked®. There was a brief period of concern though because it didn't pick up two channels, but after reading about them on Wikipedia I discovered that they were not assigned sister digital channels for the conversion. Instead, sometime between now and February 17, 2009 they will make an instant conversion. Luckily, those are the channels we watch the least.

With my digital converter the signal quality is great. The analog channels ranged from mostly OK to mostly not so much, but all were watchable. Now they're all crystal clear. We also now get 5 extra channels, one is a weather channel from the NBC affiliate, and 4 extra channels from PBS. The latter are a real bonus because one of them shows cartoons all day. My kids love PBS Kids.

My assessment would be that the digital conversion has gone well for me. Just took way too long. But is anybody really surprised about that?

HP Ink

I guess I could format this post in a "Cheers and Jeers" style, but that seems a little clichéd. See I was replacing the ink cartridge in my HP J5780 printer (which is a fine unit, I might add). So on the one hand I was miffed that the "starter" ink cartridge was so tiny. But to my surprise I discovered that the replacement cartridge came with a prepaid return envelope for sending the empty cartridge back to HP.

Recycling cartridges isn't anything new. Office stores have been doing that for a long time. They refill them with ink and sell them to you again (at outrageous prices). But what is impressive is that HP took a step to make it so darn easy. I'll shamefully admit that I've never recycled my cartridges before because I just never remember. I rarely go to office stores and even then I never remember to take the empties. So they just end up in the trash, which isn't good. This obviously is better.

The one question I have though is whether shipping this cartridge to Nashville, Tennessee is better for the environment than either A) sending it to the local landfill or B) dropping it off at the local Staples and sending a whole bunch of cartridges to Nashville. I imagine B is more efficient, but I'm not sure about A. But since I lack the resources and/or willpower to research it, I'll just send off this old cartridge in this handy dandy green envelope and assume that I'm helping the planet. Helps me sleep better at night, you know.

tags: 

VoIP QoS With Wondershaper

Hans and I were discussing QoS the other day, specifically regarding using Wondershaper from the LARTC. I had managed to mess mine up and I subsequently noticed a horrible turn for the worse in my VoIP calls. Wondershaper has to be adapted for use by OpenWRT and in the process I misspelled sch_ingress.o as sch_insmod.o. Too much insmodding that day, I think. The net effect was that download speeds were not shaped at all.

Once I got it corrected, I decided to do a few tests just to confirm that using Wondershaper actually made a difference. I'll cut to the chase for the lazy: it did. I made 45 second calls to music on hold from my softphone, Twinkle. In the background I had Wireshark running. I used the RTP analyzer in Wireshark to look at the statistics after all was said and done. I used both versions of Wondershaper, the CBQ and HTB. I had a single download running the whole time eating up all spare bandwidth.

With no shaping: 4.4% loss (95 packets), 60ms jitter
With CBQ Wondershaper: 0.2% loss (5 packets), 35ms jitter
With HTB Wondershaper: 0.3% loss (6 packets), 28ms jitter

So my unscientific conclusion is that both versions of Wondershaper work about the same and they both make a huge difference. I could easily hear the packet loss on the first call, but not so much on the other two calls.

tags: 

Pages

Subscribe to zmonkey.org RSS Subscribe to zmonkey.org - All comments