Dave Shevett, Author at Planet Geek!

Chilly in Boston!

Photo_011707_002

Originally uploaded by eidolon.

Yes, that display really does say ‘9 F’ – 9 degrees fahrenheit. That was at 10pm tonight, on the way back from band practice. It seems to be holding there, the thermometer here at home is showing 10 degrees outside.

One thing this does remind me of is how important a house that has a decent building envelope is. Right now our (rented) house leaks like a sieve. I durned near froze my tootsies off last night as our room temperature probably hit the high 40’s overnight. My fingers were -cold- when outside the blanket. When I finally dragged myself out of bed this morning, the in-house thermometer in the hall happily said ’58’, and this after the sun had been up for 2 hours.

Today Catya picked up a couple small ceramic room heaters – much as I hate using electricity to heat, the alternative was unacceptible.

Fortunately, Mosaic is building things with a very GOOD building envelope, so even on the coldest days, we’ll be able to keep up. This house has a perfectly fine large oil heater in the basement, and baseboard heating all throughout, but that furnace cannot keep up with the amount of heat loss poor (I’m suspecting _ZERO_) insulation, and badly designed structures allow through.

I can’t wait to move.

Spam fighting and whitelisting. What’s the correct path?

Well, it’s hit that point. With the astronomical increase in spam lately, it’s getting quite obvious the problem will not abate on it’s own. The open-ended ‘we trust each other’ process of mail delivery is now in it’s death throes, it’s time to look at other solutions.

According to my spam report, my personal inbox is getting 450-650 caught spams a day. Unfortunately, that is only my Stage One filter. I also use Thunderbird as my email client, which has excellent spam filters of it’s own, and that catches another 100-150 messages there. I have monitors showing me the total mail I receive daily, and it’s in the 1500 messages range, of which 500 or so are mailing list messages. That means one out of every 100 messages I receive is legit. And lately, the filters have occasionally gotten things wrong. Mail intended for me is marked as spam, and I never hear about it.

In 12 hours of operation on our only mail server, here is an account of the volume we move:

Grand Totals
------------
messages
4801   received
5413   delivered
173   forwarded
79   deferred  (434  deferrals)
230   bounced
484   rejected (8%)
0   reject warnings
0   held
0   discarded (0%)
45428k  bytes received
49843k  bytes delivered
1416   senders
1092   sending hosts/domains
334   recipients
148   recipient hosts/domains

In the past, it was okay to occasionally go through your spam box and see if there’s anything legitimate in there. That is simply not possible in todays climate. It may take an hour to go through a days worth of spam, and is mind numbingly tedious. There’s a good chance you’ll miss something just because it -looks- like spam.

So what are the options? This is where I’m asking for help. I’m speaking not only for myself, but also for the greater Homeport community. I maintain user accounts for 20-30 people, and they’re all under the same attack as I am, maybe to somewhat of a lesser degree, but it’s still hurting.

I’ll note for the record that we are currently running Amavisd, with Spamassassin, all through Postfix. Amavis is happily removing -all- virii from our mail, so that is not an issue. SA with some filter tweaking is doing an admirable job considering the masssive load it is contending with.

Option A – A commercial filtering service
There are several vendors that offer commercial filtering. Many of them are simple ‘mail accounts’ that you can POP your mail off of, letting them handle the filtering. Others will forward a specific mail address in and out of their system. Are there services that will filter an entire domain? I’d be willing to pay for a service that maintains its filters, rulesets and RBLs in a respectable fashion.
Option B – Fiddling my own configuration
I’ve been doing this for quite a while. It’s tedious, it’s time consuming, and it’s never ‘quite right’. It’ll work perhaps for a few, but how do you really know if it’s working correctly? I’m probably going to do one major wash-through to enable the various Postfix standard rules, but in reality, unless someone wants to take over being Spam Master for Homeport’s servers, this is not a task I’m keen on doing much longer.
Option C – Massively restrict received email
I like the idea of using some form of sender authentication. I’d be willing to say “If you PGP sign your message, I will accept it”. This is something that’s available to most mail users, and is easy to enable. It makes tracking easier, and I can rank accepted mail by if I’ve accepted their PGP key onto my keyring. The drawback to this is that not everyone I communicate with will have PGP set up, and while it will help with authenticating known users (everyone I bludgeon into using PGP), I still run the risk of missing important mail from people I have not corresponded with.
Option D – Whitelisting
This is probably the easiest to implement, but gets the most grief as a poor solution. I know the list of people who I correspond with regularly, I know they are not spammers. There is a slight risk a spammer may forge their email address in a From line, and therefore get through my filters, but in reality, I have seen NO spam of this type ever in my mailbox. Ever.
Option E – Give up on email altogether
No, not give up in this whole concept. But give up trying to run my own server. Gmail and Yahoo both have excellent mail clients, and they are available to remote clients. Why fight this anymore? Everyone should just get their own accounts on gmail, and be done with it.

So that’s where I am. I invite folks to chime in with ideas or suggestions on where to go from here. I know this discussion is happening all over the net right now, but wading through that is tedious and rarely productive. I also invite the members of the Homeport community to chime in with their suggestions, observations, or thoughts on how the systems are running now, and where things should go.

Windows Idiocies

I’m sure this will end up turning into a nice long list, but lets start with this particular rant. If you have a Windows XP installation, and you’re trying to enable or disable something from starting when the machine boots, where do you go?
Well, naturally, you right click on Start, go to Explore, look at Programs->Start menu->Startup and… hm, your app is not there. Ah, must be on the global settings. Explore all users, programs, start menu, startup… hm, not there either.
At this point, the spectre of editing up the Registry comes in, where you have to navigate ridiculously long lists of keys to possibly find the switch that may actually fix your problem.
Today I found a new one. Microsoft has decreed (jedi hand-wave here), that all Windows XP computers must start MSN Messenger when they boot. You don’t have a choice, it’s enabled by default. Sorry if you don’t actually want to use it, or you’re using some other IM system.
Microsoft, by the way, doesn’t -tell- you it’s running. It’s not in the tool tray, it has no startup screen, it’s just ‘there’. The only reason I knew messenger was running was that when I logged in via Jabber, a little popup window told me, nicely, that I had been forcibly logged out of MSN messenger because I had logged in elswhere. Afterwhich, the popup disappeared, and again I had no access to Messenger. Thanks guys.
Today I decided to finally rid myself ot this behaviour. There may be occasion to use the Messenger service, but I want to determine when I run it, and when I don’t. It would be easy to go to Control Panel->Add/Remove software, and evict the application entirely, but that’s not what I wanted to do.
Apparently there’s an alternative to this mayhem. I dug through various google results and came up with this gem:

Simply mention the word “registry” and some folks cringe! There’s a much easier way to stop Windows Messenger from starting and running in the background in Windows XP. And this can easily be done without doing any registry editing. All it takes is a few clicks of your mouse.
Go to Start>Run and type in gpedit.msc which will take you to the Group Policy and Local Computer Policy settings. Now click on User Configuration>Administrative Templates>Windows Components>Windows Messenger. Set both settings to âENABLEDâ? and reboot. Thatâs it! This will allow you to disable Windows Messenger, which will stop it from loading at start-up.
This is by far the most straight forward and easiest way to disable Windows Messenger. And should you decide to use Messenger in the future, just simply reverse the changes you made and turn it back on anytime you like!

Sounds good, and after a few clicks, lo, there’s the policy. To me this seems like yet another interface that applications under Windows may or may not adhere to, but it seems like it’s worth a shot.

Arisia is nearing its membership cap. Register!

A reminder to all my sundry friends – Arisia is this weekend. Due to the hotel change, there is a membership cap in force, and we’re getting close to it. If you don’t pre-register, there’s a very good chance you will not be able to buy a membership on site!
So in the name of all that’s good, register!
This has been a public service ranty announcement.
For those who have been asking, yes, I’ll be working registration, but this year I’m not actually heading it up. So I will have time away from the reg desk to socialize, play, and generally have a good time. Might be a first for me! Mad props to Jasra and Sarah for all their intense work.
I’ll also be helping Blk with her dealer room, where she’ll be doing custom hairbraiding, as well as showing off some of my chainmail. Stop by the room on Dealers Row.

The iPhone : Another blow to Palm

By now everyone has heard about Apple’s latest contribution to the War on Available Cash, the iPhone. What’s been amusing to me is watching the impact this has had on the Palm world. It would be foolish to assume the introduction of an OSX embedded device with more features than ANYTHING on the market won’t have an impact on what has up until now been about the best in handheld general purpose telephone devices – the Treo. As a steadfast Treo owner myself (not without my share of gripes admittedly), I found myself, like most of the geek populace, seriously lusting after the new iPhone.
But don’t take my word for it. Lets take a look around the net a bit.
PalmAddicts led off this morning with an article ‘I’m getting that nagging sensation again:

Don’t get me wrong: the iTunes compatibility is a non-issue in an era of 4GB SD cards and PTunes, and my cellphone needs are very modest. What really intrigues me, though, is that the iPhone is a real computer in a PDA format, but one that runs on gestures instead of a thumbboard. In essence, I’m seeing the iPhone as the logical successor to the T|X.

I’d also recommend taking a look at this whimsical conversatin between an owner and his Treo.
There’s also the impact of the announcement on the stock market in general, including Palm. Apple’s stock soars, all the other manufacturers tank. Granted, this is a short-term plot, but it’s telling. Apple’s stock is trading higher than ever (as of this posting, at around 95).
The excellent Treonauts.com does a side by side comparison of the iPhone vs the Treo 680. They make the comment:

the iPhone is primarily a consumer multimedia phone and not a business smartphone.

I have to disagree. The undercurrent is that the Treo is a ‘business smartphone’, and, frankly, it isn’t. The Bluetooth is so crippled as to be unuseable, the software suite is slow and painful, Wifi is a bulky and unwieldy bolt-on, and corporate network interraction is almost non-existent. It’s also hard to say that PalmOS is considered a business OS, when the alternative on the iPhone is… OSX – a fully featured, multithreaded, portable operating system.
Will the iPhone be a success? Undoubtedly. Palm has nothing in the wings to compete with it, and no other vendor has the design moxy that Apple has. I predict there will be a raft of new product announcements in the next 6 months until the iPhone is officially available as other vendors scramble to “Me Too!” their product lines, but in the end, the Treo will slide down into the also-ran territory, and the iPhone will take top slot as the preferred mobile platform for geeks and tinkerers.

Jabber: I return to the fold.

Quite a while back, I was a fairly avid user of Jabber, the XML based open source messaging system. This was mostly during the Yahoo / MSN / AIM / ICQ ‘instant messaging’ wars, where each company was trying to push their own system for the hearts and keyboards of the world.
It turned out apparently that marketshare in messaging really wasn’t the panacea they had all hoped it was, and the “YOU VILL USE OUR MESSAGE SYZTEM, AND YOU VILL LIHK IT!” approach many of the vendors were pushing has taken a back seat to other business models, like, say, making a good product.
I had no real need for a strong IM platform for a few years, as most of my communication was either done in e-mail or over IRC, but recently I’ve been spending a fair amount of time in IM with a my client down in New Jersey. As they are primarily a Microsoft shop, they naturally opted for Windows Live Messenger. With a somewhat heavy heart, I installed the Messenger client, and started using it fairly regularly.
In short, it sucks. First, Microsoft seems to be in this model of “Oh, we realize that the Windows interface is butt ugly, so we’ll redo the interface again, in sort of a hacked up interface-inside-an-interface model.” I first saw this with the Windows Media Player, which has an infuriatingly obtuse interface, while it tries to be ‘super-hip’. WLM is just as bad, but it tries to be an effective business tool (shared whiteboards, VOIP, etc) while also trying to be something kids want to play with (online games, cute icons and sounds, etc). The resulting mishmash makes me feel like I’m trying to do business over a speak n spell.
It was time to go back and see if I could use the MSN network, which my customer was wedded to, with a client that didn’t suck. A few years ago, this was problematic, as the various IM providers were occasionally blocking certain servers from connecting. (AIM is in fact still doing this for the big public Jabber servers, and Yahoo has a long history of actively blocking non-Yahoo clients.) Recently, the IM providers have backed off their rabid territorialism, and third party clients are easier to work with.
I once again considered multi-protocol clients such as Trillian and GAIM, but to me they solve the problem the wrong way. They make one piece of software that can talk all the different server protocols. Jabber does it differently. It’s up to the SERVER to connect to all the providers. You just need to run one client that talks Jabber, and the server does the rest.
My Jabber server has been running without maintenance for over a year, and I was using it occasionally for Yahoo and AIM connections, but now I needed to make the MSN gateway active as well. Fortunately, it was just a matter of apt-getting the msn gateway tools, and enabling it in the server configuration.
Now I’m back – I have a single Jabber client (at the moment I’m using Exodus, which IMHO is the best Jabber client on Windows), and it is happily showing me contacts from MSN, Yahoo, AIM, and Jabber. My old contact lists happily repopulated (they’re stored on the server, not on the client), and off I go.
It’s been pleasant to note that other services are coming onto the Jabber network, including Google Talk (A jabber system), and LJ Chat for the Livejournal folks – also Jabber.
And, as I type this note, I’m getting messages from the MSN-based folks I mentioned earlier, and Exodus is happily showing them as simple Jabber messages. Joy!
Are you on a Jabber network? Say hi! My Jabber ID (JID) is ‘dbs@jabber.stonekeep.com’.

GM gets closer to a decent EV car.

Now this is a GM product I might actually buy. And I ain’t talkin Genetically Modified.
At the Detroit Auto Show, GM has unvailed the ‘Chevy Volt’. It’s somewhere between a concept car and production, in that they’ve hired a line manager for the vehicle, but they’re having problems finding a supplier for the 100,000 mile Lithium Ion battery.
GM is calling it a ‘Plugin Hybrid’, but to me that’s a terrible misnomer. It’s an EV car with an onboard generator. It’ll run about 40 miles on full battery power, at which time the engine kicks on and starts recharging the batteries. It can plug into wall outlets and recharge in about 6 hours. The onboard gasoline / ethanol engine isn’t even mechanically connected to the wheels, it simply runs a generator.
And, it doesn’t look so bad either!

Tea Pahtay…

I know this has been scattered around the net a few times, but it still cracks me up, seeing as I’m dead in the middle of all this preppiedom.
[youtube http://www.youtube.com/watch?v=PTU2He2BIc0]

Keystone 0.90.20 released!

After spending a ton of time hacking on Keystone, I decided to drop a new release. Info on it is on the new page at Stonekeep.com.
I’m really looking for bug and stress testers. If you’ve used ticketing systems before, and want to run Keystone through and open up bugs and issues, I’d love to have your help. Let me know!

The bullet that whizzed by.

Well, a few days ago I mentioned a problem I had with ‘yawl’ involving a blown hard drive. Fun this wasn’t, and unfortunately I was so swamped with work, I didn’t really have a chance to work on the machine, so it sadly sat, turned off, while I wrestled with the vagaries of Java and EJB3.0.
With some slack time this weekend, I set about seeing what I could recover from the smoking ruin that was the 20gig drive in the machine. Booting the machine revealed only ‘Grub loading’ then ‘Error 17’. Many folks on the net have said this is a blown bootloader, usually happening after a failed upgrade. I know I hadn’t done any upgrade, this was something more serious.
But what to do about it? I couldn’t boot it, it was time to go for a repair CD. Fortunately, I had some experience using the Sys Rescue CD, an opensource toolset that fits on a CD (in fact it’ll fit on a flash drive), and contains most tools an admin will need to repair or maintain a system that has had Something Bad happen to it.
One burned CD later, I had the machine booted. cfdisk happily reported “You have a nice 20gig partition that’s empty! Want to install anything to it?” Not an auspicious start.
I could not mount the faulty partition, so really the only thing to do was to hand it over to fsck and mutter a few incantations.
fsck had a grand old time with the filesystem repair. First indications were good – it actually found the partition, and said there were files on it, though one of the two superblocks was completely missing (linux filesystems have a primary and a backup superblock – sort of the ‘master directory’ for the partition – for just this reason). Without the backup superblock, the entire filesystem would have been gone. Phew.
A good 20 minutes later, after much gnashing, queries about whether I wanted to fix the deallocated blocks and other fun filesystem issues, I had a mounted, readable filesystem. The SysrescueCD is a fully functional single user Linux environment, so I could mount, manipulate, and archive the newly repaired filesystem. I don’t trust it to run on its own – the damage touched just about every open file on the machine (including things like kernel modules), so I doubt the machine is stable. But, I could bring up the network interface and copy off my ~/docs/ directory – where I keep all my business documents. I had a backup of it, but it was quite old.
I feel a lot better now that I’ve gotten my important documents off the machine. The next step will be determining what to do with the box. I’ve already received a replacement 160gig drive I’ll be installing (nothing like an 8x space increase!), and I’d like to archive some ‘less critical, but still nice to have copies of’ files, but for now, I just barely ducked that bullet.
NB -interestingly, this is the only mildly catastrophic hard disk failure I’ve -ever- had. The only other recent failure I can think of was dropping poor hunter while at band practice. It twitched the drive, which I replaced. But I consider laptops to be ‘volatile’ environments, and everything was backed up – no loss. I suppose I should be knocking wood everywhere, but I prefer to think I’m careful enough and don’t do Stupid Things with my machines.
Or maybe this is pure hubris. I gotta go run my backups.

ZoobTube for RadioParadise!

This is pretty durned cool. A fellow has whipped up a sort of digital kaleidoscope that streams audio from Radio Paradise and generates a topical video montage using video from YouTube and images from Flickr. Sometimes it’s rather striking, sometimes it’s just weird.
Check it out at DionLeroux.com.

Comcast FTW!

I’m generally not a big booster of Large Horrific Corporations, but it sure feels somewhere along the line, The Man figured out that customers are happier, when they get good service. Monopolies are stronger when their customers aren’t grouchy all the time.
So it is with mixed feelings that I cast my blessings upon Comcast, who seems to have finally gotten the ‘support the client’ thing down pretty well.
The setting – I needed a cable tuner box. My MythTV project had hit a snag with the de-stabilization of deathstar. I wanted to be able to actually watch TV, but without a functional PVR, I was sort of hosed. Ah well, time to ask Comcast for a tuner.
With trepedation, I went to their website, was pleasantly surprised to note it was uncluttered and easy to navigate, moved to ‘contact us’, and found, huh! “Start a live chat with a service representative”. Okay, I really dislike talking to support on the phone, lets give it a try.
Sure enough, within a minute I was in a java-driven chat applet with a rep, who happily upgraded my cable service, and scheduled a time for the comcast guy to come out and install the new cable box.
But that’s not what I’m hear to talk to you about.
I’m hear to talk to you about two nights ago, when the cable stopped working. Got the guide, no picture. Time for another chat! As I’m describing the problem to the rep, he asks that I check the cabling. While I’m walking over to the TV, VOILA! Instant image and picture and sound. I hadn’t touched -anything-. It just came on.
*typetype* “Okay, did you do that?” rep: “Do what?” “The TV just came on, and I’m getting video and sound fine.” rep: “Ah, yes, I sent a reset signal to your cable box and told it to re-initialize.” “It worked.” “Great!”
Surreal, yet oddly satisfying. I have other issues with Comcast (for instance they have deliberately blocked the firewire port on the tuner box so MythTV cannot record digitally. Grr.) But for now, things seem to be working. Next step will be most likely upgrading the settop box to support 16:9 off the wire (at the moment it’s stretching things to 4:3). But that may wait a while.

And a fine good morning to you too.

Well there’s truly no great way to celebrate the post-consumerist-feeding-frenzy joy that is Boxing day than waking up and settling down to get some work done, and finding out that at some time during the night yawl seems to have blown it’s drive.
As things stand now, yawl is not my primary work machine (clipper is), so I’m not horribly inconvenienced. But I did have things archived on there I’d like to back up, and yawl was also the host to the external drive that is the backup for boomer, our big colocated server. But most importantly, yawl also acts as my music streamer from Radio Paradise. This, of course, ups the priority quite a bit.
Ah well, time to download a new System Rescue CD and see if I can at least copy some files off the drive.

A small advancement in photography

For the last year or so, I’ve been contemplating what my next stages in my pursuit of photographic excellence will look like. I’m not quite ready to take the route Terry was able to go, and Diana has been going for a while – I just can’t plunk down the $500-$1000 I’d need to get a decent DSLR rig, so I have to make do with what I have.
My primary camera is an Olympus C770, about as good a camera as you can get without going DSLR (well, it was when I bought it two years ago). I like the large lens area, optical 10x zoom, and expandability. I knew all along that one of the weaknesses in the small handheld cameras (and, in fact, with many DSLRs as well), is the built-in flash is too ‘hot’ for most low-light indoor photography. Subjects come out over-exposed and washed out. I knew this was going to be an issue, and one of the things that attracted me to the C770 was the inclusion of a ‘hot shoe’ – a mount point for an external electronic flash.
I finally found a combination flash, cable, and bracket mount on eBay and picked up the whole shebang last week. I was a little cautious because it seemed quite the overkill arrangement for such a small camera, but I’d also seen the great shots that had been done with a bounceflash on my father in laws Nikon 990 a few years ago. He had also accessorized the (then) rather small-lensed and small-bodied camera with a bracket and flash, and came up with quite nice pictures with proper lighting.
After assembling the whole thing and testing it out, I cast about looking for for a subject. Zach was lounging about playing on the Gamecube… ahh, a stationary target. It was night time, so the light was low, though Zach was sitting under a set of fairly ‘hot’ halogen lights, but I was able to take a good set of comparison pictures:

The left hand shot is using the internal flash built into the camera. It is ‘okay’, but suffers from the washed outtedness that derives from the small hot light source. The picture on the right is using the bounce flash against our white ceiling. There’s also a fairly good redeye system in the flash that I’m looking forward to experimenting with.
So far, I’m pretty happy with the results. The rig is a little bulky, but I’m fairly sure I can break it down into my camera bag. I’ll do more experimenting shortly. Onward!

In which our hero succumbs…

Oh fine. I finally broke down and did it. I realized that I had a couple places where I was posting sort of “wishy” lists. Movies I was looking for, other toys. But, ya know, there’s a perfectly good site for managing wishlists for DVDs and books.
So, without further delay, I give you… my Amazon.com wishlist. Clicky on the graphic to view in all it’s geekiness. Do with it what you will.