Jason Antman's Blog

Priorities

noreply@blogger.com (Jason Antman) — Tue, 04 Nov 2008 23:20:00 +0000

Why is it that Rutgers cancels classes hours before a football game, and surely would if there were classes during Super Bowl times... but both of my classes were scheduled to meet on election night???

Finally - CSS for Printing

noreply@blogger.com (Jason Antman) — Mon, 27 Oct 2008 22:55:00 +0000

It seems like it's taken forever. I don't know how many times I've struggled with web apps that I wrote for the ambulance corps to try and get printed output correct. I've done everything from generating PDFs, doing screen captures of a browser and printing as a PDF, to things as crazy as trying to print schedules directly from the server, where they're setup as postscript.

I just happened to be going through my news in Google Reader and found some interesting W3C draft standards for CSS Print Profiles and CSS3 Paged Media Module. Finally, after waiting for literally years, there will (from the way it looks) be a way for me to specify, in CSS, the page size - and more importantly, orientation - and have something print correctly.

Perhaps the end of me having to manually print ambulance corps rosters, and then set the print settings back to landscape and 73% scaling for the schedule, are finally going to be over!

C'mon, Mozilla, I'm counting on a quick implementation once they're finalized.

My biggest problem with Linux

noreply@blogger.com (Jason Antman) — Mon, 27 Oct 2008 20:27:00 +0000

For one of my wonderful classes, Internet Security, I'm doing a presentation on "patch management". While I'm obligated to cover Windows - and, of course, will talk about MacOS - I'll obviously be spending a good deal of time on the Unix/Linux side of things. This has gotten me thinking about one of my biggest problems with Linux (and specifically OpenSuSE, my usual default distro. Patch management is utterly awful.

Here's the problem: I have about a dozen machines under my control. I need to keep them all up-to-date. Currently, I manually do patches and upgrades via YaST or zypper. I thought about scripting this through zypper, but that doesn't make any sense - the packages on the machines are far from homogenous, so there's no clear way to make one script that updates them all. I considered using Puppet or CFengine or something of that sort, but that's too heavy-weight for me - for only a dozen machines, many of which are personal or development only, that's a lot to keep track of by hand, and a lot of work defining which patches should be applied, and which machines shouldn't be changed.

My other peeve is distribution upgrades. About three of my machines are still running OpenSuSE 10.0 or 10.1, both of which are unsupported, and no longer even have downloads available. Why? Becuase I've done major OpenSuSE upgrades before, broken a LOT of stuff, and I simply can't risk that on machines that can't stand extended downtime. This process *needs* to be made easier. Bottom line - it should be made no more difficult or unreliable than a kernel upgrade. IMHO, the biggest selling point for Solaris is its' ability to do a total upgrade to a second partition, and switch-over at runtime. Why doesn't Linux (or SuSE) have this yet?

What's my ideal solution? A curses application that uses text-file backends (curses so I can run it over SSH even if I have a slow link or high latency, like from a SSH session on my cell phone, if need be). The app would allow me to list all of the machines I want managed. It would connect to the machines over standard SSH, and would leave an extensive audit trail of what's done, both on the management console and on the machines (as well as running as a dedicated user). The application would maintain an inventory of all of the packages on every machine. It would check daily for new patches/updates to any of those packages, and e-mail me a daily summary of what's new, including all dependency changes, and which machines need the update. It would also allow me to define, on a per-machine (or per-group-of-machines) basis, rules for packages that must stay at their current version - i.e. I have a bunch of PHP4 apps, so machine X needs to stay at PHP4. The e-mail summary would include any packages that aren't going to be updated for a specific machine because of dependency/version rules, as well as warnings about any new packages that have a dependency that has a rule set. I could then run the main curses app on my admin machine and, starting from NO selections, select which updates I want to apply and whether I want to ignore or create new rules to keep something at its current version, on a per-machine or per-group basis. This curses app would generate a file (XML?) of what to do (which would also be generated or edited by hand, easily). The XML file would then be fed into a script that downloads all of the needed packages to a central (local) mirror (or, optionally, for remote machines, has them download locally on the machine), checksums them, and then installs them (running commands over SSH) on all applicable machines. It would then keep a log of all changes, both on each machine changed (in a master changelog file) and on the central administrative machine. Most importantly, the curses interface would have a simple, quick way to back out any specific update or group of updates for all machines, a group of machines, or one machine. All data needed to back out a change would be kept on each machine (say, cleaned up at the next update of that package and all of its' dependencies) with machine-readable instructions kept in a central file, allowing local rollbacks - i.e. a machine goes down, I realize that it was because of an update to package X, and on the local machine I can check the changelog, see an entry like "Package X updated 1.0.0 to 1.0.1 on yyyy-mm-dd, Change ID 1234" and then, to rollback, simply issue a command like "patchmgt rollback 1234" on the effected machine.

Just some ideas, and a little rant.

T-Mobile G1 (Googlephone) and VoIP?

noreply@blogger.com (Jason Antman) — Mon, 27 Oct 2008 13:12:00 +0000

So... what's the deal? Will anyone come out and definitively say what the fate of VoIP is?

From what I've read, there are two distinct issues:

The ease of developing VoIP applications on Android, given the lack of a SIP stack.

T-Mobile's shunning of VoIP over their 3G network.

Android - obviously, if we want to see VoIP apps on the G1, Android needs to support SIP. And the best way to do this is with real, native OS support. Even if VoIP possibilities are limited to WiFi, still, it would be nice to have SIP support and let my cell double as a WiFi VoIP phone... even if handoffs between APs are still nearly impossible. The next question that begs to be asked is how well such a third-party app can integrate with the phone. Will the user experience of receiving a VoIP call be substantially similar to that of receiving a normal phone call?

T-Mobile 3G - I've read, so far, that T-Mobile "does not support" VoIP over their 3G network. What's this whole "does not support" thing? I'm still a bit confused about how their 3G network works... do they actively block 3G, or just not enable it? If the latter, doe this mean that other "non-standard" things, such as SSHing to a non-standard port, won't work? Does this mean that there will be other heavy restrictions on what types of data are sent over the network?

What about tunneling SIP/IAX/whatever else over SSH? Will the G1 be capable of handling that at a relatively good speed?

I've read that the G1 "can't" be tethered. WTF? Firstly, what is this "can't" thing? Couldn't a developer just write an app that's essentially a proxy server, that proxies from some sort of USB-based wired connection to 3G?

Unfortunately, as has been written many times already, less than a week from the G1's release, it seems that the openness touted by Google and T-Mobile is much less than that. With all their claims of openness, I'd expect a phone that will do anything - especially not be locked to one carrier, given Google's history of opposing that (their bid for 700Mhz) - and a data plan that would allow anything over the air that my home ISP will allow over the wire.

Google: Have you forsaken all of your stated ideals at the prospect of making some cash off of a phone?

Update

noreply@blogger.com (Jason Antman) — Fri, 24 Oct 2008 17:50:00 +0000

It's been a long month and a half or so. A bunch of new projects at work (and interviewing for a full-time position) and lots of school stuff, all on top of having my truck stolen, dealing with insurance and the police, and then recovering it, and dealing with insurance again. It's a long long story, which I posted as a Note on facebook.

PHP EMS Tools is due for a major revision, and hopefully this will include, among other things, the following new features:

Support for i18n.

Install-time choice of using MySQL or LDAP as a roster and authentication storage system.

Some vastly more efficient changes to the database schema, specifically dealing with scheduling.

I'm still working on some other big projects, namely the migration of this blog to WordPress, the migration of JasonAntman.com to some real CMS (Joomla, Drupal, etc.), and migration of my home internet connection from residential FiOS to "business-grade" Optimum Online (cable) - which will probably see a slight decrease in reliability from the amazing levels of FiOS, but will give me five static IPs and no ports blocked.

On the other hand, there's been a wrench thrown into all of my plans for big projects (not even mentioning the projects that have been cast aside - TuxTruck, tuxOstat which is now down, and a bunch of others. That wrench is the T-Mobile G1, the GooglePhone finally come to fruition. I was psyched about Android when I first heard about it, and the idea of finally having a phone that I can develop for without learning a new language sounds amazing. I'll admit that at $180 with a 2-year contract, plus $80/month for service (split about 50/50 between the voice plan and the unlimited data plan) it doesn't make the best financial sense for someone whose car was stolen and now has 2 vehicles - only one of which I can afford - but I'm really excited. I've heard some not-so-good things about the quality of the GPS, and some of the apps currently available, but within a few months, I'd assume that the effects of open development will cause it to greatly surpass the functionality of my current Treo 700p, running my beloved Palm OS (which I've been dedicated to for the better part of seven years).

While the all-around flexibility of Android and its' apps is definitely one of the biggest selling points, my own interest is mainly in the ability to quickly develop Java apps that bring my already-existing web-based forms and data to the desktop of my phone. It's the simplicity that is my biggest interest - even for simple purposes, like converting the web-based fuel log I keep for my car(s) to a dedicated Java-based form on my phone.

Stay tuned...

Interesting Links for 2008-10-22

noreply@blogger.com (Jason Antman) — Thu, 23 Oct 2008 10:00:00 +0000

the life of a sysadmin.

9 Must-Have OpenOffice Extensions | MakeUseOf.com

5 characteristics of security policy I can trust | IT Security | TechRepublic.com

Interesting Links for 2008-10-21

noreply@blogger.com (Jason Antman) — Wed, 22 Oct 2008 10:00:00 +0000

Microsoft: We're all 'mixed source' companies | Beyond Binary - A blog by Ina Fried - CNET News

The dying embers of Microsoft's IP claims against open source | The Open Road - The Business and Politics of Open Source by Matt Asay - CNET News

Village Telco

http://www.rowetel.com/ucasterisk/index.html

4fx, fxomod, and fxsmod Designs

Beer, Coffee, and a little DSP » Blog Archive » A $10 ATA

Build It. Share It. Profit. Can Open Source Hardware Work?

Slashdot | Microsoft Calls Today Global Anti-Piracy Day

Exclusive: Oil Immersion Cooling Goes Mainstream with Hardcore PC's Reactor | Maximum PC

The Risks Digest Volume 25: Issue 40

The Risks Digest Volume 25: Issue 40

LinuxJournal - NetBooks

noreply@blogger.com (Jason Antman) — Fri, 19 Sep 2008 18:28:00 +0000

Shawn Powers wrote an interesting article on LJ, Where Do YOU Send NetBook Users For Help?, which speaks about the myriad different distributions used on NetBooks (like the eeePC and its' brethren), many of which are significantly different from the usual mainstream distros.

My comment:

From a vendor's point of view, it probably seems a good idea. However, there are two major problems that I see in it. Firstly, while there aren't a gigantic number of people that can give aid with Linux, there are quite a few - especially in one of the hottest areas (that I've seen) for the eeePC, colleges and universities. Unless the vendor is prepared to offer high-quality OS and application tech support, they should do all they can to make use of whatever Linux support resources already exist. Ubuntu is becoming increasingly common, so the best move (in my mind) would be to re-brand Ubuntu, but keep the functionality the same, therefore making use of (arguably) a relatively large experience base, by Linux standards. If you're a hardware company, and don't focus on providing (software) technical support, the smartest thing to do is to try and maximize the amount of third-party software support that's available.

Secondly, and perhaps more importantly, we've finally started to reach a time when Linux is becoming standardized. Most popular distros follow (more-or-less) the LSB specification, and Gnome and KDE have become the accepted standards for pretty much all non-geek graphical environments. It's taken years to reach this point, and the introduction of mass-market netbooks, many with their own customized distros, is not helping, nor is it smart on the manufacturers' part.

Perhaps the biggest problem is that the manufacturers themselves just see Linux as an OS that doesn't cost them anything, without seeing the big picture. If they truly understood Free software, they'd be working to improve on existing technology, while retaining the existing code as a base, rather than struggling to differentiate their offering. If I was to start selling Linux-based netbooks, I think the solution is quite simple, just by following the trends in the Linux world: sell a "business" version that runs RedHat or CentOS, maybe SuSE, and a "consumer" version that has Ubuntu (which, as far as I've seen, is the most popular with the non-linux crowd). Rather than trying to build my own distro and differentiate it from everything else, I'd build on what little Linux experience the general public has, by using the most common distros. If the marketing guys want differentiation so badly, that's the wonder of Free software - just add vendor-specific logos and a custom theme.

On a personal note, I've had an eeePC 701G Surf since December 2007. The *first* thing I did when I got it was create a 4GB SDHC card with a full install of my favorite distro, and set it up to boot from the SDHC. I haven't booted Xandros more than twice. Even the "expert" mode, which is somewhat like a normal desktop environment, is severely lacking in common tools, administrative tools, and security (the user separation is abysmal). I would've been much more happy to see it ship with a good install of Ubuntu, even locked down with a "simple" desktop for the default user. Things like sed, awk, grep, and an SSH server should be instaled on every Linux system. Also, just a theory - set each system to have a unique, randomly generated root password, and print it on a label on the bottom of the machine.

Interesting Links for 2008-09-18

noreply@blogger.com (Jason Antman) — Fri, 19 Sep 2008 10:01:00 +0000

S. 3325 Passes Senate Judiciary | Public Knowledge

New Project - Blog Migration to WordPress

noreply@blogger.com (Jason Antman) — Thu, 18 Sep 2008 17:49:00 +0000

For quite some time, I've been frustrated with Blogger. First of all, its' publishing system is horribly inefficient. As everything is static HTML, at this point, writing this blog entry alone will require it to re-publish approximately 6 MB to my server. Seems sort'a pointless. Not to mention, it doesn't allow any of the stuff that I really want, such as multiple categories with per-category RSS, or good searching. It also means that, though this blog is hosted on my own server, I'm dependent on Blogger to add posts.

I'm still horribly busy dealing with insurance companies and the police in relation to my stolen truck, as well as looking around and trying to figure out what my next vehicle will be, and how much I can spend on it.

Anyway, I've decided that at some point in the future, I'll be migrating to WordPress for the blog. It will, of course, be hosted on my own machine, and will hopefully also include a migration of everything from this Blogger account. And, somehow, will include some sort of redirection from old posts to the relevant new ones. Most importantly, though, I plan on deferring the project until I get my multiple static IP service from Optimum Online, as the new blog (and the rest of my subdomains) will be moved from GoDaddy forwarding to their own subdomains setup as Apache name-based VHosts.

Stay tuned for progress updates...

Internet Security, Microsoft Lies

noreply@blogger.com (Jason Antman) — Wed, 17 Sep 2008 04:24:00 +0000

Internet Security

So, this semester I'm taking a class on Internet Security. Our textbook is Management of Internet Security, 2nd Edition by Michael E. Whitman and Herbert J. Mattord. It seems pretty basic, and very much focused on the management side of things (as opposed to technical). The table of contents is as follows:

Introduction to the Management of Information Security

Planning for Security

Planning for Contingencies

Information Security Policy

Developing the Security Program

Security Management Models and Practices

Risk Management: Identifying and Assessing Risk

Risk Management: Assessing and Controlling Risk

Protection Mechanisms

Personnel and Security

Law and Ethics

Information Security Project Management

Now, given that it's really a "management" book, I can't say I'm surprised that it reads like an essay that was graded on a scale of buzzwords-per-sentence. However, it seems to be missing the one chapter that's the most important - actually, the only chapter that would be in the book if I wrote it - "How to get management to allocate the money you need for proper security." In fact, skimming over the book, I found a lot of content on general management planning, job descriptions, sample policies, and a lot of other pie-in-the-sky stuff, but not one concrete section dedicated to the most difficult part of security - getting the "resources" to do it right!

Microsoft Lies

Why we would spend time analyzing corporate mission statements in an Internet Security class, I have no idea. That seems, to me, too much like what we covered in "Management of Technological Organizations." But, we do, and one of the examples used is Microsoft's Mission and Values statement. Perhaps, being the F/OSS advocate that I am, my reading of it was a bit cynical. Let's take a look at it.

"At Microsoft, our mission and values are to help people and business throughout the world realize their full potential." Well, we're off to a good start. Aside from the fact that they want you to realize that potential using only their software, and use their power and money to actively monopolize (or attempt to) most industries that they enter, this seems pretty run-of-the-mill.

Corporate Citizenship: "Every successful corporation has a responsibility to use its resources and influence to make a positive impact on the world and its people. Microsoft’s Global Citizenship Initiative is focused on mobilizing our resources across the company and around the world, to create opportunities in the communities where we do business, and to fulfill our commitment to serving the public good through innovative technologies and partnerships." Well. Now we're getting somewhere. Apparently "a positive impact on the world and its people" is defined as trying to monopolize every sector that Microsoft touches, whether attempting to crush and then buy-out the competition, or through flat-out FUD and billion-dollar marketing campaigns. Hmm... innovative partnerships... as in Novell?

Legal and Corporate Affairs: "Microsoft’s Legal and Corporate Affairs Group works on the cutting edge of business and regulatory issues around the world." Well, I can't argue with that, they sure are on the cutting edge. What started with Bill Gates mailing out whiny letters about pirated Altair BASIC has now turned into a global juggernaut, capable of forcing the creation of ISO standards at their whim, and successfully quashing any dissent about obviously flawed and under-reviewed "standards" (which, in fact, simply describe current software, rather than setting any real standard).

Values: As a company, and as individuals, we value integrity, honesty, openness, personal excellence, constructive self-criticism, continual self-improvement, and mutual respect. We are committed to our customers and partners and have a passion for technology. We take on big challenges, and pride ourselves on seeing them through. We hold ourselves accountable to our customers, shareholders, partners, and employees by honoring our commitments, providing results, and striving for the highest quality.

integrity - i.e. not creating a draft ISO standard and then offering monetary incentives for acceptance.

honesty - when it works. Intentionally making Vista-Capable labeling so ambiguous that it even confuses Microsoft executives? Fine.

openness um... did they seriously say that? Openness like... protocol interoperability? Standards that can be implemented without patent violations? An "Open Specification Promise" that doesn't come with a three page FAQ? Nope. Not Microsoft.

constructive self-criticism - Ok, I'll give them this one. They do, rarely, criticize themselves. Though "constructive" usually means making comments about the poor design of a previous product, and suggesting that everyone upgrade to the new version.

continual self-improvement - I'll give them this one too. In fact, they're so crazy about it that they've been improving the same codebase for decades!

mutual respect - See above.

We hold ourselves accountable to our customers - Ok. They are offering to allow users to downgrade from Vista to XP.

striving for the highest quality - I don't think so. They're striving for products that have the highest market share. As long as the quality is acceptable to the majority of users, and the products do what the majority of users need, that's fine. But wait... apparently they even missed that goal with Vista.

This is just the opinion of one person. My motivations may be diverse, and surely there's a bit of zealotry in there. After all, if Ford told me I couldn't put fog lights on my car myself, I had to bring it to the dealer and pay $400, I'd stop buying their cars - and make sure everyone else knew what they did. But there's also my ever-present desire to make sure people know both sides of the story, and all the facts. The mainstream media (specifically dumbed-down television) rarely reports on the less cheerful side of Microsoft, like the ISO "standard" scandal, or the Vista letters, or the Vista-Capable fiasco. And I find this to be horribly disturbing. Many people don't realize that there are alternatives to Microsoft products, even ones that are provided by such big names as Sun Microsystems and IBM. But, most striking, is Microsoft's overwhelming monopoly. Windows' market share is currently 90.66% or higher. I ask you, what other industries which affect not only consumers, but nearly every aspect of our daily lives (as computing does) would be allowed to have such a monopoly? It has happened in many other American industries - oil, steel, the railroads, telephone service. Where is the government now?

What happened to the America that made massive monopolies illegal? Have we forgotten a supremely part of our history that began in 1980 with the Sherman Act? Or even the recent events with Bell? In order to truly stimulate competition in the software industry, and provide for not only choice but the improved quality, reliability, and security that comes with true software competition, something needs to be done. For starters, how about breaking Microsoft into separate entities - browser, Office, OS, server, etc. And - the important part - preventing any package sales, discounts, or bundling between the separate types of software (and separate companies).

Delicious Problems? 503

noreply@blogger.com (Jason Antman) — Mon, 15 Sep 2008 17:47:00 +0000

I don't know if I'm the only one experiencing this, but this is the third time in two days that I've gotten a 503 when trying to view my bookmarks on del.icio.us. This is posing a problem, as I use the service to keep my bookmarks in sync between five computers.

As of the time of this post, I'm able to get to the site again, but I was unable to get there - or update my bookmarks on my main workstation at work - for about ten minutes.

Going away for a while

noreply@blogger.com (Jason Antman) — Sun, 14 Sep 2008 21:58:00 +0000

Unfortunately, my truck was stolen this past Friday while at work. I probably won't be posting much in the neat future, as I'm going to be quite busy trying to get things back together (insurance, etc.) while also working and taking classes.

Hardware Inventory System

noreply@blogger.com (Jason Antman) — Fri, 12 Sep 2008 18:01:00 +0000

After a few crazy weeks at work, the pay check is finally here, and I've decided to allocate some of the money to hardware upgrades of my personal machines. While Nagios gives me a good idea of where performance is a problem, I'm still running a large amount of "legacy" hardware (my home router/firewall is a 350MHz P-II desktop) and hardware age is a significant factor in my upgrade plans.

So, I set out looking for a program (most likely some backend scripts that dump data to MySQL, and then a PHP front-end) to perform a hardware inventory - essentially, run a script on each box, find out the system details, and dump it in a DB. Now that my pool of upgrade candidates is above a dozen machines, at multiple locations, some of which are single-use boxes often neglected/forgotten, doing this in my head isn't the easiest.

So, while I've been googling and searching some mailing list archives, I'm also developing a set of requirements.

The chief requirements:

Ability to run a script on a remote machine and have the results returned in a meaningful format. Most likely, a single script, run as root (SUID or sudo) that returns nice, formatted, SQL-ready results (so the parsing of platform-specific command output will happen on the client, with every client returning a normalized data set).

Ability to track hardware changes - i.e. disks swapped from one box to another, NIC replacement, processor upgrade, etc.

Each piece of hardware tracked individually, allowing future support of fully tracking components, spares, etc.

Support for future barcoding of components and physically-performed inventory.

Some of the data that I'd like collected:

Data on a machine stored by chassis vendor name and serial numer/service tag.

Hostname associated with each box.

Architecture, number of CPUs/cores and type, model, speed, socket (for upgrade planning/ordering).

Motherboard model/manufacturer, serial number, HW and SW/FW revisions, manufacture date.

Storage (internal & directly connected external) - type, interface, capacity, specifications/manufacturer and model.

Amount fo RAM, type of RAM, and configuration of cards (number of empty slots).

PCI card configuration - number and type/mfr/model of cards, as well as number of empty slots

For all NICs - MAC addresses, current IPs, as well as link type/speed and connected switch/port.

I'd also like some level of software inventory, especially for those machines that may be running "forgotten" services:

nmap scan results.

OS-generated list of running services, with GUI including a blacklist of "default" services not to be displayed, and possibly also cross-links to Nagios status.

Possibly a parsed output from ps, using a blacklist as shown above.

If a firewall is running on the system, a list of all open ports.

I'll be checking out some options today. Unfortunately, I have a feeling that there's most likely nothing that supports my requirements, and I'll probably end up implementing a lot of this myself.

Microsoft and Novell Deliver Joint Virtualization Solution - or do they?

noreply@blogger.com (Jason Antman) — Thu, 11 Sep 2008 16:40:00 +0000

From PRNewsWire: Microsoft and Novell Deliver Joint Virtualization Solution Through Partners. The headline of the press release: "Supported by Dell and other channel partners, solution includes SUSE Linux Enterprise Server running as optimized guest on Windows Server 2008 Hyper-V."

Now, maybe I'm not up on the news regarding my favorite distribution, but it seems to me that a deal allowing SuSE to be virtualized as a guest under Windows is not only "joint", but plain moronic. Despite the marketing efforts of Microsoft, Unix-based systems (including Linux) have always had the upper hand in availability, reliability, and performance.

I must say, from what I've heard, Windows Server is getting *much* better in these areas - and I've even heard that the latest version includes an option to install without a graphical environment, and even includes a command-line that's useful. It's about time.

However, it seems to me, that any virtualization deal between Microsoft and a Linux distributor can provide only one logical solution: Windows Server virtualized as a guest in a high-availability Linux host. More importantly, without the insane per-processor licensing - a per-VM instance license that's hardware-agnostic and allows VMs to be migrated across hardware as the admin sees fit.

Oh, and one more insight. If Microsoft wants to be a serious player in the virtualization arena, here's a few "simple" steps:

Get Windows Server to work correctly under Xen, VirtualBox, etc. Certify it. Provide the correct guest OS tool packages

Provide simple management of Windows in a virtualized environment - minimally, a standard SSH server that's compatible with OpenSSH, a GUI-less environment, and a serial console.

Get rid of per-processor licenses. Provide a basic license that allows for, say, 10 VMs to be running at once, and allows as many installs as needed - the only licensing is based on the amount of VMs actually running. i.e., if you have 10 VMs and one gets corrupted, you can bring that one down and online a back-up image, without violating the license.

Make licensing processor-agnostic. Want to migrate a Xen VM (Windows guest) from a dual-core Pentium to an 8-core Xeon, or even a 16 processor SPARC? Sure, no problem.

eeePC stronger than ever

noreply@blogger.com (Jason Antman) — Thu, 11 Sep 2008 04:55:00 +0000

It seems like every time I open up my Google Reader account, there's news about another company that released a knock-off of my beloved Asus eeePC 4G Surf (701) (interestingly, it looks like eeepc.asus.com is down at the moment of writing). Even Asus has released numerous (I think the product like is now up to about 10 variations) follow-ups to the 7" beauty, now up to 10" in size (though, admittedly, I'm less-than-enthused about their Windows models).

With the new semester here, I am (unfortunately) back in class. And I'm very happy to report that I'm starting to see eeePCs in more and more hands. Granted, my classes are in the IT program, but I was quite surprised last night to be sitting in my Internet Security class and notice no less than four eeePCs in a class of about 25 people. While I've just relegated my own 4G to my server room bag, replacing it with a (used, surplus from work) IBM ThinkPad T41 (14.1" display, 1.4GHz Pentium, 768MB RAM, and a DVD drive). Though my heart sank when I found that half of the eeePCs were running Windows, it seems that in my travels around campus, I'm seeing more and more eeePCs, and more laptops running Linux.

While the academic world has surely embraced new technologies, and non-mainstream technologies, quicker than other sectors (specifically considering Linux and the apparent popularity of the eeePC), it's definitely a good omen. Seeing non-geek, and perhaps even non-CS and non-Engineering, students using Linux speaks quite well for the expansion of the Linux user base when these students graduate and enter the "real world"

Possible Downtime this weekend

noreply@blogger.com (Jason Antman) — Fri, 05 Sep 2008 04:03:00 +0000

Tropical Storm Hanna is expected to reach the New Jersey area on Saturday, September 6, 2008. The latest predictions as of 20:00 September 4^th call for winds from 30-60 MPH and rainfall possibly in excess of 5 inches, at a rate of 1-1.5 inches per hour (as per the Bergen County Office of Emergency Management).

In light of this, please be advised that JasonAntman.com may experience some unscheduled downtime - mainly due to the fact that my internet connection (Verizon FiOS fiber, right now) is run with suspended pole-to-pole cables. If this does happen (and power is still available) I'll make an effort to use the downtime as best as possible.

LIRC and Hauppauge PVR-150 on OpenSuSE 11.0

noreply@blogger.com (Jason Antman) — Mon, 01 Sep 2008 15:37:00 +0000

Well, despite what's been said elsewhere, it IS possible! It's a bit error-ridden at first, but here is the procedure that I used to compile and install the PVR-150 patched LIRC 0.8.3-CVS.

First, Download the tarball mentioned in the Version 3 blog post at Marks Braindump. You can pretty much follow his instructions on the installation in the blog post, with some changes that are specific to getting it to compile on OpenSuSE 11.

First, remove all traces of the OpenSuSE LIRC from you system. Uninstall the RPMS and everything else that goes with them. Then unload all of the kernel modules, especially lirc_i2c (if you have it loaded).

In your kernel source directory, run make oldconfig && make prepare.


In your kernel source directory, run make prepare scripts which, among other things, compiles the required genksyms scurript.

I was getting a compile error like "WARNING: Symbol version dump /usr/src/`uname -r`/Module.symvers is missing". Find out which kernel you're running (uname -r). In yout kernel source directory, copy your Module.symvers file from /usr/src/linux-obj. I was running i386 architecture with the "default" kernel, so mine was located at /usr/src/linux-obj/i386/debug/Module.symvers. Copy that into /usr/src/linux.
In the lirc (patched) directory, run setup.sh as instructed. DO NOT tell it to run configure - just save settings and exit.

Edit the generated configure.sh file, adding a --with-kerneldir=/usr/src/KERNELDIR, replacing KERNELDIR with the actual path to your kernel soruce (i.e. /usr/src/`uname -r`).

make. If no errors, make install.

I decided to reboot at this point, and when I did, everything worked perfectly.



Also, I found that I needed to explicitly specify --device=/dev/lirc0 when starting LIRC, as well as not specifying a driver. I just took the /etc/init.d/lirc from the official OpenSuSE 11.0 package, commented out line 108 in makeargs() that adds the -H $LIRC_DRIVER to the args, and added LIRC_DEVICE="/dev/lirc0" to the top after the INIT info.


Unfortunately, figuring out this process took me a long time. I've reconstructed these instructions from various post-it notes, the whiteboard next to my desk, and some bash history files and terminal dumps. If this doesn't seem to work for you, please drop an email to jason AT jason antman DOT com, with as much information as you have, and I'll figure it out and update the instructions.


Now, finally, an up-to-date system AND MythTV.



Linux, Choice, Updates, CitiBank issues
noreply@blogger.com (Jason Antman) — Mon, 25 Aug 2008 17:37:00 +0000
I know this blog has been less-than-active lately. Life has been pretty busy, between a massive network upgrade at the ambulance corps that I volunteer with, the impending doom of a new semester at work, scheduling courses, and a few personal projects. I do, however, have a long list of things to post, including some notes on my upgrade to Nagios 3, my recent experience with the PC Engines ALIX board, some changes to tuxOstat, and my plans to upgrade to Optimum Business cable with 5 static IPs - finally a real home for JasonAntman.com.

CitiCards Problems - I had a somewhat unnerving experience this morning. Having just gotten a Citibank credit card, and made my first few purchases on it, I browsed to CitiCards.com to check my account summary. I happened to be using a just-purchased IBM T41 laptop, running OpenSuSE 11.0 and FireFox3, so when I saw the page display and then go completely blank, I suspected a problem with my Flash plugin. Little did I know, but I tried the same page on 3 other Linux/Firefox machines, with the same result. I put in a call to the tech support line, and was gruffly informed by the representative that Firefox was not supported, they were unable to support it, and, to paraphrase, I should get another browser or f*** off. She was very well-aware of the issue, and stated that Citi would not fix it. At this point, I stated that I thought I would cancel my card, and she told me to have a nice day and hung up.

I decided to go to step 2 of the Generic Problem Solving Method, and found hundreds of references to a problem with CitiCards.com on Linux. I read through a lot of conspiracy theory, but decided to test one of the theories (and fixes). Sure enough, when I right-clicked on the blank white screen, I got a Flash context menu. Clicking "Play" showed the ad, and I was able to click the little "X" in the top right and bypass it, gaining access to the normal main page. Never to be one to ignore a conspiracy (or anti-Linux) theory, I pulled up the same page on a Mac. Sure enough, that particular ad (set not to play and with an opaque full-screen background) didn't show up. Hmm... maybe there's something to the theory put forth by the guy who said CitiBank is blocking Linux users.

I decided to call back, and this time spoke with Susan at CitiCards tech support. She was very understanding, and apologized for both the inconvenience and the previous representative's attitude. She said that she was aware of some issues with Firefox and Linux, but stated that they are only unsupported so far as Tech Support won't walk a customer using Linux or FireFox through any issue resolution, but that both the browser and architecture should, theoretically, work. She didn't know anything about a policy against Linux, or intentional blocking/sabotage. She did say, however, that they are "working on it". I did inform her that the problem could probably be resolved by simply editing the Flash ad to be properly transparent, or suppressing it for Linux architectures, though I doubt that the information will make its' way up the food chain. Unfortunately, I can't seem to find a contact email for anything site-related on CitiCards.com.

If this is really a case of intentional blocking, it would be quite infuriating - I filled out the application for the card on FireFox3/Linux... but then they block account access?

Hopefully more of an update tonight...


Interesting Links for 2008-08-06
noreply@blogger.com (Jason Antman) — Thu, 07 Aug 2008 10:00:00 +0000

The Hacker Key Guide (version 4)




Interesting Links for 2008-08-01
noreply@blogger.com (Jason Antman) — Sat, 02 Aug 2008 10:00:00 +0000

Last In - First Out: The crud moved up the stack

Greg Laden's Blog : Is it possible that the Linux Desktop is going to surpass the Mac in use? And why or why not?




Interesting Links for 2008-07-31
noreply@blogger.com (Jason Antman) — Fri, 01 Aug 2008 10:00:00 +0000

Teenager hacks together hardware for controlling your car via phone - Engadget Mobile




Massive Updates
noreply@blogger.com (Jason Antman) — Thu, 17 Jul 2008 17:28:00 +0000
I know I've been quite for a while. I've been quite busy. Unfortunately, due to changing priorities, there are a lot of projects I've been working on, but few of them have gotten finished. A sampling, in no specific order:


Migrating my network/service monitoring to Nagios 3, totally re-writing my config files to make use of the new features, and making one coherent list of all the services that should be in it and aren't.

Planning to totally re-wire all networking at the ambulance corps building to eliminate some problems. This includes building an 8U wall-mount rack, and also trying a PC Engines ALIX.2c1 board as a router (still undecided on WAN/LAN/DMZ or WAN/LAN/WLAN). It also means a long day of work at some point in the future, and lots of cable drops.

tuxOstat, the linux-controlled thermostat, is pretty much on the back burner. It's a stable beta with severely reduced functionality, but has been handling my cooling needs without any major bugs in the past month or so. It still only has a basic CLI interface and a very simple kludge of a web GUI, but it works. Other modes (heating, fan only), predictive temperature calculation, other temperature/zone calculation modes, and physical controls (buttons, menu on LCD) are still to come, as well as the move from PC to Soekris (if I can ever figure it out, and get one with USB). I now feel that an ALIX board might be a better shot, as they take CF (more space than the Soekris), have a slightly faster processor, and also support USB at about half the price point.

I'm considering moving my main web site to a CMS, and letting the wiki serve more as a knowledge base.

I'm working on patching together a new access point for the ambulance corps, based on Pyramid Linux. I needed something which would run on the Soekris net4526, had at least WEP, and supported some sort of captive portal. Pyramid has WifiDog, but that only wants to do local authentication or RADIUS, and I wanted direct auth to LDAP and MySQL logging. On the positive side, it just uses some PHP pages hosted under Apache to handle authentication - the WAP redirects the user to a login page on a (separate) web server, the user does their stuff, and then the WAP makes a request to the server to determine whether it should open up the firewall, keep the user locked down, or totally kick them. So, once I figure out some routing issues, I'll get back to working on the new project - BlackLabAuth, a re-write of the WifiDog auth server software that's geared towards a closed-access network (i.e. only people and/or MACs already listed in LDAP can login) with full logging to MySQL. I already have some code in CVS, but some issues with my development Soekris board have slowed the project for the time being. When finished, I'll have not only the new auth server available for download (with documentation) but also a ready-to-run (well, some configuration time needed, but minor and scripted) image for the net4526.

My desktop that I use for MythTV filled up its' disk. Totally. I ordered a cheap Syba SATA card (PCI) from NewEgg, along with a 500GB WD SATA-150 disk, but no luck. Though the card (Syba / Initio 1622 chipset, shows up as Class 0106: 1101:1622 (rev 02)) said it was supported under Linux, the driver CD mentioned nothing about it. Some investigation on the Syba website turned up a zipped archive. After extraction, I found a readme that gave (poor) instructions on how to re-compile a kernel, and warned that you MUST have 2.6.15. Oh well, I wasn't going to give up 2.6.16.27 (the newest RPM'd kernel for OpenSuSE 10.1). The standard drivers for it didn't appear until 2.6.25 or so. So... after many debates with myself as to whether I should blow away my whole MythTV installation and upgrade from the now-ancient 10.1, I decided that I'll only be in my apartment for another year, I should make it last. Some investigation turned up a $24 Silicon Image-based card that should work fine, and it's now in the mail...



I'm sure I missed something big, but I'll update as needed, and attempt to make it a daily habit to post something interesting or, at the very least, hard-to-find. After all, I'm sure that I use this blog and my wiki as an informational resource (my bad memory) more than anyone else would...



Interesting Links for 2008-07-09
noreply@blogger.com (Jason Antman) — Thu, 10 Jul 2008 10:00:00 +0000

Flickr Photo Download: Comparison of file systems - Wikipedia (Reiser4 kills your wife)




JavaScript and Emacs, and updates
noreply@blogger.com (Jason Antman) — Tue, 01 Jul 2008 16:09:00 +0000
Well, thankfully, summer classes are almost over (tomorrow is the last class). I have a big paper to write for one of them, due at the worst time possible - July 5th. The day after what is, probably, one of the busiest days of the year for the ambulance corps.

In follow-ups and news:

tuxostat has been running for nearly a month in my apartment, and appears stable, albeit missing many planned features, and with a sub-optimal interface (and no SNMP yet).

TuxTruck is still on the back burner.

I've been playing around with the idea of writing a new electronic patient care report system for the ambulance corps, to replace our current three-year-old system (written in VB .NET and running on Windows). It would probably be coded in Python, with a wxWindows/wxPython GUI. I'll start on a small demo version, but would like it to be fully modular, and eventually form a codebase for OpenEPCR.


Anyway, I've been doing a lot of work for my Building Data-Driven Websites class (well, alternate assignments, but still a lot of work). The latest project was an Ajax/DHTML calendar (view-only here, and in CVS, of course). Needless to say, this involved a lot of JavaScript work. To make it worse, I used a fair amount of sample code to get an idea of how to do things, and way too many of the snippets out there on the 'net are in formats that are quite unfriendly for pasting into an Emacs console window.

So, I happened to come by Steve Yegge's blog, with a posting on his JavaScript mode for Emacs. Not only does it seem cool, but it was also the only one I could find that does syntax highlighting and sane indentation (important for copied code snippets). So, I grabbed it from Google Code and - viola!