tags:

• exercise
• gym

Background: I work on computers for a living, and spend a great deal of time using them even when I’m not at work. I also don’t have any hobbies or pasttimes involving physical activity, so about the most physically strenuous activity I do in a month is walking up an escalator at a shopping centre or something like that. As a result, over time, I’ve put on visible excess weight, and my cardiovascular system has being going to hell (my blood pressure was measured as 140/88, with a pulse of 109; not exactly life-threatening, but…).

I’ve been meaning to do something about it for a while, and eventually got around to it – I started going to gym about a week ago. There’s a gym on my way to/from work, so it’s reasonably convenient, and they have a nice “introductory” program whereby get an an instructor that develops a program tailored to your physical needs, and goes through everything with you. So far, I have only spent around 70-80 minutes training, spread over three sessions. Nevertheless, the positive results have been spectacularly visible to me. I’ve lost about 1kg of weight, which isn’t noticeable at all, and I’m feeling generally less tense. I was terribly stiff after the first two sessions (especially on the second day after), but after the most recent session I was pretty much fine. I’m probably using some of these muscles for the first time in years, so a little stiffness is definitely to be expected.

Anyway, the area that it has made the most impact in so far is my energy levels. The continual tiredness that I’ve been experiencing for so long I can’t even remember when it started (certainly longer than a year) has disappeared, and I’m generally feeling far more energetic. Last night I only got about 4 hours of sleep which would have left me completely wiped out for the whole of the following day if I had done it two weeks ago. I’m still feeling 100% as I write this, though, which brings me a little thrill. I used to do this sort of thing regularly back in high school, and it’s a good feeling to realise that I can still maintain this sort of activity level; it’s just a question of physical fitness.

The long-term effects and progress I’ll make still remain to be seen, but I’m feeling very positive about the whole thing right now, and it certainly seems like I’m off to a good start. I’ll probably blog a few times about it over the next couple of months, as events unfold.

tags:

• security
• advisory
• hacking
• syrex

Dominic White drew my attention to this on a mailing list earlier today, so I decided to investigate. Syrex Intranets, an apparently small technology outfit, have a product they call SICS. It basically seems to be a customized Linux server installation that has all the bells and whistles that small business would want, with a web-based management system and so on. I’m guessing this product is responsible for the problem that I will now describe.

The first instance of this site I saw was KOSH Communications; their SICS management site is publically available. I’m only guessing this is provided by SICS, as there is no identification of this fact on the site itself. I ran across it with a google search that picked up publically available Squid logfiles, but didn’t take much notice of it. However, when someone else independently pointed out a separate site, the similarity in content, appearance, and domain name was evident.

So, over to Google; with a little effort, I was able to construct a Google query that will pick up all (or most) of these sites that are publically available. I’m not sure whether this is a configuration issue that can be fixed easily, or if it is a fundamental flaw in the “SICS” system; either way, at the time of this writing, that query returns 71 sites. You can view MRTG traffic graphs, Squid cache logs, mount/unmount the CD-ROM drive, and more from the internet, without entering a password or otherwise authenticating in any way. Syrex’s own site seems to be vulnerable, suggesting a fundamental flaw rather than a configuration issue.

It also has a copy of Unix Unleashed, including a copyright statement which they seem to be blatantly violating. In addition, many (all) of these sites seem to be hosted off ADSL lines with IP addresses located in the dynamic SAIX ADSL range, and as such may be violating the ISP’s AUP. I would strongly suggest that anyone using one of these systems take it offline, and contact Syrex right away to demand a fix.

UPDATE: Whoops, meant to link singe, so I’m now referencing him by name to make up for it.

UPDATE: Got a reply from someone at Syrex on 2005/08/18 saying that they’ve fixed the issue, and promising a more in-depth reply at a later stage. They also claim that “David wrote one of the articles in Unix Unleashed and is therefor not infringing on any copyright.” You can confirm for yourself that all of these sites now require HTTP Basic Authentication credentials to access anything except the front page, which seems adequate to me. I’ll continue to update this post as/when I received more information.

tags:

• telkom
• icasa

The saga so far: ICASA releases a report (link via Colin) in the Government Gazette with various findings from their investigation into provision of ADSL, ending with various recommendations. The report is received with widespread cheering and stupidity from clueless fanboys throughout the South African internet community. MyADSL post a news article describing a new wholesale ADSL pricing scheme that an “anonymous source” claims will come into effect on 1 November 2005. Someone sets up a stupid online petition with some vague handwaving about supporting ICASA, and “urging” Telkom to be nice.

I can’t even begin to verbalize how incredibly idiotic I find all of this. First of all, let’s examine the situation, and the primary forces involved in creating and maintaining it. By law, no-one can provision fixed-line telecommunications services without a license from the Ministry of Telecommunications. At this time, Telkom are the only entity to have been granted such a license. Furthermore, the purpose of a publically-held corporation is to increase shareholder value. So guess what Telkom are doing… why yes, they’re taking full advantage of their legally protected telecommunications monopoly! Bad Telkom! After all, it’s Telkom’s fault that the government isn’t letting anyone compete with them! Yeah, great reasoning.

Just a short time ago, I had a conversation over IRC with one of the aforementioned fanboys; I’m reproducing this conversation here (a little reformatted) to illustrate the kind of mindset we are dealing with here (name concealed to protect the guilty):

1. Fanboy
   

   Anyone who wants to petition against Telkom’s new pricing structure which will end any kind of resonably priced ADSL in South Africa (story here: http://www.mybroadband.co.za/nephp/?m=show&id=549) then please add yourself to the adsl petition here: http://www.adslpetition.co.za

2. Me
   

   I find it amusing that someone has setup a petition against an unconfirmed rumour from an unknown and untrusted source

3. Fanboy
   

   I would consider Telkom an untrusted source. I work for an ISP.

4. Me
   

   And?

5. Fanboy
   

   It’s happening. 3 month notice.

6. Me
   

   The only people who know what SAIX are going to do are SAIX themselves. They’ve done the complete opposite of what they’ve told the ISPs on a number of occasions.

7. Fanboy
   

   The petition is to the adhersion of ICASA’s finding.

8. Me
   

   Anyway, I can’t “sign” something supporting ICASA action.

9. Fanboy
   

   Justification?

10. Me
    

    It goes completely against sensible economics. I’m not interested in an economy run by dictatorial mandate of arbitrary quasi-governmental entities, and I’m certainly not interested in the chaos that would result if ICASA’s proposals are enforced.

11. Fanboy
    

    Fine. don’t sign it. I’m not forcing you. I just was asking if anyone wanted to petition with us.

12. Me
    

    Well, let me ask you a question; what do you think the petition will accomplish?

13. Fanboy
    

    Like everything concerning money… nothing.

14. Me
    

    So basically, you’re just leading people up the garden path?

15. Fanboy
    

    As opposed to going quietly?

16. Me
    

    Doing nothing and accomplishing nothing is better than doing something and accomplishing nothing; in the latter case, you haven’t wasted time and energy. [ed: I meant "former" here, of course]

17. Fanboy
    

    I’ll remember that. i.e.: I’ll stop trying to reason with you.

18. Me
    

    It’s illogical to waste time and energy on something that you know is useless.

19. Fanboy
    

    It is illogical. Which is why I’m ending this conversation. A waste of breath on you.

I’ll let that speak for itself. It seems that ultimately, people do not have a handle on the situation at all. Trying to focus on “fixing Telkom” is a very short-sighted view, and will only make things worse. The way forward is for the Ministry of Telecommunications to deregulate the fixed-line telecomms industry; if not completely, then at least partially. Competition is not a magic wand that you can just wave over the industry to fix it instantaneously, but once the opportunity is there, straightforward economic pressure would allow the industry to self-heal over a period of 5-10 years.

So please; if you want to jump up and down, and make a noise, then please do it where the people that can actually fix the problem can here you. Certainly, an online petition where there is no way to even authenticate the “signatures” is a pointless and misleading gesture. And if you’re worried about new ADSL prices, wait until there is some useful information on the situation before flying off the handle.

tags:

• darcs
• windows
• putty
• howto

Marlon blogged about the difficulties of using Darcs under Windows, especially setting ssh up. I had to get Darcs up and running on my windows workstation at work earlier this afternoon, so I figured I’d post a little HOWTO here for everyone’s benefit.

First of all, you need a win32 binary for Darcs; while you could compile it yourself, the easy way out is to get a build from Will Glozer’s site.

Now, if you just want to use Darcs over NetBIOS, this is all you need. Just stick darcs.exe somewhere on your %PATH%, and then you can happily tell Darcs to push to a UNC path (eg. darcs push \\fooserver.local\cdrive\path\to\repo) and work like that. However, if you want ssh support, then you’ll need to do a little more work.

First of all, you’ll want the following binaries from the PuTTY “suite”:

• PuTTY
• PSCP
• PSFTP
• Plink
• PuTTYgen

Once you have these, place them somewhere on your %PATH%, and do a little renaming: rename pscp.exe to scp.exe, psftp.exe to sftp.exe, and plink.exe to ssh.exe – these are the command names Darcs expects to have available.

This will be enough to let you push/pull/get/etc. over ssh, but you’ll soon get tired of typing out your password 34345234345 times, so you probably want to setup public key auth for ssh. To do this, first run puttygen.exe to generate a keypair. The default options that it starts with should be fine, so just kick off the generation process, and follow the instructions. When you’ve generated the keypair, save the private key wherever you want, and then copy the “known_hosts format” line out. Place it on a line by itself in ~/.ssh/authorized_keys on the ssh server (create the file if it doesn’t already exist), and then make sure the permissions on the file are correct. Run chmod 600 ~/.ssh/authorized_keys if you’re not sure; the reason for this is that ssh is very picky about the permissions of your configuration files.

You could now use pageant to manage the use of your private key, but an easier way is to create a profile in PuTTY with the same name as your ssh host; go select your private key at SSH -> Auth -> Private Key file for Authentication, fill in the same info for the hostname and profile name on the first config section, and then save the profile. The command-line tools will now use this profile when connecting to that hostname, thus avoiding the need to type in your password over and over again. (Note that anyone that gets access to your private key can now access your account, so be aware of the potential security issues.) Also, bear in mind that if you want to setup Darcs/PuTTY on another system, you could just copy your private key over to it, rather than generating a new one.

For convenience (mostly my own), I have prepared a handy package of all of the files mentioned above; you may prefer to download it rather than download each binary separately.

tags:

• consciousness
• Mindpixel

This is just a quick one, but a link I followed at random from IRC yielded something quite unexpectedly fascinating. I haven’t really even had time to process anywhere near all the content, but what has filtered through my mind has struck a surprising resonance with some of my own less well-formed ideas about spirituality and consciousness (although you might have a hard time understanding why). Maybe I’ll try and blog about my own thoughts some time, but for now, I’m discovering theoretical psychology for the first time (or something).

tags:

• blogging
• business
• Dosage
• coding
• databases

Well, as you can see, not blogging. Colin thinks I’m missing the point of a blog; well, maybe I am. I still have better hopes for this blog than I have for some of the attempts I’ve made in the past.

Anyway, I haven’t been very active on my public projects; about the only really visible one is Dosage, and that’s been fairly stable lately. There continue to be various contributions from the community (thanks people!) but otherwise no major developments. I guess there’s nothing wrong with that, though. I’ve also been taking some time out to focus on other things to a degree; spending time with my family, for example.

Otherwise most of my programming energy has been focused on getting the replacement system up and running for something at work. The way things are going, if I don’t make it happen myself, it’ll never happen; then again, that’s also not such a bad thing. I’m quite happy with the way things are turning out, and that I’m not having to fight with my tools all the time. I’m using Python, Twisted, Nevow, and PostgreSQL (via pgasync) on this one, and it seems to be working pretty well. I would probably have preferred to use an object database, but SQL isn’t so bad.

Anyway, we’ll see how long it is until my next blogging spree (this is probably the first of a few in succession, I have some other things in my mind); hopefully not too long…

tags:

• atom
• blogging
• xslt
• xslt2

Well, looks like Atom 1.0 is just about finalized. I’ve updated my Atom feed to the 1.0 spec, by modifying the XSLT I use to generate it.

I’ve also moved my tag lists to the top of each post, for better visibility and ordering. Oh, and I added a link to my e-mail address at the bottom of the page, as I realised that my e-mail address wasn’t actually displayed anywhere on my website. I would appreciate it if everyone that has been trying desperately to contact me would refrain from flooding my inbox out of existence.

I now have an ATOM feed available. It’s a static file same as this XHTML document, but I generate it from the XHTML via XSLT. You can take a look at the transformation if you’re interested. I’m using the Saxon XSLT processor to do the processing. Let me know if you have any suggestions; I’m sure there’s room for improvement, but I think it’s good enough to put online already.

tags:

• blogging
• xslt
• xslt2
• atom

tags:

• poem

So, a new beginning. I’m writing this blog post in vim; as mentioned on the front page, I’m hand-crafting my blog content at the moment. As a result, I don’t have an ATOM feed anywhere, but stay tuned. Until there’s some real content around here, I doubt anyone cares anyway.

Some of you may have noticed that I’m borrowing fairly heavily from Tantek Çelik‘s blog here; I hope he doesn’t mind, but I liked the clean and semantically-rich layout of his site. I’ll likely tweak and twiddle things much more as time goes on, but for the moment, I’m quite happy with this layout.

Depending on when you read this, you’re probably not terribly impressed with the styling; I don’t have much CSS around at the moment, so things will not look terribly spiffy until I do some work on that.

tags:

• blog