Old amd64 removed and extra upgrade step added

The ‘amd64’ specific parts of kernel architecture have been removed, since x86_64 covers all that.  As a side effect of other changes, John Marino warns that upgrading DragonFly from a version older than 3.4, to a version newer than 3.4, will require an intermediate step of going to 3.4 first.  e.g. If your machine is a DragonFly 3.0 system, you will need to upgrade to 3.4 before moving to, say, 3.6 once it is out.  This won’t matter for some months, since the next release is months off.

Lazy Reading for 2013/06/09

Not as wordy this week, but still wordy.  And linky!

  • Max Headroom and the Strange World of Pseudo-CGI. A discussion of how old fake CGI can look better than modern, real CGI. This is an opinion I’ve had for quite a while, and my children pretty much ignore it every time I bring it up.  (via)
  • The Colby Walkmac, which predates the Mac Luggable.  Linked to because it includes good pictures of what the (external) hardware was like.  I find all the old ports interesting, since it’s all USB and the occasional eSATA these days… not that I’m complaining!  I’ve never had a good experience with a 9-pin serial port.  (via)
  • A brief education on escaping characters.
  • I get worried when remotely rebooting a server in a different town or even state.  In Praise of Celestial Mechanics covers much more stressful circumstances: interplanetary reboots.  Does Voyager 1 or 2 have an ‘uptime’ function?
  • The equivalent of what you are doing right now, 20 years ago.  I personally never got to see this; my experience was MUDs.  Speaking of which…
  • The Birth of MMOs: World of Warcraft’s debt to MUD.  MUD == MMO, Roguelike == Diablo/Torchlight, Doom == almost everything else.  There’s a number of game archetypes that haven’t changed in some time.  (via)
  • Playing with powerlines.  I used to work at a company that used these lines for data transfer.  It was neat technology, but it sure wasn’t easy to set up.  Imagine wiring a city but only being able to use Ethernet hubs.  Not switches, hubs.  That, combined with undersized ARP caches/MAC tables, made it really difficult.
  • OpenVPN on FreeBSD, which will come in handy for at least several readers, I’m sure, as the directions should apply to any BSD.
  • Is there anything DNS can’t be used for?  Cause now it’s domain-based mail policy publishing.  (via ferz on EFNet #dragonflybsd)
  • Have you tried DragonFly?” posts on various forums seem to pop up with some regularity.
  • Uses of tmux, explained.  A slide show talking about how tmux works.  (via)

Unrelated link of the week: I’ve had several deadlines and a mail server with issues this week at work, so this is all I got.

Book review: DNSSEC Mastery

Michael W. Lucas recently wrote and self-published a new book, DNSSEC Mastery.  He asked me to review it, and I’ve been reading it in bits and starts over the past few very busy weeks.

First, the background: If you’re not familiar with the acronym, it’s a method of securing DNS information so that you can trust that domain name information is actually from the machine that’s supposed to provide it.  DNS information is basic to Internet operation, but it traditionally has been provided without any mechanisms to deal with misinformation or malicious use.  This seems to happen with protocols that have been around for many years, as any mail administrator can tell you…

In any case, ‘DNS poisoning’ (or as Wikipedia calls it, ‘DNS Spoofing‘) attacks such a basic part of how the Internet works that it will completely bypass any security methods that assume name information is correct.  DNSSEC is a way to deal with that.  It introduces public-key encryption into the process of sharing and updating DNS information.  The idea has been around for a while, but it’s only been completely implemented recently.

DNSSEC Mastery goes over this history, and through the setup required to get (recent) BIND working with DNSSEC.  Lucas seems to be starting a series of ‘Mastery’ books, where he covers all the territory around a specific topic.  This one, like his previous title, is exactly what it says.  As long as you have some existing clue around zone files and DNS, the book will take you from no DNSSEC at all to fully implemented in less than 100 pages.  (well, at least in the PDF version, but that gives you an idea of the size.)

Use it to learn, or use it as a quick reference – either way will work.  If you have any DNS server(s) to manage, you’re the target audience.  I expect DNS without these security extensions will go the way of telnet vs. ssh.

A book covering things like new encrypted hash zone record types is going to be a bit dry, but there’s an appropriate sprinkling of humor through the book.  I’ve reviewed other Lucas books before, and I’ve got another on my plate right now, but this is the same: there’s plenty of funny to make the lessons go down easier.

DNSSEC Mastery: Securing the Domain Name System with BIND is available on AmazonBarnes & NobleSmashwords, and his self-publishing site.  Also see Peter N. M. Hansteen’s review of the book.

 

Running a spam blacklist

Peter Hansteen has an extensive writeup of how he has managed the bsdly.net spam blacklists.  Normally I’d stick this article in the Lazy Reading links, but the article is good enough to call out separately.   It’s excellent not just for the mechanical aspects of how the blacklists were maintained, but for his strict description on how the process is simple, verifiable, and transparent.  That last item, transparency, is how many anti-spam groups fall down.

Summer of Code reminder for students: talk now

For anyone who is a student considering Google Summer of Code this year: this timeframe we’re in right now is listed by Google as time for “students discuss project ideas with mentoring organizations”.  This is the perfect time to find out what the people in an organization are like, and get early feedback on your project ideas.

Chances are, if you’re submitting a proposal for an idea from an org’s project list, you’re one of a number of students all trying for the same thing.  The best way to get accepted instead of any other applicant is to be the person they already know.

Lazy Reading for 2013/03/31

I hope you like reading; there’s some very meaty links this week.  Go get a cup of tea and settle in.  You drink tea, don’t you?  You ought to.

  • Reading about KDE’s repository near-meltdown makes me think we need more checks for DragonFly.  We have the advantage of Hammer, of course, which would help in the same way that the linked article names ZFS as a ‘fix’.  (via multiple places)
  • We know that Apple will reject apps it disagrees with.  Google also will do so.  Has there ever been a program rejected from pkgsrc or (FreeBSD/OpenBSD) ports on content grounds?  Not that I know of – anyone remember differently?  I’d argue that’s a favorable point for the BSD packaging systems, though it may just be that no application has tested those boundaries yet.
  • Portscanning all IPv4 addresses on the planet.  Possibly the largest distributed effort ever?  The detail in the maps and returned services is especially interesting.  (via)
  • Scale Fail, a Youtube video of a 2011 talk about screwing up your services.  Mostly about the humor, but the underlying points are valid.   (via #dragonflybsd IRC)
  • There’s still improvement possible to fsck, apparently based on this.  That’s UFS2 fsck.
  • What is your most productive shortcut with Vim?  A very thorough explanation of verbs, marks, and registers.  Holy cow, I wish I had known about ‘: … v’ before.  It’s long, but worth it.  (via)
  • Matthew Garret’s description of Secure Boot vs. Restricted Boot with UEFI, (via a coworker who went to Libreplanet 2013).  I’m still not sure what DragonFly will need to do about this.
  • I missed mentioning this earlier: 20 years of NetBSD.  We’re coming up on 10 soon.
  • Dragonfly drones.  Unrelated except for name.
  • That guy who starts to froth madly every time BSD is mentioned on Phoronix is still there (see comments).
  • Mainframe computer supercut.  (via)

Your unrelated comics link of the week: Tom Spurgeon of the Comics Reporter asked people for their lists of webcomics that could go in a ‘Hall of Fame’.  The resulting list is a lot of really, really good material.  Go use up a few hours reading.

Lazy Reading for 2013/03/24

It’s still snowing in my area, which is unusual.  And great!

Your unrelated comics link of the week: French cartoonist Boulet knocks it out of the park again.

Lazy Reading for 2013/03/10

I managed to come up with a lot of links this week, somehow, despite the start of the class I’m teaching in addition to normal work.  And Summer of Code’s coming up!  And we’re due for a release relatively soon!  I may appear somewhat… stretched over the next few weeks.

Your unrelated link of the week: I’m the Computer Man.  I always thought the mid-1990s were sort of a Internet/computer teenager phase.  Everything had potential but everything was also awkward.  (via I forget, sorry!)

Lazy Reading for 2013/03/03

I am all over the place with links this week – some of them pretty far off the path.  There’s a lot, too, so enjoy!

Your unrelated link of the week: I’ve already been offbeat enough in this Lazy Reading; I don’t have anything else.