I have such a surplus of links these days that I started this Lazy Reading two weeks ago.
Your unrelated comics link of the week: Elfquest, every issue ever. The dialogue is cheesy but the original art is fun, in a way that grabbed me when I read it at 10 years of age.
This was going to go into a Lazy Reading post, but then I realized it shouldn’t. Here’s the source: “A Tragically Comedic Security Flaw in MySQL” (via)
The short version: MySQL, compiled a certain way, will allow 1 out of 256 root login attempts to work no matter what. I was going to link to this for the startlingly large number of MySQL installations found allowing connections from the public Internet, which means breaking into any affected servers would be easy. Then I thought about it… I don’t see a my.cnf installed by pkgsrc for at least MySQL 5.1 by default.
To fix this for your own installation, put
in /usr/pkg/etc/my.cnf to disallow remote connections. I don’t know if MySQL on DragonFly from pkgsrc is vulnerable to the issue, but it’s a good idea to not allow remote connections to the database, and ought to be on by default.
Or just use Postgres, if possible.
I got to use the ‘roguelike’ tag again this week, which always makes me happy. Surprisingly, it’s not about… that roguelike.
- RSA encryption explained. (via)
- Someone from Google went to BSDCan 2012 and blogged about it. The takeaways are interesting, especially something I’ve seen elsewhere: “Don’t buy systems that can’t take registered RAM in a bazillion sockets”.
- Occam’s Razor applies here, but still: trust nobody. (via)
- Bash One-liners Explained, part 1.
- They’re switching from ‘cvs import’ to ‘cvs add’ in pkgsrc. Now if they’d just switch the ‘cvs’ part out…
- Not even vaguely computer related: Please won’t someone make these commercially available? Wait, someone did!
- The Mechanics and Meaning of That Ol’ Dial-Up Modem Sound. (via) I feel nostalgic, but on the other hand… nobody missed 14.4 kbaud.
- Advanced Vim Macros. “As is typical in Vim, the rabbit hole of functionality goes much deeper than most users will ever plumb.” (via)
- Also at the same place: Vim Koans.
- Hey, there’s a DragonFly page on the Wine Wiki. It’s short but probably very useful if you want to run Wine.
- Also, an OpenCV fix for DragonFly, pushed upstream by a pkgsrc developer. That’s always nice to see.
- Fish, a new shell with some nice features. (via) Does this compile on DragonFly?
- Found near the same place: a screen saver that auto-plays Angband. OS X only, unfortunately. There must be an easy way to do the same with xscreensaver.
- CLANG, but not the compiler. Watch the movie.
Your unrelated link of the week: I happen to work at a salt mining operation, which leads to some unique problems (more). Mining in the US is regulated by MSHA, which has been cracking down since the Upper Big Branch incident. MSHA issues ‘fatalgrams‘ every time a miner dies. MSHA also shows up on site as soon as possible, which means they are there taking pictures within a few minutes, with equipment still running. It’s essentially crime scene photos, and a little worrying; many of the deaths are of people around my age with similar experience.
So many links this week I’m already working on next week’s entry. Enjoy!
- git aliae so that you never lose work (part 2). (via) Aliae is the plural of alias?
- The Setup; people’s work environments. I’ve linked to it before, when nabbing links from Trivium, but I never realized how many people there were to look at. People like Chet Faliszek, Gabe Newell, ‘bunnie’ Huang, _why the lucky stiff, Lee Hardcastle, Joel Johnson, MC Frontalot, Derek Yu, Eric Meyer, Anil Dash, Jordan Mechner, Andy Hertzfeld, and Ryan North. There’s a lot more. If any of those names are unfamiliar, you should go look them up and be pleasantly surprised.
- How to use DragonFly to troll Amiga users. Funny/sad, like most trolling.
- One does not simply run Unicorn in DragonFlyBSD. Not sure what Unicorn is, but I feel bad that it crashed.
- Become a Vim Master By Learning these 30+ Key Bindings. Well, it’s vim, not vi, but oh well. It’s the standard list of commands that normally makes up articles like this, but I still look, in the hopes that I’ll permanently absorb another movement pattern and get that much faster.
- Which hashing algorithm is best for uniqueness and speed? (via) The colorized hash maps are a pretty interlude in a technical discussion.
- Speaking of Vim, here’s the M command, implemented for a web page. (via) The only better thing would be a vertical split screen view.
- End of a Fishing Expedition. Makes a good point about the recently-lost-by-Oracle lawsuit about copyrighting APIs: if that was possible, most Unixish operating systems, including BSD, would suddenly have legal problems. Also, the judge in the case apparently knows how to program, and actually established a point of law instead of shrugging and saying “These kids and their newfangled Internets confuse me.”
- CPU wars. (via) A trump cards game based on CPUs. Super-nerdy!
Your unrelated comic link of the week: Make Good Art. (via) The comic version of Neil Gaiman’s recent commencement speech, cause comics are more fun than video.
DragonFly has a page on updating pkgsrc, and so does NetBSD. I don’t think I linked to the latter before, but even if I didn’t, it’s still useful.
Michael Lucas has a writeup on how he debugged his RANCID setup. I link to it for the technical details, and also because if you have to manage more than a few switches or other network devices, RANCID is very useful.
- I like the sentiments here about Instagram. (via) I can see why it was popular, but not how it represented anything but a cosmetic tool, dependent on other services.
- Waxy.org turns 10. I relink (reblog? I don’t know) material from the links page on waxy.org, because Andy Baio has a keen eye. That article has links to various high points over the last 10 years, so it’s worth setting aside some of your time and looking at previous features. Come to think of it, he started that only a year before I started this Digest.
- Supercomputers installed at the Lawrence Livermore National Laboratory. All the way back to UNIVAC. (via swildner on EFNet #dragonflybsd) This picture is one of the more realistic I’ve ever seen about rack installation.
- RFC6540: IPv6 Support Required for All IP-Capable Nodes. (via) YES.
- The Story of BSD and Open-Source Linux, unfortunately incorrect, starting with the headline.
- 40 years on: Why Unix standards still matter. A brief note about the Single Unix Specification. There’s some implication that Unix was involved in the moon landings; was that the case? I didn’t think so, since at least a chunk of the moon landings predate Unix existing. (i.e. before the Epoch.)
- A photo followup on the one PHP article from last week. (via aggelos on EFNet #dragonflybsd)
- From the same site as the PHP article, tmux is sweet as heck. It’s nice to see the positive points of tmux defined outside of licensing. Also, it serves as a good tmux configuration checklist.
Your unrelated link of the week: One Thing Well. The BSD tag might be the most useful.
Based on a recent post from Chris Turner to the firstname.lastname@example.org mailing list, here’s a bug report that should get you to a working lang/OpenJDK7 pkgsrc package.
The links are all over the map this week, which is fine. Enjoy!
- This makes me laugh every time. (via)
- Etsy has an astonishingly good internal development practice. And open source code? (via)
- For contrast, Facebook’s release engineering process. (via I lost it, sorry) Not as interesting but I can’t tell why.
- Mosh, a program designed for the persistence of screen but differently. (via) Dunno if it builds on DragonFly, but it looks neat.
- “I just ran emacs. LOL!“
- 0x10c, a sci-fi game set in the future with spaceships running a 16-bit CPU. That you can program.
- I wish I could write here with the same mix of loathing and excitement found in this comics review. Warning: mildly… gonzo?
- The journey from user to contributor, a NYCBUG talk in mp3 form. (via)
- I’ve mentioned RetroBSD before, but here’s an example of it being installed on a Duinomite board. 2.11 BSD on a super-cheap, super-small Arduino-style board! (via) I don’t know what I’d do with it, but I want one. It even has keyboard and VGA ports.
- At some point, this CPU database will be handy. (via)
- A new, slow form of brute force ssh attack. (via) What I find interesting here is not so much the new attack itself, but Peter Hansteen’s careful gathering and analysis of data around it.
Your unrelated link of the week: memepool. It’s seen some activity lately. It was a blog before there were blogs, and I was part of it.
I’ve seen a few people complain about poor video performance in DragonFly, in Xorg. If you see a bunch of “contigmalloc_map: failed …” errors in your dmesg, your video card needs more contiguous memory allocated. Set vm.dma_reserved to 32M in /boot/loader.conf and you should be set. If that doesn’t work, try 64M.
Konrad Neuwirth is running Apache inside a jail, and getting some weird errors. Obviously I don’t know the fix, but Chris Turner knows what the settings need to be.
A tip for anyone who hasn’t tried this yet: run irssi in screen, and connect to #dragonflybsd on EFNet. You can then resume your screen session at any time after disconnecting and see the backlog, catch people addressing you directly, etc.
Before anyone says it: yes, I know, tmux works too.
I’m making sure I post this Lazy Reading on the right day. A nice full week’s worth of stuff.
- Bandwidth used when loading different web pages. (via) The largest one is also the most surprising.
- Do you have an IBM x3550? Turn ACPI off.
- The recent TCL presentation at NYCBUG is available in audio form.
- Did you want to know a lot of detail on how to do journaled soft updates in UFS? You want detail, you got it. (via, via) (Is that a repeat link? I don’t think so…)
- This is totally useful if you’re using ssh from a Windows machine.
- SSH is used as a noun and a verb, I just realized. No link, it’s just me noticing verbification.
- BSDCan 2012 registration is open. (via Michael Lucas’s Twitter feed) Conventions are awesome. You should go.
- Michael Lucas talks about book promotion with his recent book. There’s a graph, so it’s automatically great.
- Speaking of books, Modern Perl: The Book is free to download in PDF form.
- A story about _why. (via) I’m not so interested in his identity, but in what he did to get people to program.
- My git habits. (Not mine; that’s just the title.) Speaking of learning, I’ve always thought the next steps past learning the basics of anything is to then see how experienced people approach it, idiomatically.
- Why Juniper Gives Back to the FreeBSD Community. I link to this because I like what they are doing, and also because in a perfect world I would rather have a BSD-ish interface on my networking equipment than fiddle with IOS. Oh well.
- Bunnie Huang always builds neat stuff. This time it’s a Geiger counter. (via)
Your unrelated link of the week: Neo Scavenger. (via) It’s a game, in Flash, and in beta. If you like postapocalyptic survival, it may be for you.
Have you ever tried to run a service and realized you forgot to make an entry in rc.conf to enable it? It’s mildly annoying. There’s now a “one’ keyword (via NetBSD) that lets you enable a service, once. It still apparently performs sanity checks, unlike the otherwise-similar ‘force’ keyword.
That’s exactly what Michael Lucas talks about in this recent post; using ssh to browse from a different machine, but using a local web browser. He uses it to get around a network problem, but I imagine there’s a number of other applications. This is one of the valuable tips from his recent book.
Hello new DragonFly 3.0 users! This is my not-about-DragonFly weekend link roundup. I’ll be back to regular DragonFly-ish stuff tomorrow.
- Vim anti-patterns, Gnuplotting, and Computing History At Bell Labs. I’m combining what would normally be 3 separate points because I stole them all from Christian Neukirchen’s blog. I wish I had found them first.
- I mentioned Dungeons & Dragons last week, which led Michael Lucas to point out Dungeon Crawl Classics in the comments. Along that same theme, here’s some 70’s role playing game illustrations. (via) There’s a parallel between computing in the late 1970s and fantasy; expert programmers were called wizards, understanding computers was an esoteric art… I could develop the heck out of that thesis, but let’s just look at the pictures and feel nostalgic instead.
- And then everything got a lot more weird-looking, 20 years later! (via)
- Hey, that time zone lawsuit mentioned here before was dismissed. That’s good news. (via lots of places)
- Hyperpolyglot: Scripting. Look for your favorite scripting language and compare it side-by-side with others. (via ferz on EFNet #dragonflybsd)
- The text of the DragonFly 3.0 announcement gets copied around to a lot of sites, far more than I’m linking here. However, I found this one entertaining because it kind of makes it sound like DragonFly is just what I happened to come with.
- Custom 3D printing is becoming accessible enough that I’m trying to think of things I could get printed that way, even though I don’t need it. (via I lost it, sorry)
Your unrelated link of the week: Quigley’s Cabinet. Read her books if you have a fascination with old dead things.
Michael Lucas installed WHMCS, a commerical hosting management tool, on FreeBSD. He tells a story of doing so, and in the process happened to list all the PHP modules needed for it to run. I’m linking it because that list is going to come in useful for someone, someday.
If you were thinking about implementing DNSSEC, Michael Lucas did it himself and wrote down his notes. You can read them and either follow along to implement it yourself, or just spectate. The one disadvantage is that it uses BIND 9.9, and I only see 9.8 and 10 in pkgsrc.
Edward Berger found that using a LG/Hitachi DVD drive kept him from successfully booting a DragonFly install CD. Using other manufacturers worked out fine. What causes the problem? I don’t know, but it’s worth mentioning it out loud in case someone else gets bit by it.
I’m posting this because it will save someone (possibly me) an hour of aggravation someday. If you are updating Samba from version 3.0 or 3.3 to a later version, it’ll take your existing config but possibly silently break on user authentication.