PICT Abandoned by Apple
I was cleaning up my hard drive today and found some screenshots I took of websites on 9/11, in Apple PICT format. Less than 7 years later, those PICT’s aren’t viewable on OSX in the Preview application (the standard image viewer). Seeing as this OS came out in 2005, it was likely abandoned then. At the time I was running the latest version of Mac OS 9, judging by the screenshots.
So, less than 4 years of support for that presumably very common file format.
I’ve converted the pictures to PNG (Using Photoshop 7, which can parse them), which as an industry standard open format ought to be recoverable for some time to come.
This has been reason #687 to avoid proprietary file formats.
Dan Grover - Speedy Recovery!
Our friend and sometimes subcontractor Dan Grover had surgery today, and we wish him a speedy recovery.
Dan posted a pre-surgery photo today, and finally it makes sense how he’s so efficient at his work:
All the best, Dan.
Barracuda Moves Against Trend Micro Bogus Patent
After reading about Barracuda moving to invalidate a bogus patent Trend Micro filed for on virus-scanning at an e-mail gateway (many of my clients depend on this technology) in January, I sent Barracuda the following note:
-----Original Message-----
From: Bill McGonigle [mailto:bill@bfccomputing.com]
Sent: Tuesday, January 29, 2008 12:24 PM
To: legal@barracuda.com
Subject: possible SMTP prior art - TFS
From:
http://groups.google.com/group/comp.mail.sendmail/
browse_frm/thread/3cee3dc93ea81690/a8cd75d669fbd6b7?lnk=st&q=smtp+virus+scan#a8cd75d669fbd6b7
Its pretty functional - gateways between any/all MS/MAIL,
WP-OFFICE, CC:MAIL, SMTP, UUCP, MCI-MAIL. It does uuencode
and MIME attachments (configurable per address or domain
wildcard) and international characters. It can also virus
scan attachments on the way through the gateway, and access
can be controlled on a user by user basis!
(message dated July 25th, 1995).
It looks like it's still around in some form from foxT:
http://www.tfstech.com/
Good luck,
-Bill
I never heard back more than a quick “thanks!” from Dean Drako, CEO of Barracuda, but today, I read they’ve moved ahead with this strategy and Goran Fransson, developer on TFS, is a new open source ally.
Dean writes of Goran, “We greatly appreciate the time that Goran Fransson took in coming forward to share this very important piece of prior art,” Drako says. “We believe that his testimony is instrumental in our case against what we believe is an unjust patent claim by Trend Micro against Barracuda Networks and the open source ClamAV project. In our view, Goran is an open source hero.”
Full disclosure: I’ve sold completely open solutions, based on postfix/MailScanner/clamav/sqlgrey against Barracuda’a blackbox appliances, but I’m glad they’re fighting against Trend Micro’s abuse of the system.
FOSSVT: Great Success 1
Last week I attended and presented at FOSSVT, a conference focused on Open Source in Education. Organized by the National Center for Open Source in Education, FOSSVT, at Lake Morey Resort in Fairlee, VT, was attended by over a hundred educators and technology specialists.
Executive Director Bryant Patten did yeoman’s work organizing the inaugural event, arguably the most successful Open Source event in Northern New England in recent memory. Kudos to Bryant.
I presented “Taking Control of Your Network Using FLOSS Software”, a talk about why it’s important to have a well-regulated network, and a whirlwind tour of a bunch of Free (Libré) Open Source Software (FLOSS) tools that could be useful for educators and technologists looking to take control of a school network. We covered some concepts, troubleshooting techniques, and resources available for further study.
As promised here are the slides . (3.3MB PDF)
Murphy Strikes
Sure enough, after three years of trouble-free server operation, the day after we deactivate a RAID mirror to make room for drive expansion, the drive dies.
If you sent us important mail between 3/26 at 10:00EDT and 3/27 at 02:00EDT, please resend.
If there’s a silver lining here, we’ll be trying to build a replacement server that all of: [1U, powerful, quiet]. It used to be a pick-two situation, but around here we’re into “pick all three”. We think it can be done.
Weaning Oneself off Commercial Software
I recently bought a new hard drive for my MacBook Pro and used the extra space to install Fedora 8. However, I found myself not booting into it too often as I have some apps on OSX which are too tied into my workflow.
So, I’ve decided to take the opposite approach for now. I’ve partitioned my drive into 4 parts - one each for Leopard, Tiger, and Fedora, and one for my data directories (/Local under OSX, /home under Linux).
This only helps share data between OS’s, though - what I really need is application compatibility. So, I’m slowly migrating my data to other applications that are cross-platform, and open-source. AppleMail->Thunderbird, iTunes->Amarok, iPhoto->DigiKam, etc. Additionally, I plan to integrate OpenSync with iSync to get my peripherals well supported. Once this is done, then I can run among my OS’s with indifference.
Both The Fink Project and MacPorts are essential tools for getting the open source software over to OSX. Kudos to both projects.
While Apple does make a good OS and great hardware, they’re still a member of the Business Software Alliance, which makes its living off terrorizing small businesses. Were they to quit the BSA I could probably justify the risk of them abandoning their software I depend upon, but combining that with the BSA it’s just too risky for me to bet my business on. Even though I use precious little other BSA software, simply accepting the EULA agreement for an OS update is enough to agree to their invasive audits, a risk I’m keen to remove. Did you know having a license and box and media for purchased software isn’t enough? You need to be able to produce a receipt for all your purchases or you’ll be getting a fine or lawsuit if you’re audited.
Blog Fork
I’ve setup a new blog Bill McGonigle’s Blog -or- Resigned to the Bittersweet Truth for personal blogging purposes. I write there:
Here you’ll find stuff on my other interests. It’s likely to be varied and unpredictable, and you might get politics, physics, humor, economics, building products, silly snapshots, family stories, philosophy or woodworking projects.
I’ll keep the technology stuff here, unless it really ought to not be here.
This should allow me to write about my other interests without people getting confused about what BFC Computing is.
Folks who have been reading this blog since the beginning might recognize the subtitle and look-and-feel from back when I ran a WordPress install here.
This new blog is now on Typo 5 and uses the rpg-royal theme, a patch for which I submitted to the TypoSphere Trac this evening for correct Firefox and Safari rendering.
If you want to read about some of my crazier ideas, please subscribe to the new blog. If computers is all you need, you’ll get that fill here.
As always, thanks for listening.
Battling Trackback Spam at the Typo Console
So I looked at my blog today and found 800+ trackback spams that Akismet had missed (typo bug?) and started to delete them manually.
Then I remembered the Typo console. A few Google searches later for the basic idea, and not being afraid to experiment with Ruby (my, it’s a logical language), I came up with a way to delete trackback spams based on Ruby expressions.
I’m including a list of commands I issued to eliminate 90% of the problem articles at the end of this article for others who might have the same problem. If you don’t like dirty words, skip it. Review the rules before you run them as it deletes data.
Next up - generating IPTables ban logs directly with similar queries.
And now, without further ado:
Trackback.find(:all, :conditions =>"blog_name='nice article'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Amateur%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%ambien%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Amoxicillin%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%anal %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%asshole%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%babes %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%blowjob%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%boobs%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%breast %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%breasts %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%buttplug %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%centerfold %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%cialis%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%clitoris%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%codeine%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%credit %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%cum %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Ephedrine%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%erectile%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%escort %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%fetish %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%fisted %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%flashing %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%fuck %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%galoponir%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%gay %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%hardcore %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%hentai%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%incest %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Lexapro%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%loans %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%meridia %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%mortgage%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%naked%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%naughty %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%nigger %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%niggers %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%nude %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%nudes %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%panties %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%paxil%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%penis%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%penthouse%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%pharmacy%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Phentermine%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%pics %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%polomurinureon%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%porn %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%propecia%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%propeciax%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%prozac%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%pussy%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%refinance %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%sex %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%sluts %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%soma %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%spanking%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Sucked %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Tamadol%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%tits %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%topless %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Tramadol%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%Tramdol%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%ultram%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%vagina%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%valium%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%viagra%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%xanax%'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt ILIKE '%xxx %'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"excerpt='nice article'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"ip='64.27.21.46'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"ip='82.166.248.8'").map{|t| t.destroy}
Trackback.find(:all, :conditions =>"ip LIKE '62.213%'").map{|t| t.destroy}
Fedora Useless for Small Appliances
If you’re drinking the Fedora Moonshine, you’ll believe:
ISV building an appliance product? Make an RPM, identify the minimal number of packages needed for an appliance around that RPM, then build a distro and a live image. Easy as moon pie.
The methanol in the Moonshine is the coarseness of package dependencies. Need grub in your appliance so you can do kernel updates? You have to take 6MB of Fedora artwork and the CUPS printing libraries. Don’t need kerberos? Too bad, you can’t get rid of it without just about everything else. The list goes on, every time I try to remove something I don’t need, I suddenly have to uninstall the kernel (OK, only sometimes, the rest of the time I have to sacrifice initscripts).
Installing a very ‘lean’ system, with just 16 out of 92 of the packages in the Base group with no other groups selected popped my distro up over 450MB. To add X11 and the driver for my card with Firefox topped a gig.
Installation on a small machine is even tough - at 256MB of RAM it wants to turn on swap immediately, and 512MB of disk wasn’t enough to install this sub-base system.
It’s too bad, I built a CD-boot network appliance based on a customized Redhat 9 distro (before the term LiveCD had been coined) and at that point things more much more rational. Sure, it’s more work to break a package down into its constituent parts and come up with real dependency trees, but that’s what a distro is for - so that kind of work is centralized. I can’t believe that somebody can’t come up with an automated way to build graphs of parts and dependencies (using ldd, CPAN, et. al.) and automatically divide software into optimal sub-packages. This sounds like a very normal topic for a masters’ thesis.
I was really hoping for great things from the automated LiveCD stuff, and revisor works quite well, but it solves package dependencies it’s told about by RPM, there’s not much it can do to help me out here.
I’ve also been playing with SLAX, which has all that stuff I need in the 1GB Fedora install and a bunch of crap I haven’t removed yet (like OpenOffice) in under 200MB on disk. I need to get this distro down to under 128MB for production of the appliance I’m building, which I can probably do with SLAX, though I haven’t explored it enough yet to be certain. The lack of package management and the lack of source for most modules that have been contributed makes SLAX a cool user distro, but hard for an embedded developer to embrace. I really do think it’s a well-designed fun little system though - it does alot the way I designed the aforementioned primordial network appliance I designed half a decade ago - and it aggressively tracks the 2.6 kernel which is great.
Tomorrow we try gentoo.
pfSense Intervention 7
Have you ever wasted too much time online? Right, so posting this on my blog imparts some selection bias to the answers to that question. But have you really wasted time to the point of not getting work done, or letting other things fall by the wayside? Some people call this Internet addiction, some people say there’s no such thing (mostly Ivory Tower types who can’t even distinguish between a blog and an MMORPG). Some people are just feeling depressed about it. Regardless, this isn’t the BFC Psychology Weblog - let’s get some computers to help us out here.
I wrote previously about good experiences with my pfSense firewall, today we’re going to use some of the new 1.2 features to get us back to work. We’re going to block some sites that sing their siren song to us, calling like the blue light inside the bug zapper. I’ll use four that friends have suggested.
Now, it’s simply no good to just cut off your access to these sites. The goal here is to get you back to work, not to make it so that you have to go find a way around an all-encompassing block to get your fix. So, we’re going to block access to problem sites during parts of the day when you think you ought not be accessing them.
To implement this we need to break down the problem into two parts:
- What do we want to block?
- When do we want to block it?
For the sake of this exercise, we’re going to use these values:
- Slashdot, MacRumors, Technocrat, AppleInsider
- work hours (8AM-5PM) and late nights (8PM-6AM)
This tutorial assumes you already have pfSense setup. There are good resources to teach you how to do that. Go find one now if you just have a pile of hardware and a CD for pfSense.
Everything we need to do for this tutorial will be found under the ‘Firewall’ menu:
To encode the first question (“What do we want to block”?), we’re going to make an alias. Select ‘Aliases’ from the menu and hit the ‘+’ icon to make a new one. You’ll see a screen that looks like this:
Give it a useful name for use in other screens. Here it’s called ‘timesucks’. You can add a verbose description, but most importantly, add all of your hosts. You’ll need to specify it by IP address (DNS isn’t a feature yet in this version of pfSense) - use the ‘host’ command at your command line if you need to figure out the IP addresses of sites you want to control. Add as many as you need and click ‘Save’, then ‘Apply’ at the top of the screen. Everytime you make a change in this tutorial and Save, you’ll have to Apply. I’ll leave that out in future steps for the sake of brevity.
Now, we need to encode the ‘when’ of our blocks. Go back to the Firewall menu and click on ‘Schedules’ and add a new one. It’ll look like this:
Pick a name (‘work_hours’ on mine) and give it some prose, then hop down to the calendar. Even though it looks like this is only the August calendar, if you Click on, e.g. ‘Mon’, at the top of the calendar, it will apply to all Mondays from now ‘till eternity. So, for the work-a-day schedule, click on each of Mon-Fri and enter a start time of 8:00 and an end time of 16:59. Click the ‘Add Time’ button and it’ll show up in the ‘Configured Ranges’ list. Then we can add the next one.
Now, the requirements call for a late-night block as well. 8PM to 6AM is hard to encode directly, so we’ll break that down into an 8PM-11:59PM block and a 12AM-5:59AM block. Since we’re not really concerned with the the weekend here, the morning blocks go on the regular Monday-Friday days, but the night block goes on Sunday-Thursday. It took me a couple passes to parse that - think it over and adjust to your needs. Now, Save and Apply.
OK, then, so we’ve defined the what and the when, so now we need to tell pfSense to do something with our criteria. So, from the Firewall menu again, add a Rule. We need the rule to go on our LAN tab:
because pfSense looks at all traffic from the perspective of “what interface am I going to see the packets coming in on?”. We’re going to block our requests to these sites, so pfSense will see HTTP GET requests from the LAN if we fall off the wagon. Now, create the rule on the LAN tab like this:
The criteria, for this simple case, are:
- Reject the the traffic
- from the LAN
- TCP connections
- source is any
- any OS
- Destination - select host or alias and put in the name of your alias, ‘timesucks’ in the example
- leave the Destination ports as any/any
- No need for any of the advanced options
- now, select the schedule you created, ‘work_hours’, in this case
- leave the gateway default (you know if you need something special here)
- and give it a descriptive name for future reference.
Now, Save and Apply. You’re done. Backup your config file for safe keeping.
If you’re like me, you might notice yourself accidentally browsing to one of these sites or following a link to it when you ought to be working. Your browsers will tell you in a grumpy way that it can’t connect to the host (it won’t tell you that it can’t find it, since we’re only blocking TCP, and DNS is UDP, so your DNS cache won’t get hosed).
And, since you can’t get to your favorite timesuck site right now (save it for the quitting bell), you’ll get back to work.
Or posting to your blog…
