Testing jet engines with chickens

In an article on studies on $bhow to minimize the impact of airplanes on birds (and vice versa):

Jet engines must now be able to withstand the ingestion of an 8 pound waterfowl without failing (this is tested in the lab by firing a chicken from a cannon at point-blank range).

I just added that to my sig quotes file :-).

It's a funny article, lots of good quotes, although all are a bit morbid, of course.

And its not just birds. Sometimes jet-stream encounters can take a page from the X-Files. "We've had frogs, turtles, snakes. We had a cat once that was struck at some high altitude," said the Smithsonian's Dove. She says birds like hawks and herons will occasionally drop their quarries into oncoming planes. "The other day we had a bird strike. We sent the sample to the DNA lab and it came back as rabbit. How do you explain to the FAA that we had a rabbit strike at 1,800 feet?"

Readings

Disputed English Grammar. Fun read. for english geeks.

and

Monotremes are weird

sol and i were discussing Omnipotence of God (she recently became a Christian) and that link led me to Theodicy, which is very long, interesting, and might be disturbing to someone who believes in Omnipotence (the Omnipotence entry also says that Omnipotence is only mentioned once in the bible, in Revelation, which I did find this morning, so I suppose the jews are not scripturally bound to the concept, although I don't know what their extended analysis of the situation might have led them to recently).

I've read quite a lot more than that today. This happens when I occasionally get demotivated with work. As it happens, today it wasn't ramcar (where the work is massive, but I'm glad to have it, since it's fun) but IPRC (where the work is done and they haven't paid the final installment yet, so I'm not highly motivated to add the features they've requested).

Dynamic DNS in Linux

That title is a bit over the top, of course. I only looked at one solution, and when that worked for me, I stopped looking.

I've got a sort of static IP. My internet provider, Destiny Cable Internet, as of this writing, uses the ISC DHCP Server. That server tries to allocate the same IP to the same requesting MAC if the IP is still available. So the IP is pretty stable. However, there is no promise that the IP will never change, so it's semi-stable.

I thought I'd be OK with just assuming that it was stable, but I changed my mind. It *might* change and when it does, then I'll have to go to everywhere that assumes it's stable and fix it. And then it might change again.

Instead I decided to use a dynamic DNS server. For the client software, I first looked at EZ IP-Update and, since there's a list of dynamic dns servers at that site, I chose DynDNS. Both choices were pretty random, but I'm happy with both of them.

ez-ipupdate took around 20 minutes to set up (there was a minor compile error, something wrong in the ./configure script's deciding how to use errno, so I had to figure that out and fix it, it's a quick and dirty hack though, not good enough to propagate upward, but I may email the ez-ipupdate maintainer so that he can look at his configure configuration) and DynDns took 2 minutes (plus the less than a minute to wait for the email to arrive).

So I've got dynamic dns working now. bopolissimus.homelinux.net

Port forwarding with ssh

I find forwarding ports (and, actually, also reverse forwarding ports) over ssh very useful. I'll probably find it less useful now since I've found OpenVPN so easy to setup and use, but it's still a very useful technique, particularly where I don't have root access.

I always use -v when doing this because -v will tell me if the link is slow or the link is down (while i'm still connecting, less wasted time). It also shows a message everytime a request is forwarded down the ssh tunnel, useful for debugging to make sure I'm doing the right thing.

With the setups below, surfing to http://localhost:8080 will forward requests to the internal or external server specified. Note: by default, port forwarding binds only to 127.0.0.1, so from the box itself you can connect to the forwarded service, but you can't from another box. Use GatewayPorts for exposing the service (warning, think about that, it might open security holes).

1. I'm on my laptop and I want to surf the website on remote.com.ph as if I were physically there. So what I want to do is forward my port 8080 to remote.com.ph:80 (it's an internal website and is inside a firewall, so I can't surf to that site directly from the open internet).

ssh -v -L 8080:localhost:80 remote.com.ph

what that does is, connections on my local port 8080 will be forwarded to remote.com.ph. From there, it will be forwarded to remote.com.ph's localhost:80.

2. Same as #1, I can ssh to remote.com.ph but the web server isn't on remote.com.ph, it's on another internal box inside the firewall, 192.168.80.80:80.

ssh -v -L 8080:192.168.80.80:80 remote.com.ph

What that does is, connections on my local port 8080 will be forwarded to remote.com.ph over the ssh tunnel. Remote.com.ph will then forward them onward to 192.168.80.80:80

3. Same as #2, but I'm trying to surf to some external web site that doesn't let me in if I surf from the Philippines, or if I surf there from the Philippines something bad will happen. For instance, PayPal will block paypal accounts if they're used from IPs that it identifies as being in the Philippines. This has to do with very high fraud rates. But maybe I'm not a fraudster, I just want to use my paypal account, but I can't because I'm physically in the Philippines. If I have ssh access to a host in the USA which paypal won't be suspicious about, I can do port forwarding through that server, e.g.,

ssh -v -L 8080:www.paypal.com:80 my_us_server.com

There is also reverse port forwarding. I do that when the server I need to connect to (usually not for http, but for some internal server) is inside a firewall and I can't get to it directly and the firewall won't port forward to the internal server. In that case, what I do is ssh to the gateway, and from there ssh to the internal server. Then I do reverse port forwarding. What that does is, it will ssh back to *me*, and open a localport on *me* which will be forwarded down that second ssh link back to it. This, of course, only works if the internal server has a route out to the internet, if it doesn't, then some other solution will have to be found.

# first ssh to the gateway
ssh gateway.remote.com.ph

# at the gateway, ssh to the internal box
ssh my-internal

# at my-internal, open the reverse tunnel back to me, i am, client.com.ph

ssh -v -R 8022:localhost:22 client.com.ph

What that does is get my-internal to ssh to client.com.ph (my box, outside the firewall). Once it gets there, it will set up port forwarding so that port 8022 at client.com.ph so that when I (at client.com.ph) connect to port 8022, the request will be forwarded to port 22 at the my-internal computer. I use that much less often than -L, but when -L doesn't work, -R is often a lifesaver.

Comparison of different SQL implementations

Online there's a pretty long (not sure how comprehensive, but informative and useful) Comparison of different SQL Implementations

Haven't read it all yet (busy), but I'll need to get to that within 1-2 days.

Biking Through Tanzania - article

I read the New York Times occasionally, mostly for the culture. The politics there tend to be rather to my left and even where I agree, as in the general opinion of George Bush II, they tend to be more strident and, in the case of Maureen Dowd, hysterical. But there are good articles, often in the culture and travel section, and the financial section too, occasionally.

An example, and the trigger for this post:

http://travel2.nytimes.com/2005/09/04/travel/04tanzania.html?pagewanted=1

and another:

http://travel2.nytimes.com/2005/09/04/travel/04okinawa.html

Destiny Cable Internet SMS Number

To get Destiny Cable Internet to call me (in case of technical
problems),

SMS to 09175771111

MD [account name] [account phone number]

Very convenient since I have a cell phone and cell phone charges being
exorbitant in the Philippines, I'd rather not have to call them.
Besides, I don't know what the tech support number is and I'm too lazy
to look :-).

Windows Solutions

Long ago I saw a list of "Windows Solutions". I had it in my sigs and now I can't find them. Fortunately, I keep my old sig file around even though I don't use it anymore (I haven't seen a tool yet that will modify the gmail sig via cron).

Anyway, here they are, so I don't forget them, hopefully google will cache them and google can find them with "Windows Solution bopolissimus" :

1. Don't use Windows
2. Stop the program and start it again
3. Ctrl-Alt-Del and kill the program in Task Manager
4. Reboot
5. Uninstall the program and reinstall it.
6. Reinstall Windows and Everything else
7. Backup, format the disk, install windows, reinstall everything else, restore your data.

Charles Murray on The Inequality Taboo

http://www.commentarymagazine.com/production/files/murray0905.html

GoogleTalk

I was going to whine about GoogleTalk invites that I got. Three people invited me and when I read the invite it says that the client is windows only.

But on the GoogleTalk site there are indications that the protocol used is Jabber. And in the Help Center link (they really should put this information on the main site) there's a link to How to install GoogleTalk on Gaim. So I'm happy. I don't have the voice chat features of GoogleTalk. I wish I did. I'll probably figure that out at some point. Particularly since I've now got lots of bandwidth, enough for voice chat or video. But I'll do that some months in the future. I don't have a headset and mic setup and I just don't have the time to deal with that right now.

Zotob and why the victims deserved it

I didn't know anything about Zotobuntil days after it had been out. Well, two days after it came out. Or maybe three.

I have the same reaction as every other time something hits the Microsoft side of the world. Everyone who was cracked deserved it. If anyone was injured because a Microsoft controlled warship misbehaved, or maybe some sort of system in space stations, orbiters, space shuttles or hospitals injured or killed someone, well, the people injured weren't to blame. However, the armed forces, space or hospital agencies (and all those financial and banking agencies and power generating and distribution agencies) that chose to deploy and continue to use Microsoft software for anything mission critical are certainly to blame.

They should have patched.

They should have bit the bullet and spent the millions necessary to upgrade to the most current version (XP), and then they should have patched, once, twice, and three times. There would still be holes in there, but they'd not have fallen to Zotob (if they were still at W2K) or any of the various XP remote root attacks.

They could also have switched to Linux. I think that there's a lot of value in Linux for common office workers. They won't get windows viruses, they probably won't get any Linux remote compromises (since they're desktop users and most remote compromises are to commonly run daemons or to web based applications, which regular desktop users just don't run, and even if they got compromised, most compromises on web programs can't promote themselves to root, so they're limited to web page defacements which are embarrassing [to professional linux administrators] but probably unnoticed among regular users, if they even run web servers]).

There's a lot of value in Linux for server applications too, but those need to be locked down more seriously than do desktop systems. Although, generally, they're far less insecure than comparable windows systems. But this isn't an anti-windows rant. It's more a rant against unthinking windows administrators who aren't paranoid about their systems. Any administrator should always be paranoid. But windows administrators should be certified insanely paranoid. They'll get cracked anyway, but at least they'll do their best. And they'll get cracked less often. The amateurs who let Zotob into their systems should be fired and then shot as a favor to the gene pool.

One more reason why I shouldn't live in the USA

I was reading the Washington Post, and I saw:

This article about BooksFree.

It's not a *bad* thing about the USA (there are some bad things about the USA, people work too hard, there is no time for a life and everyone is chasing after their credit card debt, it's all too tense), but this isn't one of them. This is a *good* reason why I'm fortunate not to live in the USA.

This site is an instant entree into the poorhouse for me. I'd be a member instantly, and I'd never get any work done because I'd be reading so much. Maybe I'd have *two* subscriptions, thus receiving twice the number of books per month.

I need to work harder, so that I'll be able to either setup such a company (all those books right in my warehouse, free to read before I send them out) or retire and subscribe :-)

Oh, wait, the URL for that company is:

BooksFree

Chikka on Gaim, needs gaim-devel

There's been a Chikka plugin for Gaim for a while now. I got it to work some time ago, then reinstalled linux and never found the energy or need to get it to work again. It's pretty easy, but I got sidetracked by a desire to make it work with source built gaim rather than using the gaim that already came with my distribution.

I decided to look at it again from the standpoint of just getting it working instead of trying to make it smarter (so that it could detect where gaim was installed if it wasn't in the standard places, etc). When I last did that, I lost interest again since it didn't work.

Today I tried again and I realized that I probably needed to install gaim-devel to get chikka working. and after a:

urpmi gaim-devel

and a simple ./configure;make;make_install in both the chix and chix_gaim directories, i've got chikka functionality in gaim. Now, I don't think it's working yet. I can go online in chikka and i see when other people are online (they just received or sent a chikka message), but messages i send don't seem to be working. I'll need to look at this again some more. I'll probably get it working tonight.

anyway, installing chikka does need gaim-devel. Without it, i couldn't even get gaim to notice that it was possible to connect to the chikka network, or that chikka even existed.

Incredible Speed with Destiny Cable Internet

I was testing downloads overnight and I was getting speeds in the range of 200+ kBytes per sec, which is around 1.5mbps. I didn't think that was possible since I thought the modems themselves were capped at some level (even if destiny internet doesn't have a network appliance doing bandwidth capping per individual user). But I guess the modems aren't capped. I think I did hear mention of 1.5mbps being the physical limit though. Maybe the modems aren't capable of any more than that. But I'm going to test some more to see what the real limits are :-).

Boy, this is great.

Destiny Cable Internet

I need Internet access at home since, as a consultant, I often work offsite and while the QSR offices are close enough to walk, sometimes I just need to work past midnight or on weekends. I can still get to QSR on weekends, but it's just nice to be able to work from home.

I considered DSL (mainly, PLDT MyDSL), but i decided on Destiny Cable Internet due to price and the fact that PLDT MyDSL is capped at 384kbps while Destiny has no caps. Of course it's cable though, so the bandwidth is shared. Destiny just doesn't do any bandwidth capping at all. The management thinks that the thing to do is just to provide the bandwidth (their bandwidth is greater than they need,that is, they buy more bandwidth than actually distribute). I like that attitude, even though it might be better for me (or for the generic customer) to have a cap so that bandwidth hogs don't slow down everyone connected to the same node.

The service has been pretty good. I'm getting consistent downloads in the 400-600 kbps range. I haven't really been monitoring very much yet, or consistently enough. But I'm waiting to get to 1Mbps. QSR has destiny bandwidth too and once or twice I've seen downloads in the megabit range.

Of course, to people from the U.S. (all my brothers and my sister have been through here lately to be with my stepfather before his heart surgery) that's not much. 1.5mbps at home is pretty common there, if you're close enough to a telco switch. But 400-600kbps is great here. and i'm confident that Destiny will continue working on their line quality and will eventually keep me in the megabit range continuously.

Not that I can do all that much with that bandwidth. But it'd be great to have it when necessary.

at-spi really slows down evolution

I couldn't stand how slow evolution was anymore. I know that I'd fixed that problem long ago (with some sort of gconf-editor, ah, edit). I remember that it was some sort of accessibility thing.

Well, I reinstalled linux a while ago and I got evolution slowness again. I've finally found out what I need to do to remove the slowness.

urpme at-spi

Back when I was still installing mandriva, I thought I'd try out the accessibility stuff to see if mandriva was good enough to use for blind people. I still don't know since, well, I can't get gnopernicus working on this laptop. Maybe I can try it out on a desktop. If it's usable then, I may try to get my brother in law (great programmer, and blind) to try out linux.

For any blind programmer, I think the thing to do is to work in linux since the command line development environment and demand for command line developers is high in linux. In windows, well, he programs in VB, and he's pretty good at it, but he's always going to be hobbled by the
graphical emphasis of VB and the command line weakness of Windows. It's probably a great environment for blind computer *users*, but it's a terrible development environment for a blind programmer.

2005-May Part3 Camiguin-White Island-Lechon

We were going to have our wedding at Camiguin Highland. It's a very new hotel and the building, rooms and restaurants are very nice. They haven't deteriorated yet due to time and the filipino inability to maintain anything.

The friends who were with us on the Canopy Walk in Claveria, Misamis Oriental and the whitewater rafting in CDO (pics sometime in the near future) came over to Camiguin with us on Friday, and more

Friends from Manila, in a jeepney arrived on Saturday
.

After lunch and siesta at Camiguin Highland

we got on a two hired multicabs and went to Katibawasan falls (short picture taking trip, the pics below are from another trip later in the month, but they give an idea of what it's like)





I like going under the waterfall (well, a bit behind, right under the waterfall the weight of the water is too great, it would knock me out).


Sometimes, the pictures from that are creepy.


We then went on to Camiguin Action Gecko Galactic Headquarters

to pick up the lechon


The lechon is a bit denuded because there were two multicabs and naturally, there was some lechon skin picking on our multicab :-).

There are several jump off points to White Island, but the most popular is at Caves Dive Resort, where the Camiguinaction Diveshop is located.

I've heard of a spanish woman who swam to White Island from one of the Agoho beaches, but we took a pumpboat there.


They're usually around PHP 350 for a roundtrip. It can cost less than that if the boat can go fishing and pick you up, but it's more convenient to keep the boat so that you can leave whenever you want. It's very hot after 9AM and before around 4PM so most people go at dawn or in the late afternoon.

This summer, the locals from the Agoho shore built some bamboo and coconut leaf shelters.


To be continued

Stupid security rules

There is a tidal wave of stupid security rules all over the place these days. Most of them I don't mind since they don't affect me much. If malls insist on looking at my belt bag (fanny pack, to americans) and checking my lower back to see if there's a gun in there, I don't mind as long as it doesn't waste my time, or not much anyway. And mall searches only cost me maybe 3 seconds everytime.

MetroRail searches tend to cost more, but it's usually only 5-10 seconds (if there's someone ahead of me), so I don't care much either.

Of course, ideally, this stupidity should be stopped anyway since, really, if anyone with half a brain wanted to bring explosives or a small gun or dangerous chemicals anywhere, it's pretty much impossible to stop. Well, OK, so maybe it takes more than half a brain. But really, it would be trivial to smuggle in something dangerous (that's not perfume in that perfume container, that's alcohol, or, in combination with a lighter, that perfume works as a small flamethrower. how about that kerosene (or some other flammable but not so strong smelling liquid) in the shaving cream container? how about just that lighter. a terrorist could break five bottles of vodka in the wine shop, set it all on fire, and then start throwing more bottles of alcohol in there. five seconds, tops.

Those searches don't increase security (i'd link to schneier or someone, but I'm too lazy, Oh, ok, Bruce Schneier's site, they just inject inefficiency into everyday life.

But again, I don't mind them too much. Stupidities that cost me almost nothing I ignore. Sometimes (as with the cell phones or CD players on airplanes thing, now how dumb can an airline (or another, or maybe it's just the civil aviation board [can't find the website with a quick search and not interested enough to spend 30 minutes on it] be to not revoke the ban on CD players when there's no reasonable way for CD players to be a threat to avionics or control systems?) I flout them if they're sufficiently inconvenient.

On the other hand, yesterday I was at the University of Santo Tomas Hospital and the guard wanted me to leave my laptop. Now my laptop is my other life. I'm not leaving it ANYWHERE. So I said no. He said to leave the power supply then. I wouldn't leave that either. If it gets lost, it would take months to get a replacement from overseas (it's a Winbook, not a common brand in the Philippines). Finally I left the cable (detachable) that connects the power supply to wall power.

I don't see what the deal is with laptops though. Are they concerned about the wifi or the CD player interfering with avionics, I mean, hospital equipment? All the cell phones in the building are already doing that and I don't see people dying every second due to GSM and bluetooth and maybe even the occasional IR and (Lord forbid), laser light from a leaky CD-ROM player interfering with avion...hospital equipment. So maybe they're concerned about people connecting to an unprotected LAN connections and sniffing the network? they should use switches then! or, no, there aren't any LAN connections, this is an old building. No Lan connections anywhere.

So the only thing that comes to mind is that they're concerned about people stealing electricity. But that's yet another stupidity. This is a hospital where they have airconditioners everywhere. That's where they need to be saving electricity. Pissing off paying customers (what does it cost to be confined in a room there, maybe PHP 2000-4000 a day?) is counterproductive. I had a similar experience at Clinica Manila in SM Megamall. I was there with Sol and while waiting, I wanted to plug in. They're against electricity theft too. But the way I see it, anyone with a laptop who wants to plug in is a potential customer who could afford a laptop. They should be *encouraging* those people to plug in, so that they'll feel comfortable and warm and fuzzy and will keep coming back for health services. As it is, I'm not going to Clinica Manila for anything.

I couldn't do much about UST Hospital, but I can write this blog and castigate them in public. Maybe if enough people ask them about it they'll rescind that rule and maybe even bend over backwards and offer free wifi throughout their hospital. I rather doubt it, but wishes are free.

Maybe someone in there is smart enough to understand what a marketing coup that would be, free wifi in the hospital, on a budget of maybe PHP 5000 a month for the bandwidth and less than PHP 250,000 for the access points, wiring and router (and maybe another PHP 50,000 for the services of the company that would install all that, although they've got a computer science and engineering college in there, they could do it for free with student labor).

vim settings i always use

set ruler
set noincsearch
set nohlsearch
syntax off
set ts=4
set ai

i should probably also use
set ic

ok, that's it, i will :-)

No handsfree

I thought I'd try the handsfree headphones/mic for my Sony-Ericsson K700i phone. Not because I needed it for calling (we don't call, in the philippines, it's too expensive, and it's impossible to do hands free SMS texting), but because I thought I'd try the phone's radio feature.

The bad news is, I'm giving up. FM radio, even in Metro Manila, is execrable. The DJs are terrible, the station identification items are incredibly stupid, the ads are ads and the music ranges from oldies with nothing left but sap (if they ever had any meaning in there at all) to rap and R&B which, frankly, I can't get into, there is nothing there for me.

Even the classical music station, and the jazz station, when I could get them (the signals were sufficiently weak, I could never get a good enough fix, or the surrounding stations were so strong they overwhelmed the signal. But maybe that was just the phone) aren't worth much. I may try to get those stations again. But If i can't, well, they might as well not exist as far as my handsfree listening on jeepneys and the Metro Rail system are concerned.

I thought that there might be an AM receiver on there. On AM things are much the same, but at least there are the occasional (very occasional) entertaining talk shows. But there's no AM option, so I'm hanging up the handsfree set. Or maybe not. I might just find some MP3s, resample them down to much smaller sizes, and use up the 40MB memory of the phone for storing them. If I can get the MP3s down to 1MB or so (mono since i don't like being not able to hear things that are happening around me, very low sampling rate so the space requirement drops :-) I might get back to using it. Although if I rip or download comedy shows it's going to be very disconcerting for the other people on the jeep or train :-)