Slashdot Mirror

Asked and answered.

Honestly, I didn't know anyone still got worked up about cookies. I'm paranoid to the point that I wrote some GPLed anonymous remailer client software because I didn't trust the closed source alternatives, but even I don't bother disabling cookies anymore.

I wrote something like that for Python. The idea is that you'd use a "decorator" to indicate that a method is parallelizable (doesn't have any side effects) and roughly how many processes to spread it across (because you don't want to hit your database with 10,000 simultaneous queries just because your client could theoretically do so, for instance). For example:

@parallelizable(10, perproc=4)
def timestwo(x, y): return (x + y) * 2

print map(timestwo, [1, 2, 3, 4], [7, 8, 9, 10])

would tell the multiprocessing map() that timestwo() can be run up to 4 times per CPU, up to a total limit of 10 times. The per-CPU limit is because some tasks spend a lot of time waiting on external data (DB calls, file reads, etc) and it's OK to load out the system with those mostly-idle processes. The hard limit is because there's likely to be a maximum you still don't want to exceed.

BTW, this was meant mainly as a proof of concept and not something you'd just randomly use all over the place. Please consider the idea behind it and not just my particular implementation that I hammered out one afternoon.

I haven't used Joomla!, but I'm absolutely in love with Drupal. It's very easy to administer (if you're at least a little tech-savvy) and has modules available for just about anything you might ask of it.

For example, at my personal site, I have a personalized home page with all the content I would normally have on iGoogle or My Yahoo!. If you were actually logged in as me, that page would also have my stock quotes and weather information.

I liked it well enough to convert most sites I host to it (and it has great support for virtual hosting) because I found that I was spending more time managing the management system than the content in my old setups, where Drupal just gets out of the way and makes it easy maintain. Again, I love it.

Oh, and there are plenty of nice themes floating around. I really don't like the ones that come with it any more than some of the other posts, but it's easy enough to drop in another.

I haven't used Joomla!, but I'm absolutely in love with Drupal. It's very easy to administer (if you're at least a little tech-savvy) and has modules available for just about anything you might ask of it.

For example, at my personal site, I have a personalized home page with all the content I would normally have on iGoogle or My Yahoo!. If you were actually logged in as me, that page would also have my stock quotes and weather information.

I liked it well enough to convert most sites I host to it (and it has great support for virtual hosting) because I found that I was spending more time managing the management system than the content in my old setups, where Drupal just gets out of the way and makes it easy maintain. Again, I love it.

Oh, and there are plenty of nice themes floating around. I really don't like the ones that come with it any more than some of the other posts, but it's easy enough to drop in another.

Hey, I like iGoogle (but still prefer My Yahoo!). In fact, I liked it so much that I installed Drupal and its MySite module on my home server so I could have something like it that I control completely. It also supports Google Gadgets, so you're not really giving up anything by using it.

An Electronic Survival Kit. If there's one thing Katrina taught me, it's that losing your entire life would completely suck. Why not take a few minutes now so that you can get back to normal ASAP?

Science is a threat to faith.

Whose? Not mine.

Science is a threat to faith.

Whose? Not mine.

The more we know of the world the more we can explain accuratly how it works. Everytime a discovery is made, God is displaced from his question answering place and accurate knowledge takes his place.

Some people undoubtedly have a tenuous hold on their faith and have gods that are only a scientific discovery away from irrelevence. Mine is not a "God of the gaps", though. Science can tell me how he made the universe, but only he can tell me why he made it.

To complicate matters, if I send it directly to the printer without going through the PDF stage first, it looks different from either of the other two. It uses the same (sans-serif) font as the PDF version but actually has decent kerning this time. I guess that means that disabling the embedded fonts is a step in the right direction, as long as I can figure out which font I should choose to make the end results look something like people expect.

So very close, but still not quite there...

To complicate matters, if I send it directly to the printer without going through the PDF stage first, it looks different from either of the other two. It uses the same (sans-serif) font as the PDF version but actually has decent kerning this time. I guess that means that disabling the embedded fonts is a step in the right direction, as long as I can figure out which font I should choose to make the end results look something like people expect.

So very close, but still not quite there...

To complicate matters, if I send it directly to the printer without going through the PDF stage first, it looks different from either of the other two. It uses the same (sans-serif) font as the PDF version but actually has decent kerning this time. I guess that means that disabling the embedded fonts is a step in the right direction, as long as I can figure out which font I should choose to make the end results look something like people expect.

So very close, but still not quite there...

My PDF output looks nothing at all like my KWord screen. To make those images, I imported a Word doc that our transcriptionist emailed to us, then printed to PDF. I took a screenshot of KWord and KPDF using The Gimp, and cropped each shot to show a representative snippet of text.

Unfortunately, the PDF looks much more like my printed output that I'd like. I have no idea why my printing looks so awful (only through KWord; oowriter2 looks fine), but that's a pretty accurate example of how bad it is.

Other than the fact that I can't print from it, I love KWord. Of course, that's like asking Mrs. Lincoln how she liked the play.

My PDF output looks nothing at all like my KWord screen. To make those images, I imported a Word doc that our transcriptionist emailed to us, then printed to PDF. I took a screenshot of KWord and KPDF using The Gimp, and cropped each shot to show a representative snippet of text.

Unfortunately, the PDF looks much more like my printed output that I'd like. I have no idea why my printing looks so awful (only through KWord; oowriter2 looks fine), but that's a pretty accurate example of how bad it is.

Other than the fact that I can't print from it, I love KWord. Of course, that's like asking Mrs. Lincoln how she liked the play.

I agree with the kind of reasoning you are giving.

I, too, am working to engage this sort of reasoning.

I see that you have a wiki; Let me suggest using it to economize on your propagation.

Tangentially related, you may be interested in SelectivelyOpenMinded, and PassagesOfPerspective. They can clarify a lot of mis-thinking. ("Open mindedness, carte blanc, is a virtue. I can criticize you for not being open minded, like me.") ("No, people must hold fast to their ideas, or else, what do they stand for?")

Arguments about how we should argue, how we should play our thoughts out, are important, and interesting, and deserve wider propagation.

You misspelled "hell no".

The problem with FoxPro is that people come to depend on it, and start building their internal applications around it without realizing that it doesn't scale.

I don't mean that it doesn't scale well, but that it simply doesn't scale at all. Since it's not a database, but a single-threaded client app that reads and writes files off a fileserver instead of making remote queries, doubling the number of users doubles the amount of network bandwidth you have to use. If twenty people are accessing the same 1GB "table" concurrently, then heaven help you all.

My company depends on a FoxPro app. Without it, we go out of business. I was hired to write a web application to allow customers to access our FoxPro data, and ended up having to write a hideously complicated n-tier system where we have one VMWare image for each concurrent query we wish to be able to run. Yeah, you read that right: since the FoxPro client libraries are single-threaded, if we want the ability to execute 10 simultaneous queries, then we have to run 10 load-balanced VMWare images to service them.

So, I eventually wrote a system to copy the table files onto my local system, use a modified version of the xbase package to render them in PostgreSQL's "copy from" format, and them load them onto a pgsql server. It's more complicated in some ways than the native FoxPro query setup, but the upshot is that our queries now run between 100 and 1,000 times faster on average. Yes, those numbers are from actual profiling runs. Some queries that used to take 60 seconds (!!!) now run in a few milliseconds.

If FoxPro is the answer, then the question needs to be taken out and shot. It has our company in a stranglehold and we're doing everything we can to get out from under this twisted nightmare from hell. I honestly think you'd be better off writing applications in Excel, and that's not something I'd say lightly.

My new approach to dealing with voucher opponents: replace the word "school" with "hospital", "teacher" with "doctor", and "student" with "patient". Make them explain why limiting your choice of which doctors and clinics to use when you're sick is good for society. Make them explain why allowing you to visit the doctor of your choice is racist and discriminates against the poor.

Anyway, you were on track with the WebDAV server. I use Apache 2's built-in mod_dav to host several calendars, and view/edit them with Sunbird (Windows) and Korganizer (Unix). I think your time would be better served debugging your first attempt than starting over from scratch.

I worked for a small ISP, and we used a heavily-commented named.conf and associated zone files to keep track of configuration information, explanations for non-obvious things, etc. Since we were a small shop and worked well together, this was fine. Until we merged with another ISP. Whose admins "helpfully" slaved their BIND to ours, made it the master, and then slaved ours to theirs. Without changing the zone filenames in named.conf. I think that, had I been in the same room with them before we managed to retrieve our off-site backups, I might've had to have killed them.

One hugely useful system is to use version control on your configuration directories. Let the new guy delete at will; you can always roll back his commits and explain why you're going to beat him if he does it again.

To each his own, of course, and the situation may indeed have improved. I don't see any clear advantage that it has over PostgreSQL, though, and I doubt it'll ever gain much momentum.

To each his own, of course, and the situation may indeed have improved. I don't see any clear advantage that it has over PostgreSQL, though, and I doubt it'll ever gain much momentum.

For example, you could create the nym "johnsmith@nym.example.com". Whenever you send a specially-structured email to nym.example.net (signed with johnsmith's private key), the remailer will send it back out with the From: address changed to johnsmith@nym.example.com. Then, whenever someone replies to that email address, the remailer can redirect their reply (encrypted by the remailer with johnsmith's public key) to the newsgroup of your choice with the subject of your choice.

<plug>I wrote a program to automate the process.</plug> The original intent was to create a plugin for popular MUAs, but I never got that far.

Now, the neat trick is that you can send your control messages (like creating the nym, deleting it, etc.) and outbound messages (that you want to be rewritten and forwarded) through a chain of old-style anonymous remailers. As long as at least one entry in that chain is "pure", your messages are safe.

Yes, I know this is horridly complex for first-time users, but it works and it's available today. I wouldn't necessarily trust it to make anonymous tips to the NSA, but I think it'd be adequate protection for anything less critical.

I run a rather largish web application written in Zope, and it's not slow at all. All the computationally expensive stuff is handled by the databases or external programs, so Zope is mainly left with rendering the XHTML on the way out the door.

ZEO is a Godsend, though. We were having some scaling issues [0], so I decided to try moving our object database out of a Zope instance and into ZEO. The whole process, start to finish, including time to RTFM and triple-check everything, took less less than an hour. Once that was done, I made another five Zope instances that run off the same ZEO backend, and set each to listen on a different port. Finally, I set the Apache frontend that we'd been using since the beginning (to serve PHP out of different locations on our site) to pick a Zope port at random whenever a client request comes in.

The net result is that our server can now handle roughly six times the load with basically no penalty whatsoever other than the memory required to run the extra instances. It looked great on paper, and worked great in practice. Given how trivially easy it was to migrate to a ZEO setup, I'd never hesitate to use it again (and will probably start all new projects with a similar arrangement).

[0] Our site uses a Foxpro backend. No, really. Any way, I wrote SOAP interface to Foxpro so that we could access it through Zope. The problem was that some of the queries took so long to execute that the Zope instance was eventually blocking on the results and freezing the non-database parts of the site. Running several parallel Zope instances didn't guarantee that'll never happen, but it certainly decreased the odds.

But using BitKeeper wasn't pragmatic, though, and that's the whole point. It's not like tens of thousands of the people who follow such events weren't screaming that this was a Bad Idea, and their worst fears came to pass.

Then again, when faced with the task of creating a web frontend to a FoxPro database, my first project was to develop a SOAP interface to Windows ADO databases so that I could write the rest of the project on FreeBSD instead of Windows. The short term "pragmatic" concept would've been to base the whole project on Windows, but that wasn't an acceptable long-term solution. I don't really understand the short-term-oriented decision process (nor do I particularly want to).

Never occured to me that a company might leverage a market position with a crappy metadata format.

Goodbye, sweet innocence... Yeah, I've been there. I just don't want to make that mistake again, especially by rationalizing it to myself as a practical solution.

By the way, I'm very pro-capitalist, too. I just think that we're dealing with a very artificial market right now, and that commodities like operating systems and word processors will inevitably become free (and hopefully Free). There'll always be room for proprietary in-house development, and that's why I have no fear of the upcoming change. I'm fortunate enough to have a job already that pays me to write Free software to internal use but I expect that will become the norm.

I wrote up exactly such a system, although it's centered around Postfix and not Exim (but the concepts should be portable).

<plug type="shameless">
I also worked those instructions into an article, "Filtering spam with Postfix" in last month's issue of Free Software Magazine.
</plug>

Yes, but I'm that kind of person.

My boss paid me quite a lot of money to write Free Software. So much for your hypothesis.

Open letter to the person who was looking for information on my wiki: it's at http://subwiki.honeypot.net/cgi-bin/view/Freebsd/F ilterMailWithPostFix, but the article I linked in the parent post is more recent and more closely proofread.

Never mind that my program would be completely, utterly useless as a spam tool. It acts as an interface to the anonymous remailer network, with is only somewhat reliable at best, and could not possibly support the high volume of messages a spammer would want to broadcast. Nonetheless, I have a wife and kids and didn't feel like being the poster boy in the fight against a stupid law.

So, I wrote an explanatory letter to the EFF to ask for their advice (and possibly their assistance) in killing the proposition before it became law. To this day, I've never received so much as an email in response. I know that my message was delivered (maillog said so), but when it was my back against the wall, the organization I've donated to for years (to the point of buying memberships as birthday presents for geeky friends) was nowhere to be found.

I still like and respect the EFF - they do good things and I support their goals - but I'm no longer under the illusion that I can count on them when things go bad. Don't let my story stop you from donating to them, but neither should you go ahead and write that law- or patent-violating program with the expectation that you have friends who will step up to the plate for you.

You may love it or hate it; that's perfectly OK either way. To me it feels like someone took Bash, threw away all the crufty parts I didn't realize were crufty, and added a lot of new features I didn't realize that I needed. Give it a shot. At the worst, you'll lose half an hour of experimentation and go back to Bash. Alternatively, you might a new tool that changes the way you interact with your computer - I did.

For a quick start, you can try my .zshrc file.

Anonymously, of course.</plug>

• http://subwiki.honeypot.net/cgi-bin/view/Computing /DotZshRc
• http://subwiki.honeypot.net/cgi-bin/view/Computing /DotZshEnv

• http://subwiki.honeypot.net/cgi-bin/view/Computing /DotZshRc
• http://subwiki.honeypot.net/cgi-bin/view/Computing /DotZshEnv

One non-obvious point is that the chroot directory need not be a full (or even partial) FreeBSD installation. At one time I managed to do a complete Gentoo install using FreeBSD's Linux emulation and pointed the "jail" command at that directory. Voila - a full simulated Linux environment. Other than the inability to load Linux kernel modules, it looked and acted pretty much exactly like any typical bare-metal setup.

Plug: for easy management, install my JailAdmin port. Loads of secure environment goodness!

Thanks. That would explain all of forged sandman@honeypot.net spams that I have to deal with.

Yes, I own honeypot.net. About once a week, some jackass decides that "foo@honeypot.net" would be a splendid From: address, so I suddenly get thousands of bounce messages, whiny upset recipients, and other administrative hassles. My Sendmail reject list is growing longer by the month.

• I want a button to hide read messages. It seems like every other client on the planet does this, but not KMail. I read a lot of mailing lists, and I don't want to see the 10,000 messages in debian-user from 6 months ago.
• IMAP filtering. Here, let me say that again: IMAP filtering. The Bayesian trainer on my email server works by reading messages in a particular folder in each user's IMAP setup and passing each of them into Spamassassin's trainer. Every single client I've used makes it easy to set filters so that I can mark a lot of messages in my inbox as spam, run one filter, and have all of them moved into INBOX.spam.train.spam - each, that is, but KMail. In a corporate environment where the admins want us to leave mail on the server for backup purposes, this is a deal-breaker. Sure, I can manually move messages around by clicking-and-dragging, but that just ain't gonna happen.

If KMail otherwise sucked, I wouldn't care. However, it's obvious that they put a lot of time into making it a really nice client, except for the absolute critical flaws that make it worthless to a lot of people. I'll keep trying it each time a new version comes out; if they can fix these problems, I'll switch in a heartbeat. Until then, I'm staying with Emacs/Gnus.

I've already been thanked.

Now I'm saying "you're welcome."

There are other currency systems than "money", you know.

I've already been thanked.

Now I'm saying "you're welcome."

There are other currency systems than "money", you know.

I've already been thanked.

Now I'm saying "you're welcome."

There are other currency systems than "money", you know.

I've already been thanked.

Now I'm saying "you're welcome."

There are other currency systems than "money", you know.

I've already been thanked.

Now I'm saying "you're welcome."

There are other currency systems than "money", you know.

On the other hand, I hated having to administer that hell-pit of a server so badly that I wrote a migration program to transfer entire databases from Firebird to PostgreSQL. I can't describe how happy I was to switch a fairly large online store's backend to a modern platform.

On the other hand, I hated having to administer that hell-pit of a server so badly that I wrote a migration program to transfer entire databases from Firebird to PostgreSQL. I can't describe how happy I was to switch a fairly large online store's backend to a modern platform.

Because it sucks most grievously. The day we killed Interbase for the last time was the day we celebrated. Long live PostgreSQL!

GET /page1.php
GET /page1.php?skin=print
GET /page1.php?skin=decorated
GET /page1.php?skin=cool
GET /page1.php?skin=high-contract

Nosirree, no legitimate webmaster would ever use robots.txt to gently guide visiting bots to the appropriate parts of the site and to keep them from trying to do silly things. The only possible use is to trample your rights while installing the new corporate-owned government.

Geez, people. Honestly.

The main feature is a configuration that lets you act on jails by name. For instance:

jailadmin start web3 news7 shell1 shell2

jailadmin stop shell4

Included are an rc.d script for starting/stopping a set of jails at boot/shutdown, and an snmpd plugin for remote monitoring.

erin@honeypot.net "550 This account was spoofed by some jackass spammer. It doesn't exist and never has."

Add one for each falsified account. You will still get the incoming SMTP connections, but your server will reject the mail before the sending host transmits the whole thing. Advantage: you lose the bandwidth that it takes to build a TCP connection and send a single RCPT line, rather than losing the bandwidth and storage required to process and bounce a whole message.

My SMTP bandwidth graphs dropped about 85% after adding those filters. Do the same on your end (or have your ISP do it for you) and sit back while the storm blows over.

Oh, yeah: you may want to put a prominent notice on your website's main entry point stating that you are not the originator of the spams. The flood of mail to my "abuse@" address tapered off greatly once I explained things to visitors. I still get a few twits with an axe to grind but there's not much you can do about that.

One of my sites was defaced recently. During my morning "hosting stroll" I was greeted with a giant "Y00'VE B33N 0WN3D!!!1!11!!". I would've felt pretty dumb if the site wasn't a Wiki.

I agree whole-heartedly. For my thoughts on the matter, see my page at honeypot.net.