Author Archives: Sam

GDFAF: Going Deaf For A Fortnight

Posted on by

[GDFAF Logo]Pete Ashton, Birmingham-based weblogger extraordinaire, has come up with a what I think is a brilliant idea: he is Going Deaf For A Fortnight. In his own words:

Okay, this is the start of a 14 day series of posts, Going Deaf For A Fortnight in which I go to a gig in a small venue in Birmingham every night to see bands I mostly have never heard of before and then write about them here. By the end of it I expect to have attained a good overview of the Birmingham small gigs scene, to hopefully have discovered some good tune-smiths and to probably have descended into a nightmarish Gonzo-style meltdown. We shall see.

At the time of writing he’s half way through and he’s posting some great stuff. If you live in Birmingham and enjoy live music then you really should check out these posts (Clare and Dave? Ever read this?). He’s building up a fascinating snapshot of the live music scene in Brimingham and spicing it up with his own observations and commentary so it’s not just about the bands themselves but contains observations on stuff like the composition of the audiences and the techniques used by the bands to promote themselves in the age of the internet.

And it’s not just reviews. He’s photographing the gigs and posting the photos to a set over on Flickr, and he’s just put a podcast of music by bands he’s seen online. Interesting stuff and a great example of what you can do with your weblog – personal publishing from the underground music scene! The only drawback, at least from his perspective, is the cost so he’s soliciting for donations from people who’ve been enjoying the series (Pete, if you ever read this, I’m unemployed and skint right now – hence the token donation), so if you fall into that category perhaps you could help him out.

Posted in Uncategorized

Sony, DRM and your computer

Posted on by

There’s been a lot of coverage on this recently, but that’s no reason not to mention it here – especially because this kind of arrogant disregard for people really irritates me and I want the coverage to extend as far and wide as possible. The more people know about this kind of thing the better, so if you ever play music on your computer, you may want to read this.

It’s been revealed recently that the software bundled with certain recent Sony releases uses some arguably dubious techniques to hide itself and make itself almost impossible for the average user to remove. The CDs with this software aim to enforce Sony’s copyright by only allowing customers to play the CD on their computers using the music player bundled with the CD, so the average customer has little choice but the install the software if they want to play their legally-purchased CD on their machine.

You might think that protecting copyright is fair enough, but think about these points:

In summary: the music companies appear to have little or no respect for their customers and place their copyright enforcment needs ahead of your computer’s and your data’s security. Be very careful before installing anything supplied by a music company on your computer, because it appears that you cannot be sure what it is or what it is doing.

If you have already installed this software and are concerned about it, detailed removal instructions can be found at Mark’s Sysinternals Blog but they are not for the faint-hearted. You may be better off waiting for the anti-virus vendors to release removal kits, such as this proposed one from Sophos.

Posted in Uncategorized

Hoary to Breezy

Posted on by

I just upgraded the Kubuntu Hoary Hedgehog partition on my iBook to Breezy Badger. I left it a while to allow any obvious problems with the new release to be ironed out. What a breeze it proved to be:

$ sudo sed s/hoary/breezy/g -i /etc/apt/sources.list

$ sudo apt-get update

$ sudo apt-get dist-upgrade

Then it took about 36 minutes to download the 500-odd Megs of required files over my 2 Mbps line and about another 20 or 30 minutes to perform the upgrade. During this time, it asked me three questions: permission to stop some services, what default language to use, and whether to replace the global Xsessions file.

Everything looked fine. Everything still seemed to be working. A reboot resulted in a nice new login screen and no odd behaviour. Logging-in took me to my familiar desktop. Touch wood, but it all seems to have Just Worked. Very impressive.

Flock Developer Preview

Posted on by

After a chap called Lloyd Budd showed up on the blosxom list a while back asking about APIs and other such stuff, I wandered over to his company’s website at www.flock.com and put myself on their mailing list. Yesterday I got a mail inviting me to check out a preview release of their browser, based on Firefox, but which is closely integrated with the major blogging APIs and with other related systems like del.icio.us.

Since I offer no API support here, I’ve had to set up a blogger blog to play around with it: Sam’s Blogger Blog (my creativity failed me, OK?). I’ve already got a del.icio.us account, and so far I like that way the it’s closely integrated with the browser: better than foxylicious which I use on and off in Firefox.

Anyway, no time for a long analysis here: I’ve got chores to do at home and now that Uma is asleep I’d better take the chance while it’s still available.

Posted in Uncategorized

Rollyo

Posted on by

Rollyo – roll your own search engine. At first I thought that this looked quite cool and I still do mostly, but I think that it’s got a major flaw: you can’t search any deeper than a whole domain. I want to be able to search into the directory structure of sites, so example.com/folder/ or even example.net?param=value&param2=value2.

Practical example of why this would be useful: I was trying to build a blosxom orientated search (that’s a link to my profile at Rollyo, as the searches themselves use javascript and I haven’t worked out how to link to one directly yet), but for it to be useful I’d like to be able to search pages like del.icio.us/tag/blosxom and groups.yahoo.com/group/blosxom – limiting the search to groups.yahoo.com or del.icio.us returns far too many false positives without using quite refined search terms, which seems to me to sort of defeat the object somewhat.

Posted in Uncategorized

Mystery miasma

Posted on by

On thursday I spent the day checking the soles of my shoes for unpleasant dog-related substances as everywhere I went it seemed that I could smell a faint tang of excrement. But before you start emailing me with smart remarks, it turns out that I wasn’t the only one plagued by the smell – Polly told me the next day that she had noticed it but hadn’t mentioned it in case no one else had, and on Friday our local paper, the Bristol Evening Post, ran a report on page three about the “nasty nif” hanging over the city centre. One interviewee descibed the smell as “rather like when they muckspread on farms”, which was pretty much spot on if you ask me.

Although Wessex Water, the local water utility company, claimed that nothing in their system seemed to be amiss, they agreed to send someone in to investigate. Although some kind of trouble with the sewers seems like a fairly likely explanation, there’s fun to be had thinking up alternative explanations. Perhaps some incompetent terrorists attempted to poison the city only to find out too late that their arms dealer was having a bt of a laugh and instead of Sarin he’d flogged them several cylinders of joke fart gas. Who knows – send me any better ideas, if you have ‘em.

One interesting thing that came of the smell was the reference in the Evening Post article to the delightfully Fortean “Bristol Hum”, a low-frequency noise heard in Bristol and other places in the world allegedly the result of noise pollution by traffic and factories, but is still viewed by many as a mystery. Let’s hope that the “Bristol Stench” doesn’t persist for quite so long.

Digital Civil Liberties

Posted on by

It’s way past time for something like the Open Rights Group in the UK. Nothing for it but to quote their “manifesto” wholesale, as I couldn’t put it better myself:

The Open Rights Group is committed to protecting your digital rights, to fighting bad legislation both in the UK and Europe, and to fostering a grassroots community of volunteers dedicated to campaigning on digital rights issues.

Your civil and human rights are being eroded in the digital realm. Government, big business and industry bodies are taking liberties with your digital liberties, actions they could never get away with in the “real” world.

Our goals are:

  • to raise awareness within the media of digital rights abuses
  • to provide a media clearinghouse, connecting journalists with experts and activists
  • to campaign to preserve and extend traditional civil liberties in the digital world
  • to collaborate with other digital rights and related organisations
  • to nurture and assist a community of campaigning volunteers, from grassroots activists to technical and legal experts

Your right to privacy is being eroded by the government’s ill-conceived ID card scheme, by biometric passports and the threat of vehicle tracking systems. Your right to free speech and freedom to use digital media is under threat from corporations who believe that ‘fair use’ of copyrighted works should exist only at their sufferance. Your right to private life and correspondence is under threat from a proposed European directive to log traffic and geographical data for every call you make, every SMS you send, every email you write, every website you visit.

It is essential in this time of international tension and uncertainty that we vigourously defend our digital civil liberties, ensuring that the our hard-won freedoms are not taken away simply because they’ve moved to the digital world.

If these issues concern you and you can afford to pay out a fiver a month in support of the Open Rights Group, go and sign this pledge. Now.

Coverage of this is spreading across the more geeky parts of the internet (for example Boing Boing) and now it’s been covered at the BBC, so let’s hope that with continued pressure news of this will penetrate further into the mainstream media and more people will start to pay a bit more attention to what’s going on rather than blindly believing the paranoid, dangerously misguided rubbish coming out of the Home Office.

The Bristol Wireless LTSP suite

Posted on by

Bristol Wireless are a collective who run, among other things, a community-access wireless network in the Easton area of the city. Their LTSP suite is one of those other things.

I’ve been working with some of the Bristol Wireless crew at The St Werburghs Centre over the last few months, but it wasn’t until FAVE last Saturday that I got a chance to see the LTSP suite up and running, and I was so impressed I thought I’d write about it.

LTSP stands for the “Linux Terminal Server Project”. Simply put, a terminal server is a machine that runs applications on behalf of client machines – the terminals. This means you can use old or low-spec hardware to build clients and connect them to a more powerful machine which will actually do most of the work, enabling users to access applications on the clients that they’d be too slow or flakey to run without the server’s power.

[LTSP users at FAVE]

The Bristol Wireless LTSP suite is just such a patchwork of near-obsolete and flashy new hardware: a pile of ancient laptops donated by the local police force are connected to a powerful new Acer laptop boasting gigabytes of RAM using a bundle of Cat-5 and a gigabit ethernet switch. The Acer takes care of the bulk of the processing and the gigabit ethernet ensures that the connections are as fast as possible. Combine it with the satellite uplink from their collaborators Psand, and they’ve got a mobile IT facility that fits into the boot of a small car!

[The Terminal Server]

And it works like a charm. The clients are responsive and boast a wide range of applications and the whole system has proved a success with users: so far this summer it’s been taken to the Home Education Festival and the Big Green Gathering where it was a hit with the kids as well as the FAVE event where it proved popular among the geeks (like me, for example). As well as being a flexible community resource, the project is a great showcase for what can be achieved with some old hardware, Free software and a bit of ingenuity, and it provides a slick and impressive user experience for people coming to a Free software based system for the first time.

[More LTSP users at FAVE]

Given the fact that Bristol Wireless come across as a relaxed group who run their projects on an ad-hoc voluntary basis, this shows what they can put together when they get down to business. They are using LTSP to build IT suites elsewhere in the city and are expanding their operations to offer other services such as internet connectivity as well as access to the local wireless network (my employer, the St Werburghs Centre, is one of their new customers), so let’s hope their future projects continue to be as impressive.

(For more photos, see here.)

Brute force ssh password attacks

Posted on by

Since opening my SSH server at home to the internet yesterday – less than 24 hours ago – there have been 2883 failed attempts to log in from two ip addresses: 209.183.190.11 and 59.120.13.130. That makes me nervous, even though I’m reasonably confident that it’s secure due to password authentication being turned off and the following two handy iptables rules in force:

iptables -A INPUT -p tcp -m state --state NEW --dport 22 \
 -m recent --update --seconds 15 -j DROP 

iptables -A INPUT -p tcp -m state --state NEW --dport 22 \
 -m recent --set -j ACCEPT

I got this idea from a post to alt.os.linux.slackware. These rules use the recent extension to iptables to track attempted SSH connections and drop any that come from the same IP within 15 seconds. If you miss-type your passphrase, you just have to remember to hang back for a few seconds before retrying to avoid getting caught out. You could jump to a custom chain that logged such connections before dropping them if you felt the need to monitor the effectiveness of the rule – although the scripts usually just stop trying after a few connection attempts are dropped.

Worm related spamming

Posted on by

I got an email this morning from “Daphne Jacobsen”, a marketroid at a CD/DVD company that shall not be getting any plugs here. She claimed that someone from my company had mailed them requesting prices last week but that their servers had become infected with one of the many worms on the lose recently and that the message had been lost (but obviously not completely lost, otherwise where did she get the email address?) Her message ended:

In case you need more information, our company web site is [DELETED] where you can see we are a complete “one stop shop” for DVD, CDROM, printing, packaging, and fulfillment services.

If you need, please call me TOLL FREE at [DELETED].

Obviously spam. The mail was sent to an email address that I’ve never used at a domain I’ve only ever used for personal purposes. Interesting, though. The mail was obviously carefully written to sound genuine and unique. Hand-wringing over the problems caused by the “worm” ties it in nicely with current events on the internet and might make a receipient feel sympathetic to the sender. At first glance, not your usual spam – possibly different enough to not only escape spamtraps (it slipped past two to get to me) but to snare a few more unwary punters than usual. I’ve never received anything quite so carefully crafted before (if you exclude some of the better phishing emails).