ControlMaster Considered Useful

Saturday, January 7, 2012

I use a lot of ssh. In fact, I’d consider myself an sshista with how much time I spend ssh’ed to different computers- and I’m by no means special in this regards. In this, the ControlMaster option enables piggybacking multiple shells on top of a single connection. That’s incredibly useful. When you make your first connection, that sets up a control file and any future connections to that remote host simply make use of the original connection for SUPER AWESOME MEGA FAST connections. Sweet!

The Problem

ControlMaster has a severe drawback however- once the master connection is closed, all the other shells piggy-backing off of it close with it. This is what we in the industry call a “bummer”.

The Solution

There’s pages and pages and pages describing ControlMaster, but scant few describing how to correct for the big nasty drawback; and the only one that does seems like a bit of a hack. After a bit of reading the ssh_config man page, I stumbled across ControlPersist. I set that to 120 seconds, and now my ssh connection wil stay alive for two minutes after I close the last connection using it. Huzzah!

Filed in Geeky Peawee | Tagged connections, ControlMaster, ssh | Comments (1)

CIQ: Not just a design mistake.

Sunday, December 4, 2011

Recently I’ve gotten into a little row on Twitter regarding CIQ, openness, and security.

On the top level, I’m going to hand it to @sysrich, and agree. This is a bad design and practice decision from the carriers and the handset makers which went along with it.

Security Matters and CarrierIQ

Digging a little deeper, however, and there’s some additional worry to be had about it. First off, any sensitive system with a backdoor will be exploited by the Bad Guys. I would include the level of surveilence that CarrierIQ conducts, even if invited and warranted, as part of that. To start with, who’s to say someone won’t perfect a man-in-the-middle attack for CIQ? That’s a LOT of data that they can scarf down on everyone with a (im)properly equipped Android, BlackBerry, or iOS device. It’s a tremendous goldmine that I’m positive someone’s been working on cracking. I’m completely sure there’s a cracker somewhere working on getting in through this rootkit.

A Failure to Design Security

There’s only two prongs for effective computer security: architecture and education. Any modern system really needs to be designed with the understanding that it will be under constant attack from the outside world. To do otherwise is folly. On the other side, users have to understand some basics of computer security: you wouldn’t let any random person in your home and your filing cabinet with all your tax information, so why would you let any random application onto a computing device? You also very likely do not have a long-lost cousin stuck in Nigeria, nor should you ever ever ever give out your password. Without one, the other is failed.

This is where my argument with Mr. Brown’s stance begins. I view this as a fundamental security flaw, and if they were actually putting security first, the carriers and handset makers’ security experts (if any) would have pitched a fit. Hell, they probably did pitch a fit, but were ignored. Security comes down to architecture and education, and carriers and handset makers purposefully broke down security design to gather information. This is bad security design. We’ve known about this big purposeful foul-up. What’s still there that hasn’t been found yet?

A Failure to Educate Security

Users have also been trained that their phones are there to shield them from Big Bad Computerness. You know what? They are. At some point, I’ll write why I actually love that. In this case, however, it’s a problem. Even if people’s phones were shipped completely open to them, I’m sure CIQ could be shipped to about 138 of the 140 million infected phones and survive. Don’t imagine for one second that the number of active and infected CIQ phones is going to go down anytime soon- even if CIQ gets nailed by Sen. Al Franken, that software is going to live on until those phones are taken out of service, leaving millions and millions of phones with active, functional backdoors. I doubt most people with CIQ have even heard of it yet; expecting most tech news like this to hit the mainstream is like trickle-down economics and the expectation that the money at the top will hit the mainstream (#OccupyWired?).

So What?

An open system would indeed allow a user to actually inspect their phone and ensure rootkits like CIQ don’t come from the factory, true, but we (the technocrati) have failed to work out how to educate the masses effectively in computer security, leaving it to folks like Apple to say “Trust us, we’ll take care of you in this Big Bad World.” On top of that, it’s been proven that secure design was not at the top of the list in importance for both the carriers and manufacturers; the fact that we should need to inspect handsets STRAIGHT FROM THE FACTORY for pre-installed security flaws is just as bad.

tl;dr

Security isn’t that hard, unless you’re not giving a shit from the start.

Filed in Geeky Peawee | Tagged cell phones, CIQ, security | Comments (1)

Hamachi Gateways and Linux VirtualBox

Friday, September 9, 2011

I just found this today, and seeing there wasn’t anything else on it, here goes:

I have multiple computers in my apartment, and a few on a Linux machine being virtualized via VirtualBox, with a bridged network configuration.

I have a Hamachi gateway network through the same machine my VMs are being hosted on, and all non-virtualized machines can be seen from my remote machine through the gateway. The VMs cannot be seen through the VPN gateway.

Problem

VirtualBox bridged networking by default bridges to the main network adapter on the box when the machine is created. Typically, this is eth0. The problem is that when Hamachi sets up a gateway, it creates a shiny new bridged adapter on top of that- ham-br0 by default. VirtualBox is still talking only to physical eth0 adapter, so it can talk to everything except Hamachi.

Solution

To fix it, you need to make VirtualBox talk to Hamachi’s interface. This will not interfere with internal communications, either. Run the following command on the VM host while the VM in question is powered down:
VBoxManage modifyvm your_vm_name_here --bridgeadapter1 ham-br0

Filed in Geeky Peawee | Tagged hamachi, linux, virtualbox, vpn | Comments (0)

Airport Cafes and Security

Monday, August 22, 2011

The “sanitized” part of the airport is between the security checkpoint and the gate. It’s where everyone there not working for the airport or security is assumed to have a boarding pass and has been cleared to be getting on a plane.

Some airports, such as Chicago-O’Hare, have the grand majority of their cafés, shops, and restaurants inside the sanitized area, as does Berlin-Tegel, SeaTac, and others.

Other airports, such as O’Hare’s Terminal 5 and Vienna’s airport, do not.

When transferring between flights, it is helpful to take a look at what’s going on before going through security into the sanitized area. For example, I’m in hour 2 of a 3 and a half hour long layover in Vienna. To make sure we didn’t miss our connecting flight, we went directly to the gate. Doing so meant we went through passport control and security into the sanitized area. Behind two layers of bullet-proof glass lie several interesting cafés, bars, and bistros, with plenty of fun-looking window shopping. In here, my food choices are currently extremely overpriced (€2) small bottles of water, or duty-free sized bottles of whiskey.

I think I can finish a bottle or two of the vodka before boarding, what does anyone else think?

Filed in Life of Peawee | Tagged airports, firstworldproblems, hungry, security | Comments (0)

Toytown

Friday, August 19, 2011

I’ve been spending a lot of time recently in Germany. I started with several days in Munich, and then a week in Germany, which is starting to draw to a close. This isn’t my first time overseas before, nor my second, and the mere fact of being out of the US no longer holds luster in and of itself. Germany, however, has been a wonderful country to visit, and has very rapidly gotten a city up on my short list of places I’d love to live in.

Munich has really earned it’s English-speaking expat name of “Toytown”. It’s clean, peaceful, and everyone just seems happy being there. Not doped-up, either, but just it’s a genuinely nice place to live and it’s reflected in the apparent mood of those living there. The city doesn’t feel like a big city, it feels like a larger version of most of the medium-sized cities you’ll find all over the United States, but with less suck. The middle of the city is a large market in the city square, where one can get fresh Weißwurst and Weißbier together for roughly €4, and then pick up fresh organic produce and meat for that evening’s supper on the way home. The science museum there is amazing, very much as good or better than the Museum of Science and Industry in Chicago, and the whole city is very walkable. The city just doesn’t feel its size, and I like that. I’ve found I’ve been gravitating more towards more medium-sized cities, such as Seattle and Kansas City, but Munich is definitely a big city that just manages to keep the same feel that Seattle and KC do. I like that.

Berlin, however, definitely has the character of a big city. If you love New York City, London, or Paris, you’ll love Berlin. Tall buildings, busy people everywhere, and a dirty, rough character around the edges with a shining jewel core pretty much defines this place. It has a nice, “get shit done” character I like- like Chicago, the city is known for its working-class cuisine (specifically, currywurst), and an (in)famous compass-direction split of the inhabitance’s fortunes; Chicago has north/south, Berlin has east/west. It’s hard to tell where the Wall stood, but in many places in the city there’s a double-row of bricks where the line between cities stood.

The Berliners have done a mostly wonderful job of respecting the overwhelming amount of living history their city is made of; everything is tasteful, and things that need to be solemn are solemn, and things that can be taken with some levity are. However, Checkpoint Charlie has been essentially turned into a Disney attraction. Uncomfortable Eastern European actors in badly-fitted, badly-designed mock American uniforms stand in front of a recreation of one of the older sheds used there, with people selling cheap rubbish line the streets, with everything for blocks around identifying itself as the “Checkpoint Charlie Hotel” or the “Checkpoint Charlie McDonald’s” or the “Checkpoint Mini Showroom” (Ok, so Mini might have been a little clever with that…) It’s just cheap and tacky, and making unnecessary light of the tragedy for a quick euro.

That’s enough for now, and now I must sleep. G’night, internets!

Filed in Life of Peawee | Tagged berlin, cities, germany, munich, tourism | Comments (0)

Emacs: getting closer

Monday, August 8, 2011

In a previous post, I was complaining about not getting Emacs to work quite right for email. Well, I bit the bullet and installed a Mac package manager, and unlike the last time I tried, it doesn’t suck. This is a good sign.

Using homebrew, I was able to actually get everything notmuch wanted installed properly. After a few hours of bashing things around, realizing homebrew had an older version of notmuch, getting that fixed, and getting everything retagged properly, now notmuch is sitting in emacs, happily grinding away on email (45,000 emails thereabouts, to be precise). It’s fun to use, as well. All in all a good thing.

One of the ways I’ve noticed that most of the unix-y email solutions tend to fall down is the assumption that one may be worrying about different email accounts, especially on send. I have msmtp setup on my Mac handling that, and a some custom elisp handling telling msmtp which account to send things from. I use this snippet from Emacswiki to manage that part.

OH… and another thing. Message-mode, by default, will litter you with sent email buffers. Make sure the following is in your init scripts:
(setq message-kill-buffer-on-exit t)
The above will make sure that hitting C-x b TAB won’t result in screenfuls of sent mail buffers.

Filed in Geeky Peawee | Tagged emacs, email | Comments (0)

Tongue held… check.

Tuesday, July 5, 2011

(On the topic of new software versions in MacOSX Lion…)

MattE: On the downside, the system Emacs is still Emacs 22.

dzuwenden: i guess second-class editors get second-class treatment

MattE: Hold your tongue, young man!

dzuwenden: i guethh thecon clath editorth get thecon clath tweatment

Well played, David, well played…

Filed in Geeky Peawee, Life of Peawee, Quotables | Tagged david formerly known as dhain, emacs, mac, quotes | Comments (0)

Emacs disorganization

Monday, July 4, 2011

I spent most of my waking hours this weekend trying to convince Emacs that it really can be the center of my networked life. This is my story.

I first setup org-mode. It’s a great combination of both Evernote and Omnifocus, with note-taking built right in with task management. This is is pure elisp and is a great example of how an amazing program rises to the top of the heap; the other modes in the same space have just kind of fallen by the wayside. There’s even support for iOS and Android mobile sync- from Emacs! Sweet! One can configure global hotkeys within Emacs to quickly capture ideas as they come up, and easy Applescripting to randomly add things outside of Emacs into org-mode. In addition, it’s relatively easy to teach org-mode about new types of links, so it can Just Do The Right Thing when you add a link to source code, or a bugtracker ticket, or a dozen other things. Org-mode is one of the most winningest software packages I’ve come across in a long time. OmniFocus may have met its match.

Moving to email, I first tried Gnus and VM for Emacs, and they were alright, but lacked utilities to handily search all my email from all IMAP folders, which is important to me. I then discovered OfflineIMAP to manage a Unix maildir with IMAP, making it theoretically more easy to let Emacs loose on it. Ohboy. I have gotten very used to using search in my every day life, thanks to Spotlight, and I really wanted to try Notmuch, a tag-and-search-centric mail tool. However, it has dependencies on dependencies that doesn’t exist on MacOSX and don’t seem to want to compile cleanly on Darwin. I’m going to set that one aside and give WanderLust a try with my mailboxes, but it seems like Emacs mail is a bit of a disorganized mess if you want to interact with your mail outside of emacs. This is going to require revisiting in the future.

All in all, I’ve spent way too much of my weekend on this. Emacs users, what do you do and how do you do it? Email is important, and before anyone says it, if I’m going to go with mutt I might as well stick with Apple Mail and avoid the whole mess.

Filed in Geeky Peawee, Life of Peawee, Uncategorized | Tagged emacs, email, gtd, lisp | Comments (2)

Office Organization

Tuesday, June 14, 2011

While working, I’m involved in a lot of lone-wolf projects with multiple moving parts and different people coming into the orbit of my projects at different times. It’s rough keeping things organized, and for those of you who know me personally, organization is not one of my strong suits.

For the benefit of others like me who may be lost in this, this is the system I’ve worked out, and am still polishing. I doubt there will ever be a perfect system, but I’m starting to get close. I’ve been slowly getting through the book Getting Things Done, and while it’s gotten to be rough reading- I’m already sold on attempting a proper methodology to help manage my life, no need to keep preaching- I’ve been incorporating bits and pieces of the methodology in my workflow and it has really helped.

The key component is to get things out of your own head! This is the core part for GTD, and is an interesting academic topic called the Extended Mind. I’ll forget my own name if you let me, so even falling back to the millennia-old technology of ink-on-paper is wonderful. Where the digital age has really helped me out is search. Full-text-search, tagged indexes, the works. I can call up all manner of information for myself at any hour anywhere, reference it at need, and have it beep at me when my attention is necessary. It’s not going to ever put any proper personal assistants out of work, but it’s a level of convenience and worldview self-understanding that hasn’t been available to “common people” for… ever?

I have two categories of where information “lives”. The first, we’ll call the “warehouses” is the canonical, final resting place for personal information. I have several, but each fills its own niche in my life. In no particular order:

Apple Mail. It’s still the champ, and as most to all really important work-related communication comes through email, it’s a near-complete historical record of all communication I’ve had with my colleagues. Things not to miss: Smart Mailboxes providing a view into your email based on reasonably arbitrary search criteria, and threaded email conversations making it easier to pick out replies in ongoing email conversations.
Apple iCal. This tells me things that demand my attention at fixed points in time- a calendar, if you will The tasks management in it is both horrible and doesn’t really sync well to anything, so I’ve completely ignored it for something else. This may be fixed in the update to OS X Lion, but I don’t hold my breath for non-shipping products.
OmniFocus. Task management of the gods. They’ve tried very hard to make it easy to follow a GTD or GTD-esque system with it, and it syncs to both my iOS widgets. Also, the iPad version of it is both fully-featured and hands-down the best GUI I’ve ever had the pleasure to work with. It integrates reasonably well with Apple Mail as well, providing a system service to magically create a new inbox item from a selected email.
Evernote. This is where all my random text lands. I used to keep a series of notebooks at work (Roaring Spring’s 80-sheet 5×5 quad-ruled composition books, in case anyone’s asking). The problem with notebooks is they’re not searchable, and then I also need to bring the notebook EVERYWHERE. Evernote fixes all of that.

That’s where I keep everything. Everything is also reasonably hotkey’ed, so some short keystrokes bring me to where I need to be to start typing things out immediately, so most things land where they need to be.

There’s a few other things that basically fall under “input/output” to my system. These are basically write-many read-once sources that information that scrolls too far back gets lost forever, or just things I source for communication.

Trac. It’s a web-based project management and issue tracking system. There’s a wiki for company documentation, and a task tracker/manager thing. My tickets on there generally become projects in OmniFocus, and then I work with them through there, save for ticket-related communication. That does tend to stay as notes on the ticket, and I do reference that from time to time; that makes Trac a little awkward in this discussion.
IRC. It’s our office conference room, break room, and party rooftop. Real-time chat is wonderful and useful beyond belief, but I need to make sure that when people ask me for something, I make a note of it. OmniFocus hotkeys are golden.
A paper notebook and pen. The old standby. I’ve given up on using this as the core method for keeping my head together (see above), but nothing beats the ease of just opening it up and writing into it. These days I typically will scribble a few things down, and then copy it in later to The System. FUN FACT: Evernote does great OCR off of written pages, and I can just scan in my day’s scribblings into Evernote and have it fully searchable and selectable. In case anyone’s wondering, I use a pocket-sized Moleskine, and a Pilot Varsity disposable fountain pen.

It’s not the simplest of systems; it’s certainly not the most minimal setup one can find out there, but it’s been refined and generally does work. Nearly all of my failures to follow through on something these days have been failures to follow my system, not of the system, and that’s a good sign for it’s “workingness”. The key point is that my core apps sync beautifully between my Mac, iPad, and iPhone. I’m rarely feeling lost or adrift in what I’m supposed to be doing at work or what I know I was just thinking about anymore, while steadily increasing the amount of information I have to process on a daily basis. In otherwords, it works, and because of that, I work. That’s a good enough endorsement for anyone, isn’t it?

Filed in Geeky Peawee, Life of Peawee | Tagged gtd, work, workflow | Comments (0)

Office Space

Wednesday, May 4, 2011

There has got to be a way to run the cables under my desk in a manner that doesn’t look like ass. I just haven’t found it yet, apparently.

Filed in Geeky Peawee, Life of Peawee | Tagged aarruugghh, cables, desk | Comments (0)

peawee dot net