betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

Entries : Category [ digital ]
Things having to do with digital world items go in here.
[digital]  [language]  [life]  [security]  [media]  [zope]  [tourism]  [limnos]  [mac]  [athens]  [travel]  [montage]  [food]  [fire]  [zwiki]  [schnipsel]  [music]  [culture]  [shellfun]  [photography]  [hiking]  [pyramid]  [politics]  [bicycle]  [naxos]  [swim] 

22 March 2005

Some Hints On Using a Bug Tracker / Issue Tracker:

And I'm using Roundup by the way

Working on a project for HelMUG (actually just helping a bit out, way too little time left for this), I came to the conclusion that some good tipps on using an Issue Tracker could be usefull for a lot of people, and not just those of HelMUG - the greek Mac User Group. Read on...


FAQ:

Q Why should I enter stuff into the Issue Tracker, anyone looking at the project will just see what has to be done.

A Not really. Not all your developers / helpers / friends may have time to go through your project and see what has to be done. Also if they did, they might end up fixing the easy todos over and over, leaving the hard issues forever unsolved.

Q I would put more stuff into the Issue Tracker / update my stuff in the Issue Tracker more often, but nobody else does that and it looks like I'm the only one, so what sense does it make?

A Obviously someone has to start. The more up to date an Issue Tracker gets, the higher is the peer pressure on others to update and the more usefull is the Tracker.

Q What issue tracker are you using?

A I'm using roundup, the best there is, simple, easy, just the right stuff, python.

Note: Due to spambots hitting like crazy on this blog entry, I had to move it to another location. This might confuse some RSS readers and some of the site structure. Sorry for the mess!

Posted by betabug at 09:24 | Comments (0) | Trackbacks (0)
19 April 2007

Mail out from GPRS or from... anywhere

Complicated but recommended mails setup

Since I still haven't got ADSL at the new appartment [1], I rely again (as in old times on Limnos) on a GPRS connection through my mobile phone to receive and send mail. Hmm, that "send mail" part is actually the interesting bit. Nowadays it can be hard to actually send mail when you're not in any "normal" Internet situation. For example: spam blocks on dynamic ranges of IPs let many mail servers not accept mail from my GPRS connection, while other mailservers do greylisting and that is inconvenient when you're relying on short timed and expensive connections [2]. But there is one setup that is almost guaranteeing that you get your mail out...


It's complicated and voluminous though: I went and set up STARTTLS and SMTP AUTH on my server (running sendmail), then went and set up the same on my MacBook (with postfix). That way I'm sending out mail exclusively through my own mail server, so I can control access and let the betabug.ch server handle the heavy lifting to talk to other servers. Here are a few notes.

For sendmail on openbsd: To set up STARTTLS, the starttls(8) manpage will take you by the hand and walk you through the necessary steps. It's easy enough. Setting up SMTP AUTH involves two steps, first installing and configuring the cyrus-sasl port, then recompiling sendmail given the WANT_SMTPAUTH=Yes environment variable and reconfiguring that. I'm not going to write another howto on this. I'd like to mention though that I enjoyed the option to have SASL authenticate against my IMAP server -- like that I don't have to set up yet another set of logins, or use system passwords (I don't like to mix ssh logins with mail logins).

Postfix on Mac OS X wasn't too hard either. Again howto's abound on the web. Whenever I have to configure postfix I think how funny it is that postfix users claim the configuration is easier than sendmail's, when in the end you have config files with tons and tons of almost similar options -- so you have to look everything up anyway. Never mind, it worked with minimal fuss.

Last step was -- of course -- to check that my server config is still locked tight and no relay was opened by mistake.

So in the end postfix and sendmail encrypt their SMTP connection, postfix authenticates at sendmails end, where SASL hands over the password to uw-imap for authentication. All that in order to simply send a couple of mails now and then.

1: Hey Vivodi, don't you think it's about time to get your act together? This game starts to get boring.
2: Yahoo... I had tried for almost an hour to send a mail to a yahoo customer. They do greylisting nowadays. But they have a ton of MX servers, so my laptop's mail server tried to contact another one for each retry and never got around the greylisting.

Posted by betabug at 16:13 | Comments (1) | Trackbacks (0)
09 May 2007

Emusic.com Subscriber email Addresses and Spam

Nobody knows my address, so...

Looking through my mail server logs, more and more frequently I spot one of those:
May 9 09:52:01 kronos sm-mta[27811]: l497pxf7027811: ruleset=check_rcpt, arg1=<eXXXXXXXXXXXX@example.org>, relay=brasilis-200-170-174-135.static.ctbctelecom.com.br [200.170.174.135], reject=550 5.7.1 <eXXXXXXXXXXXX@example.org>... Rejected: 200.170.174.135 listed at zen.spamhaus.org
...where "eXXXXXXXXXXXX@example.org" would be the email address I had given to emusic.com back when I signed up there. Oh, of course I gave this special address *only* to emusic. I've searched around and noted others (here and here) who noticed the same thing. So, emusic is giving out subscriber email addresses to spammers? Let's look at it a bit closer...


Chris Gagne, who has contacted emusic, got a reply that there was no security breach. As he says, we didn't expect any other reply, because what company would admit to having their servers pwned?

The truth is, that this is neither a security incident, nor a privacy incident. Got it? No privacy incident. It's much more simple. Let's have a look at the emusic.com privacy policy. Paraphrasing the mumble-jumble they promise they may give your personal information to:

  1. All the record (or other) companies they sell stuff from
  2. Credit card companies, anyone working with credit card processing with them
  3. Technical partners of them
  4. "Co-branding" partners
  5. law enforcement agencies etc. who ask for this stuff officially
  6. any law or contract related stuff they see fit
  7. quoting: ``affiliates, subsidiaries or joint ventures ("Affiliates") so that they can promote their products'' -- you should be able to opt-out of that, but (again quoting): ``their use of such information is subject to their own privacy policies''
  8. quoting "trusted third parties" and again quoting "their affiliates and partners" -- there seems to be some talk about "opt-in" with that
  9. Anyone who links to emusic.com
  10. Other users of emusic.com if you open your profile to them
  11. if emusic.com goes belly-up or sells out, they are happy to make some last cash on their address list (very mean paraphrasing here, but read for yourself)

Is there any person or company on this world who they wouldn't give your personal information to, based on this list? Hey emusic, I linked to you, can I have Chris' email addy now? Especially interesting is the point about "trusted third parties" and "their affiliates" . Assuming they really could "trust" any of their chosen third parties, but they also have no problem with your information ending up at the affiliates of those third parties, whoever they are. Might be that they trusted someone who didn't have much problems affiliating with whoever is abusing pwned brasilian servers to send out junk mail.

The choice of server shows IMHO that this is no legitimate business operating on a strict opt-in list. It's some backyard operation trying to hide their traces. Good company you got there, emusic with your "affiliates". Speaking of "opt-in" and "opt-out": I'm pretty sure I didn't opt-in to receive any sales information and that I "opted out" of receiving anything whereever I could.

Just to make things clear: I really had liked emusic (and the music they sell), I only stopped using them because the subscription scheme didn't work out for me. I don't like getting more spam though and I don't like companies who treat my personal information like this.

Posted by betabug at 10:44 | Comments (22) | Trackbacks (0)
16 May 2007

Is there a Voodoo Priest in the Audience?

Server downtime

Monday afternoon all contact to my server broke. Both betabug.ch and papakiteliatziar.gr were unreachable, didn't reply, played dead. I currently have no clue as to the source of the intermittent (very intermittent, last time this happened was two months ago) problems. Maybe there is a Voodoo priest in the audience who can help usher out the daemons from the machine (not the http, mail, zope daemons, we want those). Meanwhile I'm re-reading "Count Zero" from William Gibson... plenty of Voodoo in there.


Posted by betabug at 08:54 | Comments (1) | Trackbacks (0)
13 June 2007

Bunker Wanted

Hacking for fun and fulfillment

A few weeks ago, r0sk (of #bsdcow, his blog is in the list) wrote about something they call "bunker" over there in .es: A few people coming together for an evening to hack on something, be it something useful (someone's pet project) or just taking something apart, seeing how it works (and maybe getting it back together). As I came home from work yesterday evening it occured to me that this is *just* what I would need here.


I *am* hacking all day long at work, but it's the same stuff always and I should get things done and working eventually. What I would need is the toying, tinkering part, the social stuff too, and the exploring. Never mind if nothing ever comes off it. Actually having Internet access at home finally (dear Vivodi, I'm waiting 3 months now...) would be a nice change too, so I could at least hack on some of my own pet projects (Zwiki and my "Mini Planet" come to mind). Hacking on my own stuff at night gets me going faster at work too. I guess it's inspiring me :-)

So, anybody in for some hacking nights, or know where others are hacking along on cool projects in Athens, Greece? (Everybody who mistakenly associates "hacking" with "breaking the law" need obviously not apply...)

Posted by betabug at 10:19 | Comments (3) | Trackbacks (0)
17 June 2007

Code on the Go

Because spaghetti are nourishing too!

Is it just me? I like to write code while I am in public transport. Back in Switzerland, I used to commute by train, 1.5 hours each trip. A large part of that was in a clean, comfortable, and stuffed to the last place intercity train. I was often sitting there with barely enough place to move my elbows, but hacking away on my laptop (first a PowerBook 1400, a little later a Titanium PowerBook G4). I wrote most of the code for the SMS chat at STAR TV Switzerland like that.

On Saturday I flew back from Munich to Athens. I was a bit tired, not all too happy (not because of coming home, but because of that other story, personal, therefore not on the blog in public) but there I was, happily hacking away on a little Zope product (the one that lists the "other weblogs" on my blog's main page), extending little bits and ends on it.

I've noticed that I'm not doing equally well on whatever kind of hacking task I attempt while coding on the go. Debugging or writing tests doesn't work so well, and I probably wouldn't attempt to design some boring and solid system. But fleshing out some new feature, or driving through some new functionality by clicking in lines of new code, that works just fine (even if it sometimes results in a bit of spaghetti code). It's the kind of job where I am happy to leave in a comment "# TODO: add code to check these input values here". I'll come back to clean up these things later, the drive on the drive is getting the first line down on digital canvas.

Update: some of the post was missing, added all the text after "even if it sometimes results..." just now.


Posted by betabug at 01:12 | Comments (1) | Trackbacks (0)
12 July 2007

Finally... net access at home!

It's been a while

Incredible, but true: We finally have access to the Internet at home again. Incredible 4 months of waiting time. Why did we wait so long, you might ask? Why didn't we give up, go to a different provider, etc.? Mostly because 1. we had good experience with this company in the previous place 2. the alternatives weren't too appealing either and most of all 3. we didn't know it would take that long from the start, it was always "wait just a little bit longer", then "wait just another little bit longer".

What sucks even more than the wait? Vivodi, the ISP who is behind this desaster has employees who did not even once say "we are sorry". It might not be company policy to say "sorry", but they should at some point understand that customers are human beings too, and they could have spared a little "sorry" from one human being to another. I will see what I will do about this, got some ideas cooking.

For now, I'm checking out the new "line". It's 2056/256, and it seems that at least for now it's performing to specs. That's nice.


Posted by betabug at 18:43 | Comments (4) | Trackbacks (0)
28 July 2007

Reducing wifi-power

Less *is* more

Small idea for those who have their own wifi access point (and who hasn't nowadays, my laptop currently "sees" 4 beside our own): Some access points allow you to reduce the power level with which the antenna sends. In our 4-room apartment I've set the power to 12% and it still gives me 100% reception in the room furthest away from the station. Finding the lowest level that still works fine took some tries (and station restarts for each try), but I only had to do that once.

What did we gain? We save energy, maybe allow the access point to run a little bit cooler, reduce electrosmog, and reduce interference for other wifi owners in the neighborhood. There is just no reason why I should emit radio rays as far as neighboring buildings any more than necessary, since nobody there has any business in my network anyway, and if channels overlap only bad things will happen.


Posted by betabug at 23:10 | Comments (0) | Trackbacks (0)
26 August 2007

Burned Internet Connection?

While the country is on fire

While Greece was burning yesterday, at around 14:30 - 15:00 local time the Greek Internet provider OTEnet and likely the parent company OTE (who is also the "old" telecoms monopoly here) had major problems...

I noticed it first because the HelMUG server was offline. HelMUG's server is housed by sponsorship in the OTEnet facilities in Thessaloniki.

Some searching around revealed that it wasn't just our machine, instead all of OTEnet Thessaloniki was unreachable. Even http://www.otenet.gr was unreachable, later on dropping from DNS too [1]. Due to the exceptional situation in Greece at the moment I hesitated to call the support hotline (this is after all just a very minor problem compared to the fires that burn forests and houses, and kill people). Later I did, and heard a prerecorded message that there are problems with Internet access in all of Greece. I hung up.

At that point the OTEnet network wasn't reachable from Greece through the network of Vivodi (all traceroutes ending at the AIX, the Athens Internet Exchange), nor from outside the country (traceroutes ending in OTEnet's peering points in London or Frankfurt [2]).

For the HelMUG server we started setting up a small site on my server to inform visitors about the problem. At the moment when it was ready two things happened, almost at once:

  1. My server dropped off the net, due to the nonprofit provider where it's housed having routing problems. It only came back this morning at 9:30 Greek time.
  2. OTEnet came back, at about 21:30 to 22:00 Greek time. HelMUG was back online, but the outage info redirect still pointed to my unreachable server till I changed it back and the change made it through the DNS caches.

1: The situation inspired aanriot to coin the term OUZOnet.
2: While on Alonissos this summer, we enjoyed some of the misspellings in translated restaurant menus. Now while tracerouting around, I came across this little gem: deustche-telekom-4-de-mil14.mil.seabone.net (195.22.205.118).

Posted by betabug at 10:11 | Comments (1) | Trackbacks (0)
10 September 2007

veni, vi, map!

Fun editing

Yesterday's pet riddle: Editing a large file, where quotation marks should become "smart" (or typographical) quotation marks. The file being LaTeX, it also contained a big heap of quote marks in code, mainly used for German umlauts (which to LaTeX are written as {\"a}). So I opened the file in vi for some playing...


Step one was to search for the quotation marks, but not giving me all the German umlauts: /[^\\]" would do that trick.

I could then go and change "text in quotes" to "`text in quotes"', by moving the cursor a bit over (the regex stops at one character before the ") and inserting ` for the opening quote char or ' for the closing one. That gets boring pretty fast in a large file.

Next thing was then to define two shortcuts, or "maps" as they are called in vi land:

:map v la`ESC
:map f la'ESC
where the ESC is produced by hitting control-v and then Esc on the keyboard. Note that I'm redefining existing command keys, which usually is a bad idea. But this is a temporary solution, I'm not putting this in any settings file. Next time I'll start up vi, these shortcuts are gone again.

Now I went through the file simply by hitting "n" (for "search next") and then typing "f" or "v" for closing or opening quote marks. It becomes a game.

Posted by betabug at 13:02 | Comments (0) | Trackbacks (0)
04 October 2007

16 Bullets of Stupidity to Windows

How stupid is that?

Yesterday I set up a laptop with Windows XP to use our wifi network at home. Which is "secured" by WPA. With a password of about 16 random alphanumeric and non-ascii characters. For one thing, this laptop has a French keyboard ("AZERTY")... what a crazy thing! Imagine a little kid taking apart a keyboard and then putting the keys back together any random way they liked it, that's how I felt hunting for the keys. So far so good.

But the next thing is that Windows XP wants me to enter the password to the wireless network (WPA password), without an option to see what I type... just the bullets, young man! It's like the kid from our previous image blindfolded you. Now that would be one stupidity which could pretty much be pushed on the "security" excuse, "look, nobody can shoulder surf while you enter that password" - a password which I have written on a piece of paper on our apartment bulletin board [1]. Idiots.

There's more: It wants the password to be entered twice to match them. What's the use for that? This procedure is meant for creating passwords, you morons! The wireless access point will check the entered password good enough.

What does this say about the people working at Microsoft? I can't believe anybody thinking up, coding up, or letting pass tests such a sorry excuse for a "user interface".

[1]The point is to keep people who are outside our apartment out. When you're in my home you're free to wifi of course. So no use in making the password such a secret.

Posted by betabug at 14:44 | Comments (3) | Trackbacks (0)
05 October 2007

October Coding Haiku

Some things just come up

Not sure which category to put this in, it goes somewhere between "life" and "digital"... here is something that just came up:

writing fresh new code
not seen rain for three long months
all tests will fail now

If I had put it into the "life" category I would have had to explain now that the code I program has tests "built in", and those tests "complain" if new code hits on presumptions older code is building upon. Bah, explaining doesn't help.


Posted by betabug at 12:08 | Comments (0) | Trackbacks (0)
14 October 2007

HelMUG, Wetter, programmieren und Die Katze auf dem heissen Stoffdach!

Vom einem zum andern

Das HelMUG-Treffen heute war ganz nett. Zwar sind wiedermal nicht allzu viele Leute dagewesen, aber wir konnten nett über die Befindlichkeit des Vereins reden. Im Grunde läuft alles ganz gut, kein Krach, kein Streit, keine Katastrophen. Aber eigentlich könnte etwas mehr laufen (nein nein, nicht von Krach & Katastrophen). Nur, wenn die Leute nicht wollen, dann wollen sie nicht. (Weiter geht's übers Wetter, Programmieren... und die Katze...)


Katze auf 2CV

Seit dem (zumindest von mir) lang erwartetem Regen ist es einiges kühler geworden, 17° ist ganz schön kalt. Bins halt nicht mehr gewohnt. Obwohl gestern war's noch wärmer, fand auch diese Katze hier. In unserer Strasse war ein fetter, roter 2CV [1] geparkt. Katzen lieben 2CV-Dächer, da ists schön weich zu liegen:

Nach dem HelMUG-Treffen [2] gings dafür zum Barba Yannis nach Exarcheia, was feines essen. Von da nach Hause, wo ich an Zwiki weitergewerkelt habe.

Dabei ist mir wiedermal aufgefallen, dass die bekannte 80-20 Regel auch bei Open Source Software gilt - und sie dort auch eine ganz banale Grundlage hat: Die Leute (laut Faustregel 20%) die den grössten Teil der Arbeit (laut Faustregel 80%) machen [3], bringen das ganz einfach deswegen zu Stande, weil man im programmieren "drin sein" muss. Wer viel Programmcode schreibt, dem fällt es leicht viel Programmcode zu schreiben, er/sie muss nicht jedes irgendwas nachschauen, jede Verzweigung nachvollziehen, weil alles "erst grad schon gesehen" noch frisch im Gedächtnis ist.

Mich selbst seh ich an der Grenze von der grossen Gruppe die wenig macht, aber nach oben strebend. Um da hin zu kommen nehme ich mir vor immer etwas mehr zu machen, irgendwann werd ich die kritische Masse schon erreichen :-)

[1]der 2CV wohnt hier in der Nähe und aufgrund der Parkplatz-Situation steht er mal hier mal da im Quartier.
[2]HelMUG ist die Griechische Mac User Group.
[3]Code schreiben, Bugs fixen, Dokumentation schreiben... also "Arbeit machen" nicht im Sinn von "Arbeit verursachen".

Posted by betabug at 20:39 | Comments (0) | Trackbacks (0)
19 October 2007

I Want my Darcs on $EXOTIC_PLATFORM!

snif!

When I started dabbling with Zwiki I had to install the darcs revision control system on my Mac laptop. Scared me at first, but was easy enough. I got to love darcs, it really is just how software version control / revision control / source code control (choose your own term) is meant to be. Basically it gets out of the way of the programmer. I mean I started to enjoy it. But...

I just have one (in numbers: 1) small problem with darcs: It's written in Haskell, and there is no Haskell compiler that will run on my exotic hardware/OS combination. Yes, I like running OpenBSD on MacPPC hardware. There is a port of Haskell for OpenBSD but it's not on macppc.

I'm about to release some Zope products, currently in my own CVS repository. So I casually looked at other revision management softwares, hoping for one to come along and do what darcs does (and still hoping that I'd get darcs anyway, so I can use the same thing I use for Zwiki). But most of the descriptions seem to point out that darcs is just what I want. Today I found this post called bzr vs darcs which ruled out bzr for me too... gotta contact that OpenBSD porter now, maybe there's a chance to get Haskell on macppc anyway.


Posted by betabug at 11:13 | Comments (0) | Trackbacks (0)
25 October 2007

Slacking, Plans, and Darcs

I'm not justifying... or am I?

Yesterday evening I stayed at home and slacked. Thank $DEITY for having a net connection at home again, so the joy of mindlessly clicking through web page after web page is available to me. Actually I had some plans on my list, like porting GHC and then darcs to OpenBSD/macppc (yeah! more like "attempting to..."), making my miniplanet product (the stuff that powers my "Other Weblogs" links) ready for release... but I slacked. I'm not feeling too bad about it. The last few days whenever I wasn't out I hacked on various things to get HoneyPotBL out of the door, so maybe my mind just wanted a rest...


For HoneyPotBL I had a list of improvements I wanted in the code itself. Stuff I wanted to do before others would see the code. This is the power of open source: If it just has to work for me, I might be fine with something a little bit kludgy, but once I release the code, I feel like someone is looking over my shoulder, pointing, and asking: "Whoah! what's that ugly thing doing there?" So I get rid of that ugly thing before anybody sees it (feel free to point out more ugly things in my code once you see them). Also unit tests, because they raise confidence in my code [1].

Then I needed/wanted repository access for other people. It turns out that's fairly easy with darcs, because I can just rsync the repository directory with all files to a web server, and people can check out there. No plugins, configuration, add-ons, extra-services needed on the web server. Just static files. That's incredible cool and easy! People can then send me patches by mail (automated through darcs on their machines), I can apply them to my local repo, and rsync to the server again. I've set up a subdomain on my webserver for this, just to keep logs separated and make robots.txt exclusion easier.

Also I set up another wiki on my server. This time within the betabug.ch domain. I need something more flexible than static web pages, but not as date-fixated like my weblog. The wiki just has the most basic featureset (and it's not open to edit for others). Still fighting a bit with finding the ideal layout too. But it's now ready to release other tools (like the miniplanet) too. Thus I spent my free time, up until yesterday when I slacked :-)

[1]I think I found a fairly cool solution with the unit tests for HoneyPotBL. Problem is, to actually test the DNS lookups, you need to have an access key from Project Honeypot. But I can't provide one in the code, because you can't have mine. So you can set up your own access key in an environment variable before running the tests and it will use that. If you haven't set that up, the test will inform you what to do.

Posted by betabug at 11:47 | Comments (0) | Trackbacks (0)
25 October 2007

vi temp file + Zope webdav setup

Just a "note to self" post

These settings in ~/.exrc (or ~/.vimrc) will keep a lot of vi (or vim) temp files out of the way when accessing a Zope database over WebDAV:

" zope / webdav stuff, avoids creating new files on writing
set nobackup
set nowritebackup
" keep swapfiles in my home directory
set dir=~/.tmp

(Note to others: Accessing a Zope database over WebDAV works fine with the built in Mac OS X WebDAV client, dunno about others. I use it over https.)


Posted by betabug at 19:21 | Comments (0) | Trackbacks (0)
Prev  1   2   3   4   5   6   [7]   8   9   10   11   12   13   14   15   Next