[Discuss] Fwd: BASH 101 Tuesday 7ish @ MIT (BostonPM meeting)

[Bill Ricker]

Forward from my Boston.PM list ...

Most BLU-folks won't need this, but if you have friends that have just
discovered the TERM app ...
Dec 10, MIT E51-376, 7ish


*Bash 101: the caffeinated shell scripting tutorial*


*Federico Lucifredi*


Legend has it that you can "learn Perl in 2.5 hours
<https://qntm.org/files/perl/perl.html>" — we want to distill the essence
of Bash scripting in a similarly short session. Federico will bring slides
and a “core” overview of this notoriously hard to master language, come
help us figure out what else is missing!

> Details

*Boilerplate details*

>
   - Tech Meetings are held on the 2nd Tuesday of every month at MIT
   building E51, Sloan School Tang Center [not the other Tang building!]
   nearer to Kendall Sq than Mass Ave. (directions
   <https://bpm.qualitybox.us/wiki/MIT_Directions>).
   EASY OFF EASY ON PARKING.
   CONVENIENT TO T.
   - Talk begins at* 7:30.*
   - Refreshments in the hallway prior.
   - RSVP for count encouraged but not required, to bill.n1...@gmail.com or
   Boston-PM list <https://bpm.qualitybox.us/wiki/Mailing_Lists>, by 4pm
   Tuesday.

NOTES:

*Parking Alert is largely cancelled*. E51 parking is available to visitors
after 5 again.
* HOWEVER Constructions Detours* are still in effect. (Check WAZE or
Gmaps-Traffic or below page links for details.)

See *MIT Directions* <https://bpm.qualitybox.us/wiki/MIT_Directions> page
for details.
(All links relative to http://boston.pm.org )





-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] RMS

[Bill Ricker]

> > Are you saying that unless you are constantly on the
> > email list, you have no credibility??
>
> Nope. I'm saying that I give this person no credibility based on their
> actual words in that actual message, and I am not inclined to cut them
> slack based on their long and honorable history of making other worthwhile
> contributions to the list, so I plonked. I'm sorry I was unclear.
>

You were perfectly clear.
You are not responsible for willful misinterpretation or
cognitive-dissonance scrambling of your words to create straw-dogs.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Favorite Editor

[Bill Ricker]

On Fri, Sep 20, 2019 at 10:26 AM Rich Pieri  wrote:

> I guess I'm weird. I don't use an editor. I use a lot of different
> editors depending on the needs at hand.
>

It always feels strange to agree with Rich, but yes, the tool within reach
is better than the perfect tool that isn't installed, and the wrench that
fits is better than the perfect wrench that doesn't fit.
-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Favorite Editor [was..]

[Bill Ricker]

On Fri, Sep 20, 2019 at 10:09 AM Greg Rundlett (freephile) <
g...@freephile.com> wrote:

> I use vim, but have never really become accustomed to advanced usage (even
> multiple buffers is awkward). ...


> On 9/19/19 4:54 PM, John Abreau wrote:
> > > I absolutely*hate*  vim.
> > Hear hear!
> > I'm an old VI fan, like others have mentioned, because of the finger
> > memory.
>

I used to be that rare bird, a dual vi/emacs user -- because new OS
installs one needs to use VI to install Emacs, it's good to know either ED
or EX/VI.
Back in the day, i had an older HP terminal that had a even longer termcap
entry than a VT100.  VI could use that to reverse scroll, or scroll a
sub-range of rows (leaving status rows alone) so despite having a 4800bps
network connect box, i could edit faster with that than with VI or Emacs on
a VT101 with 9600bps network connect card inboard. (Unix PWB, BSD3, BSD 4)

When my wrists got problematic (better now), I dropped Emacs and switched
to VIM and GEDIT because CTRL-META-COKEBOTTLE was too much stretch ouch
ouch.

Mostly still using VI finger memory. I haven't learned all the really
advanced features of VIM, though perhaps I should. (For most purposes,
switching between several VIMs with TERM, SCREEN, or ^Z %2 works well
enough and is same skillz as switching non-VIM things so reusable
knowledge!)

One thing that makes VIM more usable:
I've added an alias to launch a GVIM outside the terminal window.
GVIM works with the Desktop COPY/PASTE buffer like a normal editor,
separately from its own cut/copy/yank buffer.


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Please help with a BASH puzzle

[Bill Ricker]

On Fri, Aug 23, 2019 at 11:05 PM Chris Tyler  wrote:

> This will generate a "complete" file (36^4 = 1.6 million lines, 8.1 MB) in
> bash:
>
>a="{$(echo {0..9} {A..Z}|tr " " ,)}"; eval echo $a$a$a$a | tr " " "\012"
> >/tmp/all
>
> ...Which you can then compare your input file against using the comm
> command. (It runs in <5s on my chromebook here).


... and if you don't want to save it to disk, you can wrap it to stream
both inputs on pipe-like file-descriptors as previously described -

(export LC_ALL=C; comm -23 <( a="{$(echo {0..9} {A..Z}|tr " " ,)}"; eval
echo $a$a$a$a | tr " " "\012")   $inputfile)

(8MB isn't a large file these days ... but if the real data is wider ...
and thus both files exponentially larger ... might want a more streaming
generator )
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Please help with a BASH puzzle

[Bill Ricker]

>
> .
>
> If you know what should be in the file then create a new file with the
> correct data


Or, itemize everything that could be in the file

and use diff to find the differnces.
>

If files are sorted, comm (1) is more efficient and has different output
options than diff (1).

If necessary, lc or uc the files.

The sort and comm must be wrto the same Locale Collation. LC_ALL=C for both
will assure that.

An awk, perl, or python generator command can be piped to one of the two
inputs of comm in modern bash via <() command syntax. I often put
canonicalizing commands in both.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Legacy Drivers

[Bill Ricker]

On Wed, Jul 24, 2019 at 2:34 PM Derek Martin  wrote:

> On Wed, Jul 24, 2019 at 02:26:22PM -0400, MC wrote:
> > Anyone with a source for legacy drivers? very legacy. why? because the
> > equipment is all paid for and it still works really, really well. all
> > kinds of hardware. especially old blackberries and w98. (what? w98 you
> > ask? answere: because all the device drivers were written for old o/s,
> > that's why.) Moving forward: I'll even take a source in france. Cheers.
>
> Linux?  If the device ever worked under Linux, there's a high
> probability it still does.
>

If it requires a binary blob of firmware or binary blob of WinDOS driver
for wifi, it may still be supported but he still needs the blob.


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Related podcasts Re: Moon Race: the US/Soviet Competition to Put Humans on the Moon

[Bill Ricker]

Related Podcasts


"13 Minutes to the Moon", a BBC World Service documentary series for 50th,
currently ongoing series.
Discusses Draper computer and its software and user experience;
the post Apollo-1 fire engineering QA;
the software glitch on Apollo 11 Eagle final approach.


Dan Snow's History Hit, Episode title "The Apollo Program with Kevin Fong"
(recent release)


NASA podcast channels:

- NASACast Audio (multiple sub channels/series, Dec.2017-present);

- NASA Blueshift (ended 2015, still available);

- NASA ScienceCasts (2011-present, irregular as available).







-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] playing "mvimg" .jpg files

[Bill Ricker]

This file format contains both a single image jpg and a movie mp4 in one
file.

A couple articles about how to extract are

https://stackoverflow.com/questions/53104989/how-to-extract-the-photo-video-component-of-a-mvimg
https://github.com/keith-turner/motion-photos



On Sun, Feb 3, 2019, 8:11 PM Nancy Allison  Hi, all.
>
> I have an android phone (Pixel 2). I sometimes inadvertently take a video
> when I mean to take a photo, and so I have various video files. I would at
> least like to view them, but when I load them into my fedora 29 laptop and
> double-click on them, they do not run.
>
> The filename format is MVIMG_alphanumeric.jpg.
>
> How do I get then to run?
>
> Thanks.
>
> --Nancy
> ___
> Discuss mailing list
> Discuss@blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] InstallFest: Repair broken laptop screen

[Bill Ricker]

if that was me, i would have said I'd read the HOW TO for doing that to one
of my own Lenovo's and decided it wasn't worth it.
(so probably not me.)

On Fri, Jan 18, 2019 at 11:22 AM Nancy Allison 
wrote:

> At a previous InstallFest, someone was mentioned to me who knows how to
> repair broken laptop screens. I can't find where I scribbled down his name.
> (Shoulda used Google Docs but used paper; when will I learn.)
>
> Does anyone know who that might be? Thanks.
>
> --Nancy
> ___
> Discuss mailing list
> Discuss@blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Unetbootin didn't

[Bill Ricker]

FWIW, attempting to install Lubuntu 18.04 LTS on an older Samsung netbook
NP-N110 (Win XP 2010 era) ,  using Unetbootin under 16.04 to make a
bootable USB stick did NOT work. Setting USB HDD into boot order (via
tapping F2) got "No Operating System" error.

But Using Ubuntu native Startup Disk Creator made it bootable.
Go figure.

(I did NOT need to switch Large Drive handling from DOS to OTHER.)

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Audacity has gone nuts

[Bill Ricker]

On Mon, Dec 3, 2018 at 7:38 PM Nancy Allison 
wrote:

> Hi, all.
>
> By any chance, does anyone on this list use Audacity? I used it to record
> streaming content with no problem until it suddenly went nuts and provided
> hugely distorted sound files, as if the volume had been turned up to 10. I
> looked through the settings and even removed it and reinstalled it and
> still got the same result.
>

I have used Audacity but only to edit content recorded elsewhere.

My limited understanding is that Audacity record controls, the streaming
app's volume/level controls, and system master volume controls may all
interact so you get to track down all the knobs to see which one is the
problem?


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] How Daylight Saving Time Messes With Hospitals

[Bill Ricker]

Date/time calculations not using a library accessing the historical
TZ/DST data in Olsen TZdata file is erroneous.
Alas for future dates, one can't even assume the TZ spec won't change
between now and then, as it can be undone by politicians, witness
Morocco cancelling DST with two days' notice recently.

On Tue, Nov 6, 2018 at 6:20 PM Mike Small  replied:
> If database programmers would only always use UTC for their storage
> format and translate as necessary for presentation it wouldn't be so
> bad,


Right on.
If a Date-Time isn't marked with explicit TZ indicator (including DST
status indication ) it better be implicitly Zulu or it is buggy data
already.

> but I guess in your example case it's too late now.

yeah, should have fixed that in 1999 ...

> Maybe you'd like this article if you haven't seen it already:
> http://naggum.no/lugm-time.html

Interesting


On Tue, Nov 6, 2018 at 7:08 PM Rich Pieri  re-replied
> If hospitals and doctors from the 2000s and 1990s and 1980s and 1970s
> and 1960s and 1950s and... only always used UTC for their records...
> but they didn't.

If they at least annotate 2018 Nov 4, 1:30 AM EDT vs Nov 4, 1:30 AM
EST, and also 1972 October 29, you're good, you can use TZdata to
validate and convert UTC for storage.

If they failed to note TZ during that hour because the hospital never
moves so they don't need a TZ the rest of the year on paper, well
yeah, it's ambiguous data -- and banning DST in the future won't fix
your ambiguous historical data. And our modern systems can require
recording of the TZ/DST in effect at time of
admission/birth/time-of-other-service at point of data capture going
forward, so you get no value from banning DST.

(Although most people who SAY they want to ban DST, particularly in
N.E.,  actually mean they want to abandon Winter time and move
permanent summer time, UTC-4, which would be DST-less AST.)

> It's not just my example case. An EMR system today has to accomodate
> not only data today but data spanning the entire lifetimes of patients
> with all of the inconsistencies of different paper records and
> procedures and EMRs and timekeeping. And it's impossible to unify
> because the information needed to unify those records does not exist,
> never did.

Yes, you have data ingest problem when pulling in old paper records
and records sent over in incomplete exchange formats from other
systems.
Ambiguous data that wasn't properly cleaned at the time will always be
ambiguous.
Unless you borrow a timemachine and kill Ben Franklin so the idea of
DST never spreads, you can't fix that. (I think he did more good than
harm, so I recommend against it.)

OTOH, TimeZones were created for the convenience of the Railroads and
their passengers, and welcomed by the financial markets, and DST was
promulgated for the convenience of Little League and out-door chores
like lawn mowing (before power mowers it took longer). They were never
welcomed by farmers, who worked can-to-can't and milked the cows at
the same sun-time -- and customers thinking time changed rankled them!

Today, the digital financial markets handle TZ differences between
LON, NYC/BOS, CHI, SF, TOK, and HK markets without difficulty -- and
we trade around the clock. Boston's small stock exchange could go on
Atlantic time without discouraging volume; opening "floor" trading an
hour before New York might actually attract volume.

As more and more parks and ballfields have flood lights, does DST buy
us anything that wouldn't better be addressed by WFH and Flex Time?
No.  Flex time reduces congestion and would encourage bicycling later
in the year.

 If we wanted to join India and Newfoundland as rebels, we could even
split off N.E. as a half-hour timezone based on our local meridian, or
adopt permanent DST by joining NB/NS/PEI as AST (but without ADT/DST).

20 years ago either permanent DST (=AST year round) or half-hour zone
would not have been practical because network TV only recognized 2 TZ,
ET & PT, but with streaming/binging/DVR today, would anyone care if
GoT came on an hour "later" in Boston just as it is an hour "earlier"
in Chicago today?

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Signing update -- license^W key revoked

[Bill Ricker]

tl;dr -- don't bother trying to sign mine !

I was informed my  key 4096 RSA 41936952 (090F 3675 F519 C3D3 A5D8  E763
9CD4 CB6D 4193 6952)
shows as REVOKED on the keyserver.
(Our sign-up PHP should filter out revoked and expired keys !!?)

Oddly, i was able to push change of expiration date anyway ... but if i
pull it back, i now see it revoked too.
Interesting.  I don't recall doing that ...  and I got a Bot reminder it
was expiring last week!
Did i do it by accident, trying to follow a best-practice cookbook to make
an emergency revoke cert and instead sending one?
IDK.
I didn't think i was affected by the Debian weak primes but maybe that key
was, and the gray-hats popped it for safety.

Well, at least it's reassurance that Revoked keys actually will not be
used, if one checks them often !

> pub   rsa4096/41936952 2013-09-18 [SC] [expires: 2019-09-17]
>   Key fingerprint = 090F 3675 F519 C3D3 A5D8  E763 9CD4 CB6D 4193 6952
> uid [ultimate] William Ricker (Boston) 
> uid [ultimate] William Ricker (Boston) 
> sub   rsa4096/938DF10B 2013-09-18 [E] [expires: 2019-09-17]
>
> pub   rsa4096/41936952 2014-06-16 [SCEA] [revoked: 2016-08-16]
>   Key fingerprint = BFE3 CE1E 3A50 F8ED 96C8  537D D27E 035F 4193 6952
> uid [ revoked] William Ricker (Boston) 
>


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: Quantum Crypto redux Re: Boston Linux Meeting ... Crypto News, plus ...

[Bill Ricker]

Elliott is correct that ECC including Curve25519 as well as NIST P-* curves
are more affected  by QC (Shor's) than RSA ... in part because our
classical factoring technology had such a head start, has gotten so good,
that RSA keys have gotten huge, but discrete log remained hard, so ECC
remains small(er)-data, so a classically recommended-keysize problem fits
in fewer QuBits.

Having a 20x safety factor on announced QuBits today is fine for commercial
attack safety today, but for how much longer?
(The good news is AES and hashes only need to double in size to resist
Grover's algorithm in Quantum, they say. )

Partial retraction -- the D-Wave machines with ridiculous numbers of QuBits
are Quantum Annealers, not general purpose Quantum Computers. (It did seem
obvious there was something different about them, from the interleaved
series of records of different orders of magnitude. Now I know what!)
Annealers are good for some kinds of non-linear search problems, but the
two Quantum Computing algorithms known to theoretically plague
public-key/asymmetric and private-key/symmetric  cryptography, Shor's and
Grover's  respectively, are not among the Simulated Annealing algorithms.
So $15M for 2kQuBit D-Wave isn't yet scary for crypto even though
Curve25519  can be solved by < 1600 QuBits in theory, because the (open)
record for the general QC logic machine remains at 72 QuBits, a safety
factor of 20.

QuBits aren't QUITE on the Moore's Law 18-month doubling cycle yet; my
back-of-the-envelope shows going from 7 QuBits to 72 QuBits in 16 years is
doubling in 28 months.  Which is kinda close to Moore's law for RAM (24
months)...
How soon the engineering will allow a growth spurt is unclear.

So setting my ED25519 key expiration at 10 years was just about right, :-)
that's just exactly when it should be doable commercially :-).
A little shorter would have been more conservative!

(I do wonder if D-Wave could be used for Hill-Climbing attack on some
classic crypto problems e.g. Wheatstone/Playfair, but wouldn't be cost
effective there. :-)  )




-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] [BLU/Officers] update instructions for key signing

[Bill Ricker]

On Tue, Sep 18, 2018 at 10:02 AM Derek Atkins  wrote:

> Bill Ricker  writes:
>
> >  (b) closed intranet (no BYOD allowed) where one IT org controls both the
> > desktops and the webservers, and you install the Corp private selfsigned
> CA
> > key into IT release of IE/Edge, FF, Chrome.
>
> The downside of this latter approach is that the IT org can then sign
> certs for *ANY* other site and therefore intercept all HTTPS traffic
> they wish to see.
>

If the IT / SEC group is competent to do the one, they're probably already
doing the other!

(And possibly consider themselves legally required to, to prevent
exfiltration of sensitive data -- HIPAA, SARBOX, ...)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] [BLU/Officers] update instructions for key signing

[Bill Ricker]

On Mon, Sep 17, 2018, 11:27 Dan Ritter  wrote:

> > Since my browser now flags non-https sites as "Unsecure," I'd like to
> know
> > how to generate a key to put in my Apache setup which will swing the
> > padlocks shut. I know that it won't be "valid" unless I import the key
> into
> > my browser, but that's a one-time effort and will stop the "unsecure"
> > messages when I ask people to visit my websites.
> >
> > Also, if possible, I'd like to be able to pass out keys for users to use
> in
> > lieu of passwords to access secured areas.
> >
> > Please tell me how to go about that, and thanks in advance.
>
> The easiest and best thing to do is to get SSL certs from Let's
> Encrypt.
>
> Everything else is worse and harder.
>

Correct. Even the US DOD is getting away from self signed certs that have
to be injected or accepted, because that trains users to be too trusting.

The only valid use case for DIY webserver certs are
(a) internal alphatest/Qa sites, which will then scream holy murder if prod
traffic gets misrouted to them;
 (b) closed intranet (no BYOD allowed) where one IT org controls both the
desktops and the webservers, and you install the Corp private selfsigned CA
key into IT release of IE/Edge, FF, Chrome.

Yes, it is in theory possible to distribute keys to authenticate a browser
to the webserver.
Browser side user certs can be useful in a DIY 2FA scheme but I'd not
recommend it as 1FA !!
This may seem like a good idea but doesn't really do what one usually
wants; it turns just their phone or laptop into a large losable 1FA dongle.
Possibly safe only if you control their password and screensaver policy.

>
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: [Ig Nobel Events] Ig Nobel tickets

[Bill Ricker]

Since there are a goodly number of science nerds on these lists i figure
someone might want to grab one or more of the last few tickets available.
If you enjoy low humor on high topics, this annual send-up of the Nobel
Prizes occurs annually just before Nobel announcement week, awarding work
that makes one laugh and then makes one think. And a comic opera and Mr
Science demos in panto.

(I've only missed a couple of these. Highly recommended.)

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux

-- Forwarded message -
From: Marc Abrahams 
Date: Tue, Sep 11, 2018 at 8:16 PM
Subject: [Ig Nobel Events] Ig Nobel tickets
To: 


Dear fellow Ig Nobel investigator,

Please help us spread the word: a few tickets are still available for the
28th First Annual Ig Nobel Prize ceremony, Thursday evening, Sept 13, at
Harvard's Sanders Theatre.
TICKETS: <https://is.gd/FgfmO4>

Several people have told us they are disappointed that the tickets are
already sold out.
But they were mistaken; their sorrow was unnecessary.
In these weirdly troubled times, we were able to bring smiles to their
downturned faces, by informing them that:

A FEW TICKETS ARE STILL AVAILABLE.

Help turn despair into joy. Spread the word!

Thanks!

Marc


==
Marc Abrahams
Editor
Annals of Improbable Research
44-C Sacramento Street, Cambridge MA 02138   USA
web site & blog & magazine & mini-AIR: <http://www.improbable.com>
twitter: @MarcAbrahams @ImprobResearch
The Ig Nobel Prizes: <http://www.improbable.com/ig/>
==

___
Ig-Nobel-Events mailing list

To remove yourself from this list, please visit:
https://pairlist5.pair.net/mailman/listinfo/ig-nobel-events
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Boston Linux and Unix Annual Summer BBQ XXIV reminder Saturday, August 25, 2018 2:00 PM

[Bill Ricker]

I would like to thank  John and Shelley Chambers for their gracious hosting.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Unusual error message after tar ops

[Bill Ricker]

Clue may be 'newgrp' which is rather late in the SSH connection, that's
invoked while spawning the login shell.

It sounds like the desired User in Passwd has U#:G# that does not match the
group memberships.
see https://askubuntu.com/questions/856057/newgrp-function#856069

(Alternatively, the group # on restored $HOME and .ssh  may be an invalid
but I don't think that would cause this precise message?)

// Bill R


On Tue, Jul 24, 2018 at 5:31 PM, Bill Horne  wrote:

> Thanks for reading this.
>
> I'm transitioning from one Ubuntu system to a new clone. Today, I used tar
> to move all my existing files from the "old" machine to the "new" one.
> Initial checks of the new machine showed the recent files that I moved, so
> I though it went well.
>
> However, when I tried to log into the new machine again after an hour or
> two, I'm getting an unusual error message.
>
> I'm able to log in using ssh with key-based authentication, but then I'm
> receiving a "password:" prompt. I enter what should be the password for the
> new machine, but then I get this message:
>
> Password:
> newgrp: failed to crypt password with previous salt: Invalid argument
> Connection to (New machine name) closed.
>
> All suggestion welcome, and thanks in advance.
>
> Bill
>
> --
> Bill Horne
> 828-678-1548
>
> _______
> Discuss mailing list
> Discuss@blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Guido van Rossum steps down

[Bill Ricker]

On Mon, Jul 16, 2018 at 1:21 PM, Jerry Feldman  wrote:

> I saw the article. He is not leaving, but stepping down as dictator. Now it
> is time for the community to decide.
>

​Apparently the vituperative bike-shedding over what syntax if any to use
to fix the longstanding frustration that Python can't have a
while(constant=0) assignment bug but likewise can't express code that
requires while(return_code=subr(arg)) without code duplication expedited
Guido's burnout/retirement from being BDFL. He settled that bug/request,
but the lack of and need for a community process decision process was made
manifest, so he's telling them to step up.

Discussions on how to decide how to decide are now ensuing. Reads sort of
like diaries from Continental Congress and Constitutional Convention.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Linux has 100% of Market Share.

[Bill Ricker]

the Top500 statistics include Historical charts. You can see how recently
the last 2 AIX systems were pushed out of  Top500, how "mixed OS" had a
brief surge early last decade, etc.

https://www.top500.org/statistics/overtime/


​
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I Hate Ubuntu

[Bill Ricker]

On Sun, May 13, 2018, 11:37 Eric Chadbourne 
wrote:

>
> FWIW
>
> "...Canonical, creator of Ubuntu, isn't even cited once in the Linux
> Foundation's report as a significant source of patches
> .
> This actually isn't news to those who have followed Canonical for some
> time..."
>

There's a lot more Upstream than just  the Kernel.
(Or even than Gnu and Kernel as RMS would have us repeat.)

No surprise that Kernel contributions come mostly from virtualization and
hardware vendors.

Rather more interesting would be a report from Ubuntu's upstream full
distro, Debian.

There was no doubt a major decrease in upstream contributions to Gnome
during the Unity circus.

(I also wonder if Kernel.org would credit a patch pushed upstream
indirectly via Debian by an Ubuntu-employed DD as U or D? IDK offhand if
Debian records corporate source of patches by DDs?)
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I Hate Ubuntu

[Bill Ricker]

On Sat, May 12, 2018, 11:46 Eric Chadbourne 
wrote:

> Ubuntu doesn’t or at least didn’t contribute upstream in funds or or code.
>

Regarding code, I do not believe that to be literally true. Hoarding
patches for internal use is foolish at best, and a GPL violation if
distributed.
(They have been 'guilty' of not releasing all their new code - e.g. open-core
with proprietary value-adds - but everyone does that, and it's not
'upstream' if they invented it, it's just releasing. If they invent and
release something, and Debian adopts it, then they are the upstream to
Debian for that.)

Regarding funds, has Ubuntu ever achieved profitability? (If so how and
when?) If not so, why would anyone expect them to send Mark's money
elsewhere?

I too have been FreeBSD curious.
>

*BSD is great for servers. As a "former" Security type, I respect OpenBSD's
commitment to security out of the Box. A recent client had a mix of Centos
and *BSD servers, worked fine. I might have notes to remind me whether it
was FreeBSD or OpenBSD.

What I'm curious about is which *BSD has good APCI support? I do want my
laptop to act like a laptop. One advantage of Commercial distros - Ubuntu
and RedHat - is they test new big brand laptops early. (OTOH I really
prefer older Lenovos now, so maybe that matters less for me now?) Or should
I give up and embrace Darwin/BSD (aka MacOSX) for the laptop?
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: Federico Live! GPS! Randomness with Radiation!

[Bill Ricker]

Some BLU and Hardware Hacking folks may be interested in Federico's
presentation to Boston.PM this next Tuesday.

-- Forwarded message --
From: Bill Ricker <bill.n1...@gmail.com>
Date: Fri, Apr 6, 2018 at 4:08 PM
Subject: Tech Meeting: Federico Live! GPS! Randomness with Radiation!
To: Boston PM <boston...@mail.pm.org>, "Boston Perl Mongers
(announce)" <boston-pm-annou...@pm.org>


Next Meeting
April 10th (2nd Tuesday)
Federico Lucifredi / Hardware Hacking 101: time and randomness

Abstract:
Using the lowest amount of custom hardware and pouring Perl over
everything as the glue binding it all, we create two minimalistic
devices delivering a perfectly tuned network time source
(synchronizing with a GPS satellite), and a naturally random entropy
source (leveraging a Geiger tube’s measurement of natural background
radiation).

Location: MIT Building 51, Room 372, 2 Amherst Street, Cambridge, MA

NOTE: Parking Alert. Recent changes in MIT Parking Dept web pages no
longer allow un-permitted parking after-hours.
So parking on-site is AT OWN RISK. And Construction Detour again too.
See web for details.

  http://boston.pm.org/Calendar
  http://boston.pm.org/MIT%20Directions

Boilerplate details

Tech Meetings are held on the 2nd Tuesday of every month at MIT
building E51, Sloan School Tang Center [not the other Tang building!]
nearer to Kendall Sq than Mass Ave. (directions).
Talk begins at 7:30.
Refreshments in the hallway prior.
RSVP for count encouraged but not required, to bill.n1...@gmail.com or
Boston-PM list, by 4pm Tuesday.


(NOTE: as of Fall 2017: we'r back to the squarer room 372 (first door
after the partition), not the wider 376 (second door) that we had the
last several years)

--
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Old Unix humor/history "The Unix Cult"

[Bill Ricker]

"The Unix Cult"
Peter Collinson (1986)

"This paper was written for the Winter Usenix in 1986. David Tilbrook
had arranged a `history of UNIX' day, with speakers on different
aspects of what UNIX meant. He asked me to do `the social side'. Like
an idiot, I accepted. It was hard to think of a way of illustrating
what it all meant without being crass. So, on a long car journey, the
idea of the paper was born. I think that some of the jokes did work
and there are one or two really good phrases. Take a look."
http://www.hillside.co.uk/articles/cult.html

 = - = - = -

Commentary from Bill (aka wdr & n1vux) --

I was using Unix then, lived through the last few years of that
history and knew the rest of it as our pre-history.
(First Unix i used was PWB (after Bell v.6, before Bell/ATT v.7) on
11/45, quickly upgraded to BSD3 on 11/70; and soon thereafter our
department bought a share of a small early VAX with BSD4. Much
upgrades were done there as usage grew ... )

It's recognizable history, but written before Gnu (let along
Linux/Gnu) was obviously viable.
(Gnu manifesto had been declared, but before the first coherent GCC
and usertools release.)

(Since Dennis Ritchie was my Scotch and Internet-pre-history mentor
MAP's officemate until Bell Labs pulled out of MULTICS at MIT LCS/MAC,
MAP always refereed to Unix as Dennis's idiot child. Since dmr had
said Unix was one of whatever Multics was many of, to refute the
"Multics castrated" obvious pun, this was not as untoward as one might
think.  The Aunt that Dennis roomed with while on MULTICS project was
a volunteer at The Computer Museum Boston with me. Small world!)
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Fidelity voice-recognition security?

[Bill Ricker]

On Tue, Nov 21, 2017 at 11:44 AM, Kent Borg  wrote:

> On 11/21/2017 11:27 AM, Daniel Barrett wrote:
>
>> Anyone here bank at Fidelity?
>
>
Fido is not (yet) a bank. They perform some bank like functions
but are regulated by SEC not FRB and accounts are insured
accordingly.

But I kept my Employee account when they laid me off because
having been inside,
I think they're less rigged against the investor than the rest of
wallstreet.

(I still would recommend using mostly low-fee mutual funds not the premium
fee ones.)
​

> They are touting a new security feature
>> called "MyVoice" that opens up telephone access to your accounts
>> without a password. It uses voice recognition to verify your identity.
>>
>>https://www.fidelity.com/security/fidelity-myvoice/overview
>>
>> I declined the feature. Fingerprinting a voice uniquely over a
>> low-quality telephone line? I can't imagine that's more secure than a
>> non-obvious password. What does the security crowd here think?
>>
>

> Terrible idea.
>

​
They need to match convenience with eTrade/Schwab/... to attract/retain
certain demographics.

It's better than '1234' or 'Password1'​ for _that_ crowd,
but I won't be using it.

And would not expect anyone looking at this thread to either.


First question: How secure is it? I am skeptical. Did you see the story
> about the 10-year old whose face was similar enough to what the neural nets
> concluded his parents look like, that he could unlock either of their Apple
> phones? Be skeptical.
>

​yeah, I would think it was  interesting as a 2FA extra layer
but not as ​in-lieu-of all other authentication.



> Second question: The idea seems to make access more convenient.

But do I WANT my retirement savings to be so convenient?

Security through cumbersomeness is real and has value.

Safe deposit boxes are cumbersome to access, too: and that is a feature.


Agreed.
Risk analysis is based on both ease to attack and value.
​​
If one is day-trading with massive leverage,
and need to be able to sell NOW whilst walkabout to avoid ​massive losses,
the convenience may be worth it.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Supercomputers: they all run Linux now

[Bill Ricker]

On Thu, Nov 16, 2017 at 9:02 PM, Shirley Márquez Dúlcey
<m...@buttery.org> wrote:
> In the latest list of the top 500 supercomputers, ALL of them run Linux.
>
> http://www.zdnet.com/article/linux-totally-dominates-supercomputers/

Well, all run Linux as OS Family.

Detailed OS data include such values as
- Linux
- Cray Linux Environment
- CentOS
- TOSS
- bullx SCS
- Sunway RaiseOS 2.0
- Kylin Linux
  ...

looks like quite a few vendor specials based upon Linux


Even better, if you go to the slice-able list,
https://www.top500.org/statistics/sublist/

count 10 of 500 (rating #49-#327) list as Vendor="Penguin Computing"

June 2017 only had 2 Unix systems in Top500 -- a twin pair of IBM Flex
p460 at China Meteorological Adim, 17k9 cores each, which were at at
#494 & #495 of 500, so unless they had grown, there were expected to
fall off the next list.
And indeed #500 in Nov.2017 is 548TFlops (a +10% increase over the
last Unix on June list which was 508.9TFlops, so yeah, the best
non-Linux in the world is off the list now.
  (June also had a Linux IBM Power 775 on same Power7 architecture but
62k9 cores at #76 which dropped to #83 w/o enhancements by Nov 2017,
last Power7; and one Power8+; rest of IBM are BQC BlueGene/Q and some
Xeon iDataPlex)


(SuperMicro has only one listed, #453. I guess they're still relevant
for corp Big Data, but not for biggest data?)

Trends for Architecture, Vendor, OS, ... over time can be plotted at
https://www.top500.org/statistics/overtime/
(Alas don't click treemaps unless you want to activate Flash )

Performance development since 1994 has been roughly continued
exponential growth.
https://www.top500.org/statistics/perfdevel/
#500 running pretty much 1% of #1 over two decades also, but #1 perf
has been less smooth than #500 or total performance.
Slight drop-off in total and #500 growth since 2013 but #1 still growing strong.

The current #500 is cranking more TFlops than TOTAL for all #1..500
listed in 11/2003 _combined_, and more than the #1 in 11/2007.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Ubuntu 17.10: As messed up as it appears in first impression?

[Bill Ricker]

> Other opinions on it welcome, but specifically:
>
> 1) Is Ubuntu 17.10 ready for casual use?

One data point --
The one package (ack ex ack-grep) that I'm on the upstream team for
has neither prior nor next version available for  17.10 Artful.

Something died in testing and wasn't resolved, just allowed to ship without.
(Looks like a systemic testing issue in our test results, makes no sense.)

So I'd vote NO

(I try to stick with LTS releases for a reason. And don't take those
until (2n).04.1
Eschew the Dot Uh Oh. )

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Boston Linux Meeting reminder, Tomorrow, Wednesday, October 18, 2017 - Current issues in SSL and TLS

[Bill Ricker]

On Tue, Oct 17, 2017 at 6:12 AM, Jerry Feldman  wrote:
> When:  October 18, 2017 8PM (7:30PM for Q)
> Topic: Current issues in SSL and TLS
> Moderators: Rajiv Manglani
> Location: MIT Building E-51, Room 315
> *** Note new Time 
> As a result of the new MIT parking regulations, we will be holding our
> meetings later than usual. There should be plenty of metered parking
> available. In Cambridge the meters are free after 8PM. See parking note
> below.
>
> Summary:
>
> SSL and TLS are the protocols which provide the foundation for securing
> Internet traffic.

Which, as we were reminded yesterday, WPA2 is NOT.

Upstream patches for the 9 of 10 CVEs touching Linux filtered through
both Debian and Ubuntu to me already.
Your distro or commercial OS should likewise be updating ASAP.
(If not ask WTF and switch to one that takes it seriously.)

AFAIK WPA2 KRACK is client only, not WAP side, so unless a WiFi Router
is working in reverse or as a wifi repeater/bridge, they're not the
patching problem.

Problem of course is the IoT (Internet of Sh.. Insecure Things)
devices and prior-release phones/tablets that won't get vendor
updates.
(And older stuck laptops/desktops that can't upgrade to latest
Windows/MacOSX. Those need to go onto wired only or spaces secure from
wifi snooping.)
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] [Boston.pm] perl and xml

[Bill Ricker]

On BOSTON-PM-list,  Mon, Oct 16, 2017 at 10:54 AM, Morse, Richard
E.,MGH <remo...@mgh.harvard.edu>
(who was away last week) replied:

> Hi! I was just working with some XML, and I’d like to suggest also looking at 
> XML::XPath,
> which does allow you to change the text content (and probably all the other 
> attributes) of nodes.
> Also, since you can find nodes using XPath, it may be easier to select nodes, 
> rather than walking
> through a tree of Perl structures…

Yes.
XML::XPath is basically what XML::Twig is a light-weight "do the easy
80% of"  version of.
(If one needs more than Twig, or if Twig docs don't make sense, XPath
is obvious next choice.)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] perl and xml

[Bill Ricker]

>   root[0][0].text = 'good_tag_001'

So much for Python supposedly being more OO than Perl.
That looks more like Visual Basic.

The hard part in his problem is navigating from sibling to extract the
'good_tag_001' from to the sibling to insert it into.  Your "example"
gives no hint on how that might work.

XML::Twig is particularly good at that sort of local navigation, hence
my suggestion for that.

He asked for Perl help. If one were going to suggest a superior language
despite his request, any answer that isn't in the Lisp family (that
includes Haskell) is silly, because Lisp structure is a natural match
to XML. XML is just Lisp with no verbs, bent brackets, and named
closing parens .
XML is Greenspun's 10th Law incarnate.

> parsing XML, and python is part of the base Linux distro in most environments.

It may come as a surprise, but most GNU/Linux distros still ship Perl too.
Rumors of Perl's death are greatly exaggerated.
Perl6 hasn't killed Perl5 but revived it.
By rotating release manager, we now have annual feature releases in
addition to patch releases.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Treasurer's report

[Bill Ricker]

Ahh, that was for the OTHER other group.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Treasurer's report

[Bill Ricker]

We can afford COLO fees for a fair amount of time with that balance
but not indefinitely.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] perl and xml

[Bill Ricker]

On Mon, Oct 9, 2017 at 1:49 PM, R. Luoma <nobluspam5...@penguinmail.com> wrote
on BLU Discuss:

> This may be off-topic, but I am trying to manipulate
> what I think is an "xml" file with perl (on a linux system).
> I am not familiar with the ins and outs of xml

It would not be off-topic on boson...@mail.perl.org .
We're your local Perl UG.
(Second Tuesdays, around the corner from where BLU meets. Tomorrow
night, come visit!)

Weren't you formerly on our Listserve too?

(So I'm CC:ing discussion there, but folks there should REPLY ALL, so
that he can see the replies.)


> Supposedly, perl has xml modules for this purpose,

Yes.

> but I am have difficulty figuring them out.

In Perl's spirit of TIMTOWTDI, There is More than One Way to Do It.

The default answer is to parse an entire document and navigate the DOM
from the root.  That could be XML::LibXML or XML::Simple or
XML::LibXSLT or ...
That way lies madness, when your edits are strictly local.

> The above example is simple, but, ultimately,
> I would be working on an xml file with many items
> and each item would have many different tags.

So you want to edit XML locally, replacing a tag's text contents with
a specific portion of the text contents of a specifically-named
sibling tag.

For local edits such as you need, I'd use XML::Twig [2][3].
   I did a worked example [1] not so very different from yours for the
Perl Advent calendar in a prior decade (when Boston.PM's Jerrad Pierce
was editor and Boston.PM were majority contributors).


[1] http://perladvent.pm.org/2009/06
[2] https://metacpan.org/module/XML::Twig
[3] http://xmltwig.org/xmltwig/


-- 
Bill Ricker
bill.n1...@gmail.com  a/k/a bric...@theperlshop.com
Facilitator, Boston Perl Mongers http://Boston.PM.org
Consultant, ThePerlShop.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: Boston Linux and Unix InstallFest LXV Saturday October 7, 2017

[Bill Ricker]

r
​e Jerry on Announce list ...​


1. Note that Memorial Drive meters may be Mass State meters not Cambridge
(since MDC/DCR parkway), and so may differ from Cambridge meters on campus.

2. I will probably bring my Xerox ambulance gurney, usable if we need to
move  bulky stuff down the block. (We did this for the Ubuntu installfests
a few years ago.)

​
-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] mailvelope does not automatically download keys

[Bill Ricker]

Only working with known keys - that user has reviewed network of trust for
- is probably a valid high paranoia practice.
One might expect that to be adjustable.
OTOH prevent ng unsafe settings is a valid choidpce also.

Alas usable adequate security is probably fictitious.

On Oct 1, 2017 1:08 PM, "Jerry Feldman"  wrote:

> I am setting up mailvelope on my laptop. For some reason, when I try to
> encrypt mail to a recipient that I know has a valid key in a public key
> server, it fails to download the key even though I have "Automatically
> lookup recipient keys." checked. I have tried several different key
> servers. I currently use pgp.mit.edu.
>
> with one recipient, I manually imported his key from a file, and that
> worked.
>
> --
> --
> Jerry Feldman 
> Boston Linux and Unix
> PGP key id: 6F6BB6E7
> Key fingerprint: 0EDC 2FF5 53A6 8EED 84D1  3050 5715 B88D 6F6B B6E7
> ___
> Discuss mailing list
> Discuss@blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Future-proofing a house for networking -- what to run?

[Bill Ricker]

I'm hoping to build a retirement house in the next few years so this
is a good think exercise for me too.

I think we're pretty much agreed that any wire we install today will
be outmoded within a decade.
Best fibre available, maybe not but multiplexing all future services
over a single strand may be awkward, lots of replacing terminations to
multiplex old and new services, what a mess.

So the only truly future-proof solutions are
(a) admit defeat, we'll have visible cables or stick-on cable-races
again within 5 years of putting on the wallboard;
(b) commit to wireless last 10' to 50' for almost eveything (and
willing to drill new holes for exceptions);  or
(c) commit to easy access to upgrade "wires" and add fibres as needed.
The (b) access could be
 - invisible hinges on the baseboards,
 - cable trays running around the ceiling,
 - or conduits with pull-strings in every wall, or
 - Combination: utility boxes in floor to basement and/or ceiling to
attic, cable-trays in attic and basement, and a conduit with
pull-string from attic to basement. (Fine if max 2 stories finished
with full unfinished basement and attic . Awkward for 3story townhouse
with crawlspaces or less top & bottom.)

Why is conduit everywhere not an option?
Cost of material?  Time-consuming bending & fitting?
Does Code there require _steel_ conduit for low-voltage DATA cables, or can
you use certain plastics?
(Plastics are nasty when it burns, but w/o power lines inside, fire is
coming from
outside; by the time the fire gets to it, it's pretty much over
already. Allowed for plumbing, so why not for data?)

> ISP bandwidth being less than local WiFi

I'm glad to hear there's someone even slower to adopt real broadband than I was.

However, there are uses for fast bandwidth in-house, if you have more
than one device and particularly more than one peoples.
I will shortly sync my laptop with my desktop today.
Switched wired is very good for that. Files going to/from SSD fly.
Files going spinning rust to spinning rust are not limited by the
network, and are not congesting the WiFi and thus not contesting /
interrupting other peoples' YouTubes.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] CrashPlan Home is discontinued - what's next?

[Bill Ricker]

On Mon, Aug 28, 2017 at 2:18 PM, Rich Braun <ri...@pioneer.ci.net> wrote:
> As of next summer, there won't be any more low-cost CrashPlan backup service
> for us Linux users. I liked the fact that its backup engine supports both the
> CrashPlan cloud service and private backups between servers.

> There are some others, like the ones reviewed here, but nothing ideal:
>   https://www.cloudwards.net/best-online-backup-for-linux/

FWIW, this was covered from a photographer's point of view on podcast

https://petapixel.com/2017/08/24/ep-205-nikon-d850-one-nikons-best/

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Hyperlink auditing question

[Bill Ricker]

On Sun, Aug 27, 2017 at 7:04 PM, Richard Pieri <richard.pi...@gmail.com> wrote:
> On 8/27/2017 5:39 PM, Eric Chadbourne wrote:
>> Is there any downside to disabling hyperlink auditing in a browser?

Advertisers not paying for click-thrus might be a downside, if you
like the website.

> Not that I've noticed in several years using NoScript which forbids
>  by default.

Per the linked spec, that is expressly allowed:

[ Optionally, abort these steps.
[ (For example, the user agent might wish to ignore any or all ping
URLs in accordance with the user's expressed preferences.)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Eclipses Re: Great talks last night, however...

[Bill Ricker]

Even a small tornado won't simply "take out one part of a solar power
station". It's going throw dust and debris all over the place.


Experience on Mars with Rover was exactly the opposite,  a gustanado
cleared accumulated dust OFF panels and restored system efficiency.

(N=1 is anecdote not data, but it is the only tornado vs solar datum I
have.)
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] OT - no silver bullet energy Re: Eclipses Re: Great talks last night, however...

[Bill Ricker]

Rich is (largely) right about storage.
It Always Costs extra. (And environmental and other indirect costs count.)
Storage only works at all when energy is much cheaper/plentiful one
place or time than another.
OTOH, that's usually true: all things are never equal.
So some form of storage is often attractive. Whether you use LiOn,
NiMH, or Alkaline, all your portable devices are on Stored energy, not
some Tesla/Heinlein gridless power-grid. Various liquid fuels, fossil
or synth, are likewise stored energy.

(OTOOH, Supercapacitors are getting pretty darn close to impossible
perfect efficiency, but what's the carbon/energy cost to build per kWH
?)

> Regardless of how we end up generating electricity,
> converting it for storage and then converting it back for use will
> always be less efficient than using electricity directly.
A truism or theorem of thermodynamics.
Which is why no single energy source ("pure strategy") is optimal.

Thus, we must have a mixed solution.
Base load / Surge load.
Day/Night. Hot/Cold.
Wind/Tide/Sun/Biomass/legacy Fossil/legacy-nuke/mini-nuke.
Demand reduction by BOTH time-shifting with differential pricing and
by increased efficiency/insulation/passive heating (as
seasonally/diurnally appropriate).

Leaving Wind or Solar or Biomass or Nukes out of a solution because it
won't solve the whole-problem is simply fallacious.
Leaving Nukes out because Nagasaki guilt or Chernobyl / Fukushima fail
or "fear" is likewise foolish; the failed designs aren't on the table.
(OTOH discussing ethical problems of using edible portions of crops
for fuel is on game. Discussing whether Nuclear can be made life-cycle
cost-effective *including* full retirement cost with say Small Modular
reactors is on, as well as how to make them fail-safe and how to
safely decommission, and must either convince the diehards or include
in lifecycle the extra construction costs of litigation-delayed build.
)

//bill
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Eclipses Re: Great talks last night, however...

[Bill Ricker]

​I wouldn't worry about solar power lost to the coming eclipses. Over the
next 10 or 100 years, you'll lose far more to thunderstorms blotting  out
the sky; they cast bigger shadows more frequently.

Eclipse 2017 Drive shed https://goo.gl/images/64hqDR

Eclipse types https://twitter.com/NationalEclipse/status/
885671449654173697?s=09

20thC Total Eclipse coverage https://twitter.com/NationalEclipse/status/
886636558748725256?s=09

Only one area to get two total eclipses in next 7 years. (Path of partial
eclipse is what, same width either side?)
https://twitter.com/NationalEclipse/status/887012790426271746?s=09

 2017 close-up, South Carolina https://twitter.com/NationalEclipse/status/
860679268677931008?s=09



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Great talks last night, however...

[Bill Ricker]

On Jul 20, 2017 10:15 AM, "Bill Bogstad"  wrote:

I have to repeat my negative reaction to the idea that one would
consider using polarized AC plugs/sockets for low voltage DC
interconnects.  That is probably as bad an idea as ...


Seconded.
And totally in contradiction to any underwriting, code, or best practices.
No No No.
This is a recipe for a housefire with insurance claim denied.

DC POWER
Anderson power pole is a DC semi standard.
My preferred supplier aside from MIT SwapMeet is
https://powerwerx.com/dc-power-products
(Their new england distributor comes to NEARfest)

Re Coax DC see
https://en.m.wikipedia.org/wiki/Coaxial_power_connector#Listing_of_DC_coaxial_connectors

(I have one ancient piece of test equipment with dual power options. It has
a 4 pole Cinch-Jones port with one pair AC, one pair DC so you can only
connect one cord. CJ is polarized |= so hard to screwup ...)
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Braintree Plaza Wifi

[Bill Ricker]

Is the MITM cert their logon page?
I've been annoyed at logon in Simon malls and use my cellWAP instead.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] etckeeper (tool to store /etc/ in version control)

[Bill Ricker]

sound plausible
​
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] installfest

[Bill Ricker]

On Fri, Mar 17, 2017 at 5:41 PM, Shirley Márquez Dúlcey <m...@buttery.org>
wrote:

> If you have enough disk
> ​ ​
> space
>

​Isn't that a tight constraint on Chromebooks ? ​




-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Litebook - cheap Linux laptop

[Bill Ricker]

> hardware - quad core Atom Celeron...high end
> http://www.zdnet.com/article/litebook-launches-249-linux-laptop/

Ok, that's still a little less $ than a Refurb Lenova T420/430
(business outtakes, $300-350; of the last gen done to IBM drawings
post-split), but is it enough less to be compelling? This one is a lot
lighter and with a really thin unconvincing keyboard, all of which may
be a feature for some uses.  I'll bet the T420 has more horsepower and
has more upgrade possible, but if tablet with keyboard is goal for a
netbook light / faux chromebook, good that there are Linux native
options.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Systemd & not Re: I, uh, deleted the wrong kernel....

[Bill Ricker]

On Sat, Oct 1, 2016 at 3:08 PM, Rich Pieri <richard.pi...@gmail.com> wrote:

> Yes, you
> can break the dependency chains but that's not the same thing as not
> having the dependencies.
>

​Probably time to ask ...

What's the state of Systemd-free variant distros?
Are there any that closely follow others'  updates ​or layer repos ?

(​I'm thinking Systemd is why my attempts to reset audio outpt to HDMI on
wake-up doesn't work; i put
   pacmd set-card-profile 0 output:hdmi-stereo-extra2+input:analog-stereo
in the sorts of places that worked pre-systemd but either they're not
honored or Systemd does them first then it's thing.)​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] copyright contributor question

[Bill Ricker]

1. Proton mail security requires gmail to discard/spam any message
forwarded by this list just like yahoo. I have an exception list in gmail
so I can see this .

2. If you have made the only fix lately, yes, add yourself just as a good
maintainer would if accepting big set of patches. Are you signing up to
provide on going support , adopting or forking the orphan? Or just posting
a patched version on github? Probably should be explicit on your
intentions. Rallying a community may be useful ...
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: Re: GPG encryption and gmail

[Bill Ricker]

Grr missed the android reply all
-- Forwarded message --
From: "Bill Ricker" <bill.n1...@gmail.com>
Date: Sep 1, 2016 11:06
Subject: Re: [Discuss] GPG encryption and gmail
To: "Richard Pieri" <richard.pi...@gmail.com>
Cc:

> On Aug 31, 2016 19:58, "Rich Pieri" <richard.pi...@gmail.com> wrote:
> >
> > On 8/31/2016 4:05 PM, Jerry Feldman wrote:
> > > I'm weaning away from Thunderbird for a few reasons, but I don't like
the
> > > way Thunderbird handles folders with respect to gmail's labels.
> >
> > That's because Gmail's labels aren't folders and don't quite act like
> > folders. You'll have similar quirky behavior with any IMAP client, not
> > just Thunderbird.
>
> That's  why I use Tbird  for  some hosted biz.com gmail accounts with
little tagging needed but handling proprietary information, and native
clients for main personal gmail as seen here that needs intersectional
tagging
>
> > Actually, I suggest not using Android at all in this capacity. Android
> > is not a secure, reliable platform.
>
> Right.  It's a burner.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] mysql problem

[Bill Ricker]

On Mon, Aug 22, 2016 at 4:31 PM, dan moylan <j...@moylan.us> wrote:

> > Can't call method "prepare" on an undefined value at
> > /home/moylan/ulmmoy/prl/sub/USR/USR.pm line 777.
>

​The problem occurs several possibly many lines earlier.
Wherever $dh0 is initialized, it should be checked for
   ! defined $dh0​
​and if so, the error text from the failed statement should be logged and
the world stopped.

I'm glad to see ​you're using prepared statements ... because no one wants
to play with Bobby Tables

bobby-tables.com: A guide to preventing SQL injection
> Who is Bobby Tables? From the webcomic xkcd.
> School: Hi, this is your son's school. We're having some computer trouble.
> Mom: Oh, dear -- Did he break something?
>



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Windows Subsystem for Linux

[Bill Ricker]

On Sun, Aug 7, 2016 at 11:40 AM, Rich Pieri <richard.pi...@gmail.com> wrote:
> my question would be how well does this shell integrate with
>> windoes EXEs ?
>
> It doesn't. The subsystem runs ELF binaries. It won't start Windows PE
> or COFF binaries (exec format error).

> account (login/password), that this account is separate from the
>  Windows credentials, and that this account runs as a non-privileged user even

Hmm. So a totally different use case, even more insular than Cygwin.
Can't use it for single cross-platform  scripting-platform for Ops / DevOps.

I guess this will be useful if your shop has standardized on Azure
type cloud but you've got one or two app vendors who deliver .deb's .
[ In my last shop i had the reverse problem, we were trending .rpm but
some boutique vendors delivered for Windows Server only. ]

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Windows Subsystem for Linux

[Bill Ricker]

On Sun, Aug 7, 2016 at 12:17 AM, Shirley Márquez Dúlcey
<m...@buttery.org> wrote:
> I can see it becoming a big hit with system administrators. Not just
> to run Linux applications, but also to use bash as a shell rather than
> PowerShell. Admins who work with both Windows and Linux will
> appreciate being able to work on both platforms with a single shell.

Having used both Cygwin and MKS TK shells & Gnu utils on Win in prior
decades, my question would be how well does this shell integrate with
windoes EXEs ?   I found i Cygwin shell didn't pass WIN ENV vars
through to Win EXEs but MKS had an interoperable choice at install
that made scripting execution of MS's own EXEs from MKS quite
practical. (Although for Office/OLE remote control, perl Win32 modules
beat shell or VB.)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: DevOps conference coming in August

[Bill Ricker]

​forwarding since of possible​ interest to some on the list ...

Subject: [Boston.pm] DevOps conference coming in August
http://www.devopsdays.org/events/2016-boston/welcome/

___
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Fwd: Looking for Speakers at a small conference at MIT October 8th and 9th, 2016

[Bill Ricker]

On Thu, Jul 21, 2016 at 8:37 PM, <j...@trillian.mit.edu> wrote:

> You can never be too careful; some readers just might think
> it means any of:
> ​...​
>
>
​My offlist reply to maddog by which i got permission to repost here was

Only because ​Pedants answer Rhetorical Questions ...
>
> ​Given the context of message, you probably don't mean *mit.gov.tr
> <http://mit.gov.tr>*,
>
the Turkish  National Intelligence Organization (Turkish: Millî İstihbarat
> Teşkilatı, MİT)  recently in the news. ​
>
>
> ​https://en.wikipedia.org/wiki/National_Intelligence_Organization_(Turkey)
> <javascript:void(0)>
> ​
> But Srsly ... thanks for sharing !  I'll forward to one Edu guy on
> Boston.pm list directly. Were you going to cross post to BLU list?



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Fwd: Looking for Speakers at a small conference at MIT October 8th and 9th, 2016

[Bill Ricker]

Reposting with maddog's permission ..


-- Forwarded message --
From: mad...@li.org 
Date: Thu, Jul 21, 2016 at 1:17 PM
Subject: Looking for Speakers at a small conference at MIT October 8th and
9th, 2016
To: Greater NH Linux 
Cc: "Hall, Jon" 


Don Davis, a friend of mine, is helping to put on a two-day event at MIT in
Cambridge, Massachusetts (did I really have to tell you which MIT I was
talking about?) on October 8th and 9th of 2016:

http://librelearnlab.org/librelearnlab/home

They are looking for speakers:

http://librelearnlab.org/call-proposals

If you are interested, please submit your proposal.

maddog
___
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] ssh keys question

[Bill Ricker]

On Sat, Jun 18, 2016 at 12:32 AM, Kent Borg <kentb...@borg.org> wrote:

> If I have 2048 words, that is 2^11, if I randomly pick one and you want to
> guess it you will take about 1000-tries to have a 50% chance of guessing my
> word. The fact that my word appears in a dictionary doesn't change there
> there are 2048 words in that dictionary, it takes time to guess them all.
> If I put three such randomly chosen words in a row then the number of
> possibilities is cubed and the number of guesses to hit my choice is also
> cubed.


​Even better ...​

My dictionary search against  your synthetic memorable 32bit password will
only be only (2^11)^3​ if i guess or know which 2048-word short-dictionary
you're using, or slowly infer it from observed leakage somehow.

If you use XKCD's up-goer word list, that's a well know list and yeah, i
can guess that.

Or if you used for your wordlist the same wordlist the famous cracking
software uses for their short password guessing wordlist. Uh no, bad
choice!

If you took a 30k - 100K wordlist and selected a 2k word subset randomly,
maybe excluding the 20-50% least common for ease of spelling, you'd have a
custom list of 2k words that i can't guess. I might be able to slowly
reconstruct that list if i can get your disgruntled ex-employees to tell me
what their passwords used to be, since it's harmless fun ... heh heh  ...
1000 telling me their 3 words has a good chance of giving me most of them
but i'll still be a few short in all likelyhood, but it's good enough.

But that still leaves me with executing the 2^32 dictionary attack.

 Which is likely only interesting if i've stolen all your users' hashes
already and you have poor salts and hashes so i can rainbow table to find
multiple users at once. Doing 2^32 trials coming in the front door of a
server is likely to get noticed as a DOS, aside from taking literally
forever.


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] ssh keys question

[Bill Ricker]

On Fri, Jun 17, 2016 at 10:27 PM, Kent Borg <kentb...@borg.org> wrote:

> Out of curiosity, please tell me how entropy is measured,
>>
>
> I count decisions.


​Mathematically a very defensible position.​ Each binary decision is one
binary bit , which is the (usual) unit of entropy as well as of information.

If my passwords cycle through bill1, bill2, bill3, bill4, there's only 2
bits of information or entropy once you have my algorithm.

123456 has maybe 3-5 bits entropy ..  12345 is very popular but not 50% of
all passwords. It should be in the first 8-32 passwords tried ...



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] ssh keys question

[Bill Ricker]

On Fri, Jun 17, 2016 at 6:27 AM, Dan Ritter <d...@randomstring.org> wrote:

> KIDS GENERAL= NOPASSWD: /usr/sbin/shutdown


​I like that ...​



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] ssh keys question

[Bill Ricker]

On Thu, Jun 16, 2016 at 8:21 PM, Kent Borg <kentb...@borg.org> wrote:

> Seems part of going to keys is to get rid of passwords


​Key to be you, PW to become other via SUDO is effectively 2FA to  Root.​



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I don't understand

[Bill Ricker]

On Tue, Jun 14, 2016 at 3:37 PM, Rich Pieri <richard.pi...@gmail.com> wrote:

> You can read more about it here:


​Douglas Adams did it better. ​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I don't understand

[Bill Ricker]

On Tue, Jun 14, 2016 at 12:33 PM, Rich Pieri <richard.pi...@gmail.com>
wrote:

> Thing is, simulation hypothesis (simulated reality) isn't a scientific
> hypothesis. It's a philosophical one.
>

​I would *like* to agree with that.

But Musk and Neil deGrasse Tyson are quoting odds that are ​
​separated by​

​9 orders decimal magnitude.
There's a difference between their computational model embedded in there
somewhere.
So they should each *at least* be able to give us a  testable hypothesis
regarding their model's assumptions that would, at a minimum, show the
*other's* estimate to be wildly inaccurate.
... or STFU with bloviating numbers about a meta-solipsism.

(Solipsism is the whole world is my dream; this idiocy is that the whole
universe is some computer's dream. So i'll c'll it meta- until informed
what the philosophers now call it.)

As for Musk, he's very good at paraphrasing (some might say parroting)
> others in mass media-worthy sound bites. It's best if you don't take him
> too seriously or too literally.
>

​Yep.
And Astronomers/Astrophysicists (as with practitioners any other science)
should be taken with a grain of salt or two when they leave ​their area of
expertise.

(-:  Only Anthropologists (Study of Man) and us Mathematicians [1]  can
claim universal applicability of expertise and methods  :-)

​[1] http://www.explainxkcd.com/wiki/index.php?title=435:_Purity
=>http://m.xkcd.com/435/ ​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I don't understand

[Bill Ricker]

On Tue, Jun 14, 2016 at 8:16 AM, Eric Chadbourne <eric.chadbou...@icloud.com
> wrote:

>
> I'm reading up on being "unfalsifiable" now.  Fascinating


​Indeed. Science is based on hypothesis-testing. Only a "falsifiable"
hypothesis is testable.

If evidence against a conspiracy theory is taken to show how effective the
conspiracy is,​ the hypothesis in unfalsifiable.

If the statistical model is guilty of over-fitting (too many degrees of
freedom aka too many parameters), the model is non-falsifiable in the
short-term. (But eventually enough data will show that adding 5th order
epicycles is guff.)



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Dropbox does not respect Linux hard or symbolic links

[Bill Ricker]

On Sun, Jun 12, 2016 at 11:09 AM, Jerry Feldman <gaf.li...@gmail.com> wrote:

> It appears that Dropbox stores hard linked files as separate files. This
> kills snapshot-type of backups like rsnapshot.
> ​...
> I suspect that many online cloud-based storage solutions will do a similar
> thing. For my purpose, it just changes how I handle offsite backups since
> my automatic backup to a local HD works fine.
>

I'd ​ be surprised if any made-safe-for-normals cloud storage handled
Symbolic links, let alone hard links.
Windows remains the main market, and the % of OSX users who will use such
are few.
Gnu/Linux, *BSD, other Unix market for 'friendly' cloud storage is probably
very small ... and will remain very small if they don't offer what we'd
need.


'We don't  see many camels in this bar.'
'At these prices, i'm not surprised.'



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] How to write .htaccess rules

[Bill Ricker]

On Sun, Apr 3, 2016 at 1:33 PM, Rich Pieri <richard.pi...@gmail.com> wrote:
> Clear your browser cache?

Aye. That or using a new, Private mode window.

Much testing how things appear to the rest of the world benefits from
Private mode ... including googling (avoiding their predictive
feedback bubble effect; duck duck go helps too)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Encrypt Everything? Good Luck With That

[Bill Ricker]

On Mon, Mar 28, 2016 at 8:14 PM, Rich Pieri <richard.pi...@gmail.com> wrote:

> One: physical security is paramount.
>
> Two: encryption is not a substitute for physical security.
>


​Absolutely.​
And INFOSEC researchers understood this 30 years ago (i was there), so the
older *&/or* better ones still do.
​
Just as DVD and Sat-TV crypto keys in set top box are not secure in a
hacker's home, the chips in your phone are not secure if in top level
hacker lab long enough. As long as this isn't remotely exploitable over the
network or quickly done by a Customs officer with a magic dongle in
temporary possession of the device, it's not a big shocker.
​
Encryption can be a substitute for physical security of encrypted media
  if and only if
the key is NOT included in the inspectable package
*and *the key IS kept under physical (and all other forms of ) security .

Alas any key (or passphrase) you can remember and accurately re-enter is
too small.
Even 128 bits of Entropy is a lot of text to memorize and reproduce
EXACTLY.

Apple's allegedly unbreakable iPhone security, what stymied the FBI for
> months, was broken in a matter of days once someone figured out a viable
> attack:
>

​Unsubstantiated speculation in INFOSEC Twittrs suggests this was a
disassembly hack with hardware debug techniques. ​

One of
- remove & emulate the NVRAM that contains the bad-guess count  (with
bad-guess decrement blocked/rolled back)
- block write to NVRAM by overpowering pins, or lifting a pin or a pullup
resistor (for either/both count and wipe)
- re-write the NVRAM bad-guess count after each decrement
- etc.

​The limit to 4 digit PINs was always a compromise.
Such a brute-forcably low number always assumed the bad-guess-auto-wipe was
inviolable.
Which it is, against *most* threat models. ​Still.
As far as we know, only an Apple update key can break it with just
software, and they've shown publicly they won't.
(Assuming what we see is all that happened.)
But if anyone thought that NSA or worlds' best HW data recovery forensic
contractors couldn't bypass auto-wipe eventually (if they were careful not
to trigger it early), that was naive or wishful thinking.

​
The interesting question will be how many of the other 200 phones DOJ want
unlocked are susceptible to same and how many of those are worth the
contractor's price to unlock. This sounds like detailed skilled work ...

If your phone won't reassemble, you'll should suspect your PIN and thus
data were compromised.
Just as if your safe's door won't close properly anymore ... and where did
it get those burn marks ?

If this isn't stealthy and isn't scalable, we should be happy, it's better
than most possible results.

​(And this wasn't even the SBS's operational phone, it was his work phone,
so it's still just posturing. They'll be back when they have something else
they think public opinion might back them on.)​

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] Racist language Re: free email less intrusive than google

[Bill Ricker]

On Mon, Mar 28, 2016 at 6:58 AM, Bouman MC  wrote:

> Why would anyone think of this phrase in
> racist terms?


​If that is an honest question in search of enlightenment,
if you truly want to find out why some folks find a 19th century diminutive
adjective to be racist and offensive,
Check the term on Urban Dictionary.

http://www.urbandictionary.com/define.php?term=Cotton+Pickin=6916831
Google is your friend*: 'is cotton-pickin racist'
   https://duckduckgo.com/?q=%27is+cotton-pickin+racist%27=canonical

http://racerelations.about.com/od/diversitymatters/a/Five-Terms-You-Might-Not-Know-Are-Considered-Racist.htm
* (but Duck-Duck-Go or Google in Private Browsing window is better, as it
shows you what's outside the bubble, uninfluenced by your previous search
selections.)

You can object that the "Po' White Trash" picked cotton too and were
included in the term 'cotton pickin'', and you would be right historically,
but that doesn't change the hurtfulness. They didn't find the comparison
flattering, which makes it worse all around. And few like being called "Po'
White Trash", either.

​If however that's a rhetorical question (as it sadly appears),
or if you think you are entitled to that explanation before you acknowledge
that others' feelings might be valid, ... no, you don't get to decide
whether other people are allowed to find offensive.​

Telling people it shouldn't be offensive is itself offensive.

​See also

http://racerelations.about.com/od/diversitymatters/fl/How-Not-to-Apologize-After-Making-a-Racial-Blunder.htm
and
​​  http://tldp.org/HOWTO/Encourage-Women-Linux-HOWTO/
especially but hardly exclusively page 4 "But I don't do that!"
 (all of which applies equally to making
underrepresented/under-empowered ​ethnic/race groupings feel safe and
welcome too.)​

​​This Jim Crow attitude is out of place on an open mailing list in the
21st Century. ​
​

-- 
Bill
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] SNR

[Bill Ricker]

>
​ ​
the SNR hereis lousy.

​One of the reasons i like a threaded mail reader ...
i can ignore a chatty thread until i want to read it
..  or never.​

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Fwd: [owaspboston] OWASP Boston at MIT Media Lab Security of Things event March 5, 6

[Bill Ricker]

If i hadn't heard Bruce when he was special Guest at local SciFi
convention, i'd be jumping on this.
He's as good a speaker as you expect from his writing,

Bill
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] systemd explanations

[Bill Ricker]

On Mon, Feb 22, 2016 at 11:20 AM, Steve Litt <sl...@troubleshooters.com> wrote:
> refers to advantages of systemd
> over "the old way", hold his feet to the fire, in terms of the many
> excellent alternatives to systemd and sysvinit, and the costs of
> systemd.

So the big point is casting this as a binary decision is a false dichotomy.

The choice is not between horse-carts and Stanley-steamers , we can
consider internal combustion, all-electric, and hybrid as well.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] systemd explanations

[Bill Ricker]

On Fri, Feb 19, 2016 at 12:12 PM, Rich Pieri <richard.pi...@gmail.com>
wrote:

>
> How does this solve the problem of RMS and Linus being dicks to everyone
> who isn't on board with their goals?


​As i said before, ​it may be necessary to not give a d*** about feelings
in order to accomplish big revolutionary things.

Just as it's helpful for a CEO/CIO to be a Sociopath -- it's hard to layoff
10% of staff soon enough to save 90% of staff's jobs longer-term if the
feels get to you. (Doesn't feel good to be in the 10% tho' ...)

   Sam Adams was quite a jerk, but he started a revolution here 240 years
ago. Hancock had to provide some diplomacy to hold it together. Most
movements need both the good-cop and the bad-cop.
   (MadDog Hall was the Hancock good-cop / Diplomat figure for Linux
revolution; hardly the screenname i'd have picked for our good-cop but what
can you do.)

What can you do?
If you disagree with their goals, say so.
If you disagree with their means, say so.
  (You are right that silence is assent.
  But there's no shortage of folks generically saying Linus, RMS, ESR, &
Lennart Poettering
   are jerks; it's reassuring victims of specific acts of jerkdom that has
value.)
If you find a better run project run by better people that is producing
better software, by all means, use it instead (and tell us). Or if not,
start one so others have that choice.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] systemd explanations

[Bill Ricker]

On Thu, Feb 18, 2016 at 8:54 PM, Derek Martin <inva...@pizzashack.org>
wrote:

>
> There are still people who don't bash Perl? =8^)


​Some of Perl's harshest critics are its most ardent supporters.​
And unlike some communities, feedback works.

(I wouldn't willingly go back to Perl4, or 5.5 even. 5.18 .. 5.24 are much
improved.)

​(But I do like Scheme too. Perl5 and Perl6 moreso share a lot with
Scheme.)​

Bill Ricker
​Facilitator, Boston Perl Mongers http://Boston.pm.org ​

bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] systemd explanations

[Bill Ricker]

On Thu, Feb 18, 2016 at 1:03 PM, Rich Pieri <richard.pi...@gmail.com> wrote:

> RMS did start it. Perhaps I am being petty, but if anti-something stuff
> is a reason to avoid a thing then I think that avoiding GNU ranks higher
> on the list than avoiding BSD
>

​There's a slogan
  "Well-behaved women rarely make history."​
​It applies to geeks'n'nerds too.

A rebel willing to build a new OS (etc) instead of just coding mortgage
rules in COBOL may be a rebel in matters of social graces too. Rejecting
unwanted input quickly may indeed be necessary to build something big
quickly with a small team.

Back in the Usenet i enjoyed being one those graceless nerds ... alas some
of us have neither grown up *nor* built an OS (or other useful major
'platform').

But yes, the social history of the creator of SystemD and the CF resulting
from of some of his prior code are two reasons (in addition to 'Unix
Philosophy' if one subscribes to that) to take at best a
wait-and-see/show-me attitude to this SystemD 'glorious revolution'.

(And yes, as one who remembers ​Unix™  before System V and BSD4.3 bloat
... i.e, i.g, to whit and viz: Bell v6-PWB & v7; ​BSD 3 , 4.1, 4.2;
and SCO System III Xenix on Z8000 back when SCO were the good guys ...

​yes yes i do value the Unix Philosophy.

And frankly, much of Gnu userland has long since wandered away from that,
along the path the original UCB BSD ​started.

So i want to know, does One daemon to rule them all mean we'll be back to
when in doubt, reboot?
Being able to kill -9 a single service if it doesn't accept a stop/restart
message is a good thing if an OS image is in anyway shared. In a world
where each VM has only one application running, maybe that doesn't matter.
But i don't believe every running image is that model, whatever the Cloud
providers tell us.

So i'll be interested in what Christoph has to say about SystemD.
He's a straight-shooter.
If he asks us to turn off the video tape so that he doesn't get blowback
from $DayJob, it'll be great;
if not, reading between the lines may be a challenge :-)

[Disclosure: my and CD's prior employer is the same, where we collaborated,
so i have a bias to trust him, which i feel is well-founded based on
experience. BLU has him as an annual speaker so i guess we collectively do
too. ]

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] systemd explanations

[Bill Ricker]

Note that the March BLU meeting / Linux Soup will be SystemD presentation
by Chistoph.

http://blu.org/cgi-bin/calendar/2016-mar
​
​Here's hoping he'll be speaking frankly and not just RH corporate line ...​
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] What was once old is new again...

[Bill Ricker]

On Wed, Feb 17, 2016 at 9:13 AM, Kurt L Keville <kkevi...@mit.edu> wrote:

> Well, maybe twice... I give you the PDP-8...
> http://obsolescence.wix.com/obsolescence#!pidp-8/cbie
> then, of course, there is the VAXbar (Marilyn Monroe sold separately)
> http://toyvax.glendale.ca.us/~vance/vaxbar.html
>

​A friend has (last i saw) a fully intact Burroughs mini-mainfram under his
wetbar. This seems like a good re-use.

Another friend heated their condo in the winter with vintage VAXen. I
nearly used DEC Alpha's for heat when my furnace failed, but got loan of a
oil-filled electric​ radiator that was equally efficient and had a
thermostat.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Dropping obsolete commands (Linux Pocket Guide)

[Bill Ricker]

On Wed, Nov 18, 2015 at 11:37 AM, Chuck Anderson <c...@wpi.edu> wrote:

> Those two options don't work for a regular user to change their own
> Full Name.
>

​In IT environments, even folks in Wheel shouldn't be editing their Full
Name, that's reserved for some security application.
On a family laptop, anyone who isn't allowed to run Update won't be
changing their name either.
​Maybe in a College environment you don't need to prevent a user from
changing their name without review, but the social engineering
possibilities of changing FullName of <c...@wpi.edu> to "Vice Chancellor C.
Adams" ​are such that i'd discourage allowing setuid  chfn to contain any
breaches.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Dropping obsolete commands (Linux Pocket Guide)

[Bill Ricker]

On Wed, Nov 18, 2015 at 6:46 AM, Dan Ritter <d...@randomstring.org> wrote:

> > Other than chfn, how do people usually change their Full Name in
> > /etc/passwd?
>
> usermod comes along with useradd and userdel. Being able to
> supply everything on the command line (including a password
> hash) is a great improvement over interactive commands.


​there's always 'sudo vipw'​



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Dropping obsolete commands (Linux Pocket Guide)

[Bill Ricker]

On Wed, Nov 18, 2015 at 5:21 PM, Edward Ned Harvey (blu) <b...@nedharvey.com>
wrote:

> How often does somebody change their name? Basically when they get
> married...  Approximiately 0.5 times in a lifetime.


​Heh, my in-laws exceeded that rate by lots.
But if an unprivileged user wants to change their FN without simultaneously
filing paperwork with HR to update payroll, insurance, etc, we should be
triggering the IDS, not letting them insert impressive social-engineering
"credentials" in the GECOS fields willy-nilly.​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Debian adds another systemd dependency, Busybox drops it

[Bill Ricker]

On Sat, Nov 7, 2015 at 5:20 PM, Bill Bogstad <bogs...@pobox.com> wrote:

>  Given that I run Linux
> rather than OpenBSD, I've already made the decision to value something
> else more than ultimate security.
>

​And if i wanted more security in my Linux, putting more system services
into a single PID1 daemon to rule them all would not be how i'd do it.​

​I wounder if NSA Linux is adopting systemd's universal target ...​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] [kind of off topic] noise canceling headphones

[Bill Ricker]

MicroCenter Cambridge has $10 active cancellation headphones "iConcept"
label that actually work fairly well. At that price I gave them a test on
MBTA RED Line. With or without audio signal, I had strong noise reduction
on on/off A/B test, and with audio signal, even stronger S/N increase.

As good as units costing 10x ? I doubt it. But cheap enough to try to see
if good enough or if 'pro' grade Cancellation may work for you or if you
need isolation or a moving van.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Boston Linux Meeting Wednesday, October 21, 2015 - MooseFS

[Bill Ricker]

On Fri, Oct 16, 2015 at 6:58 AM, Jerry Feldman <g...@blu.org> wrote:
> ### Please note that Wadsworth St. is still closed.
> ### Proceed West on Memorial Drive to Ames St. Ames will be
> ### 2-way during construction. Take a right onto Ames St and another
> ### right onto Amherst St.
>
> ### There is a report that it may be open, but the  detour signs are
> ### still posted.

Wadsworth was open to traffic, lovely new pavement with proper painted
lines, on Tuesday (Perl Mongers). I'm guessing they just hadn't
collected the NO THRU TFC & DETOUR orange signs yet.

Will possibly get another gander at it when we welcome daughter's Mac
back from MicroCenter service center today, which will be a joyous
reunion, or before/after MIT flea Sunday (http://swapfest.us for
details and to print $1 off flier.)

(Congested weekend, with NEARfest swapmeet in NH, Photographica flea,
and MIT flea all in 3 days.)


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Reusing Passwords on Different Sites Should be OK

[Bill Ricker]

Reusing passwords requires the users to know that the encryption is of a
safe variety.  Most users are not qualified to tell good crypto from bad
crypto.  Heck, most programmers can't be qualified to use good cypto
correctly.

Password Encryption done client-side must be handled very carefully to
avoid replay attacks yet still actually validate something.  Sounds like a
half-hearted attempt at Challenge-response.

tl;dr No.


​
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] privacy with pgp keys

[Bill Ricker]

>> 3. On the afternoon of the keysigning party, a volunteer creates an
>> official checksheet from the keyring and prints 30 copies to bring to the
>> meeting.
>
> Can we count on this step happening?

Jerry is reliable for that.

> It's just that the instructions here
> tell you to print your own: http://blu.org/keysignings/
> "You must also bring your own printout of the report on that page, ..."

That is safer.
Using Jerry's printout, we have to read it aloud to make sure all
copies match, to have full tracability and thus transfer of trust.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] how much can i use a smartphone as a computer?

[Bill Ricker]

On Wed, Sep 9, 2015 at 2:39 PM, Shirley Márquez Dúlcey <m...@buttery.org>
wrote:

> In theory, Ubuntu Phone offers the same promise. But it's nowhere near
> ready for prime time yet, and unless it starts to get manufacturer
> support it's unlikely that it ever will be -
>

​The 'production' phone available in Europe doesn't come with US 4G/LTE
radios, so it's and EDGE (2.5G) device here.​

One can load Ubuntu Phone on unlocked Nexus devices, but that's effectivel
y playing with developer Alpha/Beta.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Notice about a new vulnerability

[Bill Ricker]

On Thu, Aug 6, 2015 at 8:00 PM, Bill Horne b...@horne.net wrote:

 This is from a tweet I got from Dan Goodin, in which he asks Anyone know
 if any upstream stable Linux kernels have patched CVE-2015-3290 yet? It
 looks serious.


​Looks like it's in Debian Testing/Unstable and also Jessie(Security) patch
stream.
So yeah, it's Stable.

https://www.debian.org/security/2015/dsa-3313
https://security-tracker.debian.org/tracker/CVE-2015-3290 ​
​https://security-tracker.debian.org/tracker/CVE-2015-3291
​https://security-tracker.debian.org/tracker/CVE-2015-5157

​Ubuntu Security has pushed out for  14.04 LTS :
http://www.ubuntu.com/usn/usn-2700-1/
and 12.04 LTS http://www.ubuntu.com/usn/usn-2701-1/
​
AFAIK ​Red Hat requires log-in to see what they've patched ​...


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] xargs guide

[Bill Ricker]

Daniel is correct that i hadn't a clue that someone had hacked good old
find(1)  to have an efficient option for modern drives that dispenses with
the notorious ';' . We thought BSD was confusing the userland by changing
Bell Unix options on ps and ls ... gnu and free/openbsd are changing
everything, whether it needs it or not.   ​
#include oldman/rant/7

On Mon, Aug 3, 2015 at 6:10 PM, Rich Pieri richard.pi...@gmail.com wrote:

 And it still doesn't work with other sources.


​Once again, I agree with Rich ?  It happens ...

The fact that 'xargs' will work with sources other than 'find' makes
'xargs' more useful.
Does one thing well, work with other things via pipe to synergize many
combinations, the true Unix way.

My favorite replacement for both 'find' and 'grep -r' is 'ack'. It finds
things for coders.
(http://beyondgrep.com/, filters by pattern *and* by detected file types
not just extensions)
Ack supports list of files in addition to listing matches, specifically
compatible with 'xargs' and to 'xargs -0'.


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] xargs guide

[Bill Ricker]

On Fri, Jul 31, 2015 at 10:47 PM, Daniel Hagerty h...@linnaean.org wrote:
 Newer find programs directly support this idiom with

 find . -exec foo {} +

| xargs has advantages over -exec.
+ Can take multiple files per exec if supported, e.g. 'rm', massively
reducing the exec() overhead.
+ can work with sources of filenames other than find

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] live streaming needs flash?

[Bill Ricker]

On Mon, Jul 27, 2015 at 7:07 PM, Eric Chadbourne eric.chadbou...@icloud.com
 wrote:

 I've heard some smart folks say flash is needed for live streaming and
 nothing else is nearly as good.  I've heard them say there is no good open
 source option.  If this is true, why?  Surely there's no magic sauce in
 there that couldn't be replicated, or even done better.  Is it more of a
 matter of plugin saturation?  Just curious.


​There are FLOSS Flash replacements, but they're iffy, may or may not work
with a given site.

I suspect the reason for requiring Flash for streaming is to make
downloading-via-stream © violation harder.​

Supposedly they'll support HTML5 in the brave new world, but i suspeccit
was HTML5 in my flash-free Cromium that was crashing the GPU/video-driver
on multimedia.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] NAS: buy vs. build

[Bill Ricker]

On Sat, Jul 4, 2015 at 9:38 AM, F. O. Ozbek oz...@gmx.com wrote:
 Didn't IBM leave the hardware business entirely (including the servers last
 year)?
 You probably purchased Lenovo servers labeled as IBM servers.

If Intel architecture, yes.
They were doing the off-shore builds prior to sale, so as with the
laptops, the first generation or two post-sale are IBM designed, and
wear IBM skins when sold by IBM enterprise solutions. The higher end
boxes have very enterprise-y reliability/repair features, good for the
biggest clusters. The lower end boxes weren't much more featureful
than whitebox.

 Unclear to me from the PR on the sale if IBM still owns their
Power/Cell architecture underlying AIX OS.


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] memory management

[Bill Ricker]

 I think plugin-container doesn't get launched until it needs something
 like the flash plugin.


​which, if you're running NoScript, is under your control.
(If not, why not ? :-)​


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] memory management

[Bill Ricker]

On Tue, Jun 23, 2015 at 8:48 PM, John Abreau j...@blu.org wrote:

 Shouldn't plugin-container be running if firefox is running?


​'top' truncates mine to 'plugin-containe'​, but that does contain 'plug'.



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] A laptop for Linux

[Bill Ricker]

On Mon, Jun 22, 2015 at 10:00 AM, Rohan Joshi rohan2...@gmail.com wrote:
 I am tired with the Lenovo systems and the various issues that keep
 coming up.  (I have tried on the yoga 2, the flex and the Y series).


The enterprise T-series Lenovo had been fine, but I'm hearing the
latest models that no longer have mice buttons aren't up to the old
standard. The last of the old enterprise models are still in refurb
channels.

System76, ZaReason, and Emperor Linux are the three Linux-first
integrator-retailers. I haven't had the pleasure of buying from them
yet - i'm cheap enough i like refurb :-) - but when i next need to
upgrade, there i may have to look them.

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] A laptop for Linux

[Bill Ricker]

On Mon, Jun 22, 2015 at 11:56 AM, Rohan Joshi rohan2...@gmail.com wrote:
 The T60 was amazing and linux worked out of the box.
 So if I can get my hands on a thinkpad then that's wonderful.

Microcenter , MIT Flea, and the interwebs have T60/T61 or
T420/520/430/530 refurbs that were still built tough, linux
compatible, and at nice refurb prices.  I picked a T61 up for a song,
now i need to order a battery :-) .


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

[Discuss] inevitability of bad code (was Re: sandboxing web browsers)

[Bill Ricker]

On Mon, Jun 22, 2015 at 12:19 PM, John Abreau j...@blu.org wrote:
 I've seen plenty of piss-poor coding done in perl,
 python, C, Fortran, and every other language I've ever reviewed.

I don't think i ever saw piss-poor Ottawa Euclid, but the prerequisite
maths (higher order logics) kept the user community pretty tight-knit
and erudite. :-)

[ And conversely, erudite exceptional 31337 haxors have done literate
programming in macro-assembler, Lisp/Scheme, APL/J/K,
FORTH/Postscript, ..., most elegantly.  Happily i haven't read enough
SNOBOL or BF to have an opinion whether such exceptions exist for all
the write only languages, but such is true for all that ever
mattered.  ]

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] memory management

[Bill Ricker]

On Sun, Jun 21, 2015 at 12:20 AM, Matthew Gillen m...@mattgillen.net wrote:

 I've found that if you use
   su - username
 then you can run X programs as another user without trouble.


IIRC that requires a permissive setting on the X server to allow any to
connect to execute graprics, which may not be harmful in a home setting but
feels wrong.​

​gksu works as a sudo for graphical programs and i think it avoids the
above .


-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] memory management

[Bill Ricker]

How Swap and Memory are used is controlled largely by the 'swappiness'
setting.  The default is correct for servers but not for workstations.

swap - How do I configure swappiness? - Ask Ubuntu
The Linux kernel provides a tweakable setting that controls how often
the swap file is used, called swappiness. A swappiness setting of zero
means that the disk will ...
askubuntu.com/questions/103915/how-do-i-configure-swapp...

SwapFaq - Community Help Wiki - Ubuntu
The hibernation implementation currently used in Ubuntu, swsusp, needs
a swap or suspend partition. ... The default setting in Ubuntu is
swappiness=60.
help.ubuntu.com/community/SwapFaq

On Fri, Jun 19, 2015 at 10:01 AM, Matthew Gillen m...@mattgillen.net wrote:
 I'm looking for some advice on tuning my linux box's memory management.
  I've got an older workstation that has merely 4GB of memory.  If I try
 to run Firefox, and a few java apps (e.g., Eclipse), my machine thrashes
 about and effectively locks up because of out-of-memory issues.

 For example: the mouse will continue to move, but won't change it's icon
 contextually.  If I hit cntl-alt-f2 and try to log in to a virtual
 console, mgetty will eventually ask for the username, but after I hit
 enter, it just hangs, not popping up the password prompt, and after 60
 seconds the login times out.  Trying to ssh into the machine from
 somewhere else ends up timing out.

 After going on like this for literally 10 minutes, OOM-killer sometimes
 kills the right thing (one of the two processes hogging the most memory:
 firefox or eclipse), and the machine becomes usable again sometime later.

 I have heftier workstations I can use, but this behavior is really
 frustrating to me, because I'd like to think linux does good memory
 management.  I've tried using huge swap (2x physical memory).  I've
 tried with virtually no swap (on the theory that without swap, there
 would be no thrashing and at least oom-killer would have to do its thing
 without locking up the machine for 10 minutes first).  The problem there
 was oom-killer making bad decisions about what to kill (e.g., the window
 manager, and then whatever out-of-control process is sucking up memory
 just sucks up whatever got freed, and nothing gets better).  At least
 with some swap oom-killer seems to make better guesses about who to murder.

 Does anyone have any tips on how to prevent linux from thrashing like
 that?  The behavior when low on memory seems atrociously bad.

 Thanks,
 Matt
 ___
 Discuss mailing list
 Discuss@blu.org
 http://lists.blu.org/mailman/listinfo/discuss



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] memory management

[Bill Ricker]

On Fri, Jun 19, 2015 at 11:02 AM, Steve Litt sl...@troubleshooters.com wrote:
 I haven't seen any stats quoted in your email, from the  top program,
 that indicate it's a RAM problem. Firefox and its pet
 plugin-container use a heck of a lot of CPU. Until very recently I
 was using a 4GB machine, and when things got crawly, the top program
 indicated that both my cores were near 100%, but there was plenty more
 RAM.

I just killed and restarted FF (on Ubuntu LTS) ... down from 3GB total
1.5G Resident to 1.7G total 0.9G Resident, same tabs. And it peaks at
100% CPU. I should be thankful it's not multiCPU thread capable ?

-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Bringing up Linux with Suckless Init plus daemontools-encore

[Bill Ricker]

On Tue, Jun 16, 2015 at 3:17 PM, Steve Litt sl...@troubleshooters.com
wrote:

 Here's a description of how I brought up a Linux VM with Suckless Init
 plus daemontools-encore.


​Hmm. An overview of those and the other suckless.org projects would be a
good meeting ...​



-- 
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Seeking help on Portal package

[Bill Ricker]

​
​lacking a specific recommendation, i'll give a few generalities.​

* If using anything based on PHP (including Wordpress as-was and Drupal),
patch early and often.
Security holes are pervasive. pick a package with updates, not
something that leaves holes open.

* The coolest things seem to be Drupal plugins today (or last year anyway
:-)
 ema.arrl.org uses drupal for CMS but is not using any forum plugin
AFAIK so no specific suggestions
[however i'm using naked PHP on fd.ema.arrl.org because i'm doing
custom map whackiness with OSM.
 and i'm very paranoid about  command  injection ... ]

73 de n1vux
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss