Planet LUV

Inspired by a discussion in #wayland today, here are snippets from three people explaining why X declares its DPI as 96, and why a single 'DPI' sledgehammer isn't actually what basically anyone<super>*</super> wants. Please read them. Thanks.

Adam Jackson:

I am clearly going to have to explain this one more time, forever. Let's see if I can't write it authoritatively once and simply answer with a URL from here out.

Matthew Garrett:

But what about the single monitor case? Let's go back to your Vaio. It's got a high DPI screen, so let's adjust to that. Now you're happy. Right up until you plug in an external monitor and now when you run any applications on the external display your fonts are twice the size they should be. WOOHOO GO TEAM of course that won't make us look like amateurs at all. So you need another heuristic to handle that, and of course "heuristic" is an ancient african word meaning "maybe bonghits will make this problem more tractable".

Federico Mena-Quintero:

People who know a bit of typography may know a few factoids:
- Printed books generally use fonts which can be from about 9 to about 12 points in size.
- A point is roughly 1/72 of an inch. For people in civilized countries, this translates to "I have no idea what the fuck a quarter pounder is".

*: Yes, I know you need to have actual point equivalence, and you've had all your displays and printer colour-calibrated for the past ten years too. You're doing all this in the GIMP or some other kind of design tool, so please yell at them to use the display size information that XRandR gives you right now, already, today.

groups {
	BACKBONE {
		interfaces {
			<*> {
				mtu 2000;
				unit 0 {
					family iso;
					family inet6;
					family mpls;
				}
			}
		}
	}
	SONET-DEFAULTS {
		interfaces {
			<so-*> {
				sonet-options {
					fcs 32;
				}
			}
		}
	}
}
interfaces {
	apply-groups SONET-DEFAULTS;
	ge-0/0/0 {
		apply-groups BACKBONE;
		unit 0 {
			description "A Backbone link";
			family inet {
				address 10.1.2.3/26;
			}
		}
	}
	so-0/1/0 {
		apply-groups BACKBONE;
		unit 0 {
			description "Another backbone link";
			family inet {
				address 10.2.3.6/28;
			}
		}
	}
			
}
protocols {
	rsvp {
		interface all;
		interface fxp0 {
			disable;
		}
	}
	mpls {
		interface all;
		interface fxp0 {
			disable;
		}
	}
}

• A dual-core 64-bit ARM CPU (the 64-bit ARM is now standard, but will take a while to make it to mass production)


• A few SATA ports, at least two 6Gb


• A basic 3D GPU, a laptop-level NVIDIA or AMD chip is probably right here, needs to be capable of driving four simultaneous displays and/or two 30" monitors


• A *good* 1Gb ethernet NIC, capable of sustaining wire-speed transfers


• Capable of taking 16GB of RAM, normally 4GB or 8GB for this sort of system

• A high end Intel (eg. Core i7 39xx) or AMD (Bulldozer) cpu


• As much RAM as they can take, could be 32GB or more


• BIOS would be LinuxBios to allow fast booting and shutdown

TL; DR: [spam]Please vote for my DrupalCon Denver proposal on Drupal workflows in the enterprise.[/spam]

For the last few months I've been working for Technocrat on a new Drupal based site for the Insurance Australia Group's Direct Insurance brands. The current sites are using Autonomy Teamsite.

The basics of the build are relatively straight forward, around 1000 nodes, a bunch of views and a bit of glue to hold it all together. Where things get complicated is the workflow. The Financial services sector in Australia is subject to strict control of representations being made about products. The workflow system needs to ensure IAG complies with these requirements.

During the evaluation we found that generally Drupal workflows are based around publishing a single piece of content on the production site. In the IAG case a collection of nodes need to be published as a piece of work, along with a new block. These changes need to be reviewed by stakeholders and then deployed. This led us to build a job based workflow system.

We are using the Features module to handle all configuration, deploy for entities and some additional tools, including Symfony, Jenkins and drush to hold it all together.

I've proposed the session for Drupal Downunder in January and will refine the session based on feedback from there in preparation for Denver. If you want to learn more about Drupal Workflows in the Enterprise, please vote for my session.

I find it a bit rich that the police union are upset that information
alongside a photograph was distributed about one of their members, without
his consent. I understand that truth is not not considered a defence to
libel in Australia, so it was perhaps unwise to distribute such a photo.
But it is common police practice to photograph protesters without our
consent, and to store these photos with profiles in national databases
without a right of appeal or review. I probably find myself on some
watchlist now just for attending some of last night's Occupy Melbourne
general assembly.

Maybe there would be no need for a photograph to be distributed if police
correctly wore their own name badges (and if the name badges weren't
deliberately too small to read). Or if there was some accountability, as
opposed to the protectionism that police have demonstrated in the past
with the likes of their disgusting behaviour at the APEC protests.

Originally published at KatteKrab. Please leave any comments there.

This gorgeous photo of The Queen in Melbourne on the Royal Tram made me smile this morning.

I've long been a proponent of an Australian Republic - but the populist hysteria of politicians, this photo, and the Kingdom of the Netherlands is actually making me rethink that position.

At least for today.  Long may she reign over us.

"Queen Elizabeth II smiles as she rides on the royal tram down St Kilda Road"
Photo from Getty Images published on theage.com.au

1. Walked down to the occupymelbourne protest and participated in the discussion and general assembly, talked to some people and made sure you actually knew what it was all about. "How can I represent you better?" is a key question the protesters would have liked to have heard from you.
   
   
2. Before giving the eviction order you could have offered to discuss a different location they could move to with an acknowledgement that they would be given a permit to stay at the new location for a few days with renewal of this permit to be discussed. A lot of people from the protest did leave when asked, more would have if they'd had another place to go. With the remaining people looking like dicks in the public eye.
   
   
3. The protest, once evicted, was obviously going to set-up at a new location that you'd have to evict in the future anyway. You knew this, it would be far better for it to be a location you could be involved in the discussion with and that people could move on to peacefully without being violently attacked.
   
   
4. Get great video footage of all of this.

Originally published at KatteKrab. Please leave any comments there.

THE law does treat race differently: it is not unlawful to publish an article that insults, offends, humiliates or intimidates old people, for instance, or women, or disabled people. Professor Joseph, director of the Castan Centre for Human Rights Law at Monash University, said in principle ''humiliate and intimidate'' could be extended to other anti-discrimination laws. But historically, racial and religious discrimination is treated more seriously because of the perceived potential for greater public order problems and violence.

Peter Munro The Age  2 Oct 2011

Ahaaa. Now I get it! We've been doing it wrong. 

Racial villification is against the law because it might be more likely to lead to violence than villifying women, the elderly or the disabled.

Interesting debates and articles about free speech and discrimination are bobbing up and down in the flotsam and jetsam of the Bolt decision. Much of it seems to hinge on some kind of legal see-saw around notions of a bad law about bad words.

I've always been a proponent of the sticks and stones philosophy.  For those not familiar, it's the principle behind a children's nursery rhyme.

Sticks and Stones may break my bones
But  words will never hurt me

But I'm increasingly disturbed by the hateful culture of online comment.  I am a very strong proponent of the human right to free expression, and abhor censorship, but I'm seriously sick of "My right to free speech" being used as the ultimate excuse for people using words to denigrate, humiliate, intimidate, belittle and attack others, particularly women.

We should defend a right to free speech, but condemn hate speech when ever and where ever we see it.  Maybe we actually need to get violent to make this stop? Surely not.

echo 'rc.local setting zramfs to 3G in size - with a 32% compression ratio (zram_stats), that means we take up 980M for the ramfs swap' | mail -s 'zram' tconnors
echo $((3*1024*1024*1024)) > /sys/block/zram0/disksize
mkswap /dev/zram0
swapon -p 5 /dev/zram0

Originally published at KatteKrab. Please leave any comments there.

The Qantas Pilot Safety culture is something worth fighting to protect. I read Malcolm Gladwell's Outliers whilst on board a Qantas flight recently. While Qantas itself isn't mentioned in the book, a footnote listed Australia as having the 2nd lowest Pilot Power-Distance Index (PDI) in the world. New Zealand had the lowest. The entire chapter "The Ethnic Theory of Plane Crashes" is the strongest argument I've seen which explains the Qantas safety record. The experience of pilots and relationships amongst the entire air crew is a crucial differentiating factor. Other airlines work hard to develop this culture, often needing to work against their own cultural patterns to achieve it. At Qantas, and likely at other Australian airlines too, this culture is the norm.

I want Australian Qantas Pilots flying Qantas planes. I'd like an Australian in charge too.

If you too support Qantas Pilots - go to their website, sign the petition.

Do your own reading.

G.R. Braithwaite, R.E. Caves, J.P.E. Faulkner, Australian aviation safety — observations from the ‘lucky’ country, Journal of Air Transport Management, Volume 4, Issue 1, January 1998: 55-62.

Anthony Dennis, What it takes to become a Qantas pilot news.com.au, 8 September 2011.

Ashleigh Merritt, Culture in the Cockpit: Do Hofstede’s Dimensions Replicate?  Journal of Cross-Cultural Psychology, May 2000 31: 283-30.

Originally published at KatteKrab. Please leave any comments there.

I am right now, at this very minute, registering for linux.conf.au in Ballarat in January. Creating my planet feed. Yep. Uhuh.

I reckon the "book a bus" feature of rego is pretty damn cool.  I won't be using it, because I'll be driving up from Melbourne. Serious kudos to the Ballarat team. Also nice to see they'll add busses from Avalon airport as well as from Tullamarine airport if there's demand.

Too cool.

apt-get install drbd8-utils drbd8-source

lvcreate -L 60G -n mailmirror vg01

global {
  usage-count yes;
}

common {
  protocol C;
}
resource r0 {
  net {
    allow-two-primaries;
    after-sb-0pri discard-zero-changes;
    after-sb-1pri discard-secondary;
    after-sb-2pri disconnect;
  }
  syncer {
    verify-alg sha1;
  }
  startup {
    become-primary-on both;
  }
  on mail01 {
    device    /dev/drbd0;
    disk      /dev/vg01/mailmirror;
    address   10.50.0.11:7789;
    meta-disk internal;
  }
  on mail02 {
    device    /dev/drbd0;
    disk      /dev/vg01/mailmirror;
    address   10.50.0.12:7789;
    meta-disk internal;
  }
}

drbdadm create-md r0
modprobe drbd
drbdadm attach r0
drbdadm syncer r0
drbdadm connect r0

drbdadm -- --overwrite-data-of-peer primary r0

drbdadm primary r0

apt-get install cman clvm gfs2-tools

<?xml version="1.0" ?>
<cluster alias="mailcluster" config_version="6" name="mailcluster">
        <fence_daemon post_fail_delay="0" post_join_delay="3"/>
        <totem consensus="6000" token="3000"/>
        <clusternodes>
                <clusternode name="mail01" nodeid="1" votes="1">
                        <fence>
                                <method name="1">
                                        <device name="clusterfence" nodename="mail01"/>
                                </method>
                        </fence>
                </clusternode>
                <clusternode name="mail02" nodeid="2" votes="1">
                        <fence>
                                <method name="1">
                                        <device name="clusterfence" nodename="mail02"/>
                                </method>
                        </fence>
                </clusternode>
        </clusternodes>
        <cman expected_votes="1" two_node="1"/>
        <fencedevices>
                <fencedevice agent="fence_manual" name="clusterfence"/>
        </fencedevices>
        <rm>
                <failoverdomains/>
                <resources/>
        </rm>
</cluster>

/etc/init.d/cman start

Node  Sts   Inc   Joined               Name
   1   M    120   2011-09-14 10:53:32  mail01
   2   M    120   2011-09-14 10:53:32  mail02

locking_type = 3

filter = ["a|sd.*|", "a|drbd.*|", "r|.*|"]

/etc/init.d/clvm start

pvcreate /dev/drbd0

vgcreate mailmirror /dev/drbd0

lvcreate -L 50Gb -n spool mailmirror

mkfs.gfs2 -t mailcluster:mailspool -p lock_dlm -j 2 /dev/mailmirror/spool

mount -t gfs2 /dev/mailmirror/spool /var/mail

Last week the complete unredacted diplomatic cables obtained by WikiLeaks last year were revealed to the world following a series of events involving WikiLeaks, the Guardian and possibly others. There has been much finger pointing regarding who is to ultimately blame for this, which is essentially pointless. The deed is done and the information is out. A couple of days later WikiLeaks, under the direction of Julian Assange, elected to update their Cablegate site with the unredacted data and provide a full mirror archive [torrent] and PostgreSQL database copy [torrent].

Already there are interesting revelations being brought to international attention by the latest data releases. There are also very valid concerns regarding the safety of intelligence sources, victims of crime and political dissidents who are identified in the cables. Amongst these have been the revelation that one or more cables identify current Australian intelligence officers, as reported in The Age and The Sydney Morning Herald.

Last Friday a statement [PDF] was made by Robert McClelland, the Australian Attorney-General, regarding this fact and confirming that the Australian Security Intelligence Organisation (ASIO), along with other agencies, were reviewing the material. Mr. McLelland reiterated that Section 92 of the Australian Security Intelligence Organisation Act 1979 (ASIO Act) makes it a crime to “publish or cause to be published in a newspaper or other publication, or by radio broadcast or television, or otherwise make public, any matter stating, or from which it could reasonably be inferred, that a person having a particular name or otherwise identified, or a person residing at a particular address, is an officer (not including the Director-General), employee or agent of the Organisation or is in any way connected with such an officer, employee or agent or, subject to subsection (1B), is a former officer (not including a former Director-General), employee or agent of the Organisation or is in any way connected with such a former officer, employee or agent.” That second part is obviously aimed at protecting the families of ASIO employees, while subsection 1B deals with exceptions where former officers have consented to their previous employment being made public.

This has led to speculation that Julian Assange could face prosecution under Section 92 of the ASIO Act. There may be the possibility of additional charges relating to officers of other Australian agencies, such as the Office of National Assessments (ONA) or the Australian Secret Intelligence Service (ASIS). In adition to the cable referred to by The Age and The Sydney Morning Herald there is at least one cable which lists the names of a number of senior ONA analysts and there may be more buried amongst the quarter of a million cables.

One of the problems facing any Australian prosecution in this matter will be whether or not charges can be laid based on the sequence of events. The initial revelations of the complete data came from a GPG encrypted file which had been available online via BitTorrent for several months and which was decrypted using a passphrase published by the Guardian. Each on its own could not reveal the information, they had to be used together to obtain the data. If charges were to be laid related to that, who would be charged? Julian Assange for creating the encrypted file? Another WikiLeaks staffer for putting it on BitTorrent? David Leigh and Luke Harding at the Guardian for publishing the decryption passphrase in WikiLeaks: Inside Jullian Assange’s War on Secrecy? John Young at Cryptome for providing the decrypted CSV file? Raymond Hill at Cablegate Search for using that data in his online database? Others?

That’s just dealing with the initial release of the data. The next question is whether or not Julian Assange or others involved with WikiLeaks can be charged for effectively republishing the data after it has already been decrypted by others? No doubt this is something which Australian Commonwealth prosecuters will consider following the reviews of the diplomatic cables being conducted by ASIO and others.

On Sunday the Attorney-General followed the national security theme with a statement [PDF] announcing a new national security awareness campaign promoting the National Security Hotline (NSH). The NSH was introduced in 2002 by the Howard Government and the initial advertising campaign in 2003 featured much derided fridge magnets for every household.

What is unclear about the latest NSH advertising campaign is whether it was already planned, whether or not it is in response to or accelerated due to the release of the unredacted cables or whether it is part of a push to turn public opinion against WikiLeaks. When the cables were being dribbled out with effort taken to redact information that could identify people at risk of violence or retaliation it was difficult for many people to take the government’s objection too seriously. The complete release last week changes that scenario completely and the publication has been condemned by the traditional media organisations, which had previously worked with WikiLeaks to redact and publish the cables. It is possible that the Attorney-General’s department views an elevation of national security in the public consciousness will make it easier for people to draw the conclusion that the cable publication and, by extension, WikiLeaks is to be condemned.

Regardless of one’s opinions of Julian Assange and WikiLeaks, either for or against, the fact is that the facility to provide a platform for the global release of sensitive material has been a major change for both national and international politics. It has shifted the concentration of power in ways which governments are not used to. They are beginning to learn a similar lesson to that of the media: that the people formerly known as the audience are able to actively engage to a greater extent than previously possible. Not only are people able to do this, but they actually do it.

As I type this there are people around the globe pouring through the released cables looking for interesting information. Some of the results are published by traditional media outlets, some are blogged about and some are included in the running commentary on Twitter or other social media networks. Most people refer to the latter as crowd-sourcing, but governments and intelligence agencies refer to it as open source intelligence. It is another example of ordinary citizens being able to level a playing field which has previously been restricted to governments, intelligence agencies, law enforcement and corporations with the budgets necessary to obtain and mine vast amounts of data. This shift is, unsurprisingly, of real concern to those organisations which have traditionally maintained a monopoly on information.

As a consequence, moves by governments around the world to attempt to limit or discourage this power shift are to be expected. Where that coincides with existing national security legislation, such as that protecting intelligence officers here in Australia, a link is able to be drawn between the power shift and a subtext of potential sedition. It’s not quite accusing anyone engaged in any aspect of the shift in power and sharing (versus control) of information of treason, but it is a manner of presenting opposition to people doing so as in the interests of national security. It is a subtle and dangerous approach to the changing nature of politics and intelligence, which could backfire. Yet it is one which will be pursued by any government seeking to maintain a concentration of power; that being, all of them.

It also won’t work, not completely, that genie is well and truly out of the bottle. The governments, intelligence agencies, law enforcement and corporations already know this; their game is now to limit anything which they see as potentially damaging. The extent of their success or failure in this will only become apparent over time; not just in relation to the various releases from WikiLeaks, but also information which will be released by other sources and organisations in the future.

There are new players in the Great Game of international politics, players who were previously viewed almost entirely as pawns. It will be very interesting to see how it plays out as the power and the rules shift.

Originally published at Organised Adversary. Please leave any comments there.

Yesterday’s news that Paul Freebody, a candidate for the Queensland seat of Cairns, has been expelled from the Liberal National Party (LNP) highlights the need for the greater adoption of email encryption and digital signatures.

As with the OzCar Affair of two years ago, the issue here relates more to the verification that an email has not been tampered with rather than protecting the content from prying eyes. Thus it is a digital signature which would have been of use to Freebody in this case. Had he already been using OpenPGP compliant software to sign his emails, such as PGP or GPG, Freebody could have proven that the change to his email after signing and sending it was made by someone else, without needing to identify or, in this case, embarass that person.

The reports regarding the case of Paul Freebody are a little unclear as to whether the modified email had been sent from his computer or whether a family member who had received the email modified it and then forwarded it on. Regardless of which of those two alternatives it was, the regular use of a digital signature would have helped.

If the email had been modified on Mr. Freebody’s computer before it was sent, the prompt to sign the message would have prevented message from being sent without the relevant passphrase. If the relative had removed the signing option then Mr. Freebody could have pointed to the lack of the signature as a certain level of proof that he did not send that email.

Had the email been signed and a recipient modified the content before forwarding it to others, the signature would not validate for that message and Mr. Freebody could then have pointed to that as proof that the message had been altered. In this case Mr. Freebody could have provided a copy of the original message with the valid signature for comparison.

This is the second time in as many years in which a forged or modified email has resulted in a scalp being claimed in Australian politics; yet the tools to prevent it have been available for two decades and standardised since the late 1990s. Since that time the ease of using email encryption and signatures, particularly with the combination of Thunderbird, GPG and Enigmail, has been improved considerably.

Until people in public life start using at least this aspect of cryptographic technology, even if they don’t actually encrypt their email, these kind of scandals will continue to occur.

Originally published at Organised Adversary. Please leave any comments there.

LUV is co-organising an install-fest and miniconf with BarCamp Geelong on Saturday July 9 at the Deakin University Waterfront Campus, 1 Gheringap Street Geelong.

The event is sponsored by Linux Australia, Duxtel Pty Ltd, and the Open Source Developers' Conference.

Speakers will include Lev Lafayette on The Competitive Advantage of Linux and Open-Source, Dennis Wollersheim on An Introduction to Linux Scripting (along with a 3D printer stall), and Alex Clews on Backing Up Your Linux System.

read more

Australian blogger Mike Stuchbery, a vocal critic of ACCESS Ministries‘ school chaplaincy program, has been gagged by the evangelical religious group.

On the 15th of June Mr. Stuchbery posted an article about a graphic novel, Man Hunters published by ACCESS Publishing International, a division of ACCESS Ministries. The original article included several images from the graphic novel and a link to a PDF of the complete article.

On the 17th of June Mr. Stuchbery received a letter from Moores Legal stating that the post of the graphic novel and any part of it was a breach of copyright. The letter demanded the removal of the graphic novel PDF, the deletion of any copies of same, the removal of any images from the PDF and the deletion of the entire article which included this content. The letter, which Mr. Stuchbery posted, included a deadline of 5:00pm on June 22nd.

Mr. Stuchbery complied with the request to remove the PDF and all of the images, except for a single panel. The other panels were replaced with transcripts of the dialogue. He cited the “fair use” (actually it is “fair dealing”) provisions of the Copyright Act 1968 for the purpose of the critique which comprises the remainder of his article.

In spite of this compliance, Mr. Stuchbery’s posting access to his site was disabled by WordPress.com before the deadline set by Moores Legal. This indicates that the purpose of this action is not simply to protect the material published by ACCESS Ministries, but to silence one of their critics. If it were purely concerned with the copyright issue then the deadline would have been honoured, as would the fair dealing provisions of the Copyright Act 1968. Instead moves were made to report Mr. Stuchbery’s site for copyright infringement to his hosting provider before that, the result being suspension of updates well before the deadline. According to Mr. Stuchbery he discovered the suspension more than nine hours prior to the deadline.

This type of use of copyright law by organisations, especially religious organisations, to stifle dissent is nothing new. The Church of Scientology is well practiced at using precisely this tactic to silence their critics and have done so to great effect for many years. Now ACCESS Ministries are taking their turn at using copyright law to censor their opposition. This case is a little different from many of the Scientology ones in one crucial respect; the criticism of ACCESS Ministries and their teaching material does not relate purely to their internal policies and behaviour, as much of the Scientology criticism does, it relates to material used by ACCESS Ministries chaplains in a government funded program for secular schools. As such, criticism of the policy and of any content used in the delivery of that policy should be protected by the implied right to free political speech. This relates to both the High Court rulings regarding freedom of political speech inferred from the Australian Constitution and various international treaties which Australia has ratified, most notably the International Covenant on Civil and Political Rights.

With this action ACCESS Ministries have proven their complete disregard for the civil rights of those who do not agree with them. They have shown their willingness to resort to any means available to silence any and all opposition and criticism.

Originally published at Organised Adversary. Please leave any comments there.

Six months ago Victoria went to the polls and elected a Liberal-National Coalition government, led by Ted Baillieu, with a (slim) majority in both houses of parliament. After more than a decade of Labor government, this was not entirely unexpected. Due to electoral reforms made by the previous Labor government, there will be another three and a half years before another election will be held.

The change in government has led to a drastic change in the tone of governance in Victoria. Three of the changes which particularly illustrate this are a review of the Charter of Human Rights and Responsibilities Act 2006 with a possible result of watering down or even repealing the Act, on the spot fines for “indecent” language and the controversial introduction of legalising discrimination for groups not wishing to employ, service or otherwise interact with individuals with life styles or traits they object to. That last one essentially translates to: some Christian organisations want support for prejudice against single mothers, non-believers, people of different faiths, divorced people and, of course, the entire LGBTI community.

Those aren’t the only things on the agenda, there are assorted other law-and-order policies currently being pushed by Baillieu and Attorney-General Robert Clark, including mandatory sentencing for sixteen and seventeen year-old violent offenders. Still, this is only six months into a four year term. It is clear that Baillieu and Clark are aiming for significant changes to Victoria’s legislative powers before the voters have a chance to oppose them. Perhaps this would be more understandable if the policies presented to the public by the Coalition had included this significant law-and-order focus; but, with the exception of the fairly standard comments about recruiting more police, this was not the case.

It is clear that the Baillieu-Clark agenda, beginning with the reduced emphasis on human rights, is to forge a far more conservative and controlled Victoria. The first step is to reduce the rights previously granted to Victorians. The second step is to introduce law-and-order policies which may appeal to some sections of the community without appearing too controlling to the general punter, but which actually undermine civil liberties significantly. The third step is to provide greater power to certain interest groups at the expense of minorities.

So what can we expect in the future? I expect there will be considerably more similar action in the future. Most likely this will include anti-association legislation, which is normally labelled as “anti-bikie” legislation and which has been adopted in South Australia and New South Wales. Whenever politicians and police discuss legislation like this they are careful to focus on one section of the community, in this case “criminal organisations” and motorcycle clubs, but the reality is that the legislation is never so specific and can be used against any organisation or group of people. Currently the Charter of Human Rights and Responsibilities Act prevents such anti-association legislation from being passed in Victoria, but a repeal of that Act or reduction in its scope may open this door.

No doubt there will be more than this in just the next year or two, given the changes pushed in just the last six months. By the time of the next election in November 2014, the changes in Victoria could be tremendous.

Originally published at Organised Adversary. Please leave any comments there.

I've decided to document letters I write to companies and groups here as I often forget to follow up on them, or get a reply that is quite indicative of the type of company they are. Information others may appreciate.

Open Letter to Zazz regarding their use of the term "PC"

PLEASE stop using the term "PC" to refer to a PC running Windows. It can be very misleading and confusing for people.

Eg. http://www.zazz.com.au/pastproducts.php?past=1985

"PC/Mac/Linux" makes no sense. That's like saying "Ice cream tub/Strawberry/Chocolate" when referring to neapolitan ice cream supported flavours. Obviously this is just an annoyance but when it's just Windows and Mac support, it's actually false advertising and misleading to write "PC/Mac".

Thank you for your time.

Drush make is a wonderful tool for constructing Drupal platforms. A lot of Drupal developers are used to adding a list of modules, a few libraries and theme or 2 then running drush make to build their platform. It all seems pretty easy. What if I told you module developers could make things even easier for site builders?

Some contrib modules depend on third party libraries, and due to various reasons they can't always be stored in git repositories on drupal.org and included in the module release. To solve this problem module developers can include a .make file for their module. Drush recursively processes make files, so the module make file would be processed once found by drush make.

A good example of where this could be useful is the SMTP module, which depends on the LGPL licensed PHPMailer library. The module also requires a patch to be applied to the library, which drush make can apply for us. The following .make file could be included in the SMTP module as smtp.make:

core = 6.x
api = 2

libraries[phpmailer][download][type] = "get"
libraries[phpmailer][download][url] = "http://downloads.sourceforge.net/project/phpmailer/phpmailer%20for%20php5_6/Previous%20Versions/2.2.1/phpMailer_v2.2.1_.tar.gz"
libraries[phpmailer][download][md5] = "0bf75c1bcef8bde6adbebcdc69f1a02d"
libraries[phpmailer][directory_name] = "phpmailer"
libraries[phpmailer][destination] = "modules/contrib/smtp"

libraries[phpmailer][patch][drupal-compatibility][url] = "http://drupalcode.org/project/smtp.git/blob_plain/2acaba97adcad7304c22624ceeb009d358b596e3:/class.phpmailer.php.2.2.1.patch"
libraries[phpmailer][patch][drupal-compatibility][md5] = "2d82de03b1a4b60f3b69cc20fae61b76"

Now when the SMTP module is included a normal drush make file it will be downloaded, the PHPMailer library will be downloaded and patched ready for use.

Unfortunately there are some limitations to this approach. Firstly it assumes that the SMTP module will be installed under the modules/contrib directory, which is accepted best practice, but may not suit everyone's needs. When I tested this with the current stable version of drush make (6.x-2.2) it failed, and drush make 6.x-3.x from git needed to be patched. Hopefully a fix for this can be backported to the 6.x-2.x branch and included in a future release.

Update: I have posted the make file for the SMTP module as patch in issue #1159080.

As much as I love Zimbra, I find their Debian packaging frustrating. Why do they insist on shipping half broken debs? I can excuse vmware for being too lazy to provide proper descriptions for their packages, although the generic "Best email money can buy" text seems a little lame. Failing to populate the "Provides" field is brain dead. This makes it possible to install mailx on a server running Zimbra without installing another MTA.

I've created a simple workaround deb which provides mail-transport-agent and depends on zimbra-mta. The deb also symlinks the zimbra sendmail binary to /usr/sbin/sendmail - where it belongs. Now mailx and other tools which depend on mail-transport-agent can be installed. The package should work with both Debian and Ubuntu.

The source available on github, or you can download a prebuilt platform independent deb from github's download manager. The package is released under the terms of the WTFPLv2.

I hope that Zimbra builds better debs and makes this package obsolete.

I really want to attend DrupalCon Chicago, which kicks off in just over 4 weeks. The problem is that since DrupalCon Copenhagen business has been pretty quiet and so I find that I can't really afford to fund it myself. After deciding I had to be in Chicago I got creative about how to make it happen. The buy a line project was born.

Instead of just asking people to kick in some cash to get me to Chicago, I felt it was only right to earn my keep. People can buy a line of code, or sentence of documentation for Drupal. All code and docs created will be contributed to drupal.org. Buyers are free to specify where the lines are to be contributed, or leave me to decide. I'm looking forward to writing some of the lines on the Drupal Bus.

Recently I have been working on porting the UUID module to Drupal 7. I hope to get this module into Drupal 8 core. To make this happen I have to be in Chicago! Improvements to UUID will mean that content can be packaged up and moved around like configuration can be using the Features module.

All buy a line issues will be tagged so people can watch my progress. The first lines of code have been contributed to the getID3() module, so Drupal Commons can be installed by Aegir.

Thanks to everyone who has contributed so far. I have almost covered the DrupalCon ticket I bought from the Gizra team.

Please consider buying a line (or more) to help get this Drupal geek to Chicago. This is a great way of getting a module ported to Drupal 7, better documentation or even just a bug fixed. I have a decent track record of contributing to the project.

When deciding how many lines to buy, think about this - if I don't make it to Chicago, who will lock themselves out of their hotel room at 4am - naked!

Ok, so it’s been an embarrassingly long time between posts.  It’s a good thing I don’t pretend to be blogging for a living.

Anyway, these days I’m hacking on the Cyrus IMAP server for a living.  This software  isn’t much to write home about. It’s Open Source so you get to see all the ugly bits.  It’s really quite old and crufty (there’s K&R C in there!) and mostly works.  Mostly.

What I’m supposed to be doing is adding Conversations support – more about that in another post sometime.  What I’m mostly doing is cleaning up amazing crufty code and writing unit tests to prove that I didn’t break anything.  The process goes something like this:

• Oh, I need a function to parse a date/time string.
• Cool, here’s one.
• Oh…here’s another one…in a different file in a different directory…that only reads directly from the main IMAP protocol stream.  No worries, we can split it up into a sensible pair, one of which reads a quoted string from the protocol stream into a buffer, another which converts the buffer to a time_t.
• Wait, they parse different formats.  Because RFC822 and RFC3501 specify similar but not identical date/time formats.  Well, whatever, they’re both necessary for RFC compliance.
• Ooh, one of them takes about a half-dozen different flags, let’s write a comment documenting their effects.
• Wait, most of the flag combinations make no sense.  One combination results in two separate timezone offsets being applied to the result, the one specified in the date/time string itself, and also the server’s own timezone.  WTF? Aha, there’s only two different sets of flags it’s called with…so change the function to take a boolean.
• Cool, this function has support for Military single-letter timezone names (e.g. ‘Z’ is UTC). Wait, it accepts ‘J’ as a timezone name, which it isn’t.  Even better, this means it miscalculates timezones ‘K’ through ‘M’ which are now all off by one hour.  Classy.
• Well I don’t trust it now…ah, it parses some hardcoded US timezone names, like EST, PDT etc.  Oh but look, the Daylight Savings calculation moves one hour in the wrong direction.  Wonderful.
• What?  Here’s more date/time parsing code!  This time it parses the RFC3339 date format (which is mostly the same as the ISO8601 format, and is arguably the most sensible one of them all).  It’s opencoded in the middle of a function that parses imap:// URLs, of all things.
• Ok, I give up.  I’m gonna fix it all up!  Pull all the date/time parsing and generating code out into a new source file, lib/times.c, fix the names of the functions to be remotely sensible and consistent, enforce sensible and consistent return values (number of characters consumed or generated, or -1 on error), and write unit tests for the lot.

And that’s what I’ve spent so much time doing recently.  So many ratholes, so little time.

I thought I'd respond to this paper "Hierarchical File Systems are dead" People have been talking about searchable and tagable local file systems for decades. The main problems with searching and tagging is:

• Most data isn't easily searchable. How do you search music? spreadsheets? movies?
• Tagging is hard work and generally non-portable.
• Getting people to agree on file formats is near impossible,
  so how would you ever get everyone to agree on a tagging format?
• Tags mean different things to different people. Tagged data tends to have lots of very broad tags and few specific and useful tags.
• items tend to move around in searches, searching for the same thing can yield different results as new data comes in.

So why is the hierarchical file system still so ubiquitous?

• The hierarchical file system doesn't know or care about your files. This means the only agreement you need between people is that a file is an amount of contiguous bytes.
• hierarchies are easy to navigate and predictable, things are always in the place you left them.

There are many really great ideas for how humans could interact with computers but many of them require the computer to have too much intelligence and we aren't there yet. Making interfaces that require the computer to be more intelligent than it currently is, is a recipe for a difficult to use and unpredictable user experience.

Yes, I realize you wrote a program so awesome that all other programs pale in comparison, and that part of your mission is to make all the other programs literally pale in comparison to your program. Sorry. Maybe you can meet up with that other program that is the most awesome program in the history of the universe and share your sorrows over a beer.

It's time again for the LUV Beginner's Workshop. Come along on 20th of November. Talk: "WordPress Introduction" by Kathy Reid

read more

… JT Smith opened the conference with his annual State of WebGUI speech, in which he highlighted many upcoming features in WebGUI 8. In addition, the Contributor of the Year and Colin Kuskie Award for community contributions were announced. This year’s Colin Kuskie award went out to Patrick Donelan. Patrick was recognized for his contributions to WebGUI 8, in particular for single-handedly increasing the performance of WebGUI by over 300%. This year’s Contributor of the Year award recognizes an outstanding business contribution. United Knowledge won the Contributor of the Year award for their dedication to the Template Working Group, which is working towards standardizing all WebGUI asset templates…

via plainblack.com

Thanks guys!

I was in Madison last week for my third consecutive WebGUI User Conference, affectionately known as “the WUC” (rhymes with “chook”… that’s Australian for chicken).

I spent the pre-conference hackathon working on getting WebGUI 8 to run under Mongrel 2, thanks to lestrrat‘s experimental Plack::Handler::Mongrel2. Since WebGUI 8 is a Perl Plack app, it wasn’t an overly complicated task – I spent most of my time getting up to speed on Mongrel2 itself and learning why a language-agnostic web server rocks (ZeroMQ++). Along the way I found a bizarre bug where Image::Magick was causing the server to hang – but apart from that it was smooth sailing.

The pay-off was being able to show off a live demo of Mongrel2 running WebGUI alongside a Python / JSSocket chat app and a streaming MP3 server all on the same domain as part of my “Plack and the Post-Apache Future of WebGUI” talk the next day (the streaming MP3 server meant that I was able to include a You Am I song in my talk which probably no-one at all in the audience recognised..). I also did a live demo of gugod, clkao and c9s’ very cool XDFighter WebSocket demo (again mounted in the same domain as a WebGUI site), with help from Andy who controlled one of the stick figure fighters from the audience via his iPhone.

None of which was very WebGUI-centric, but that was kinda the point: every cool thing that happens in the Perl PSGI/Plack world is now a WebGUI feature by default

The rest of the conference was spent enjoying Wisconsin’s unfair abundance of fantastic locally brewed beer (and fried cheese curd!) and hanging out with all the awesome American and Dutch members of the WebGUI family – many who have attended more WUCs than they can count on one hand (a good reflection of how much fun the WebGUI conferences are).

I’ve submitted a modified version of my talk for the Pittsburgh Perl Workshop (PPW) in October titled s/modperl/plack/, with the intention of ripping out the Plack introduction (people can get a much better version of that at PPW from the horse’s mouth) and replace it with more specifics on how we decoupled WebGUI from modperl (replacing it with Plack) as an example of how others might convert their own legacy modperl applications.

Many thanks to JT and everyone else at PlainBlack for organising yet another awesome Perl / WebGUI conference, you guys rock.

Back in December 2009 I wrote about PlebGUI, an experimental branch of WebGUI with mod_perl replaced with Plack/PSGI. As a result, I was able to demonstrate WebGUI running on shared hosting via Plack + FastCGI.

For the next few months I worked through the process of turning the proof of concept into something core-worthy. Primarily that meant removing PlebGUI’s faked Apache2::Request object, completely eliminating any mod_perl dependencies from the WebGUI core and instead baking in WebGUI::Request and WebGUI::Response which are thin layers over Plack::Request and Plack::Response.

By about April most of the basic pieces were in place, performance was looking good, and I’d started the fun task of refactoring WebGUI to take advantage of the value-add features that Plack brings such as Middleware and stealing liberally from other Plack projects such as Tatsumaki‘s streaming API. But there was still lots of work to be done getting the test suite passing again and smoothing off the rough edges. Progress was slow due to my work commitments and frequent travel.

Then three of the main WebGUI committers got involved, first haarg++, then perlDreamer++ and preaction++. The pace accelerated dramatically. This week we officially merged the PSGI branch into the main development branch, meaning that the next major release of WebGUI will officially be a PSGI app!

Huge credit and thanks to haarg, perlDreamer and preaction (and anyone else who contributed too) for getting us over the hump. These guys are also the main driving force behind the other awesome features that are being baked into WebGUI 8, so if you like anything you see in the next version, make sure you buy them a beer or two.

Here are some screenshots of WebGUI with the Plack::Middleware::Debug bar turned on.

Previously, in debug mode WebGUI would append all debug output to the bottom of the page. Now, thanks to haarg’s custom Plack::Middleware::Debug panels, debug messages are contained within the “Logger” panel. Notice also the “Asset Performance” panel, which displays WebGUI::Asset performance metrics. This is only the beginning.

It’s such a buzz to have the PSGI branch merged in; now the real fun starts! I’ll be speaking about the WebGUI PSGI branch at the WebGUI User Conference in Madison in September, and at the rate things are going, who knows how much fun stuff we’ll be able to show off..

I’m also really looking forward to attending YAPC::NA next week (my first YAPC on American soil) and meeting/hanging out with lots other people who have been doing awesome things in the Perl web app space (and beyond). Vive la renaissance Perl!

Love Plack web apps but feel like writing some Javascript today instead of Perl?

# app.psgi
use Plack::App::JSP;
Plack::App::JSP->new( js => q{
[ 200, [ 'Content-type', 'text/html' ], [ 'Hello, World!' ] ]
});

# displays: Hello, World!

Given the similarities between Perl and JSON you can’t actually tell if I’m cheating or not from the above snippet.

Let’s try something more convincing:

Plack::App::JSP->new( js => q{
function respond(body) {
    return [ 200, [ 'Content-type', 'text/html' ], [ body ] ]
}

respond("Five factorial is " +
    (function(x) {
      if ( x<2 ) return 1;
      return x * arguments.callee(x - 1);
    })(5)
);
});

# displays: Five factorial is 120

I just pushed Plack::App::JSP to the CPAN.
Thanks to Salvador Ortiz and Miguel Ibarra whose recently released JSP module makes this possible.

Oh joys of joys, I have finally succumbed to the repeated blandishments of my buddies Russell Coker and Mitch Davis and have joined the heaving groaning mass of the blogosphere.  The universe may never be the same again.

So what will this blog be about?  It’s a reasonable question, after all.  The answer is: whatever I damn well feel like writing.

Actually the real answer is more complicated, something like “whatever I damn well feel like writing, that doesn’t go against my contractual and moral obligations to my employer, that isn’t against the laws of any country I might want to visit, that I’m unlikely to get sued for, and that won’t annoy my friends too much”.  As usual the truth is messier than the soundbite.

As a guide to what I might blog about, here’s a random selection of my interests:

• Linux kernel development
• networking protocols
• filesystems
• development tools (profilers, coverage, debuggers, test loads)
• history
• current affairs
• books
• science, biology, evolution

Yes, it’s all over the place.  Well spotted.  Give that reader a gold star.

Thanks to Russell for setting up WordPress for me.

After a short holiday in January, it's time again for the LUV Beginner's Workshop. Come along on February 20.

We intend to cover things like:

• How should you partition your machine? Should you use LVM?
• installing various linux distributions;
• tweaking and configuring your system;
• automatic backups;
• home networking, including wireless;
• setting up specific applications;
• using specific applications;
• the Linux problem you're having

According to the HTTP/1.1 specification (RFC 2616, section 14.43) ( http://www.w3.org/ ):

14.43 User-Agent

The User-Agent request-header field contains information about the user agent originating the request. This is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents for the sake of tailoring responses to avoid particular user agent limitations. User agents SHOULD include this field with requests. The field can contain multiple product tokens (section 3.8) and comments identifying the agent and any subproducts which form a significant part of the user agent. By convention, the product tokens are listed in order of their significance for identifying the application.

_{(emphasis by me)}

Despite this quite clear definition, a LOT of websites use the User-Agent in an attempt to identify what capabilities a browser has and deliver it to them. Some might say that Microsoft's usage (abuse) of the User-Agent was the cause of the mess of all this we have today when they made Internet Explorer identify itself as "Mozilla" when it clearly was not. When you think about it though, they most likely did this in order to OVERCOME these already incorrect uses of the User-Agent by web "developers" (as this mozilla page from '98 ( http://www-archive.mozilla.org/ ) also implies).

I use the following true, correct and legal User-Agent for my most used browser, uzbl ( http://uzbl.org/ ):

Uzbl/aa8c2e459cd035f13144c21400f8db1c47a15a36 (X11; U; Linux i686; en-US) Webkit/1.1.6 (A browser built upon the highly renowned web standards compliant and secure Webkit rendering engine that is the heart of several open source web browsers, including Uzbl, Midori and Android Webbrowser)

(the "aa8c2e459cd035f13144c21400f8db1c47a15a36" is actually the git commit (source code version if you will))

User-Agent sniffing is SO bad, that my initial User-Agent (shown below) led to too many sites simply not displaying AT ALL (errors, blank page, etc):

Uzbl/aa8c2e459cd035f13144c21400f8db1c47a15a36 (X11; U; Linux i686; en-US; A browser built upon the highly renowned web standards compliant and secure Webkit rendering engine that is the heart of several open source web browsers, including Uzbl, Midori and Android Webbrowser)


So, whenever I come across a page that I notice does a User-Agent sniff (for example they say "we are sorry, you need to be using IE or Firefox to view this page") I contact the webmaster and inform them of their error. This leads to also no change and in most cases no response.

In the event a response IS received after I contact them, it is usually in the form of "We are looking into this" or something similar to the hilarious "If you tell us your User-Agent, we can add it to the list of working User-Agents".

I have not been hugely affected by this and in the event that a site really doesn't work properly due to this, I will simply go elsewhere and "blacklist" that site (after trying to help them of course).

I have noticed very recently however, a HUGE difference in pages I visit. An extreme number of sites have seemingly started User-Agent sniffing all starting around the same time. As time moved on, I noticed it was largely (but not only) wordpress ( http://wordpress.org/ ) blogs. So what was the symptom of these "sniffing fails"? "Mobile" versions of sites. I visit Amazon ( http://amazon.com/ ) and am presented with a rather plain page:

This is quite different compaired to the standard amazon page:

This page is displayed by the EXACT same browser, passing all the same header variables with the acception of the User-Agent, where it was changed to:

Mozilla/5.0 (X11; U; Linux i686; en-au; rv:1.8.1) Gecko/20061010 Firefox/2.0


The effect is the same with all those Wordpress blogs. So why's it happening I thought, until I realised, they are all sniffing for 1 simple word... "Android". When they detect a User-Agent containing "Android", they go into this "Mobile" version.

I emailed Amazon to let them know, but got the standard "1-click" reply that's rather common with Customer Support these days:

Hello,

Thank you for your comments about using Amazon Anywhere with your mobile device. In addition to our large selection, one of the benefits we try very hard to offer our customers is convenience. I'm very sorry for the inconvenience you experienced while shopping at our store with your device.
...

Of course, they didn't actually READ my comments judging by the "... using Amazon Anywhere with your mobile device ..."

The funniest thing about this is, that even without any adblock or noscript plugins in my browser, I actually get a rather lean browsing experience as a result of this

Perhaps the solution would be to build a mobile device called "Mozilla"

I read an article today entitled "iPhone 3GS Gets Jailbroken, Hack Available Online" ( http://www.pcworld.com/ ). A single paragraph really stood out for me, namely:

"However, the purplera1n jailbreak will free your iPhone from the limitations imposed on it by AT&T and Apple. After jailbreaking, a user will be able to customize the iPhone with home-screen wallpapers and third-party ringtones. But the biggest advantage of jailbreaking is the support of unapproved apps such as iBlackList (blacklists and whitelists for contacts) and many others."

Upon reading this I thought simply, "so, hang on, people are actually truly dumb enough to pay $879 AU ($695 US at time of writing) ( http://store.apple.com/au/ ) for this?!".

You can't run your own applications. To me this is unbelievable. I recently purchased a Palm OS based phone for cheap (off eBay, couldn't get one new ( see my earlier "Good Products are hard to find" post ) and I have so much cool freeware on it it hurts! I've got a RSS/Website feed reader, email client, file manager, PDF viewer, dictionary, thesaurus, complex alarm clock, speech synthesiser, movie player (XVid, Quicktime, etc - you name it), Automatic call recorder, SMS Scheduler, Complex SMS auto-replier, C Compiler and Interpreter, VNC client, SSH client, Source code editor, Text editor, Barcode scanner, Midi editor, XMPP client, Google maps, IRC client, Programmable Remote control, Web browser, a GB/NES/SNES (yes, SNES, as in Super Nintendo Entertainment System)/SMS/SMD etc Emulator and about 4 gazzilion games. This doesn't include the built in apps either, these are just the FREE (as in cost) apps I installed. Stick that up your App Store.

People who own iPhones, just like those who own iPods, deserve what they've got.

For me though, the best bit is "After jailbreaking, a user will be able to customize the iPhone with home-screen wallpapers and third-party ringtones". Riiiiight, so out of the box, you can only have a wallpaper or ring tone that Apple sells/gives you?!

To be fair, with this new model they've added MMS support and copy/cut/paste, voice memo's too! - Apple REALLY lead the pack in tech don't they. Although, they are still missing some features Telstra's $99 AU ($78.55 US at time of writing) T6 ( http://shop.telstra.com/ ) phone has like a built in FM radio, video capture, expandable memory using microSD and proper Bluetooth that works with other Bluetooth devices, not just Apple ones. Oh, and the Telstra T6... I bet it supports having your very own background.

Disclaimer: Please note that the iPhone does actually come with a GPS receiver built in and 16Gb (albeit a hard drive not memory) whilst the T6 only has 45Mb but this comparison was more about showing what a rip-off the crap iPhone is and not how great Telstra's crap T6 phone is.

I use Firefox and have been doing so since before the name change from Firebird (which occurred early 2004) and whilst I have tried other browsers I find a lot of them lacking.

There's Lynx, Links and ELinks but they are text only (well elinks does support a vesa graphics mode I believe but I haven't tried that) and can be a little difficult to use and navigate. There's also dillo but it's SSL support is alpha only at the moment, it doesn't support frames and it's support for image formats seems a little limited.

I find Firefox somewhat better than these although out of the box it's got some annoying limitations - luckily it has extensions. In the past I had to add 20 odd extensions just to make Firefox "almost un-annoying" to me but thanks to Mozilla adding these features in Firefox over time, I've got my extensions list down to a mere 9 which I will detail below (roughly in inverse order of importance, just for fun).

• User Agent Switcher (https://addons.mozilla.org/)
  

  This extension allows you to change your User Agent, also allowing you to switch between user-defined User Agent strings. While a lot of people use this to visit websites that say "I'm sorry, you need Internet Explorer to view this" when it would render fine in Firefox, I use it just to set my User Agent to something more generic (namely "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.5) Gecko/2008123017 (A browser built upon the highly renowned web standards compliant and secure Gecko rendering engine that is the heart of several open source web browsers, including Camino, Epiphany, Firefox, K-Meleon, Mozilla, Netscape, SeaMonkey and XULRunner)", an idea I got from Mozilla Firefox Bug 334967 (https://bugzilla.mozilla.org/)). In fact if a website says "You need Internet Explorer", I just take my business elsewhere.

• Add Bookmark Here² (https://addons.mozilla.org/)
  

  I realise while writing this, that I don't actually use this extension anymore but only because it doesn't really work with another extension I use that I cherish more. Add Bookmark Here² adds a menu item under each subdirectory in your Bookmarks called "Add Bookmark Here". This is a lot more intuitive and natural feeling than using Firefox's Add Bookmark dialog to navigate to where you want to place your Bookmark.

• Duplicate Tab (https://addons.mozilla.org/)
  

  This little beauty is essential when dealing with annoying pages that require you to click something and won't accept it when you open them in a new tab/window etc. It simply allows you to duplicate any given tab to another tab or window, including it's history.

• Image Zoom (https://addons.mozilla.org/)
  

  This extension allows you to right-click any image and zoom it to any size. This is a great little extension if you need to get a closer look at an image. As of Firefox 3 "zooming" the page no longer zooms just the text but also the images making this extension less necessary but I still find it better to turn that feature off and reserve their "zooming" to text only and leave the image zooming to this little extension.

• Stop Autoplay (https://addons.mozilla.org/)
  

  Stop Autoplay allows you to disable autostarting of embedded media (or exclude it altogether) as well as blocking Flash (though I don't use that feature (see below)). Quick, simple, NECESSARY for those dodgy GeoCities or MySpace websites that spew audio at you obnoxiously.

• Nuke Anything Enhanced (https://addons.mozilla.org/)
  

  Ever had a website that brought up an annoying "popup" within the page, blocking the content and not allowing you to read it until you clicked something? Maybe you want to print the page without all the unnecessary images (Note I haven't actually tested this extension for this purpose but I THINK it'd work)? Well, this extension will allow you to right click ANYTHING (yep even a table cell, paragraph, image, frame, div etc) and select "Remove this object". Until you try this, you have no idea how satisfying it is!

• Adblock Plus (https://addons.mozilla.org/)
  

  This extension will block ads from websites so that you don't have them in your face whilst trying to read the content. You can subscribe to ad list databases and even add your own manually or automatically (right-click any ad and say "AdBlock this"). I am actually torn with this one as I realise some sites rely on their ad revenue to fund their hosting etc. I would advise anyone who feels this way to still have this installed (but not subscribed to any database) and simply use it for the really obnoxious ads that insist on flashing in your face.

• Flashblock (https://addons.mozilla.org/)
  

  The web today is unusable without this extension. This extension is more advanced than Stop Autoplay's Flash blocking capabilities because it still reports to the website that you can handle Flash but it won't actually load the Flash unless you click a cute little play button. Stop Autoplay is aware of this extension and won't fight for Flash control if it sees it (so they play nice together).

• Vimperator (http://vimperator.org/)
  

  This one changed my life. It's the best extension EVER. It is designed to allow you to operate Firefox as you would VIM, including many of the same shortcuts and commands. The good thing is you can have it installed and still use Firefox normally and just take advantage of the features you like. It has a most excellent keyboard link navigating system where you press 'F' and start typing the text of a link. As you do so, the list of available will reduce until such time as there is only one left at which time, it is "clicked". While this is happening however, the links matching the text you've typed will be highlighted and numbered so you can optionally type a number at any time to follow that specific link. Features like this make keyboard navigation quick and painless. It has many other features worth looking into too - check out their website for more details. In short though, if you use VIM (and Firefox) you NEEEEEEEEED this.

Well, that's it. My list of required extensions to make Firefox really usable and an almost painless experience.