Planet Russell

It’s here. Lots of interesting questions and answers. Nice look into the mind of R.U. By the way, he just started teaching an online class on transhumanism at the Evolver Academy. You can probably still join the course for $120, though I haven’t double-checked on that.

CyBeRev is offering cash and other prizes (like cool video recording sunglasses) for people whose mindfiles do the best at conversing like people. I’m not sure exactly how mindfiles converse, but if you figure that out, you can win. If you win, be sure to take pictures of yourself with your cool shades.

Found and reported a couple of PHP 5.3 bugs yesterday. That isn’t such a surprise; it’s a new release, after all, and we’re currently in the midst of developing code for the first time against 5.3 here at work. One of them is a crasher, but an obscure one reliant on the new-in-5.3 INI_SCANNER_RAW mode in parse_ini_file and a rather odd configuration file, so as these things go, it’s pretty minor, and scottmac has jumped on it very promptly indeed (thanks!). The response from Jani was interesting, though:

Thanks for not reporting this before release..

Now, Jani does a tremendous amount of work triaging PHP bugs and I — and every other PHP developer (particularly those of us who does this for a living) — owe him a huge debt for that. But frankly, I resent the implication that I’ve somehow sat on a crasher since before 5.3.0 was released and only submitted it now as some sort of weird vendetta against the PHP internals team. Funnily enough, I only found it while I was reducing the other, more trivial bug down to a minimal test case.

I get far worse things implied in my direction when I’m out on a Saturday night in Northbridge, so really, I’m not that fussed. (I’m obviously a bit fussed, though, since I’m writing this.) I do wonder how somebody new to the PHP community would feel, though — my guess is that you could forget about future bug reports in some cases, and that just isn’t a win for anyone.

During the last weeks I've been spending some time to start a wireshark dissector plugin for GSM 12.21, which is the Organization and Maintenance protocol between BSC and BTS. Using this protocol, many aspects of a BTS are configured by the BSC.

I have already implemented the BSC side of 12.21 inside OpenBSC, and OpenBSC contains parsing code and debug logs about what is happening on this protocol. However, I think it is much better to remove most of that debug printing code from OpenBSC and move it into wireshark. Whoever needs per-message debugging, can start wireshark and look at the output - with the advantage of extensive filtering capabilities.

The protocol is quite complex and has many different messages with each their own set of attributes. So the current work is far from being complete, but it's already at a point where it is really useful.

I've put a specific focus on implementing the vendor-specific bits for ip.access, since those are hard to figure out and much more difficult to implement for anyone who hasn't spent as many weeks looking at hexdumps from their Abis-IP protocol as me. Parsing standard 12.21 messages is easy, just read the publicly-available spec and add wireshark code for it.

In case you're interested, the plugin is available from this path in the OpenBSC git tree

Later this month, you can watch the TEDGlobal 2009 conference live from the UK through an Associate membership -- offering a virtual front-row seat at the conference via a private, live web stream of the main-stage events.

TEDGlobal Associate membership costs $995 and includes a password-protected, single-computer, live web stream of TEDGlobal 2009 as it unfolds in Oxford, and the right to watch with up to 10 other people. Most talks from TEDGlobal 2009 will eventually become TEDTalks, available free on TED.com. But Associate members will be able to watch the full main-stage sessions live as they happen, including introductions, short talks, musical performances, video interstitials and audience interactions that are not shown on the website. Associate membership groups who watched the last TED conference live from Long Beach gave us enthusiastic feedback, persuading us to repeat this service. We learned that people who carve out the time and gather with friends for a multi-day virtual TED experience can gain as much inspiration as those attending live.

TEDGlobal 2009 will explore "The Substance of Things Not Seen." Speakers this year include world-renowned philosophers, scientists, religious leaders, entertainers, artists, musicians and technologists -- see the lineup here. The event will take place July 21-24 in Oxford, UK.

TEDGlobal Associate members will be issued a noncommercial license that allows them to share their webcast with up to 10 viewers in the same room. Also included with each Associates membership: a full year of the legendary TED Media Club, with 5 shipments of books, DVDs and other media throughout the year; enhanced social networking on TED.com; and an exclusive welcome kit that's not available to any other TEDsters, with a viewing diary, postcards and other keepsakes.

Learn more about TEDGlobal Associates membership >>

""I was just the vessel. It wasn't Michael's sperm. Just like I stick the sperm up my horse, this is what they did to me. I was his thoroughbred."....

"I know I will never see them again. I was never cut out to be a mother - I was no good. I don't want these children in my life. My children are my animals now."

"I offered him my womb - it was a gift. It was something I did to keep him happy."

"I got paid for it, and I've moved on. I know I will never see my children again."

And this:

"I was never a good mother, I never felt any attachment to them. It was a better feeling giving them to him than it was keeping them as my own.

So what changed, Debbie dear? Well ... maybe it's this, as reported by TMZ:

We've learned who's getting what in Michael Jackson's trust. Here's how it breaks down.

Katherine Jackson will get 40% of the assets.
Michael's 3 kids will get another 40%.
And the remaining 20% goes to several children's charities. We're told the charities have not been designated yet and are not specified in the trust.

What's 40% of $1 billion? I'll bet Debbie's done the math ... and would it be too much to create a charity called The Deborah Jean Rowe Foundation, like, yesteray???

Care to vote on whether she should get custody of the money ... I mean the kids? Here you go!

Flashback: Debbie before she gave birth to their second child, pretends to be really married to Michael, but admits their "friendship is more important." Now, of course, she's blabbing to anyone who'll talk to her that their marriage was a sham (not to mention outing Jackson as not the kids' bio father.)

Flashback 2: Debbie defends giving up custody of her kids back in 2003, adding: "my kids don't call me mom because I don't want them to." Watch:



Plus: will the nanny also enter the custody sweepstakes?

Ah, dying rich!

• Learn the basics of Search Engine Optimization with Google's SEO guide.
  
• Submit your content so that Google can help you distribute it across Google Web Search, Maps, Product Search, iGoogle, and more.
  
• Drive more traffic to your site with programs like AdWords.
  

I have previously written about an error that valgrind reported in the STL when some string operations were performed by the DKIM library [1]. This turned out to be a bug, Jonathan Wakely filed GCC bug report #40518 [2] about it, Jonathan is one of many very skillful people who commented on that post.

deb http://www.coker.com.au lenny gcc

I’m still not sure whether that bug could actually harm my program, Nathan Myers strongly suggested that it would not impact the correct functionality of the program but mentioned a possible performance issue (which will hurt me as the target platform is 8 or 12 core systems). Jaymz Julian seems to believe that the STL code in question can lead to incorrect operation and suggested stlport as an alternative. As I’m not taking any chances I built GCC with a patch from Jonathan’s bug report for my development machines and then built libdkim with that GCC. I created the above APT repository for my patched GCC packages. I also included version 3.4.1 of Valgrind (back-ported from Debian/Unstable) in that repository.

Nathan Myers also wrote: “Any program that calls strtok() even once may be flagged as buggy regardless of any thread safety issues. Use of strtok() (or strtok_r()) is a marker not unlike gets() of ill thought out coding.” I agree, I wrote a program to find such code and have eliminated all such code where it is called from my program [3].

I think it’s unfortunate that I have to rebuild all of GCC for a simple STL patch. My blog post about the issue of the size and time required to rebuild those packages [4] received some interesting comments, probably the most immediately useful one was to use --disable-bootstrap to get a faster GCC build, that was from Jonathan Wakely. Joe Buck noted that the source is available in smaller packages upstream, this is interesting, but unless the Debian developers package it in the same way I will have to work with the large Debian source packages.

I have filed many bug reports against the OpenSSL packages in Debian based on the errors reported by Valgrind [5]. I didn’t report all the issues related to error handling as there were too many. Now my program is often crashing when DomainKeys code is calling those error functions, so one of the many Valgrind/Helgrind issues I didn’t report may be the cause of my problems. But I can’t report too many bugs at once, I need to give people time to work on the current bug list first.

Another problem I have is that sometimes the libdkim code will trigger a libc assertion on malloc() or free() if DomainKeys code has been previously called. So it seems that the DomainKeys code (or maybe the OpenSSL code it calls) is corrupting the heap.

So I have given up on the idea of getting DomainKeys code working in a threaded environment. Whenever I need to validate a DomainKeys message my program will now fork a child process to do that. If it corrupts the heap while doing so it’s no big deal as the child process calls exit(0) after it has returned the result over a pipe. This causes a performance loss, but it appears that it’s less than 3 times slower which isn’t too bad. From a programming perspective this was fairly easy to implement because a thread of the main program prepares all the data and then the child process can operate on it – it would be a lot harder to implement such things on an OS which doesn’t have fork().

DomainKeys has been obsoleted by DKIM for some time, so all new deployments of signed email should be based on DKIM and systems that currently use DomainKeys should be migrating soon. So the performance loss on what is essentially a legacy feature shouldn’t impact the utility of my program.

I am considering uploading my libdomainkeys package to Debian. I’m not sure how useful it would be as DomainKeys is hopefully going away. But as I’ve done a lot of work on it already I’m happy to share if people are interested.

Thanks again for all the people who wrote great comments on my posts.

• [1] http://etbe.coker.com.au/2009/06/22/valgrindhelgrind-and-stl-string/


• [2] http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40518


• [3] http://etbe.coker.com.au/2009/06/14/finding-thread-unsafe-code/


• [4] http://etbe.coker.com.au/2009/06/24/unreasonably-large-source-packages/


• [5] http://etbe.coker.com.au/2009/06/28/valgrind-and-openssl/

I'm going to DebConf, and will be giving what I think is the first talk I've ever done about debhelper there. Incidentially, debhelper in experimental has some nice new features.

I have no idea how I'm getting from the Madrid airport to Cáceres, and would rather spend time working on my talk than trying to book tickets internationally, so I hope buying train tickets at the station is not a foolish plan..

Here's an article from the premier financial newspaper in the world, the Financial Times, on a situation that I believe is catalyzing the current crisis (hoisted from Paul Kedrosky's blog).  

I recently blogged about the GeoDNS setup we plan for security.debian.org. Even though all DSA team members agree that the GeoDNS setup for security.debian.org should come alive as soon as possible, we still fear to break an important service like security.d.o.

Yesterday I decided without further ado to float a trial balloon and converted DNS entries for the Debian Project homepage to our GeoDNS setup. While doing so, we found out that some part of our automatic deployment scripts still need to be adjusted to serve more than one subdomain of the project.

That setup is live for about eighteen hours now, and the project homepage now resolves it IPs via GeoDNS. For now, we are using senfl.d.o for Northern America, www.de.debian.org and www.debian.at for Europe and klecker.d.o for the rest of the world. From what I can see from GeoDNS logs, it seems to work fine, and the load stays reasonably low, so after a short test period we might add additional services like security.debian.org to GeoDNS.

Interesting items of interest:

The S10-2  and the S12, two of Lenovo’s newest netbooks are now available for sale, and while there are plenty of reviews and detailed discussion about the systems already circulating, I thought it might be interesting to talk to someone who has been involved in Lenovo’s netbook program.   

 This week, I caught up with fellow Lenovo blogger, Brandon Hoe.

Brandon shares a bit about himself and the various projects that he’s involved with, the S10 evolution, and his thoughts on some of the trends he’s seeing for netbooks in the future.    I hope Brandon explores some of these points in more depth on his blog in the near future.

The video is a bit long at over six mins (I think 2-3 would be ideal for this kind of thing), but Brandon was a great sport and shared his thoughts naturally.  I learned a few things while doing this,  and will ensure better camera work and audio for future endeavors.

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

http://pastebin.flamingspork.com/

A pastebin running Drizzle and the Drizzle PHP Extension (which is on top of libdrizzle).

T.G.I.M.B.O.E.J. stands for The Great Internet Migratory Box Of Electronic Junk, and it's celebrating its first anniversary this week. Do think of it as partly a social experiment, but more so a free-range parcel service-based electronics grab bag that circulates among hardware hackers who are eager to discover useful, cool, old, or even rare treasures from the world of circuits old and new. According to their own description:

[It] is a progressive lending library of electronic components. An internet meme in physical form halfway between P2P zip-archive sharing and a flea market. It arrives full of wonderful (and possibly useless) components, but you will surely find some treasures to keep. You will be inspired look through your own piles, such as they are, and find more mysterious components that clearly need to be donated to the box before it is passed on again.

If you're a tinkerer, a smart hardware geek, a fab-lab fan or aspiring aeronaut who wants to put that dusty old pile of circuit boards, switches, magnets, transistors, transformers, LCDs, CRTs and LEDs to a greater use (and perhaps find some interesting or useful new treasures to fiddle with), T.G.I.M.B.O.E.J. has a useful wiki that will tell you how you can get started.

My recent visit to Brazil was a wonderful validation of the belief that I've held for more than 20 years: if you give people a better way to do things, they'll do better things. The Brazilian government continues to expand its adoption of open source, both across more and more ministries and deeper within each ministry. I had the pleasure of talking with one of Brazil's top IT strategists, and she told me some very interesting things, both encouraging and alarming.

read more

One month ago I wrote an open letter to Google/Feedburner suggesting that it might be time to add some more features to Feedburner - particularly the ability to customize subject lines of those subscribing to a feed via RSS.

It seems that they’ve been hard at work on that very feature.

Today I logged into my Feedburner account and noticed this in the ‘Email Branding’ area.

Yep - it’s the feature we’ve been waiting for! All you need to do now is add the tag ${latestItemTitle} into the subject line and it looks like you’re set to have new subject lines on each email sent.

There’s no official word on this new feature yet from Feedburner.

Ironically it was only a few hours ago that I emailed a few questions to Feedburner who have agreed to an interview here on ProBlogger. Expect to hear more from Feedburner in the coming few days - hopefully this is a sign of things to come as they take Feedburner to the next level!

Thanks for listening Feedburner.

A hat tip to Carrie who emailed me about this new feature - nice pick up!

Post from: Blog Tips at ProBlogger.

Feedburner Add Customizable Subject Lines to Email Subscriptions

Share This

I decided to try to be good, so I found the GNOME bugzilla and tried to search for "directory", or "rhythmbox", or anything. Every time it would spend a lot of time waiting and then just finish with a blank page. Deciding that their Bugzilla was hosed, I went and got a Launchpad account and logged it there. Then, in a fit of "but I might have just got something wrong", I went back to the Bugzilla and tried to drill down instead of typing in a keyword.

Lo and behold, when I looked for bugs relating to "Rhythmbox", it turned up in the search bar as product:rhythmbox. Sure enough, if I typed in product:rhythmbox summary:directory then it came up with bugs that mentioned 'directory' in their summary line. If you don't get one of those keywords right, it just returns the blank screen as a mute way of saying "I don't know how to deal with your search terms".

So it would seem that the GNOME bugzilla has hit that classic problem: developer blindness. The developers all know how to use it, and therefore they don't believe anyone could possibly use it any differently. This extends to asserting that anyone using it wrong is "obviously" not worth listening to, and therefore the blank page serves as a neat way of excluding anyone who doesn't know the 'right' way to log a bug. And then they wonder why they get called iconoclastic, exclusive and annoying...

Sadly, the fix is easy. If you can't find any search terms you recognise, at least warn the user. Better still, assume that all terms that aren't tagged appropriately search the summary line. But maybe they're all waiting for a patch or something...

Twenty five years ago, when Steve W. worked for a military subcontractor, he'd often roll his eyes when meetings were denoted "CONFIDENTIAL". It's not that he didn't take confidentiality seriously, it's just that everything they did was confidential. By labeling most everything "CONFIDENTIAL", there was no way of knowing when some things – like performance reviews and should-we-fire-so-and-so discussions – were really, really confidential. At least, not until you were actually in the meeting.

At one meeting, it was was really, really confidential. It was a one-on-one and across the table from Steve sat the Project Manager. These kind of solitary meetings took place either because you're doing something very wrong... or you're getting canned.

"Hey Steve," the project manager started, "I need a fresh set of eyes on a performance problem we've been facing with the EC Unit."

Steve perked up at this. And not just because he wasn't getting fired, but because the EC Unit — EC being short for Electrical Capabilities — was a pretty big deal as of late. It was a "switch" on one of their new automated testing stations with hundreds of relays configurable to variety of electrical ratings: 50 Milliamps at 0.01 Volts, 400 Volts at 200 Amps, you name it. Being about the size of a VW Bug and having a panel of blinking indicator lights which actually meant something, it was an impressive sight... and had an equally impressive budget to boot.

The project manager continued, "it's taking in the neighborhood of eight hours to run through an engineer test script and that is really hurting us on turnaround. If you can crack this nut, you just might be the hero of the project."

A HERO'S WORK

Eagerly, Steve got to work on familiarizing himself with the EC's software. Basically, the idea behind the program was that, as part of a test, the engineer would write a statement like "Apply X amps at Y volts to circuit C with waveform..." and the program would compute the least electrically expensive path.

Developed by the primary contractor, the code weighed in at about 5,000 lines of Pascal and, with a myriad of functions and high math, it was certainaly no picnic. For days, he poured through the logic. After single stepping though the program and creating enough flow charts and flow diagrams to cover two walls, nothing jumped out at him. However, when Steve added a global counter in every function in the application (as there was no profiler available), he hit paydirt.

While most functions were called proportionally to the number of connections to be analyzed, the following worst offending function was called over a billion times.

function eval_strings_are_equal(s1:string[255], s2:string[255]):Integer

    «reasonably efficient string compare function implementation here»
end

The funny thing about that innocent looking function was how the program handled the parameters. Can you see it? No matter what the size of the string data — even as few as two characters — the program would copy two 255 byte sequences to the stack, one byte at a time. Steve found that if he changed the parameter declaration to the *even* number 256, the parameters would be copied to the stack *two* bytes at a time and reduced the runtime by half!

But, was 256 bytes...overkill? Steve looked further and found that the longest strings ever passed would only be 8 bytes long - he reduced the parameter length to match. The end result: an analysis that would ordinarily take an entire business day would be done in a half hour.

No doubt about it - Steve was the man. And better yet, it wasn't even his company's fault: the primary contractor was responsible for that particular module.

AFTERMATH

At their next "CONFIDENTIAL" meeting, the Project Manager started without a word of small talk. "So do you have something for me?"

Steve smirked and nodded, with a smug Yeah, you better believe I do! and handed over the documentation with a very nice "before and after" graph on the first page.

"WOW!" the project manager was shocked, "This is good!...REALLY GOOD!"

Before Steve could even explain how he did it, the project manager jumped in again. "However," he said slowly, "we're going to have to sit on this for now. We can't tell them about this."

Steve shot back a quizzical look as the project manager explained. As it turned out, there was a big political fight going on with the primary contractor about the project. The primary was blaming Steve's company for overall Electrical Capabilities slowness and Steve's company was blaming the hardware supplied by the primary. Not that it really mattered, because there was a planned upgrade to the Electrical Capabilities system that, among other things, promised much higher performance.

"It's only a single line code change," Steve implored, "it would take all of five seconds to explain. Then the users would be up and run-"

"Yeah, yeah," he brushed off, "we'll keep it as our 'ace in the hole' in case they complain about slowness after the upgrade. We'll show 'em that we're not the ones who are causing all the problems."

"But isn't the upgrade several months away?" Steve rhetorically asked, "we can get them to implement it now and save thousands of client man hours in the mean time."

The project manager glared, "you're not going to share the patch information. It's confidential."

As the planned upgrade date came closer and closer, the likelihood of actually upgrading seemed less and less likely. When the date had come and gone, the upgrade project was "put on hold until next quarter". And it stayed on hold for quarter after quarter after quarter.

Five years later, when it came time for budget cuts, the entire Electrical Capabilities project — military personnel and all — was cut for good. Apparently, the auditors weren't too thrilled that engineers just sat around all day, waiting for some program to run.

So I didn’t actually get to vote in the Triple J top 100 of all time. I feel really stupid to have missed it! I was just asked (live on radio) whether I had voted and I stupidly said yes intending to get straight off the phone and onto the voting, but it was closed! So below are my top 10 songs of all time, some for technical reasons, all for emotional. Thought it might be of interest to some

Meme time!

In no particular order:

• Gorecki – Lamb. Our wedding song About finding that person that just completes you, that complements and helps you want to be a better person. A beautiful song and a beautiful voice.
• Smells Like Teen Spirit – Nirvana. Changed everything, and yet so simple. Influenced a generation.
• Shame – Stabbing Westward. My favourite angsty teenage song. Once went to a Live (the band) concert just to see Stabbing Westward play support, and then left The man has an incredible voice.
• H – Tool. I love a lot of the older Tool music, this particular one reminds me of a close friend who died very young in very unfortunate circumstances.
• We’re in this together – Nine Inch Nails. I love pretty much every NIN song, but this one really talks to me about regardless of everything going on, none of us are truly alone.
• Fade to Black – Metallica. One of their best songs, and one that influenced me to learn guitar in the first place.
• Burn – The Cure. an amazing (and dark) song from The Crow soundtrack. One of their best in my opinion. Admittedly takes me back to school
• Cornflake Girl – Tori Amos. Beautiful, powerful and disturbing. Worth looking into the deeper meaning.
• Classical Gas – Mason Williams. An incredible guitar piece that puts me in an almost meditative state when I play it. Technically challenging but also a joy to play and listen to.
• Pathetique – Beethoven. Such an exquisite piano piece, and when played well covers about the entire scope of human emotion. Fun to play too, but I’ve yet to master it

There are so many more songs I love, and I’m sure given more time I’d rejig this another dozen times. So I’ll leave it there Apart from one last honorary mention:

• Space Cadet – Kyuss. Couldn’t leave this off. This 3 person rock band had such a big sound, such a complex and incredible mix. Great fun to play on the bass. Demon Cleaner also very worth listening to.

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

In the next hours or even days, I might be quite verbose so that people can have a tiny idea of what porting looks like. Or eventually what being in a bootstrapping phase looks like.

I love it when a plan comes together!

One important goal was trying to get sbuild installable within sid. Of course it is already installed on the buildds, but having it handy should help developers hack on their own boxes.

The chain of dependencies wasn’t very long, but still:

sbuild → libsbuild-perl           [not installable]
libsbuild-perl → schroot          [not built]
schroot → libboost-dev            [not built]
libboost-dev → libboost1.38-dev   [not built]
libboost1.38-dev → libopenmpi-dev [not installable]

First of all, I filed #535202 so that libibverbs can be built on GNU/kFreeBSD, which was needed because libopenmpi-dev depends on one of its binaries. We weren’t sure it was appropriate, though, since it looked like pretty much Linux-specific. So I filed #535225 to get installability issues of libopenmpi-dev on non-Linux architectures fixed (by excluding libibverbs-dev from the Depends on those architectures, matching what was already done for the build dependencies). A fixed package was uploaded in some hours only!

In the meanwhile, I gave mpi-defaults a shot, using the locally-built libopenmpi-dev package. It could have gone flawlessly if I didn’t stumble upon an FTBFS due to a toolchain change. #535230 got filed accordingly, and fixed some hours later too!

Building boost1.38, then boost-defaults, and finally schroot went smoothly, and all the above-mentioned packages are now installable on the porter box. And thanks to the responsiveness of those maintainers, plus some extra bits of wanna-build magic (give-backs using dep-waits), packages got tried (and built successfully) when their build dependencies became available on the buildds.

In the meanwhile, the maintainer of libibverbs confirmed that it’s not worth building useless binaries on non-Linux architectures, so I closed #535202 and opened a bug against buildd.debian.org instead, requesting the addition of libibverbs to the Packages-arch-specific list (aka. P-a-s): #535360.

Now, there are still some issues when trying to use sbuild, but it’s at least installable and people can try it out.

Working on another package also made me noticed that there was a bug in a FreeBSD kernel header: #535243. The fix is already in the repository, and it looks like I’m going to be added to the Uploaders of the kfreebsd-kernel-headers source package so that it gets uploaded quickly.

I hate impromptu toolchain-related FTBFSes

While I’m all for making tools as strict as possible (especially build-related tools), I really think it would be very nice for toolchain maintainers to deliver advance warnings.

GCC folks do that perfectly: File bugs, provide patches, raise severity when the new version is around, NMU if needed.

Dpkg folks prefer making a parser stricter, without caring at all which packages they might break. The previously-mentioned mpi-defaults was one of them.

The list of FTBFSes triggered by dpkg 1.15.3 (at least, the ones I spotted using 3 basic UNIX commands and spending a few seconds in lintian’s lab on lintian.debian.org, see how difficult that was!) follows: #535230, #535276, #535279, #535283, #535284, #535287, #535292, #535297, #535299, #535301, #535303, #535304, #535306, #535310, #535312 (all of them with tested patches because I didn’t feel like being lazy and shrugging over IRC after being notified).

At least it’s not about trying to sneak *FLAGS handling into a frozen testing this time. But that’s still annoying.

Firstly I have to apologize again for not providing you with weekly update #4, but again I didn’t have the time to write one, so this post is going to sum up everything that happened since my last update.

Let’s have a look at my previous TODO list:

Documentation

Even though my TODO list entry contained a more detailed entry I have updated the UpdateManager documentation as a whole, leaving only a few blank spots right now.

Ubuntu distribution specific code

I implemented changelog fetching for Ubuntu, which works just as fine as its Debian counterpart now.

More unit tests

There are plenty of unit tests now, but not everything is being tested yet. I am especially proud of my Python interface validation code, that is being used in unit tests to check if handlers implement an interface correctly.

Update list downloading

Checking for updates is what caused me major trouble in the past few days. Basically I had all the code ready, but for some reason the UI froze, with no apparent reason.
However, today I was able to finally identify and fix the problem. As I expected my code was just fine, but python-apt was messing up. I am going to discuss the exact problem and its solution later on, but first: a screenshot.

Note: As you probably noticed I replaced the default progressbar with a pulsating one, because we cannot get exact information on how many items/bytes to fetch and would likely get a progress bar moving backwards, which isn’t beautiful.

Further changes

The TODO list was rather short and I did a lot of other work, which I want to elaborate on.

Dynamic selection of frontend, backend and distribution specific modules

Even though this is probably not of any interest to John Doe, it helps a great deal when debugging code as all three components can be selected via separate command line switches now.
Additionally some magic has been put in place that automatically detects the system’s distribution and loads the corresponding distribution specific module. This is done via lsb_release and the newly introduced code in UpdateManager.Util.lsb.

Pylint cleanup

Just out of curiosity I decided to start a pylint run on the codebase and quite a few problems were detected, which I then fixed. To be honest though I added quite some code afterwards that probably needs pylint checking and fixes again.

update-manager IPC

My original plan and IPC design involved using callback functions and passing them between the different modules. Even though this worked out fine I had the feeling this wasn’t clean enough and decided to ditch this approach and replace it with handler classes.
The handler base classes now provide an interface of methods that are called on certain events and their implementations act accordingly. The main benefit was that I could easily drop a lot of enums and rather have different methods handling different events.

Gtk, threads and python-apt

With the new IPC approach it became easier to use threads that do the actual work in the background, which I had implemented in next to no time, but a few problems showed up.
Whilst cache reloading from within a thread worked just fine checking for updates did not, and until today I didn’t know why. I spent a good amount of time debugging this issue, even using python profiling, but nothing obvious showed up. The background process was running, whilst the UI froze.
Today I finally found the root of the problem: python-apt. Even though I assumed that the python-apt worker threads must be stealing CPU time from the thread running gtk.main I wasn’t sure how this could be happening, having two completely independent threads.

Now, the cause of all this mess was that Python has a global threading lock and it seems as if this one is *LOCKED* when running C-code, such as the one python-apt comes with. The solution lies in calling Py_BEGIN_THREADS_ALLOW and Py_END_THREADS_ALLOW from within the C code, to release the global lock and let the Python interpreter do some work every now and then.

As with the python-apt acquire code I was able to allow other threads to work as soon as the fetching code starts working and only disallow threads when actually modifying Python objects or calling methods and/or functions. Surprisingly python-apt already made use of this in its cache loading code, but not the fetch progress code.
Fixing this problem took me less than half an hour and you probably can’t believe how glad I was to finally get things working again.

UI updates & other changes

Some details in the UI were anything but optimal, like horizontal scrollbars in a few places, which I removed. Additionally I saw the need to move some code out of the Gtk frontend’s __init__.py file and to a separate ui.py file.
A full list of all changes I made is available from the bzr changelog at bzr.debian.org.

A few more screenshots

Finally, I would like to provide you with two more screenshots (don’t worry about my system being insecure because of not applied updates – this is a testing machine that is  not up-to-date on purpose):

TODO list

My TODO list for next week:

• Downloading and installing of updates
• Checking that everything is documented
• Even more unit tests
• Pylint checking
• If time permits and everything else works correctly: working on an aptdaemon backend

• Bolos 2: The Unconquerable
• Why don't penguin's feet freeze? (and 114 other questions)
• Isaac Asimov's Robot City: Robots and Aliens: Alliance
• Why do men have nipples?
• The Book of General Ignorance
• Bolos 3: The Triumphant
• Bolos 4: Last Stand

Tags for this post: book() read()

I thought maybe there was some problem with my laptop hardware and maybe the iwl4965 chipset simply would not do it under Linux. However searching online suggested I should be able to make it do WPA2.

Thinking maybe the Ubuntu people had done it right and Debian was missing something I tried booting a Jaunty live cd. I also discovered the rather neat feature of suspend to disk (hibernate) in that you can hibernate your computer, boot off a live cd, use it, reboot and have your existing session come right back up normally on the next boot.

Anyway I booted up Jaunty and tried to authenticate, still failed in a similar manner to my Debian installation. Out of curiosity as I had heard of hardy working I booted my laptop on a hardy live cd. So network manager and iwlagn driver combined on either Debian sid or Ubuntu jaunty had failed to authenticate. Ubuntu hardy on the other hand, using an older version of network manager and the iwl4965 driver in the kernel worked fine. WPA2 authentication and use on the ANU Secure wireless network.

So now I need to find out where the regression has happened that means WPA2 is broken in more recent releases of the software (kernel drivers, wpa supplicant, network manager) on either Debian or Ubuntu.

Enrico writes about creating pipelines with Python's subprocess module, and notes that you need to take care to close stdout in non-final subprocesses so that subprocesses get SIGPIPE correctly. This is correct as far as it goes (and true in any language, although there's a Python bug report requesting that subprocess be able to do this itself), but there's an additional gotcha with Python that you missed.

Python ignores SIGPIPE on startup, because it prefers to check every write and raise an IOError exception rather than taking the signal. This is all well and good for Python itself, but most Unix subprocesses don't expect to work this way. Thus, when you are creating subprocesses from Python, it is very important to set SIGPIPE back to the default action. Before I realised this was necessary, I wrote code that caused serious data loss due to a child process carrying on out of control after its parent process died!

import signal
import subprocess

def subprocess_setup():
    # Python installs a SIGPIPE handler by default. This is usually not what
    # non-Python subprocesses expect.
    signal.signal(signal.SIGPIPE, signal.SIG_DFL)

subprocess.Popen(command, preexec_fn=subprocess_setup)

I filed a patch a while back to add a restore_sigpipe option to subprocess.Popen, which would take care of this. As I say in that bug report, in a future release I think this ought to be made the default, as it's very easy to get things dangerously wrong right now.

It's been one year since the public launch of identi.ca on July 2, 2008.

At the time, I'd been working on the software for a few months, and after some friendly beta testing by Montreal tech folks and autonomo.us members, I felt that it was time to Release Early, Release Often. So on vacation in Lake Tahoe with my pregnant wife and in-laws, and jetlagged and unable to sleep, I sent out an announcement email to beta users at 5:30AM PDT. You can see my status update on the subject, which in turn links to our press release and my personal blog post of Journal/14 Messidor CCXVI. We had 10K users within 30 hours; I switched hosting providers and did a new release of the software within 72. It was a busy time.

I had no idea that identi.ca and Laconica would become such an important part of my life and of the Internet landscape. In the intervening year, we've received seed funding from Montreal Start Up, done 4 major point releases of the software (from last year's 0.4.x to this week's 0.8.x), and become the indisputably most important Open Source microblogging platform on the planet.

I'd like to take moment to give my personal thanks to folks who've helped make this project such a success:

• My wife @majnoona and children @amitajune and @stavro who've been so patient with my work and travel schedule over the last 12 months.
• My innumerable friends and colleagues who've set up accounts on identi.ca and used them. You learn who your friends are when you start a new project like this.
• The thousands and thousands of people who've become new friends through the site. I've been awed by how many folks have caught onto the dream of Open Source, distributed microblogging and made it their own.
• The dozens of developers who've written code for Laconica, or plugins, or API clients that use the software.
• The team of developers and admins at Control Yourself: @zach, @csarven, @millette, @nate, @foucault and @cvollick. They've put in long hours and done some really impressive technical feats to keep us going in the face of growth and technology changes.

I'm looking forward to another big year.

tags: identica laconica identica1

I am currently stuck taking four times the suggested daily dose of two anti-histamines in order to combat my body and its reaction to plants having sex all around me.

I am taking two 10mg Loratadine tablets, and two 10mg Cetirizine Hydrochloride tablets, twice daily. This is effectively four times the recommended dose of twice as many anti-histamines as I should need.

I wasn’t this bad last year, but the year before was similar. Irritatingly, once the drugs kick in (45 minutes to an hour after taking) my runny nose, itchy/burny eyes, slight dopeyness induced by feeling crap, etc. all fade away. Yesterday I needed my second dose a mere 8 hours after the first, but I didn’t need to re-dose until this morning after that.

I guess what I’m asking is—what is the expected side-effects of taking such a high dose of antihistamines. Do any of you out there have to take such high doses, have you seen a doctor about this? All I expect a doctor to do is to either supply me more loratadine on prescription (which is of dubious value unless I get a lot given prescription charges in the UK), or to try me on a nasal spray, which tend to induce nosebleeds for me. If you’ve found other ways to cope, I’m interested. Otherwise I guess I’ll make an appointment to see the doctor in the next week or so.

My latest article for Linux Magazine is about Ksplice, the awesome new technology which lets you apply kernel patches without needing a reboot!

I first came across Ksplice at Linux.conf.au earlier this year when Co-Founder Jeff Arnold gave a presentation. It’s great to see it maturing to the point where you can install a client on your Ubuntu Jaunty machine. Sweeeet.

If you dig it, then digg it!

-c

Steve Kemp writes about his concerns for what happens to his data after death [1]. Basically everything will go away when bills stop being paid. If you have hosting on a monthly basis (IE a Xen DomU) then when the bank account used for the bill payment is locked (maybe a week after death) the count-down to hosting expiry starts. As noted in Steve’s post it is possible to pay for things in advance, but everything will run out eventually.

One option is to have relatives keep the data online. With hard drives getting bigger all the time it wouldn’t be difficult to backup the web sites for everyone in your family to a USB flash device and then put it online at a suitable place. Of course that relies on having relatives with the skill and interest necessary.

The difficult part is links, if the domain expires then links will be broken. One way of alleviating this would be to host content with Blogger, Livejournal, or other similar services. But then instead of the risk of a domain being lost you have the risk of a hosting company going bankrupt.

It seems to me that the ideal solution would be to have a hosting company take over the web sites of deceased people and put adverts on them to cover the hosting costs. As the amount of money being spent on Internet advertising will only increase while the costs of hosting steadily go down it seems that collecting a lot of content for advertising purposes would be a good business model. If the web sites of dead people are profitable then they will remain online.

It wouldn’t be technically difficult to extract the data from a blog server such as Wordpress (either from a database dump or crawling the web site), change the intra-site links to point to a different domain name, and then put it online as static content with adverts. If a single company (such as Google) had a large portion of the market of hosting the web sites of dead people then when someone died and had their web site transferred the links on the other sites maintained by the same company could be automatically adjusted to match. A premium service from such a company could be to manage the domain. If they were in the domain registrar business it would be easy to allow someone to pay for 10 or 20 years after their death. Possibly with a portion of the advertising revenue going towards extending the domain registration. I think that this idea has some business potential, I don’t have the time or energy to implement it myself and my clients are busy on other things so I’m offering it to the world.

Cory Doctorow has written an article for the Guardian about a related issue – how to allow the next of kin to access encrypted data when someone is dead [2]. One obvious point that he missed is the possibility that he might forget his own password, a small injury from a car accident could cause that problem.

It seems strange to me that someone would have a great deal of secret data that needs strong encryption but yet has some value after they are dead. Archives of past correspondence to/from someone who is dead is one category of secret data that is really of little use to anyone unless the deceased was particularly famous. Probably the majority of encrypted data from a dead person would be best wiped.

For the contents of personal computers the best strategy would probably be to start by dividing the data into categories according to the secrecy requirements. Publish the things that aren’t secret, store a lot of data unencrypted (things that are not really secret but you merely don’t want to share them with the world), have a large encrypted partition that will have it’s contents lost when you die, and have a very small encrypted device that has bank passwords and other data that is actually useful for the executors of the will.

One thing that we really need is to have law firms that have greater technical skills. It would be good if the law firms that help people draw up wills could advise them on such issues and act as a repository for such data. It seems to me that the technical skills that are common within law firms are not adequate for the task of guarding secret electronic data for clients.

• [1] http://blog.steve.org.uk/there_s_something_out_there_waiting_for_us__and_it_ain_t_no_man_.html


• [2] http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet

Not quite ready to move across yet - however capturing some links to make life that little bit easier when I do. I'm hoping these approaches will work as well for Elmo/OTM as they do for Hibernate.

• Hibernate and Scala
• More Scala + Hibernate
• Scala + Hibernate overview
• Lift thread with interesting comments

I'll be updating this with any more links I want to save for a sunny day.

A couple more links worthy of rereading:

• monads-are-elephants-part-1
• monads-are-elephants-part-2

Hard-workin' bees
Originally uploaded by Nooks

Closeups of bees are tricky as all get-out, on account of their skittishness and apparent six sense with regard to when you'll try to open the shutter. But I can't stop trying.

Author : Gavin Raine

When he entered the room, Olivia was sitting on the edge of her bed and looking out of the window. He allowed the door to close noisily behind him and waited to see if she would notice, but it was hopeless. She was looking at the gardens without seeing them. The corners of her mouth were damp and her jaw was working slowly, as if kneading at invisible gum. Apparently, this was not going to be one of Olivia’s good days.

He adjusted the volume and pitch of his voice to levels that suited Olivia’s ruined hearing. “Good morning Mrs Jones,” he boomed. “How are you today?”

Olivia whirled around, startled. “What are you?” she said. “Where’s my Harry?”

“It’s all right Mrs Jones. I’m Andrew, your robot care assistant. You see me every day – remember?” She looked blank, so he tried another approach. “Your husband, Harry, died almost twenty years ago. You do remember that, don’t you?”

Olivia smoothed-down her nightdress in a gesture she often used to cover her confusion. “Oh yes of course,” she said, “so where’s my boy John then?”

“Your son lives at this facility also”, said Andrew, moving forward smoothly and placing a breakfast tray on a small table. “You’ll see him in the day room later and don’t forget to wish him a happy birthday. He’s one hundred and fourteen today.”

Olivia began running her hands over her nightdress again and he made a quick exit before she could frame another question. “I’ll be back later,” he said, pulling the door closed behind him. “Drink your tea now, before it gets cold.”

Taking another breakfast tray from the trolley, Andrew moved to the next door and knocked. There was no response, so he pushed it open calling, “Good morning Mr Jackson.”

As soon as he entered the room, it was obvious that something was wrong. Mr Jackson was slumped across his bed at an unnatural angle, with his eyes open and his mouth hanging slack. Andrew checked his pulse, which was a strong as ever, and then spread his hand to place his fingertips at specific points on the man’s scalp.

A minute or more passed, while the sensors in Andrew’s fingertips monitored the electrical activity inside Mr Jackson’s skull. As he had suspected, there was nothing to detect. He sent a command to Mr Jackson’s mechanical heart, telling it to cease operation, and eased his body back into the bed, covering it with the sheet.

It was usually a brain haemorrhage that got them in the end. The doctors could cure their cancers and replace or re-grow their organs, but their brains had to last a lifetime. However, brains degenerated with age, until synapses barely fired at all, and blood vessels became as fragile as dry autumn leaves.

Andrew left the room and fired a message to the care home’s core computer: “Escapee in room 15248”. He knew the core appreciated a little gentle irony.

Then, he took another tray from the breakfast trolley and tapped on the door of room 15249.