About Archive Tags RSS Feed


Entries posted in November 2008

It's in your nature to destroy yourselves.

6 November 2008 21:50


I've said this elsewhere, but it bears repeating:

Anybody who expects a nation to turnaround overnight, due to a changing government, hasn't watched/read enough documentaries.


Who is going to make documentaries when David Attenborough dies?

ObFilm: Terminator 2

| 1 comment


We should just deal with nice people

16 November 2008 21:50

For various reasons I've recently been thinking about forums.

Many technical users dislike forums, because they are things that are hard to follow. Even with RSS feeds & etc you need to keep a login and remember to return to see if your post(s) have been answered.

However non-technical users love forums, and from a community-building perspective they're very cheap and easy. Particularly if you manage to appoint moderators from within the comunity.

I currently find myself in a position where I'd kinda like to have a forum package. Something that I can integrate into existing site easily.

Unfortunately most of the "best" forum packages are PHP-based, and have their own complex login, group, and admin facilities. That makes it hard to update them to authenticate against my existing MySQL table(s). (We'll leave my PHP-allergy in the background)

So, once more, I've been contemplating the bad route; create my own forum software. I'm well aware that down that path lies badness madnesss.

Let us recap. What is a forum?

  • A forum is an online site.
  • With a coarse list of topics.
  • Inside each topic is a list of threads.
  • Each thread is comprised of a number of (threaded) messages.

Sound familiar? It should if you use email:

  • ~/Maildir contains storage for a collection of mailboxes.
  • Each mailbox is a course list of topic-specific discussion.
  • Each topic is comprised of a number of (threaded) messages.

So, the unthinkable, could we convert (bi/uni-directinally?) from a Maildir hierarchy to an online forum?

Would that make sense? On the face of it. Yes.

There are implementation details - the forum index would be essentially a list of Maildir folders (perhaps "~/Maildir/topic1/.title" would be require to give it a pretty name).

Each thread topic would be a rendered display of the messages in the folder.

So, what are the drawbacks? Well reading Maildir folders gives us threading, and subjects, bodies, etc. But it does mean a fair bit of overhead parsing messages.

(Times like this I remember Hughe. Every time we've gotten together for beer & geekery the topic of an extensible perl-based IMAP server comes up. I'm sure it should be written ..)

I'll wrap this up now. I'm sure I've made the point. There are some details which have impact - Should the forum accept new posts online? Or only via gated email-delivery? Will it work? Should it be Maildir, or IMAP based? Still at least filtering your SPAM would be easy ;)

More questions. Some questions have no answers. Some answers we ignore because we don't like.

I need to sleep.

ObFilm: 007: Quantum of Solace

Bad film. Don't waste your pennies.



I don't really come from outer space

21 November 2008 21:50

So I've bitten the bullet and ordered an ASUS Eee PC 901 W006 from Amazon.

This has 1Gb of memory, 20Gb of solid-state storage, and is preloaded with Linux.

All being well it will arrive tomorrow, and then I can try installing Lenny upon it. From the Debian Wiki it seems to be a painless process. I guess we'll see..

ObFilm: Twelve Monkeys



You've had this coming since the day you arrived

22 November 2008 21:50

Yesterday I wrote that I'd ordered a new ASUS EEE PC, the 901 model, and today it arrived. The machine is gorgeous though I suspect in the long term I'll regret ordering the white model.

This entry was written on the device, slowly due to my fat fingers, with its new Debian Lenny operating system. To save time I didn't even use the default system, I just immediately rebooted it into the installer via a 2Gb USB stick.

Unfortunately I had to run through the installation twice, because I made some bad partitioning decisions and decided to fix them rather than live with them.

Happily everything on the device appears to work perfectly, although there were a few hiccups along the way. The only niggle is that suspend to RAM seems a little flaky; 50% of the time I try to resume and just get a blank window not my X.org desktop. Happily suspend-to-disk works perfectly, and the bootup/restoration process looks very pretty with the splashy package installed.

There are times when I really love using Debian, and this is definitely one of them. Together we've produced an operating system which just works on an amazing array of devices and systems and gets better and better as time goes on!

For example in the past I'd always regarded Network Manager as "that thing we remove to stop breaking our system" - but now I see it working correctly with no effort on my part at all. Amazing!

I guess I'll be returning my Nokia internet tablet in the near future. This device is bigger, but much more capable and versatile.

ObFilm: St Trinians (the recent remake; not too bad. Bonus points for the Shampoo cover).



If there isn't a movie about it, it's not worth knowing, is it?

26 November 2008 21:50

So, I've just got a portable machine. I've configured it to be a pretty minimal installation of Debian Lenny, but one thing that makes me unhappy is mail handling.

By default it came with several exim4- packages. Now in general Exim4 rocks. But it is a deamon running all the time, and overhead I could live without.

I looked around to find a mail transport agent that would be more suited to the machine and was suprised to find nothing suitable.

Basically I figure the machine will never generate "real" emails. Instead it will only receive mails from cron, etc. The machine will never have a real fixed IP, and so relaying mail externally is a waste of time. The mail should just go somewhere predictable and local.

There are a couple of lightweight agents which will forward to another system, but nothing seems to exist which will queue mail locally only.

So I've hacked a simple script which will do the job.

Given the spool director /var/spool/skxmail the following command:

skxmail root < /etc/passwd

Produces this:

`-- root
    |-- cur
    |-- new
    |   `-- 1227702470.P8218M243303Q22.vain.my.flat
    `-- tmp

4 directories, 1 file

That seems to be sufficient for my needs. (I support the flag which says "read the receipient from the body).

Of course to do this properly I'd be setgid(mailgroup). Instead I assume that local means everybody can see it and /var/spool/skxmail is mode 777. Ooops.

Still happy to share if it sounds interesting.

ObFilm: Dogma



Have you been following that man?

27 November 2008 21:50


I've had a lot of fun over the past few years detecting and fixing XSS attacks - a few months ago compromising several thousand user-accounts belonging to a particular niche social networking site and then more recently experimenting with XSS issues upon a popular software developer's advocate blog.

One thing I've been wondering about recently is meta-XSS attacks.

Consider the LKML (linux kernel mailing list). This list receives lots of long patches, submitted by email, which are copied verbatum to various sites. For example if I mailed an interesting patch to LKML chances are it would get posted to:

(Obviously the challenge here is to make a patch sufficiently interesting that it received more than usual coverage.)

Do each of those sites HTML-encode patches? In general they do, certainly the ones I looked at had code like this:

#include &lt;linux.h&gt;

But I'm certain that not all sites do so. I'm also pretty sure there are interesting avenues to explore here, and the general idea of indirectly attacking a specific target is ripe for exploration.

Anyway I'm probably not the person to go playing in the field these days; I don't have the time. But it is certainly interesting to think about.

ObFilm: Dirty Harry

| No comments