Category Archives: Stupidity

Written depictions of human stupidity suitable for use in illustrating the archtype

Patriotism

  By jricher | July 4, 2008 - 1:09 pm | , ,
2 Comments

It’s July Fourth. After another year of watching our elected leaders in Washington continue the process of turning a proud and powerful people into a petty and scared one, I have decided to make another attempt to wake some people up. Just this once, I decided to explain what patriotism means to me – in case some fool out there thinks that because I constantly criticize my government that I’m unpatriotic.

Patriotism is paying my taxes, even though I know the money will be used poorly and wind up doing no good. Patriotism is writing one more letter to that Senator or Representative, even though you heartily believe that it’s bound for the landfill instead of the desk. Patriotism is calling out a leader you like, and have much in common with for supporting a piece of legislation you despise – just because it’s bad law.

Patriotism is knowing that the telecommunications companies have spent the last decade cheating the American people – and then spending a great deal of time opposing telecomm immunity, and working for net neutrality. Patriotism is backing the creation of a national broadband infrastructure plan – knowing full well that it will put billions of dollars into the pockets of the same telecommunications companies that have spent decades ripping us off. Patriotism is swallowing your bile end doing it anyway so that some punk kid in East Podunk gets access to the great opportunities for education and personal growth that the Internet provides, and will provide.

Patriotism is being an author and still believing that copyright is too long, and too powerful right now. Patriotism is being a programmer and inventor and believing that patents, as they exist today, are evil. Patriotism is knowing that $4+/gal gasoline is bad for your wallet, and going straight into the pockets of people and companies you hate – and also knowing that expensive gas is good for our long term health as a nation. Patriotism is using a bicycle to go to the grocery store. Patriotism is voting your conscience instead of your wallet when the two differ.

Patriotism is caring enough about the troops that you did everything possible to keep them from going to war in the first place. Patriotism is understanding that if one or two come home in one piece it will be a miracle – and that the rest will bear scars, physical and mental, for the rest of their lives. Patriotism is doing everything possible to give those people a decent quality of life – even though it’s expensive, and even when you opposed the wars that got them hurt.

Patriotism is about getting your hands dirty. Patriotism is about doing the work – political and otherwise. Patriotism is about becoming, once again, a nation that is not afraid to be open, take risks and dare. It’s about being a people who rejects torture not because it can’t, in some circumstances, save a few lives – but because principles are important. It’s about saying “Americans don’t do that” – and holding our heads up, even when it’s difficult – and even when it hurts. Patriotism is about daring. It’s about being willing to dream, and willing to roll up your sleeves and do the hard work required to make those dreams real.

To hell with it. I’m done. No-one is going to read this damned thing anyway – and even if someone does it won’t do any good. Try to have a better 4th of July than me.

Censorship Bad

  By jricher | March 8, 2008 - 4:22 pm | , ,
Comments Off

This is an outgrowth of a post I was making on Violet Blue’s blog which was too technical and not enough sexual (It’s a sex blog). The topic was firewall piercing.

For an overview of the topic, you might like this Wikipedia article.

I was going to write something back, but while her site is about sex and technology, I think that my response had too much technology, and not enough sex.

This is turning into a mini-howto on basic and advanced firewall piercing. While I do think that this is important for people who are worried about their privacy online, I also think that this discussion needs to happen elsewhere and not clutter up a sex blog with too much tech-talk.

For an SSH tunnel, I was thinking more along the lines of this:
ssh user@example.com -L localhost:8888:127.0.0.1:8888

Then running a tinyproxy instance bound to the localhost (127.0.0.1) address of the ssh server on port 8888. Set your web browser to use 127.0.0.1 port 8888 as your web proxy, and you’re done. Personally, I would recommend combining this with something like FoxyProxy, which would allow you to easily switch Firefox between normal and tunneled communications. This approach gives you a clean tunnel anywhere SSH is sold. (Coffee shops, most airports…)

If you’re dealing with a really draconian set of rules, you could use a listener on some port of the ssh server, and run httptunnel ( http://www.nocrew.org/software/httptunnel.html ) on both ends, and encapsulate the SSH connection in http (web) traffic. This can even be set up to work through a web proxy server.

On the server, this is run as:
hts -F localhost:22 8443

The client side configuration looks like this:
htc -F 8022 ssh_server.example.com:8443

The ssh tunnel is brought up with:
ssh -p 8022 user@127.0.0.1 -L localhost:8888:127.0.0.1:8888

(Note: those are all 1-liners)

For bonus points, put the httptunnel instance on port 80 of the ssh server, so as to make life more difficult for censors. This can be done by replacing the “8443″ port numbers with “80″ in the example above.

For double bonus points, run a recursive DNS resolver on the machine, and replace tinyproxy with Dante. That gives you arbitrary dynamic port forwards on the far end for any application that either (a) supports socks(4/5), or (b) is socksified. Dante can be found at
http://www.inet.no/dante/ , and a windows Socksifier can be found at http://www.freecap.ru/eng/ . Socksifiers are nice for handling windows application that expect a direct connection to the Internet – but are not needed for Firefox, and any other applications that have been compiled to run natively with socks.

For triple bonus points, run openvpn in tcp mode through a httptunnel. Using this option, you can dump ssh and the proxy altogether, and run arbitrary protocols. It does, however, require a bit more work on the destination (server) end.

Edit: Fixed typos in example

It’s been a long day’s blinking night

  By jricher | February 1, 2006 - 10:59 am | ,
1 Comment

I spent the evening rebuilding a web server that will be running Apache 2.0.x. While doing so, I found an interesting situation with respect to the standard Apache configuration on Ubuntu 5.04. The standard configuration uses a namevirtualhost directive to set up multiple virtual servers on the machine. This is normal.  The problem is that when Apache reads the default website configuration, it does a DNS lookup, and finds the host’s fully qualified domain name (FQDN). After that, any virtual host directives that try to use that name as the ServerName just don’t work. Worse, they fail silently!!! This is not good, because they cause the box to send the ugly default Apache page instead of my beautifully hand-crafted html.
The easy workaround is to put a ServerName directive into the default site setup which goes to nowhere in particular (I used nowhere.jricher.com). This avoids the reverse DNS lookup, and then the virtualhost section for the server’s hostname works just fine.

What is really annoying is that I couldn’t find a decent article on debugging Apache virtual host setups. If there had been a single one-liner in the Apache virtual host docs which mentioned the use of apache2ctl -S I would probably have saved myself several hours of trouble.

Note for the unwise:

apachectl (apache2ctl on Ubuntu, Debian, and some others) can be convinced to dump the virtual host setup for the box by using the “-S” option. It’s not documented anywhere. I got the command option from a guy on IRC who was helping me debug this mess. Remember, for apache virtual host trouble use “apachectl -S”. End sermon…

A long blinking night

  By jricher | January 31, 2006 - 7:21 am | ,
Comments Off

I put in another long blinking night doing systems administration. Lessons learned…

  • Mysql 4.0.x doesn’t like quotes around the database names in the ‘use’ command
  • Mysql 4.0.x doesn’t like ‘default charset=latin1′
  • Mysql 4.1.x mysqldump outputs both of those – thus requiring use of emacs to make things work when you’re migrating/moving databases between the two.
  • SCP rocks ;-)
  • it’s possible to upgrade the OS of a linode from ubuntu 4.10 to 5.04 (warty warthog to breezy badger) by editing the sources.list file and using apt-get. It works well, but you’ll get awefully tired of staring at the screen with white knuckles before it’s all over.
  • Rsync also rocks :-)
  • Most people wouldn’t believe how much stuff you can really run on a single linode.

Slum landlord business model dying

  By jricher | July 19, 2005 - 7:09 am |
Comments Off

Changes in technology change other areas. Human beings have a bizarre tendency with respect to those changes – they tend to overestimate change in the short term and underestimate change in the long term. Take landlords as a classic example. The basic business model has remained essentially unchanged over an extended period of time. It would be easy to think that communications, of all things, would have little effect on things. It would also be wrong.

People stay with bad landlords for one of two reasons. One is recurring cost – they cannot afford to go elsewhere because the monthly expense exceeds their budget. The other is switching cost – The cost of moving elsewhere exceeds the present edvantage of doing so. The first is not affected by advances in communications. The second, however, is affected – and affected strongly.

Take as an example my landlord. I live at Tamarus Park Apartments in Las Vegas, Nevada. After fighting with them over the last year to fix the roof, make the swimming pool and hot-tub which I am paying for as part of my rent fit and safe to actually use, and generally perform their duties as caretakers of the facility in an adequate manner, I finally decided to move. So far, this is a normal situation for them – they will simply get another tenant to squeeze.

Unfortunately for them, the situation is changing. Now – pissing off a tenant leaves it far more likely that they’ll blog about their problems instead of wasting their anger with mere yelling. One or two such posts will likely be ignored – as they properly should. Over time, however, a search for say “Tamarus Park Apartments Las Vegas” would start to turn up these other websites. This will turn up as younger generations, already used to searching for information on the Internet, research prospective apartments.

Over time, I expect that this will have an effecto on the ability for landlords to replace tenants they have mistreated. Basically, the current business model employed depends on a scarcity of communications which no longer exists. I expect the next two decades to be interesting ones as this plays out.