The usual suspects //at 18:10 //by abe

Click here

Thanks to Elmar Heeb for the idea.

BarCamp Zurich — Resumé //at 02:02 //by abe

The BarCamp Zurich 2006 is over. On the way there I thought about what I would do during time slots with no interesting talks. But when I tried to make up my personal schedule, I noticed that I rather would have the opposite problem: Too many interesting talks at the same time… Well, to many interesting talks at all, although I only went to tech talks and left out the biz talks.

I first went to the Podcasting & Co. talk by Timo Hetzel, since I never heard or made a podcast, but was curious about podcasts in general. Besides statistics and rankings he spoke about where people listen to podcast (most listeners seem to do that during commuting), what people like in podcasts, why companies podcast, etc. And that a very big share of all podcast listeners use iTunes as podcast client and except juice (never heard of it before) all other podcast clients seem to be irrelevant.

My conclusion: I haven’t missed anything not having listened to or made podcasts neither do I need to listen or make podcasts in the future. They’re irrelevant. To me. :-)

Then I had to choose between the talks AJAX@localhost (PDF) by Harry Fuecks and Realtime Collaborative Text Editing and SubEthaEdit by the Coding Monkeys. I heard about realtime collaborative editing once know that it’s a challenging task for the developer. I also know what AJAX is (and that I would only use or recommend it for bells and whistles, but not for content in general), but “AJAX@localhost” sounded like writing normal applications using AJAX. It sounded interesting and evil at the same time. I had to go there! ;-) Others had similar expectations after reading the talk’s title, so I was quite surprised that it was about something completely different, namely about debugging AJAX on the localhost but under conditions usually only appearing if you’re running AJAX application not from localhost but from somewhere on the net: You may have different lags with every request, so some requests may reach the server before others, which may screw up the whole AJAX application, if the developers didn’t think about it and only tested it on localhost. (Hence the talk’s title…)

My conlusion: I will use and recommend AJAX even more seldom, since there seem to be even more design misconceptions than I thought before. But I’ll once have a look at the Webtuesday meeting, he mentioned.

For the third time-slot, I didn’t need long to decide where to go: I already knew a little bit about Microformats and I wanted to know more. Tag Trade also sounded interesting, but the second part of the talk’s title, Paid Learning sounded like business and so I had no scruples to cold-shoulder that talk. I probably didn’t learn anything really new in the microformats talk, but my knowledge about microformats is now more concrete, and after talking with Cédric Hüsler later during a break, I would even trust myself to start and define a new microformat.

Then I went to the HG Caféteria together with Gürkan and two German guys. While waiting in the queue, we were talking about our jobs and our favourite Linux distributions. I got some rhubarb pie and a rum truffles, assuming that the Caféteria uses no alcohol in their products like all other SV restaurant I know. But this one seemed to have quite a lot of alcohol, since it felt like my breath was burning… Well, this resulted in my second SV feedback form submission…

Next I went to Alex Schröder’s talk about multilingual websites, Oddmuse and the Emacs Wiki, although also the talk A-Life about simulating evolution sounded promising. Alex asked the listeners about their experiences with multilingual websites and showed what Oddmuse offers as partial solution to the general multilingualism problems. But regarding the comments from the auditorium, there probably won’t be a perfect solution until computers can translate perfectly…

The next talk I visited was Gabor’s talk about his master thesis Organizing E-Mail which resulted in a soon to be released Mozilla Thunderbird extension called BuzzTrack. From the other concepts he showed, I found Microsoft’s SNARF (Social Network and Relationship Finder) and IBM’s Thread Arcs most interesting as well as the fact that there is no e-mail client seems to have a majority at all.

Directly after Gabor I had my own talk about Understanding Shell Quoting, so I also couldn’t go to Adrian Heydecker’s talk about Learning with Hypertext and Search Engines. I had only about three and a half listeners of whom several to my surprise where here because they didn’t know what “shell quoting” is.

I really didn’t expect that.

But that seems to be one of the differences between a BarCamp and a Linux Conferences: People come here to see something new, something they haven’t heard about before. On Linux events most people come, because they already heard about some special topic and want to know more or learn something about it. On Linux event my shell talks usually were attracting many visitors while at a BarCamp, talks presenting an idea, a concept or a tool seem to much more interesting for the attendees. So for the next BarCamp I perhaps exhume my Website Meta Language talk which never seemed to hit the nerve of Linux event attendees, since it tried to “sell” a different concept of generating website than most were used to.

At least one listener excepted the talk to be named “shell escaping”, but IMHO escaping is only one quoting technic and it’s not only used for quoting. But perhaps I should take the word “escaping” in the title though for the next time.

Happily most of the listeners seem to have learned something new from the talk and Silvan Gebhardt was really happy about his new knowledge about ssh ~ escapes, although I mainly talked about how to quote them than how to use them. :-)

During the last slot I visited the session about the upcoming BarCamp Alsace 2 and the yet to be planned BarCamp Rhine, a BarCamp to be held on a ship traveling from Basel in Switzerland down the Rhine, stopping in Strasbourg, Karlsruhe, Rhein-Main-Area and perhaps even Cologne and Amsterdam.

Contrary to my initial thoughts, the day was over very fast and I had no single boring minute during the BarCamp. Wow!

After we’ve been kicked out of the building by ETH janitors, we joined again at the Bar N-68. On the way there I met Urban Müller who attended BarCamp Zurich, too. We talked quite a lot and it was very interesting to see behind the scenes of e.g. map.search.ch. Later I joined the French speaking table, talking with Gregoire Japiot from WineCamp France and Alex Schröder.

Around 9pm I left the N-68 as one of the last BarCampers, tired but with new knowledge, new ideas, new acquaintances and a new hobby: BarCamping. What a luck that BarCamps aren’t that often, otherwise I couldn’t afford this new hobby. ;-)

As a relaxing end I met with Alex Schröder and Christophe Ducamp on Sunday morning for brunch in the restaurant Gloria in the Industriequartier. When we were leaving the Gloria I noticed their book board with a lots of BookCrossing books and I took “The Da Vinci Code” with me, since I saw the movie and people were telling me that the book is much better. I’ll see…

MSIE und Geldautomaten //at 19:27 //by abe

Mir sind ja schon die Haare zu Berge gestanden, als ich von Geldautomaten mit Windows 95 als Betriebssystem hörte, aber das hier ist einfach die Höhe: Ein Geldautomat der Berliner Spaßkasse, bei dem bei der Geldausgabe der Internet Explorer einen Skript-Fehler meldet. “Zum Glück” lautet der Fehler “Zugriff verweigert”. Aber wir wissen ja, beim Internet Explorer ist selbst about:blank gefährlich.

Note to myself: Wenn Du das nächste Mal in Berlin bist, meide Geldautomaten der Berliner Spaßkasse.

Fixing server bugs on client side //at 15:35 //by abe

On my new job at ETH Zurich I stumbled over a lot of HTTP requests in the web server log file, obviously trying to fetch the automatic proxy configuration file (usually called proxy.pac) but requesting it with the last character missing and therefore requesting the nonexistent file proxy.pa:

195.176.XX.AB - - [16/May/2006:11:12:56 +0200] "GET /proxy.pa HTTP/1.1" 404 5261 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.YY.CD - - [16/May/2006:11:16:32 +0200] "GET /proxy.pa HTTP/1.0" 404 5235 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.ZZ.EF - - [16/May/2006:11:18:38 +0200] "GET /proxy.pa HTTP/1.0" 404 5235 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.YY.CD - - [16/May/2006:11:24:16 +0200] "GET /proxy.pa HTTP/1.0" 404 5235 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.ZZ.GHI - - [16/May/2006:11:31:44 +0200] "GET /proxy.pa HTTP/1.0" 404 5235 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.XX.J - - [16/May/2006:11:33:35 +0200] "GET /proxy.pa HTTP/1.1" 404 5261 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
195.176.ZZ.LMN - - [16/May/2006:11:35:18 +0200] "GET /proxy.pa HTTP/1.1" 404 5261 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"

WTF happend here? When I found a bunch of those request from a single host last night, I expected a local cut and waste typo on a single box. But during the day I got the same sort of defective requests from over 30 hosts in our network. So we looked at our dhcpd.conf, but all appearances of “proxy.pac” had its “c” at the right place.

WTF is happening here? After googling for a moment I found this mail on the squid users mailing list, stating the following:

WPAD worked reasonably well for WindowsNT and Windows2000; however, there was a problem with the file name in Windows2000 and the initial release of WindowsXP. The Microsoft DHCP Service returned the wrong byte count for the string returned for option 252. The DHCP Client compensated for this by decrementing the string length. This resulted in the file name being truncated when the ISC DHCP daemon was used. The solution was to define a symlink proxy.pa –> proxy.pac.

So in other words: Microsoft worked around a off-by-one bug in their own DHCP server by patching their DHCP client to parse faulty configurations — and obviously only faulty configurations by expecting some length statement to be always off-by-one. *hrrrrng*

Our solution was BTW to insert an appropriate Alias directive into our Apache web server hosting the file.

Stöckchen fangen: Vier Dinge //at 01:27 //by abe

Nu mussich aber, nachdem jetzt nicht nur Priska sondern auch dyfa mit Stöckchen um sich wirft, und Jiuka seines auch schon recht flott gefangen hat. Übrigens haben sowohl dyfa als auch Priska das Stöckchen von der Thildkröte gefangen. Bei SvenK habe ich das Stöckchen als erstes gesehen, dort hieß es allerdings noch “Tag”. :-)

Read more…

Trojans must stay out //at 02:32 //by abe

On Heise’s security site HeiSec, Microsoft is advertising (in German) with a Flash animation of a rolling, black horse approaching the reader. Then suddenly a red gate closes and a text apprears:

Trojans must stay out.

If we translate this back to ancient greek history, it would say:

Microsofties must stay out

since Trojans were the inhabitants of Troy (German: Troja) and in the horse were the Greek aggressors. So I strongly agree. ;-)

I really hate it, if people just reverse the meaning of something by abbreviating it (here by turning the adjective into a noun). And then not noticing it. The term Trojan Horse in computing is just one (unfortunately) often seen example…

But no wonder that Microsoft doesn’t care about such things. They care about so less (e.g. stable software, secure operating systems, users, administrators, trust, etc.) except keeping their monopoly, making money and making even more money.

Can the spam problem be solved? //at 02:23 //by abe

Many have tried to solve spam problem, even Micrsoft (with a quite strange solution ;-), but except personal solutions like well working and well-kept spam filters, no well-working general technical solution has been found yet.

Although I really would like to see a technical solution and often think about this problem, I currently believe that this primarily is a social problem which cannot be solved solely with technic. UserFriendly’s Erwin seems to see it the same way and proposed today a quite drastical solution.

There are good ideas out there (e.g. SPF, RBL, Greylisting and Teergrubing), but all seem to have their problems, too. Especially RBL often have administrative problems, i.e. if an entry is justified or not. Greylisting simply can be bypassed by being SMTP conform and trying again, so it’s usefulness will decrease permanently. And against Lutz Donnerhacke’s teergrubing, spammers seem to have found workarounds quite quickly. Haven’t heard much about it in the last years. (I just can’t remember what the drawback of SPF was.)

For myself I’ve solved the spam problem with a learning SpamAssassin and sorting mail by spam-level into several mailboxes. The higher the spam-level of such an inbox, the more seldom I look into it. Works fine. For me. No general solution though, since the SpamAssassin needs to be fed with fresh spam regularly.