A Lament

This post will not mention anything new. It will not say anything someone else hasn’t before. It serves only as a landmark, a waypoint, a memory.

This post is about weev. In recent months he’s been found guilty on a bunch of bullshit charges, and today he’s been sentenced. I won’t go into the details. Other people already have (here’s the transcript, here’s the Wired search results for his name. Check around on twitter for #freeweev. Here’s another site about it. Have fun.)

I came to know him online/on IRC very briefly, but from the first supported his side of things. weev has often been described as unpleasant (to put it very mildly). I don’t much care for that. weev’s cool, and anyone who’s spent even a bit of time talking to him will tell you that. He’s also effectively the fallguy in this whole story. He went ahead and pissed on the shoes of AT&T, and now he’s being put away for 41 months (along with restitution). For making it known that people’s information (to whatever extent) was available on a public webserver, and all you needed to do was be able to look at/modify a URL, and do math (add 1 to the identifier at the end of it). There’s a number of things that work this way. Hell, twitter status updates are posted in numerical order. A few years ago they used to have the global firehose of all content available. Viewing that without permission could’ve been equated to breaking the law (under this ruling).

This probably sets quite a fucked precedent. There’s a lot to be said about it. But I say only this: it fucking sucks. Tons. And I hope that this situation can change. :(

P.S. for anyone who wants an idea of weev’s character, this is it: “No matter what the outcome, I will not be broken. I am antifragile.” — @rabite

“Quality of service”

Alternative title: what happens when you buy things that are licensed/run per TCP connection it can maintain.

hageshii% date; elegua; date
Fri Feb 15 22:08:41 SAST 2013
Linux elegua 2.6.32-5-amd64 #1 SMP Sun May 6 04:00:17 UTC 2012 x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
No mail.
Last login: Fri Feb 15 20:44:49 2013 from
elegua% Write failed: Broken pipe
Shared connection to elegua.za.net closed.
Fri Feb 15 22:18:47 SAST 2013

10 minutes almost to the dot and my connection is forcefully severed, presumably for inactivity. I wonder how many inadvertent breakages this can cause. It’s certainly annoying. Thanks, Vodacom.

(Yes, I know I can VPN around this, or use mosh, or or or. Unfortunately none of those were quick to do because I hadn’t booted this box in quite a while, and Expensive-with-expiring-bytes-G connection is better used on other things than this)

And this is what the trace looks like:

 Host                                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1.                                      0.0%   131    1.5   9.4   1.1 211.2  27.6
 2.                                        0.0%   131   54.6 327.0  38.5 5456. 844.4
 3.                                      0.8%   131   47.9 314.3  42.1 5400. 823.9
 4.                                      5.4%   131   48.8 309.2  42.4 5346. 832.0
 5.                                    12.3%   131   55.7 247.6  39.4 5290. 790.0
 6. vc-196-207-44-134.3g.vodacom.co.za                7.7%   131   52.8 294.0  39.4 5234. 815.3
 7.                                         10.0%   131   49.7 249.9  36.6 5178. 764.8
 8.                                      7.8%   130  423.0 474.4 210.7 5155. 851.3
 9. te-9-2.car5.London1.Level3.net                   34.1%   130  483.0 461.4 204.0 4123. 762.5
10. ae-52-52.csw2.London1.Level3.net                 24.0%   130  239.5 502.6 216.1 5009. 882.5
11. ae-57-222.ebr2.London1.Level3.net                24.0%   130  231.0 409.9 216.0 4010. 614.4
12. ae-22-22.ebr2.Frankfurt1.Level3.net              22.5%   130  237.8 473.7 216.9 5906. 897.6
13. ae-72-72.csw2.Frankfurt1.Level3.net              22.5%   130  250.2 445.7 219.9 5851. 793.7
14. ???
15.                                   32.6%   130  247.4 406.6 223.9 4726. 723.5
16. hos-bb2.juniper1.rz1.hetzner.de                  74.4%   130  233.1 740.9 225.0 5682. 1218.
17. hos-tr2.ex3k9.rz1.hetzner.de                     18.6%   130  339.2 491.0 221.3 5626. 841.9
18. elegua.za.net                                     1.6%   130  343.7 508.1 226.2 5571. 829.2

Hi-kwality packets.

Cellular data extortion(?)

With my DSL and everything (switch, RB750, DSL modem, HP Microserver) being struck by lightning this week, I’m presently using my 3G for a bit of access. Just to ensure I don’t trigger any massive out-of-bundle charges, I checked my remaining cap quickly so that I can then run a rough mental allocation of it all for the next while. Then I saw this:

“Hang on a minute,” I thought as I read the first block’s data values, “that should be closer to 1.7GB remaining.”

Then I scrolled down, saw the ‘forfeited’ counter, and began wondering whether these companies could be forced to stop making forfeiting part of their contracts. It’s truly not like this is a technical problem. This is a business decision they’ve made to let bandwidth you’ve bought artificially expire.

A quick bit of math: assuming I use ~300MB a month (this appears to be the general level of data I use, based on a quick checking of my phone’s stats), and that I’ve had this contract for 22 months now, and at the R268.99 I’ve been paying for the bundle each month:

  • (268.99/800)*500*22 = 3698.61

So that’s R3700 of “forfeit”, for no reason other than someone decided it’d be a good way to make money. And, as far as I know, all the operators in this country do this. For the less technical readers: as I mentioned before, there’s no technical reason this happens. It’s just an entry in some database, and can be updated. If anything, maintaining an expiry time on data probably leads to more technical issues than they’d otherwise have.

To compare, this would be like anyone buying up a bunch of things (toilet paper, toothpaste, whatever), and the storekeeper then removing it from your home if you haven’t used in soon enough.

How MakingView works

Found out about this (via a local news site) earlier, a product called MakingView. Their tagline:

Explore our unique and Award Winning 360° technologies, and the opportunities we offer in visual excellence.

Their pitch is that you can get the “real” experience. Pretty cool idea, so I thought I’d quickly take a look at how it works. First up, fire up a browser, grab the URLs.

Video: http://360content.redbull.com/2012/lofoten/medium.f4v
Player: http://360content.redbull.com/2012/lofoten/makingviewer.swf

Fire up VLC, and see the following (edit: apologies, it seems something somewhere is a bit screwed with the width of the content blocks, just open the pics in a new tab):

In the boat

In the boat





Next step: become disappointed that there isn’t really anything cool going on. Video is just a very long series of (admittedly probably well-tweaked) panoramic pictures, and the player maps that to a globe and points shows you wherever you’re watching. Sadpant.

Edit: to anyone wondering why I wrote this, I was really hoping there were some cool multi-stream video hax going on, but ended up not. And yup, first time I saw a thing like this.


In various ways, I’ll likely stop using the minipost tag/category, and rather feed all of that over here now: https://thoughtstreams.io/froztbyte

In general it seems like a platform better suited to that sort of thing. Time will tell.


Update: I’ve contacted Github support about this, and given them a suggestion about a default-on preference/setting to filter those for everyone but the repo owner, perhaps with a visual cue about it

Update 2: as of this update, the search for these sorts of files no longer appears to be working; I also got a mail back from github support about this earlier, but didn’t really read it yet

Or to give people the benefit of the doubt, perhaps they just didn’t know better. I don’t even understand how this comes to pass, it’s so different from what I’m typically used to.

github ssh keys

github bash history

github zsh history


The URLs for these are as follows:

  • https://github.com/search?q=path%3A.bash_history
  • https://github.com/search?q=path%3A.zsh_history
  • https://github.com/search?q=path%3A.ssh/id_rsa
There are some more, obviously. Use your imagination to find them. You can also filter for passwords and such:

  • https://github.com/search?q=path%3A.bash_history+password
  • https://github.com/search?q=path%3A.my.cnf

So, to all the people who have done this: don’t upload any of your history files, private ssh keys, etc, to something on the public internet.


Rage About Dinosaurs

This text snippet from a colleague, although I’m fairly sure I’ll get my copy of the announcement soon as well:

“Up until now, Last.fm radio has been a subscription only feature in your country. However, unfortunately, from Tuesday 15 January 2013 we are no longer able to provide radio streaming to you due to licensing restrictions, and you will no longer be able to listen to Last.fm radio.”

I honestly wish all these dinosaur media companies and committees and agencies and whatever would just die already. Earlier today I was speaking to a friend of mine, one who also happens to be an artist. She’s currently raising money for her new album, and is just running it entirely by herself. Not that any of this is new to anyone sensible, of course. All of this licensing crap is just ridiculously frustrating, and at a guess I’m fairly sure it doesn’t actually end up helping all that many artists.

Ah well….hopefully time brings some useful change. At least the antiquated ITU seems to have been sent a decent message about how things should work.

Wasted Effort

So in South Africa, we have this weird microcosm effect where people feel it’s useful to redo things locally. It came about due to various factors, and there are sometimes some useful advantages (job creation when you’re dealing with products people could make by hand, for instance). The rest of the time, I just don’t see the point.

Case in point, MyBroadband recently started pushing some initiative called Gr8Signal. It’s purpose? To map out cellphone network signal info. “This sounds eerily like OpenSignalMaps“, some might say, so let’s compare their features quickly.


  • Signal heatmaps
  • Coverage info for multiple operators
  • Speed data
  • Comparison possible
  • “Average” rating


  • Signal blocks

Seriously, that’s it. You can’t compare different operators, or even use more than one at a time. Okay, so it’s a new project. Maybe it still needs to get some basic features. Let’s compare their interfaces.

OpenSignalMaps first:

I searched for “Johannesburg, South Africa”, and the first maps I get are an aggregate coverage heatmap for all available operators across all signal bands, the capability to filter based on a variety of options, and – if I click on the “Advanced view” (not shown here, but it’s that bar left left of the “NetworkRank™” section) – I get speed, latency, and reliability information.

Now let’s look at Gr8Signal.

And then another one, because I can’t select more than one operator at a time:

Yup, seriously. No ability to compare operators. The views are in blocks (…you guys do know how cellphone signal works, right? Fluid display is *far* better). The default map choice makes it ridiculously hard to see detail clearly. The overall feeling of the website is about as awesome as the SAWS page was. You know, that one where you could flatline your CPU by racing your mouse over the zooming menu icons.

Overall, I just don’t understand the point of this project. The data already exists in a much more useful form elsewhere, alongside wider coverage. So that’s about it. Let’s see what the MyBB guys have to say.

Update: I feel I should add that the reason I seem annoyed about this is the perpetual case of people just doing something “local” for, seemingly, no more reason than doing it “local”. If they brought something competitive to the table, or offered a better product, I’d totally support that. This very seldom seems to be the case. Why should we keep dishing out subpar products in the .za market? It just gives us a name as bad imitators. China 2.0.

“Tip me that output quickly, would you?”

Jonathan recently wrote Codetip, a pastebin based on Twisted.Web with some neat client-side features and integrating server-side JS as well.

There’s a demo one running at http://pb.vuze.la/

Short of the setup doc in the readme, there’s some further work you get to do when installing this on something like Debian Squeeze. Here’s a quick rundown from my shell history:

 1237  aptitude -t wheezy install python-pip
 1242  aptitude -t wheezy install virtualenvwrapper
 1252  aptitude -t wheezy install python-virtualenv
 1257  aptitude -t wheezy install python-sqlite python-pysqlite2

All of those mostly because of versioning. Node.js was also installed previously (for Brewer.js), so npm was around as well, at the sid package version level.

It was set up in a separate user account, with a virtualenv to avoid crapping all over the system. For those who don’t know, a virtualenv is used to make a little jail for python things to get installed into. This way you can have a different local version of something to what’s installed globally (globally meaning system level). Turns out this makes life a bit more painful:

Drop this into .zshenv (or the appropriate equivalent for your shell):

# virtualenv
export WORKON_HOME=$HOME/.virtualenvs
export VIRTUALENVWRAPPER_VIRTUALENV_ARGS='--system-site-packages'

And then run:

git clone https://github.com/jonathanj/Codetip.git
mkvirtualenv Codetip
activate Codetip
pip install Twisted; pip install Epsilon; pip install Axiom; ln -s =nodejs $(VIRTUAL_ENV)/bin/node
npm install brewer
cd Codetip
./node_modules/brewer/bin/brake install
./node_modules/brewer/bin/brake all
twistd -no-web --notracebacks --class=Codetip.resource.RootResource

The virtualenvwrapper package provides ‘mkvirtualenv’ amongst other things, use `source /etc/bash_completion.d/virtualenvwrapper` to get the hooks. This shellscript also works in zsh.

And that’s it, a working Codetip instance.

Zenoss Device Listing

Nice for if you need some form of automated report in zenoss, here’s a code snippet to print out a list of devices per class, formatted in markdown markup

typehash = {}
for d in dmd.Devices.getSubDevices():
    if typehash.has_key(d.getDeviceClassPath()) == False:
        typehash[d.getDeviceClassPath()] = []

for key in typehash:
    print """### %s\n""" % (key)
    for item in typehash[key]:
        print "*   %s\n" % (item)
    print ""

Run it in the zenoss console, or anything with a dmd connection. Tested on 2.5.x, but should be trivial to port forward if it breaks.

(PS: I could probably fix up that last bit to do something with .iteritems() instead…)