Say Weeeeeee!
Ahhhhhh!

Saturday, November 11

Rant

Shitheads

I hate spammers.

But spammers are at least trying to do something constructive for themselves. Sure, the damage they do to others far outweighs any possible economic benefit to themselves, but that's another matter. (That's why we have laws.)

There are worse people. Like the cretin in the Netherlands who just downloaded 20,000 copies of a 2.5MB file from a dormant blog here at mu.nu. That's why I enforce bandwidth quotas, by the way. I don't mind at all if someone like Ace or Rusty is using 200, 300, 400GB a month if that's going to real readers.

But when some idiot chews through 50GB in three hours - and the best explanation I can think of is referrer spam, the least effective marketing tool ever invented - I want CPanel to lock down that account.

Posted by: Pixy Misa at 10:59 PM | No Comments | Add Comment | Trackbacks (Suck)
Post contains 138 words, total size 1 kb.

Rant

Crappy Piece Of Crap Of The Day

Today's crappy piece of crap is Yumex, a remarkably bloated and sluggish graphical front-end to Yum, written in (sad to say) Python. It's using 97MB of memory and 20% CPU and not, so far as I can tell, doing a goddamn thing.

And that's once I managed to actually get it to run (I almost said "work", but I have no sign of that); for hours it was complaining that something else had locked yum and wouldn't run at all.

I tried running it using X over SSH - locally - and sshd was chewing up 40% of my CPU.

I swear that Fedora Core 4 didn't suck this bad.

Update: OKay, I'll give it some credit. If you wait the fifteen minutes or so it takes to start up, and put up with its wallowing GUI, it will actually let you browse packages and install them.

Just.

Very.

Slowly.

Update: God, this thing is just excruciating. It's using 177MB of memory now - resident. I tried the category view. Clicked on Applications, and then on Educational Software. Nothing happened for a couple of minutes (but the CPU was very busy). Then, nothing continued to happen, although now the application responded to mouse clicks.

Then I found out that in the category view, it divides packages into Mandatory, Default, and Optional. It defaults to Mandatory, and since there are no mandatory educational applications, it didn't show anything.

There's no indication that it's busy - other than the fact that it locks up.

There's no All tab.

I clicked on the Engineering and Scientific category a few minutes ago, and it's still frozen. Okay, so that bloody beagle-build-index thing is still running (620 minutes of CPU time now). Okay, so I'm running under VMWare with only 400MB of memory allocated. I expect it to be a little slow; that's part of the reason I set it up this way. I want performance problems in my code to be obvious so that I can catch them early.

I wish someone had taken the same approach for yumex, because it is pure, distilled suck.

Posted by: Pixy Misa at 11:31 AM | Comments (2) | Add Comment | Trackbacks (Suck)
Post contains 365 words, total size 2 kb.

Rant

Crappy Piece Of Crap Of The Day

Today's crappy piece of crap is beagle-build-index, which has so far spent five and a half hours indexing the documentation on my new Fedora Core 6 install.

It's not the only thing that runs for ages after a fresh install, either.

Feh.

If I wanted Gentoo, I'd have downloaded Gentoo.

Posted by: Pixy Misa at 05:15 AM | Comments (11) | Add Comment | Trackbacks (Suck)
Post contains 64 words, total size 1 kb.

Friday, November 10

Geek

Need For (Quad) Speed

Running yum update for a new Fedora install under VMWare and snarfing my daily podcast fix via iTunes.

That's more than enough to turn a 2.6GHz Pentium 4 into jelly.

Just on that subject, is iTunes a complete and utter cow on MacOS too, or does that version actually work? Grabbing 100% of the CPU simply to download a file (at, I might add, an effective speed of 128kbps) seems a bit much.

Hrrm. I have a 7.02 update to apply. Bet you twenty cents it doesn't help.

Posted by: Pixy Misa at 08:54 PM | Comments (2) | Add Comment | Trackbacks (Suck)
Post contains 96 words, total size 1 kb.

Cool

Burning Thread Of Fire

It burns, burns, burns:
Hello Pixy Misa, you are logged in to Minx.
Processing 0.38 seconds.
17 queries taking 0.059 seconds, 1027 records returned.
Page size 377 kb.
Powered by Minx 0.7 alpha.
But Minx don't do too bad.

Most of that time is taken up by the HTML sanitiser, which is dynamic (it runs every time, rather than storing the sanitised HTML*) and uses an SGML parser written in Python instead of a C library. I'm looking to improve that, but in the meantime, 0.38 seconds for 1000+ comments on older hardware (2GHz Opteron) without the benefit of Psyco (which had a memory leak) is, as I said, not too bad.

* Because the sanitisation rules are context-sensitive.

Posted by: Pixy Misa at 08:41 PM | Comments (3) | Add Comment | Trackbacks (Suck)
Post contains 125 words, total size 1 kb.

Rant

Comment

The Fedora Package Updater is frigging useless.

There have to be a dozen superior open-source package managers already in existence, so what's the excuse?

Posted by: Pixy Misa at 01:08 AM | Comments (6) | Add Comment | Trackbacks (Suck)
Post contains 26 words, total size 1 kb.

Thursday, November 09

Life

Blug

I have a wonderful new Core 2 Duo system with 4GB of memory at work.

Naturally, my job has just changed and it looks like I'll mostly be working at home from now on.

And my home PC is a three-year-old Pentium 4.

I'm building a development environment under Linux under VMWare right now, and let me say, yes, there really is a difference. Even though the clock speed of my home PC is faster than that of the office machine.

I wonder if they'll let me swap...

Posted by: Pixy Misa at 10:22 PM | Comments (2) | Add Comment | Trackbacks (Suck)
Post contains 90 words, total size 1 kb.

Anime

Whee

I forgot Madman's Tenth Anniversary Sale - they're selling their entire back catalogue at $10 per DVD - but fortunately (for me) their servers fell over during the stampede and they decided to extend it.

So I just picked up:

The first two-and-a-half seasons of Galaxy Angel
Days of Midori and Magical Shopping Arcade Abenobashi, which I loved on fansub but never got around to buying
Porco Rosso, Pom Poko (which I might already have somewhere...), Nausicaa, and a spare copy of Millennium Actress to foist upon the unwary
Kaleido Star
Burst Angel
Colorful (heh)
Uh, and something that rhymes with Mickey Mousen
Should keep me occupied for a day or three.

Posted by: Pixy Misa at 09:41 PM | Comments (8) | Add Comment | Trackbacks (Suck)
Post contains 112 words, total size 1 kb.

Blog

Two Out Of Three Ain't Bad

Michelle Malkin:
I'm hanging it up for the night, er, morning. Unlike Michael Moore in 2004, however, I will not be staying in bed for three days in a catatonic state. I will not need PEST shock therapy. I will not move to Australia.

Posted by: Pixy Misa at 07:44 PM | Comments (8) | Add Comment | Trackbacks (Suck)
Post contains 55 words, total size 1 kb.

Geek

INXSS

My current headache is cross-site scripting, or XSS.

Cross-site scripting is an unforseen product of the combination of browser programmability and communally-updated websites. Javascript and XMLHttpRequest let your browser do all sorts of nifty things; community web sites let people build really nifty things; together they let bad people steal your ID.

Anyone can create a web page that will read your cookies, but browsers aren't stupid, and they will only cough up the cookies for that web site. Which was not a problem in the past, because before anyone could do anything untowards they had to take control of the website by some other means.

But if you have a community site where people can insert unfiltered HTML, that lets other people steal your cookies for that site. Badness.

The approaches to this problem seem to be threefold:

1. The listen-to-nanny approach, as typified by CERT: Tell people to turn off Javascript, and not to browse unknown web sites, especially after dark.

2. The patch-it-and-hope approach: Scrub the HTML for any untowards Javascript. If your site can restrict what users put up on their pages, you may be able to eliminate Javascript altogether - though even then, you might get tripped up the way MySpace was.

3. The keep-the-doors-and-windows-locked approach: Don't use cookies that give users global access. I think Blogger may be doing this, and that's why you keep having to log in to comment.

You have to do some of 2 in any case. If you don't scrub comments of bad HTML, you will find your page layouts corrupted in very short order. 3 looks likely to be the most robust, but at the cost of user functionality.

Anyone know of any in-depth resources on this? Or are people keeping their solutions close to their chests?

Posted by: Pixy Misa at 07:09 AM | Comments (1) | Add Comment | Trackbacks (Suck)
Post contains 299 words, total size 2 kb.

<< Page 3 of 5 >>
83kb generated in CPU 0.0232, elapsed 0.2055 seconds.
59 queries taking 0.1886 seconds, 398 records returned.
Powered by Minx 1.1.6c-pink.
Using http / http://ai.mee.nu / 396