I'm in the future. Like hundreds of years in the future. I've been dead for centuries. Oh, lovely, you're a cheery one aren't you?
Tuesday, October 14
Whiteout
So, we had a big storm roll through Sydney yesterday. Well, medium-sized storm, anyway.
And we had a blackout where I live in the northern suburbs. Four hours after the storm had passed. Don't know what the story was with that.
Anyway, 11:30 at night, I was in the shower, lights go off, water goes cold, kind of annoying. I found my notebook (sitting by the bed) and opened the lid, which provided enough light to find some clothes and then my phone and my tablet, check Twitter (Hey, the power just went out!) and go to bed.
Around 2AM everything came back on and woke me up, and I checked my computers and got them rebooting before heading back to bed.
I was worried about the Linux box because it had a degraded RAID array that I hadn't got to fixing (though I do have a full backup). So I checked on that this afternoon... And it's no longer degraded. It's working perfectly.
Um.
Also, server move next weekend. Details to follow, expect 30 minutes or so of downtime.
Update: It's doing this. It's not meant to do that.
Posted by: Steven Den Beste at Wednesday, October 15 2014 04:21 AM (+rSRq)
3
4" of rain in Sydney yesterday, 8" of snow in the Blue Mountains, just west of Sydney. It's not unusual for them to get a bit of snow in winter, but 8" this late in the year is pretty rare.
This time last year they had raging bushfires up there.
Posted by: Pixy Misa at Wednesday, October 15 2014 03:14 PM (PiXy!)
4
Pixy. Wonderduck has an odd bug to report. It seems Mee.nu, and Mu.nu can't be accessed from Illinois. This is the case in multiple browsers. All other sites are accessible. (Mote: I don't think he actually tested ALL other sites) Anyway, he asked me to post a comment to this effect. I should note that blog access is most desirable as he''l soon be housebound. Duck season starts in Illinois this Sunday.
Posted by: The Brickmuppet at Saturday, October 18 2014 05:52 AM (DnAJl)
5
I appear to be back, thanks to helpful tips and pointers from Pixy.!
Posted by: Wonderduck at Saturday, October 18 2014 07:19 AM (BCjxQ)
6
...and the spammers are returned. Now they've actually gone from annoying to flat-out vexing, as their new trick is to make their messages VISIBLE, as opposed to so hag-ridden that it never appears in the comments.
Even worse, now they're talking sports. Not well, but sports.
Posted by: Wonderduck at Tuesday, October 21 2014 07:57 AM (BCjxQ)
7
Now that the server move is done, I have more time to work on the spam filter. I'll get on this today.
Posted by: Pixy Misa at Tuesday, October 21 2014 02:24 PM (PiXy!)
We dodged Heartbleed because our SSL libraries were older than the bug, but this bug - dubbed Shellshock - is old enough to vote, and the affected program is Bash, the default shell on hundreds of millions of Linux and MacOS X systems all over the world.
Fortunately CPanel updated Bash to the patch release automatically, and Minx itself is designed not to use the shell, ever. I went so far as to write my own file management library because the default Python library uses the shell to do its work. I didn't know of this bug at the time, obviously, but passing data from the web to a shell script is fraught with fraughtness and I wanted no part in it.
I think we're safe. But while this is quick and easy to patch, there are a huge number of potentially affected servers and some of them have reportedly already been hacked. Be extra cautious for the next few days if anything looks out of place on the sites you visit. Big names like Amazon are almost certainly safe; it's the little guys who don't have a full-time IT staff who need to scramble.
Well, and the IT guys themselves, which is why I'm up at 3AM.
1
Speaking of the file system. Would it be possible to make it so that when we create a new directory, the proper templates are automatically filled in?
Posted by: Mauser at Friday, September 26 2014 06:32 AM (TJ7ih)
They always used to tell me that OpenSourceâ„¢ was a guarantee of quality and lack of bugs and exploits. With all the eyes looking it over, nothing bad could make it through, they said. (Eric Raymond, I'm looking at you!)
Posted by: Steven Den Beste at Friday, September 26 2014 08:55 AM (+rSRq)
3
Another forum I read was all over this today. Most of the people there asserted "(essentially) nobody uses CGI these days so this isn't likely to be widespread." I wonder if that's true.
Posted by: RickC at Friday, September 26 2014 11:01 AM (0a7VZ)
4
CGI isn't used much these days - but all it takes is one old script that you've forgotten about, and persistent scanning bot, and they're in.
Posted by: Pixy Misa at Friday, September 26 2014 12:38 PM (PiXy!)
5
When they say "isn't used much", they almost always mean "for brand-new projects". There's all sorts of hairy old Production code out there with do-not-touch signs attached. There are several big companies who'd be happy to hire me because I know old Perl.
In this case, though, it doesn't matter. The most modern, spiffy web framework in the world might be running in a scripting language where system() calls out to the shell with an unsanitized environment, and then boom!
Many years ago I did much the same as Pixy when I was writing a secure-execution wrapper for student operators. "I can't think of anything nasty that you could do by passing the user's environment variables through, but just in case, I'll create a fresh, blank environment and pass just the ones I like". Six months later, there was a bug about overriding shared libraries through environment variables...
-j
Posted by: J Greely at Friday, September 26 2014 02:57 PM (1CisS)
6
Just a caution, I dunno if you caught the update to that article (or the various CERT notices), but the first official fix for the vulnerability was flawed and either introduced something new or did not fix the entire problem. There is apparently an unofficial patch out (and being tested, I guess), but no official patch yet.
Posted by: ReallyBored at Saturday, September 27 2014 02:59 AM (n3V1X)
7
Yeah, I already applied the second patch, and it sounds like there's going to be at least one more. Yech.
Posted by: Pixy Misa at Saturday, September 27 2014 05:35 PM (2yngH)
8
Spam continues to make The Pond sad, Pixy... there's three examples in my comments queue to look at, if it helps, but I'm getting 200+ spams at a shot, three or four times a day.
Help?
Posted by: Wonderduck at Wednesday, October 01 2014 07:04 AM (BCjxQ)
9
One more seems...optimistic. CERT just dumped 2 more "previous fix was incomplete" alerts out and added 2 more separate (but slightly less ugly) alerts.
Posted by: ReallyBored at Wednesday, October 01 2014 12:17 PM (n3V1X)
10
Pixy, I just had to delete 30 pages worth of spam from the Pond's comment section. Same stuff that's been plaguing me for the past however long it's been...
Suggestions?
Posted by: Wonderduck at Sunday, October 12 2014 06:15 AM (BCjxQ)
11
I'll set them on fire. And also update the spam filter.
Posted by: Pixy Misa at Wednesday, October 15 2014 12:13 AM (PiXy!)
12
Ooh, yes, I like that idea. Fire and spam goes well.
Posted by: Wonderduck at Wednesday, October 15 2014 01:46 PM (BCjxQ)
13
Your putting them to the torch appears to have made a difference, Pixy... instead of 30 pages of spam every few hours, I'm getting two or three spam comments total per day.
Thank you!
Posted by: Wonderduck at Thursday, October 16 2014 07:49 PM (BCjxQ)
USB 3.0 is pretty neat. If you're used to USB 2, the performance jump (from 480Mbps half-duplex to 5Gbps full-duplex) can be startling. And it's cheap and if not ubiquitous, then at least widespread.
The connectors, though, are crap. One end exists in a weird subspace with 720° rotational symmetry; the other is just plain ugly.
USB Type C fixes that, with a single, simple, compact, reversible connector. The cable is the same at both ends and works either way up.
Also, it supports USB 3.1, bumping the speed to 10Gbps.
And it supports up to 100W of power, up from 7.5W.
And now it supports DisplayPort. You can have a 4K monitor at 60Hz plus USB 3.1 over a single USB cable. Or you can have a 5K monitor at 60Hz, but only with USB 2.0, because it needs all the wires for video data.
There's just one fly in the ointment: At full speed, it's only specified to work over a 1 metre cable. At half speed, you get 2 metres. So perfect for docking your laptop or tablet (because you get 100W of power at the same time) but kind of iffy for the desktop.
Posted by: Pixy Misa at
12:52 AM
| No Comments
| Add Comment
| Trackbacks (Suck)
Post contains 205 words, total size 2 kb.
Saturday, September 20
Giveaway Bits
I have a few extra game keys to give away thanks to the generosity of Steam, Humble Bundle, and Kickstarter.
So if anyone would like free keys for any of the following, let me know in the comments or drop me an email.
Civilization V
Wasteland 2 (Steam or GOG) -> RickC
Torchlight
Batman Arkham Asylum -> Mauser
Batman Arkham City -> Wonderduck
Batman Arkham Origins -> Gothmog
Divine Divinity -> Hypozeuxis
Divinity 2
Beyond Divinity
Divinity: Dragon Commander
RPG Maker VX Ace -> Andrew G
Scribblenauts
Stacking
Stonehearth (not Hearthstone, which is a different thing). This is still in alpha, but I have an alpha gift key. -> Avatar
Faerie Solitaire
Giana Sisters: Twisted Dreams
Dust: An Elysian Tale -> RickC
Ittle Dew
Monaco: What's Yours Is Mine (couple of these)
Couple more I forgot about:
Shadowrun Returns (two of these)
Shadowrun: Dragonfall (two of these too)
Cities in Motion 2 (one)
Mostly they're giftable Steam keys, so you'll need a Steam account.
1
Good morning, Pixy! How very generous of you! I have most of your list already, except the Batman Origins game. In fact, I don't think I have the Batman City one either. If you're feeling magnanimous, either of those would be great.
Gothmog
Posted by: Gothmog at Sunday, September 21 2014 01:47 AM (DSOTN)
2
I don't play a lot of games (I buy them and they sit neglected) but I'd be curious to try Arkham Asylum. I've seen some interesting playthrough videos.
Posted by: Mauser at Sunday, September 21 2014 06:04 AM (TJ7ih)
3
I'd like the Wasteland 2 key if it's still open.
Posted by: RickC at Sunday, September 21 2014 06:32 AM (0a7VZ)
4
I think I'll give Stonehearth a try, if you'd be so kind. Thanks.
Posted by: Avatar_exADV at Sunday, September 21 2014 07:41 AM (ZeBdf)
5
I'd appreciate the Arkham City game, always thought it looked great. If not that, the Arkham Asylum one will be swell, too.
Thank you, Pixy!
Posted by: Wonderduck at Sunday, September 21 2014 07:45 AM (BCjxQ)
6
How's this going to work? E-mail, or should I just mention my steam account is paulmauser712 ?
Posted by: Mauser at Sunday, September 21 2014 06:15 PM (TJ7ih)
7
For the Humble Bundle keys (most of them) I'll need an email address. You can reach me directly at andrew.maizels /at/ gmail.
Posted by: Pixy Misa at Sunday, September 21 2014 08:06 PM (PiXy!)
8
My steam account is frostcat--or is it easier to give you an email address?
Posted by: RickC at Monday, September 22 2014 02:32 AM (0a7VZ)
9
Best to send me an email. andrew.maizels /at/ gmail.
Posted by: Pixy Misa at Monday, September 22 2014 10:06 AM (PiXy!)
10
The Divinity ones sound interesting. Steam or email? (I have to dig out my Steam password, it's been a while since I used it - don't remember whether it was Civ V or Torchlight 2)
Posted by: Hypozeuxis at Monday, September 22 2014 11:23 AM (DB+RE)
Posted by: RickC at Thursday, September 25 2014 03:38 AM (ECH2/)
21
Okay, I finally got it downloading last night. Was kind of a roundabout process, first logging into HB, enabling all the various scripts included, letting THAT log me into Steam (Always a little hinky to me enabling one website to link into another account of mine), convincing Steam to let my "Unfamiliar browser" to login (meaning another email cycle) and then, finally the download began, until my crappy wireless ISP decided, as usual, to clamp down on my bandwidth to about 1/8 of what the promised.
So it's STILL downloading.
Posted by: Mauser at Thursday, September 25 2014 08:26 PM (TJ7ih)
22
After all that, I hope you like the game! And yeah, the downloads for those Arkham games are huge.
Posted by: Pixy Misa at Friday, September 26 2014 01:20 AM (PiXy!)
23
Hey Pixy- I can't help but notice you still have a Civ V up there unclaimed. My son would sure enjoy it if you're willing- Also, I'd love to add you to steam so I can return the favor, what's your steam-handle?
Posted by: Gothmog at Monday, September 29 2014 08:09 AM (DSOTN)
1
I can't help but feel that the "just how many continents" conundrum is posed by the same kind of person that brought us the entirely useless[1] -ibi- pseudo-SI units.
[1] Ok, they're not entirely useless; they signify that a person using them is an al-retentive twit.
Posted by: RickC at Tuesday, September 09 2014 08:55 AM (0a7VZ)
Posted by: Mikeski at Tuesday, September 09 2014 11:28 AM (luDkn)
3
I missed that, but I did catch the Pandemic reference. Bloody Madagascar!
Posted by: Pixy Misa at Wednesday, September 10 2014 12:12 AM (2yngH)
4
Pixy, just to let you know, I'm getting slathered by spam over at The Pond. Fortunately, it's all too spammy to actually make it into the visible spectrum, but it's kinda annoying to have to delete 8 pages of comments ever few hours. Particularly because most of it is in French.
Any help would be appreciated!
Posted by: Wonderduck at Wednesday, September 10 2014 02:10 PM (eNsTS)
5
Wow...duck slathered in spam....add some pineapple and chives and you could....
oh....
sorry....
Posted by: The Brickmuppet at Wednesday, September 10 2014 04:42 PM (DnAJl)
6
Just don't ask the next obvious comment, what are Incontinents....
Posted by: Mauser at Wednesday, September 10 2014 05:16 PM (TJ7ih)
7
Mauser: that's the people who are spamming the duck.
Posted by: RickC at Thursday, September 11 2014 02:11 AM (ECH2/)
8
Pixy, I've saved a few examples of the spams in my "edit comments" backstage page. You're welcome to poke around and take a look at 'em. I got another 10 pages of spamination overnight. Whee!
Posted by: Wonderduck at Friday, September 12 2014 01:14 AM (eNsTS)
The existence of 5K panels also suggests that Apple will release a retina iMac sooner rather than later. Apple like to exactly double the display resolution for retina models, and this 27" 5K panel does just that.
5K doesn't sound like a lot more than 4K, but that's 5120x2880, up from 3840x2160, so about 70% more pixels. To put it another way, it's exactly the same ration as the jump from 1920x1080 to 2560x1440.
One caveat: You'll need two DisplayPort 1.2 (or Thunderbolt) outputs to drive this thing at 60Hz. DisplayPort 1.3 can't arrive too soon!
Posted by: Pixy Misa at
06:25 PM
| No Comments
| Add Comment
| Trackbacks (Suck)
Post contains 112 words, total size 1 kb.
Saturday, August 30
The Lane At The End Of The Ocean
Digital Ocean are a rather neat VPS provider. The fatal flaw with VPSes has always been I/O performance: You can't virtualise IOPS.
Couldn't.
SSDs.
To unpack that a little, an expensive top-of-the-line enterprise disk drive can deliver about 250 I/O operations per second (IOPS). Any SSD can handle tens of thousands.*
So if you throw away the spinning rust and use nothing but SSDs, VPSes actually work. And since all the complexity and expense came from trying to make the spinning rust work, rather than the VPSes themselves, this is actually a very cost-effective approach.
Case in point: A Digital Ocean "droplet" with one virtual CPU, 512MB of RAM, 20GB of storage, and 1TB of bandwidth costs just $5 per month.
My physical servers cost rather more than that - but then again, they have 32GB of RAM, 2TB of disk, and 240GB of SSD (all RAID-1) each. If you need 32GB of RAM, 2TB of disk, and 240GB of SSD, a physical server from a mid-tier provider is still going to be cheaper than Digital Ocean. But if you want to quickly pop a server into existence to try out, say, CentOS 7, a Digital Ocean droplet is hard to beat. Not only is it set up to your specifications in under a minute, but you're billed by the hour, up to a monthly cap - so if you only need something for a few hours, you only need to pay a few cents.**
Except that they are not - at least yet - in Australia. San Francisco, New York, London, Amsterdam, Singapore. Singapore isn't a terrible location to reach from Sydney, but it's not great either.
If only there were a provider in Australia that offered similar SSD-based VPSes -
Oh.
That were priced as low as -
Oh.
That was run by someone I'm familiar with, like the people behind Mammoth -
Oh.
Binary Lane isn't as polished as Digital Ocean (yet), but they're a lot more flexible; you can select the number of CPUs, amount of memory, disk, and bandwidth all independently, and you can adjust them at will after the fact as well.
The one downside is that this being Australia, bandwidth is STILL FUCKING NIGHTMARE EXPENSIVE with the basic $5 plan with 200GB of bundled bandwidth turning into an $85 monster if you want the 1TB that Digital Ocean offer. Though it wasn't that long ago that I was paying that much for bandwidth out of a second-tier provider in the US.***
Oh, and they're in Brisbane, which means a 30ms ping instead of 15ms I got for my old Sydney-based VPS.
Edit: Vultr provide a similar service at a similar price with nodes in Seattle, Los Angeles, Dallas (where we are currently located), Atlanta, Miami, Chicago, New Jersey (where our backup server lives), London, Amsterdam, Paris, Frankfurt (currently sold out), Tokyo, and Sydney. (Yay!) Their configurations aren't as flexible as Binary Lane, but their worldwide scope is a big plus. Going to give them a try as well.
Update: I've now tried out Digital Ocean, Binary Lane, and Vultr. Digital Ocean is the most polished; Binary Lane the most flexible; Vultr the fastest and the best for global distribution. So far all of them have worked flawlessly, and they all offer amazing value for money.
Linode have also jumped into the SSD VPS market, with competitive pricing to the three mentioned above.
Then there's Amazon and Google, with page after page of pricing tables. Meh.
* Sustained random write performance is a fraction of the burst speed, but over the past five years that's improved from "a small fraction" to "a substantial fraction" and is no longer a problem for 99% of users.
** Literally - their VPSes start at 0.7c per hour.
*** Never mind that, I can remember when bandwidth cost me $30 per gigabyte, which rather puts $100 per terabyte in perspective. Come to think of it, excess bandwidth on my mobile phone still costs $30 per gigabyte.
1
You're so cool! I don't suppse I have read something like this before.
So good to find somebody with some genuine thoughts on ths subject.
Seriously.. many thanks for stareting this up. This website is one thing that's needed on the internet,
someone with a bit of originality!
Posted by: m88 at Sunday, August 31 2014 05:05 AM (yqH+W)
It's comforting to know that spambots think you're cool, isn't it?
Posted by: Steven Den Beste at Sunday, August 31 2014 01:15 PM (+rSRq)
3
I wonder if the spambots have trouble staying logged in for more than a couple hours.
Posted by: Mauser at Sunday, August 31 2014 07:16 PM (TJ7ih)
4
My programmer is trying to convince me to move
to .net from PHP. I have always disliked the idea because
of the costs. But he's tryiong none the less.
I've been using WordPress on numerous websites for about a year and
am nevous about switching tto nother platform.
I have heard excellent things about blogengine.net.
Is there a wayy I can transfer all my wordpress posts into it?
Any kiund of help would be really appreciated!
Posted by: Hanna at Tuesday, September 09 2014 12:54 PM (lWfAE)
Posted by: ahd at Saturday, September 20 2014 11:50 AM (w2nxo)
6
I was suggested this web site via my cousin. I am not certain whether or not this publish
is written by means of him as no one else realize such special
about my trouble. You are amazing! Thanks!
Posted by: aliasy at Sunday, September 28 2014 02:04 PM (V5RLn)
7
Wow, awesome weblog layout! How lengthy have you ever been running a blog for?
you make blogging glance easy. The entire look of your web site is fantastic, let alone the content material!
Posted by: forskolin at Saturday, October 04 2014 12:58 AM (ZImOC)
