Some interesting available domains for today, courtesy of NameThingy

UseArea.com
AbstractDocument.com
UseAnt.com
NiceEffect.com
RealCriminal.com
OnePiano.com
ReservedMan.com
UseLamp.com
ExoticOrange.com
WideModel.com
LessVirus.com
RapLady.com
LonelyWeek.com
WeakPresident.com
TopShadow.com
BestRockers.com
KriZit.com
BodyClaim.com
OldCircle.com
StuckCan.com
RegularBurger.com
YoungHam.com
RadioactiveHeat.com
DoctorIssue.com
PredatorAnimal.com
WarSunday.com
FriendlyTuna.com
OneMaiden.com
FunnyDrug.com
RoundChin.com
BetaApple.com
BaySummer.com
LowSquare.com

While doing some data analysis on the namethingy, I came across some interesting findings.

The boys and girls names therein were taken mostly from recent US census data (and adapted, modified, and otherwise mangled for my own use).

What I found interesting was that once a particular name has gotten some bad press, it can poison that name for centuries from being used again. Just think, when was the last time you met somebody named:

Cain

Goliath

Judas

Hansel

Gretel

Benedict

Napolean

Adolf

 

 

The first Tuesday in November. Everybody remembers what's important about that, right?

Right. Melbourne Cup Day. The entire nation comes to a screeching halt for a five minute horse race.

Oh yeah, there's that little presidential election in America; which is also held on the first Tuesday in November - except that's actually on Wednesday (Sydney time). 

Somehow "October showers brings November flowers" doesn't have quite the same ring to it.

The title of this article 'Pennies From Kevin' actually came off the ABC radio today where it was used to describe the Prime Minister's economic stimulus package.

A little over four years ago I  wrote about finding a penny on the ground and actually picking it up. Was a time when I couldn't be bothered with the worthless things. They won't even buy you a piece of bubble gum these days.

In Australia, you won't find any pennies on the ground. None. They've done away with the worthless coinage. The smallest numismatic denomination is a five cent piece. In the super market and elsewhere the total is automatically rounded to the nearest multiple of five (unless you're paying electronically, in which case they can charge you the exact amount - as it doesn't require producing change).

Apologies. I'm actually going somewhere with this. Twice this week I've seen something shiny on the ground and reached over and picked it up. A two-dollar coin both times. That's enough to buy a beer.

I believe I will.

 

I'm not making this up. Driving home today, just outside Kangaloon, there was a dead rat on the side of the road. No big deal, right? Just another big ugly dead rat.

This one was wearing a knitted pullover.

 

According to Bush -

"The government is the only institution patient enough to buy these assets at their current low prices and hold them until their prices return to normal".

Hmmm. I have to question this plan then. There are a lot of investors out there who would gladly buy assets guaranteeing a return in ten or even twenty years - sometimes thirty.

What this says is that the downturn is likely to have negative effects for the next thirty years or more - and/or that there's a high probability these 'assets' will never return to normal. Otherwise investors would be jumping all over them. Several banking institutions are bankrupt for good reason.

I also question the U.S. government buying public stock after announcing their intention to do so. Right. The smart inverstors will have bought these stocks for a nickel on the dollar and wait for the government to buy in and bid up the price - and then quickly exit the market at a huge profit and leaving the taxpayer holding the loss. That's the way the market works my friend.

Better to just sit this one out folks.

Since I stopped actively updating this site several months back, it appears the bulk of the incoming traffic has been visiting my various random name generators.

I decided to clean these up a bit and spin them off onto a dedicated site. You can visit it at NameThingy.com. It was quite a fun exercise, as I've managed to reduce the random name generation and all the potential options to a single HTML page that is dynamically refreshed using Ajax. Check it out.

 

 

The brain is such a fascinating machine. Whenever you exercise it and stretch its abilities for one thing, it makes new synaptic connections in seemingly unrelated areas. 

I'm learning to play guitar all over again. Don't get me wrong - I've been playing for forty-some-odd years now and can play quite well.  But I play backward. Not just left-handed, but upside down as well. A few years ago, this led to a desire to play 'true' left-handed so that I could learn to Travis pick (fingerstyle).  The exercise didn't go as planned because it made me mildly schizophrenic. The strings were all backward - even though I was using the same hands I'd always used; and you've no idea how confusing this is. Depending on which guitar I picked up I could be strumming/picking and fingering chords either one direction or the other. 

But after doing this for several weeks, I discovered that I was soon able to Travis pick backward - which I couldn't do before. Granted I only used my index finger and thumb, but it was quite dramatic. I no longer play with a plectrum (guitar pick) as fingerstyle sounds so much better. I've improved this style in the intervening years, and can play some awesome stuff backward, but once again felt limited as I wasn't using the whole hand to pick. 

So a couple of weeks ago, I took on learning to play both upside-down and backward - or actually the way everybody else plays guitar - right handed. This didn't lead to the schizo problem I had a few years ago because both hands were now doing different things entirely. 

The first thing I discovered was how hard it is to learn to play in the first place. I was starting over from scratch. For the first week, the fingers of my left hand were tender and blistered, and my right arm ached. It takes time for the ends of your fingers to get damaged and heal again - and eventually callouses develop. My right arm wasn't used to playing rhythm, it was always doing melody and complex fingerings. 

Now a couple of weeks later it's starting to get easier to play and progress to barre chords and all the other stuff one needs to learn to play effectively.

But something changed.

If I flip the guitar over and play backward again, all of a sudden I find myself able to do a full clawhammer; the ultimate in fingerstyle picking. I've tried it before but wasn't pleased with the result. Now it suddenly becomes completely natural - as if I had been doing it for years. With clawhammer picking one can produce an entire orchestra of sound with intertwined rhythm, melody and harmony. I've managed to include everything but the pinky in my clawhammer, which will take a bit more work. It's really strange and difficult having your pinky beat out a rhythm on the bass strings, but I find there's no problem doing it with my ring finger. So now I've got four fingers actively picking out rhythm/melody/harmony instead of just two (and sometimes three).

If I continue down this path, it should be amusing to try a public performance. Start out right-handed and play something impressive; then flip it upside down and blow everybody away.  

 

...and ask a few fundamental questions about where we go from here. First, I don’t have answers. I want to spark debate, soul-searching, and most of all, change. I ask myself today, and every day, ‘What can I do differently to help?’

Recent weeks and months have been filled with news of economic problems, primarily the mortgage fiasco, but also the declining US dollar overseas and the price of energy, oil in particular. We know we have environmental problems, and those of us who have experienced hurricanes firsthand this year fear the worsening weather predicted due to global warming. But recycling doesn’t begin to address our future scarcity of resources, and there remains pathetic progress in developing alternative and renewable energy resources. In terms of human lifestyle and conditions, I see many faith-based organizations offering assistance to those in need, but those efforts are also paltry in comparison with what is required to bring all people to a decent standard of living. And is religion fulfilling it’s role as an ethical instructor?

The US economy is, more than any in the world, dependent upon we citizens feeling wealthy and spending. Each year, after the Christmas buying season, we hear assessments that gauge whether the season was a success or not, and success is determined by the increase in spending over the prior year. I am not pleased by this. As I have grown older, I have come to believe that success is helping others. Success is having good relationships, caring for and loving others. Success is giving someone else hope when they have none, love when they have none, sustenance when they have none.

The current crisis, the government loan to AIG, points out other fundamental flaws in our system, primarily greed and the governmental borrowing. I admit, I feel victim to greed during the Internet bubble of the late 1990’s. The idea of something gained without having to work for it has a certain appeal. But when the bubble burst, I paid the price, losing all I had invested. I didn’t cry out to the government for a bailout, for tax money to appease my poor judgment. Now don’t misunderstand, I realize the need for the government to prop up certain businesses if we want to maintain the status quo in our system. I am not callous and ignoring the effect of, in AIG’s case, 160,000 people out of work suddenly, without warning. Nor do I look forward with anticipation to the bankruptcy of multiple large banks due to foreclosed home loans, or the wiping out of retirement accounts invested in mortgage-backed securities. But I point out that when all those loans and investments were made, there was a risk v. reward calculation that should have been made to account for the expected return on investment. This is Investing 101, my friends. The higher the risk, the greater the reward. Or put another way, if you want to make lots of money quickly, you risk losing it all if things turn sour. I don’t remember my economics teacher mentioning any government guarantees when the risk rises above a certain level, nor am I advocating for that type of system. Instead, I am arguing that we are rewarding poor decision making when we bail these entities out today. And these bailouts, $500 billion for Freddie Mac/Fannie Mae, $85 billion for AIG, $200 billion a year for the Iraq occupation (and this just in from CNN: $1 trillion to ‘solve’ the bad mortgage issue once and for all), just where is that money coming from? Every expense I have just listed is falling outside the budget. Each requires the government to borrow, primarily from Japan and China (July 2008: Japan $593 billion, China $518 billion, UK $291 billion, treasury securities held). If you are a lender, and a borrower comes to you again and again for more money, at some point you realize what? You see that they are unable to manage money well, and therefore are a bad risk for lending purposes. You either increase the interest you charge (there’s risk v. reward again) or you stop lending to them altogether. Which would you rather see happen to the US?

We have many problems in front of us today. How we solve them will depend on one thing: What am I willing to change about my lifestyle? What will I do differently to affect the environment? What will I do differently to affect the economy? What will I do differently to grow spiritually, to demonstrate my values?

How have I answered the question? I can volunteer more, give more generously of my time and money to help others. I have returned to being a platelet donor at the local Red Cross. I am committing to giving away more of the money I have earned to causes that feed my spirit. I continue to ride my bicycle instead of drive a car. I am examining my possessions to determine what is needed and what is not, clearing out that which is not and making room in my life to attract what is truly important, what is deserving of my energy. I talk with people more about what’s important (hence this email) and less about superficial things. I try to connect with the emotion of the moment, to see how that informs my decision making process. I try to choose what helps everyone, not just myself.

 I am open to hearing the suggestions you have, to listen to your dreams and vision of our future together. We can’t continue our spendspendspend lifestyle; neither the planet nor humanity will abide this forever. We can choose how we change if we open our eyes and see what got us here. Please tell me what you see. Tell me what you will do differently tomorrow.

So this morning I get an email from the US Department of Defence. Seems one of our computers was being used as a launching pad to exploit some DOD systems. Found the computer, pulled it off the net and proceeded to do a post-mortem. My co-workers were offering all kinds of suggestions about how to go about this, what to look for, etc. All wrong of course. I've done this before. Found the payload in about 3 minutes. Hidden away in "/var/tmp/.. " - note the space at the end. Clever yes, but this is an old trick. I pulled off the payload files to have a look. Lessee, a streaming media server, thirty different denial of service attack generators, and one old root kit from 2001. 

My co-workers were instantly preparing to format the disk. Rootkit, bad. Re-format. Nah, these guys weren't after root, and they didn't get it. They got what they were after - another zombie to join their network of DoS slaves. If they really wanted to get root access, they would've used a modern rootkit.  The poor kid who uses this box has his entire PhD on it, and the last thing I want to do is erase his life's work. No need to. Just reset the password, get rid of the zombie net and put the machine back in service. 

Incidentally, this is just one of a growing number of incidents coming out of Romania. There were Romanian 'fingerprints' all over this particular exploit. FYI. In year's past we've seen involvement by Germany, Russia, China and others. This one is Romanian for what it's worth. Somebody there is funding an effort (or being funded) to stage denial of service attacks on a global scale. Interesting. 

I've been working on all kinds of different ways to completely stop XSS (and potentially the related CSRF) and provide a much better authentication framework for web applications. 

The problem:

The HTTP protocol is completely stateless. On the server side each and very page access starts with zero knowledge of who is at the other end of the connection. In order to provide what were once considered 'sessions' in the pre-web computing days, the client is able to store a 'cookie' which is sent from the server, which is sent to every page within that domain. The server can look at this cookie and use it to bind a particular person who has presumably passed authentication so they don't have to re-authenticate.

But cookie storage has some serious flaws. If somebody who isn't the specified logged-in person can read the cookie, they can become that person. IP address checks can help to provide extra verification but in a world containing proxies this information can be spoofed.

Cross Site Scripting is a method whereby a malicious person who is allowed to post HTML on a page can inject javascript code which is then executed on a registered user's session and the cookie is leaked or sent elsewhere - allowing the malicious person to impersonate the registered person.

A possible solution:

I'm still working out the details so please let me know if this is flawed, but I think I've got a way to prevent XSS and still allow registered members to post full HTML, CSS, whatever - including javascript.  It relies on the fact that cookies are stored and used per-domain. Different domains are unable to see cookies from another domain. 

We'll also assume SSL connections since anything else can leak everything (cookies, passwords, everything) to a port sniffer.

We'll start with a normal website at https://example.com - which we'll assume is a multi-user website where XSS could be a problem. If somebody on this site can inject javascript onto a page, they can steal the cookies of a logged-in user. There are hundreds of ways to do this that are beyond the scope of this discussion.

But we'll also create another domain - say https://private.example.com - which processes logins and does not serve content. This will have a different cookie than example.com. Perhaps we'll let it serve the website banner image just so that it is accessed on every page of the site. Since there is no active content allowed, it is immune to XSS eploits.

It is allowed to process login requests and send cookies, and one image. That's it. 

What this means from an attacker's viewpoint is that he/she now needs to steal two cookies to impersonate somebody else.  It may be easy to steal the cookie on the main site, but there's no way to get at the cookies for the private.example.com site since it isn't allowed to host active content.

The main site uses out-of-band methods (not involving HTTP) to communicate between the two domains and establish that the session is valid and authenticated. They're both hosted in the same place after all. It can check a file or database to see that the logged in session was authenticated by the other site. Both keys (cookies) have to match or the authentication is denied.

Anybody see a flaw in this? Granted I still haven't thought it through completely and haven't yet tested it, but I don't see any glaring problems on the surface. Some variation of this concept will probably work and both prevent XSS as well as provide a better way of doing web authentication that is much more resistant to intrusion.   

Again assuming https to prevent snooping, the only way I can see to steal both cookies and impersonate a logged-in user is to have access to the target person's desktop and browser. 

It also allows a site to completely separate the authentication mechanism from the content server allowing the authentication code to be small, simple, self-contained, and verifiable. 

 

Who'd a thought that a simple query to a Myspace.com page would result in the finding of long lost friends? Within 24 hours no less and from halfway around the world.

I've been looking for some friends in New Zealand, off and on, for the last 6 or 7 years. A couple of years ago I found a cell phone number in the online white pages in New Zealand but no address. Of course I promptly lost the number and never found it listed again.

 Yesterday I decided to reactivate my page on Myspace.com (yeah, I know - what's a 50 year old woman doing with a Myspace page.) I did a search on my friends oldest daughter - she was the only one who's name I could remember. Had to search through a few pages but found one that looked like a good possiblity.

 Sent a message to the person yesterday, telling them what I was looking for and could they possibly be one of the people I was looking for. This morning I check my e-mail and I've got a message from that person. Turns out I picked the right page - it belongs to the oldest daughter of my friends. Not only that, but she happened to be at her parent's house when she was checking her Myspace page and saw my message.

Turns out the family had left New Zealand, except for 1 daughter, and headed to Australia. Could explain why I couldn't find any trace of them in New Zealand. Didn't think to look in Australia - but then again, Australia is just a wee bit larger than New Zealand. Guess I'll be looking at a trip to Australia when the economy here improves (if it ever does).

You always here the bad things about Myspace.com and Facebook but here's one that's great. Kinda like how I found my husband. Decided to see if he had joined the 21st Century and was online - found him on Classmates.com and the rest is history. See the Wedding Blogs for more details.

Please visit ericarthurblair.com

George Orwell is the penname of Eric Arthur Blair. Known for writing "1984" and "Animal Farm", his first novel was "Burmese Days". It was based on his experience as an officer of the British Empire in Burma when his was 19 to 24 years old. Reading "Burmese Days", one can see how he acquired his distaste of governments that control their people.

I believe that if he were alive today, he would have many negative things to say about the current state of affairs in Burma. The military dictatorship sets a standard for evil that few can surpass. Millions of its citizens have been displaced, either by government decree or by fleeing for their lives. The government enslaves the population for public projects and in some cases has used villagers to walk through, and thereby clear, minefields at the cost of many lives. Burma, once the breadbasket of Asia and rich in natural resources, is today one of the poorest countries on Earth, unable even to feed itself.

Most of the citizens who have fled the country have gone to Thailand. Burma does not issue exit visas, to leave Burma you must do it illegally. Estimates of the number of exiles in Thailand today (2008) range from 200,000 to over a million. This website contains some pictures of a school for the children of refugees. No mention will be made of the location, as the school exists to benefit this future generation but in violation of Thai law. The children are taught history/culture, Burmese, English, math and science. A local health clinic provides ‘train the trainer’ classes for the teachers in public health issues such as food safety and hand washing, and this information is also provided to the children.

As the schools (and there are dozens in the Thai-Burma border areas) are illegal, they are grossly under-funded. The school cannot provide paper or pencils to the students. The teachers can’t make copies of anything. The books were written for Burma schools decades ago, and only the teachers have a copy. Everything is written on whiteboards for the students to use. The particular school pictured here serves lunch to 101 children each day, a bowl of rice with a spoonful of cooked vegetables on top. There’s no money for meat or milk. And yet, for many of the children, this meal alone makes attending school a great day. They have far less to look forward to at home.

Cyclone Nargis has just made a bad situation unbearable. The refugee flow into Thailand has begun to increase, as the Burmese population realizes no help will be coming from anyone. Large sections of Burma are uninhabitable, contaminated with salt water and completely without food or water. The government has declared the disaster ‘over’ and closed the shelters, leaving thousands without food, water or a roof over their heads during the monsoon season.

I have worked directly with some of these refugees and have learned one lesson above all: they are just like you and me. They want a better world for their children, they love their family, and they want to be healthy. Any differences are minor. I have learned from other work following disasters that the best help for survivors comes from neighbor helping neighbor. I ask that you consider these people your neighbor, on this planet we call Earth, and that you open your heart to help those less fortunate. I vow that any money collected here will go straight to Burmese people, either in the Irrawaddy Delta, recovering from the Cyclone, or to refugees in Thailand, preparing for the day when they may return to their homeland, no longer in fear for their lives. All money will reach a Burmese person. Thank you for your generosity.

At this time, I've managed to pull together a working kernel and prototype of the Reflection CMS. It is not yet ready for public release, but I've been pleased with the progress. Here's a bit of a white paper I've been putting together to explain the rationale and provide a high level overview.

 

                 Reflection Content Management System

Purpose:

Web content management systems and frameworks that exist today are clunky, overly-complicated, and often insecure. While many of the open source projects are developer friendly and openly encourage derivation, there is often a group that jealously protects the 'core' from feature creep. This makes it difficult to realise many web designs; as it is often the core that is insufficient to the task at hand. Being developer friendly does not mean that an application provides a workable development environment. Add-on modules often cannot be trusted - as they often reflect the work of novice software designers who have had to overcome the limitations of the core product.

In an effort to appeal to the most people, data abstraction is taken to new levels of absurdity and inefficiency. This is not limited to content management systems, as it is a software problem in general.

What I have attempted in taking on this gargantuan task of creating yet another content management system is to solve many of these problems, and to create a system that is extensible and encourages development at all levels - including the so-called core. To that end - most every function can be over-ridden without introducing serious versioning and update issues/incompatibilities. Nothing is sacred. 

The more that I mulled this task, the more it became apparent that what I was looking for in a content management framework is no less than an operating system for web pages. This involves user management, security, and the ability to execute arbitrary 'applications'. It also involves a notion of a file system hierarchy which can be represented entirely by URLs.

Many other content systems abstract data types, and this is a good idea; though it often makes for messy designs. At the heart is a generic nucleus of a content - who owns it, what the permissions are, various timestamps, etc. Data fields that are unique to a particular content item are stored elsewhere and joined on demand.

Implementation of this level of abstraction is a challenging problem. Due to design limitations of most database systems, it involves some tradeoffs - primarily in the ability to perform searches on extended data of multiple extensible data types. For a single type, it can be done with one query. However when multiple data types are involved, a second pass needs to be run to return the extended data for each item. For this reason, it is prudent to store as much 'searchable' information as practical within the nucleus.

There is also general agreement over using themes and templates at the presentation end, so that different renderings are possible without hacking code. Here I'd like to take it one step further and modularise the entire presentation layer. As well as a 'theme', once can choose a particular layout or representation of objects, such as a choice between list view and iconic view, and/or XML feed elements. By making this extensible and arbitrary, entirely new renderings can be accomplished without touching the object code or business logic.

Permissions System

Permissions are the core of any multi-user system. This needs to be well defined, and implemented close to the kernel or core and far away from the presentation layer. In a development environment, the developers should mostly be free of managing permissions. I've implemented a permissions concept similar to Unix/Linux - although modified for better adaptability to web applications. It uses the familiar rwx concept, but I've split the 'x' permission into 'x' and 'u'. 'x' is simply a list permission. 'u' is an ability to use or extend an item. For an article, the 'u' bit allows comment rights. For a vocabulary, it allows the ability to tag something using that vocabulary. I've also introduced higher level permissions. There are six levels: 

• rwxu admin  
• rwxu moderators 
  
• rwxu owner 
  
• rwxu group 
  
• rwxu members 
  
• rwxu other (aka visitors)

Members is for logged in members. Group is a group association to a unique group identifier, moderators are site moderator accounts. Admin privileges are included in the permissions flags for completeness; though it isn't obvious what value this serves and in most cases these will be masked to prevent locking out the system admin from managing the system.

The Directory Object

The directory or folder object is the primary means of implementing complex data structures and representations. It is an object like any other object on the system, but when navigated to, presents a listing of those items which are attached to it as siblings. It implements a general purpose search and list/enumerate operation. It also contains a path/filename to distinguish it in the URL hierarchy and provide file system semantics to database objects. However, the important items that it contains are a umask (permissions mask) which is applied to any child items, and it can also be configured only to hold items of certain types. This is what distinguishes a photo album from a weblog or forum list. One holds photos and the others hold articles. By allowing a directory to hold any type of content, it can be made to resemble a traditional filesystem; and indeed a multi-user website can be implemented which provides member sub-sites that they manage completely.  

The directory also has complete control over the presentation layer, via themes, renderings, and menu selection. This implies that directory is not simply a 'list', but the complete embodiment of the controls, settings, and the look of that list. These can be inherited and passed on to sub-directories. A limitless range of site policy and structure can be implemented by controlling the settings of the appropriate directory entries.

Applications

Applications or executable code lives outside the virtual directory tree. In order to address the need for an extensible application space and recognising the confines of URL management, applications are denoted by the first URL path parameter. For instance http://example.com/edit invokes the object edit/post application. Additional URL path components are passed to the application as arguments an a manner similar to Unix/Linux 'argv/argc' mechanisms. Application URLs take precedence over path URLs, such that creating a directory or document called 'edit' at the root level will be unavailable at that URL if the 'edit' application exists. An external path alias mechanism exists to redirect to another URL in the case of conflict with the application space.

An application framework exists that supplies plugin methods for handling initialisation, form posts, main page content, and menu callbacks. Arguments are parsed and passed in as argv/argc elements, although meta-arguments dealing with pagination (such as 'page=4') are dealt with by the kernel or core to minimise extra argument parsing at the application level. To provide pagination, an application only needs to obtain a count the total number of items and invoke a 'paginate' function.

Licensing

Reflection will be available under the generic Berkeley license. Free for all uses but with no implied warranty.

Platform

Recent/modern flavours of LAMP. Apache/mod_rewrite is required. PHP5.2+ is required for timezone support. Language: English.

Well, made it through the wedding - nary a hitch to worry about (at least not about the service itself). Had a great time in Vegas and actually stayed within our budget.

The flight to Las Vegas was the flight from hell though - but what did I really expect? US Air cancelled our direct flight, which was booked 3 months in advance and made us change planes in Phoenix, AZ. That wouldn't have been so bad as the layover was only supposed to be an hour but it actually lasted almost 4 hours. People were not pleased. Especially those of us that had to sit next to an honest to god Tweaker who came very close to losing her life from the time we sat down to the time the plane landed in Las Vegas. You hear about these people but you never think you're going to get stuck sitting next to one on a very small plane for and hour and a half but I did. At least the airline didn't lose any of our luggage - Praise the Powers That Be!

Then, we finally get to the rental car agency - in Las Vegas they have moved all the car rental agencies to one site off site of the airport. At least they have a nice little shuttle to and from the airport. Wouldn't you know it? We get there and there are only 3 people working the counter and a rather long line of people wanting to pick up or rent a car. One poor clerk was having to deal with a woman who was having major problems renting a car (credit cards were being declined). Once she was taken care of, things seem to move rather fluidly. Got our car, got our luggage loaded and got to the Hotel. Of course, we had several messages on our cells from friends and family wondering where the hell we were.

Got checked in, found our room and went and found FOOD. After that point, things went rather well. Even our flight home was uneventful. Probably to make up for the flight down. We definitely won't fly US Air again if we can help it. Although, when we checked in for our flight home, one bag was over the weight limit by 3 pounds and the clerk let it go without hassle or fines. I was very appreciative and let her know that. I have a feeling they don't get too many compliments or kudos. She was very nice and efficient and I did appreciate the fact that she didn't give us any grief. Funny, it didn't weigh that much going down to Vegas.

Gambling sure has changed since the last time I hit any casinos. Used to be there were only nickle, dime,quarter, 50 cent, dollar & $5 slot machines. Now, thanks to electronics there are tons of penny machines to play but none of the slots spit out money anymore. If you win, you get a ticket to take to a machine to get your winnings. The slots still sound off when you hit a jackpot, you just don't get the thrill of seeing your coins drop into the bucket. I did make a little bit of money playing BlackJack down on Fremont Street though. My hubby doesn't play the tables, he likes the slot machines. He didn't do too bad on Fremont Street either.

Excalibur has a restaurant/bar on the casino level called 'Dick's Last Resort' and the faint of heart or easily embarrased should refrain from entering. The servers have attitude and know how to use it. You have to see it to believe it and believe me, we saw it, participated in it and had an absolute blast. In fact, I have a piece of clothing on display there (at least it should be) unless one of the bartenders is still wearing it.  I'll let you wonder about that.

I just have to remember that the next time we decide to go on holiday and rent a Harley to make freaking sure that it's the top of the line touring model. Trying to shift to a more comfortable position without armrests is exceedingly difficult - especially if you don't want to cause an accident. Plus, there just a little bit more room for two people on the big fancy dancy models.

I can now say that I have ridden across both London Bridges and have the pictures to prove it. As far as I can tell, one of the only things Lake Havasu City, Arizona has going for it it the fact it is the home of the old London Bridge. That and the series 'Party Heat' is filmed there for CourtTv or whatever it's called now.

 

Just wanted to update y'all on current happenings since I terminated my daily rants a while back...

I've been working under the covers on a new web project; which takes all that I've learned building this here website and social spaces in general and pushes it into a new realm.

The thing about CMS software is that they all suck. Some suck worse than others, but they're all really, really bad. Most of them try to be all things to all people - and as a consequence fail miserably at being anything to anybody. I guess I've been guilty of that myself.

I'll be putting up a serious contender over the next several months to show that the situation doesn't need to be so abysmally abysmal. Oh yeah, and it will be open source, extensible, yada, yada. While basically working securely and outperforming any of the competition - without resorting to caching to make up for the sucky performance; like everybody else does.

In order to accomplish this, I'm not even going to try to create something that is all things to all people. Apache2.x+, php5.x+, mysql5.x+ and English only. I've re-written my existing website engine to be leaner and meaner and am currently adding some core functionality back in, whilst tossing 90% of the code that nobody (but me) ever used.

I've boosted performance by a factor of 4 at least, and will be reducing the number of database queries per page to under 10 on average (from a current average of 20-35); still way under the market leaders which hammer the database several hundred times for each and every page - and hit the file system an equal number of times. That's piss poor engineering and an embarrassment to any serious software developer. 

Security on each object has been radically simplified - however is extremely robust and verifiable.

Stay tuned... 

    

 

Here's a little shell script I cooked up to aid in managing large groups of Windows/Linux dual boot client workstations. It essentially makes the Linux systems 'call home' whenever they boot up so that we can have a series of scripts on the server which will bring them up to date. The alternative is to walk around to each workstation and type some commands. This gets old after you've done several hundred. It was also necessary to do this from a client side process, as there exist tools to push down changes from the server already, but we never know when Linux will be running. The PC might be running Windows for weeks. We just want everything to sync up the next time somebody boots Linux.

Anyway, here it is - I call it 'pcu':

#!/bin/sh -f
##
##
## Update client workstations from a
## sequentially ordered set of update scripts
## located on a network drive.
##
## Scripts may be named numerically to be processed
## in order. Only scripts with ctime newer than the
## time of last invocation will be processed.
##
##
##
## Configuration:
##
## For synchronizing clock

NTP_BINARY='/usr/sbin/ntpdate'
TIMESERVER='ntp.example.com'

##
## Server/path containing scripts. This dir is NFS mounted locally.
PCUSERVER='pcu.example.com'
BASEPATH='/home/pcu'

##
## Where to find the files locally
## Default is $LOCALPATH/$FAMILY/$HOSTNAME
## or $LOCALPATH/$FAMILY/default if no $HOSTNAME dir exists.
##
## $FAMILY is used to group scripts of similar
## machines/architectures/lab configurations

LOCALPATH='/etc/pcu'
FTIMESTAMP='/etc/pcu.time'
FAMILYCONF='/etc/pcu.family'
INSTALLOC='/etc/init.d/pcu'
DEFAULTFAMILY='general'

########################################################
##
## Install
##
if [[ ! -x $INSTALLOC ]] ; then
  echo "PCU installation commences. $0 "
  cp $0 $INSTALLOC
  chmod 755 $INSTALLOC
  update-rc.d pcu start 99 2 3 4 5 .
  mkdir $LOCALPATH
  touch $FTIMESTAMP
  echo "PCU installed."
fi
##
########################################################

if [[ -x $NTP_BINARY ]] ; then
  $NTP_BINARY -su $TIMESERVER
fi

mount -t nfs $PCUSERVER:$BASEPATH $LOCALPATH

if [[ ! -x $LOCALPATH ]] ; then
  exit
fi

if [[ ! -e $FTIMESTAMP ]] ; then
  exit
fi

if [[ -e $FAMILYCONF ]] ; then
  FAMILY=`cat $FAMILYCONF`
else
  FAMILY=$DEFAULTFAMILY
fi

echo "Processing Updates for $FAMILY"

if [[ ! -x $LOCALPATH/$FAMILY ]] ; then
  echo "$0: Warning: $LOCALPATH/$FAMILY ($PCUSERVER:$BASEPATH/$FAMILY) is not ac
cessible."
  umount $LOCALPATH
  exit 0
fi

if [[ -x $LOCALPATH/$FAMILY/`hostname` ]] ; then
  UPDATEPATH=$LOCALPATH/$FAMILY/`hostname`
else
  UPDATEPATH=$LOCALPATH/$FAMILY/default
fi

if [[ ! -x $UPDATEPATH ]] ; then
  echo "$0: Warning: $UPDATEPATH ($PCUSERVER:$BASEPATH/$FAMILY/default) is not a
ccessible."
  umount $LOCALPATH
  exit 0
fi

for a in `find $UPDATEPATH -type f -newer $FTIMESTAMP | sort -n` ; do
  echo -e "\t" `basename $a`
  sh $a
done

umount $LOCALPATH
date > $FTIMESTAMP

Some call it a vacation, these next two months, but I call it adventure and rejuvenation. I'm off to help some Burmese children learn about another world they hardly know exists. This has been planned for months. But recent events, as described in the following article, have overshadowed what I had envisioned as a chance to change a small piece of the world. I may be headed into a refugee tsunami, if the Burmese dictatorship totally fails it's population and the only route to survival lies in exodus. 

I've found it ironic that the current US President has been critical of the lack of response to the cyclone by the Burmese government. I was in Mississippi following Katrina, and can easily identify a kettle when it calls the pot black. But this article points out not only the lack of governmental response to disaster in Burma, but the fear of government held by not only the Burmese, but also outsiders already in Burma. Would you be willing, or able, to work for the common good under circumstances like these? I can only hope if the opportunity arises, that I can.

Misery in Laputta

---

By THE ASSOCIATED PRESS / LAPUTTA

Sunday, May 11, 2008

---

 

Apart from the sound of children crying, the town of Laputta is strangely silent.

Traumatized by the ordeal of surviving Cyclone Nargis, few people have anything to say. But it is also fear bred by 46 years of repression by military regimes that keeps them quiet.

A Cyclone Nargis survivor sits at a damaged school which has been turned into a makeshift refugee centre in Laputta, on May 10. (Photo: Reuters)

Although overwhelmed by the worst disaster in Burma's recent history, the junta has turned down foreign help and insists on using its ragtag infrastructure and poorly equipped military to conduct a grossly mismanaged relief operation for some 2 million people in distress.

And no one dares to protest. Even aid agencies are cautious.

"There are certainly parameters around whatever we do. It is very sensitive politically, but within those parameters we are getting through," said Tim Costello, CEO of World Vision Australia, one of the few foreign aid workers allowed into Rangoon.

Aid workers said critical supplies were reaching Laputta, a town of 20,000 people whose population swelled with 30,000 refugees streaming in from dozens of surrounding villages devastated in the May 3 cyclone.

Laputta is located near the coast of the Irrawaddy delta some 120 kilometers (75 miles) southwest of Rangoon.

But efforts to rush food and medicine from Laputta to lower-lying parts of the delta that were hardest hit have been slowed by the military's intense micromanaging.

"The government wants total control of the situation although they can't provide much and they have no experience in relief efforts," said a leading aid worker for an international aid organization. "We have to report to them every step of the way, every decision we make."

"Their eyes are everywhere, monitoring what we do, who we talk to, what we bring in and how much," the aid worker said in a soft voice, constantly looking around nervously as his assistant turned off all the lights except one dim lamp.

He agreed to the interview at night after being assured he wouldn't be named or identified in any way.

"Sorry, sorry. We don't want them to see you here. They don't trust us, as it is," he told a foreign reporter in Laputta.

The town, about 200 meters (600 feet) inland, is littered with flattened thatch-roofed homes and fallen trees. But it fared better than most neighboring villages, with several structures withstanding the cyclone's 190-kilometer (120-mile) per hour winds and the tidal surge it whipped up.

Schools, large houses and monasteries have become temporary shelters. Hundreds of survivors crowd the floor of a monastery's open-air hall, which is lit by dim kerosene lamps and candles. Only a few houses, mostly those belonging to people connected with officials, have generators.

People quietly eat whatever food is available while others try to sleep. Most people have to sit up because there is no space to lie down.

Few survivors wanted to speak to an outsider, as military trucks drove constantly through the town. Most cowered in corners.

Survivors take shelter while waiting for first aid treatment in Laputta on May 10. (Photo: Reuters)

On the outskirts of Laputta, 12 people were crammed into one tent pitched on a rice field. They were the only survivors from the village of Pain Na Kon and had fruitlessly searched Laputta for family members.

"We are family now. We are from the same place. We are together," said U Nyo, one of the survivors, his eyes red from tears and fatigue. "We need food. There isn't enough space in the town so we decided to stay here."

What lies beyond Laputta is the worst of the devastation, an area that remains difficult to access.

Fishing boats along the coast have helped ferry survivors to safety but can't make enough rounds a day to rescue everyone and the trip is a stomach-wrenching journey, said Maung U, the 36-year-old driver of a rescue boat.

"Each trip takes five or six hours through a narrow waterway littered with dead bodies," he said. "Every few meters, you see another dead body, human or animal."

He said every family has at least two or three persons missing or dead, and many people had to leave the bodies of their family members behind in the water or in the fields.

Diesel supplies are running low and rescuers fear that time is running out to help the people stranded in remote delta villages.

"Some have been living on coconuts," he said. "But even those are running out."

Copyright © 2008 Irrawaddy Publishing Group | www.irrawaddy.org

Updating all the timezone stuff one needs on a LAMP environment: (necessary in Australia because they changed the daylight savings start date once again). I haven't yet been able to convince my hosting provider to go through all this hassle; and the tables are outdated - so Aussie visitors may see an incorrect time on some of my websites for the next week. 

Test:

# zdump -c 2009 -v Australia/Sydney | grep 2008
Australia/Sydney  Sat Apr  5 15:59:59 2008 UTC = Sun Apr  6 02:59:59 2008 EST isdst=1 gmtoff=39600
Australia/Sydney  Sat Apr  5 16:00:00 2008 UTC = Sun Apr  6 02:00:00 2008 EST isdst=0 gmtoff=36000
Australia/Sydney  Sat Oct  4 15:59:59 2008 UTC = Sun Oct  5 01:59:59 2008 EST isdst=0 gmtoff=36000
Australia/Sydney  Sat Oct  4 16:00:00 2008 UTC = Sun Oct  5 03:00:00 2008 EST isdst=1 gmtoff=39600

(If the first two lines contain 'Mar' instead of 'Apr' you've got old tables). e.g. this is what an unpatched system would report:

# zdump -c 2009 -v Australia/Sydney | grep 2008
Australia/Sydney  Sat Mar 29 15:59:59 2008 UTC = Sun Mar 30 02:59:59 2008 EST isdst=1 gmtoff=39600
Australia/Sydney  Sat Mar 29 16:00:00 2008 UTC = Sun Mar 30 02:00:00 2008 EST isdst=0 gmtoff=36000
Australia/Sydney  Sat Oct 25 15:59:59 2008 UTC = Sun Oct 26 01:59:59 2008 EST isdst=0 gmtoff=36000
Australia/Sydney  Sat Oct 25 16:00:00 2008 UTC = Sun Oct 26 03:00:00 2008 EST isdst=1 gmtoff=39600

Debian:

# apt-get update 

# apt-get install tzdata

PHP5.x

# apt-get install php5-dev 

[fetch and save] http://pecl.php.net/get/timezonedb

# tar zxvf timezonedb-xxxxxxx.tgz

# cd timezonedb-xxxxxxx

# phpize

# ./configure

# make

# make install

# echo "extension=timezonedb.so"  > /etc/php5/conf.d/timezonedb.ini

# /etc/init.d/apache2 restart

 

 

MySQL:

# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql -p

(ignore all the errors from Riyadh{NN}, iso3166.tab, and zone.tab)