I got a mail today from Jeroen pointing me to the “Pigeon: Impossible” short animation movie (thank you for that Jeroen). It is very funny. This is the first movie by writer/director Lucas Martell. He figured pixar is putting out a 90 minute movie every year. So a 6 minute short would take him… about… 3 months. Well 5 years later (May 7th 2009) it was finished. Job well done. Enjoy the movie. If you like it also check the podcasts. It gives you a little peek behind the scenes. Very amusing and interesting.
Oh now… as a fractal lover (especially the Mandelbrot set) I was amazed at the 3D extension of the mandelbrot set which they dubbed the Mandelbulb. Here you can find detailed information on the set. But maybe you don’t care for formula’s… you just want the images? I have to sink my teeth into this puppy for a while before I fully understand how this is created. Meanwhile here’s a nice video of the mandelbulb. Fractal dimensions now in 3D… what a day…
I’ve blogged about World of Goo before on this site. It’s a great game that will entertain you for many hours. I got a tip yesterday from Sander (thanks mate!) about the World of Goo birthday sale. In short: you can determine your own price for the game. Watch it… this will only last until october 19!
You will get all downloadable versions… so one for Windows (why would I want that?) & one for Mac OS X & even the versions for Linux. I’ve donated $1.00 for the game and it makes me feel like a cheap ass but I think that’s the whole meaning of the birthday sale. I think you can donate as less as $0.01 to get the game but I didn’t try it out myself.
Wired.com has a nice (fictional) write-up on the shooting of the upcoming world of warcraft movie. The idea is that the extra’s in the movie are actual WoW-players… sooo… here’s what you get when you release a group of wow-players into the real world of movie shooting. Very recognizable (and funny).
There are extras goofing off everywhere, but it takes an hour of asking around to get a group of 10 of them together to shoot a scene. And then, just when we’re about to start filming, one of them suddenly has to leave because his mother needs him to clean his room or something.
You may have noticed some downtime of the blog. This was due to a major system upgrade in which the entire system was recompiled against a new gcc/glibc combination.
After doing this and sifting to all changes in the configuration files apache failed to start… How nice. Segmentation faults all over the place. A little tweaking here and there solved the problem albeit a little later than expected… Anyway… back online.
As it became clear that the outage was going to take more time than expected I wrote a small sorry-server in perl that served the webpage displayed below:
Now this is actually a nice effort to do something new from the music scene. Today (20 july 2009) it is 40 years ago that Neil Armstrong & Edwin “Buzz” Aldrin set foot on the moon. To commemorate this event (and to earn a buck or two) David Bowie released tracks on the iTunes store. These contains the individual recording tracks from the “Space Oddity” song. So now you can make your own remix from these eight tracks. There is an application for the iPhone or you can use any other music editor (Garageband for example) to make your own mix…. I think this is a nice idea.
Want more acoustic guitar? Crank it up? Depending on your creativity you can even replace or add tracks in your own mix. Go creative… go wild… info here.
Some people have too much time on their hands… thank the übernerd for that!
Only the background should be black and the ladders should be blue… but what I’m a nagging about? Great job!!
Okay okay, calm down people…. calm down… This week rumours spread all over the internet that a 0-day attack against openSSH was used to compromise computer systems. Everyone was advised to upgrade to the latest version of openSSH even though there was not a single piece of evidence of this attack. Sure there was a nice (and somewhat entertaining) ‘script’ dump of an alledged attack (also read the small comments inside the script dump, very funny at times). In this dump you can see that they used a tool called 0penPWN (also called 0pen0wn) that alledgedly breaks openSSH. But I think we are all able to fake some output aren’t we? Here’s another dump of an alledged attack.
Damien Miller (openSSH) responded that he still has not gotten a single piece of evidence of a 0-day exploit. He summarizes some of the possible attacks and argues that its very unlikely that openSSH can be compromized in those ways. It seems that the actual hacks were brute-force password attacks that actually succeeded.
I protect my system against brute-force attacks by allowing only 5 failures from a single host. When 5 failures (like invalid usernames) are detected the host is blocked for 4 hours. It does have a whitelist of known hosts that I will never block. This is a simple script that is constantly monitoring messages from the ssh daemon. Oh and when I mean block I’m talking iptables so all packets are dropped and the attacker will be slowed down and the attack comes to a grinding halt. This approach works like a charm. When my server was just online I got around 10 to 20 attacks per day that lasted for hours. Now I only get a few per day which are automatically detected and killed at a very early stage.
Here’s an extract from the sshd logfile (some fields are blurred). Here you’ll see 5 errors from a specific IP (98.173.XXX.XXX) and that’s it. From there on packets are dropped from that IP address.
extract from sshd.log
Here’s an extract from the logfile of my script that shows what clients are blocked and unblocked. You will see that we block the attacker and around 4 hours later we re-enable it. When he’s still attacking he will be blocked for another 4 hours etc.
Yesterday Google officially announced Chrome OS, an operating system targetted netbooks (both intel x86 & arm-based). Chrome OS will be built on the linux kernel. Google will reimplement the security architecture of Linux. A new minimal graphical interface will provide an easy to use interface. As google says it: “it should just work”.
Speed, simplicity and security are the key aspects of Google Chrome OS. We’re designing the OS to be fast and lightweight, to start up and get you onto the web in a few seconds. The user interface is minimal to stay out of your way, and most of the user experience takes place on the web. And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don’t have to deal with viruses, malware and security updates. It should just work.
Oh well, maybe you’ve already seen this but this morning a coworker showed me a nice easter-egg in firefox. Just type ‘about:robots‘ in the address bar of firefox (or click the link, duh!). For those who want to short-sell themselves and don’t use firefox I put a screenshot below. Also check the name of the page “Gort! Klaatu barada nikto!“…
Unix, one of the most important pieces of software ever created, will turn forty this summer. To commemorate this computerworld wrote up a nice story on the early days of Unix. How the first version came to be and how it became portable to other systems as well…
In August 1969, Ken Thompson, a programmer at AT&T subsidiary Bell Laboratories, saw the month-long departure of his wife and young son as an opportunity to put his ideas for a new operating system into practice. He wrote the first version of Unix in assembly language for a wimpy Digital Equipment Corp. (DEC) PDP-7 minicomputer, spending one week each on the operating system, a shell, an editor and an assembler.
There’s also another article which has the Unix timeline. A nice read as well.
Mayday… Mayday… the vehicle that tried to spread FUD (fear, uncertainty & doubt) in the open unix community is going down… The demise of SCO is neigh… Many times investors have tried to keep the warship afloat but this time it’s going down for good.
Groklaw has a nice article on it… Chapter 7 may be the last chapter of SCO.
Now this has to be the ultimate mod for a macbook. EdsJunk cracked his MacBook open and added a second monitor to it. So instead of the dull backlit apple logo you can now display anything on it. Here’s a video of the result… oh boy…
I was digging digg and found this offbeat picture of a guy sitting amidst a web of wires using some paper documentation to figure out what is connected to what. Well if the wiring in your datacenter looks like this you can be sure that the chances of the documentation being accurate are neigh.
Aren't you glad you don't work in IT? No! I'm just glad I don't work here
Anyway the caption on the image on digg was “Aren’t you glad you don’t work in IT” as if we need to feel pity for this guy or any other IT guy. Well the wiring in this picture is a clear demonstration of incompetence (not perse by the guy in the image). Don’t pity them, educate them. I’ve done my rounds in datacenters and I’ve seen many examples of wiring gone haywire. I don’t take pictures at client sites to respect the confidentiality agreements but I found some great examples on the web of proper wiring and many examples of even worse wiring than depicted above. See below.
I’ve blogged about 
