Data Circle

“I think the OpenBSD crowd is a bunch of masturbating monkeys, in that they make such a big deal about concentrating on security to the point where they pretty much admit that nothing else matters to them.” – Linus Torvalds, Post to linux-kernel mailing list

I saw this a couple of days ago, and I’m still not sure whether Linus is having a joke or being serious. I see his point about OpenBSD—they are rather obsessed with security—but I think it’s bad form for someone as well-known as Linus to go around bashing other projects, particularly when Linux systems use some of the same software (e.g. OpenSSH). This is part of the problem with geeks running large projects—you combine egos, technical smugness and superiority, and often a lack of social skills and put them into a forum (mailing lists) where you can say what you want with no immediate indication of whether you’ve offended someone or said the wrong thing.

I’m actually surprised that no one has picked Linus up on this, so perhaps he was just having a laugh, or no one dares to upset the Lord and Master of the Kernel.

Up until today, whenever I wanted to edit a file on my server under OS X I would open a terminal, ssh to my server and run vim. However, whilst this generally did the trick, copying and pasting code was tricky, and it just wasn’t the same experience as using a graphical editor (which is what I would usually do). Thankfully, I discovered that TextWrangler, a superb piece of freeware from Bare Bones software, will allow you to open remote files on a server and edit them as if they were stored locally (which effectively they are, as the software takes a local copy and then overwrites the server version when you save).

N.B. Technically TextWranger works over SFTP, which is included as part of the openssh package but might need to be enabled in order for this to work—just plain ssh access might not be enough.

For those of you who keep up to date with browser releases, Firefox 3.0.1 has recently been made available. If you’re currently running Firefox 3, you should be prompted to download the update at some point, or you can force an update by going to Help->Check for updates. Amongst other things, this release fixes three critical bugs, so updating as soon as possible is highly recommended.

If you’re still using Firefox 2, version 3 is now labelled as stable and so you might want to consider upgrading in the next couple of weeks. The third major version of the browser fixes lots of bugs and introduces a whole swathe of new features, and is well worth upgrading to. Unfortunately, the update function won’t allow you to update from version 2 to 3 automatically, so you’ll need to download the relevant binary for your system or wait for your package management tool to receive the update.

As always, the full 3.0.1 release notes are available (the link points to the European Mozilla site, but it contains the same information and remembers that I might want to download en-GB instead of en-US).

WordPress 2.6 is now available for download, with a fantastic array of new features, including:

• Wikipedia-style tracking of changes.
• Support for Gears, to allow static files (stylesheets, images etc.) to be downloaded to your local drive for faster access – though I’m not entirely sure how this differs from having files stored in your browser cache.
• The ability to preview themes before pushing them live.

From my own point of view, I’m not sure that I’ll get a great deal of benefit from any of the major changes, though I do like the automatically updating word count feature, and of course I’m glad to see nearly 200 bugs closed in this release.

As always, my advice is to upgrade as soon as possible, if only to take advantage of the security fixes. Upgrading is fairly simple, though you may need to be careful if you have lots of plugins or themes installed, and of course you should always take a backup of your database and existing installation, just in case something does go wrong. Naturally, if you have a WordPress.com blog, all of this will have been taken care of for you anyway.

37signals, the Web company best known for Basecamp and Ruby on Rails (which I believe all of their products is written in) has recently announced that it is to phase out support for Internet Explorer 6 across all of its product lines, starting from August 15th.

From a Web standards point of view, I’m happy to see this sort of action being taken by a reasonably influential company. I completely agree with their argument that IE 6 is a last-generation browser (released in 2001), and that having to support it means that some new features will be difficult or perhaps even impossible to implement. Furthermore, it’s hardly difficult to upgrade to the latest version of Internet Explorer, or download an alternative such as Firefox, Safari or Opera (all have free versions), and perhaps if a company has to upgrade for Basecamp it will appreciate the benefits of faster and more secure browsing on other sites too.

However, from a business perspective, I’m not so sure that phasing out support for a browser which still commands a significant proportion of the market is a sensible idea. Perhaps 37signals have virtually no clients using IE 6 (they claim “below a small minority threshold of our customers”, though that could mean anything really), but this is a fairly major change to make given only a month’s notice. Having said that, any company which relies on the services provided by 37signals will probably just upgrade their browsers anyway, so perhaps it’s not going to impact their bottom line too much. The general feeling on the Web seems to be that people are glad that 37signals are taking a lead on this, but that not everyone is in a position to drop support for IE 6 as a larger percentage of their customers are still using that browser and can’t upgrade, either because of policy restrictions (using their browser at work where application installations are controlled by a central authority) or simply not knowing how to.

Further reading

• IE6 Independence? – Matt has some interesting statistics from WordPress.com, which suggest that around 27% of people visiting that site still use IE 6.

A week or so ago, I ran into a strange problem on a Mac Mini server which I run in the lab where I’m currently doing my MPhil research. The server has two IP addresses bound to the same physical network interface, as I wanted to run two instances of Apache and for them both to bind to port 80. Everything had been working fine, but one day, after a reboot, the server found itself unable to connect to the Apache instance which was bound to the second IP address. Worse still, it couldn’t even ping the second IP address, which was rather worrying. This was a little annoying to say the least, as I had a cron job running which downloaded a file from the site hosted on the second IP address and saved it to the local disk.

After a bit of digging around with no luck, I started a thread on the macosxhints forums to see if anyone else was aware of a solution. The usual suggestion of “check your firewall settings” was made, but nothing had changed in that regard and starting/stopping the firewall made no difference. Eventually, someone mentioned that they had a FreeBSD box where the netmask of each additional IP address was set to 0xffffffff, rather than the 0xffff0000 which I was using. I didn’t think this could be the problem, but I decided to give it a try anyway, and to my (pleasant) surprise everything worked. A closer look at the ifconfig man page for OS X confirmed that additional IP addresses with the same subnet (as was the case in this situation) should have a netmask of 0xffffffff. Not having this meant that the server couldn’t actually resolve the MAC address of the second IP, so of course it couldn’t communicate with it at all—rather an obscure problem.

It’s still puzzling me as to why this appeared to work before, but for now I’m just glad that the problem is fixed!

I recently upgraded to the latest release of Ubuntu (Hardy Heron) and one of the first things I noticed was that the fonts in Firefox looked very odd, particularly on sites using sans-serif fonts such as Verdana or Arial (and their equivalents). At first this didn’t bother me too much, but over the course of a few weeks it became a real bug bear, and I was beginning to use my Mac or boot into Windows XP just to look at websites, which obviously isn’t ideal.

Fortunately, there’s a quick and easy fix for this problem—simply install the package ‘msttcorefonts’. You can do this via the graphical package manager (System->???????? ????? ????????Administration->Synaptic Package Manager) or using the command line with ‘sudo aptitude install msttcorefonts’. You might need to reboot your system after doing this, but it all seems to be working again for me.

The latest release of the multi-protocol messenger client for OS X office furniture in Bulgaria
has been announced. This release includes a huge number of changes (see the version history for full details) with 188 tickets closed. Admittedly one or two of these tickets are not really improvements or bug fixes, such as Get Catfish_Man a Gerbil, but overall it seems as if a huge number of bugs have been quashed in the new version. There are some improvements to the user interface as well, including the ability to access your contacts list from the little duck icon which sits in your menu bar, although I’m not sure I’ll use any of these.

Needless to say, if you already have Adium then you should upgrade now—the process is as simple as Adium->Check for Updates (which may be run automatically each time you start Adium, depending on your preferences). If you don’t have Adium already, you should definitely give it a whirl. The only problem is that it only works on OS X, the rest of us have to use the ugly Pidgin instead.

Being the hardcore geek that I am, I use the mutt email client to check my main email account. Whilst mutt is by far and away the best client I’ve used—its threading support blows the competition out of the water for a start—one thing has always bugged me. I’m subscribed to lots of mailing lists, some of which set the Reply-To header to be that used by the original poster, rather than replacing it with the list address. There are sound reasons for doing this, but as a user I have then have two options:

1. Hit ‘r’ to reply, then remember to replace the sender’s email address with that of the list (assuming I want to reply on-list), which is a bit clumsy and easy to forget.
2. Hit ‘g’ to reply, and email the original sender whilst copying in the list address, which creates two copies of the mail for the original poster (assuming he is subscribed to the list). This annoys a lot of people, including myself.

Neither of these options is ideal—what I want is the ability to reply to the list address in all circumstances, simply by pressing a single key. Thankfully, today I found out that there is a simple way to do this, which is to add each mailing list to my ~/.muttrc like so:

subscribe man-lug@lists.manchester.ac.uk linux-users@lists.manchester.ac.uk

If you’ve got several lists on one domain, as I have, you can simply use:

subscribe @lists.manchester.ac.uk @lists.evolt.org

Now whenever a post comes in from one of these lists, it gets marked with an ‘L’ (which is not too important, as all of my lists are filtered into individual folders anyway). If I want to reply to any post, I can use ‘L’ and mutt will automatically put the list address in the To: field, and I can still use ‘r’ to reply off-list to the original poster if I so desire. Problem solved!

WordPress, perhaps the most popular blogging software out there, has a new version out today, which plugs several security holes (though I’m not sure that exposing your draft posts really counts as a vulnerability) and fixes a few minor bugs.

Upgrading from any version post 2.1 seems to be pretty easy – I’ve just upgraded Data Circle, Politics Watch and Rogue Tory, all from different versions, and it took me about ten minutes in total. The CSS for the admin panel has been improved, so the fonts look a lot better under Linux. Security updates and bug fixes are of course also welcome, although these are less obvious improvements in a way because I haven’t seen the problems they cause.

Anyway, if you’re running WordPress on any of your sites, I’d strongly recommend that you download the latest release and then follow the upgrade instructions. It shouldn’t take more than a few minutes, and you’ll be protecting your site from several vulnerabilities by doing so. If this is too much effort for you, WordPress.com will keep things up to date for you, and items such as domain mapping cost a minimal amount per year.