Thu, 30 May 2013
GPS Tracking Systems
I use my smartphone in addition to the cyclocomputer in order to be able to record my speed, and later compare the speeds at the same place amongst various conditions. The problem is what to use for tracking and what for reviewing and comparing the recorded tracks?
So far I record the tracks using Move! Bike Computer on my Android phone. It is far from ideal, but at least it stores tracks as a GPX files which are accessible directly from the flash. It uses 1-second intervals, and as a bonus, it can display the track using Google maps. The drawback is that it sometimes does not switch the GPS on, so it needs to be switched on manually from the Android top bar menu. The other drawback is that while it can send the GPX files by e-mail to the desktop computer, it does not remember the prefered export format (GPX instead of KML for me) and the prefered export method (e-mail using K-9 mail to a predefined address). So sending tracks from my phone for further archivation is not so easy. But at least it can be done. Another problem is the start and end of the track: I usually start this app before leaving home, and stop it some minutes or hours after reaching the destination. The recorded tracks then cannot be easily compared, because their durations vary in the order of tens of percent, even though the real time of activity is roughly the same. The auto start/stop feature of the cyclo computer is much more precise - the GPS always report at least some movement because of its imprecision and noise.
As for the viewer, the situation is even worse. So far the best I have found is Endomondo, (and "the best" here does not imply "good" at all). Endomondo can import the tracks in the GPX format, and display them on top of Google map, can generate the speed and height profile, etc. On the other hand, it is way too skewed to training and fitness (computing calories, etc.), and has way too much useless social features. It also has its own proprietary Android App, which makes sending data to Endomondo easier, but with this app it is impossible to get your own data back in an open format. Moreover, when importing GPX data with 1 second granularity, Endomondo rescales it to something more coarse (tens of seconds to even minutes), so it makes comparing the speed at a given place pretty meaningless.
What do you use for your sports tracking, and how does it meet your data accessibility and openness requirements?
Fri, 24 May 2013
File Manager
The last file manager I have used was Norton Commander back in the DOS era. Many years after that, during the flame wars between proponents of spatial and single-windowed Nautilus, I have only laughed at them, thinking that the command line was much better. Why would anybody need a GUI file manager? I feel slightly ashamed now, but I have to admit that for the last two weeks, I have also been using a GUI file manager.
I work on various things with respect to cabling, electricity, a new datacenter, and so on in the new building of Faculty of Informatics. The problem with the building specifications, projects, and so on is, that they are stored in the deep structure of directories, with names containing whitespace and even non-ASCII characters (in different character sets), and each directory contains many files or subdirectories with common prefixes shared by a set of files. So the usual tab-completion does not help - it is necessary to actually look at the completion prefix in order to know what character to add next. Here is an example of such a file name, starting from my automount point:
stavba_cerit_dok/01_ZADAVACI_DOK/02_zadavaci_projektova_dokumentace/\ FIMU_GD_SOD_příloha č. 1/!!!_02_FIMU_GD_SoD_Priloha_1_II.A_PD_DVD_PROJEKTOVA_DOK_1.etapa!!!/\ FI_F.3_03_PS 03 SUPERPOCITAC, DATOVE CENTRUM_DVD/\ F.3_03_5 SLABOPROUDE ROZVODY_DVD/F.3_03_5.2.01_PUDORYS 5NP - SLABOPROUD.pdf
In order to be able to quickly navigate inside such directory tree, I have started to use a GUI file manager. So far I use Thunar, the default file manager in XFCE. It can easily switch to any directory along the current path, and it has bookmarks for fast access to frequently-used directories. I use this feature a lot, because of the main drawback of GUI file managers: It is not possible to descend into a directory, which is an automount point (and which, from the VFS point of view, does not exist yet).
Do you use a GUI file manager?
Fri, 03 May 2013
Laptop Upgrade?
I've got my laptop, ASUS F3E, in September 2008. So maybe it's time for a new laptop. Last year I have briefly considered buying a new one, but I have found that after upgrading F3E to 4 GB of RAM, 9-cell battery, and a fast solid-state disk (OCZ Vertex 2), then-current models provided no significant improvement compared to my F3E. Is this year's offer better?
There are several problems with my F3E:
- Glossy display (no explanation needed, I think)
- Plastic chassis, which is already broken in two corners
- Slightly slower CPU than needed (I had problems playing full-HD video without frame dropping once or twice, but I am not sure whether mplayer can use both CPU cores)
- The WiFi interface supports 2.4 GHz band, not 5 GHz one
What parameters should my hypothetical new laptop have? Of course, it would need to be better than my upgraded F3E in every aspect, and meet the following criteria:
- Size: less than 16", preferably not smaller than 14"
- OS: sold without Windows (I don't want to pay the Microsoft tax)
- Display: matte, at least 1280x800, possibly with touch input
- RAM: at least 4 GB
- Graphics: supported in Linux using open source drivers, including 3D acceleration (so most probably I don't want nVidia)
- HDD: preferably SSD, but I can reuse the SSD from F3E
- CD/DVD/...: preferably none
- Battery: at least 4 hours with moderate usage
- Keyboard: with long backspace, double-height enter, inverse-T arrow keys, and preferably without separate numeric keypad; backlit if possible
- Chassis: aluminium or similar, definitely not plastic
Does such a laptop exist, my dear lazyweb? Or shall I stay with my upgraded ASUS F3E for another year?
Mon, 11 Mar 2013
Are the Directories Evil?
Jimmac has an interesting blog post about how GNOME users are not satisfied with the current look of GNOME folder icon, explaining the reasons behind its current state. The blog post contains an interesting reasoning, but I wonder whether the fact that an explanation was actually necessary does not invalidate it. For me, however, the most enlightening part of his blog post is this:
Exposing the directory structure is the pre-GNOME 3 world. What we focus on now are the applications.
This is exactly the kind of mentality which leads us to the world of systems with severe usability problems like Android, GNOME 3, or most current MP3 players. Maybe this is a news for some of you, but the concept of directories actually is useful!
I hate it when the audio player Android app cannot present the albums that I have on my SD card neatly sorted into directories (also) as those directories. I hate it when my car stereo cannot use subdirectories with depth greater than 1, and does not have a "shuffle subtree" function, making the whole "shuffle" thing unusable: I have songs, tales for kids, audiobooks, and language courses stored there, and I obviously don't want to shuffle through all of these, intermixing random language lessons with songs and audiobook chapters.
Why do I have to use a domain-specific "directory sorter" (e.g. MP3 or photo tagging application), when the system already has a general purpose means of grouping various files together: the directory tree?
Thu, 17 Jan 2013
Fedora 18
Fedora 18 has finally been released after being delayed several times. So far my experience is not so bad - upgraded systems mostly work. What are the biggest problems?
Most of them of course are in the rewritten Anaconda/FedUp combo. In my opinion, developers should be explicitly told to not rewrite things from scratch, if there is at least a small possibility of getting to the similar set of features with incremental modifications. The problem is that the previous codebase mostly works, and have lots of working features even for many corner cases. This resembles the infamous gdm-2.20 rewrite. Here is the list of problems I have ran into so far, using F18 on my laptop, on my workstation at work, and on a testing virtual machine:
- Gdm still cannot set the X server command line options, even though the developers promised the feature to be restored more than three years ago.
- FedUp provides no visual feedback about the progress of update. Who the f* wants to see the flashing Fedora logo during the upgrade, instead of some meaningful information? Are we trying to emulate MacOS or what?
- The new Anaconda cannot setup the storage the way user wants it to be set up, even though the old version worked even in this case. The developers response? Use Kickstart.
- Anaconda can select only one desktop environment for the installation. The response is the same as above. WTF?
- On my laptop, there was no way to select the correct time zone using mouse.
- Configuration files are being gradually
replaced with
systemdservices, which communicate over D-Bus, and have their configuration stored elsewhere. Replacing a three-line/etc/sysconfig/clockwith a permanently running daemon which needs its own command-line utility which talks to it over D-Bus seems really questionable for me. - My laptop is switching off when I close the lid. Apparently, another
systemdcomponent is doing this. Here is the workaround. - Jindřich's TeXlive page is yet to be updated for F18. There is the texlive-release.rpm package, but it points to a non-existent directory. I have yet to solve this.
- On the positive side,
systemctlno longer needs the.servicesuffix for the services.
To sum it up, we are slowly heading to the distribution where find(1) and grep(1) are no longer the sysadmin's friends, and
the sysadmin will need to use the specific D-Bus interfaces to talk to the
most parts of the system. It is kind of sad.
Thu, 29 Nov 2012
Secure Login at Alza.CZ
Here is how the "secure" login works at alza.cz, one of the biggest e-shops in the Czech Republic:
In the login form, user can click to the link named "SSL", which leads to the SSL-encrypted page with an alternative login form. The problem is, that this page apparently sends the login form data unencrypted, so the usage of SSL to display the login form is completely pointless.
Wed, 28 Nov 2012
SOAP::Lite
Today's daily WTF goes to the SOAP::Lite CPAN package and its non-configurability and mis-design.
For example, look at this:
HTTP Basic authentication is accomplished by overriding the get_basic_credentials suboutine in LWP::UserAgent (which SOAP::Transport::HTTP::Client is a subclass):
BEGIN {
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
return 'username' => 'password';
}
}
So apparently the only way how to use Basic authentication is to override
a global function in some foreign namespace. And what to do when I want to
use two SOAP servers with two sets of credentials inside a single application?
There are more similar "features" in SOAP::Lite. For example, tracing can
only be set up globally in compile-time, or by manually calling ->import().
My dear lazyweb, is there a SOAP module with cleaner design?
Update - Wed, 28 Nov 2012: Tracing
FWIW, it is probably easier and cleaner to do both basic authentication
and tracing at the transport level - the transport module here is
LWP::UserAgent (thanks Adelton for the hint!), so for example handlers described in the LWP::UserAgent manpage work:
$soap->transport->add_handler(
request_prepare => sub {
shift->authorization_basic($login, $pass);
},
);
$soap->transport->add_handler(
request_send => sub { print STDERR shift->content; },
);
$soap->transport->add_handler(
response_done => sub { print STDERR shift->content; },
);
I wonder why the SOAP::Lite manpages suggest such dirty ways
of handling this (and I have not even started mentioning things
like $SOAP::Transport::HTTP::Client::USERAGENT_CLASS global
variable; ugh)
Tue, 27 Nov 2012
Cookies Auth and 403 Forbidden
In IS MU we have recently abandoned the HTTP basic authentication and replaced it with cookie-based authentication. The main reason was that there is no portable way of logging out of the basic authentication. So I have based our new solution on Apache2::AuthCookie. The problem is, that it does not work correctly with some clients because of the way how the login form is handled.
When the yet-unauthenticated user accesses an URL for authenticated users only,
Apache2::AuthCookie returns the HTTP response with "403 Forbidden"
status code, and with text/html body containing the login
form. That way, the client cannot be possibly lead into the false assumption that the page it just received is in fact the content it wanted to receive.
So the user fills the login form, submits it, and the server returns the real
page for that URL, this time with "200 OK" status code.
This approach seems to be correct (even after reading the RFC 2616 :-). However, we observe problems with
the following two use cases:
- Nokia Symbian-based phones. After receiving 403 from the server, they display their own error message, and ignore the returned HTML altogether (except for the page background :-).
- Microsoft Word. When the link to the authenticated page is embedded inside the Word document, and user ctrl+clicks it, Word apparently starts MSIE to get the page. However, in this special case MSIE does not display the login form after getting the 403 status, but reports the error to its caller (MS Word) instead. So Word displays a generic error pop-up to the user, without the user being able to log in.
What to do now? The problem is clearly in the HTTP status code 403, and in its
mis-interpretation by some clients. I don't want to return the login form
in a 200 OK response, because I need e.g. the web crawlers to know that this
is not actually the page they tried to access. As for Symbian, they can be
clearly identified by their User-Agent string, so I can
return 200 OK only for them. But as for MS Word, I have no clue: what I see
is the request made by MSIE (and again, I probably don't want to return
200 OK to every unauthenticated MSIE request).
Any other suggestions, my dear lazyweb?
Mon, 12 Nov 2012
Desktop Environment-Specific Apps
I have recently came across this two years old bug report, filled to the bug tracker of Transmission (a Bittorrent client) where a GNOME developer suggests removal of the notification area icon from the application on the basis that GNOME 3 does not support notification area at all.
So if I understand it correctly, we are now living in a world where all the GUI applications have to be dependent on the particular desktop environment, and it should be no longer supported to run - say - Transmission under XFCE, or GIMP under KDE, at least according to GNOME developers. "We GNOMErs do not support notification area icons, so this application should not use it" (even though the application is not used exclusively under GNOME)? Where are the freedesktop.org cross-DE interoperability recommendations?
That said, notification area as such sucks - what I liked most was the original approach of X11: using on-desktop icons for minimized applications (instead of applications and documents shortcuts), and applications displaying their own status in their icon (handled by every window manager using the same ICCCM specification).
Fri, 12 Oct 2012
Failed SSD
Yesterday I went to a meeting and brought my laptop with me. I made
notes to a text file, and after the meeting closed the lid (my laptop
is configured to suspend then) and went away. After returning to my
office I have opened my laptop and seen only error messages from
the sda drive.
The drive was totally dead, and did not work even in another computer.
After plugging it in the SATA controller only printed something like
"resetting SATA channel", so it did notice something has
been plugged in, but nothing more. I had to teach my UNIX course in two
hours, so I had to quickly find a replacement, install a new system,
and configure it for presentation. Fortunately, I had a "spare" 2.5" drive
prepared as a replacement of the root FS of my workstation. So I deleted
the already configured system for my workstation, and used that.
Have you anybody seen a similar problem? The drive was "iops-optimized" OCZ Vertex II, about a year old. Fortunately, I use LUKS, so I can send it back to the vendor without worrying about my data.
Mon, 06 Aug 2012
Enterprise Bug Fixes
Today, an unimportant but interesting bug #313291 has been fixed in RHEL 5. Here is the timeline:
- 2007-09-30: I reported the bug.
- 2007-10-03: The package maintainer found the upstream change which fixed the bug.
- 2007-10-05: I have verified that this trivial patch fixed the bug for me.
- 2012-08-06: The errata and the fixed package have been released.
I am grateful that the bug has been fixed after all this time,
but I don't use RHEL 5 anymore, and mutt in RHEL 6 got the fix
from the upstream.
I wonder why they even bothered to fix the bug after so much time,
and even release the new mutt package fixing this single bug.
This is not a complaint, this is hopefully an interesting insight to
the release process of RHEL packages. Maybe some high-profile customer
wanted this bug fixed. Who knows?
Mon, 02 Jul 2012
404: /undefined
In IS MU, we log and evaluate errors in HTTP
requests, including "404 not found". When the Referrer header
points back to our site, we try to look for a broken link.
Recently (last month or so), strange 404 requests started to appear in our
log file:
These requests point to the location /undefined, with referrer
being our root document, /. And the referrer is not fake,
there is always a successful request to / from the same IP
address from several seconds ago. Occasionally we get similar 404 requests,
pointing to /lide/undefined, or /vyhledavani/undefined,
with referrer being /lide, or /vyhledavani.
We are not able to reproduce the problem. It is not User-Agent-specific
(altough most of the User-Agents with this problem are Chrome), and it
is not deterministic: we got tens of these 404 requests daily out of
milions total requests (and out of tens of thousands of requests to the
title page). These requests are always for a non-authenticated page, and
always for a page which is a directory (i.e. which is represented by the
index.html or index.pl document in that directory).
I think it is related to some Javascript we include to the title page - maybe JQuery, maybe Google Analytics. I have tried to remove the Google Analytics Javascript from our title page for a day, but it did not make the problem disappear. Also, our git log from the time these requests started to appear does not show anything related. We have found the following possibly related discussions:
- http://productforums.google.com/forum/#!category-topic/analytics/discuss-tracking-and-implementation-issues/oqEgEM3rc8M
- http://stackoverflow.com/questions/11017609/undefined-randomly-appended-in-1-of-requested-urls-on-my-website-since-12-jun
So, my dear lazyweb - any ideas what can be the cause of this behaviour?
Update - Tue, 03 Jul 2012: It is probably AJAX
Yesterday have added a new image to the 404 page which meets the above
conditions (location ending with "/undefined",
referrer being the location minus "/undefined"), and
so far after > 12 hours I see exactly zero accesses to that image
in my Apache logs. So this error is most probably caused by something
that users can't see, i.e. AJAX requests. Not the window.location
modification that himdel suggests in the coments.
Fri, 18 Nov 2011
Google Authenticator
For some time, I have been considering adding two-factor authentication to my systems in order to prevent break-ins in case somebody's workstation is compromised (which is a common attack vector these days). One of the systems for one-time passwords is Google Authenticator.
G-A has an application for many smart-phone platforms (Android, iOS, Blackberry), and has a PAM module, which is even packaged in Fedora. It stores users' secrets in a file in the home directory, and uses 6-digit time-based passwords and 8-digit emergency scratch passwords. The configuration in Fedora is pretty straightforward:
yum -y install google-authenticator- In
/etc/pam.d/system-authandpassword-auth, changepam_unix.sofromsufficienttorequired, and after that line, add the line which reads "auth sufficient pam_google_authenticator.so". - Install the G-A application to your smartphone.
- Generate a new key using the
google-authenticatorcommand. - Add the key to your smartphone, either directly or using a QR code.
- Profit!
There are several problems with SSH-daemon, though:
- With SElinux enabled, it does not work.
- When public key authentication is allowed in
sshd_config, it also does not work (use "PubkeyAuthentication no" in/etc/ssh/sshd_configand restartsshdif you want to test it).
Especially the second problem is pretty serious, as I wanted to allow also public key + one-time password authentication there.
So, my dear lazyweb, what kind of two-factor authentication do you use?
Mon, 03 Oct 2011
Dear Customer,
[...] we would also like to inform you about the following change
in your network: a new address has been assigned to you:
2001:4cc8:...::/64.
Netbox apparently supports IPv6 now. Yay!
Wed, 15 Jun 2011
High-Performance HTTP Servers
Yesterday I have read about Apache Traffic Server. My dear lazyweb, do you use something like that (or Nginx)? What is your main reason for using it? I wonder why use user-space solution, when IPVS works pretty well for load balancing.
