Yenya's World

Thu, 30 May 2013

GPS Tracking Systems

I use my smartphone in addition to the cyclocomputer in order to be able to record my speed, and later compare the speeds at the same place amongst various conditions. The problem is what to use for tracking and what for reviewing and comparing the recorded tracks?

So far I record the tracks using Move! Bike Computer on my Android phone. It is far from ideal, but at least it stores tracks as a GPX files which are accessible directly from the flash. It uses 1-second intervals, and as a bonus, it can display the track using Google maps. The drawback is that it sometimes does not switch the GPS on, so it needs to be switched on manually from the Android top bar menu. The other drawback is that while it can send the GPX files by e-mail to the desktop computer, it does not remember the prefered export format (GPX instead of KML for me) and the prefered export method (e-mail using K-9 mail to a predefined address). So sending tracks from my phone for further archivation is not so easy. But at least it can be done. Another problem is the start and end of the track: I usually start this app before leaving home, and stop it some minutes or hours after reaching the destination. The recorded tracks then cannot be easily compared, because their durations vary in the order of tens of percent, even though the real time of activity is roughly the same. The auto start/stop feature of the cyclo computer is much more precise - the GPS always report at least some movement because of its imprecision and noise.

As for the viewer, the situation is even worse. So far the best I have found is Endomondo, (and "the best" here does not imply "good" at all). Endomondo can import the tracks in the GPX format, and display them on top of Google map, can generate the speed and height profile, etc. On the other hand, it is way too skewed to training and fitness (computing calories, etc.), and has way too much useless social features. It also has its own proprietary Android App, which makes sending data to Endomondo easier, but with this app it is impossible to get your own data back in an open format. Moreover, when importing GPX data with 1 second granularity, Endomondo rescales it to something more coarse (tens of seconds to even minutes), so it makes comparing the speed at a given place pretty meaningless.

What do you use for your sports tracking, and how does it meet your data accessibility and openness requirements?

Section: /computers (RSS feed) | Permanent link | 0 writebacks

0 replies for this story:

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Fri, 24 May 2013

File Manager

The last file manager I have used was Norton Commander back in the DOS era. Many years after that, during the flame wars between proponents of spatial and single-windowed Nautilus, I have only laughed at them, thinking that the command line was much better. Why would anybody need a GUI file manager? I feel slightly ashamed now, but I have to admit that for the last two weeks, I have also been using a GUI file manager.

I work on various things with respect to cabling, electricity, a new datacenter, and so on in the new building of Faculty of Informatics. The problem with the building specifications, projects, and so on is, that they are stored in the deep structure of directories, with names containing whitespace and even non-ASCII characters (in different character sets), and each directory contains many files or subdirectories with common prefixes shared by a set of files. So the usual tab-completion does not help - it is necessary to actually look at the completion prefix in order to know what character to add next. Here is an example of such a file name, starting from my automount point:

stavba_cerit_dok/01_ZADAVACI_DOK/02_zadavaci_projektova_dokumentace/\
FIMU_GD_SOD_příloha č. 1/!!!_02_FIMU_GD_SoD_Priloha_1_II.A_PD_DVD_PROJEKTOVA_DOK_1.etapa!!!/\
FI_F.3_03_PS 03 SUPERPOCITAC, DATOVE CENTRUM_DVD/\
F.3_03_5 SLABOPROUDE ROZVODY_DVD/F.3_03_5.2.01_PUDORYS 5NP - SLABOPROUD.pdf

In order to be able to quickly navigate inside such directory tree, I have started to use a GUI file manager. So far I use Thunar, the default file manager in XFCE. It can easily switch to any directory along the current path, and it has bookmarks for fast access to frequently-used directories. I use this feature a lot, because of the main drawback of GUI file managers: It is not possible to descend into a directory, which is an automount point (and which, from the VFS point of view, does not exist yet).

Do you use a GUI file manager?

Section: /computers/desktops (RSS feed) | Permanent link | 3 writebacks

3 replies for this story:

Milan Zamazal wrote:

I use Dired in Emacs. Powerful, text based, utilizing common Emacs features (e.g. bookmarks) and excellently integrated with the whole Emacs environment. I don't know how it compares to current file managers but it used to be much more powerful than anything I've seen in the last century. Considering my recent experience with some popular e-mail clients and discovering how primitive they are I've got some reasons to believe there are still not many file managers comparable to Dired. But does it make sense to use Dired without using Emacs generally? Probably not as environment integration is an important part of file manager usage. For instance, it's impractical to have different sets of bookmarks in a file manager and in other applications or it would be annoying if you renamed a file in a file manager and the corresponding change didn't happen in your editor having the file open for editing at the same time.

Yenya wrote: Re: Emacs

Well, the feature with rename probably does not work when the file in question is renamed by something else (possibly over a network FS), altough it can be partially solved with inotify. Apart from that, I don't want to boot another OS just to use a file manager.

thanh wrote:

I use tc (Total Commander) on windows, and mc (Midnight Commander) on linux/mac, both are very similar to nc. Another plus is that it's not required to have emacs (or vim) to use it ;)

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Fri, 03 May 2013

Laptop Upgrade?

I've got my laptop, ASUS F3E, in September 2008. So maybe it's time for a new laptop. Last year I have briefly considered buying a new one, but I have found that after upgrading F3E to 4 GB of RAM, 9-cell battery, and a fast solid-state disk (OCZ Vertex 2), then-current models provided no significant improvement compared to my F3E. Is this year's offer better?

There are several problems with my F3E:

What parameters should my hypothetical new laptop have? Of course, it would need to be better than my upgraded F3E in every aspect, and meet the following criteria:

Does such a laptop exist, my dear lazyweb? Or shall I stay with my upgraded ASUS F3E for another year?

Section: /computers (RSS feed) | Permanent link | 10 writebacks

10 replies for this story:

dan wrote:

Some time ago I bought Lenovo X230 and I'm ok with it. It has (or can have) everything you described above except of the screen size, which is less than 14", and MS tax. I believe it can be equipped with a 3-band antenna which allows 5Ghz wifi, but in this case you wouldn't have the webcam. Check the specs to be sure. Optionally you can have a backlit keyboard or thinklight. I have even managed to squeeze in a 16GB of RAM and an msata SSD, along with a regular HDD. Battery life is about 5-7 hours with 6-cell battery, but I suspect that the power management in my system sucks. In windows it's much better.

dan wrote:

I forgot - you may also check out Lenovo X1 Carbon, it has similar specs to X230, but the screen is larger with higher resolution I think. You can cut your vegetables with it :-).

Peter Kruty wrote:

You are describing mac book air in your criteria :). (If I can take the liberty of ignoring 'preferably not smaller than 14"'.

Yenya wrote: Re: Macbook Air

Is it really supported in Linux with open source drivers, or have you took the liberty of ignoring this requirement as well?

honzah wrote:

@Peter Kruty: How is paying the Apple tax better than Microsoft tax? You can at least fight that one, I bet there is no chance to get your OS money back from Apple. @Yenya: Why do you have so small requirements for the display? Every other _phone_ has better resolution these days.

Peter Kruty wrote: mac book air

@Yenya: Oh, somehow I assumed this is solved problem for Intel graphics (not really watching this closely). So, yes I took the liberty too. In general looks like so called ultrabooks are matching most of your requirements. @honzah: Yenya was mentioning not willing to pay MS tax (nothing about Apple). Regarding Apple Tax: I believe this is different situation Apple HW and SW are designed for each other and from same vendor. I don't blame Apple for that, because it works very well for usability. Variety of generic laptop vendors are locking their hw to windows, while we can hardly talk about same tight integration for a user's benefit (and I mean a generic computer user, not someone like Yenya with very specific requirements).

Yenya wrote: Re: Macbook Air

Well, I didn't know that Apple uses Intel graphics - this is actually well supported under Linux. That said, even though I did not mention it explicitly, Honzah is right that for me, Apple tax is almost the same as Microsoft tax. Why would I buy a hardware from a vendor which explicitly does not want me to use it with Linux?

thingie wrote:

Basically, you can have a generic crap with some disastrous 1366x768 display (it doesn't matter if glossy or matte, it doesn't, it doesn't, it'll have faded vomitty colors anyway), they are all absolutely same. Or you can have something more decent, but then, it's either the macbook, or perhaps some more high-end-ish ultrabook.

Peter Kruty wrote: Dell XPS 13

Quite expensive, but you are paying for your specific requirements :) http://www.zive.cz/bleskovky/dell-xps-13-linuxovy-ultrabook-s-ubuntu-dostane-full-hd-displej/sc-4-a-167668/default.aspx

Yenya wrote: Re: Dell XPS 13

Looks interesting, thanks. The specs (even on the Dell site) are shallow, though. No mention whether it has matte display, and how exactly the keyboard looks like. Also, no SD card reader, but I guess this is the price for being so thin. OTOH, I am ok with the cost. But according to zive.cz, it is not (yet?) sold in CZ.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Mon, 11 Mar 2013

Are the Directories Evil?

Jimmac has an interesting blog post about how GNOME users are not satisfied with the current look of GNOME folder icon, explaining the reasons behind its current state. The blog post contains an interesting reasoning, but I wonder whether the fact that an explanation was actually necessary does not invalidate it. For me, however, the most enlightening part of his blog post is this:

Exposing the directory structure is the pre-GNOME 3 world. What we focus on now are the applications.

This is exactly the kind of mentality which leads us to the world of systems with severe usability problems like Android, GNOME 3, or most current MP3 players. Maybe this is a news for some of you, but the concept of directories actually is useful!

I hate it when the audio player Android app cannot present the albums that I have on my SD card neatly sorted into directories (also) as those directories. I hate it when my car stereo cannot use subdirectories with depth greater than 1, and does not have a "shuffle subtree" function, making the whole "shuffle" thing unusable: I have songs, tales for kids, audiobooks, and language courses stored there, and I obviously don't want to shuffle through all of these, intermixing random language lessons with songs and audiobook chapters.

Why do I have to use a domain-specific "directory sorter" (e.g. MP3 or photo tagging application), when the system already has a general purpose means of grouping various files together: the directory tree?

Section: /computers (RSS feed) | Permanent link | 5 writebacks

5 replies for this story:

Vašek Stodůlka wrote:

I have mixed impressins on this topic. I really liked Palm way of doing this - you pressed "Documents to Go" and the documents was there (!), without folders and anything, and only documents were listed, the same with other files. It was like a magic. :-) I like Google's "folderless" email, I configured Thunderbird same way. But on the other hand - current audio players are stupid for not having the tree structure, which I sometimes want and sometimes not.

Yenya wrote: Re: Vašek Stodůlka

I am not against tags per se, but I would like my apps to use _also_ the directory tree, because it is possible to put the files into directories by almost any tool, be it command-line or GUI. The problem is that not all albums on my disk have consistent tags (or have tags at all), and I don't want to spend time looking up and possibly retyping the names of tracks.

Gris wrote:

I couldn't care less about stupid eye candy, but I, too, absolutely loathe all the 'music library' shit. Just because all the various content sellers don't have to care about directory structure doesn't mean that the approach is cool and everyone should use it. Fortunately, there are still alternative applications that allow the user to choose the approach that suits them best. As for Jimmac, I suggest we start a relief fund so that he can go buy a clue.

thingie wrote:

When I think about all that time lost in pointless and retarded sorting of stuff into some directories, which I could, finally, stop doing some short time ago... And everything is much better now. So much better.

Yenya wrote: Re: thingie

Well, if it works for you, it's great, more power to you! But for me it is simply not possible to throw all the tracks newly downloaded from my favourite artist's website, or converted from CD to one heap, because everybody uses different tagging styles, genre name variants, and so on. It would be a bigger mess than creating a new directory with the name and location conforming to my own style, and downloading/converting directly there.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Thu, 17 Jan 2013

Fedora 18

Fedora 18 has finally been released after being delayed several times. So far my experience is not so bad - upgraded systems mostly work. What are the biggest problems?

Most of them of course are in the rewritten Anaconda/FedUp combo. In my opinion, developers should be explicitly told to not rewrite things from scratch, if there is at least a small possibility of getting to the similar set of features with incremental modifications. The problem is that the previous codebase mostly works, and have lots of working features even for many corner cases. This resembles the infamous gdm-2.20 rewrite. Here is the list of problems I have ran into so far, using F18 on my laptop, on my workstation at work, and on a testing virtual machine:

To sum it up, we are slowly heading to the distribution where find(1) and grep(1) are no longer the sysadmin's friends, and the sysadmin will need to use the specific D-Bus interfaces to talk to the most parts of the system. It is kind of sad.

Section: /computers (RSS feed) | Permanent link | 3 writebacks

3 replies for this story:

Peter Krutý wrote:

> FedUp provides no visual feedback about the progress of update. Who the f* wants to see the flashing Fedora logo during the upgrade, instead of some meaningful information? Are we trying to emulate MacOS or what? I see very nice progress bar, when my macbook is updating :).

Vašek Stodůlka wrote:

I switched to Debian with Gnome 3 and Gnome 2 removal. I'm probably too conservative (and old) for Fedora. :-)

Yenya wrote: Re: Vašek Stodůlka

The problem with Debian is that it is, well, Debian. I prefer RPM over DPKG for technical reasons, and I prefer my system without the mandatory GNU/ prefix for political reasons. I also like the short release cycle of Fedora.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Thu, 29 Nov 2012

Secure Login at Alza.CZ

Here is how the "secure" login works at alza.cz, one of the biggest e-shops in the Czech Republic:

Alza SSL login

In the login form, user can click to the link named "SSL", which leads to the SSL-encrypted page with an alternative login form. The problem is, that this page apparently sends the login form data unencrypted, so the usage of SSL to display the login form is completely pointless.

Section: /computers (RSS feed) | Permanent link | 3 writebacks

3 replies for this story:

dan wrote:

I agree, their login form is weird. I checked it with firebug and fortunately the credentials are not sent over in plaintext - it's still HTTPS. It seems that something in the way they are sending them confuses the browser - they are not using a standard HTML form, they are sending the credentials using XHR request. The login doesn't even work with JS turned off.

toto wrote:

Ty máš co kritizovat...spíš si oprav CSS. http://imgur.com/PBm7C

Yenya wrote: Re: toto

Well, the "official" URL of my blog does not start with https, so it is not my problem that it contains http-only images or whatever when accessed over https. Also, there are no private data sent over the net during communication with my blog (as opposed to Alza.cz).

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Wed, 28 Nov 2012

SOAP::Lite

Today's daily WTF goes to the SOAP::Lite CPAN package and its non-configurability and mis-design.

For example, look at this:

HTTP Basic authentication is accomplished by overriding the get_basic_credentials suboutine in LWP::UserAgent (which SOAP::Transport::HTTP::Client is a subclass):
  BEGIN {
    sub SOAP::Transport::HTTP::Client::get_basic_credentials {
      return 'username' => 'password';
    }
  }

So apparently the only way how to use Basic authentication is to override a global function in some foreign namespace. And what to do when I want to use two SOAP servers with two sets of credentials inside a single application? There are more similar "features" in SOAP::Lite. For example, tracing can only be set up globally in compile-time, or by manually calling ->import().

My dear lazyweb, is there a SOAP module with cleaner design?

UPDATE 2012/11/28: Tracing
FWIW, it is probably easier and cleaner to do both basic authentication and tracing at the transport level - the transport module here is LWP::UserAgent (thanks Adelton for the hint!), so for example handlers described in the LWP::UserAgent manpage work:

$soap->transport->add_handler(
	request_prepare => sub {
		shift->authorization_basic($login, $pass);
	},
);

$soap->transport->add_handler(
	request_send => sub { print STDERR shift->content; },
);
$soap->transport->add_handler(
	response_done => sub { print STDERR shift->content; },
);

I wonder why the SOAP::Lite manpages suggest such dirty ways of handling this (and I have not even started mentioning things like $SOAP::Transport::HTTP::Client::USERAGENT_CLASS global variable; ugh)

Section: /computers (RSS feed) | Permanent link | 3 writebacks

3 replies for this story:

Adelton wrote:

From man page: Because "SOAP::Client" inherits from "LWP::UserAgent", you can use any of "LWP::UserAgent"'s proxy settings. Can't you really apply the same to the ->credentials call? Eg, $soap->transport->credentials($netloc, $realm, $uname, $pass); ?

Adelton wrote:

By the way, who is holding a gun to your head to force you to use SOAP?

Yenya wrote: Re: Adelton

Well, why TF they have "redefine the get_basic_credential" in the POD as their prefered way of handling basic auth then? (ISDS is the gun holder there, but fortunately this is not my job, I just tried to help one of my colleagues :-)

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Tue, 27 Nov 2012

Cookies Auth and 403 Forbidden

In IS MU we have recently abandoned the HTTP basic authentication and replaced it with cookie-based authentication. The main reason was that there is no portable way of logging out of the basic authentication. So I have based our new solution on Apache2::AuthCookie. The problem is, that it does not work correctly with some clients because of the way how the login form is handled.

When the yet-unauthenticated user accesses an URL for authenticated users only, Apache2::AuthCookie returns the HTTP response with "403 Forbidden" status code, and with text/html body containing the login form. That way, the client cannot be possibly lead into the false assumption that the page it just received is in fact the content it wanted to receive. So the user fills the login form, submits it, and the server returns the real page for that URL, this time with "200 OK" status code. This approach seems to be correct (even after reading the RFC 2616 :-). However, we observe problems with the following two use cases:

What to do now? The problem is clearly in the HTTP status code 403, and in its mis-interpretation by some clients. I don't want to return the login form in a 200 OK response, because I need e.g. the web crawlers to know that this is not actually the page they tried to access. As for Symbian, they can be clearly identified by their User-Agent string, so I can return 200 OK only for them. But as for MS Word, I have no clue: what I see is the request made by MSIE (and again, I probably don't want to return 200 OK to every unauthenticated MSIE request). Any other suggestions, my dear lazyweb?

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

Adelton wrote:

I'm not sure about that 403: "Authorization will not help and the request SHOULD NOT be repeated". Since you are using cookies for something it's not technically supposed to be used (authentication), I wouldn't worry about that 200 that much. I'd either make it 200 or 302 to some login page, ideally with some Pragma: no-cache so that spiders don't index/cache it.

Yenya wrote: Re: Adelton

Well, the request after 403 is not repeated (by the browser itself). Apache2::AuthCookie returns a login form in that request, and the action of this form is some different URL (which, by coincidence, returns 302 to the original URL, if correct credentials are submitted). So I still think 403 is a perfectly legal way of returning the login form.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Mon, 12 Nov 2012

Desktop Environment-Specific Apps

I have recently came across this two years old bug report, filled to the bug tracker of Transmission (a Bittorrent client) where a GNOME developer suggests removal of the notification area icon from the application on the basis that GNOME 3 does not support notification area at all.

So if I understand it correctly, we are now living in a world where all the GUI applications have to be dependent on the particular desktop environment, and it should be no longer supported to run - say - Transmission under XFCE, or GIMP under KDE, at least according to GNOME developers. "We GNOMErs do not support notification area icons, so this application should not use it" (even though the application is not used exclusively under GNOME)? Where are the freedesktop.org cross-DE interoperability recommendations?

That said, notification area as such sucks - what I liked most was the original approach of X11: using on-desktop icons for minimized applications (instead of applications and documents shortcuts), and applications displaying their own status in their icon (handled by every window manager using the same ICCCM specification).

Section: /computers/desktops (RSS feed) | Permanent link | 3 writebacks

3 replies for this story:

Martin Putniorz wrote:

GNOME devs are just a bunch of guys who think of themselves as the team of Steves (Jobs). More about it here https://igurublog.wordpress.com/2012/11/05/gnome-et-al-rotting-in-threes/

Yenya wrote: Rotting in threes

Yep. I have also discovered that blog post yesterday. Quite disturbing read, isn't it? And it is not only GNOME, but Ubuntu and others as well.

Milan Zamazal wrote:

Interesting reading, it explains a lot. I'm pretty happy and quite stable with simple and highly customizable environments (StumpWM + Emacs + uzbl) last years. The problem is that such environments are not suitable for nonprogrammers. It seems that Xfce is still going in the right direction, i.e. being easy to use, easy to set up and running well on old hardware. So I'm going to replace GNOME and KDE desktops of my users with Xfce on the next upgrade. Other users may have other needs. E.g. one of positive effects of Ubuntu was that some developers and users preferring smaller and unstable distribution with frequent updates and more buzz have left Debian in favor of a somewhat similar distribution better suited to their needs. This is all right and there has been less tension in Debian since then as there are less attacks on its principles -- I think both Debian and Ubuntu users and developers are happier now.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Fri, 12 Oct 2012

Failed SSD

Yesterday I went to a meeting and brought my laptop with me. I made notes to a text file, and after the meeting closed the lid (my laptop is configured to suspend then) and went away. After returning to my office I have opened my laptop and seen only error messages from the sda drive.

The drive was totally dead, and did not work even in another computer. After plugging it in the SATA controller only printed something like "resetting SATA channel", so it did notice something has been plugged in, but nothing more. I had to teach my UNIX course in two hours, so I had to quickly find a replacement, install a new system, and configure it for presentation. Fortunately, I had a "spare" 2.5" drive prepared as a replacement of the root FS of my workstation. So I deleted the already configured system for my workstation, and used that.

Have you anybody seen a similar problem? The drive was "iops-optimized" OCZ Vertex II, about a year old. Fortunately, I use LUKS, so I can send it back to the vendor without worrying about my data.

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

Lukas wrote:

We have SSD drives (250GB KINGSTON) in our workstations. For last year and half, we encouraged 5 total drive failures in our 7 member team. I think that this technology is still immature.

Jakub wrote:

If you still run Fedora, make sure that TRIM is enabled w/ LUKS: http://forums.fedoraforum.org/archive/index.php/t-278455.html

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Mon, 06 Aug 2012

Enterprise Bug Fixes

Today, an unimportant but interesting bug #313291 has been fixed in RHEL 5. Here is the timeline:

I am grateful that the bug has been fixed after all this time, but I don't use RHEL 5 anymore, and mutt in RHEL 6 got the fix from the upstream.

I wonder why they even bothered to fix the bug after so much time, and even release the new mutt package fixing this single bug. This is not a complaint, this is hopefully an interesting insight to the release process of RHEL packages. Maybe some high-profile customer wanted this bug fixed. Who knows?

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

Vašek Stodůlka wrote:

...or maybe some package maintainer, whose salary is dependent on how many bug fixes he delivers, wanted to earn some easy money, or package maintainers have a new boss, who want to earn some points and he wants to have "fixed bugs in month" key performance indicator higher, than the previous man. :-)

wrote:

... or maybe we just reached 5th year of fixing more important issues of RHEL5. :))

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Mon, 02 Jul 2012

404: /undefined

In IS MU, we log and evaluate errors in HTTP requests, including "404 not found". When the Referrer header points back to our site, we try to look for a broken link. Recently (last month or so), strange 404 requests started to appear in our log file:

These requests point to the location /undefined, with referrer being our root document, /. And the referrer is not fake, there is always a successful request to / from the same IP address from several seconds ago. Occasionally we get similar 404 requests, pointing to /lide/undefined, or /vyhledavani/undefined, with referrer being /lide, or /vyhledavani.

We are not able to reproduce the problem. It is not User-Agent-specific (altough most of the User-Agents with this problem are Chrome), and it is not deterministic: we got tens of these 404 requests daily out of milions total requests (and out of tens of thousands of requests to the title page). These requests are always for a non-authenticated page, and always for a page which is a directory (i.e. which is represented by the index.html or index.pl document in that directory).

I think it is related to some Javascript we include to the title page - maybe JQuery, maybe Google Analytics. I have tried to remove the Google Analytics Javascript from our title page for a day, but it did not make the problem disappear. Also, our git log from the time these requests started to appear does not show anything related. We have found the following possibly related discussions:

So, my dear lazyweb - any ideas what can be the cause of this behaviour?

UPDATE 2012/07/03: It is probably AJAX
Yesterday have added a new image to the 404 page which meets the above conditions (location ending with "/undefined", referrer being the location minus "/undefined"), and so far after > 12 hours I see exactly zero accesses to that image in my Apache logs. So this error is most probably caused by something that users can't see, i.e. AJAX requests. Not the window.location modification that himdel suggests in the coments.

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

himdel wrote:

I think it's the autocompletion .. or, more specifically, ancient jQuery:

With jQuery 1.7 $(span) works as expected but in 1.3.2 it's null. Hope that helps :).

Yenya wrote: Re: himdel

Thanks, I will look at the autocompletion. But this would mean item[0] was set to an empty string. Moreover, I don't see any request to autocompletion (/naseptavac_data.pl) in my access logs before the request to /undefined is made.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Fri, 18 Nov 2011

Google Authenticator

For some time, I have been considering adding two-factor authentication to my systems in order to prevent break-ins in case somebody's workstation is compromised (which is a common attack vector these days). One of the systems for one-time passwords is Google Authenticator.

G-A has an application for many smart-phone platforms (Android, iOS, Blackberry), and has a PAM module, which is even packaged in Fedora. It stores users' secrets in a file in the home directory, and uses 6-digit time-based passwords and 8-digit emergency scratch passwords. The configuration in Fedora is pretty straightforward:

There are several problems with SSH-daemon, though:

Especially the second problem is pretty serious, as I wanted to allow also public key + one-time password authentication there.

So, my dear lazyweb, what kind of two-factor authentication do you use?

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

Adelton wrote:

Dan has just released post to his blog at http://danwalsh.livejournal.com/48161.html -- I did not dig deep whether it solves or just reiterates the SELinux problem thou.

Yenya wrote: Re: Adelton

Yep. The SELinux team has definitely the best response time (and attitude!) in Fedora bugzilla. There is further discussion ongoing in this BZ entry. For all interested parties, I suggest to continue discussion in that BZ.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Mon, 03 Oct 2011

Dear Customer,

[...] we would also like to inform you about the following change in your network: a new address has been assigned to you: 2001:4cc8:...::/64.

Netbox apparently supports IPv6 now. Yay!

Section: /computers (RSS feed) | Permanent link | 2 writebacks

2 replies for this story:

dan wrote:

I got that e-mail as well! I've got to try it, hopefully it's not an error in the matrix :-).

Cohen wrote:

https://konto.netbox.cz/sco/network/ipv6

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

Wed, 15 Jun 2011

High-Performance HTTP Servers

Yesterday I have read about Apache Traffic Server. My dear lazyweb, do you use something like that (or Nginx)? What is your main reason for using it? I wonder why use user-space solution, when IPVS works pretty well for load balancing.

Section: /computers (RSS feed) | Permanent link | 1 writebacks

1 replies for this story:

Miroslav Suchy wrote: Perlbal

I used to use Perlbal as reverse proxy server. Why I did not used some kernel module? User space is much better for maintenance. At least for me. I can create new instance of Perlbal in 5 minutes and it will not require maintenance ever. I could not say that for kernel modules as I'm upgrading kernel whenever update from distro come.

Reply to this story:

 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comments:
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)

About:

Yenya's World: Linux and beyond - Yenya's blog.

Links:

RSS feed

Jan "Yenya" Kasprzak

The main page of this blog

Categories:

Archive:

Blog roll:

alphabetically :-)