2010-12-31: |
The only way to really be secure with SSL
One group that can sensibly use non-GPL'd Linux kernel modules
|
2010-12-30: |
Why you need select() even with communication channels
|
2010-12-29: |
Spam as a tax on public participation in open source projects
|
2010-12-28: |
A modest proposal for fixing your bug tracker
|
2010-12-27: |
Users don't care about security
|
2010-12-26: |
A lesson for myself: write tests. Really.
|
2010-12-25: |
Garbage-collected languages and memory allocation failures
|
2010-12-24: |
The jurisdiction problem with making SSL CAs liable for things
|
2010-12-23: |
More on the Unix interpreter startup problem
|
2010-12-22: |
The Unix interpreter problem(s)
|
2010-12-21: |
Why I want tests to be easy to write
|
2010-12-20: |
I don't understand how to test complex data structures
|
2010-12-19: |
A tale of memory allocation failure
|
2010-12-17: |
A Python (non-)idiom that I should really avoid
Sometimes bugs have very small edit distances
|
2010-12-16: |
The elements of a non-event
|
2010-12-15: |
Always remember that people make mistakes
|
2010-12-13: |
Fumbling towards understanding how to use DRBD
A program that I want to write: a 'sink' SMTP server
|
2010-12-12: |
One problem with the files-in-directory approach to configuration
|
2010-12-11: |
The danger of having system programmers around, illustrated
|
2010-12-10: |
How to get sysadmins to never use your software again
|
2010-12-09: |
A small request for C programmers: no static locals
|
2010-12-08: |
Exploring a limitation of the DTrace fbt provider (on x86)
|
2010-12-07: |
More on https as a necessary mistake
|
2010-12-06: |
What performance anomalies mean
|
2010-12-05: |
A log message format mistake that I've made
|
2010-12-03: |
Asking users questions never increases security
Why https was a mistake, but an inevitable one
|
2010-12-02: |
My view of OpenSolaris and Illumos
|
2010-11-30: |
A modest idea on how to get people to use Fedora Rawhide
|
2010-11-29: |
Why low quality encryption is not better than no encryption
Why 10G Ethernet is not a near-term issue for us
|
2010-11-28: |
Why I am harsh on Solaris Live Upgrade and similar tools
|
2010-11-27: |
Why I'm not really interested in Solaris's Live Upgrade stuff
|
2010-11-26: |
My view on Wayland replacing X in Linux
|
2010-11-25: |
An example of the progress of the modern web
|
2010-11-24: |
My oddly inconsistent caution (or paranoia) with email addresses
|
2010-11-22: |
Where to find the Illumos source repository
|
2010-11-21: |
Why I think some coding tricks are especially damaging
|
2010-11-20: |
Why I avoid DSA when I have a choice
More on those Python import oddities
|
2010-11-18: |
My current Apache SSL cipher settings
Thinking about how long our infrastructure will last
|
2010-11-16: |
When good ideas go bad: how not to do a file chooser dialog
|
2010-11-15: |
The language dilemma for production software
|
2010-11-14: |
Four reasons to have a firewall
The ordering of SSL chain certificates
|
2010-11-13: |
How os.path exposes some Python import weirdness
|
2010-11-11: |
The changing assumptions about viruses in email
Some yum tricks with distro-sync and --releasever
|
2010-11-09: |
Directory link counts and a find trick
|
2010-11-08: |
A find optimization and a piece of history, all in one
When Linux's rp_filter might make sense
|
2010-11-07: |
When you should care about security
|
2010-11-06: |
Modern versions of Apache and Redirect
|
2010-11-05: |
GNU sort and -k : a gotcha
|
2010-11-04: |
What we (currently) use virtualization for
|
2010-11-03: |
One reason that I call us a midsized environment
|
2010-11-01: |
Redirecting from HTTP to HTTPS is a bad security idea
|
2010-10-31: |
How I run two Firefoxes at once and still have remote control
How I set up my isolated testing Firefox environment
|
2010-10-30: |
A very convenient trick: having a testing browser
|
2010-10-29: |
What problems the Maildir mail storage format solves
|
2010-10-27: |
An extra problem with not documenting things in open source modules
A modern VCS mistake enabled by working on live trees
|
2010-10-26: |
Why Python's struct module isn't great for handling binary protocols
|
2010-10-24: |
Why we built our own ZFS spares handling system
Why I'm interested in Go
|
2010-10-23: |
My issues with Go's net package
|
2010-10-22: |
My theory on Unix's one chance to have a standard GUI
|
2010-10-21: |
The problems with testing for round-trip capable codecs
|
2010-10-20: |
Round-trip capable character encodings in Python
|
2010-10-18: |
A module that I want in the standard library: Parsing
The cache eviction death spiral
|
2010-10-17: |
Read IO is generally synchronous (unlike write IO)
|
2010-10-16: |
The attraction of the milter protocol
|
2010-10-15: |
How big our fileserver environment is (part 2)
|
2010-10-13: |
How big our fileserver environment is (part 1)
Why visited links being visible is important for blog usability
|
2010-10-12: |
Why non-linear directories have not been popular in filesystems
|
2010-10-11: |
The Unix directory problem and the history of directories
|
2010-10-10: |
Fixing Upstart's coupling of startup script presence and activation
|
2010-10-09: |
An illustration of how careful and clever spammers are today
|
2010-10-08: |
Why I am unhappy with Upstart right now
|
2010-10-07: |
In universities, you often buy hardware when you can
|
2010-10-06: |
What is going on with Samba's POSIX locking on NFS on Linux
|
2010-10-05: |
Why people combine NFS with Samba servers
|
2010-10-04: |
Linux, Samba, NFS, and POSIX locking
|
2010-10-03: |
An API mistake Unix has made several times
|
2010-10-02: |
ZFS resilvers are a whole-pool activity
|
2010-09-30: |
Stopping kernel updates on Ubuntu
A lot of my bugs are conceptual oversights
|
2010-09-29: |
A surprise about random IO versus unnecessary IO
|
2010-09-27: |
Why there is no POSIX standard for a Unix GUI
Why Grub2 doesn't solve my Ubuntu kernel problem
|
2010-09-26: |
The problems with OpenSolaris
|
2010-09-25: |
How Usenet used to be a filesystem stress test
|
2010-09-24: |
Frames were never necessary for menus and tables of contents
|
2010-09-23: |
Why things should be in Python's standard library
|
2010-09-22: |
The mysteries of video cards for Linux
|
2010-09-20: |
Dear Solaris boot sequence: SHUT UP
|
2010-09-19: |
Your on the fly control system should not use toggles
Some notes on (dynamic) Bind 9 logging
|
2010-09-18: |
Another reason why I don't like Ubuntu kernel packaging
|
2010-09-17: |
More on the module selection problem
|
2010-09-15: |
Why I like modules to be in the Python standard library
An overview of the Debian and RPM source package formats
|
2010-09-14: |
A confession: I find third party modules awkward in Python
|
2010-09-13: |
Why you want a recursive-forwarding caching nameserver
|
2010-09-12: |
Keyword expansion: why RCS rewrites files when you commit them
One aspect of getting used to modern version control
|
2010-09-11: |
A simple thing that every package management system should have
|
2010-09-10: |
Go's network package and IPv6 (and my ideal version thereof)
|
2010-09-09: |
Go, IPv6, and single binding machines
|
2010-09-07: |
My new view of DomainKeys
|
2010-09-06: |
Sorting out DomainKeys and understanding its limits
|
2010-09-05: |
An observation from changing my password
A plan to deal with my feed reader problem
|
2010-09-04: |
The laziness of a programmer, illustrated
|
2010-09-03: |
Finally understanding the attraction of AJAX
|
2010-09-02: |
Why Python's global is necessary
|
2010-08-31: |
I don't understand how net.ipv4.conf.*.rp_filter can work
|
2010-08-30: |
My avoidance of Python global variables
|
2010-08-29: |
A Bourne shell irritation: no wildcard matching operator
How many uberblock copies ZFS writes on transaction group commits
|
2010-08-28: |
The different between an SMTP proxy and a SMTP relay
|
2010-08-27: |
My impressions of Google Chrome so far
|
2010-08-25: |
A Windows moment on my laptop
The limitation of templates for web design changes
|
2010-08-24: |
A design mistake in my comments form
|
2010-08-23: |
Why I hate the Solaris 10 version of /bin/sh
My (probably wrong) assumption about Flash on Fedora
|
2010-08-22: |
Another reason to hate $LANG and locales on Unix
|
2010-08-21: |
A sudden realization about Unix access time updates and disk mirrors
|
2010-08-20: |
A clever blog anti-usability trick
|
2010-08-19: |
Getting Flash to work on my upgraded 64-bit Fedora 13 machine
|
2010-08-18: |
Please, no automatic scrolling to the next item
|
2010-08-17: |
The two sorts of Referer spam that I see
|
2010-08-16: |
What OpenSolaris's death probably means for us
|
2010-08-15: |
Why I change font sizes
|
2010-08-14: |
What I want in a caching nameserver
|
2010-08-13: |
PPP over ssh: solving problems with indirection
|
2010-08-12: |
Many programs should provide an easy way to change font size
|
2010-08-11: |
You should have a way to purge history
|
2010-08-10: |
Upgrading to Fedora 13 with my first yum upgrade
|
2010-08-08: |
The joy of debugging other people's programs
A personal view of the Fedora versus Ubuntu issue
|
2010-08-07: |
Why buying a Linux machine is not such a simple thing
|
2010-08-06: |
A thing I miss in the modern X world: command line arguments
|
2010-08-05: |
Doing unsigned 32-bit integer math in Python
|
2010-08-04: |
Good Solaris news from Oracle for once
|
2010-08-02: |
How OpenBSD's pf source-hash maps internal IPs to NAT pool IPs
|
2010-08-01: |
The consequence of Oracle's Solaris decisions
|
2010-07-31: |
The other peculiar effects of grant funding at universities
It's the indirect failure modes that will get you
|
2010-07-30: |
A little modern Unix twitch
|
2010-07-29: |
Some brief notes on OpenSSH's known_hosts hashing
|
2010-07-28: |
My Fedora 8 problem: upgrading
|
2010-07-27: |
What I would now do differently in a file based blog engine
|
2010-07-25: |
Why sysadmins almost never replace distribution packages
iSCSI versus NFS
|
2010-07-24: |
Thinking about the implications of your program being successful
|
2010-07-23: |
A realization about why my inbox keeps being my to-do tracker
|
2010-07-22: |
Why keeping /etc under version control doesn't entirely help
|
2010-07-21: |
The easy way to do fast OS upgrades
|
2010-07-20: |
The sysadmin view of messages from programs
|
2010-07-19: |
Why blog calendar widgets are bad
|
2010-07-18: |
How I solve the configure memory problem
|
2010-07-17: |
More building blocks of my environment: tkrxterm , tkssh , and pyhosts
|
2010-07-16: |
Realistic blog usability
|
2010-07-14: |
Making the Linux kernel shut up about segfaulting user programs
The challenges of shared spares in RAID arrays
|
2010-07-13: |
Sun Support's habit of publicizing private bug reports
Single-level list flattening in Python
|
2010-07-12: |
On (not) logging calculated statistics
|
2010-07-11: |
When is using SQL the right answer?
|
2010-07-10: |
People forget exceptions
|
2010-07-08: |
Unix programs should avoid exiting non-zero for clever reasons
|
2010-07-07: |
A gotcha with the Bourne shell's set -e and &&
|
2010-07-06: |
How zpool status reports on ZFS scrubs and resilvers
ZFS scrubs and resilvers are not sequential IO
|
2010-07-05: |
A thesis: noisy email addresses are dead
|
2010-07-03: |
/u , one of our long-standing Unix customizations
Returning to the era of 'duplicated' Ethernet addresses
|
2010-07-02: |
A gotcha with Python's socket.htonl() and ntohl()
A corollary to the limits of anti-spam precautions
|
2010-06-30: |
An update on comment spammer behavior here on WanderingThoughts
|
2010-06-29: |
Converting between IPv4 addresses and 32-bit integers in Python
There is such a thing as too much SQL (a reminder to myself)
|
2010-06-28: |
The great irritation of hidden access controls
|
2010-06-27: |
How we propagate password information in our fileserver infrastructure
|
2010-06-26: |
The Unix system UID and login name problem
|
2010-06-25: |
Python class definitions can be nested
|
2010-06-24: |
The elements of fileserver infrastructure
|
2010-06-23: |
The advantages of separate machines for separate things
|
2010-06-22: |
Why feed readers are not good for skimming things
|
2010-06-21: |
Applying low distraction design to alerting systems
|
2010-06-20: |
How my mail notifier avoids interrupting me
|
2010-06-19: |
Don't make your 'I am processing' animation too complex
|
2010-06-18: |
ZFS and multi-pool shared spares
|
2010-06-17: |
One reason why I prefer browser windows to browser tabs
|
2010-06-16: |
The problem of testing firewall rules changes
|
2010-06-14: |
The practicalities of non-GPL'd Linux kernel modules
A thought on feed readers versus the social web
|
2010-06-13: |
A (surprising) missing Unix tool program
|
2010-06-12: |
iSCSI Enterprise Target 1.4.20.1 and disk write caches (and ZFS)
|
2010-06-11: |
What I know about ZFS and disk write caches
|
2010-06-10: |
What an iSCSI Enterprise Target kernel message really means
|
2010-06-09: |
The challenge of analyzing NFS packet traces
|
2010-06-08: |
Focusing on what you actually need in a program
|
2010-06-07: |
One problem with testing system changes
|
2010-06-06: |
The quiet death of postmaster@anywhere
|
2010-06-04: |
How to set up your module exceptions to be useful
How disk write caches can corrupt filesystem metadata
|
2010-06-02: |
A ZFS feature wish: rewriting read errors
|
2010-06-01: |
My sad little irritation with Twitter
|
2010-05-31: |
Another building block of my environment: sshterm
|
2010-05-30: |
The end of university-provided email is probably nigh
|
2010-05-29: |
UPSes: defense against problems, or sources of them?
Some comments on spam scoring and anti-spam tools in general
|
2010-05-28: |
Why I am really unhappy with ZFS right now: a ZFS import failure
|
2010-05-27: |
One benefit of relying on third-party (anti-)spam filtering
|
2010-05-25: |
Watch out for quietly degrading SATA disks
|
2010-05-24: |
Give your personal scripts good error messages
|
2010-05-23: |
Replacing modules for testing (and fun)
|
2010-05-22: |
How I fixed Google's search results redesign
Why I'm wrong about what sort of APIs C's stdargs allows
|
2010-05-21: |
An example of an API that you can't do with C stdargs
|
2010-05-20: |
The limitations of C's varargs support
|
2010-05-19: |
Why RPM's .rpmnew files don't work in practice
|
2010-05-18: |
An illustrated example of how not to do package updates
|
2010-05-16: |
You should also document why you didn't do attractive things
A theory about our jumbo frame switch firmware bug
|
2010-05-15: |
Why we don't use jumbo frames for iSCSI: a cautionary tale on testing
|
2010-05-14: |
A sysadmin mistake: shooting your virtual foot off
|
2010-05-13: |
Python exceptions for C programmers
|
2010-05-12: |
'Borrowing' IPv4 netblocks to get around address space exhaustion
|
2010-05-11: |
Retrospectives are uncommon
|
2010-05-10: |
A little vi twitch
|
2010-05-09: |
Why diskless Unix machines lost out
|
2010-05-08: |
SSL certificate vendors are selling a commodity
|
2010-05-06: |
Oracle's future for Sun's hardware and OS business is now clear
The right way and the wrong way to disable init.d services
|
2010-05-05: |
The right way to fix ZFS disk glitches (at least for us)
|
2010-05-04: |
Dear software packagers, startup scripts edition
|
2010-05-03: |
Keeping track of filesystem consistency
|
2010-05-02: |
A brief history of fsck
|
2010-04-30: |
A rule of thumb: Automate where you can make mistakes
Never kill the screen locker
|
2010-04-29: |
How you access an object can be important in Python
|
2010-04-28: |
Altering a Python function's local variables with a trace function
|
2010-04-27: |
Evolving our mail system step 1: adding an external mail gateway
|
2010-04-26: |
How we moved from a black-box mailer configuration to a white-box one
|
2010-04-25: |
An observation about Twitter (and Google)
|
2010-04-24: |
Evolving our mail system: the overview and our goals
|
2010-04-23: |
What per-partition disk IO stats you get from the Linux kernel
|
2010-04-22: |
The latest Solaris licensing and support rumbles
|
2010-04-21: |
The advantage of garbage collection for APIs
|
2010-04-20: |
Standard format Unix errors in Python programs
|
2010-04-19: |
Why you don't want to host your MTA machine in the cloud
|
2010-04-18: |
I think it's time to turn off automatic periodic ext3 fscks
|
2010-04-17: |
The 30 second elevator pitch on HTML 4.01 (vs XHTML)
|
2010-04-16: |
How to write to stderr so people will like you
|
2010-04-15: |
The standard format Unix error messages
|
2010-04-14: |
The myth of a completely shared knowledge base across sysadmins
|
2010-04-13: |
The impact of single-disk slow writes on mirrors (and other RAID arrays)
|
2010-04-12: |
The importance of figuring out low-level symptoms of problems
|
2010-04-11: |
The comedy potential inherent in people reusing your address space
|
2010-04-10: |
Why commands can never afford to get it wrong in a version
|
2010-04-09: |
The processing flow of a network copying program
|
2010-04-08: |
A little script: sshup
|
2010-04-07: |
Our current mail system's configuration
|
2010-04-06: |
How not to set up IP aliases on Ubuntu (and probably Debian)
|
2010-04-05: |
An important thing about how ZFS handles spares
|
2010-04-04: |
The problem with header and footer overlays on web pages
|
2010-04-03: |
A DVCS advantage for open source development
|
2010-04-02: |
Notes on the compatibility of crypted passwords on various Unixes
|
2010-03-31: |
Looking back at a year of our disk-based backup system
Remote applications and Gnome settings: an irritation
|
2010-03-30: |
One possible future for Solaris
|
2010-03-29: |
More signs of Oracle's view of Solaris
My theory on why our worklogs work for us
|
2010-03-28: |
The evolution of checklists in my work
|
2010-03-27: |
Testing in the face of popen()
|
2010-03-26: |
Tkinter sometimes has a busy-wait main loop (more or less)
|
2010-03-25: |
The problem with overly verbose package installation
|
2010-03-24: |
One reason why 'zpool status ' can hang
|
2010-03-23: |
No DSL is 'human-readable' as such
|
2010-03-22: |
Why I exploit Python to shim modules for testing purposes
|
2010-03-21: |
The power of 'I like this' in social applications
|
2010-03-20: |
Web analytics versus GET parameter security
|
2010-03-19: |
The problem with general purpose languages as configuration languages
|
2010-03-17: |
How Solaris 10's mountd works
Another building block of my environment: rxterm
|
2010-03-16: |
The Solaris 10 NFS server's caching of filesystem access permissions
|
2010-03-15: |
How to create pointless error reports (and how not to)
|
2010-03-14: |
Space and content
|
2010-03-13: |
A surprising lack: milter clients
|
2010-03-12: |
End results versus what's inside the black box
|
2010-03-11: |
Why the pam_mail PAM module is not my friend
|
2010-03-10: |
Mythology about Unix workstations
|
2010-03-09: |
How not to design an API (in C): the enum ordering mistake
|
2010-03-08: |
Exceptions versus error return values
|
2010-03-07: |
Why I don't expect third-party support for OpenSolaris
|
2010-03-06: |
Pushing code changes upstream is hard work
|
2010-03-05: |
PCs are (or can be) Unix workstations
|
2010-03-04: |
You want to do spam forwarding on a separate machine
|
2010-03-03: |
All syndication formats use XML
|
2010-03-02: |
A building block of my environment: rxexec
|
2010-02-28: |
Why XML is terrible for configuration files
The dividing line between supporting code and forking it
|
2010-02-27: |
An 'email marketing' wish
|
2010-02-26: |
The remaining Unixes (and their manpages)
|
2010-02-25: |
Reading the Oracle tea leaves for Solaris
|
2010-02-24: |
How to listen on a socket in the modern IPv6-enabled world
|
2010-02-23: |
What Linux's getaddrinfo() is doing with IPv6 (on some versions)
|
2010-02-22: |
Unix portability and scripting language versions
|
2010-02-21: |
It's sinking in that Sun is gone
|
2010-02-20: |
Viral marketing versus word of mouth marketing
|
2010-02-19: |
Using socket.getaddrinfo to look up IP addresses
|
2010-02-18: |
Some notes on using socket.getaddrinfo()
|
2010-02-17: |
The purpose of configuration files
|
2010-02-16: |
A Linux gotcha about daemons and bindv6only
|
2010-02-15: |
IPv6 with Lighttpd on Linux
|
2010-02-14: |
Brief notes on IPv6 support in some Linux programs
|
2010-02-13: |
Some stuff on dual-bound IPv6 sockets on Linux
|
2010-02-12: |
The many IPv6 addresses of an IPv4 machine
|
2010-02-11: |
Forcing your webpage content to scroll is generally a bad idea
|
2010-02-10: |
Beware of using Linux's hostname -s switch
Some thoughts about 6to4
|
2010-02-09: |
Why your program should have an actual configuration file
|
2010-02-08: |
A thought on deliberately slow disaster recovery
|
2010-02-07: |
The problem with blog footnotes
|
2010-02-06: |
Why a laptop is not likely to be my primary machine any time soon
|
2010-02-05: |
Emergency procedures checklists need check steps
|
2010-02-03: |
Outdated documentation is especially risky for sysadmins
Link: Pollution in 1.0.0.0/8
How to destroy people's interest in updating documentation
|
2010-02-02: |
What charging credit cards doesn't prove
|
2010-01-31: |
More vim options it turns out that I want
Thinking about syndication feeds and spoilers
|
2010-01-30: |
I'm puzzled about DNS glue records in the modern world
|
2010-01-29: |
A theory about Apple's new iPad
|
2010-01-28: |
Always sign exactly what you are authenticating
|
2010-01-27: |
AT&T's mad unbundling and the damage it did to Unix
|
2010-01-26: |
Why the modern age is great
|
2010-01-25: |
You can only really expire cookies on the server
|
2010-01-24: |
How I should have done password crypto for DWiki
|
2010-01-23: |
A Python safety tip: Do notice that things can throw exceptions
|
2010-01-22: |
Three ways to get tracebacks in your CGI Python application
|
2010-01-20: |
The argument for not managing systems via packages
One of the things that killed network computers (aka thin clients)
|
2010-01-19: |
OpenSolaris versus Solaris
|
2010-01-18: |
More on mismatched sectors on Linux software RAID mirrors
|
2010-01-17: |
I do not like Unix's fossilization
|
2010-01-16: |
Different visions of what packaging systems are for
|
2010-01-15: |
Packaging systems should support overlays
|
2010-01-14: |
Packaging systems should be comprehensive
|
2010-01-13: |
One reason why you should not let people register other people
|
2010-01-12: |
How systems get created in the real world
|
2010-01-11: |
In praise of crash (and kernel source)
|
2010-01-10: |
Why the Solaris packaging system is bad
|
2010-01-09: |
Patch management is part of package management
|
2010-01-08: |
A brief and jaundiced history of Unix packaging systems
Interesting things can happen when you scale things up
|
2010-01-06: |
A theory on why most browsers control their own list of CA roots
The department's model for providing computing support
|
2010-01-04: |
Some thoughts on battery backup for RAID controller cards
Turning synchronous channels asynchronous
|
2010-01-03: |
Go interfaces are not my sort of interfaces
|
2010-01-02: |
Proper disclosure, or how not to be a comment spammer
|
2010-01-01: |
Brief bits from the evolving ipsCA failure
|