Wandering Thoughts archives

2011-12-31: Why CA-based SSL is not likely to be replaced any time soon
My thoughts on the mockist versus classicalist testing approaches
2011-12-30: Why I don't like Python 3 dropping the comparison function for sorting
2011-12-29: An empirical exploration of whether spammers take Christmas off
2011-12-28: Blog entries should have visible dates (usually)
2011-12-27: Python 3 from the perspective of someone writing new Python code
2011-12-26: Labs versus offices for sysadmins (or at least us)
More wiring for sysadmins: sysadmins and gigabit networking
2011-12-25: Why office switches plus VLANs aren't the answer for sysadmins
2011-12-24: Wiring offices for sysadmins
2011-12-23: Disk space in the modern world
2011-12-21: Python 3 from the perspective of someone with existing Python code
2011-12-20: SSH, man in the middle attacks, and public key authentication
A little script: nssh
2011-12-19: An advance fee fraud spam aphorism
2011-12-18: Understanding the close() and EINTR situation
2011-12-17: Python 3 from the perspective of a Unix sysadmin
2011-12-16: Avoiding the classic C quoting bug in your language
2011-12-14: Practical issues with REST's use of the Accept header
What makes backups real
Shell functions versus shell scripts
2011-12-13: I'm on Twitter now
DWiki's code is now on Github (among other things)
2011-12-12: How not to improve your package updater application
What debugging info I want from things like SMF and systemd
2011-12-11: head versus sed
2011-12-10: ZFS pool activation and iSCSI (part II)
2011-12-09: A quiet advantage of the systemd approach to service management
2011-12-08: Another reason sysadmins should program
2011-12-07: Understanding the Solaris iSCSI initiator (a bit)
2011-12-06: What I know about boot time ZFS pool activation (part I)
2011-12-05: Debuggers and two sorts of bugs
2011-12-04: The current state of GPT, EFI, and Linux
2011-12-03: Why I have comments here
Link: Russ Cox's articles on regular expressions
2011-12-02: The many ways PCs can dual boot multiple OSes
2011-11-30: On how PCs boot and hard disk partitioning
My mouse button bindings in fvwm, my window manager
2011-11-29: The alternate screen terminal emulator plague
2011-11-28: The login name problem
2011-11-27: Why processing things in inode order is a good idea
2011-11-26: About the order that readdir() returns entries in
2011-11-25: Python instance dictionaries, attribute names, and memory use
2011-11-24: About SATA port multipliers
2011-11-23: The many names of Linux SATA devices
2011-11-21: A cheap caching trick with a preforking server in Python
Mouse scroll wheels versus buttons that you actually want to use
The likely cause of my IPSec dropped packet mystery
2011-11-20: Google Groups fails both anti-spam and basic mailing list management
2011-11-19: My Liferea crashes are not Liferea's fault
2011-11-17: The drawback of modern X font handling
A classic and standard C quoting bug
2011-11-16: Solaris is not an enterprise operating system
2011-11-15: A scroll wheel experiment
2011-11-13: Thinking about how to test our UPSes
A confession about our ZFS configuration
2011-11-12: (Not) parsing wikitext
2011-11-11: My view of the right way to copy lists in Python
2011-11-10: Praise for systemd
2011-11-09: The disappearance of separate filesystems for /usr and /var
2011-11-08: Files and fundamental filesystem activities (on Unix)
2011-11-07: An IPSec mystery with dropped packets
2011-11-06: Ubuntu does system disk mirroring right
2011-11-05: Understanding Apache's Allow, Deny, and Order directives
2011-11-04: More on my Firefox 7 extensions
2011-11-03: My Firefox 7 extensions
2011-11-02: Attention marketers: blog comments are not email
2011-10-31: Why 'quiet' options to programs aren't as useful as you think
Deduplication is always going to be expensive
2011-10-30: Why we have a VPN
2011-10-29: Why ZFS dedup is not something we can use
2011-10-28: ZFS features that could entice us to upgrade Solaris versions
2011-10-27: A Wikitext formatting mistake that I made here
2011-10-26: How to fail at useful cryptography: bad error messages
2011-10-25: A reason not to automate: policy flexibility
2011-10-24: Salting passwords compared to slow password hashing
2011-10-23: Boiling frogs and PC performance
2011-10-22: Fedora 15 versus me
2011-10-21: How I'm capturing only the last portion of standard error
2011-10-20: The kind of computer usage I think Gnome 3 is targeting
2011-10-19: Defending Berkeley's forced choice in network device naming
2011-10-18: The Ethernet device naming mistake (or one part of it)
2011-10-17: What I want out of stable device names
2011-10-15: Why I say Fedora 15 could get my machine's Ethernet's name right
The problem with Fedora 15's consistent network device naming
2011-10-14: Power consumption numbers for my 2011 home machine
2011-10-13: The problem with event loops
2011-10-12: The true cost of sysadmin time (actually, of anyone's time)
2011-10-11: Why people are attracted to minimal language cores
2011-10-10: Arranging scopes for for loops
2011-10-09: My view of the state of graphics cards for Linux (in fall 2011)
2011-10-08: My new Linux machine for fall 2011 (planned)
2011-10-07: Python's philosophy of what closures close over
2011-10-06: Thinking about event loops versus threads
2011-10-05: Understanding the motivations of mail service vendors
2011-10-03: On CPython, cell objects, and closures
My idea of how a modern mailing service should work
2011-10-02: Another comment spam precaution that no longer works out
2011-10-01: Understanding a tricky bit of Python generators
2011-09-30: Some thoughts from a close view of catastrophe
Unit testing by analogy to scientific hypotheses
2011-09-28: A multilevel view of DevOps (with more balance)
Oracle shows its appreciation for long-term Sun customers again
2011-09-26: DevOps and the blame problem: an outsider's view
2011-09-25: How we handle iSCSI device names in Solaris
Danger signs for mail senders in SMTP conversations
2011-09-24: Some recent Google spam problems
2011-09-23: Python's attribute lookup order
2011-09-22: An operational explanation of Python types
2011-09-21: I've surrendered on utm_* query parameters in URLs
2011-09-20: Why I still comment out code even with a VCS
2011-09-19: An operational explanation of Python metaclasses (part 4)
2011-09-18: An operational explanation of Python metaclasses (part 3)
2011-09-17: An operational explanation of Python metaclasses (part 2)
2011-09-16: Setting the character encoding for HTML form input
2011-09-15: How your Linux installer should help you set up filesystems
2011-09-14: Graphs are not enough (for your monitoring system)
2011-09-13: 'Web of trust' is a security failure
2011-09-12: An operational explanation of Python metaclasses (part 1)
2011-09-11: The weakness of the certificate authority model, illustrated
2011-09-09: You really want to put your switches in server racks
Things that could happen to your archives
2011-09-08: Archival storage in the modern world
2011-09-06: How not to set up your DNS (part 21)
2011-09-05: The real reason why true asynchronous file IO is hard
2011-09-04: Why true asynchronous file IO is hard, at least for reads
How some Unixes did shared libraries in the old days
2011-09-03: The core of modern Unix shared libraries
2011-09-01: Things I will do differently in the next building power shutdown
2011-08-31: An interesting debugging experience (another tale from long ago)
Who is the audience for a trouble ticket update?
2011-08-29: Devirtualization
Designing services for disengagement
2011-08-28: The problem with busy sysadmins
2011-08-26: Why we don't use a trouble ticketing system
The problem for WSGI middleware
2011-08-25: Trouble ticketing systems and the future
2011-08-24: Why we have a problem with Oracle's Solaris support pricing
2011-08-23: Reading the tea leaves about Oracle, Solaris, and universities
2011-08-22: V8's neat encoding trick for type tracking
2011-08-21: The conflict between caching and tracking on the web
2011-08-20: Why browsers can't really change or validate Last-Modified
2011-08-19: Visibility: an advantage of automation
2011-08-18: You should always use super()
2011-08-17: MH is an iceberg
2011-08-16: An interesting way to shoot yourself in the foot and a limitation of super()
2011-08-15: A bit about what life was like on Unix before shared libraries
2011-08-14: The tragedy of MH
2011-08-12: A Gnome 3 shell extensions failure
One reason we install machines from checklists instead of via automation
2011-08-11: Friendly 'noreply' email addresses
2011-08-10: The 'key plus authenticator' pattern in web apps
2011-08-08: You need to hash web app session IDs
An incomplete list of the ways around MAC address blocking
2011-08-07: What I want out a Symbol type in Python
2011-08-06: Gnome 3: I'm out
2011-08-05: Why sysadmins don't just notify users about compromised machines
2011-08-04: On banning MAC addresses
2011-08-03: How I encode and decode the milter protocol (or, how to write a codec for a sane binary protocol)
2011-08-02: How to make yourself look bad: broken bounce addresses
2011-07-31: Reference counting and multiple inheritance in (C)Python
One of my testing little dirty secrets
2011-07-29: Deciding the meaning of 'disabling' an account (and the value of procedures)
2011-07-28: A directory service doesn't make it easy to disable user accounts
Another reason why version control systems should support history rewriting
2011-07-27: Why not YP, er, NIS
2011-07-26: Disabling an account can be kind of complex
2011-07-25: The risks of using CentOS are split
A little thing that irritates me about common WSGI implementations
2011-07-24: On documenting (or not documenting) binary protocols
2011-07-23: What good secure string expansion on Unix should look like
2011-07-22: String expansion and securely running programs on Unix
2011-07-20: Why I would like my mailer to have a real programming language (part 2)
Our ZFS spares handling system (part 3)
2011-07-18: Thinking about when SQL normalization can improve performance
My view on ORMs
2011-07-17: Another reason to reject spam at SMTP time: as a signal
2011-07-15: Ubuntu, illustrating how to utterly fail at kernel security updates
Something to remember: HTML forms are anonymous
2011-07-14: Ramblings on handling optional arguments in Python
2011-07-12: Why I'm going to be skipping Fedora 15
Some thoughts on creating simple and sane binary protocols
2011-07-11: mxiostat: second generation better Linux disk IO statistics
Some things to think about when doing polymorphic WSGI
2011-07-10: Exploiting polymorphic WSGI again to create cat
2011-07-08: My view on iSCSI performance troubleshooting
2011-07-07: An interesting gotcha with Exim and .forward processing
How Exim makes traditional .forward semantics work
2011-07-06: Our solution to the spam forwarding problem
2011-07-05: Another reason to allow mail origin address forgery
2011-07-04: Our ZFS spares handling system (part 2)
2011-07-03: Why Ubuntu's PAM versioning failure matters
2011-07-02: Dear Googlebot: SMTP is not HTTP
2011-06-30: Some ways to test if a program securely runs other programs
Please have symmetric option negotiations in your protocols
2011-06-29: Our ZFS spares handling system (part 1)
2011-06-28: How to securely run programs from inside your program on Unix
2011-06-27: Formatting information output to make it easy to manage
2011-06-26: Design systems to be managed
2011-06-25: A small wish about parked and squatted domains
2011-06-23: Milter tools for Python and an experiment with coding in public
The ZFS opacity problem and its effect on manageability
2011-06-22: A basic Namespace metaclass for Python
Abusing Python classes as namespaces
2011-06-20: It's long since time for languages to provide sensible network IO
What I need for stream decoding and encoding binary protocols
2011-06-19: The Unix shell initialization problem and how shells should work
2011-06-18: My xdm heresy
2011-06-17: cgroups: so close and yet so far away from per-user fair scheduling
2011-06-16: My three sorts of (Linux) desktops
2011-06-15: The persistence of spammers, illustrated
2011-06-14: A package dependency failure in Fedora 15
2011-06-13: An example of the evolution of a real network
2011-06-12: Noting some wandering thoughts on the occasion of an anniversary
Why [], {}, and () are cheap in Python
2011-06-11: Some notes on __slots__ and class hierarchies
2011-06-10: What __slots__ are good for (or, how to use slots to save memory)
2011-06-09: My issues with Chrome's handling of extensions
More impressions of Google Chrome
2011-06-08: OpenBSD pf rule numbers and tcpdump filtering
2011-06-07: Databases as a compromise damage limiter in web applications
2011-06-06: How much space a Python dictionary entry uses
2011-06-05: A subtle difference between tuples and lists in CPython
2011-06-04: Sometimes having a system programmer around is the right answer
2011-06-03: Ints, __slots__, and Python 3
2011-06-02: My understanding of SQL normalization
2011-05-31: The programmer's problem with WikiText systems
How to fail at versioning
2011-05-30: My recent experience with Firefox's speed
2011-05-29: Getting the stages of the class namespace straight
2011-05-28: The stickyness of Fedora 8 (despite my better intentions)
2011-05-26: You can get 'stale filehandle' errors for local files on extN filesystems
2011-05-25: More not supporting random query parameters in URLs
How Django's form field ordering works
2011-05-24: Proper SQL database design versus the real world
2011-05-23: An aside on RAID-5/RAID-6 and disk failures
2011-05-22: Why losing part of a striped RAID is fatal even on smart filesystems
2011-05-21: One of my irritations: outgoing email that was scored as spam
2011-05-20: Why the kernel does mmap() (beyond efficiency)
2011-05-19: One limitation of simple bisection searches in version control systems
2011-05-18: Why open source projects should use 'git rebase' or the equivalent
2011-05-17: What we could use 10G Ethernet for in the near future
2011-05-16: How our network is implemented (as of May 2011)
2011-05-15: The most interesting reason for an unrouted sandbox network
2011-05-14: Our environment illustrated: what network cable colours mean what
2011-05-13: Our network layout (as of May 2011)
2011-05-11: How ZFS lets you recover from damaged metadata, and what the limitations are
2011-05-10: An important way to get ZFS metadata corruption
A brief summary of how ZFS updates (top-level) metadata
The different ways that you can lose a ZFS pool
2011-05-09: X and the misleading claim of 'mechanisms not policy'
2011-05-08: Fvwm as a window manager construction kit
2011-05-07: Email has two faces today
2011-05-06: A realization about cache entry lifetime and validation
2011-05-05: Thinking about when not disabling iSCSI's InitialR2T matters
2011-05-04: Why xterm's cut and paste model is non-standard and limited
2011-05-03: The importance of xterm for X Windows
2011-05-02: The apparent origins of some odd limitations in the iSCSI protocol
2011-04-30: Our likely iSCSI parameter tuning
2011-04-29: Understanding the iSCSI protocol for performance tuning
2011-04-28: How CPython implements __slots__ (part 2): access
2011-04-27: Mail rejection stats for our external mail gateway
Some notes on what __dictoffset__ on types means in CPython
2011-04-26: A quick look at some spam filtering stats from our system
2011-04-25: An important note about multi-line log message formats
2011-04-24: Notes to myself on the priorities of Linux routing policy rules
2011-04-23: The Upstart dependency problem
2011-04-21: Nailing down new-style classes and types in Python
How CPython implements __slots__ (part 1): storage
2011-04-19: Another reason to avoid using __slots__ in your Python classes
A difference between Python 'structs' and C structs
2011-04-18: What made X Windows so special
2011-04-17: The ultimate (for now) answer for our ZFS ARC size problem
2011-04-16: Cache validators versus cache invalidation
2011-04-15: Why a dynamic website with caching is simpler than a baked site
2011-04-14: More on baking websites to static files and speed
2011-04-13: Some common caching techniques for dynamic websites
2011-04-11: You don't need to bake your site to static files to be fast
The importance of test suites for standards
2011-04-10: The evolution of the git tree format
2011-04-08: An example of modifying a Firefox extension
2011-04-07: Why I don't like Solaris boot archives, illustrated
2011-04-06: Monkey subclassing for fun and profit
2011-04-05: The story of leaving N% of your filesystem unused for performance
2011-04-04: Why logging to syslog is different than logging to standard error
Logs are not just streams
2011-04-03: Please don't alert based on percentages
2011-04-02: How to use gdb to call getpeername()
2011-03-31: A slightly unobvious trap with 'from module import *'
A really annoying gap in system observability
2011-03-30: A realization about code complexity and clarity
2011-03-28: Why you should avoid 'from module import whatever'
The problem with contributing documentation to projects
2011-03-27: Some thinking on proliferating web standards
2011-03-26: How not to issue Linux kernel security update notices
2011-03-25: Sending email via a SMTP connection considered harmful
2011-03-24: XHTML and web authoring folklore
2011-03-22: How to add and use additional fields on Django model formsets
Some notes on doing things with Django model formsets
2011-03-21: Why XHTML was doomed from the beginning
2011-03-20: The devil's advocate argument against paying attention to web standards
2011-03-19: The two sides of (PPPoE) DSL service
2011-03-18: How to configure a (PPPoE) DSL connection on a normal Fedora 14 Gnome desktop
2011-03-17: The timing of production Linux deployments
2011-03-16: Thinking about our alternatives to Solaris
2011-03-15: Our uncertain future with Solaris 11
2011-03-14: Why growing IPv6 usage is going to be fun, especially for sysadmins
2011-03-13: Why programs traditionally used sparse files on Unix
2011-03-12: Trust betrayed: a story of modern email
2011-03-11: What tools I use to deal with email
2011-03-10: What we did to get iSCSI multipathing working on Solaris 10 update 8
2011-03-09: Why feed readers have been a geek flash in the pan
2011-03-08: My personal hard drive capacity curve inflection point
2011-03-07: What terminal emulators I use when
2011-03-06: A fun Linux kernel pty problem, or maybe it's not a problem
2011-03-05: FastCGI's encoding mistakes and how not to design a wire protocol
2011-03-04: Why I call FastCGI complex and SCGI much simpler
2011-03-02: The POSIX shell and the three sorts of Unixes
Filtering, email, and differences from Usenet
2011-02-28: The evolution of filtering (a story from the Usenet era)
The slowdown of Solaris here
2011-02-27: Django's forms are security-smart the way you want them to be
2011-02-26: A belated realization about web spiders and your page cache
2011-02-25: Why I am not enthused about ZFS for my root filesystem
2011-02-23: Handling variations of a page (or, the revenge of REST)
A quick tour of my desktop
2011-02-22: Why I want read-only form fields in Django
2011-02-21: How to get automatic volume management on Fedora 14 without Gnome
2011-02-20: What windows I use window titlebars on
2011-02-19: My view on window titlebars and when they are good and bad
2011-02-18: Another building block of my environment: xrun
2011-02-17: My latest crazy plan to upgrade my home Linux machine
2011-02-16: The myth of isolated, independent sysadmins
2011-02-15: More on an advantage of the blog approach to web writing
2011-02-14: Thinking about misunderstandings (in systems)
2011-02-13: A humbling experience with '#' characters in filenames
2011-02-12: An advantage of the blog approach to web writing versus the wiki approach
2011-02-11: The letdown
2011-02-10: Using Django forms with HTTP GETs
2011-02-09: On flow (a digression)
2011-02-08: Thinking realistically about SQL database field sizes
2011-02-07: My brute force email archive
2011-02-06: Dear Unix mailers: please allow more forgery
2011-02-05: A side note on Google Chrome and the future of HTML
2011-02-04: Why people put NFS mounts in subdirectories
2011-02-03: The real lesson of XHTML
2011-02-02: Django and primary keys versus surrogate keys
My issues with primary keys are not Django specific
2011-01-31: There are two sorts of standards in the world
A little advantage of Django's automatic primary keys
2011-01-30: An obvious realization about SQL foreign keys
2011-01-29: Two things I have discovered about Django schema design
The amusement of minimalist spam
2011-01-28: On programming (and me)
2011-01-27: Not very much about Solaris NFS filehandles
2011-01-26: The various ways of writing a modern Python web app
2011-01-25: The modern Python web application stack (as I understand it)
2011-01-24: Poison pills, a tale of interrupts versus highly structured systems
2011-01-23: The question of how long our greylisting interval should be
2011-01-22: The clash between wikis and blogging
2011-01-21: A bit more on listing file locks on Solaris 10
2011-01-20: Something I've worked out about Django's admin interface
2011-01-18: What I am trying to do with Django
2011-01-17: Wrestling with how to design a schema for a Django app
2011-01-16: More on Linux FHS and /var
Why I don't use either a thin client or a fat client
2011-01-15: Linux's FHS is not the right answer for where to put data directories
2011-01-14: Wikis are not a simple solution for blogging
2011-01-13: One of SELinux's problems is that it's a backup mechanism
2011-01-11: My problem with SELinux
The optimistic view of SELinux's real purpose
2011-01-10: Why really high computer security is not interesting to most people
2011-01-09: What would be nice for SSL is out-of-band certificate binding
2011-01-08: Finding out if you've been hit by careful, clever spammers
2011-01-07: More modest suggestions for bug trackers
2011-01-06: An appreciation for the Posix $( ) command substitution syntax
2011-01-05: An actual use for the CSS overflow property
2011-01-04: A new building block of my environment: dmenu
2011-01-03: On improved but less functional versions of things
2011-01-02: Why there is a gulf between shells and scripting languages

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.