Monthly Archives: November 2010

Kiwicon 2010

I’m spending all weekend at Kiwicon 2010, a IT security/hacking/cracking conference being held in Wellington – this is the 4th Kiwicon, I’ve been to each once since the beginning and it just keeps getting better and better every year.

It’s an interesting mix of networking security, *nix security, windows exploits and other cool geeky or life hacks, well worth attending. :-)

I’ve been taking notes from certain talks and will be posting them up there as well as emailing anyone who wants a copy.

Will add a hyperlink to all notes uploaded on this page. :-)

30 days of geek running late

For those of you following 30 days of geek, apologies, but I’ve an extremely busy week so running a little bit behind. Will try and catch up soon as soon as one large project is out of the way. :-(

Day 21 – Favourite thing & worst things about working in IT?

This post is part of my 30 days of geek challenge.

Overall IT is great and I really can’t see myself doing anything else with as much love and enthusiasm as I have for IT. :-)

Things I love:

  • The people! Such a range of interesting and talented people capable of holding interesting discussions, I’ve made amazing friends from working in IT.
  • The community – this is someone tied into the above, but there is an amazing community of people in IT, who really do support one another, both in work but also in life, though both the good times and hard.
  • Exciting projects, designing the infrastructure that makes modern life and communications possible.
  • Being challenged on a daily basis with interesting problems.

Things I hate:

  • The dating pool! The guys to ladies ratio is really terrible, particularly for younger guys, considering how many people meet their partners whilst at work, this does pose a dating challenge.
  • People having no understand of how complex things in IT can be and expecting miracles.
  • People assuming that working in IT means you’re a boring “computer nerd”. IT is one of the best places full of cool and interesting people. Sure, they’re all geeky as fuck, but it’s great. :-)
  • People who get into IT because it’s a good career but who have no passion for technology and just do it for the money. Fortunately the companies I’ve always worked for have had passionate staff who really do love what they do.

Day 20 – Where do you stand on Internet Censorship?

This post is part of my 30 days of geek challenge.

I’m totally against internet censorship, whether that’s full blown censorship (eg china style) or the western so-called “child-porn filtering”.

The fact is, any system capable of censoring the internet can be taken by someone in power and used against the population, to block undesirable websites – that could be alternative political parties, websites discussing legislation of Marijuana, euthanasia websites, sites featuring “immoral” content such as gay/lesbian content, BDSM, atheist or other non-mainstream interest sites.

It’s a dangerous tool to hand over to someone, even if you trust the government that’s currently in power, will you be able to do the same in 10, 20, 50 years?

The role of a government should be to protect it’s citizens from harm, not make moral questions about what we should think or access to suit their own beliefs.

Governments love using the claim of blocking child porn as a way of getting filtering established – after all, who’s going to try and argue against stopping child porn?

However filtering it won’t stop abuse of children or pedofiles from downloading content, much of the illegal content sharing is done via alternative protocols and wouldn’t be impacted in the slightest.

I entirely support governments going after people downloading or producing that content, but we should not be handing over our freedom in order todo so.

I have a more detailed writeup about what’s wrong with filtering and why it won’t work in an older blog post.

Day 19 – Most hated computing environment.

This post is part of my 30 days of geek challenge.

I’m sure there’s not a lot of doubt about what this post is going to be…. I hate MS windows with a passion – the main reasons being:

  • It’s a proprietary platform, that means I can’t get in there and fix issues myself.
  • I can’t trust Microsoft or the US government not to put backdoors into it for their own benefit.
  • I consider the architecture behind the Windows platform to be vastly inferior to that of *nix systems such as Linux – it’s designed around a single user model and no central repository for application or OS updates.
  • I can jump in and get involved with the development and future of my Linux systems, but would have no such ability with Windows – I get whatever Microsoft chooses to spoon-feed me.
  • Windows has an appalling reputation for security issues.
  • The number of weird ways that MS Windows can fuck itself up is quite unbelievable….

I could rant for several hours about my dislike of windows, but I think I better stop here. :-)

Day 18 – Most cringe-worthy geek moment

This post is part of my 30 days of geek challenge.

Oh dear, where do I start on this? There’s just so many, I can’t help myself, they just happen, it’s a side effect of being a massive geek who doesn’t always think before speaking…

I think the most cringe worthy was recently with an attractive lady who invited me over for drinks and chat at her place. After proceeding to give her lots of exciting information about my laptop, my work and software I was designing, she was naturally en-thrilled and wanted to know more about these exciting things. *

When it was getting late and I was about to leave, she informed me that I “could stay if I wanted” to which I promptly replied “Well that depends, how fast is your wifi?”. **

It just came out without thinking, an automatic response, I dunno what I was thinking  – I’m not exactly sure why she didn’t just boot me out there and then :-/

* so not really

** sadly, this is a true story

Day 17 – Post a useful HOWTO to solve a challenge you’ve come across recently.

This post is part of my 30 days of geek challenge.

I had wanted to post about setting up Solaris 10 with OpenLDAP but my notes need more refining than what I have time for ATM, so instead there’s a lightweight HOWTO on automatically creating home directories during login for centralised authentication setups.

I’ll aim to try and post my Solaris LDAP notes later this week as well. :-)

Automatically creating home directories at login time

One of the initial problems I’ve found after setting up LDAP or some other centralised user information and authentication system, is that unless there’s shared storage mounted on all the servers, you need to manually create home directories for users.

Fortunately there’s a nice PAM module that ships with Linux PAM, called pam_mkhomedir which will automatically create a home directory for a user upon login if one doesn’t already exist, basing it off the standard contents of /etc/skel/

The full information can be found in the man page at

However it’s even easier for RHEL/CentOS/Fedora users, who can use the ever handy authconfig tool to adjust the PAM configuration with a single CLI command:

# authconfig --enablemkhomedir --update

Day 16 – First computer you’ve ever owned & your favourite ever

This post is part of my 30 days of geek challenge.

My first computer would technically have been some long-forgotten i386 that I played around with for a bit, however what I would consider my first true computer was the HP Pavilion 4422 that my parents got me – 433mhz Celeron CPU, 64MB RAM (later upgraded to a speed 192MB), 6GB IDE disk, CDROM drive and a CRT :-D

I started off with that computer running Windows 98 and it was on this computer that I discovered Linux and lead me to the path to becoming the ubergeek that I am today. :-)

It’s actually still running, at my parents as their router/firewall/print server with Red Hat 9, but it really needs replacing at some stage.

Here’s a picture of it in the background behind a much younger version of myself busy discussing matters of vital importance, such as the coolest QBASIC hacks for all the i386 computers in the background to the left.

My favourite computer ever would have to be my Toshiba Libretto U100 ultra-light laptop. The Toshiba Libretto series predated netbooks and packed pretty serious punch for their time, with a Pentium M 1.2Ghz, 1GB RAM, 60GB disk and a sub 1KG weight.

Most amazing was their 7″ LCD screen with 1280×768 resolution, it’s amazingly tiny to look at, I’m sure if I tried to use in 10 years from now I won’t be able to read it.

Words and pictures can’t really describe how small or light this laptop is, it’s barely larger than a VHS tape and incredibly cute.

I still have two of these laptops, however I had to upgrade this year, as the 1GB of RAM just couldn’t cut it any more and my almost 24×7 operation of the laptop since I got it in 2006 has left it slightly unstable and it had started crashing randomly.

But definitely my favourite machine ever, they are quite amazing. :-) I’m starting a collection, currently have two of the U100s (both the white and the blue models) as well as an early classic Libretto 50CT.

github and IT professionalism

By now many people will have heard about the github service outage triggered by an accidental drop of their database.

(read their blog post on the issue here)

A few people on Twitter started attacking the github people for making such a silly mistake, which is actually quite sad – from my perspective, it was handled professionally and openly.

It’s impossible to work in IT without making some mistakes from time to time, even I’ve done stupid things like deleting the wrong partition or accessing the wrong host. I even once rebooted the bastion server late one evening thinking it was my local workstation shell.

The point is, even professionals make mistakes. The difference however between a professional and an amateur is how the mistake is handled, resolved and communicated.

An amateur will try and hide the issue or panic and run around in chaos trying to recover. However what we’ve seen from github has been:

  • Honest mistake happens to an engineer who probably almost died from horror once realising what they did.
  • Prompt determination of issue and restoration from a *working* backup system.
  • Clearly organised and prepared staff with some form of disaster recovery plan.
  • Open and honest communication with users about the issue.
  • And most importantly – they detailed how they are going to prevent this from ever occurring again.

Nobody can fault them for this – things happen – SANs can die, a bug can cause incorrect drops, an admin can run the wrong command – hardware, software and people all suffer faults and mistakes from time for time.

We should be congratulating them on such a well handled disaster recovery, if anything this would make me want to use github more after seeing their handling of the issue.

There’s also a few ideas floating around I want to clarify:

  • “Clearly they don’t have database replication, this would have stopped it” – No, it wouldn’t – if you replicate a drop query, it’s going to drop from the slaves as well. Even if they’re asynchronous, an async query can still transfer pretty bloody fast, which is really want you want – it’s best to have the slaves as uptodate as possible.
  • A three hour outage is totally unacceptable for a site like github” – A database the size of theirs isn’t a small task – restoring off media and importing back  into the DB may take only seconds for your 5MB blog, but it could takes days for a huge multi GB site. 3 hours is pretty bloody good.