My Bug Report Against Netbeans 6.8 [#181133]

I'm pasting this here because it may help fellow PostgreSQL/Netbeans users, there are no Google hits for this problem so far and the NB Bugzilla is behind a login-wall:

---

See end of report for exception trace from IDE log.

** Path to reproduce: **

(1) Create a JDBC PostgreSQL connection with extra connection parameters in
Services/Databases, e.g.
jdbc:postgresql://test.server/testdb?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory
(2) Start the "New Entity Classes from Database" wizard
(3) Select "New Data Source"
(4) Enter a name and select the previously created connection
(5) Press OK

The dialog flashes momentarily, then visually goes back to its initial state as
if no user input had happened at all. Specifically, no error is displayed.
From there on out, the exceptions seen at the end of this report will be thrown
periodically and displayed in the IDE log.

After restarting the IDE, the exceptions will not be thrown at first, but after
reopening the wizard, the exceptions will once again commence and keep getting
thrown until the next restart.

** Notes: **

Deleting the connection does not fix the problem. The problem was 'fixed' by
navigating to setup/sun-resources.xml and deleting the offending content (i.e.,
everything between ... After saving a new connection
without parameters, the feature worked as expected (for that database).

** Speculation by reporter: **

The error seems to happen when the "&" in the connection string (which is
escaped correctly in
~/.netbeans/6.8/config/Databases/_file_for_that_connection_.xml) gets written
verbatim to $PROJECT/setup/sun-resources.xml, where it ends up parsed,
corrupting the file.

** finally { **
Please move this if db/code is erroneous; I wouldn't know where it would have
fit better.
}

----------------- here goes the trace --------------------

INFO [glassfish]: Requested Entity: public id = -//Sun Microsystems, Inc.//DTD
Application Server 9.0 Resource Definitions //EN, system id =
http://www.sun.com/software/appserver/dtds/sun-resources_1_3.dtd
INFO [glassfish-javaee]: org.xml.sax.SAXParseException: The reference to entity
"sslfactory" must end with the ';' delimiter.
org.xml.sax.SAXParseException: The reference to entity "sslfactory" must end
with the ';' delimiter.
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195)
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:174)
     at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:388)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1414)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.scanAttributeValue(XMLScanner.java:868)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(XMLDocumentFragmentScannerImpl.java:1539)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1316)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2747)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
     at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
     at
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
     at
com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
     at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:88)
Caused: java.lang.IllegalStateException
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:93)
     at
org.netbeans.modules.glassfish.javaee.db.Hk2DatasourceManager.readDatasources(Hk2DatasourceManager.java:191)
     at
org.netbeans.modules.glassfish.javaee.db.Hk2DatasourceManager.getDatasources(Hk2DatasourceManager.java:130)
     at
org.netbeans.modules.glassfish.javaee.Hk2Configuration.getDatasources(Hk2Configuration.java:84)
     at
org.netbeans.modules.glassfish.javaee.ModuleConfigurationImpl.getDatasources(ModuleConfigurationImpl.java:132)
     at
org.netbeans.modules.j2ee.deployment.config.ConfigSupportImpl.getDatasources(ConfigSupportImpl.java:340)
     at
org.netbeans.modules.j2ee.deployment.devmodules.spi.J2eeModuleProvider.getModuleDatasources(J2eeModuleProvider.java:216)
     at
org.netbeans.modules.j2ee.common.DatasourceUIHelper.getDatasources(DatasourceUIHelper.java:479)
     at
org.netbeans.modules.j2ee.common.DatasourceUIHelper.access$200(DatasourceUIHelper.java:91)
     at
org.netbeans.modules.j2ee.common.DatasourceUIHelper$2.run(DatasourceUIHelper.java:346)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.invokeNextActionsOfSameKind(ProgressSupport.java:267)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.access$100(ProgressSupport.java:115)
[catch] at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker$1.run(ProgressSupport.java:156)
     at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:602)
     at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:1084)
INFO [glassfish]: Requested Entity: public id = -//Sun Microsystems, Inc.//DTD
Application Server 9.0 Resource Definitions //EN, system id =
http://www.sun.com/software/appserver/dtds/sun-resources_1_3.dtd
INFO [glassfish-javaee]: org.xml.sax.SAXParseException: The reference to entity
"sslfactory" must end with the ';' delimiter.
org.xml.sax.SAXParseException: The reference to entity "sslfactory" must end
with the ';' delimiter.
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195)
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:174)
     at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:388)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1414)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.scanAttributeValue(XMLScanner.java:868)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(XMLDocumentFragmentScannerImpl.java:1539)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1316)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2747)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
     at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
     at
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
     at
com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
     at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:88)
Caused: java.lang.IllegalStateException
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:93)
     at
org.netbeans.modules.glassfish.javaee.db.Hk2DatasourceManager.createDataSource(Hk2DatasourceManager.java:368)
     at
org.netbeans.modules.glassfish.javaee.Hk2Configuration.createDatasource(Hk2Configuration.java:105)
     at
org.netbeans.modules.glassfish.javaee.ModuleConfigurationImpl.createDatasource(ModuleConfigurationImpl.java:140)
     at
org.netbeans.modules.j2ee.deployment.config.ConfigSupportImpl.createDatasource(ConfigSupportImpl.java:372)
     at
org.netbeans.modules.j2ee.deployment.devmodules.spi.J2eeModuleProvider.createDatasource(J2eeModuleProvider.java:263)
     at
org.netbeans.modules.j2ee.common.DatasourceUIHelper$5.run(DatasourceUIHelper.java:422)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.invokeNextActionsOfSameKind(ProgressSupport.java:267)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.access$100(ProgressSupport.java:115)
[catch] at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker$1.run(ProgressSupport.java:156)
     at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:602)
     at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:1084)
INFO [global]
org.xml.sax.SAXParseException: The reference to entity "sslfactory" must end
with the ';' delimiter.
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195)
     at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:174)
     at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:388)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1414)
     at
com.sun.org.apache.xerces.internal.impl.XMLScanner.scanAttributeValue(XMLScanner.java:868)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(XMLDocumentFragmentScannerImpl.java:1539)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1316)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2747)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
     at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
     at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
     at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
     at
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
     at
com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
     at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:88)
Caused: java.lang.IllegalStateException
     at
org.netbeans.modules.glassfish.spi.TreeParser.readXml(TreeParser.java:93)
     at
org.netbeans.modules.glassfish.javaee.db.Hk2DatasourceManager.createDataSource(Hk2DatasourceManager.java:368)
Caused: org.netbeans.modules.j2ee.deployment.common.api.ConfigurationException:
org.xml.sax.SAXParseException: The reference to entity "sslfactory" must end
with the ';' delimiter.
     at
org.netbeans.modules.glassfish.javaee.db.Hk2DatasourceManager.createDataSource(Hk2DatasourceManager.java:375)
     at
org.netbeans.modules.glassfish.javaee.Hk2Configuration.createDatasource(Hk2Configuration.java:105)
     at
org.netbeans.modules.glassfish.javaee.ModuleConfigurationImpl.createDatasource(ModuleConfigurationImpl.java:140)
     at
org.netbeans.modules.j2ee.deployment.config.ConfigSupportImpl.createDatasource(ConfigSupportImpl.java:372)
     at
org.netbeans.modules.j2ee.deployment.devmodules.spi.J2eeModuleProvider.createDatasource(J2eeModuleProvider.java:263)
     at
org.netbeans.modules.j2ee.common.DatasourceUIHelper$5.run(DatasourceUIHelper.java:422)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.invokeNextActionsOfSameKind(ProgressSupport.java:267)
     at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker.access$100(ProgressSupport.java:115)
[catch] at
org.netbeans.modules.j2ee.core.api.support.progress.ProgressSupport$ActionInvoker$1.run(ProgressSupport.java:156)
     at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:602)
     at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:1084)

Dear EVE Online Usability Team,

— assuming that you exist — if your game won't run without upgrading, and I do the "upgrade" thingamajig, what exactly is the benefit in having a button between downloading and upgrading?

This is really, really stupid. The process should be:
start upgrade → do something else → come back and play
NOT
start upgrade → do something really short and check back all the time → come back to acknowledge download → do something else, but don't get too involved, update's done any second now → play

We Are Doomed

(Original and source @ Der Standard.)

How to Allow Burning CDs to Unprivileged Users on Windows Server 2008

By default, only administrators can use CD writers on Windows Server 2008.

This behaviour can be changed to allow only the user logged in at the console (that is, locally — not via RDP) to use CD writers by importing the following registry snippet:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AllocateCDRoms"="1"

Most Ridiculous Ad Ever

Yeah, please don't fix your own damn computer problems, dear friends and family of computer geeks. It's surprising how few people know that fixing obscure Windows problems on home PCs for free is how we make all our money.

New Mac

Now, once again, a proud user of a .0 product from Apple (Snow Leo). The shivers, they won't stop.

Found out that my instinctive first steps on a really new (Migration Assistant wasn't an option, my old installation had seen about 6 years, 2 machines, 2 processor architectures and too much abuse) Mac laptop are -

1. Dock left, smaller, autohide. Throw out all but Finder, Activitity Monitor, Trash.
2. Prefs, security, FileVault the sucker.
3. Back in, Prefs, security, check:
   secure VM, require password 5 secs after screensaver, disable remote control infrared
4. Over to Firewall, turn on
5. Over to keyboard: Tab to all controls, use standard function keys.

Next is installing developer tools, all printer drivers, Rosetta (Office 2k4 should be enough for everyone).

Nice aside: X11 is installed by default now...which I find really essential, because Terminal.app is good at many things, but not being a UNIX term emu. No readline Emacs-like bindings work by default = out you go. Yeah, 100MiB install for xterm is a fair trade-off.

Other aside: I'm always amazed how nice it is that the Mac Installer allows you to do the settings for multiple installer packages at the same time and then serializes for the install proper. Which is still shite compared to the APT-style utilities, but compared to Windows...

Python IDEs

I want something more integrated than Emacs or vim.

Needs: Python support that will help me develop web things with the Debian stable versions of my toolchain, consisting of

• Python (2.5 series)
  
• CherryPy (python-cherrypy3, 3.0.2)
• SQLAlchemy (python-sqlalchemy, 0.4.7p1)
• psycopg2 (python-psycopg2, 2.0.7)
• Genshi (python-genshi, 0.5.1)
  

The IDE will run on Mac OS X 10.4 (maybe 10.5 later this year), where I got the corresponding toolchain via the framework build of py and then easy_install for the libs.

For my development infrastructure I'm also using tools from the Debian stable package set, namely

• git (git-core, 1.5.6.5)
• trac (trac, 0.11.1)
• git plugin for trac (trac-git, corresponding to above)

I need (hard requirement) reasonable support for the language/library toolchain, and integration for at least SCM. Trac ticketing/todo support would be really nice. Some PostgreSQL integration, so that I don't have to go to pgAdmin 3 for testing statements &c, would be the icing on the cake, but I will stay with the native tools (pgAdmin 3, psql, pg_dump) for administration and other heavy lifting in any case, so that's not that urgent.

So far I tried —

Netbeans 6.7 with their Python support, and nbgit, and Cube˚n for trac. It was OK, except the trac stuff didn't work, and the whole system was fugly, and really slow, and the git stuff isn't seamless by any measure. Then it wanted to upgrade their py tools, and my route got dropped (flaky wireless), and when it gave up it installed something anyway(?), and now the Python stuff doesn't show up as disabled, installed, uninstalled, in the available plugins list, ready for upgraded or anywhere else. It's gone. So that was NetBeans for me.

I also tried Eclipse 3.5, with PyDev, egit and the Mylyn trac connector. That was all the usual kinds of horrible that Eclipse just is, but it also was the kinda-sorta working that Eclipse also usually is, and the trac query tool was nice. But then egit didn't work – well, at all, really – and getting the $PYTHONPATH that I needed to work with eggs (and eggs that are non-zipped folders) was a bit painful, but I'd bitten into that if egit wasn't such an incredible POS that showed commit greyed out whatever I did, and just let me add files that were already in source control — which it curiously correctly showed, itself, in the history view.

So, recommendations?

The Trouble of Microsoft

I'm doing an install of Windows XP for a technologically retarded relation right now, on the same kind of hardware I've just recently installed Ubuntu 9.04 for a different person. And pretty much at the beginning of the fugly text part of the installer it hit me like a brick:

Windows, once you have to get in touch with the gnarly system-parts, is now considerably less welcoming to the unskilled user than the leading desktop Linux.

Now, that doesn't mean much for desktop Linux, or The Year Thereof, because now the system that they're hopelessly behind in terms of usability is Mac OS X, but for Microsoft, collective pants-shitting seems more and more like a viable option. Sure, they own the enterprise networking field right now, where (if done competently), no user ever sees an installer, but they own enterprise networking because Windows is what people know from at home right when they arrive, hence, training is cheap. Once people arrive trained on something else, switching away from Windows becomes cheaper.

I am well aware that I'm not comparing the most recent releases of the systems, but since XP is still the Windows that people will use rather than, say, sticking rusty forks in their eyes, it may still be a problem for them. In fact, I have never installed the new one, so I don't know how that would fare. On the other hand, neither have most people, but that was part of the point. I also don't know how Windows 7, which I hear is better, will fare with adoption. As the saying goes, "Once Vista, twice shy."

Don't even get me started on Office, where they gave up the familiarity bonus without any good reason at all with 2007. I guess they're just lucky that neither OpenOffice.org nor iWork seem positioned to take advantage of any situation, ever.

On Ongoing Crises; Financial, Moral and Intellectual

Let me make a metaphor for the constant discussion about the details of the rescue fund for the the rescue programme to the rescue package du jour that as crude as that idiocy deserves:

Suppose you have a surgeon who proceeds to shit on the rusty instruments he just harshly jabbed into the open abdominal cavity of a patient, and the nurses are standing on the sidelines debating whether he should have mixed the feces with a disinfectant first.

Now, the simple fact is, either the financial system, and with it our constant addiction to enormous [and imaginary - it's just paper, still warm from the printer] capital influx is fucked now; or - if enough of a newbubble can be created for now - it's fucked another time a bubble bursts, with so much more malinvestment going in between.

Even if the correction could be held off forever, well, than we'd muddle along, increasingly printing money and producing anything at all in corrupt [think: all chiefs, no indians] ways at doubtful value just so that we stay busy and liquid, which doesn't sound that much better after all.

But worry not, things will sooner or later become so absurd that nobody believes that a good house-cleaning can be held off any longer and then there's no taker for more cheap "rescue" funds at any price. Think Japan. Negative interest doesn't help much if there's nothing useful to be done before the mess is sorted out.

---

Haug's corollary to crude metaphors: Honest words about debacles are not much fun.

Stoā and Freedom

Every man is governed.

The many who don't do it themselves will — nolens volens — find somebody to do it for them. The few others will be free.

Those who don't submit to The Law will find themselves subjected by laws:

A society with a free consensus not to defraud will not fall to frauds like Sarbanes and Oxley; those who do not attack will not be convinced that we need to tell people what to ingest lest it "makes them attack"; those who are resolved not to steal will not elect others to do it for them, and then be surprised to find themselves stolen from.

These things will never change — same as the love of la populace for charlatans who promise Change.

They Paid How Much?

Exhibit A (via Landa)
Exhibit B

Read.

Theodore Dalrymple on Ideology.

As always, he is much more interesting when he discusses the soul and its motives than when he becomes concrete, but until the very end this is one of the best essays from one of the best essayists I have ever read.

The Sun Fire X4200 M2 Server has hilarious documentation

This PDF (section 2.3.6) "documents" the BIOS settings of the X4200 by just showing the ASCII representation of each screen. Never mind that that explains nothing, it's also misleading since many screens offer more options on scrolling down.

Grand job to whomever wrote this and actually thought that their job was done.

This Award-Winning Journalist

Turns out, somebody does read what I write. Nobody is more astonished than me. Thanks, guys! Note that the best blogger is sitting in the center of the best photo. How more gooder could this get?

Apart from kidding:

• CUSEC2009 starts tomorrow. It's not too late to sign up! It's also not too late to get an overnight flight if you're somewhere in North America. Yes, it was that good. Too bad I can't afford it in either time or money right now.
• I went over my award-winning coverage (I could get used to that!) yesterday and noticed that I had promised to update when videos were available. I dropped the ball on that: They are.

I hope — nay, I am sure — that all attendees will have a great time and I hope I'll be there for the next one.

Locale: Weird.UTF-8

Some of you may know that I spent a year in Montreal, where I was too depressed by my overall situation not to make petty excuses about being too depressed by my overall situation to learn proper French. I am casually trying to remedy that, together with some attempts to revive my long-comatose Spanish, via podcasts and similar online resources.

In this context, I want to recommend the wordreference.com forums, where one can enjoy something as sublime as a discussion about whether dépassé is to be translated as overcome, overtaken or overwhelmed — all for free!

These days, we take things like that for granted [c'est tres magnifique!], but as of yet, I've only met twothree people in meatspace who can appreciate things like that and smartly make fun of the sheer nerdery in German at the same time. The Internet brings information about myriads of that kind of person to our fingertips in mere seconds!

What an age we live in — and I mean that less than one tenth of that ironically!

Do Computer Scientists Say the Darndest Things?

Is is just me, or is the following slightly odd?

The index.cgi program checks the validity of all the cookies. [..] If they are identical, then the host-based authentication is passed and a hidden field status with the IP-passed value is created to indicate that this stage was passed. [..]
When the user submits her user ID and passwords to the server, the Web server translates the request headers into environment variables, and another CGI program, password-ver.cgi, is executed. The first thing the password-ver.cgi does is to check the hidden field status to see if the previous stage was successfully completed. If this is IP-passed, the program decrypts the value of the Pswd_Cookie (encrypted user password) using the PGP with the Web servers private key, since it was encrypted with the Web servers public key by the role server. The program (pass- word-ver.cgi) then compares the two passwords: one from the user and the other decrypted from the Pswd_Cookie. If they are identical, then the user-based authentication is passed, and a hidden field status with the value of password-passed is created to indicate that this stage was passed. However, if the two passwords are different, the user has to start again by either retyping the passwords or receiving new cookies from the role server.
After password verification is completed, another CGI program, signature-ver.cgi, is activated to check the integrity of the cookies. Like the other programs, it first checks the value of status passed on from the previous program, and proceeds only if it is shown that the user has been through the password verification stage. If the value is password-passed, then the program verifies the signature in the Seal_Cookie with the role servers public key using PGP. If the integrity is verified, it means that the cookies have not been altered, and a hidden field status with the value verify-passed is created to indicate that this stage was passed and forwarded to the final program, rbac.cgi.

This is an abbreviated quote from this scientific paper, a publication by three computer scientists who seem to be quite well-quoted in the security field.

As I understand it, they're doing (as far as I can tell — I'm not a cryptographer or security expert by any means) a lot of well thought-out, if over-engineered, cryptographic processing, and then pass the authentication stage of the session to the next CGI with a "hidden field," which I can only understand to mean a "hidden" HTML form field in this context.

God I hope I'm just being dense here — I probably am since I read other work by the same authors and as far as I can even assume to judge it their ideas seemed very well thought through. Still, I'd love to know what's really going on with the passage above!

Note: It's hard to judge the impact even if my interpretation is right since even the last stage use strong cryptographic tools to determine if it actually wants to proceed, but being able to skip some stages once valid cookie data has been stolen for the last step seems to constitute at least some risk.

Terminal Idiocy

Dear Lazyweb,

Please help me solve the following problem:
Terminal snafu and I just have to set this variable, and this, and that, and it's all really easy? Corrupted man pages? Other?

The software emulation of hardware from the early seventies of the previous century — which is for some strange reason still the way we choose to interact with otherwise perfectly useful computer systems^[1] — concerned is GNOME Terminal 2.22.3.

---

[1] I'm not arguing against text interfaces in general, to quote Perlis:

A picture is worth 10K words - but only those to describe the picture. Hardly any sets of 10K words can be adequately described with pictures.

but is this really how we have to go about it?

Dear MacPorts people: The switch is -j.

In a way, 2 cores/2GB RAM is an awkward amount of box to have — less and you know that you just have to wait and there's no sense of needlessly wasting time; more and you can just run a decent game on the side.

Compile time always really drives home the point that C++ shouldn't be used by anyone except my competition.

Got My Laptop Back

"Well, that was quick."

Also, I didn't really remember how loud this thing is when the fan is actually working. And they didn't switch out the non-working power cord, but I got a brand-spanking-new power brick (which was working, but the new one is smaller, and doesn't have a frayed cable), so I win, of sorts.

The new logic board doesn't seem to whistle when it's not plugged in and not busy, and I really didn't remember how brilliant (not bright, per se - just great colours!) the display is. Pretty nice.

Still, I wouldn't get expensive HW from Apple again — I'll probably just get a MB next time, and when that happens, my current one will run Ubuntu. Together, they'll make a nice demo rig for xplatform customer presentations...

...and why is Room 101 full of streamer tapes?

Slavery is freedom.

(Tgt in German. Link and its text from Landa, but he never blogs these things, so now it's mine.)

CUSEC2009

If you're doing anything around IT anywhere around Montreal, you owe yourself going to CUSEC. Last year was an amazing experience.

CUSEC '09 is looking to become just as good: Keep your calendars free from January 22^nd through 24^th.

The speakers list is fantastic, with a caveat [the 'good' part starts around 0:25]. As far as gossip goes, there'll also be at least one celebrity of the field attending who's not speaking.

The whole thing is dirt-cheap, too, but I'm too broke for the flight so YT won't be there, which makes me a sad panda.

Dear Mr. von Rossum,

Maintaining that you don't have an itch around anonymous functions while furiously scratching yourself there — lambda, with, the iterator protocol, generator functions, list comprehensions &c; not to mention the unspeakable things that friends of mine (nota bene: certainly not me) have done with eval() and even exec() — looks a bit silly.

Ever your humble servant,

I'm Semi-Falling Off the Edge of the Planet for a While

Today, I'll be turning in my MacBook Pro 1^st gen for repairs, which normally takes quite some time. I've ranted about this piece-of-Apple for a while, but let me recount the ways:

• The power cord, wall-to-brick part, broke. That's quite an achievement, no moving parts and all. And no, I didn't use it as a towing cable or something like that.
• It's whistling on battery power. A well known defect of the model, but mine by now is whistling even with just one core turned on or when it's busy with two.
• I have some strange very bright spots on the display light up occasionally.
• The Firewire port's broken. I really liked target disk mode, not that it won't soon be irrelevant since Apple's phasing out Firewire (on the laptops, only the Pro has it now).
• The optical drive only burns 0-2 discs per boot before it goes so wonky that it will only burn coasters or not even recognize media.
• My two batteries: One lasts up to(!) 1.5h, the other up to .5h. Both crash the machine at the end rather than having enough juice left to go to safesleep.
• The fan at the bottom left makes amazing noises.

Also, Apple — at least in Austria — seems to make a habit of declaring everything that they can't get to work for more than a few weeks a piece, including power bricks, cables, li-on batteries^[1], displays...to be considered consumables not covered by warranty.

In retrospect:

• Never, ever buy any first release of anything new from Apple, not even when it's from "basically understood" fields like building laptops that don't fall apart.
• My desktops have been running Ubuntu for a while; the second they get Linux to work reliably with power management, multi-threaded sound and 3D at the same time without any fiddling around, I'll be there with my laptops. This basically means that I'll be on Mac with laptops forever.^[2]
  

[1] I can somewhat see the point there, but not at the rate at which they're going bonkers.
[2] Dear Linux weenie posting a comment right about now about how distribution α with kernel release β on notebook model γ, the exact hardware configuration that they sold on date δ, and all that with just fiddling with ε for merely ζ hours, works just swell for you: Get a life, or at the very least, shut your trap about the pathetic fact that you're happy with such an unacceptable state. I live with the deficiencies of my Mac, but at least I don't try to sell them as strengths and have the basic human decency to be angry about them.

Quantum of Solace

It's OK I guess, but they're back to balls-to-the-wall boom bang kapow action and over-the-top stupid, so there goes the promise of Casino Royale.

The main takeaway from the whole forgettable thing is that you probably shouldn't build a hotel out of pure TNT, especially if it's an evil hotel.

UChannel Podcast

I have been listening to the UChannel Podcast for a while now and I have really come to think that it is the most interesting thing that you can have on your music player: There may be better resources available for any given one of the topics it touches upon, but I do not think there is any one resource that gives as good an overview of the thought of the most influential thinkers in a great variety of fields.

The podcast is simply a collection of talks, debates and speeches at some of the world's top universities, and I have to say that I delete most of the episodes as they come in. A daily 1-2 hour intense talk or debate in a field that is foreign to me is just more than I can handle, so I just listen to the ones that piqued my interest by their title and/or description.

I cannot say that I agree with the speakers very often, but nearly all of them are obviously extremely smart people who have thought very hard about the problems that confront them, and where I disagree it is almost always because I think that their axioms are wrong factually or morally. Those talks actually tend to be the most interesting to listen to because they challenge my thinking and at the very least serve as a warning about dangerous ideas in the leaders of the mainstream of certain fields.

I recommend you subscribe and form your own opinion, but let me offer a sentence or two about a few of the episodes that I digested and that especially impressed me in one way or the other:

• "Commodity Prices, Capital Flows and the Financing of Investment" — it is instructive how completely self-absorbed the metadiscussion of the supernational bureaucratic elites is. Self-absorbed and mind-blowingly wonky. And utterly convinced in their own omnipotence to fix the problems and guide the little, brittle brains of the commoners. This leads me to...
• "The UN and American Interests" — I do not think that John Bolton is a particularly nice person, but he certainly is not the primitive, divisive cowboy that the European press made him out to be just because he is critical (or really, rather inimical) to the UN. Of course, the debate about him had to be made about character [assassination] because arguing for the UN on merit is obviously an unenviable position. In this fascinating talk he lays out the reasons for his disillusionment with the UN. His case against that organization seems rather compelling to me, which certainly has nothing to do with confirmation bias.
  
• "The Danger of Weaponizing Outer Space" — one of the most interesting talks I ever heard and one that I cannot do justice in a few sentences. The takeaway is that the danger is not 'space weapons' but 'space-related weapons', weapons that take down satellites or create spatial denial by scattering NEO with debris.
• "The Secret War With Iran" — an Israeli journalist speaks about the ongoing struggle of the west to maintain the containment of the Persian theocracy. Very open about disclosure of his sympathies, he is still strikingly even-handed. Highly recommended.
• "The War for Wealth" — you can get the German out of Prussia, but you can't get Prussia out of the German. I still think that this kind of thinking is rather indicative of the European leaderships' mode of thought, so weep for our future. A scary must-listen.
• "Why spy?" — a proud stalwart of the CIA speaks on espionage. Highly interesting and obviously rather well-informed. I think he is well inside the bi-partisan mainstream of American wonks when he lionizes, among other things, a two-year mandatory national service, strong cooperation between foreign and domestic intelligence services and having the CIA independently conducting quasi-military, violent operations in foreign countries. Oh boy.
• "A Conversation with Alvaro Uribe Velez" — Velez seems honestly invested in the long-term good of his country, but he also seems strongly invested in having that prosperous Columbia governed by himself and people in his trust.
• "American Foreign Policy after the Bush Administration" — Francis Fukuyama is a very intelligent, educated, affable, eloquent and soft-spoken man, but he is also a man who is maneuvering deftly into a spot where he may be of interest to the leaders of the upcoming Democratic period. I guess the contrition that would fit the realized consequences of his ideas so far would be all too bad for business for a public intellectual.
• "Homeland Security: A Military or Civilian Responsibility?" — a DoD man speaks on 'homeland security'. The speaker sells himself very well and gives a fascinating window into the mind of an (seemingly sincere and well-meaning) bureaucrat in the military-security-industrial complex.
• "Do schoolchildren and students know how to research?" — 'Those who can't, teach.'
  

The Year of Desktop Linux, pt. MMCMLXVII

The fact that I just wasted most of an evening trying to get Ubuntu (8.04 and 8.10) to display more than 800 x 600 and use a wireless network on an inexpensive laptop puts HFS+ into perspective:
All I achieved was a total freeze when trying to go with ndiswrapper.

I guess I should have just gone with grml; the hardware support is awesome and it can't be that hard to get a Windows user to run vim and mutt in ratpoison.

US Presidential Elections Endorsement

Dear Readers,

I have no idea how many American readers I have since I pretty much write this for shits & giggles and don't track logs, but I may have picked up some readership on my LISA trip in '05 and my intermittent Mac tips & tricks. So here goes:

With a heavy black heart I endorse the crazy messianic self-important socialist over the crazy warmongering socialist geezer (the one with the trailer trash in tow, you know which one).

I'm pretty much convinced that either one will be a catastrophe for the USA, especially in these trying economic times (one of them happily admits not understanding economics, and the other has delusions of having a clue; I don't know which is worse) but I'm only somewhat confident that he won't blow up the rest of the planet as well with one of them.

So there goes:

Obama '08!

God save America.

The Moral Content of Human Action

Exhibit A: The Mind of a Highly Intelligent Police-Intellectual
Exhibit B: The Humanitarian Theory of Punishment

Note that the latter is from the middle of the previous century, while the former is an interview from 1980. Heinlein's odious "mathematical morality" from Starship Troopers is alive and well, it seems.

The question that has been vexing me for a while is whether the social fiction [Mario's - excellent - turn of phrase] of God could be necessary to preserve the (possibly also ficticious) idea of human action having moral content (more or less wed to the point of identity to that of free will)?

This is a critical question because without the acceptance of free will the dehumanization of man is so complete that we can't even speak of dehumanization. There is nothing left that sets humans apart, all mankind is only biological automata.

As concerns society, this view would (in my opinion) quasi-automatically lead to technocracy as preferred by the interviewee from the first link. This is merely an artifact of the psyche; logically it doesn't follow: If there's no free will, there's no moral content to human action and arrangement, but there's also no preferable course of actions on part of any government.

Belief in the complete transparency and hence determination of human action and its motives does not lead, logically, to a morality of control but to complete denial of morality as such. In such a world, post-modernist nihilism is simply correct in a factual sense.

So, in the end, my question may be: Does "moral correctness" require fudging the facts? More ironically, do we need a "higher authority" to sustain belief in free will?

Shitwizard People, Dear Readers

The real reason there are (nearly) no women in IT.

Our Fusion Reactor, That Art In Heaven

The Boston Sun's The Big Picture features are always great, but this one is just mind-blowing.

Just a reminder: That's a real, live star!

In fact it's the source of all our power.^[1] It's far away, it's big, it's hot and it's dangerous to man and material. We have photos of it, transposed from the proper spectrum for each picture's lesson, that come to us after primary pre-processing on the man-made objects that took them. Those objects circle — or rather, ellipse — that star on finely attuned and perfectly predictable orbits.

WOW.

---

[1] The Universe, Monty Python's Institute of Higher Studies

New Pix

Substance D (II), originally uploaded by berndhaug.

My mother visited for a day trip to the Sausal in Southern Styria. These are the photos.

Read This: Tim Bray on Coping With Hard Times in the Software Business

While I find his economic analysis naïve at best and wrongheaded at... — well, most^[1] — he sure knows his software business and is one of the smartest people I have ever seen, heard and read, so please do yourself the favour of reading his On Tough Times series if you're dealing in bits & bytes.

---

[1] For good economics, read John Walker's Gnome-o-grams.