The Daves Collective

Fatwa of Unsuitability
2004-05-31 15:30

I hereby pronounce a Fatwa of Unsuitability (F.U.) upon Gallery. Its replacement will be JAlbum and its ExhibitPlus skin. Gallery was found guilty of PHP Abuse (register_globals, uncaught warnings), Recent Security Cockups, Wasting Too Much Of Dave's Time, and Pandering To Copyright Nazis (by adding watermark support).

Another F.U. was recently pronounced on fetchmail, now replaced by Getmail. Fetchmail was found guilty of Being Written By A Right Wing Gobshite and Too Many Security Advisories.

The most terminally stuffed-up warez release... Ever!
2003-11-28 12:04

How did this start? Well I saw something in alt.binaries.test that looked like a bit of a laugh. Yes I shouldn't, but once in a while, why not. So I dl'ed it. Thats where the fun starts.

Actually it was posted twice. The first pass was labelled '(01/85)' to '(85/85)' and the second was labelled 'Repost (01/85)(01/85)' to 'Repost (01/85)(85/85)'. Hmmmm. Went for the 'Repost', like you would. Tried saving them. Lots of errors. Looked at the raw messages. It's yEnc and PAR2 (the mark of the Beast IMHO). The 01 was the PAR2. 02-13, when joined, make part1.rar; 14-25 make part2.rar; 26-37 make part3.rar; 38-49 make part4.rar; 50-61 make part5.rar; and 62-4 make part6.rar. 65-6, 67-70, 71-77 and 78-85 are the usual PAR2 junk. Nice subject lines maestro.

What's in the rars then? Another set of rars, part01 to part04. Idiots.

What's in *that* set of rars? Looked at the first one. In there was, woo hoo, *another* part01 - but this one was a self extracting .exe. In *there* was -

• a setup tree (hoorah!);
• an HTML file with content in Chinese plugging the warez group's webshite, and a bit of marquee text in English scrolling along at Warp 6 plugging some crap HTML editor;
• two .txt files with Chinese names and Chinese content;
• a .txt file with Chinese name and pseudo-English content, to wit, a mostly uninformative .nfo.

But on closer inspection *this* rar wasn't complete - it needed (at least) a part02. Well, to cut the story short, using this triply-wrapped part01 with the doubly-wrapped part02-04 finally yielded a complete setup tree, including a *second* copy of the html and text files and a proper .nfo from the originating group. Sigh. Lusers. Predictably the warez-lust had long since left me, and I couldn't be arsed actually installing any of it.

Is it too much to ask that warez should be customer friendly?

info2html
2003-11-16 01:32

Its a long story but info2html wasn't working (broken when I moved it from /opt/local to /opt/net). Anyway there is now a nice page for it at http://info2html.sourceforge.net/. In my day it was damn difficult to find, now the FSF actually carries a link to it. But its still the same old version 1.4.

You've Got Spam
2003-11-15 02:14

It looks like a second spamhaus has picked up my Yahoo addy. Also, YoSucker threw its CPU loop trick again, it took me over 3 HOURS to notice. CPU temp was 57 deg; clearly it's stable... Anyway, so today's King Cnut exercise is to install SpamAssassin, sa-exim and the new YoSucker. It must be World InterPolatedCaps Day.

Tangentially, there is apparently a YoSucker for Hotmail, called Gotmail. Moral dilemma: is it OK to dally with M$ if you are just spongeing off their free services? I think not - they must get something out of it otherwise they wouldn't bother - suspect it's ad revenue, traffic analysis and the chance of lock-in down the line.

Later: well I was seriously offended that SpamAssassin unconditionally plops itself into /usr/bin, typical bloody Perl-head etiquette. The sa-exim config file is fearsome, but it works. Sods law determined that Yahoo's login was timing out all afternoon. Fab. The new YoSucker is flakey, but fair enough, there was a warning that it's not stable. I'll revert it tomorrow, and see if retrieving en clair avoids the loop problem.

YoSucker, OpenSSL and Why Perl Sucks
2003-11-11 16:05

There's a new YoSucker out. I noticed this because once again YoSucker threw an infinite loop on me, and I didn't notice for more than an hour (the price of improved scheduler responsiveness) and my CPU temp got up to 58.5. So I went looking at the mail archives and the answer turns out to be the Perl module IO::Socket::SSL which needs to be reinstalled against a new version of OpenSSL (and those seem to be coming out far too often these days). Why the **** is this so? How was I supposed to know this? How does Perl (as an interpreted language in a dynamically linked environment) manage to combine the disadvantages of compilation and static linking? Why is its failure mode so insidious? Why Why Why?

Of course the advice in the mailing list turns out to be a tiny bit inadequate; it is necessary to force a reinstall of the module, like this (and don't get me started on finding documentation about the commands in the CPAN shell) -

perl -MCPAN -e 'force install IO::Socket::SSL'

For further drivel see the Index