Programming, reverse engineering and anything else as well …
… that nuclear energy comes to the rescue of the world climate. Even better. If you think thoroughly enough, it comes to the rescue of nature as well. While humans have managed to drive several species to extinction over time, dumping waste that will persist for millenia to come will ensure that through increased mutation (thanks to the radioactivity) the diversity in nature will flourish once again. Whether humankind will still inhabit Earth by then is more than questionable though.
// Oliver
Jupp, richtig gehört. GMX hat zwar seit Jahren einen Spamfilter, aber sie haben es nicht geschafft reguläre Ausdrücke zu dokumentieren (scheint aber PCRE zu sein) oder einen Filter vor dem Spamfilter zuzulassen. Filterregeln ja, aber erst nach dem hauseigenen Spamfilter von GMX. Da der leider nicht sonderlich lernfähig ist und das Verschieben in einen anderen Ordner vom “Spamverdacht” aus den GMX-Spamfilter nicht zum Lernen animiert sondern quasi umgeht, wird der GMX-Spamfilter es auch nie begreifen. Dumm nur, daß es keinen Sinn macht, Mails als “Kein Spam” zu markieren da dies automatisch die Mail in den Posteingang verschiebt und eben nicht nochmal durch die Filterregeln laufen läßt. So ist es denn so, daß ich seit Jahren meine Mails von den Mailinglisten NTDEV, NTFSD und WINDBG - über die ich übrigens noch nie Spam erhalten habe - brav aus dem “Spamverdacht” in den vorgesehenen Ordner verschiebe. Ähnliches gilt für Mailinglisten von CVSNT, ReactOS und Security Focus und so weiter und so weiter.
Continue reading ‘GMX “patchen”’
Read and judge yourself: Intellectual Property Regime Stifles Science and Innovation, Nobel Laureates Say.
The blog exists for two years now. Amazing it’s still active. 
I’ve created and uploaded a little demo clip about how easy it is to create a project with DDKWizard. (Hint: you need Flash enabled.)
If you want a higher quality and higher resolution, try this link! More instructional videos about DDKWizard and DDKBUILD will follow in future, if enough people are watching this one 
// Oliver
or “Pulsaðu þig” … can you read in places where you can buy the (in)famous Icelandic hotdogs. Creative use of the language.
While we’re at it. Pylsusinnep is called sinnep, i.e. mustard, but it just got some mustard flavour in it. Main ingredients: starch and water. 
I say: do not call this mustard!!!
// Oliver
This is, what happens if you get home late in Reykajvík during summer. You look at the night sky and think, let’s go down to the sea and take a few pictures. The pictures were taken between about 00:50 to 01:00 local time (2008-07-01) - 00:50 AM to 01:00 AM
Note: All photographs are released into the public domain. An attribution would be nice, but is not required.
Anmerkung: Alle Fotos sind gemeinfrei. Nennung des Autors ist erwünscht, aber nicht erforderlich.
Continue reading ‘Coming home late …’
First I killed one server (domU) by having log_bin turned on (and cluttering the disk drive with several GiB of logs), although I do not need replication. Then I ran out of memory with mysqld on the server on which this blog is, so the blog would complain about the lack of communication with the DB. And rightly so. Now I found the magic bullet. I uncommented the line:
skip-bdb
… and now mysqld behaves again. What the heck do I know, why this is enabled by default. Same for the log_bin one on Debian (Etch) as well. Once you comment out the line with log_bin, don’t forget to comment out expire_logs_days, max_binlog_size, binlog_do_db, binlog_ignore_db. Oh, and by no means forget to restart the MySQL daemon. On Debian:
/etc/init.d/mysql restart
// Oliver
I am usually using different methods in a combination. In the sshd_config I declare AllowGroups with the group ssh-users. This group does never contain root. Furthermore I set PasswordAuthentication no and generally authenticate only by key. Root login is of course not allowed either, except in single-user mode (PermitRootLogin no). Of course root has a different key, which will only be used in emergency cases, i.e. in single-user mode. Martin F. Krafft, author of the Debian book, has a nice recipe for this (note, that there is an erratum on the book’s website). Set this in your /etc/inittab:
sh:S:respawn:/usr/sbin/sshd -Do 'AllowUsers=root'
That will already keep out most attackers since they will try passwords most of the time. However, we can make it a bit harder for them. In order to achieve this, you just need a recent version of iptables. You will need the ipt_recent module of iptables installed as well. There are two programs coming with iptables, which can be used to save and restore the iptables rules. They are aptly named iptables-save and iptables-restore. We’ll use the latter one for our purposes. It allows us to declare rules and have them stored conveniently in a file. I usually call the file something like /etc/firewall.conf, but that’s a matter of taste.
Continue reading ‘Getting rid of SSH brute forcers’
As noted previously, the msvcrt.dll got the state of a system library and is thus included in systems from XP up. On earlier systems you will have to have a particular service pack level or get the redistributable package with the suitable version of msvcrt.dll.
But be careful. I noticed that the build target system will define whether a newer functions in msvcrt.dll will be used. For example functions involved in exception handling. Several of these aren’t available in previous versions of Windows and thus the built binary will really only run on the target and later. Previously it was possible to target binaries for - say - Windows 2003 Server and yet be able to run it on earlier systems.
// Oliver
I have just finished moving all previous DDKBUILD.CMD and DDKWizard versions under version control - subversion, to be more precise. This means there will be a change of the way how the version number is represented. Currently we have the normal way of saying 7.1, 7.2, 7.3 … 7.10, 7.136 … and so on. Whenever a slight change was made, the changed version wouldn’t change the minor version number, but rather get appended an a, b, c and so on (1.1.2a …). This will change with the next version of these two products. The new version numbers are going to look like this:
7.2/r20 or 1.2.1/r42
The number behind the “r” is the revision number in my SVN repository. Eventually I will even open up the respective repositories - but there are some technicalities I need to resolve first.
// Oliver
PS: Yes, I am working on the new version(s), including considerable updates to the DDKWizard manual.
… at work or elsewhere, how often have you met those guys who pretend they can do things they don’t even have a clue of?
How much of all this could possibly be true? Does such a person exist?
Chances are, you are wondering whether we think about the same person. It’s a well-known game and it is your turn now. Good luck! You’ll need it …
PS: Never mind the spelling of the subject line, I am not a native speaker.
Chris Wimmer, a fellow programmer, told me in a chat today, that the size of applications doesn’t matter. But I’ll let you decide. However, the program which he wrote is worthwhile regardless of its size. Even more so the library on which it is based.
// Oliver
The assertion that I rushed to my decision as it was raised couldn’t be further from the truth. First of all it hasn’t been the first time for me to think about this step and secondly I had several sleepless nights because of struggling with the decision. Maybe you could just respect it and read through my arguments. Feel free to comment on them over there (not here).
// Oliver
Hi,
after some sleepless nights and thinking a lot about the pros and cons, I decided to leave the Delphi community. It isn’t clear to me, whether it is the Delphi community that changed so much, or whether it is me, but we don’t match anymore. I want to move on.
Continue reading ‘Giving up on the Delphi community’
Read this:
http://www.reactos.org/pipermail/ros-dev/2008-June/010461.html
and then this:
http://www.reactos.org/pipermail/ros-dev/2008-June/010462.html
Update: nope, you don’t get the impression that James is taken serious.
http://www.reactos.org/pipermail/ros-dev/2008-June/010463.html
… although he is serious about it. But it seems this time ReactOS has been hijacked for good. Take a backup, everyone, now …
// Oliver
Na schönen Dank auch. Da wird man als zahlender Kunde tatsächlich in einen Betatest für ein Produkt gezwungen, daß - wiedermal - den aktuellen Funktionsumfang von GMX einschränkt, indem es nur Uralt-Browser unterstützt. Statt dies per Opt-In zu machen, darf man sich also folgende Meldung gefallen lassen:
Als Opera-Benutzer wird man halt frech und fröhlich ausgesperrt. Ja, auch das ist eine Methode Kundenzufriedenheit zu erzeugen. Es ist ja schließlich so - wie schon vor Jahren - daß alle Browser in ihrer Kompatibilität derart divergieren, daß man Opera aussperren 
Bitte beachten Sie:
- Ihre Termine haben wir für Sie von Ihrem alten Organizer in den neuen GMX Organizer 2008 Beta übertragen.
- Der GMX Organizer 2008 Beta setzt den Internet Explorer ab Version 6 bzw. den Firefox Browser ab Version 1.5 und aktiviertes JavaScript voraus.
Meine Termine wurden also schon übertragen. Find ich … scheiße! 
// Oliver
To get the package openntpd installed was easy, but to get it to work, required some search. In order to have a domU use an independent clock, you have to set a kernel variable. In a running system you do this via the following line:
echo 1 > /proc/sys/xen/independent_wallclock
and to make this setting persistent, add the following line to your /etc/sysctl.conf:
xen.independent_wallclock = 1
Then restart the OpenBSD NTP daemon or install it just after those changes. This will ensure that NTP works properly. Before, I got no complaints from the daemon or in the log files, but the time was off by ~2:10 min … in each and every domU.
// Oliver
PS: all credit goes to Martin at this blog.
Today I had a fascinating issue with SCP (Secure Copy). I was a bit flabbergasted when several attempts to copy a 800 MiB file failed … after a while. You could see that the transfer rate was going up. Since I was connected via SSH to the machine which executed the SCP command, and apparently the transfer rate of SCP was eating up the bandwidth for the actual SSH connection. At least the SSH connection was dropped every single time until I used -l to limit the transfer rate of SCP. Fascinating indeed.
I hope this will help someone to figure out similar issues.
// Oliver