Dec 18
Too bad for the people using twitter, the website has been hacked and its traffic redirected somewhere else.
It is totally possible that people who submit data through the API may have their password stolen if they don’t use SSL, or use options to ignore SSL verification failure. If you submit through HTTP and tried to submit data while twitter was hacked, your password might have been stolen.
OVH is an ICANN-accredited French registrar which accepted the ICANN 2009 RAA (Registrar Accreditation Agreement).
Being a registrar implies understanding and applying a lot of rules, especially when dealing with domain names transfers.
For example domain name transfers policies defines how the losing registrar and winning registrar must act. Part 3 is especially interesting as it states reasons why a losing registrar can or cannot deny an outgoing transfer.
Allowed reasons to deny a transfer includes:
Any other reason is not acceptable, especially:
Our friends at OVH decided to provide extra protection (aren’t they just trying to prevent customer from going elsewhere?) to domain owners, and add a transfer page to authorize outgoing transfers. When transferring from OVH to somewhere else, the contacts are required to accept the transfer on a specific page. Not accepting the transfer within 48 hours means the transfer won’t happen (at least that’s what the page itself says).
Of course, I first tried to contact the OVH support, by mail, phone and even writing to Octave (the OVH CEO).
Phone attempt was of course useless (“please contact support by mail, ok I’ll tell the administrator too” but nothing has happened), mail support proven to be even more useless, and Octave didn’t reply.
Mail support timeline:
The last solution was to contact ICANN, which is now done. Let’s see how this problem will resolve, however I won’t fight with this transfer page unless I’m on a transfer that *must* happen. Let’s see how OVH will justify denying the transfer in the even no reply comes from the domain contacts…
Being in Japan allows one to find some extraordinary things at the big place which sells almost everything, ranging from bikes to computer parts, health products, video games and food.
My latest discovery is known as RS-LJ01. It is a small Wifi router made to be used anywhere (got a battery for 4 hours of routing) and an USB port to connect a 3G usb stick. With this you can have your Wifi hotspot in your pocket, and bring it anywhere.
The device is interesting, but the interface is all in japanese and I had some troubles with my basic japanese knowledge and some help from Google Translation to understand what was happening. I first configured my 3G login/password and got internet working, then tried to configure the device to use WPA and not WEP, but then I wasn’t able to login to the WPA network. Took me a while to find the reset button. I made new attempt at WPA using the “secondary SSID” option, without much success either.
I would really love to see what’s wrong with the WPA encryption myself (and maybe fix it), but without more informations about the device, it’s not going to be easy.
I live in Tokyo. A picture is worth a thousand words…
Follow its path on Google Maps thanks to my crawled GeoData.
If you never heared about PInetd, it probably means you never tried to search on google how to make a DNS server in PHP, for example.
PInetd is a generic framework allowing to run a wide range of daemons, mostly answering on TCP or UDP ports.
The main goal is to make generic protocol interfaces that can easily be overloaded to implement new features, new auth mechanism, etc… For example the FTP daemon is extended as FTPd_SQL for SQL auth.
The pinetd2 project is under development since October 4th 2007 (will be 2 years old soon), and has reached an appreciable maturity level. Most bugs were cleared and right now the system is running well. Some expected features (http admin interface, transports, etc) are not completed yet, but should appear within the next weeks, before the first official release with version 2.0.0.
PInetd includes framework tools to easily make a daemon listening on a TCP or UDP port, and also include some pre-made modules: FTP, HTTP, Mails (pop/smtp), DNS, NetBatch…
While official documentation is still mostly missing, previous posts here explain how to configure a DNS daemon, and the wiki contains basic documentation.
The official PInetd website is now open, and it is possible to subscribe to news feed to receive updates either by RSS or by mail.
While the PHP team is currently working hard getting PHP 5.3 stable, I can officially announce that PInetd’s old branch is no longer supported.
All efforts will be put on pinetd2 with its new framework, and improvements required to support transports.
A new pinetd branch will eventually be launched with a complete rewrite of the IPC subsystem (which has become too complex with the different new features added along the line). New branch will most likely be named 2.1.
I registered recently to the magazine “Annals of Improbable Research” (AIR), which is made by the same people who deliver Ig Nobel Prizes (2009 nominations will be held on October 1st, too bad I can’t be there).
I am now a proud reader of a magazine which makes people laugh, then think. Contains things such as “The Ancient and Modern Ecology of Execution” which links execution methods to whatever people had at this time, Gender-Sussing of Kitty, or Identification of Gender In Domestic-Cat Faces With and Without Taining: Perceptual Learning of a Natural Categorization Task”, “Effect of Petting a Dog on Immune System Function”, “Sexual Frequency and Salivary Immunoglobulin A (IgA)”, The Importance of Stupidity, “Pigeons Can Discriminate ‘Good’ and ‘Bad’ Paintings by Children”, etc…
What’s more, no magazine would be complete without some comic strip. Here I could enjoy an episode of xkcd (now this is quality).
I can only recommend you to subscribe to AIR, it only costs $35 in U.S., $42 in Canada/Mexico and $53 elsewhere, for one year.
Sep 28
This might not need a post by itself, but since I need a new post to check how refresh works, here it is.
Basically, GG.ST finally got news displayed on main page. What’s more, as I’m too lazy to make a backoffice, I’m just “importing” news from WordPress using some kind of engine written in PHP, which can do much more than that… Well, stay tuned, as I’m going to provide more news soon!
Since I’ve setup my linux router, I noticed that some websites weren’t available anymore. The connection was established, sometimes I could even get small pages (ie. redirect pages), but most of the time, the interesting pages didn’t work.
Searching on internet helped me to suspect packet size. If the remote site was sending packets which are too big, they would get dropped, with an icmp reply saying “make things smaller, man” (in computer terms).
However, for some reason it may not work, if icmp packets are dropped, or if anything like this happens.
The symptom in my case was simple. I could access everything from the router itself, but from client computers, connection was hanging forever without data coming… Some tcpdump showed me that the mss (requested max packet size) value in the initial SYN connection packet sent by my router was 1414 while the one sent when the connection came from a client computer was 1460. That’s a 46 bytes difference. Knowing that networking in Japan is not the same as what I’m used to (for example, the VHDSL modem I use to connect to Internet also provides IPv6 directly, while IPv4 is obtained through PPPoE ; I suspect pppoe in fact transits through ipv6), I decided to change the value of mss in the connection packets.
Easier said than done, setting the MTU on ppp0 or changing mss in route didn’t have any impact on the data sent.
When nothing works, it’s time to use iptables for some dirty work:
iptables -I FORWARD 1 -o ppp0 -p tcp -j TCPMSS --tcp-flags syn,fin,ack syn --set-mss 1414
For all forwarded tcp SYN packets to interface ppp0, I set the mss to 1414… and guess what? It works. I can finally access websites that didn’t work. Strange workaround, and something I didn’t think I would ever have to do… well… life is weird.
Sep 19
I believe everyone on this earth is striving for a better world. For developpers this could be achieved with a perfect framework.
Of course normal frameworks are a no-go. Using someone else’s framework will make your world slightly better, but until you create your own full framework, you won’t understand what I mean.
The next step is to build applications with your framework. The kind of applications that will change the world…
The rest is up to you…
