Why freeways should be conveyor belts
I drive a pretty sizable distance every day to commute to work. I drive on a freeway most of the distance.
Freeways were poorly named. Congested freeways are anything but free of cars. They house traffic ‘trends’ such as ‘packs’ or ‘squadrons’ as well as ‘stop and go’ sections or often just convenient ‘parking lot’ areas while you attempt to get home before dark.
In an attempt to optimize this sad state of affairs affecting those of us in urban life, I have come up with the solution (which as I’m sure you’ve guessed by now since you read the title) is that all freeways should be replaced with conveyor belts.
Now, I don’t mean the rubber & pulley wheel variety, I have in mind something more like the catapult system found on the flight decks of American super carriers. It seems so simple it just may work!
Each car would hook up to one of these at speed and “lock in” to a spot on the freeway ‘belt.’ That way, the belt is always moving at a constant speed, no one is able to weave in and out of lanes, it’s impossible to have a fender bender, people can’t use the margins on the side of the road as ‘temp passing lanes,’ maximum fuel efficiency for all cars is enforced and no one can speed!
It’s a perfect solution! I just solved the top 5 highway issues with one ginormously expensive and implausible invention that everyone would hate.
I dare you to poke holes in my logic…
Pretty graphs for the malware detection (ftw?)
Security data visualization is definitely a promising and awesome way to look at your logs / ids alerts / firewall rules. I was recently introduced to secviz, a site showcasing the various graphing and plotting tools freely available to help visualize un-eye-popping log or plaintext data. Of particular interest to me was:
- How many times have you looked at a firewall rule set and collapse in anticipated mental exhaustion? Wouldn’t it be much nicer if someone just drew a picture of that rats nest? Enter Ruined which makes prettyful things like this:
- Monitoring server load sounds like a job for another server to do (agh infinite loop!) but with a couple RGB values and some squiggly math, you can produce load reports that look like this!
Take a peek at secviz and get inspired. What else would you make pretty pictures of?
I sure miss grep in M$ Windows
At least, I used to! Check out this awesome utility for all your closed-source grepping needs!
Writing a DNS sniffer
Programming project: construct a program that can listen to perimeter traffic and construct http proxy-like logs. The weapon of choice? libpcap! The app will need to listen for both DNS (udp port 53) and HTTP (tcp port 80) traffic to accomplish this.
First up is determining where all the interesting bits in each layer of the OSI stack are located within each packet. In logical order:
- DNS Records and DNS Headers (about half way down)
With all that reference material, you might think this is a lot of reading! Okay, fine how about a copy and paste job? Tcpdump is the perfect place to exercise your mouse wheel click skillz to get all the data structures and defines you’ll need.
One last useful tool that should be in every network programmers tool belt is of course, Wiershark (aka ethereal). In this case, it comes in handy to double check your program is disassembling the packets the same as Wireshark.
A BPF is used to speed up the filtering of interesting packets from useless ones and is passed in to the program as follows:
dns_sniffer “udp port 53″
When writing any network aware application, the best place to start for documentation is always going to be the applicable RFC for whatever protocol you plan to speak.
When figuring out what bitmasks were needed to mask out specific bits (namely the first two bits for parsing DNS compression) Conversion Table came in handy. I also found this handy page if you need to brush up on bitwise operations (I sure did, since I hardly use them.) And don’t forget your ASCII-Table!
Have you ever wondered how your lonely little-endian wintel laptop / desktop is able to communicate over the same IP network to a big-endian speaking SPARC system? It certainly kept me up at night! See for yourself how it is able to work.
More to follow… (you know, like source code)
Windows Tune Up! (type: Auto-magic)
I don’t know about you, but every time I reinstall Windows (you know, every 3 months or so) thanks to WinRot, I spend an hour or so reconfiguring Windows the way I like it.
In an effort to reduce that time, here is a bunch of windows registry tweaks which change a ton of things from window pop up times to NTFS cluster sizes. This file may also come in handy for first time installations on to new machines.
This file was started by one of my colleagues at work, so props attributed where they are due!
BIG DISCLAIMER: Please, Please, Please, review all the tweaks before you blindly run the file. Remember, trust but verify.
Detecting bad TCP sessions
Here’s an idea:
Why not develop a feature into personal firewalls that tracks active tcp sessions (via netstat) but with some intelligence. The idea behind intelligence is to not spam the poor user every single time an application wants to talk on the NIC. How would that work?
Well, it could associate keystrokes / clicks with network events. If there is a new tcp session established or new listening local port, challenge the user with the application name associated with said session or listening port.
It sounds so simple it just might work. Do you see any false-positive scenarios?
Fedora 9 Review (Mini-Edition)
Updated 5.15.08 7:30PDT – Thanks AnotherBrick
It’s here!!!
Fedora 9 is the latest release from the Fedora Project team, released today, May 13th 2008. Sulfur sports yet another slew of new and exciting features, as well as some big package updates. I’d like to highlight some of the new packages I care about and give an initial opinion on each.
New Stuff
GNOME 2.22 is included. (Evolution 2.22.1 along with IMAP for Gmail, it also supports read/write Google Calendar integration!)
KDE 4.0.4, which has been completely migrated to the default kde install (no more of that kde3 and kde4 side by side nonsense.)
Open Office 2.4 long feature update and bug fix list. Haven’t used extensively yet.
The shiny new 2.6.25 kernel.
A smaller memory footprint Perl 5.10.0.
PackageKit, a cross-platform front end for yum, is the new default ui for package management.
Firefox 3 beta 5 feels much smoother and quicker, and is already pretty stable. Many UI improvements. Many security enhancements such as a new malware protection and anti-phishing warning, as well as the infamous green EV-SSL Cert location bar. I’d like to highlight some of the neat new visuals:
Reported Phishing Site? Big Red box? Very nice.
A pop-up window asking to remember a password that isn’t modal?? *Gasp* Now where have I seen this before…
IMHO, this SSL Cert pane looks much cleaner than IE7′s equivalent.
I dig the new suggestion tab in the add-ons window.
Finally! Firefox 3 now saves open tabs even if it isn’t crashing. Hazzah!
It’s just too bad that many of my favorite add-ons aren’t ff3 ready yet. No dinged points however, as this is still beta software. (no foxmarks! nooooo!)
Work has also gone into segregating firefox’s plugins from the remainder of the OS using SELinux. Fedora’s SELinux policy guy, Dan, has some background on his blog. To try it out in Sulfur, issue this command:
setsebool -P allow_unconfined_nsplugin_transition 1
Installation
My Installation went smoothly, nothing to report. (Always a good thing, especially since I chose the 64bit flavor.) I went with the default Gnome Window Manager, and will try out the new KDE4 release later. I like the new wallpaper theme, which just like Fedora 8, will change depending on the time of day. Also like in Fedora 8, the Compiz powered desktop effects checkbox worked flawlessly on my ATI AGP X850Pro card – Feels faster. The updated “Update System” UI is much easier to use, and feels much faster too.
If you plan to browse the internet or play multimedia, you’ll need to add the livna repo. Here is the command I used:
su -c ‘rpm -ivh http://rpm.livna.org/livna-release-9.rpm’
Once that’s done, you’ll likely want Flash (the proprietary adobe package isn’t up on livna yet for 64bit so gnash will do), and mp3 support. I added it simply with:
su -c ‘yum install gnash-plugin gstreamer-plugins-ugly’
Summary
I’m coming off as a broken record, but I have to admit everything “feels” snappier. I have no scientific proof to back up this feeling, but I would bet that much effort went into performance tune ups for this release.
It’s only day one, but I’d already like to give Fedora 9 the thumbs up!
