Free Daemon Consulting Newsletter Page

11/01/2005 - October Newsletter

In this edition...

• From the Editor..
• Latest Stable: 3.8 Released November 1, 2005
• Changes in `-current': RAID take two, failover trunk(4)
• Security: Scams Going Phishing
• Software Spotlight: Desktop Software?
• Internet Tips: Blogs
• Philosophy: change management

From the Editor..

It seems there are many people who enjoyed reading this newsletter, thank you for your support. It also seems a few individuals did not wish to receive notification of new installments of this newsletter. To them, I sincerely apologize. To anyone else who does wish to receive notification of future editions of this newsletter, drop me an email and you'll be sure to receive notification in future months.

I discussed RAID in the previous newsletter. After a few comments, I feel I need to clarify slightly the situation with bioctl(8) and various RAID implementations. There is only one RAID hardware controller, ami(4), that has the glue code for bioctl(8). No other RAID hardware uses bioctl(8) for now. Partly, this was due to lack of documentation. Specifically, Adaptec documentation is desired, but none has been provided. The "Hackers of the Lost RAID" song, released with OpenBSD 3.8, has wording and commentary that spell out the full details. Of course, if you can convince vendors to provide documentation that would be welcomed! Stay tuned to future "Changes in `-current'" sections, in which I will mention if OpenBSD does manage to implement any bioctl(8) support in other hardware RAID controllers.

Even though today is November 1st, this is still the October newsletter. One way to think about this discrepancy is to think that real newsletters, even if sent in October, may not arrive until November. In reality, I try to work on these newsletters after I've worked on requests from clients, and have been slightly busy in October, hence this months delay. My goal, however, is to get each monthly newsletter done prior to the end of each month *knocks on wood*.

Now that the first edition is out, the old adage 'hind sight is 20-20' has reared its head. In covering a wide range of topics from the last newsletter, it seems appropriate to create a topic for each section and focus on one or two things per topic. To that end, you will note each article has a two part title, its topic, and the specific item it covers. Hopefully this will create some organization and permit this newsletter to branch out in uniquely different directions each month. Thanks for stopping by, I do hope you find this information timely and useful!

Latest Stable: 3.8 Released November 1, 2005

The current `latest stable release' has been released as OpenBSD 3.8 today, November 1, 2005. Look for more in-depth coverage of the latest stable release of OpenBSD in this section in future months.

Be sure to read Theo's email to misc@ for the details; OpenBSD 3.8 is released today! Those of you who pre-ordered should have your CD's by now. Updating to this latest release is simple due to the install script's update option.

Lots of new goodies to talk about in upcoming editions of this newsletter. For now, I leave you with the overview of the release announcement.

Changes in `-current': failover trunk(4)

First released in OpenBSD 3.8, trunk(4) is used to aggregate multiple network interfaces as one virtual trunk interface. In English, this means you take two network cards, plug them both into the same (or a different switch) and you continue functioning even if you unplug one. As released in 3.8, the trunk(4) interface implemented a simple roundrobin protocol.

New in -current, there is a failover protocol. This permits specifying one of the network cards as the master, and a secondary one to be used if the primary one is observed to be unplugged. One ingenious use of this new feature is for users who bridge their wireless network and wired networks. One may use a trunk interface to assign the IP address of a laptop. The trunk interface then in turn uses the ethernet interface of the laptop as master, and the wireless interface as the failover port. Unplugging the laptop to go sit in the breeze on the porch permits no connections to be reset, while returning to plugin the wired network permits a download from a local server to greatly increase in speed.

Servers will likely want round-robin which also permits to aggregate bandwidth. This means faster than 100mbit speeds with multiple 100mbit ethernet cards, for example.

Security: Scams Going Phishing

Have you seen the term 'phishing' ? You may have heard it, but not spelled this way. The official first use of this term was, according to Dictionary.com, in 1996, meaning to 'fish' for users. Today, it is a menacing plot by many wrongdoers who wish to steal, anonymously, your eBay account, PayPal account, and bank accounts. As listed on the Fraud Watch International website, there are some steps you can take to avoid falling into phishing scams. There is, unfortunately, no guarantee, just good habits to avoid most common traps. For some, some of the steps will be irrelevant. Only Microsoft users need to load anti-virus or anti-spyware (steps 3 and 7), because the rest of us who do not use Microsoft do not have to worry about such. See the Desktop Software? article in this newsletter for details.

It seems they are everywhere. Scams are not new with the Internet. However, the ability of scam artists to get them into your mailbox truly does merit scrutiny.

I'd like to talk a little about how email works, since a lot of people I talk to ask questions that make me realize this is not widely known information. You see, every time an email gets delivered, it has gone through some form of mail server, and likely several, before it gets delivered to your inbox. You may not even realize it, but there are a number of parallels between the real postal (some call it the `snail mail system') mail system and its electronic counterpart.

In the `hardcopy' postal system, the envelope typically has two addresses. One is who the envelope is from, and one is who the envelope is to. Anyone can realize that they could fill out an envelope that looks like this:

	Daffy Duck
	1 Ducky Lane
	Hollywood, CA 12345


					John Smith
					1010 10th Street
					Somewhere, OK 73129

... and so long as the destination address is fine, the sender address can be as bogus as you want it to be. Also, the inside of the envelope, the letter itself, need not match what the outside of the envelope says. Yes, it is normal to do so, but not a requirement.

The same things I mentioned above with the postal system is true for the electronic email system. It is possible to have the envelope saying 'from: daffy@hollywood.ca' and 'to: todd@fries.net', but the actual letter says 'From: Jane Smith <jane@smith.name>' 'To: todd@invalidplace.com'. Most mail systems verify that the domain 'hollywood.ca' exists, but do little more than this. And they cannot. So long as the envelope 'looks' ok, the rest is up to the person sending the email.

So, if you ever have received an email, and thought 'oh my, this does not even contain me in the "To:" or "Cc:" lines, how did this arrive in my inbox?', the above may help. You can even do something similar to the above by using what most email programs call the 'Bcc:' line, or 'blind carbon copy'. If you send email 'To: todd@fries.net' but you add to the 'Bcc:' line 'jane@smith.com' then Jane Smith will receive a copy of the email, but will not see herself in the letter itself. The mail server removes the envelope and delivers only the letter.

This is how email has worked for years, and trying to make changes is hard. Really really hard. AOL and others are behind a standard trying to get domain owners to publish lists of valid servers from which email may originate. This standard is called 'SPF'. Bottom line is, it permits mail servers who choose to .. to say 'this envelope claims the sender is from aol.com, but the server sending the message is not listed as a server at aol.com, REJECT!'. For the nitty gritty details, an example of SPF information can be seen below for aol.com:

$ host -t txt aol.com
aol.com descriptive text "spf2.0/pra ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
aol.com descriptive text "v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
$

Unfortunately, there is not a consensus amongst the internet architects as to how to proceed. Of course, Microsoft has to get in on the action too, so they have created a standard called 'Sender-ID'. It seems to be par for the course that there is controversy in their standard. Yahoo, also, has come up with a third standard called DomainKeys, details about this can be found under the microscope in this eWeek article.

It seems that with all three standards competing for popularity, there is one major hurdle none seem ready to jump. That hurdle is the fact that only those participating in the new technology benefit. While change can happen quickly on the internet, the mere thought of upgrading every mail server on the planet to new mail protocols and technologies and updating all dns records for all domains that send or receive email seems just a little overwhelming, and not likely to happen any year soon.

So, for now, it seems we are stuck with phishing attacks and spam. Some tools exist that may make your life easier in that they can learn and automatically filter the bad email into a junk box. Look for details in a future months' "Software Spotlight".

Desktop Software?

Some conversations, you never forget. Such is the case with a friend of mine who said to me:

I was chuckling inside as I responded:

Obviously interested, I got the expected response:

"Really? Why are you not a rich man yet?" came the reply.

"Because people would have to stop using Microsoft. They would have to install some flavor of UNIX, my favorite is OpenBSD. There is a history of a learning curve to setup and use UNIX. People would have to choose to learn a little bit about how UNIX operates, install similar, but different than they are used to, software. Still others would be upset that software is no longer available, as there is a lot of niche applications only produced for Microsoft operating systems. So, while I have the solution, and would be happy to point people in the right direction, the real problem is that Microsoft has always been full of holes and insecurity issues, always catering to users demands above security concerns. UNIX does not do this. So do you want to try UNIX and get rid of virus and spyware and adware?"

"No, I guess .. nevermind."

So, do YOU want to try UNIX and get rid of virus and spyware and adware forever?

Either way you answer that question, you may wish to glance at a few common tasks that would need to be accomplished on an average user's desktop, and consider the fact that for most common tasks, alternate (non Microsoft) software exists. Not only that, but it comes at the right price: for free!

You may wish to glance at the table below, and click on some of the links to see screenshots of existing applications that work today to behave similarly to existing Microsoft counterparts. For the purposes of this discussion, I'm limiting the UNIX examples to graphical applications. Feel free to ask about non graphical (faster, but text mode), if curious.

Functionality	Microsoft	UNIX
E-Mail	Outlook, Outlook Express	Mozilla Thunderbird, Gnome's Evolution, and KDE's K Mail.
Office: Documents	Word	Sun's Open Office, SourceGear's AbiWord, and KDE's KWord from KOffice.
Office: Spreadsheet	Excel	Sun's Open Office, Gnome's Gnumeric, and KDE's KSpread from KOffice.
Office: Database	Access	Sun's Open Office, KDE's Kexi from KOffice.
Instant Messaging	MSN Messenger	Gaim, and KDE's Kopete
Web Browsing	Internet Explorer	Mozilla's Firefox, KDE's Konqueror.
Playing Multimedia	Windows Media Player	MPlayer, Ogle, xmms, xine, and many others.

A few comments about the above. First of all, the list is not exhaustive. I am well aware of other multimedia and document editing software for Microsoft, but I chose to list their prominent application. Also, OpenOffice is not available natively for OpenBSD, but to Linux and FreeBSD. Some applications, such as Thunderbird, Firefox, and OpenOffice are also available for Windows. And finally, I limited the Database application to only simple office usages. For anything more complex than something a secretary can administrate and/or manage, one should consider `real databases' like PostgreSQL and MySQL.

Beyond the spyware, adware, and virus free nature of free software on UNIX, why would anyone care? Some people, apparently, have concerns about a single vendor locking them into a proprietary document format. If you have not heard, the state of Massachusetts has created a stir by deciding that the entire state will utilize the OpenDocument standard. Other people like the price of the software, free.

To address a comment I made in my quote above, some people cannot live without running some of their existing windows applications. Call them legacy applications, if you will, but there are reasons why one might wish to migrate to UNIX and occasionally run some windows based application. Enter software virtualization. One favorite application of mine is Qemu that does virtualization. Generally, you can run most pc based operating systems (including OpenBSD) inside the qemu window. Since it simulates all the hardware, including the processor, it is roughly 1/4 the speed of your native cpu. This means that for my 2.8Ghz laptop, the cpu inside is roughly 700mhz, fast enough for occasional use. Another free virtualization software that permits you to run windows in a window from a UNIX desktop includes bochs, which is much slower than qemu. While Wine (Windows Emulator) is popular with the Linux crowd, a rather dated version is available for OpenBSD at this time. In the non-free category, there also exists VMware, a linux binary that must run as root and insert a kernel module to function. While it is faster than the others, I will submit that since I found qemu, I have stopped using VMware. Not seeing the code, not trusting binaries that require root priveledge and kernel modules, and its non-free nature leave me with little incentive to use it now that I have Qemu.

Finally, people like me like to support free software by utilizing, and when rarely encountered, reporting bugs and helping fix them if possible. After all, the entire free software movement exists precisely because many people around the world contribute just a little bit of time and talent into something that goes back to benefit the world wide community.

In any event, it is my hope that this article has at least suggested that there are free ways to avoid viruses, adware, spyware, and ultimately Microsoft, if one is first made aware of and then willing to consider alternatives that do exist and are being used by people all over the globe today!

Internet Tips: RSS, Blogs, and Aggregation

If you have never heard the term 'blog', 'RSS', or 'Aggregation', then article is for you. Welcome to the 21st Century, or as some are calling it, 'Web 2.0'.

According to Dictionary.com, the term 'blog' is an abbreviation of 'Web Log' which first appeared back in 1999.

Today, blogs are all over the place. So are RSS icons. As well, there are many versions of news aggregators. But what does this all mean?

To understand, let us turn back the pages of time to the beginning of what became the web pages we understand and are familiar with today. Someone at the University of Illinois at Urbana-Champaign decided that e-mail, file transfer, and news groups were not the only thing one could use the internet for. They created a subset of SGML known as HTML that we know today to be the Hypertext Transport Markup Language. Web pages, simply put, were static places to provide information that included graphics and formatted text.

Since that time, however, people have been making more and more sophisticated web pages. Some make billions of dollars (e.g. Google.com), others provide mapping engines, search engines, and many interactive user friendly venues to find and search for information. At some point, people decided to start creating short diaries on their web pages. Updated randomly from weekly to daily to monthly, and some even hourly, short diaries on web pages were interesting little tidbits of peoples lives they cared to share with others. As it turns out, they were referred to as Web Logs, and shortened to the term used today, 'blogs'.

At the same time, news sites were offering news articles on the Internet. It became cumbersome to visit 15 news sites for the latest articles, headlines, blog entries, etc.

To make things easier, a summary of the article title and first few sentences was made available at each site. This is referred to as the RDF Site Summary, or 'RSS'. The RSS feed at each site, however, is not consumed by a human. A program is utilized to 'aggregate' these feeds into an interface that a human then glances at to find the headlines from news sites or blog entries of the day, from whatever sites the person normally visits. So, with one application, one can visit any number of news sites, but simply do so by glancing at the headlines, all `aggregated' into one interface.

There are a number of applications that attempt to filter this information overload that you can imagine happens when you find site after site you wish to 'follow' and add to your 'feed aggregator'. Recently, Google announced its own Reader, but they are not alone in providing web pages that aggregate other sites. Before them, there was C|Net's NewsBurst which suggests that you 'read differently' using their web interface. A program I use daily is a KDE application called Akregator. I noticed Mozilla Thunderbird permits 'News & Blogs' as a folder type, and you can subscribe to RSS feeds and read the articles like a mailbox. It wasn't the interface I like, but it may be to your liking.

With so much news out there, RSS feed readers will continue to evolve. I myself an looking forward to the day that I can subscribe to a feed, but enable filters to filter out specific types of articles.

If you are curious about the concept of creating your own blog, there are several free sites out there, just search for them.

Philosophy: Change Management

Whenever someone says 'That is a really good idea!' it is usually true.

Whenever the above response happens time and time again over the same idea, it might just be an idea I consider sharing here in the philosophy section of this newsletter.

This months topic is about change management. Change is always a part of our lives. Everything changes, nothing stays the same. Even the huge pyramids in Egypt are not in the same shape they were in when they were first built. Since change is guaranteed, it makes sense to at least try to manage it in a way that least negatively impacts our lives, whether at work or elsewhere.

Since I am a computer professional, the 'good idea' I would like to relate in this article is about the timing of change. Change is inevitable, yes, but when possible, scheduling change intelligently saves a lot of headache later.

Consider the following. You are in charge of a computer system that permits you and many others to receive and send email. This is known as a mail server. You need to update the software on it. When is the best time?

The best time may vary from place to place, and from admin to admin. But in general, I have found that it makes the most sense to avoid doing major changes late in a Thursday or on a Friday. It makes the most sense to avoid planning on doing major changes on a Monday. It also makes sense not to make major changes before you, the person responsible for a system, goes away on vacation. The reasoning for this is that, if you make changes on Tuesday mornings, you will have the rest of the week to work out any un-intended glitches that might happen as a result of your change. Trust me, you can plan till you are blue in the face, and test till you are tired of testing, but the bottom line is, a production system is a unique environment difficult to duplicate exactly in a test lab, and there may be ways users use the system you did not even realize. Monday is not a good time, because typically there is the mad rush of Monday catching up from the weekend. It has been my experience anything I plan to do on a Monday ends up not getting done, due to other competing priorities and tasks not done over the weekend. It has also been my personal experience that the instant you require your home network, update your home server, do some major changes to anything, and go on vacation, something will happen that makes that computer system unavailable for the duration of your absence. It could have been a simple thing like editing a startup script and making a typo to installing a new kernel and not testing it, but it did get tested when that power outage hit, and oops, it did not work.

So, a word to the wise. Manage as many as your major (and minor) changes as possible on Tuesday or even Wednesday mornings, not on Thursday, Friday, or Monday .. so you have the best chance of troubleshooting the change on the clock, rather than being called away from that dinner date Friday night, or the tantalizing steaming hot wonderful meal prepared by you or your significant other. Trust me, been there, done that. ;-)