To those who follow this blog for details about Sam, this post isn’t for you.

So, today at work, a co-worker sends an email saying that ‘ps’ is segfaulting whenever it’s run.  This is usually a very bad sign (since it frequently means that you’ve been hacked, and a rootkit has been installed).  So I start digging around.

Top runs just fine.  Shows everything that’s running.  I check the md5sum of the ps binary against another machine (presumed to be good), and notice that it’s different… oh boy… that’s a really bad sign.  Oh, and the rpm database is corrupted beyond repair.

So I start checking the md5sums of lots of other binaries in /bin, /sbin, /usr/bin and /usr/sbin, etc.  And LOTS of binaries have different… so many that it takes me quite a while to find one that ISN’T different… even /bin/true is different, I mean /bin/true???

So, I find three freshly installed boxes, and do the md5sum trick against all their binaries, and I find that of the 4200ish binaries out there, 27ooish of them have different md5sums from the same binary on a different host… but the RPM database swears up and down that the checksums are right.

Turns out that RedHat in their infinate wisdom has turned on the prelinker.  This shoves each library into a randomized place in the virtual memory, and modifies the binaries in place so that they know where these libraries are.  This is done for two reasons: 1) since the binary has a cashed clue as to where the libary lives in virtual memory, it’s much faster to load it. 2) This also is a nice layer of defence against buffer overflows… they’re somewhat harder to exploit if the bits of memory you want to overflow into are randomized.

Somehow, in ways that I don’t understand as yet, the prelinker also informs the RPM database of the changed checksum and ‘rpm -V’ doesn’t complain about them, but tripwire would (if you’re using tripwire).

The prelinker is actually an interesting idea, but the problem is that it violates a key assumption most sysadmin’s will have about the OS, which is ‘take a system binary (say ‘/usr/bin/find’ for example) and compare the md5sum of it between two machines of identical patch level, and we’d assume the md5sum would be equal for them’.  This assumption lies at the heart of how tripwire works.  It also would force you to have seperate tripwire read-only media per host you have installed.  Oh, and you need to update that read-only memory every 14 days by default, because prelink changes the randomized locations every 14 days (and therefore re-writes the binaries).

GAH.

But on the plus side, all three Unix admins learned something new today, which doesn’t happen very often.

This affects RedHat AS 4 and 5 and ES 4 and 5 (And CentOS and Oracle Unbreakable Linux).

Here’s the Survey. It’ll take you around 15 minutes to fill out.

I’m greatly in favor of a radical improvement of Marta. In it’s current implementation, it’s woefully limited in scope. Instead of a ‘northern arc’, outer perimeter, we should drive Marta clear up to Alpharetta from North Springs, as well as driving Marta up I75 and I85 at least to Cherokee and the two Malls in Gwinnett. Then we should make a ‘northern arc’ Marta line to connect these. That’s just the beginning of what should be done. More lines inside the city would help. Driving it out to Douglasville and Conyers would be amazing as well. So much could be accomplished with more efforts like the North Springs station.

Basically, a light rail system around town would be fantastic, and would be a boon to commuters, businesses, and everything in between. Atlanta is the largest city I can think of that has such a pathetic subway. It’s time for it to start growing up.

Starting a new online forum from an existing mailing list is not easy. You have to convince some number of people (10? 20?) to stop simply receiving content, and to actively go out to $WEBSITE and get the content that way.

And people are lazy.

So, when the forum went 2-3 months without anyone but me (the admin) and spammers logging in, I just removed permissions to the directory, and went about my business.

And about a 8-12 months after that, there’s now a discussion on the mailing list which needs a forum (because most people don’t care about your Illuminati theories… kthxbai) I get to go resurrect upgrade and clean up the forum.

If I knew the formula to make all this work, I could make big money in a social networking company.

The American Car industry can’t die soon enough for my tastes.

Ok, that’s a little harsh, but they need to wake up to a few realities out there.

The car manufacturers from other countries are DOMINATING you in every way. Even the mainstay of the US industry (trucks and SUV’s) will be taken away. Truck quality from Toyota and Honda (and to a lesser extent Nissan) has met or exceeded the quality of Ford and Chevy. Almost everyone I know who likes trucks is lusting after a Honda Ridgeline. The Toyota Tundra is an amazing truck as well. And SUV’s? That market is being eaten by the run up in gas prices, and increasing quality from non-US makers. It will take some time for this to manifest itself, but I believe that the truck industry will increasingly move towards the Asian makers, and the Titan, Ridgeline and Tundra are just the first wave.

This whole rant was kicked off by me getting in a wreck just before Labor day. Some kid from Emory rear ended me in Lenox Mall parking lot. He drives a nice, 2007 Honda Civic. His front bumper shattered. I drive a nice Infiniti I-35. I’ve got a nice dent in my bumper. After some time of organizing the insurance companies, etc, I drop my car off, and get picked up by Enterprise to get my rental car.

A Chevy Malibu. THIS is what they (Chevy) think people want?

I guess I should back this off a little bit, and say that the car drives somewhat well. The steering wheel is VERY loose though.

But the focus of this rant is on the interior. I’m somewhat intelligent. I’ve been figuring out my way around user interfaces for a very long time. But this interior center console is a maze of buttons with short hand labels (srce for source for example). Every thing about this car is a UI designer’s nightmare.

There is nothing ‘fun’ about this car. Little that is ’sporty’. Everything is set up in such a way to just be a LITTLE annoying.

Even in bad interfaces you can usually find something thats ‘nice’. Something that makes you say ‘that’s well done.’ Nothing.

On the off chance someone reads this, here’s a couple of things to fix the issues:

1) Redo EVERYTHING about the center console. First, plan on getting rid of 2/3rds of the buttons. Make some buttons context aware, so that they can be re-used for several tasks.

2) I’m not asking for auto everything, but make some more things adjustable… seat hight, steering wheel hight… these are simple things that are ALREADY SOLVED. Just implement them.

3) Ditch the ‘car computer’ concept. Hey Chevy? Toyota 1985 called. They want their LCD pixel display back. Listen, this concept died back in the 80’s for a reason. Without a simple interface, NO ONE WILL USE IT. You’re just wasting your money designing it, and customers money selling it.

4) And for the love… PUT A STANDARD AUDIO INPUT in the stereo! This simple thing will SELL YOU CARS. To the young, hip people car manufacturers WANT talking about your cars. Don’t bother with in-dash mp3 players. They’re cumbersome and complicated. Just give a sane input that ALL mp3 players can use. That’s a headphone jack. It’s not hard.

Gah.

Chris Hubbs had a blog post with several interesting quotes from Thomas Sowell. Many of these dealt with politics, how politics are discussed, issue clouding, and what not.

This struck a cord with me, especially “A good catchphrase can obscure analysis for 50 years.”. I’m reminded of the Fathers of the Church (who I’m reading a fair bit of), and how they had to deal with contentious issues. Discussions took YEARS. Some of the discussions between Sts. Jerome and Augustine took years because it took at least 6 months for their letters to reach each other, and that’s only if someone was leaving on that journey that month. More often they heard about each others responses as each of their ‘letters’ were published in one city, and taken to another, and copied/published there… until it had covered North Africa, and all of Palestine. Then the other would respond, and the response would take the same tortured trip back.

I think modern discussions are a lot like that, especially with blogs, discussion groups, etc. The only differences are 1) the speed of communication 2) We don’t have a luminary like St. Augustine to respond in a gentle, thoughtful way (St. Jerome could barely compose a gentle reply if his life depended on it… he’d fit right in).

This speed of communication seems to mean only that we can all reach errors very quickly. We can’t seem to find truth, in this insane search for the sound bite.

We as a people don’t seem to have the patience for true analysis. We don’t have the time to think. Heck, as I’m writing this, I’m avoiding working on an important wedding issue.

The demand for an instant opinion will leave us as a society ever more paralyzed in inactivity.

I just remembered a quote from The Pilgrims Regress by CS Lewis:
John: “What would happen if you would die if you didn’t know the answer?”
Reason: “Then you’d die.”

Reason goes on to praise the gift of not knowing an answer, and of allowing yourself to exist in not knowing. It’s very freeing to do so (we go on to learn that Reason has two younger sisters: Philosophy, and Theology… great book).

So I loved these quotes, I loved the sentiment behind them, and I hope and pray for more reflection on the issues facing us as a society. more…

Today wasn’t much fun.  We finally got the (omitted) process codified enough, and trained the entire team on it.

Call from $BOSS… at 3:35 PM.  “We need you and $COWORKER in this meeting.”  The meeting is 5 minutes in, and we’re talking about the (omitted) process.  It’s already implemented, so we’re talking about it… no worries.  Then $BOSSES_BOSS  starts suggesting LOTS of changes.  Changing the fundemental assumption around which the (omitted) process is built.

Grrrr…. So there’s an off site meeting of the managers (over a beer) tonight to sort out this mess, and we’ll be informed… of their decision… about technical architecture… tomorrow.

JOY!

Is it bad that I’m basically unwilling to read the news these days?

Looking out at our future, there are two HUGE problems that are tightly linked:

1) The coming Energy Crisis

2) The Middle East as a whole.

I read The Oil Factor and it brought to light several challenges we’re going to face. The real problem is that every form of energy has its drawbacks. And barring any unforeseen technological breakthrough, we’re going to have a REAL problem on our hands. My personal nightmare is that the so called ‘tipping point’ for oil will trigger the first salvo of World War 3.

The tipping point is when the ammount of oil on the planet is half gone. Since our use of the oil is expanding, we have a problem. And since the ‘barrel per day’ output of a given oil field follows a bell curve, the sum of all oil field production the world over will also resemble a bell curve. Once that tipping point is reached, less and less oil will be coming out of the ground per day. The key questions are ‘Who gets what portion of the oil?’ and ‘Who determines who gets what portion?’

These are very scary questions. China currently has the largest army on earth. China is also doubling it’s oil consumption each year. China also is a LOT closer to some major oil fields, both politically, and geographically than we in the US are. Europe also has a large need for oil, as does any other developing country.

Do we in America just blithely assume that we’ll be the only world power forever? We’ve been the only ‘real’ world power for barely 15-20 years. We’ve been A world power for less than 100. Europe has some claim to being world powers for longer, but in real terms, they don’t wield a very big stick any more.

The other world power that is in ascendancy right now is China.

That’s not earthshattering news to anyone who’s been paying attention. Their economy has been growing by leaps and bounds, their military is disciplined and huge. It only lacks the technological subtelty that ours has. They have nukes. What do they lack? Well, historically the Chinese have felt that anyone not Chinese is a barbarian, so they lack something of the western assumption that humans are worth something (which itself is an outgrowth of the last 100 years for the west).

I’m not quite sure how this turned into a post on China, but oh well. They’ll be a huge player in how the two problems up top play out.

The second problem is the middle east as a whole. 4 generations ago, most of the middle east was mostly nomadic in existence. There were a few cities, but not much else. Oh, there was one thing: Oil companies had started drilling in the area. It’s an unfortunate reality that our first ambassadors to new countries have almost invariably been companies… From the East India Tea Company, to British Petroleum, these companies deeply influence how peoples feel about people in the ‘west’.

From around 700 AD until, oh, 1300 AD (give or take), while the west was reeling from the fall of the Roman Empire, and the dark ages, the Arab civilization were FAR more advanced than its western counterparts. One of these days, I need to dig into what caused these fantastically rich, famously intelligent, and powerfully wise civilization to disappear into the mist of history.

So, the arab peoples have a history of ruling with power. The notion of a golden age lives for a very long time in the hearts and minds of people… look at the Greek… some of them STILL have a chip on their shoulder from a civilization that disappeared 2300 years ago.

So the arab people have gone through a time of darkness and weakness. And now they feel (somewhat rightly) that the west is taking all the profit out of their soil.

And some of them are bitter.

And don’t get me started on the Israeli problem. That’s an historical knot that’s so messy it’s not even funny.

And they’re sitting on the reserves of energy for the next 20 years… and then it’ll be gone.

What will happen to them now that they have money? What will they do when that magical source of cash dries up?

I don’t know.

But these are some questions that will define our generation. And answering them we must, but I can’t bear to watch the news because this kind of thinking can’t be found there. The news doesn’t think about solutions… as soon as a solution appears, it’s the last thing they cover, for a new crisis which is ‘more interesting’ will have appeared somewhere else.

gah.

I got blinded by a $200 rebate on a palm treo 700w.  So I bought it.

It’s 2 rebates: one’s a ‘loyalty rebate’ that I have to turn in ‘no less than 180 days after purchase’ for $50.  The other only qualifies if I get a data plan to go with the treo (which also can only be turned in 180 days after purchase).

Evil evil verizon.