MSE Might Be On To Something

MSE Everquest2.exe Prompt

You know… It could be right.  Everquest 2 requires administrative privileges if you are using the old-style client, opens multiple network connections, slams the CPU for hours and tries to sell me stuff constantly.

Best antivirus software evah.  *Clicks Send*

Quicktime Fail And You

I keep telling myself one of these days Apple will get the whole “Windows” thing right…

While trying to figure out why (yet again) the Quicktime plugin silently fails within Firefox I decide to do an uninstall and reinstall.  During the uninstall this lovely thing pops up…

So... ok?

Quicktime continues its decade long streak of being mental violence in software form.

Red Hat Enterprise Linux Security

NFS v4 is broken on ALL systems running Red Hat Enterprise 5.4.  The Bugzilla entry is Bug 524520.

If you are lucky you’ll be using some Java app that will throw a fit immediately about not having permission to create files.  If you are not lucky you won’t notice until you see that file permissions are all randomized on the backing host file system.  Who wants random SUID files?  I do!  I do! Red Hat knows this is a security issue.  The bug report says it is “Important”.  All it takes is a single “yum update” and if you are using NFS v4, congrats, you win!

Red Hat won’t release a fix for this until November.

Guys?  Hello?  NFS v4 shouldn’t be broken for three months!  It isn’t a “preview” it is a production feature.  The fact you are setting file permissions to uninitialized values at all SHOULD BE FIXED YESTERDAY.

Grrrr…..  How many bugs like this are being hidden inside Bugzilla?

Update on Red Hat Network Failure

A kind soul over at Red Hat sent me an email to let me know they were aware of the issue covered in my recent RHN rant. The issue is being worked on and the individual also pointed me to the following note sent to the RHEL 5 mailing list:

After digging into this a bit more it looks like the “”Error: failed to retrieve repodata/primary.xml.gz from rhel-x86_64-server-5″ error is part of an issue on RHN. This will also be addressed by the fix going out next week.

Thanks to the individual who emailed me and thanks to Red Hat for working on this.

Red Hat Network = Failure

This blog is pretty much becoming a rant blog because of all the failure I see at work.

The failure of today and several times a month for the past few months: Red Hat Network.

[root@xxxx ~]# yum update
Loading "downloadonly" plugin
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-x86_64-server-5      100% |=========================| 1.4 kB    00:00
primary.xml.gz            100% |=========================|  137 B    00:00
Skipping security plugin, no data
Setting up Update Process
Skipping security plugin, no data
Skipping security plugin, no data
No Packages marked for Update

No data, eh? Run it a few more times and it eventually decides there are packages to update and does the following:

Transaction Summary
=============================================================================
Install      2 Package(s)
Update      85 Package(s)
Remove       2 Package(s)         

Total download size: 169 M
Is this ok [y/N]: y
Downloading Packages:

Error Downloading Packages:
  cups-libs - 1:1.2.4-11.18.el5_2.3.i386: failed to retrieve getPackage/cups-libs-1.2.4-11.18.el5_2.3.i386.rpm from rhel-x86_64-server-5
error was [Errno 14] HTTP Error 404: Not Found

Why do I have to see this crap a couple times a month? Red Hat with all its income can’t run the equivalent of a mirror site? Or do they just not give a crap about customers not big enough to have a local satellite server? CentOS is easier to maintain and deploy at this point.

I thought I’d be smart this time and try to pre-download everything a couple days ahead of time. Too bad you can’t even use that when RHN returns empty data sets to yum. The “rhnplugin” for yum should be renamed “failwhale” because Twitter gives better service uptime these days than RHN’s download servers.

Now excuse me while I scounge around other servers yum cache directory for the glibc and kernel updates…

Viacom Fails At The Internet

As part of Viacom and Time Warner Cable’s current spat over licensing fees Viacom has resorted to putting a pop-up message on it’s websites targeted towards Time Warner customers.

Unfortunately they somehow include the college network that I help run as if we were Time Warner residential customers. The IP allocation is under our name, the DNS reverse resolves for IP addresses contain our name, we have our own ASN with redundant BGP paths over fiber. And yet because we use Time Warner’s Commercial division as an upstream we are somehow on a list of netblocks that are Time Warner residential customers. This is retarded. I can’t see any possible reason for us to be on that list other than Viacom is blindly looking up BGP paths and punishing anyone whose path travels through Time Warner.

I spammed a few email addresses on Viacom’s side to ask them to remove us in case they decide to escalate this little spat and outright block TWC customers from viewing videos on their website. But considering any useful contacts are usually hidden at such companies I doubt I’ll ever get a response.

In the meanwhile I’m glad most of our students are not here as these message would create a lot of confusion.

The Republican Base Speaks

Behold, the Republican base appearing for an official McCain/Palin rally:

The above hate has been purposely encouraged through the direct acts of John McCain and his campaign over the last few weeks. Audio of an official McCain robocall continuing their strategy of inciting such hate can be found here. The robo call tries to draw a link between Obama and Ayers. A link that is utter bullshit. Using the same metric one could argue Ronald Reagan was linked to the same terrorist.

We have been in an election season where one side has provoked his base into such a lather that racist shouts and death threats against the opposition are now common place in his rallys. In essence the Republican party is now focused on provoking hatred as a way to rally their base and appeal to moderates. Thankfully the moderates have not yet been reacting positively to this bullshit.

The Beat And Zen Of Indie Games

A few days ago I stumbled across a great little game from an Indie company on Steam called Audiosurf. The best I can describe Audiosurf is that it combines the action of a Sci-fi racing game with Tetris and Guitar Hero. The $9.99 game requires you to supply the music. You pick the game type, tell it which MP3 to use and it will generate a game track based on the characteristics of that music.

An example of one game type with the game and music sped up a bit can be seen here on Youtube:

Audiosurf – Tank! (Live)

I have some European heavy metal that is insanely difficult on the medium and high settings. A great way to kill 20 minutes of time once in a while.

On the other end of the spectrum is a game still under development called “fl0wer”. From some of the people behind the flash game “fl0w” the game fl0wer is more of a meditation tool than what many would recognize as a game.

Here is a great video that shows off the basics:

An HD version of this video and other videos can be found on the GameTrailers website under fl0wer.

In my opinion fl0wer is something that could really only be enjoyable with a HDTV and modern sound system. The fact the game is coming out for the PS3 is not a coincidence.

Alarming Report On Office Politics

The most accurate and trustworthy American news agency reports on an alarming trend in office politics:

Study Finds Young People Remain Apathetic About Office Politics

Comcast’s Possible IPv6 Deployment Plan

A follow up to the post named “The Future of IPv4“:

In the Network World article “Comcast pitches IPv6 strategy to standards body” the Cable ISP discusses their current plans on how to migrate their customers to IPv6.

The summary of what happens once Comcast runs out of IPv4 address to give to its customers:

Customers get a new cable modem or router device that does real routed IPv6. You get a real IPv6 address or range of IPv6 addresses and your home network is a directly connected fully functional member of the IPv6 world.

Newer customers won’t get their own IPv4 address anymore. Existing customers would retain their ability to get an IPv4 address for a while but nothing is guaranteed. The modem or home router will hand out private addresses to your home computers and devices. Any attempt to contact the outside IPv4 world will be blindly tunneled over IPv6 to a NAT router that Comcast runs in one of their data centers. Multiple customers will share the same IPv4 address and NAT will be used for all IPv4 connections. This will hurt or possibly prevent many forms of P2P over IPv4. Assuming they didn’t firewall off all incoming IPv6 connections these P2P tools would work normally over IPv6.

At a quick glance it doesn’t seem like an unworkable plan. Of course being NATed by your ISP and not by a router you control will just plain suck. I’d strongly suspect any “NAT” solution they implement on their servers will have to do some inspection of connections (similar to Linux’s conntrack modules) and do a bit more than straight NAT to work around common application problems. Unfortunately if the ISP can’t get any new IP allocations at a reasonable cost and is truly out of IPv4 address then the customer is crap out of luck. The question is exactly under which conditions the transition would start and what restrictions they would place on the IPv6 end of things. And I hope they will read their RFCs and hand out the RFC recommended number of IPv6 IPs to every customer. That is half the point of IPv6 after all.

Update: Comcast’s approach seems to be covered in the IETF document Dual-stack lite broadband deployments post IPv4 exhaustion. On the topic of NAT and IPv4 application compatibility the document says:

Most applications that today work transparently through an IPv4 home
gateway NAT should keep working the same way. However, it is not
expected that applications that requires specific port assignment or
port mapping from the NAT box will keep working. Details and
recommendations for application behavior are outside the scope of
this document and should be discussed in the behave working group.

Translation: We chose not to care.