Midnight's Journal

I'm trying to get the mports tree back in line as it used to be.  I just indexed a magus run.  It will be the first since January 24th.  Several fetch errors and dependancies have been fixed since the last run.  It will be interesting.  This does not use the new "jail" index setup that the January run went on.  I haven't had time to set that back up on the new server yet.  A few failures may be the result of that, particluarly with perl related ports.  We'll see.

According to this BBC article, U2 brought in the most money last year. I can't speak for others, but the Chicago concert rocked.

I've noticed a new pattern among game developers.  Software has always been licensed, but now we're only buying unkown length licenses to these products.  With a game like World of Warcraft, I know I'm subscribing month to month, but I don't know if they will keep running the server indefinetely.  Eventually the game will die.  WIth a MMORPG, this is acceptible and inevitable.  However, other games like the new Assassin's Creed 2 require a constant Internet connection to play.  They actually download part of the game engine on each load.  If they decide to turn off the servers or go out of business, you lose access to the game forever.  This is the same problem that happened on the Xbox.  I bought an Xbox to play games online.  Soon, EA started turning off sports titles servers.  They want you to buy the new title each year.  That means I'm paying $50 a year to keep playing and the game experience changes each year.  Perhaps with an NBA game, I want to play the Pistons in 2004 instead of 2010.  I realize it costs some money to run servers, but this is rediculous.  Either they build in the cost to run the game servers for several years into the game or they warn people that the servers are only guranteed up for a year. 

I'm in favor of explicit minimums on the boxes (by date).  I want to know if the game comes out March 2010 that it will work until at least March 2011.  I also want to know in February 2011 that I have a month to play possibly.  It dramatically changes how much I'm willing to pay for a title.  If it's so important, they can add a sticker if they extend the time frame to the box.  This is only reasonable.  With other subscription models, I know how long I have.  SInce I'm obviously paying for server time now, I should know how long it lasts. 

I often buy games on Steam.  I know that if Valve decides to pull the plug, I could lose all those games.  It's a risk I've chosen to take.  WIth some games, I don't know how long i have now and in a retail box from a store like best buy, I expect to play the game for several years.  I still play age of empires 2.  I love it.  The game doesn't even run on 64bit windows, but I still play!  I even run 32bit windows just to play.  What if I like a game?  Will I be cut off forever? 

Yesterday, I updated over 70 ports.  mports/audio ports have all been updated if needed and several in multimedia.  I also updated browser3 to 3.0.18 this weekend. 

Our status on gnome2 is that many of the core systems including gstreamer related ports are now working, but we have some issues with gnome-desktop preventing a gnome2-lite build from working.

kde3-base is blocked on a depends against mDNSresponder and avahi.  I'm trying to figure out what's pulling in avahi.  These ports do effectively the same thing and they conflict with each other.

I started wriing this entry with a real world experience I had today.  Instead, I think I'm just take some constructive points from the situation.

1. When making a big picture roadmap with many IT projects, understand what each part is trying to accomplish.  You don't need the how for the first draft, but you do need the why.
2. Don't create three level deep diagrams of one component in the system that interoperates with other peices not even discussed yet. 
3. It's ok to talk about when you need a project complete, but don't start makin details timelines or final deadlines until the requirements are known.  You can't plan how long something will take when you don't even know what it is you're planning.  If you have a hard deadline, start with absolute necessities first.  Good software can always be enhanced.
4. Don't assume everyone is against your idea.
5. When you're asking someone to spend a great deal of money on a project, take the time to write down why you need it..  It really is the least you can do.
6. User stories are one way to obtain an initial list of requirements, but they do not replace a techical oriented view before one starts work.
7. When writing user stories, you must capture ALL of them or it is useless.  One user case left out could dramatically change the requirements for a project.  Programmers do write themselves into corners.
8. Reading one book will not make you a good project manager.  Reading this list won't either.
9. Don't trust any one website for information on software.  They can be wrong.  Some IT websites suggest products because vendors paid them or gave them an insentive. Others just have a bias.  For example, I might suggest  BSD because I prefer it to Linux.  That doesn't mean Linux isn't useful in many environments.
10. Programmers need to sleep sometimes.

I just read a blog for CIOs about planning IT projects.  In this blog, it suggested that CIOs or a "core" team plan deadlines for large projects.  As a software engineer who essentially is the project manager in my office, I found this article disturbing.  The reasoning behind the aritcle makes sense from a CIO's perspective given several other requirements.

The company must have one goal in mind with the project.  Personel cannot be "stolen" for other projects.  There cannot be fire drills every day.  Most importantly, the CIO needs to understand how long it will take to create a project.  A reasonable time frame must be defined.  My experiences have shown that management has no idea how long projects take.  That poor, young project manager might not have a good idea how to do estimates yet, but (s)he does know how large a project is. 

In some companies, this approach would work well.  It will not work in all companies. The approach is getting used more frequently in my company.  The net result is dropping everything and putting everyone on a task.  It does get that one task done as quickly as possible, but the quality of the project suffers.  Further, it puts every other project behind schedule.  Sometimes project managers are right.  Things happen during development.  Odd bugs pop up. New requirements are brought in during development. 

While I'm on the subject, it's also important to have clear goals for a project at the beginning.  This approach reminds me of the waterfall method.  WIthout a very clear, well thought out specification, large software projects will always fail or at least be delivered well after the due date regardless of who sets the timeline.  You get some leway with agile methods, but you still need to know what you're trying to make.

I agree with one point.  It's important to have clear goals defined for your IT staff.  Tell them what you need this year.  Give them time to implement long term solutions.  It will save you time and money.

I better stop here. 

HTML Cleaner 

JTidy

TagSoup

JTidy cannot create valid XHTML strict pages.  A combination of HTML cleaner and JTidy cannot make valid XHTML strict pages for some input.  double br tags, some attributes like height, and duplicate id attributes cause problems.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0232 

http://www.microsoft.com/technet/security/advisory/979682.mspx

Microsoft has issued a fix.  This was for the previously mentioned NT 3.1 through Windows 7 vulnerability I talked about in my blog. 

The FTP server is back online.  45GB of data copied.  I've also posted the new snapshot for i386 tonight.  

Mirmon is now getting updated again with FTP history.  Most sites haven't tried to sync for a week.  Of course there was nothing to sync.   I'm going to verify that rsync is working properly tomorrow.  

A few CGI scripts and portions of the site including viewvc and the wiki are still down.  cvsupd is also not operational due to problems on amd64.  (i switched architectures in the move)  Once the port is fixed, I'll get it back online.  Patches are welcome to speed up the process :)

The news script should be rotating again on midnightbsd.org. 

I'm pleased to announce a new i386 snapshot for MidnightBSD.  This is the first snap in some time and a big improvement over our previous snapshot.  It does not contain mports, but is a fully functioning installer.  I've tested it on VMWare Fusion with great success.  

This version includes this weekends work on ata(4), re(4), and rl(4).  

I'm going to upload it as soon as the FTP is in place. 

The MidnightBSD FTP server has been down since the server migration.  I'm working on getting it back into place.  It's over 32GB in size currently.   

About ten years ago, dnssec was invented to deal with a problem plaguing the Internet.  There is no trust in the DNS system.  

Background

Many people might have heard the term DNS, but never thought about what it is.  DNS, or the Domain Name System, is the process by which a domain name like midnightbsd.org is translated into an IP address 70.91.226.201.  Without this system, one would need to type in IP addresses to access websites, send email, or chat online. 

The system was invented at a simpler time when people trusted each other on the Internet.  This was before worms, massive spam, or websites.  

Today, many people try to impersonate others on the Internet or worse yet, their websites.  You could create a DNS poisoning attack so that a user accessing a DNS server to lookup google.com is redirected to a fake site.  This site could log information and pass requests to the real google.com through a proxy.  The user may never know the difference.  

Systems like DNSSEC validate DNS queries by a trust relationship.

Using DNSSEC

Individuals don't need to do much to use DNSSEC aside from purchasing updated software.  Windows 7 had DNSSEC on it's list of new features (not confirmed it was added in final builds).  The client (your computer) must be able to understand DNSSEC queries for it to be of any use.  Otherwise, it is simply ignored.  

System administrators must enable DNSSEC on their DNS servers (resolvers) as well as on zones to get the full benefit.  You can think of a zone as a domain name.  Things can be further divided into sub zones such as .com vs midnightbsd.org.  

Enabling DNSSEC on BIND 9.4+ resolvers

In options: 

        dnssec-enable yes;

        dnssec-validation yes;

        dnssec-lookaside "." trust-anchor "DLV.ISC.ORG";

Microsoft is patching a 17 year old bug in Windows that affects WOW (not the game) in current versions of Windows that allows it to run old programs.  The BBC is reporting it's a bug carried over from NT 3.1. 

I wonder what other goodies are hiding in our copies of Windows.

I've made several changes to the Apache 2.2 port.  mod_proxy_connect should now work properly and scgi has been added to the list.  I've also added support for BDB 4.x