2009-11-29 11:28:00
This is the second time I've followed a manga recommendation by Japanator: I'm quite taken by Yotsuba&! (which translates as "Yotsuba and ...").
I'd almost say this manga's required reading for any parent of a young child. It's not only hilarious, but it also prepares you for what ever the heck your five your old kid can get up to :D Kind of like Calvin and Hobbes, but less mischievous.
The sense of humor can be as random as Azumanga Daioh's, which is by the same author. Kaijuu has also described the girl Yotsuba as Osaka stuck in Chio-chan's body.
kilala.nl tags: manga,
View or add comments (curr. 0)
2009-11-29 10:39:00
The title being in deference to the classic VG Cats comic.
Got woken up tonight at 0230. *BEEPBEEP**BEEPBEEP* For some reason the baby monitor indicated it'd lost connection with Dana's base station. Odd. A quick glance around the room showed that our alarm clock was dead as well. Hmmm. Power failure? Glancing outside I saw many houses with their lights up (at 0230 ORLY?!) so it was just us.
A quick check around the house showed no fires or other obvious troubles. Checking the breaker box I gathered that all three main living quarters'd tripped, along with the combo-breaker (Hur hur) for those sections. Oddly enough I could pop back all four without any protest and the house came to life again. There was no indication that anything was -really- wrong. To be on the safe side I pulled all the plugs around the house anyway.
Not half an hour later, just after falling asleep, I got waken by the telltale *BEEPBEEP* again. And again the aforementioned four breakers had tripped. Weird! I didn't see anything weird outside the house either, so it wasn't someone messing about with the outlets in our back yard. I tried to stay awake for half an hour to see if things would pop again. Nope.
Until an hour later and I'd fallen asleep again. WTF?! So, I popped back three out of four again, leaving the biggest turned off. After that I was allowed to sleep until eight. Double-plus oddity: this morning I reset the last group and it's been perfect for three hours now.
I've no clue what's going on. I know which section of the house the problem would be in, but none of the rooms in that section had anything left plugged in. I'd hate to imagine that the problem's with wiring or the installed lights. Or worse: the garden shed and outlets.
kilala.nl tags: house,
View or add comments (curr. 5)
2009-11-26 21:38:00
Last night we took Dana to the local healthcare board for her government sponsored-recommended flu inoculation. I was pretty impressed by how the show was run and things went very smoothly. We were in and in under ten minutes.
Dana was quite the trooper! She went in happy, cried a little after getting jabbed but was feeling perfectly alright in under a minute. No side effects so far, so we're all happy ^_^
kilala.nl tags: baby,
View or add comments (curr. 3)
2009-11-26 21:25:00
The day started just fine. I came in at seven and worked on tickets and projects and waded through a bunch of mail. Then around ten-ish some of my colleagues started to get antsy: user accounts were getting blocked and even their keycards'd stopped working. Then came the phone call from a secretary: about a dozen of us needed to have a chat with boss's boss to clear up some contracting stuff. Glee. That was half a day wasted :/
kilala.nl tags: work,
View or add comments (curr. 0)
2009-11-23 11:49:00
It'll be just me and Dana at home tonight as Marli will be performing her duty as a Twimom in going to see New moon. I'm very glad she gets to share her love for the books and movies with her best friend who, as luck would have it, is coming down from Germany to the Netherlands today.
EDIT:
Obviously I meant "Twimom" in the most straight-forward sense: a mom who's also a Twilight fan. I find the current entry in Urban Dictionary to be somewhat... lacking...
kilala.nl tags: life,
View or add comments (curr. 0)
2009-11-21 20:59:00
We're very very lucky with Dana: she's an extremely easy kid. Sometimes I'm afraid she's using up all her sweetness in a hurry, so she can get an early start on being an uber-bitchy teenager later on.
Today we left for Friesland early to visit Dana's grandparents and to see the local reception of Sinterklaas. Dana put on her brave face and did not mind meeting Zwarte Piet at all ^_^
The reason why I say she's such an easy kid is because after a long and tiring morning she only slept about 45 minutes while driving home. Instead of going directly home we visited the Batavia Stad outlet village first and again she behaved like an angel: patient, quiet, sometimes laughing. Then the whopper: upon returning home Marli went to bed (completely nackered) and I gave Dana her four o'clock snack. After that I'd imagined her to get noisy and tired, but instead she played quietly and I actually managed to catch an hour's snooze on the couch! o_O
Wow :)
kilala.nl tags: baby,
View or add comments (curr. 1)
2009-11-20 19:39:00
Today it was exactly five years ago that Marlijne gave up her cigarettes.
Early that morning, before going to work, I removed all ashtrays, put away all lighters and hid her last packet of cigarettes (inside my old Linux PC). The night before she'd asked me to do all of this, so the 19th of November 2004 was the time she'd smoked a cig.
She quit cold turkey and never looked back. Within a year her senses of taste and smell had improved a hundredfold. These days she hates the scent of smoking and our house is completely smoke free. Obviously this is also good for Dana.
Personally I'm the one tiny exception in the house: I haven't gotten rid of my pipe yet and I've actually dug it up recently. The next time I'm raking the yard I intend to smoke one bowl, after which it'll probably go back into storage again. I am adamant that I'm not making it into a habit... One pipe a year should be alright :)
View or add comments (curr. 3)
2009-11-19 16:25:00
Today, just by accident, I happened to stumble upon the 1994 classic The Unix haters handbook (PDF). At the time the book gathered criticism and outright vitriol from orphaned TOPS, ITS and Vax folks who'd been forced to switch to the much hated Unix platform. It makes for a great read in many senses:
1. It's funny.
2. It's a great history lesson.
3. Some (if not many) of the points raised are still valid today.
With regards to #3: I've lived through many of the frustrating situations described by contributors, but I have to admit that I'd completely forgotten about them. Thus the book is also a good reminder to experienced Unix admins about what their junior / rookie counterparts still have to live through today.
Some quotes that I liked:
“Two of the most famous products of Berkeley are LSD and Unix. I don’t think that is a coincidence.”
===========
Then there's the story of the poor student who happened to have a file called "-r" in his home directory. As he wanted to remove all his non directory files (I presume) he typed:
% rm *
... And yes, it does remove everything except the beloved "-r" file... Luckily our backup system was fairly good.
Some Unix victims turn this filename-as-switch bug into a 'feature' by keeping a file named "-i" in their directories. Type "rm *" and the shell will expand this to "rm -i filenamelist" which will, presumably, ask for confirmation before deleting each file. Not a bad solution, that, as long as you don't mind putting a file named "-i" in every directory. Perhaps we should modify the mkdir command so that the "-i" file gets created automatically. Then we could modify the ls command not to show it.
==========
Playing with Unix error messages:
$ "How would you rate Dan Quayle's incompetence?
Unmatched ".
$ If I had a ( for every $ the Congress spent, what would I have?
Too many ('s.
$ sleep with me
bad character
$ man: why did you get a divorce?
man:: Too many arguments.
$ ^What is saccharine?
Bad substitute.
kilala.nl tags: reading,
View or add comments (curr. 2)
2009-11-18 07:45:00
Speaking of over thinking things...
Recently I've been working on my script for the mass changing of root passwords, right? After working on it for a few days I've found three four five ways of changing a (root) user's password.
1. passwd $HOST:root
2. modbks -l $HOST:root -p "$ENCPASSWD"
3. boksauth -c FUNC=change_psw ... NEWPSW="$PASSWD"
4. boksauth -c FUNC=write TAB=1 ... +PSW="$ENCPASSWD"
5. restbase -s 1 ... $UPDATEFILE
Options 1 and 3 both use the plain text password string, where option 1 is obviously not useful for mass password changes because it's an interactive command. On the other hand options 2 and 4 both use the encrypted password string, thus creating the need for an encryption routine like Perl's "print crypt" method.
Options 3 and 4 are kludges because you're using the "boksauth" command to send calls directly to the servc process as if you were a piece of BoKS client software.
Option 5 is just too nasty to consider. Using the "restbase" command you can restore or overwrite parts of the BoKS database from plain text files in the BoKS dump ("dumpbase") format. This means that you could technically speaking make an update file containing an edited entry for the user in question, containing the new encrypted password string in the PSW field.
In my script I originally used option 2, but was dissatisfied with it because it did not update the PSWLASTCHANGE field in table 1. This in turn was screwing up our SOx audits, because all of our root passwords were listed as being over a year old which obviously wasn't true. This is why I switched to using "boksauth" and option 3.
And that's where the over thinking comes into the story. I don't know why both I and the guys from FoxT didn't think of this, but let's check the "modbks" man-page:
-L days = Set password last change date back days days.
Hooray for reading comprehension! /o/
This means that by simply adding "-L 0" to my modbks command I could've reset the PSWLASTCHANGE field to today. And it works for both BoKS 6.0 and BoKS 6.5. How did I miss this? I think I just need to sit down and read all BoKS man-pages because who knows what else I can come up with? :)
kilala.nl tags: boks, sysadmin,
View or add comments (curr. 1)
2009-11-18 07:19:00
Sometimes I think too far out of the box :)
I have always been up front about what I think about FoxT's BoKS security software: it's good stuff, but sometimes it's a bit kludgy. Today I learned that I shouldn't let this cloud my judgment too much because sometimes BoKS -does- do things elegantly ^_^;
A colleague of mine asked me the following question: Is it possible to force a user to change his password on the next login, -without- using the web interface?.
Seems straightforward enough, right? However, in my clouded mindset I completely over thought the whole matter and started digging in the database. Table 1 of the BoKS database should contain the relevant information, but which field could it be? Two fields seem to stand out, but neither is related.
BoKS > dumpbase -t1 | grep ru13rs
RLOGNAME="SECURITY:thomas" UID="1000" GID="1000" PROFILE="SecuritySupport" REALNAME="Thomas Sluyter" HOMEDIR="thomas" USERLASTCHANGE="1224244960" FLAGS="16384" PSW="39ajnasdlfkj4" PSWLASTCHANGE="1256545622" NO_PWDF="0" SERIAL="" PSWKEY="6436" LASTTTY="servera:pts/17" LASTLOGIN="1258524725" LASTLOGOUT="1258465492" RETRY="0" RESERVED1="125196" RESERVED2="" LOGINVALIDTIME="0" PSWVALIDTIME="0" CHPSWTIME="0" PSWMINLEN="0" PSWFORCE="0" PSWHISTLEN="0" CHPSWFREQ="0" TIMEOUT="0" TTIMEOUT="0" TDAYS="0" TSTART="0" TEND="0" RETRYMAX="0" CONCUR_LOGINS="0" SHELL="/bin/ksh" PARAMETERMASK="16384" PSDPSW="" PSDPSWLASTCHANGE="0" PSDPSWRETRIES="0" PSDBLOCKED="0" PSDBLOCKEDTIME="0" FEK="" GEKVER="" MD5DN="" LASTDTLOGIN="0" SETTINGVER=""
I've no clue what the NO_PWDF field does, but at least it does NOT stand for "no password force" :) Also, the field PSWFORCE does indeed have something to do with the enforcing of passwords, but not with the forced changing thereof. Instead it defines which guidelines and rules a new password must adhere to (see page 262 of the BoKS 6.5 admin guide). In the end our friendly FoxT support engineer informed me that the value I was looking for is a hex code that's part of the FLAGS field.
However, that's not why I over thought things.
In his email the engineer also showed how he derived the appropriate hex value from the FLAGS field, which led to:
BoKS > man passwd
boksadm -S passwd [-f|-F] [-x debug level] [user]
-f This option forces the user to enter a new password on the next login. Valid for superuser only.
Duh!
EDIT:
Obviously you can also use modbks -l $USER -L $DAYS to set the PSWLASTCHANGE field for the user back X amount of days past the PSWVALIDTIME. However, this isn't very practical since the PSWVALIDTIME field differs per user :)
You'd also be messing with information that could be important to a SOx audit, so you'd better not do it this way ;)
kilala.nl tags: boks, sysadmin,
View or add comments (curr. 0)
2009-11-10 20:21:00
I have always loved movies like Whispers of the heart, My neighbor Totoro and Only yesterday. Yes they are all Ghibli movies, but they also have something else in common, something which I've only now learnt the word for: mono no aware ("sadness for the transience of things"). Each of these movies gives me a feeling of warmth and happiness, mixed with a feeling of sadness. Each story shows you beautiful moments in life, but also makes it very clear that they have already passed and will never return.
And now, thanks to a recent article at Japanator I'm reading a manga that is the quintessential example of mono no aware: Yokohama Kaidashi Kikou (Wikipedia). The series spans 140 chapters and was published uninterrupted over almost twelve years. It has never been translated into any other language, though it has a strong fan base outside Japan. To quote Wikipedia:
Yokohama Kaidashi Kikou is set in a peaceful, post-cataclysmic world where mankind is in decline after an environmental disaster. Exactly what happened is never explained [...]. The reduced human population has reverted to a simpler life, and the reader is told this is the twilight of the human age. Instead of raging against their fate, humans are quietly accepting.
Like the aforementioned movies a lot happens in each story, while at the same time almost nothing happens at all. In my favorite chapter up to now (chapter 12) the main character Alpha has just received a photo camera which is limited to 300 shots. She sets out for the day to make memories, to capture beloved scenery in photographs. However, she grows more and more hesitant due to the limited capacity of the camera as well as a feeling that everything is very beautiful but nothing feels "just right". In the end the only photograph she takes was taken very carelessly as practice, but it was one of her happiest feelings for the day.
As I mentioned YKK was never translated into english, so the only way for me to read it is through scanlations. However, the next time I'm in Japan I will definitely try to get my hands on a full set of the books, just to have the original beautiful artwork.
View or add comments (curr. 3)
2009-11-10 10:18:00
I don't know why I never included this in my previous blog post about Haruo Suekichi's "steampunk" watches. As I mentioned before, the shop in Yoyogi Uehara that I visited in 2007 has closed, but there's still two shops selling his watches left. The addresses are:
1) Shimokitazawa Tabatha. 2-13-13 Kitazawa, Setagaya-ku, Tokyo.
2) Seiyo Hyakkaten. 2-25-8 Kitazawa, Setagaya-ku, Tokyo.
I'll add the addresses written in Japanese tonight. For some reason this PC doesn't handle kanji etc.
kilala.nl tags: haruo suekichi, japan,
View or add comments (curr. 1)
2009-11-08 21:32:00
Yes, yes, yes! Ooooh yes! ^_^
I just discovered that a month ago part 2 of Alps Hiroba was released. /o/ You may remember that I discovered part 1 in 2008 and that Kaijuu brought me the book back in February. As a refresher, the book's about a train-geek girl who's joined the JR planning department to work with her big love: trains. Fan-cult-ism, strange situations and comedy ensue :)
And now there's part 2! I will either get it from Amazon.co.jp immediately, or I'll make puppy-dog eyes at Kaijuu again ^_^;
Now, I'll keep on trying to read the author's weblog using Excite translations.
EDIT:
Haha, no way! They're actually ready to release a drama CD! O_O
View or add comments (curr. 0)
2009-11-06 20:35:00
Dad, where is grandpa right now?
kilala.nl tags: life,
View or add comments (curr. 2)
2009-11-05 20:16:00
Just like the last time I used this image I have some great news. Today we paid our last visit to the hospital in Utrecht for Dana's checkups. I say "last" because the doc announced that Dana's hips are now 100% OK. To my layman's eyes they even looked perfectly symmetrical.
He did mention that one of the ball joints is behind the other in terms of bone-growth, but that's something that'll get fixed automatically by nature itself. Wonderful!
kilala.nl tags: body, health, baby,
View or add comments (curr. 4)
2009-11-05 07:08:00
I am proud to announce that my employer, Unixerius, is FoxT's official partner for the Benelux, starting per November 2009. We will be FoxT's preferred partner for the delivery of:
* BoKS Access Control licenses
* Pre-sales consulting
* After-sales consulting
* Implementation projects
* Daily management of BoKS infrastructures
* Training
It took us a year of lobbying, from planting the initial thought in my boss's head to getting the final signature on paper. I'm very glad that we finally managed to get the title and am looking very much forward to working with FoxT on improving both their market in the Netherlands as well as the product itself.
kilala.nl tags: sysadmin, boks,
View or add comments (curr. 1)
2009-11-02 17:49:00
The next time I'm in Tokyo I should really keep my eyes open for Suica penguin merchandise. Agendas, key chains, stickers and such. I love penguins, I love the Tokyo subway so hence I -adore- merchandise with the Suica mascot on it. You may also remember the awesomely sweet Suica commercials I posted about in January.
Via Shibuya246.
kilala.nl tags: japan,
View or add comments (curr. 0)
2009-11-02 17:02:00
Seriously, this was waiting to happen: Teenager "hacks" jail broken iPhones. The security hole is glaringly obvious and has been proven and verified by some of my security-expert acquaintances. And now, obviously, it's out in the open. Personally I wonder how the heck it took so long for this to happen.
The hole: jail broken iPhones often run an SSH daemon, allowing their owners access to the phone's operating system. Most of these owners unfortunately never change the default root password, thus giving anyone 100% access to their phones. I really don't understand why nobody has ever pushed this issue before.
The steps are painfully easy.
1. Do a port scan on T-Mobile's 3G IP range, looking for SSH servers.
2. Try to login as root using the default alpine password.
3. Install your root kit / malware / hostage message.
4. Ask that people send you five euros for the free "fix".
5. PROFIT!
The fix in question is also plainly, fscking obvious: change your root password (asshole)! The "hacker" in question says it's safe to just remove two files he installed and to change your password, but personally I'd do a completely clean wipe. There's no telling if anyone's left anything else as a present.
Some links:
* The topic at GoT that started it all.
* The original hostage website
EDIT:
My pessimistic prediction for this week: the mainstream press will pick up on the story, misunderstand the issue and put the blame on Apple. Many geeks will try to diffuse the situation and explain that the fault lies with people who were mucking with things they don't understand, but their pleas will fall on deaf ears.
EDIT 2:
So I was wrong in one regard: this exploit -has- both been abused and reported before. How about December 2008 and July 2008? So, the only thing all of this really proves is that people in general don't listen and they don't learn.
kilala.nl tags: apple, sysadmin,
View or add comments (curr. 5)
2009-11-01 17:05:00
My sister will be giving a presentation at the Ruimteconferentie 2009 on sustainable cityscape development. Her employer's obviously proud of this, so they've decided to stick her up on their front page :)
She may not be fully aware of it but I really am impressed by her ambitions and her career drive. I love those few occasions on which I can help her out, just by listening and asking questions. Good luck sis! I wish I could attend your talk next tuesday.
kilala.nl tags: family,
View or add comments (curr. 2)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Thomas Sluyter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.
