Notices by Chris Siebenmann (cks@mastodon.social), page 4

It has been '0' days since I found yet another piece of code that assumed that if $PWD exists, its contents are accurate. This is rather false.

@rk The short version is: we used to be all-Solaris (90s, early 00s), started switching to Linux servers for user-facing things circa 2006 but kept Solaris and then OmniOS for (ZFS) fileservers, and eventually semi-regretfully switched from OmniOS to Ubuntu ZFS fileservers in 2018.

(The pre-90s history is even more confusing depending on which bits of the department you look at. And eg the graphics people had lots of SGI for a long time, as you'd expect.)

@rk localhost, 'idrac-<name>', 'last' (... from 'last message repeated N times', don't look at me), and random things from a security scanner poking the syslog port.

It has been '0' days since I (re)discovered that the claimed hostname in syslog messages can be utter junk, and you may be going to live a fun life if you use it for anything much.

Current status: new bike, finally. Which means setting up and putting things on the new bike. So much putting things on. This also involves surprises, like discovering that the actual seatpost is not long enough for my L&M Vis 180 to mount. I was saved for now by having years ago bought a spare Cygolite Hotshot rear seatpost mount, but I rather would like to get the Vis 180 back in service.

(The new bike is not quite complete, it needs a kickstand still, for reasons.)

@gnomon The Matlab company recently decided to change away from site licenses with a license server to a model where people had to individually authenticate even if you had some sort of site license. This was our sad expression about the change (which was helped by it being officially decided that Matlab was no longer our problem in general as fallout from this).

Those license servers were Fun™, especially since we wanted two for redundancy and the licensing stuff (mostly) did not.

My heretical opinion is that I would rather file a Github issue against your project than send you or your bug tracker email, because I do not trust you to safeguard my email against spammers, so I have to make up an entire new email address for you and carefully manage it. I don't trust Github either, but I have already done all of this email address handling for them.

(I also make up an email address for my Git commits. And yes, spammers have scraped it and spammed me.)

@mary We bought a 512GB, 112-CPU machine to be our main login server, for Reasons. Physically it is such an innocent little thin server ('1U'), you would never guess what's inside. It's not even maxed out on memory, I think you can get 2TB into one. And they feel surprisingly inexpensive for such a powerful machine (ie, we can afford them).

(I work in a Canadian university's computer science department.)

"Network switches are simple devices" oh I am so sorry. Hubs were simple devices. Switches are alarmingly smart devices even if they don't handle VLANs or support STP (and almost everyone wants them to support Spanning Tree Protocol, to stop loops). Your switch has onboard packet buffering, understands Ethernet addresses, often generates its own traffic and responds to network traffic (see STP), and is actually a (layer 2) high speed router with a fallback to being a hub.

Sometimes I wonder how long open source can survive and what will come after it. Open source critically relies on the absence of liability for open source programmers, which is under attack from multiple directions. It seems inevitable that increasing amounts of liability will start being imposed on people whether we like it or not, and then releasing software will get much more dangerous.

Presenting as an illustrated tale, Fedora 40 edition:

$ ssh fedora-40
f40$ /usr/bin/emacs-29.4

(emacs-29-4:1862108): Gtk-WARNING **: 15:46:15.379: cannot open display:
f40$

Emacs, you had one job. ('emacs-29.4 -nw' works but should not necessary, emacs should get this right on its own and certainly used to.)

@mhd Before devops attempted to change the status quo, computing spent decades where almost all of the people carrying pagers were "operations" and/or "system administrators" and were absolutely lower-status and lower-paid than programmers.

Cynical take: 'devops' failed because programmers and their management successfully ignored and pushed back against attempts to wake them up in the middle of the night with pages. Being paged in the middle of the night is for low status people, not high-status programmers.

(Maybe this was always predictable.)

@GeePawHill Relevant to multiple SSH keys (if you didn't already know): https://github.com/FiloSottile/whoami.filippo.io aka 'ssh whoami.filippo.io'. For you this may now report nothing.

@awb I can't think of a POSIX utility for this. I wouldn't be surprised if the omission was deliberate; is there anything in POSIX that requires there to be more than one user? (Who has some arbitrary but constant UID.)

That would be a perverse Unix, but the folklore I heard was that POSIX was deliberately designed so that non-Unixes could conform, for US government contracting reasons. (And I believe some non-Unixes once were POSIX certified.)

I expected to have a bike stolen sometime,but it would have been nice if it wasn’t through my own stupidity and absentmindness. Now I need a new commuter bike and a bunch of stuff with it.

I am swearing at myself a lot. I probably will be for some time.

(It is the small stuff I lost with it that pains me most. A bike GOS unit mount, nice cases for tools. bike light mounts for lights that I think are out of production…)

Canada: we are proudly metric.
Also Canada: coffee beans mostly come in bags that are 454 grams (1 pound), not say 500 grams.

@binford2k @GeePawHill My techblog uses a CGI that runs a giant Python program (with some efficiency hacks some of the time), on a shared VM that has a total of 4 GB of RAM and a not that modern CPU. It has repeatedly made the front page of that orange site and a few other places, and basically no one has noticed.

It isn't the machines that are slow, it's the software. (And my other rant is "you don't need static HTML to stand up to loads", although static HTML makes it much, much easier.)

Bicycle jargon has played us for absolute fools. "Don't forget to clip out of your clipless pedals or you'll fall over", this is a real thing cyclists say.

(Not me, I rock platform pedals and whatever footwear I want to use.)

In re comparing fire drills to phishing tests[1], if phishing tests were like fire drills, they would test the *response* to a successful phish. Was the person phished able to rapidly report and mitigate things? Do the organization's phish alarms work and reach people? Etc etc.

Current "phishing tests" are like testing people to see if they accidentally start fires if they're handed (dangerously) flammable materials. That's not a fire drill.

1: https://infosec.exchange/@sambowne/112513766095541271