Brady's Blog

I’ve evaluated many pieces of technology now. Tons. And I think there’s some consistent trends to the stuff that I like. And the ones I don’t like, as much. Here’s some, and why:

#1A) Good: HTTP. Fantastic standard. Simple, powerful, extensible (headers!). I think that the World Wide Web is as good as we know it because of HTTP (not HTML, which I think is neither good nor bad. It just ‘is’.)

#1B) Bad: WebDAV. Turns this good fantastic standard into a confusing mess. I *love* the idea of PROPFIND. It’s a really great idea. But not, I think, in this standard. Why couldn’t there just be a nice simple way of getting directory listings, along with locking, and maybe some very very very simple concepts of file ownership? Instead there’s all this crazy crap, and no thing for ‘and here’s how you can extend it!’ The end result – we still use every other available protocol (FTP, SMB, AFP, et al) for file transport. How lame. I had to *SNIFF* the wire to figure out all of the hidden pieces in the various reference specifications and client specifications. What a mess.

#2A) ‘Good’ is not really the word I will use for this, but ‘adequate’ is: POP3. Yes, it’s annoying, but you can build a POP3 client or server pretty easily, and the entire Internet ran on that architecture for a very long time. Now being augmented heavily by, and perhaps supplanted by, IMAP4, but I’ve written POP clients and IMAP clients and even if you do a subset – POP is just so much easier. If they had extended POP3 instead, they could’ve made a better IMAP…

#2B) Bad: IMAPv4. It’s for many (me too!) a necessary evil – but there’s so much latitude in the implementation, it’s ridiculous. “You can use any separator character you’d like! Dots? Sure! Slashes? Why not!” That just costs more code. Why not just say that it’s way X not Y and if you don’t like it, screw off. And UIDValidity – christ! If you’re writing an IMAP client, you think, ‘Hey, I almost got it! Almost done!’ and then you realize you don’t cover UIDValidity changes. FUCK. Why not just insist it never happen? And leave the implementation to the servers? Same reason as before – it says in the standard, “Some email servers may not have any storage to store UID values…” When my friend Bryan and I read that, we both at the same time said, in mock sympathy, “Awwwwwwwwwwww!” Were I writing that spec, I’d say, Fuck ’em! Figure something out! MD5 the headers or something, I don’t care, but the UID _DOESN’T_ change.

#3A) Good: DNS. Impressively powerful standard for turning names into addresses. Completely decentralized. When extended, it can be used as an IP database, in some places (DNS RBL’s, etc). All this so that you can say ‘www.yahoo.com’ and get a nice answer.

#3B) Bad: DNS. Multiple ugly flaws in the specification. I’m with DJB on this one. Why specify the whole secondary protocol? There were plenty of them at the time, it’s unnecessary. Why require 2 DNS servers for a 2nd level domain? That’s unnecessary specification. And why not force referrals down to the client, instead of making them be performed on the server? E.g. the Recursion mode – bad idea. CNAME’s – totally unnecessary, should be at the Server’s discression. The second-to-last one feels like hindsight to me, but I think the other objections are valid.

#4A) Good: Nothing. Well, maybe, /etc/passwd. It doesn’t do anything, but it never breaks. And when it does break, you can vi it (for me, I ‘joe’ it) or pico it and fix it. So nice. And for 99.9% of the world, definitely enough.

#4B) Bad: LDAP – Here’s another one where you can just do whatever the hell you want. Actually authenticating People is almost secondary to this massive behemoth (sp?). It again allows you to do just about anything. You can define a person with 4 assistants, each of whom has 2 subassistants, and that you have 4 postal addresses. But what attributes are required in order to actually authenticate people? Who cares! How do you attach to the Directory? Eh, you decide! But if you want to define a PenisSize attribute, yes, you can have that. How useful. This is sadly one of the times where MS can just sit down and define their own implementation and swing the standard their way, and it actually helps.

#5A) Good: IPv4, TCP/IP, UDP/IP, etc. Again, there’s a reason why the internet runs on it. IP is a dirt simple and ugly way of chucking packets from hither to yon, and TCP is a very elegant way to put some nicer controls on top of that so you can get your packets in an orderly fashion. Multiple routing protocols allows for nice evolution, survival of the fittest and all (note – no routing protocol specified in the standard!), and we have neat evolutionary extensions such as NAT (or PAT in Cisco parlance).

#5B) Bad: IPv6. The entire whole wide huge internet is built on IPv4, but we need a whole new protocol for the next generation. No migrations for us! Sigh. And how many bytes is an address now? That’s ridiculous. 40 bytes of header it looks like? I don’t like that. A TCP frame is probably 2 Megabytes once you’ve put it on this monstrousity. Feh.

#6) Good: SMTP. It has its faults, but SMTP is simple and clean and makes a lot of sense. You could easily do something better, having 20/20 hindsight, but it’s very good considering how old it is.

#7) Good: XML. Verbose, yes, misused often, yes, no binary support, yes, BUT, it’s a great way of representing arbitrarily complex data. Great for interchange – and that’s what it’s designed for. Tons of people use it for wrong things, and that’s stupid. But for being used for what it’s actually for, it fits the bill nicely. I even like extensions like Namespaces and such (though I have a few nits to pick with that one).

#8A) Good: REST. One URI, one resource. GET it, PUT it, DELETE it. POST to it if you need to.

#8B) Bad: SOAP. One URI, everything goes through that, look at the data to figure out what’s going on, represent all kinds of crazy crap in the data, way too much definition of what’s going on in there. Yuck.

#9) Adequate: Apache. It’s a decent webserver, performs pretty well, can do just about anything, but it’s big and bulky. But anything that’s faster is rarely worth the effort. So I give Apache an ‘adequate’.

#10) Good: PHP. As a language purist, PHP will make you want to vomit. But what I like about it is that it’s so blue-collar, working class, get-it-done language. Yes, there’s no namespace support, and no naming scheme, but you can get a hell of a lot done in a few lines of code, and if you’re not psycho, you’ll be able to read that code later on. And it runs fast. Security has been a historical concern for it, but they keep getting better and better with that – but let’s be honest, there have been several worms using PHP vulnerabilities. Yuck. But some of that might be the Popularity issue – it’s so popular, so write worms for it…

There are more – but they’re not interesting. Ethernet is good. Wifi is adequate (the WEP/WPA/whatever crap makes it not Good). Windows and Linux and Mac OS X are either adequate or inadequate depending on who you have administering them. There’s no more of ’em I can think of.

There, a sufficiently punditey-looking post. Enjoy.

My friend Bryan particularly enjoys the fact that my hair tends to disobey all those who try to thwart it.

Behold, it’s awesome power!

And I’m not sure if I should say ‘Thanks!’ or ‘Fuck you, buddy!’ to Bryan – but I’ll stick with ‘Thanks’ for now, because it’s very, very funny. If we can find the picture nicknamed, ‘The Führer’, it will all be worth it.

Edit NB – ‘The Führer’ is actually called “Uhm” – Bryan was concerned that giving it such a name might cause controversy or something. Fair enough.

So a friend of mine (I would link to him, but his home page seems to just say ‘You shouldn’t be here,’ so I guess you shouldn’t) lent me (semi-permanent loan, really) an old Sharp Zaurus.

Having been a Palm guy for a while, I knew it was not going to be anywhere near as pleasant to use as a Palm. And, for the most part, it isn’t.

However, it’s really a great piece of hardware, and I enjoy it a lot. It’s a little teeny Linux box. I went and started customizing crap, and I have tried out several different ROMs and all kinds of stuff. Memo to anyone using one of these things: Openzaurus Opie – Hentges ROM – is very very nice. That on a 128MB SD Card is actually very pleasant. And the device is ridiculously easy to re-flash. Reinstalling things on my Treo took FOREVER – this thing is flashed and up 5 or 6 times before I would’ve flashed my Treo even once.

I’m still trying to get it all tweaked and configured and everything the way I want it (mind you, this is a daunting task – I’ve had this thing for weeks now and am still trying to get it the way I want it.) Once I do I will probably make sure to take a snapshot of the disk image. I think I found a bug in Hentges’ AltBoot boot loader thingee – if so I guess I should toss the guy a patch.

So I managed to get Ruby on there – so I can continue to mess around with that – and I’ve installed thttpd – which has CGI support – which is really all I need. I don’t need mod_ruby or any such weirdeosity for development purposes.

The big ugly scary thing that I want to try to get on there is Sleepycat’s XMLDB. It’s a thing that lets you just jam XML into a database and index it up and search it and find it and stuff. Which is interesting for some stuff I’ve been thinking about. Although I still feel like the Flying Dutchman – forever doomed to recreate the same piece of software over and over again.

My desire to find a Fun Project to occupy me shall occupy, perhaps, another Blog posting later on…

I’m working on this anemic laptop running WinXP, and I decided to start shutting down services I don’t think I need. I can’t go and set them to be disabled, because I’m not the only one who uses this, but I did stop as many as I could. I could stop more, if I could disable stuff and reboot.

This is what I got it down to. Less than a screen of services (barely) at 800×600. I write it here partially because I’m proud, and partially because if I have to reboot I want a reference to look at to see what I can shut down.

framebuffer support on my linux workstation
turn off VGA console! Why not!
Let’s do GRUB for bootloader
Firefox with GTK libs
so that means GTK, GDK, Gobject, pango, glib, and apparently some gcc libs (I guess for linking?).

and apparently quite a few others – here’s the output of objdump -p :

./browser/app/firefox-bin: file format elf32-i386

Program Header:
PHDR off 0x00000034 vaddr 0x08048034 paddr 0x08048034 align 2**2
filesz 0x000000e0 memsz 0x000000e0 flags r-x
INTERP off 0x00000114 vaddr 0x08048114 paddr 0x08048114 align 2**0
filesz 0x00000013 memsz 0x00000013 flags r--
LOAD off 0x00000000 vaddr 0x08048000 paddr 0x08048000 align 2**12
filesz 0x00010b80 memsz 0x00010b80 flags r-x
LOAD off 0x00010b80 vaddr 0x08059b80 paddr 0x08059b80 align 2**12
filesz 0x00000bf0 memsz 0x0000108c flags rw-
DYNAMIC off 0x000112fc vaddr 0x0805a2fc paddr 0x0805a2fc align 2**2
filesz 0x00000170 memsz 0x00000170 flags rw-
NOTE off 0x00000128 vaddr 0x08048128 paddr 0x08048128 align 2**2
filesz 0x00000020 memsz 0x00000020 flags r--
STACK off 0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2**2
filesz 0x00000000 memsz 0x00000000 flags rw-

Dynamic Section:
NEEDED libmozjs.so
NEEDED libxpcom.so
NEEDED libxpcom_core.so
NEEDED libplds4.so
NEEDED libplc4.so
NEEDED libnspr4.so
NEEDED libpthread.so.0
NEEDED libdl.so.2
NEEDED libgtk-x11-2.0.so.0
NEEDED libgdk-x11-2.0.so.0
NEEDED libatk-1.0.so.0
NEEDED libgdk_pixbuf-2.0.so.0
NEEDED libpangoxft-1.0.so.0
NEEDED libpangox-1.0.so.0
NEEDED libpango-1.0.so.0
NEEDED libgobject-2.0.so.0
NEEDED libgmodule-2.0.so.0
NEEDED libglib-2.0.so.0
NEEDED libm.so.6
NEEDED libstdc++.so.5
NEEDED libgcc_s.so.1
NEEDED libc.so.6
INIT 0x804b168
FINI 0x8057394
HASH 0x8048148
STRTAB 0x80493dc
SYMTAB 0x804877c
STRSZ 0x15a6
SYMENT 0x10
DEBUG 0x0
PLTGOT 0x805a484
PLTRELSZ 0x3a0
PLTREL 0x11
JMPREL 0x804adc8
REL 0x804abb0
RELSZ 0x218
RELENT 0x8
VERNEED 0x804ab10
VERNEEDNUM 0x3
VERSYM 0x804a982

Version References:
required from libstdc++.so.5:
0x081a2972 0x00 06 GLIBCPP_3.2
0x056bafd2 0x00 04 CXXABI_1.2
required from libpthread.so.0:
0x0d696910 0x00 03 GLIBC_2.0
required from libc.so.6:
0x0d696913 0x00 08 GLIBC_2.3
0x0d696911 0x00 07 GLIBC_2.1
0x09691f73 0x00 05 GLIBC_2.1.3
0x0d696910 0x00 02 GLIBC_2.0

Add to listbash, libc, sh, curl (?)

So I was thinking about how the whole doodad might work. And like I was saying – or I think I was – you’d have all the binaries and libs and everything owned by good ole Mr. Root. And I like the idea of getting rid of /sbin/init and replacing it with a shell script that maybe does like a webDAV mount of something from a central server, then launches firefox from in the middle of that. I like webDAV because of the webbiniess, but maybe it will have to be SMB or NFS or something. Anyways, you could do this with a small sh script. (Read in username, password, mount with said, if succesful, launch firefox?)

Eventually you could have something where it downloaded a sh script (if it’s available) and executes it, after doing a openssl signature check. (You wouldn’t want to download an sh script and then just run it, someone could do something nasty with DNS spoofing and make you do something terrible. Multiply by thousands of machines and…yuck).

In terms of making a teeny tiny eensy weensy leeenoox, I have looked into Linux From Scratch, and it sounds like that might be a direction I might go – or I could just burn a Knoppix CD and just use that as my ‘host’ system.

So I’ve been forced to use a PC for the past couple of days. After the initial shock, I’m getting used to it.

One surprising find – it’s snappier than all of the Macs I use. I use a 600-and-change MHz Powerbook, a 6 or 7 hundred MHz iMac, and a 1GHz mini, each with 640, 512, or so RAM. And all those machines are getting smoked by my shitty P4 2.0GHz with 256MB RAM, running Win2K Pro.

The pretty OS X eye candy costs.

So 99 times out of a hundred, all I’m doing on any computer is browsing the web. Which got me to thinking. What if I could just run a web browser, and nothing else, on a computer? Would that be ‘good’? Maybe having more resources available to dedicate to the browser might make it faster, too. So I imagined a little Linux distro, which runs no XWindows server, and, hell, make /sbin/init just be a symlink to firefox, and run against the framebuffer. No XWindows server taking up any space. You could probably get rid of a ton of libs too. I would literally have nothing on this thing. Maybe a shell, but only for the purposes of scripting updates. I would even make it so that the logged-in User doesn’t even have access to the filesystem. That’s not what it’s for. It’s just cache for the web.

So I thought I’d mess around with my little idea. First I need to make a copy of Firefox that talks to the frame buffer. Jeez, easier said than done. BTW. Firefox is a bloated pig.

This is what I had to do thus far:

#1) manually edit configure to comment-out all MOZ_ENABLE_XREMOTE (apparently the mozila-xremote app uses nothing but X routines to pass data between applications. And we’re likely going to be the only application running.

#2) ./configure –without-x –enable-application=browser –disable-tests

I won’t even get into all of the various missing libraries that I had to install – GTK, Glib, some other boring ones. I barely noticed – I just let good ole’ RedHat up2date manage the dependencies for me.

The ‘make’ is still running, what seems like 2 hours later. So I may have to edit that list of things to do.

to be continued…

So my Treo 650 has been crashing often for the past couple of weeks. Resetting, really. At first, I thought it was ChatterEmail, a (pretty cool) mail package for the Treo which does push-style mail notification without sucking down your batteries (too badly). However, I deleted it, and I still get the same problem. According to my research, that means that I probably have corrupted the filesystem on it. Probably from crashing when I was using the unstable version of Chatter, but who knows.

It got me to thinking, though of the sad and sorry state of PalmOS. Here it is, 2005, nearing 2006, and they still cannot get a new OS out the door which has ‘modern’ features. They tried with Cobalt, then they tried with the Be kernel, and now they’re trying with Palm-on-Linux. We’ll have to see.

But it got me to thinking – there are simulators for Cobalt – is it really that bad? I can theoretically test how well it works, right? So I decided to. I downloaded the Cobalt (now v6.1) simulator, and started fiddling.

Just about every application I threw at it had some kind of problem. The built-in software was great – the PIM apps and all worked fine. And the OS never crashed on me, I don’t think. But just about every app I tried to run blew up. With a few exceptions, like BrainForest (surprising, considering how old that is). Each other one would throw a ‘unsupported resolution’ error, ‘illegal instruction’, or other crap.

So now we know why it is that we don’t see Cobalt devices in the wild. Maybe they work fine, but the existing base of apps won’t work on it.

It makes you think – of course, hindsight being 20/20 – that the mistake was made in October of 2002, when they released the first ARM Palm – the Tungsten T. They released that with Palm OS 5, which was just a whole bunch of compatibility/emulation libraries. Thus ensuring that all _new_ applications would also be built the exact same way the old ones were. No new API. Just the same old thing.

And, we should note here, that it worked pretty much Fine. I don’t remember lots of complaints about the Tungsten and its compatibility problems – I don’t doubt it may have had some – but I didn’t hear lots of complaints. So what Palm _should_ have done – again, with infinite resources and time and so on, and hindsight being 20/20 – is they should’ve kept what they made as the ‘compatibility’ layer, and introduced a whole new set of API’s for multitasking. Regular standard-issue memory-protected OS there, with some deal that maybe runs the classic Palm apps in Privileged mode, or something – or do some kind of trap-based emulation – but something, something to let all the old stuff run, and have a new API out there for new development. This method used within Cobalt obviously will just not hack it.

Had this have happened in October of 2002, I have a feeling Palm would be on top of the world right now. And I would be happy. And not trying to figure out how to press the up, power, and HotSync buttons at the same time as pushing the reset pin on the back of my Treo. Which is apparently how you do a zero-out reset. Which sucks.

Had I been there – I would’ve said – hey, we got this here new OS we’re thinking about doing, but we’re making a bet about what percentage of OS calls people use or don’t use – why don’t we test that? And I would spend 4 months or 6 months developing tools to run across software and see what API calls they make, or make an intern just download every .prc file he can find and throw it on my palm simulator with trapping and accounting, and then just analyze what you come up with. You do that, and you’d see, there are too many times that the programmers do Naughty Things. So instead of trying to release what they have – which is a neat integrated API that doesn’t quite work, they could do what would seem pretty neat – develop a whole new API ‘inspired by’ or ‘influenced by’ the old one, put that on a multitasking kernel, and run the rest through a full fledged emulator (emulating hardware, perhaps, as well). Then they’d be set.

This is why I like being a CTO – this is the type of decision that is completely technical, and can basically make or break a company. Though Palm has some tricks up their sleeve, still. But if I’m thinking about getting a Windows Mobile Treo (and I am), why shouldn’t I look at the nice shiny new PPC-6700 or whatever the hell it’s called (ooh, lookie that, I memorized the model number – scary)?

I’ll have to play with one and see. Since I’m going to have to throw out and replace my applications anyways, Palm Treo or SomeOthercompany Thingee doesn’t matter to me – the process will stay the same.

Subway stories, vol 7000 –
So today I’m running ridiculously late for work – the dog escaped this morning and was biting my head and running around and chewing squeeky toys. So eventually, I got up and put her back, and went back to sleep. The end result is I’m 40 minutes late today. Hopefully I will not be killed.

Dunkin’ Donuts was quick, though – cruised through, and my total was 22 cents more than usual. So I ignored it and continued onward.

I took my seat next to an older lady – 50’s ish, who was reading a bible. Seconds after I bit into my muffin, she asked, “Did your grandmother ever tell you that breakfast is the most important meal of the day? You should try to eat a bowl of cereal or some oatmeal…a glass of orange juice…” I mentioned, “Well, it is a bran muffin….” and she continues to list foods that were better for me. Until she was cut off by her own uncontrollable coughing. I offered her one of my D’nD napkins, which she politely declined. Then she left me alone for a while. BTW – she referred to me as ‘young’ – so I’m liking this chick already.

A few stops later, she says, “but a bran muffin is better than nothing….” and we get into a nice conversation – I explained I used to eat strawberry frosted donuts, which we both agreed were bad. The weird thing is she keeps injecting bible stuff mid conversation – methusala was one, she hit a couple more Lord references. And for some reason she pegged me as Jewish. So I’m Jewish and young. “You know what chaim means?” Of course I do, I’m Jewish. But I’ll let you tell me (Life, apparently). As the biblical reference quotient increased, I started to get a little uncomfortable, and my smile started to wear. But then at Roosevelt Avenue, she got off. She left me with a religious booklet – I think perhaps even targetting Jews, in a Jews-for-Jesus fashion.

Anyways, I liked her because she called me young. Memo to those trying to get me to join in your church – flatter me. Baal worshippers, I’m talking to you.

Chaim!

So tonight, I’m coming back from my Thursday Night Video Games, and I unfortunately have to sit next to these guys in suits, one of whom takes up two seats – one of my pet peeves. That doesn’t seem like a suit thing to do, so I look at them. Fashionable facial hair, those plug style earings – and the cases that one of them are carrying are cylindrical. And wide – drums. They’re a rock band. Must be in suits for some promotional thing – dunno.

So here I am, slightly jealous of these (maybe?) succesful rock guys taking up too many seats. A homeless guy gives his schpiel. Where is his accent from? Midwest? Carribean? It’s subtle. One of the suit guys – one who’s standing – starts fishing in his pocket – out of towners? The homeless guy homes in on his mark. He does the quiet, one-on-one version of his schpiel. The standing rock star in his suit tries to get out of his way, then eventually realizes he’s been targetted and says he can’t spare anything. The train stops, the suit rock star goes down for a second, and the homeless guy starts SCREAMING “Aaaaaaaaaeeeeeeoooooooooowwwwwwwwww…” oh shit! The other folk in the car look shaken. Did our rockstar fall on the homeless man?

No. The homeless guy is just screaming to punish the car, and the rockstars, for not paying. He’s actually saying “Ooooooh you’re too something to something something Ooooooooh….something…” The fellow car-occupants crack a few smiles.

Very funny.