Clearly, if a tool relies on fork()/exec() or System.Exec() an OS tool to determine data that affects licensing/control, spoofing that application to return predictable data is the easiest way to mislead the licensing subsystem.
This is the same as shimming a DLL or Shared-Object library.
My grasp of the obvious is so exceptional — and this method so easy — that I felt this was worth mentioning.
My company uses Exchange — and it’s not bad, considering that it brings in the SyncML (I think) technology that Gmail also has — if only it had the rest of what Gmail has, but I can understand if we’re not moving to avoid thrashing about.
The problem is that when I send mail, I wand to receive a copy, I don’t want a bcc:, but Entourage (the only Exchange client for a laptop that doesn’t die) only allows saving a copy in the “Sent Items” folder. I know, it’s simple enough to copy stuff around, but hey, I can get a cronjob to do that…
tigerIn my example, user “scott” has password “tiger”. Bonus points if know where that user/pass comes from 
imapsync \
--host1 exchange.example.com --port1 993 --authmech1 PLAIN \
--host2 exchange.example.com --port2 993 --authmech2 PLAIN \
--user1 scott --ssl1 --passfile1 /home/scott/imapsync-pw-exchange \
--user2 scott --ssl2 --passfile2 /home/scott/imapsync-pw-exchange \
--folder 'Sent Items' --regextrans2 's/Sent Items/INBOX/g' —
(or, better, crontab -e yourself a cron job that fires on 5-minute accuracy)
The trick here is that we’re using imapsync to connect to our own server twice, as two clients, to sync the “Sent Items” folder. Yes, those two sections of parameters are exactly the same (except for s/1/2/ — and use the same password file) on purpose. The “regextrans2″ tells it that we want to “translate” one folder to another (that may exist). Note that we’re deleting and expunging the moved files to avoid dupes.
Why can’t Microsoft’s updater realize that it’s the app it wants me to shut down?
Besides locking the MDS and slowing down a Mac, is there any real engineering put into this product by Microsoft?
Oh, and why is Microsoft affecting Safari? That seems fishy…
Bufferpool config is an often overlooked issue due to the rarity in which it nails you, but it can be important in those rare cases.
a Bufferpool is simply a resource limitation on a collection of RAM — typically this is a buffer, ie in-RAM space, it cannot be swapped-out because it represents in-flight transactions, uncommitted pages, or pre-fetched content that will be needed very soon.
a Commit is the RAM that is offered to a process — in glibc, this can default to 2G. This doesn’t say that every process automatically consumes 2G of RAM, but that the Kernel offers up to 2G to the process. Recall that due to sparse garbage in RAM pages, RAM offered to a process is NEVER reaped by the system back to the common pool.
A Commit can be dangerous when the OS over-commits RAM in a long-lived environment: if up to 100G is offered on a system with only 32G, you can see how if many threads grow their demand for RAM, the system will swap out some processes to meet demand. This is a typical action in a multiuser system with swap active (NOTE: Motorola tuned their commits on smartphones because on diskless systems, there’s obviously no swap)
In a long-lived database process, if the bufferpool is a commit, then it will soon grow to maximum commit. It can never be swapped out unless the database has bursty use-cases and has no active sessions for long periods. The bufferpools configured may be in addition to the heap space taken up by the process itself (in un-pooled resource space). The database itself may limit bufferpools, but consume a number of GB over the configured bufferpool space.
The other applications on the system also can demand up to their committed RAM — why limit one process while letting the others run amok on your server?
On long-lived systems, committed RAM becomes allocated and consumed RAM. Bufferpools need to be configured, and RAM usage monitored (or at least traps/exceptions raised when a critical DB starts swapping, an indication that review is critically needed)
Bufferpools and Commit/Demand discrepancies are silent but deadly killers, like the sharks and heart-disease of the resource-management domain.
If a problem happens once, it’s (un)lucky: things just happen, some things are very rare, and fixing them is not economically viable.
If it happens twice, it’s a bug, be it hardware, software, or meatware (users / processes).
Dishonourable mention for the bugs that rarely happen, but require a 5-alarm firedrill to diagnose, and makes a company look really, really bad 
If you consider it, even the Software Architect who never talks to customers until their environment is very stable, he’d have to agree: if something happens twice, even if I’m a genius and it never happens to me, it must be more possible than alignment of the planets, so should be considered. If users keep doing the same problem, maybe they have other habits than what I have, and maybe should be considered worthy of helping rather than ignoring.
If the glorified calculators on our desks are more capable of checking for that error, then why aren’t they? (That’s a key tenet behind the Smallfoot project: use the software to do what software’s good at).
I just saw a bug in a release of our product, I think it’s handled in some of the work on the later major revision, but I’m not sure. I don’t want to file until I know, as that wastes developer resources to tell me I’m an idiot (I’ve been an idiot many times, but developer resources are quite valuable in my books). I don’t want to forget to check, but damn, there’s a lot of stuff that happens in my workday, and my memory is fairly sketchy (poor-quality meatware).
Maybe it’ll happen a third time. Thrice is definitely a bug.
Put a VPN on your AppleTV to make it connect from an apparently-USA IP address to get full access to your Netflix subscription.
This is what I said as a solution to the problem of traveling in other countries, taking your new AppleTV with you (let’s not ask why you’d pack that over, say, a helmet, or a SCUBA reg), and accessing the full line of USA Netflix content. This is all with the intention of getting access to the USA content on Netflix (with a proper, USA paid subscription) while traveling.
So I said “put a VPN on your AppleTV, and connect through there to stream content”. This also requires that the system you’re streaming through has sufficient bandwidth to both send and receive a copy of the streamed packets. I would not recommend streaming from a residential gateway on the end of a cablemodem, for example, because of the asymmetric inbalance in upstream/downstream data rates and latencies.
So we’re mostly following the FireCore Newbie Procedure:
This is very much like streaming the UK BBC Player to watch soccer outside the UK — because when you travel, you want/need/must have access to your soccer. Yes, I’m talking about you, Cannoli.
I just did a RAM upgrade on a Macbook Pro i5; it was trivial: 10 small screws, the back plate came off, and everything replaceable is immediately accessible.
Now I need to install tools on this new box; what’s on your Mac?
As you can see, everything but the Microsoft stuff and the VMWare is free or comes with the Mac. No Antivirus, the OS is strong enough as it is. Backup is done by the OS.
We need a tag to map out advertisement content to improve search compatibility.
Either that, or ads should not be shown to User-Agent = search engine.
The problem is that the search text is tainting the accuracy of the search due to inaccurate actual content. For example, search for “Automator” and “GoToMeeting”, and you’ll find plenty of articles about Apple Automator, but the GoToMeeting content is just ads, it’s not in the usable meat of the page.
If the search engine was able to understand what parts of the page are the advertisements, and remove that from the search, it would improve accuracy of search results. This should also improve SEO for the page, since the affinity of the page to key terms can be more easily gleaned without the distraction of advert-related content that has less to do with the core of the article (for example, GoToMeeting is only barely related to LockerGnome talking about Automator)
So how do we go about doing that?
And how can we do this without reducing the effectiveness of the ads? (disclaimer: I do believe that advert-supported content enriches the web, even if I find it such a nuisance to have 60% of the screen taken up by blinking moving unrelated content)
So I burned through three of the latest-greatest Dells last year, and it’s allowed me to use my own Mac and drag my feet about changing away. You’d think I’d be safe, but Microsoft is still able to slow me down.
Let’s talk about implicit lock-in. Yeah, that’s right.. when you use a product across an organizaiton, it can become “the norm”, failures and all. Just as Mac people are surprised at how often Windows people get locked up and have to reboot (admittedly less often in Windows 7), it’s also amazing how companies “need doc”, and “need powerpoint” and now “need docx”. For the same reason, if you cannot read a tnef extension on an email, and accept a calendar invite received in email, you’re toast.
Let’s ignore the fact that calendar entries should be handled by calendar servers, and shouldn’t require your mail client to be open/running just to transfer calendar invites to your calendar — that would be a silly tangent.
So even though I have weeks between reboots, I still need to have Microsoft Entourage running to process calendar entries.
… and when that Entourage sucks up all the core memory and starts swapping like Godzilla (he was known to swap core), the world slows down.
… and when the world slows down, the GUI cannot create a “Force Quit” dialog box to kill the offending RAM-hog.
My reboot time is 3 minutes; my boss on the phone didn’t even realize. (FWIW, Mail.app is seriously heavy on RAM, and seems to fight with Entourage over MDS)
This should be a lesson to me: don’t leave Entourage running overnight.
A while ago, I configured PPTP so that my friends in China’s firewalled world could get their Facebook and Twitter fix. … cuz, we all know we need that constant poke-poke-poke.
The config I had was very much like “Tim” wrote on Shared Know How on Sept 28, 2008 — in fact, it’s a very basic, standard config, it’s a bit difficult not to wander onto it by accident (although Tim’s article is quite useful to paint the solution and validate that “yes, it does work” — and validation is not to be understated).
The iPhone4 didn’t connect to that setup anymore, and there was very little indication why:
Aug 31 19:28:20 usloft1645 pppd[9875]: Connect: ppp0 /dev/pts/1
Aug 31 19:28:20 usloft1645 pppd[9875]: Unsupported protocol 'IPv6 Control Protovol' (0x8057) received
Aug 31 19:28:20 usloft1645 pppd[9875]: MPPE required but peer negotiation failed
Aug 31 19:28:20 usloft1645 pppd[9875]: Connection terminated.
Aug 31 19:28:20 usloft1645 pppd[9875]: Connect time 0.0 minutes.
So lacking any real diagnostic methods, I began randomizing on the configs around MPPE. Damned if it wasn’t as easy as just dropping the requirement for MPPE:
(/etc/ppp/options.pptp)
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
#require-mppe-128 -- works with iPhone1-3, fails with iPhone4
ms-dns 192.168.0.1
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
I’ll need to clean up this entry a bit, but that’s the change so far, and it’s connecting. I’ll see too if I can find compatibility setting to get MPPE back, since this drops out payload-protection on a VPN which users may assume is usually secure from prying governments eyes.
In Summary, the working config right now is:
(/etc/ppp/chap-secrets)
(where “username1″ is actually a user’s username, and “password1″ is his/her plaintext password, but “*” is actually an asterisk)
username1 * password1 * # some comment ...
username2 * password2 *
...
(/etc/ppp/options.pptp as above)
(/etc/pptpd.conf)
option /etc/ppp/options.pptpd
localip 192.168.0.1
remoteip 192.168.0.128-191
debug
(/etc/ppp/ip-up.local)
# a bit heavy-handed, but gets named listening on the internal interface faster
rndc reload
This last file is a bit unusual; I found that although BIND is configured (named.conf) with the 192.168.0.1 interface to provide recursion and service, it would stop listening on the PPP link when the last connection closed:
Aug 31 19:42:54 usloft1645 pptpd[9915]: CTRL: Client 24.18.213.241 control connection finished
Aug 31 19:48:30 usloft1645 named[20202]: no longer listening on 192.168.0.1#53
This heavy-handed smack in ip-up.local causes it to listen on the 192.168.0.1 ppp0 interface again:
Aug 31 19:28:50 usloft1645 pppd[9916]: Connect: ppp0 /dev/pts/1
Aug 31 19:28:50 usloft1645 kernel: PPP Deflate Compression module registered
...
Aug 31 19:28:50 usloft1645 pppd[9916]: local IP address 192.168.0.1
Aug 31 19:28:50 usloft1645 pppd[9916]: remote IP address 192.168.0.128
Aug 31 19:28:50 usloft1645 named[20202]: loading configuration from '/etc/named.conf'