|
| News | Profile | Code | Photography | Looking Glass | Projects | System Statistics | Uncategorized |
Blog |
Yes, it's time for Trance 3.0. It's my whenever-I-get-around-to-it listing of a few trance tracks that I like. I've done two previous ones but this will be the first that includes some short reviews.
Arty is great, but Dan Stone is a genius. The original mix is interesting, but lacks any appreciable feeling and energy. Dan Stone transforms it into an epic uplifting trance track that might even bring a tear to your eye. The breakdown is soothing yet the release is full of power and melody.
Gareth Emery feat. Christina Novelli - Concrete Angel
The first time I heard this track was when I watched the music video (link above). Thanks to Ross Ching, this is probably the best trance music video I have ever seen. The time-lapses plus the spectrum equalizer effects in the buildings provide amazing visuals in addition to scenes with Gareth Emery and Christina Novelli. Also, what's even more important.. the video matches the percussion in the audio. Speaking of the audio, Gareth Emery has outdone himself on this one - the music is fantastic and Christina Novelli's voice is angelic. The only thing that bugs me is the paperclip in her ear.
Edu & Cramp - Silver Sand (Original Mix)
Edu & Cramp have been producing some great hits lately, but I think this one is the best. It's got the anatomy of a traditional uplifting trance track with a very upbeat melody and almost an airy feel to it.
Dan Stone - Harvest Moon (Original Mix)
I think I like almost everything that Dan Stone produces (Fahrenheit and Mumbai are two other good ones). As someone mentioned at one point, it sounds like this track is from a rave in the jungle since Dan Stone disperses a few sound bytes of animals throughout it. The breakdown and release is amazing with the release being slightly louder than the rest of the track (you can see it in the waveform above). I liked this track so much that I used a piece of it in a time-lapse that I took of a sunrise in Miami when I was at NANOG last year.
This track is an oldie but goodie and may be my favorite one of all time. It's no less than the epitome of uplifting trance with not one breakdown and release, but two!
This is a very underappreciated track in my opinion. Even Paul van Dyk's own In Between studio album had only a very short version of it! The breakdown and release aren't excessive, which serve to keep the speed and flow of the track almost constant. That being said, it's an awesome display of talent from both Paul van Dyk and Giuseppe Ottaviani!
Stoneface & Terminal - Super Nature (Orignal Mix)
I couldn't find the original mix on YouTube, unfortunately. This track is an emotional rollercoaster that I always thought would be great while watching lightning in the sky. The electric guitar during the breakdown is a nice touch, too. The album mix is decent, too, but I don't like it as much as the original mix, for some reason.
Over the past couple weeks I've had to figure out how to change the default name resolution behavior for short names containing dots on at least two operating systems: Windows 7 and Mac OS 10.7. It's starting to get annoying.
I've always found it quite useful to be able to connect to hosts using a short name like cr0.nyc instead of cr0.nyc.bb.isp.com. If the DNS for all the loopback addresses of my routers are within the bb.isp.com. zone, then I shouldn't ever have to type the FQDN if my default search prefix is bb.isp.com.
Sure, this generates additional lookups most of the time. Take this mostly fictious example:
(destiny:21:48)% telnet -6 em0.dax Trying 2001:48c8:1:2::2... telnet: Unable to connect to remote host: Connection refused
The above results in the following:
21:49:00.525997 IP 10.3.5.107.51245 > 10.3.5.1.53: 44160+ AAAA? em0.dax. (25) 21:49:00.560909 IP 10.3.5.1.53 > 10.3.5.107.51245: 44160 NXDomain 0/1/0 (100) 21:49:00.561096 IP 10.3.5.107.36493 > 10.3.5.1.53: 6644+ AAAA? em0.dax.prolixium.net. (39) 21:49:00.561414 IP 10.3.5.1.53 > 10.3.5.107.36493: 6644* 1/7/13 AAAA 2001:48c8:1:2::2 (488)
It's fictious because dax doesn't run a telnet daemon, duh. The resolver library assumes "dax" might be a TLD, so it qualifies it with a "." and sends it to the DNS server, which returns NXDOMAIN. The next query is appended with the search suffix (prolixium.net, in this case) and succeeds. This all happens because on a traditional Unix system, /etc/resolv.conf has a "ndots" directive that defaults to 1, which means that any name containing a dot will be tried absolutely (ie, qualified and sent to the resolver). This ndots value can be set to something higher than 1, which might result in something like this in the worst case if I tried to visit http://twc.com/:
21:43:31.052253 IP 10.3.5.107.39468 > 10.3.5.1.53: 54327+ A? twc.com.prolixium.com. (39) 21:43:31.052476 IP 10.3.5.1.53 > 10.3.5.107.39468: 54327 NXDomain* 0/1/0 (108) 21:43:31.052592 IP 10.3.5.107.44456 > 10.3.5.1.53: 33643+ A? twc.com. (25) 21:43:31.052811 IP 10.3.5.1.53 > 10.3.5.107.44456: 33643 1/2/0 A 165.237.62.28 (85)
Anyway, it seems that some newer operating systems take a completely different approach if the short name has dots - they don't ever try to append the suffix by default. For example, if I want to connect to dax.prolixium.com. I can still type in dax and get there just fine. However, if I want to hit em0.dax.prolixium.net. by typing in em0.dax, I would get a lookup failure. For Windows 7, SimAda00 provided a solution in this thread:
For Mac OS 10.7, this link has the solution, although you can follow the quick & dirty exerpt below:
In addition to the above, some web browsers like Google Chrome are starting to make short names more annoying to use. For example, if I haven't been to dax.prolixium.com. before, and I wanted to connect to it by just simply typing dax, I might see something like the following:
After clicking on "http://dax/" in the infobar, I wouldn't ever have to do it again unless I cleared my browsing history. I don't know of a way to disable this, but this thread from Chromium-discuss seems to shed some light on the rationale for it. Another way around it is to type dax/ instead of just dax. Firefox doesn't seem to have this annoyance, but Internet Explorer 10.0 (at least the version that's included in the Windows 8 preview) doesn't even give you an infobar-type of message for short names - it just throws the short name at your default search engine. Adding a trailing slash still works, though.
Quite annoying.
Since I'm not a bit football fan, I figured I'd do my taxes tonight instead of watching the Super Bowl. Unfortunately, I hit a little snag.
I installed my copy of Intuit Inc.'s TurboTax 2011 on my Mac mini running Mac OS 10.7. After installing it and completing the 15 minutes worth of updates, I fired it up expecting to see a "welcome to TurboTax" or "let's get started by importing your old return" dialog. Instead, I saw nothing past the registration screen. TurboTax was running, but the application didn't have any windows open. I selected "New Tax Return" from the File menu, but nothing happened. I restarted TurboTax and then I restarted the OS - still nothing was happening. Uh, something was broken.
I installed the same software on my MacBook Air running Mac OS 10.6 just to see what would happen. Some Internet searches indicated Intuit had some issues with their software on 10.7. The same thing happened - TurboTax just sat there doing nothing!
I figured there was something up, so I put on my old-school Unix hat, opened Terminal.app, and ran TurboTax in a terminal window. No messages were generated up until.. yep, you guessed it, I selected "New Tax Return" from the File menu. Here it is:
(orion:19:23)% /Applications/TurboTax\ Home\ Business\ 2011.app/Contents/MacOS/TurboTax\ 2011
2012-02-05 19:23:43.862 TurboTax 2011[90253:903] Encountered TPS error (120)
zosFileException: full file name is /Applications/TurboTax Home Business 2011.app/Contents/Resources/Forms/1040_11.formset/Contents/MacOS/._fdi11cv.3pe
open mode is 1
data mode is 1
share mode is 4
Inherited info follows
zpExceptionBase: error code = 120 source file = /Users/devmac/Documents/dev/official/2011.r08.003/source/Src/Low/P/OSFS/osXPResF.cpp, line 1381
The TPS error cracked me up at first (remember Office Space?) but I quickly realized that yep, there was some software bug in TurboTax. Specifically, it looked to be centered around one of the 1040 forms.
I did some Internet searches on these errors but didn't find anything relevant. Maybe it was a bad update that got pushed out at the last minute? Rather than uninstalling TurboTax and then starting it without performing software updates, I decided to install it on Windows 7. The updates took about one minute and the "New Tax Return" function worked!
Hopefully Intuit will fix their 1040 form errors on their Mac version of TurboTax, soon. Although, I suppose I don't really care anymore since the Windows version works!
About two weeks ago I picked up a GSM variant of the Galaxy Nexus smartphone. I decided that after almost two years with my Nexus One, it was time for an upgrade.
I've been running the Nexus One with CyanogenMod since mid-2010. As such, I've gotten used to the built-in BusyBox, enhanced power widget, status bar tweaks, OpenVPN functionality, and general hacker-friendly operation. I was hesitant to grab the Galaxy Nexus, which ships with Android 4.0 (codenamed Ice Cream Sandwich) until CyanogenMod 9, but I ended up ordering it anyway. Hopefully CM 9 will be out soon, but I'm not going to ask when!
If you're unfamiliar with the Nexus product line, it's a collection of Android devices (currently just phones) that run vanilla versions of Android. No carrier modifications or garbage are present, just plain Android. Unfortunately, a number of other Samsung devices sport names similar to the Galaxy Nexus, but should not be confused with it. Here's a list of Nexus devices, that are pure vanilla Android:
Here's a list of the non-Nexus devices that may be confused:
The Galaxy Nexus is a large phone with a 4.6" (diagonal) screen at 720x1280 pixels. The screen itself is very sharp and clear, although sometimes with a white background some bands are visible. I can't tell if this is a manufacturing defect or not.
Unlike the Nexus One, the Galaxy Nexus has the sleep button on the side and lacks a ball. The only way to physically wake the phone is to hit this button, unlike on the Nexus One where it can be configured to wake on both sleep button and ball depress. I'm slightly worried that the singular sleep button might wear out over time, but perhaps I'm being overly paranoid.
Android 4.0 seems like a nice upgrade from the 2.3.x series. I've never used an Android tablet with 3.x so I'm not sure how many 4.0 features first appeared in that version. The user interface is GPU-accelerated and provides smooth transitions through menus, although after a few minutes I disabled all the animations in the hopes of maximizing battery life. The 4.0.1 version I'm running uses Linux 3.0.1:
root@android:/sdcard # uname -a Linux localhost 3.0.1-ga052f63 #1 SMP PREEMPT Mon Nov 21 16:05:10 PST 2011 armv7l GNU/Linux
The voice recognition is vastly improved over previous Android versions, although I don't use it all that often. In Android 2.3.x, the voice recognition would require the user to speak a few words and those would be sent to Google and returned in text form at once. In 4.0, instead of buffering the whole phrase, apparently the audio samples are streamed live to Google, which results in recognized words appearing on the screen almost as they're said. In other words, there appears to be no limit to the amount of words that can be recognized at once. Very cool, if you don't mind the extra data being chewed up by such things.
The GN has soft buttons instead of hardware buttons like on the Nexus One. These are nice because I can finally buy a pair of those touchscreen-friendly gloves and have them work! The Nexus One's hard buttons wouldn't ever work with those gloves, for some reason.
The photo gallery now automatically synchronizes Picasa albums, which struck me as a little odd when I first opened it. It's obvious that Google is trying to integrate Google+ more tightly with all aspects of Android. My contacts initially included all of my Google+ contacts, too, until I disabled that (I typically have no desire to call or e-mail the majority of my Google+ contacts).
The GSM variant of the Galaxy Nexus supports all GSM and UMTS frequencies used throughout the globe. This means that it can be used with any GSM carrier without the risk of things like HSPA+ not working. This makes the phone compatible with both AT&T and T-Mobile work out of the box.
The dual-core OMAP processor is interesting. Interesting as in only one core is active most of the time, with the second core only being used under high load or other situations. Perhaps this is the norm for dual-core CPUs in mobile devices, as it's an obvious way of extending battery life. Here's /proc/cpuinfo under normal situations:
root@android:/sdcard # cat /proc/cpuinfo Processor : ARMv7 Processor rev 10 (v7l) processor : 0 BogoMIPS : 597.12 processor : 1 BogoMIPS : 597.12 Features : swp half thumb fastmult vfp edsp thumbee neon vfpv3 CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x2 CPU part : 0xc09 CPU revision : 10 Hardware : Tuna Revision : 0009 Serial : 01298fc30100203f
Under high load the bogoMIPS increases to 2047. I've seen both cores listed in /proc/cpuinfo in the past, but when writing this I was unable to trigger activation of both cores. Anyway, we can see this from the kernel log:
root@android:/sdcard # dmesg|grep CPU|tail <6>[111361.896057] Enabling non-boot CPUs ... <4>[111361.912170] CPU1: Booted secondary processor <6>[111361.913208] CPU1 is up <6>[111361.917938] Switched to NOHz mode on CPU #1 <4>[111362.918182] Disabling non-boot CPUs ... <5>[111362.918823] CPU1: shutdown <6>[111363.056030] Enabling non-boot CPUs ... <4>[111363.072174] CPU1: Booted secondary processor <6>[111363.073211] CPU1 is up <6>[111363.078124] Switched to NOHz mode on CPU #1
Speaking about CPUs, the developer options offer a nifty CPU utilization overlay graph to see what applications are hogging it:
Since it can be seen here, I'll point out that Zynga's craptacular development of Words With Friends still causes it to chew up 100% of a single core when running. I suspect this is due to polling things that should be event or interrupt-driven instead. The game is so addicting, though!
Unfortunately, there are a few things about the Galaxy Nexus that are annoying.
Let's start with the hardware: the phone is just too large. Or, maybe my hands are just too small! While holding the phone, I have trouble reaching my thumb up to the top left portion of the screen. At first this was just an annoyance, however after using the phone for 15-20 minutes my arm started hurting from the strain. The large size combined with its thin and somewhat slippery frame makes it easy to drop. I've had a few close calls already while using the phone outside with one hand.
The sleep button should be on the top of the phone, not on the side. I don't use a case or belt clip for the phone and usually put it in my pants pocket. Unfortunately I find myself accidentally hitting the sleep button when putting it into my pocket, which results in a few incorrectly dialed emergency numbers or screen unlock attempts.
The GN wouldn't connect to my 5 GHz SSID at home. I've got my Cisco 1142 WAP configured for 802.11a and 802.11n, but the GN wouldn't see it at all, whether the SSID was broadcast or not! More research is needed, but this was a let down.
The screenshot feature that's built into Android 4.0 is a little weird. Why didn't they just add it to the power menu (hold sleep) like CyanogenMod 7.x did? It's annoying to have to hold volume down and sleep.
A huge annoyance with Android 4.0 was that it automatically signed me into Google Talk without notifying me (I never use Google Talk). I only figured this out because I saw myself online from my other XMPP account. It was easy to disable, but this should not by on by default.
The SMS emoticon icons are really ugly:
In general, things crash frequently. I don't think I have bad hardware (RAM, etc.) because I've heard similar reports from other GN (LTE variants) users. Applications crash and the phone has hard locked twice. It's annoying that there's no watchdog that automatically reboots or some way to trigger a hard reboot via the sleep button. So, in the case of a hard lock, removing the back case and battery is required. Also, the back case seems flimsy and cheap. I feel like I'm going to break it half the time.
I've had AT&T as my wireless carrier since sometime in 2007. I've moved the same SIM card between over half a dozen different phones without any issue and mostly kept the same plan. Since the Galaxy Nexus supports all five UMTS frequencies, I figured I wouldn't have a problem using HSPA+ on AT&T and getting some extra speed over my Nexus One. Unfortunately, this didn't work out.
After using the phone for the first week, I didn't notice any increased speeds. The Ookla mobile speed test application returned plain old congested HSPA speeds (1.7 Mbps downstream, and < 1 Mbps upstream), although latency seemed to be improved (39 ms RTT). I was puzzled since the network type indicated HSPA+:
root@android:/sdcard # getprop gsm.network.type HSPA:11
After searching around I came upon this article that basically convinced me to leave AT&T. Essentially, AT&T won't grant customers access to the enhanced backhaul that traditionally accompanies the HSPA+ connection unless they're equipped with a 4G data plan (no price difference). Unfortunately, the only way to get a 4G data plan is to have an AT&T-supported device (ie, device sold by them). Obviously, an unlocked GSM Galaxy Nexus wasn't one of these devices and lying about this to customer service wasn't going to do any good because the IMEI won't be accepted.
Some folks claim they've gotten the AT&T employees to temporarily associate an IMEI from one of the in-store phones with their account to activate the 4G data plan, then switch it right back. I didn't go down this road not because I didn't think I couldn't finagle myself a 4G plan but because I don't agree with such a policy in the first place. I decided to switch to T-Mobile, and it was the best decision I've made in awhile.
The very next day I strolled into the local T-Mobile store and picked up a SIM card with the $60/month unlimited everything plan. After 2 GiB T-Mobile will cap me to EDGE speeds, but that's fine. I ported my number from AT&T and haven't looked back. The HSPA+ speed is blazing at night and not too bad during the day. The best I've gotten so far is 8 Mbps downstream and 1.7 Mbps upstream. Coverage at my condo is excellent and at work it's decent, too. Overall, it's slightly worse than AT&T but that hasn't bothered me, yet. What's a little strange is T-Mobile's internal IPv4 addressing scheme: they use pieces of 22/8 and 25/8 for mobile clients! I guess they don't have much public space to speak of and RFC 1918 can only go so far.
I also signed up for the T-Mobile IPv6 trial, which seems to work great. I think it'll work with any phone that sports an IPv6-enabled pppd, which aren't many, so far. The IPv6 trial is a separate APN that provides a single IPv6 address and DNS server (fd00:976a::9; it's whitelisted by Google over IPv6). IPv4 connectivity is provided by a NAT64 gateway alongside DNS64. The NAT64 prefix appears to be fd00:976a:c004:8fb1::/96 and the last 32 bits of this prefix directly map to an IPv4 address. Yes, these fd00 addresses are ULA, which makes sense so T-Mobile doesn't have to worry about their NAT64 gateway becoming accidentally public. I consistently get addresses out of the 2607:fb90:400::/40 prefix, and SSH seems to be allowed inbound! This makes copying files from my phone much easier when not on Wi-Fi. I have a feeling it won't last, though. Also, it's easy to switch back to the IPv4 APN with three taps, in case things go wrong. Two things that do not work on the IPv6 APN are MMS and applications that utilize ICMP.
The Galaxy Nexus is a great, albeit buggy, phone.. if you've got big hands and have T-Mobile. Otherwise, get the LTE version from Verizon Wireless and stay in the country. Android 4.0 has promise, if they can fix the bugs. Overall, I think everything software-related will be better when CyanogenMod 9.x is released!
A number of sites on the Internet are blacked out to protest SOPA and PIPA:
I figured I'd do the same (see the top banner). To get a list of your representatives (so you can tell them to voice opposition to both these bills), go here.
I recently deployed DNSSEC on almost all of my domains and lived to talk about it!
A little history, first. Back in July of 2010 I used ISC's DLV registry to sign one of my domains since the com. and net. TLDs weren't signed at the time. The DLV registry provided a list of trust anchors so individuals could sign their domains and DNSSEC validating caches could easily look them up. I signed tengigabitethernet.com. with no ZSK rollover and it worked! I also configured all of my internal caches to perform DNSSEC validation (dnssec-validation yes; along with making sure the "." keys are fresh).
Since com., net., org., and most other TLDs are now signed, a few months ago I decided it was time for me to sign the remainder of my domains and figure out how to perform automatic ZSK rollover.
I first started reading a few documents about the right way to sign zones and get together a sane configuration with BIND (9.7.3 at the time). This howto probably contained the most information, so I used it primarily. Creating the keys and signing domains was familiar to me at this point, so that was mostly review. I then started to research the best way of performing automatic ZSK rollover, which turned out to be the difficult part.
For security reasons, it's recommended to roll over the ZSKs (zone signing key, as opposed to a key signing key which isn't published) periodically. I decided that it would be good to roll my ZSKs every over month (the odd-numbered months, specified as 1,3,5,7,9,11 via cron). After searching the Internet for some suggestions on best practices for ZSK rollover, it seemed that most folks were using a new directive in BIND that took the throught out of this: dnssec-auto.
The dnssec-auto configuration directive was introduced starting with BIND 9.7.0 and includes the ability to automatically re-sign zones and perform routine key maintenance, including key rollovers. Apparently this feature was introduced prematurely and creating new keys with dnssec-auto automatically wasn't possible until 9.8.0. This sounded exactly what I wanted, however.. a bit of a rub, this requires that all zones be converted to dynamic zones. This is required because BIND needs to constantly re-write the zone files (it actually uses a journal) and mainatin them by keeping serial numbers updated.
Dynamic zones didn't seem to be a big deal at first, but I decided I didn't want to go this route right now for a number of reasons. First, moving from a static zone to a dynamic zone removes the ability for me to edit the zone file by hand, which I've gotten used to doing. Maybe I'm the only one who does this, but I use zone files in lieu of an official IP address management system and include all sorts of comments in them. To maintain dynamic zones, one must use the nsupdate(1) utility that ships with BIND. It's not a difficult tool to use, and very easily to script. The second reason is somewhat related: I was unable to find the equivalent of $GENERATE macros to use with nsupdate. This may be by design, but it's annoying.
A few workarounds for the above might be to move comments to TXT records and write scripts to emulate $GENERATE functionality that prepare a batch of nsupdate commands. I suspect down the line I will eventually have to cave and move to a dynamic style of DNS zone maintenance, but it's not going to be today.
So, after deciding I was going to keep things manual, I created some scripts from scratch to handle ZSK rollover. They run dnssec-keygen, dnssec-signzone, and reload BIND as needed. I automated serial number generaton and initial DNSSEC key generation at the same time. Long story short, this allows me to still edit the original zone files in my external view and have the signed copies be served up by BIND. The copies of each zone are appended by the characters ".signed" and these zones are included in named.conf.local (yes, I'm using Debian GNU/Linux). It's a little wasteful, because I have a shared SOA for all of my domains and my scripts re-sign all of my zones for any DNS change. Although for my setup, it's not a big deal.
If you're curious what these scripts look like, check them out here. Please keep in mind that these are very specific to my setup and if you decide to use them you'll essentially have to figure them out yourself and obviously change update-soa.sh to reflect what you want your SOA to look like.
Anyway, to get my DNSSEC setup live, I took the DS records (dsset-*) and had my registrars add them to the parents. This is required so caches that have DNSSEC validation enabled will go ahead and actually perform validation. The DS record authenticates the chain of trust from the parent down to the child zone. So, com. has a DS record for prolixium.com. and uses it to validate that the DNSKEY for prolixium.com. is valid and can be used to check the RRSIG RRs for each record queried. Here's how it looks:
% dig +short @a.gtld-servers.net. prolixium.com. DS 57876 7 1 5B9D902C4E4B15833369B7EED602370B3A525334
Now, this is sometimes when it gets hairy. Since adding the DS key to the parent is the registrar's responsibility, they may or may not support it, or may only support it for a subset of their zones. Even worse, some registrars may advertise support for DNSSEC but in actuality only support it when you use their nameservers as opposed to your own. Because of this, make absolutely sure your registrar has an option in their interface for adding DS records beforehand.
As an aside, Go Daddy has excellent DNSSEC support, but unfortunately supports the evil that is SOPA (their latest flip-flopping should not distract you from the fact that they potentially helped write it and also got an exception from the shutdown clause). I had most of my domains with Go Daddy but moved all but one to name.com and Joker. name.com irrirated me because they only officially support DNSSEC for org., have no mention of DNSSEC in any of their knowledge base, and initially filed my support inquiry as spam. Fortunately the DS records in the parents ended up staying put even after the transfer from Go Daddy, so I guess I'm set for now. Joker supports DNSSEC for all of their domains that are signed.
After signing my zones, I used two web-based DNSSEC checking utilities to validate my configuration: DNSViz and the Verisign DNSSEC Debugger.
In conclusion, although signing zones the manual way ends up taking much longer and causes much more pain, it's a great way to learn DNSSEC!
Here's my traditional Year in Review article for 2011. Last year I deviated from the norm by writing an entry on my predictions for 2011 and beyond, but that was only a one time deal.
It's been a big year for IPv6 (come on, you knew I would be starting this with something IPv6-related). World IPv6 Day was the catalyst for many IPv6 initiatives throughout the globe, as well as one at my place of employment. Although I can't specifically state who I work for in a blog or web forum I can say that it's a large MSO. I led the effort to dual-stack our enterprise network and more or less succeeded by the time June 8th rolled around, although we didn't participate directly in World IPv6 Day. Our website was dual-stacked a few weeks after and, from what I know, there hasn't been a single problem reported! The above image of IPv6 statistics from World IPv6 Day is courtesy of Akamai.
Oh, one more thing about IPv6.. my license plate was featured on a NetworkWorld slideshow, for obvious reasons.
On the FOSS front, I made contributions to two projects: MTR (the traceroute program) and the Linux kernel. I added some stability fixes and IPv6 support (via reverse engineering) to the LG-VL600 USB LTE modem driver in the Linux kernel (see here). The LG-VL600 is one of the USB modems that's sold by Verizon Wireless for use on their LTE network. I also created a patch to decode ICMP extensions for MPLS (see here), which has recently been included in version 0.82.
I've educated myself quite a bit on the operations of DNSSEC and have signed 7x of my domains with automatically rolling ZSKs, so far. I'll be writing up a blog entry solely on my experience with DNSSEC in a few days, so stay tuned!
I passed the JNCIP-SEC Juniper Networks certification. Hopefully in early 2012 I'll be able to attempt the JNCIE-SEC!
As far as work itself is concerned, 2011 wasn't the best of years due to a variety of factors. It wasn't a complete and utter disaster, but it wasn't a good year, either. We'll see if 2012 can do better!
I turned 30 years of age. Really, there's not much else to say about this because it wasn't all that enjoyable. I'd prefer to tell people my current age is 0x1e, but I have a feeling that might result in some strange looks.
Early in 2011 I decided I wanted to get into photography, so I took an introductory DSLR class at The Light Factory in uptown Charlotte. I also picked up a Canon 60D with the EF-S 18-135mm f/3.5-5.6 IS and EF-S 60mm f/2.8 Macro USM lenses. Later in the year I picked up the EF 70-300mm f/4-5.6 IS USM (unfortunately not before leaving for the Galápagos Islands).
The Light Factory class, although fairly basic, provided the foundation I needed to continue exploring my new-found hobby. Among other things, I found I like to take evening photos of cityscapes or close-ups with the macro lens. I've lately been trying out the fad that is HDR (without making the result look completely silly).
I keep telling myself I'll eventually setup a separate website for my photography, but for now it's just strewn around here. In the meantime, some of these images might be interesting.
For those interested, the simple montage above was created by GIMP 2.6 running under Mac OS X - the compilation errors when using MacPorts suddenly disappeared one day! Images sources (left to right): Lightning, IMG_0510.jpg, and img_0342.jpg.
In addition to my standard trips up and down the east coast of the United States for work and family visits, I took two other noteworthy trips in 2011.
To attend NANOG 51, I traveled to Miami, FL in early 2011 and stayed at the Hotel InterContinental Miami just outside the downtown area. The NANOG conference is a North American tri-yearly get together for network operators and Internet companies. It's basically a fun geek-out for engineers, complete with presentations and panels discussing various technologies and issues. Although some folks attend individually, most are there representing their employer and have its AS number on their badge, which I did.
I had a great northeastern view from my hotel room, so I took a time-lapse of the sunrise one morning and added some trance music to it!
I also took a trip to the Galápagos Islands. It was a fascinating experience and certainly worth the almost two weeks away from the office (for several reasons). It's one thing to see wildlife from a distance or behind bars, but completely different to have them prance right in front of you (sea lions and marine iguanas). This trip marked the first time in my life that I've crossed the equator. I got a silly t-shirt for it, too..
Several of my friends got engaged and a few got married in the past year. Actually, I think most of the engagements happened in the past two weeks of 2011.. enough that I thought I was missing out on some conspiracy! I'm just joking, if it's not apparent. Also, did I mention I've been seeing someone for the last couple of months? Well, I have been! She's quite fun to hang out with and isn't scared of all my computer and networking equipment.
I suppose the last thing I should mention about 2011 is SOPA. Hopefully you know what it is, and don't need to click on the link. Anyway, back in September I finally got sick of Register.com's high prices and lack of DNSSEC support, so I moved prolixium.com and prolixium.net to Go Daddy where I had a few other domains. I also bought a wildcard SSL certificate from them for prolixium.com. Little did I know that they had a hand in writing SOPA and initially supported it (most folks think they still do, since there's a section of the bill that excludes Go Daddy domains from certain shutdowns)! Not wanting to have anything to do with a company that supports such a dangerous bill, I moved 6x of my domains away from Go Daddy a few days ago, but have to wait until January to move prolixium.com and prolixium.net. Is it a waste of money? No, it's not - it tells companies that SOPA is important to customers and they should not support it. Hopefully there will be some votes against the bill in 2012 and it won't pass. Otherwise, 2012 will start with Internet censorship in the United States, which would be nothing short of a travesty.
I suppose the last thing to share are my 2012 new year's resolutions. I'd rather not make them all public, so here are just a few of them:
Obtain the JNCIE-SEC certification
There's not much else to say about this one. I got the JNCIP-SEC earlier this year, but I would like to wait for one of the boot camps to be offered so I can get some real study material.
Be nicer at work
I've been a bit of a grouch and pessimist at work over the last year - possibly for good reasons, but that doesn't matter. However, in 2012 I will try not to say I don't care or be overly pessimistic about anything.
Exercise more
I swim 4-5 days a week now, doing 2,600 meters in each 45-50 minute session. However, almost all of that is freestyle with only one or two lengths of butterfly mixed in. I'd like to increase that to two full laps of butterfly per session.
I currently do 20 push-ups and 20 sit-ups each morning. This is going to be a tough one on the weekdays (due to time constraints - I hate getting up early!), but I'm going to try to double both of these.
Make three contributions to FOSS projects
In 2011 I contributed to MTR and the Linux kernel with patches that added functionality and fixed bugs. I'd like to increase this number to three, this year. I believe in free and open source software, and although I'm not that great of a programmer, I'd like to help make it better.
Blog more, Facebook less
I need to blog more often. Right now I average about one or two blog entries per month - I'd like to increase that to one or two blog entries per week. The topics will remain the same (technology, science, rants, etc.).
I also need to limit viewing Facebook to once every other day or even less. It's typically a big waste of time for me and I think I've spent way too much time on it in 2011. I really don't need to see pictures of naked newborn babies, people writing love letters to each other via their walls (although it is still amusing to see that some people still think wall to wall conversations are private), checking in at each and ever restaurant they visit, or letting the world know they completed their workout of the day.
Although I'm going to detach from Facebook a bit more, I'm going to try to go in the opposite direction with Twitter. Unlike Facebook (or even Google+, at this point), I find Twitter to be quite informative on matters of technology and news. It's also a great place to crowdsource questions or recommendations on technical topics. It's also fun to have some communication with celebrities (my definition of celebrities include creators of BitTorrent, trance producers and DJs, etc.) every once and awhile.
Make >= 100 edits to Wikipedia
I really like Wikipedia. I think it's one of the best things on the Internet and I contribute to it with my time (edits) and money (yearly donations). I only made 29 edits this past year, but I'd like to make over 100 in 2012.
And that's it. Have a Happy New Year!
I've recently heard a few instances of the word factoid used incorrectly when fact should have been used instead. Apparently some individuals think that factoid is a fancy veresion of fact when it couldn't be farther from the truth:
Here's fact from Dictionary.com:
fact [fakt]
noun
1. something that actually exists; reality; truth: Your fears have no basis in fact.
2. something known to exist or to have happened: Space travel is now a fact.
3. a truth known by actual experience or observation; something known to be true: Scientists gather facts about plant growth.
4. something said to be true or supposed to have happened: The facts given by the witness are highly questionable.
5. Law. Often, facts. an actual or alleged event or circumstance, as distinguished from its legal effect or consequence. Compare question of fact, question of law.
And now factoid:
fac·toid [fak-toid]
noun
1. an insignificant or trivial fact.
2. something fictitious or unsubstantiated that is presented as fact, devised especially to gain publicity and accepted because of constant repetition.
Even Urban Dictionary has got it mostly correct.
So, if you're just going to use factoid to sound cool.. don't!
Displaying page 10 of 121 of 965 results
     |
This HTML for this page was generated in 0.004 seconds. |
