Excellent Gun Show this past weekend
This past Saturday I went to the Nations Gun Show at the Dulles Expo Center in Chantilly. This is the second I’ve been to a Nations show, and it was just as good both times.
Going to gun shows reminds me of my childhood when my Grandfather would take me to small shows in Colorado Springs. Tons of sweet guns (and lots of lame Fudd guns too), ammo, gear, and unrelated crap like jewelry and vintage Nazi regalia, and the chance to handle all sorts of weapons all in one place.
It’s a shame more gun-haters don’t venture out to see the ‘loophole’ first hand, and witness the veritable bazaar of weapons available for any terrorist or gang banger with enough cash, with no adult supervision whatsoever. Perhaps the experience would chill them out a bit.
Help us, Big Brother, to protect the children
Not surprisingly, two of the most consistent enemies of individual liberty in the US Senate, Senators Ted “Series of Tubes” Stevens (R-AL) and Daniel Inouye (D-HI) have called for US government monitoring and filtering of the Internet, to protect The Children.
To say this is a bi-partisan effort is technically correct but misleading. While Stevens and Inouye are the ranking member and chairman, respectively, of the Senate Commerce, Science, and Transportation Committee, they also both represent the statist hubris flavor of political ideology that runs orthogonal to partisan lines. If you listened to last year’s hearing on indecency in television in which Uncle Teddy blasted TV executives for airing programs he doesn’t like, you know how happy these guys are to use the Federal Hammer to root out sin and iniquity wherever it threatens our cherished young. This is just the next logical step for their authoritarian adventurism.
For those of you on the left and right who are happy to use the Federal government’s power to advance the things you care about (legislating morality on the right, and disarming citizens on the left, for example), this is the price you pay. When a government has the power to ban your weapons and regulate what broadcast networks air, it is folly to think it won’t also assert other powers, powers which you didn’t forsee and may not support.
Fortunately, as threats to liberty go, this is pretty mild, as it’s still in the committee-level posturing stage right now. However, thumpin’ aside, this is still more or less the same Congress (and president) that passed the McCain-Feingold First Amendment Reduction Act, and don’t think for a minute that those censorious bureaucrats over at the FCC wouldn’t love to expand their domain to include Internet traffic (and you thought they’d stop at asserting authority over cable content; hah!).
I don’t know what else to say except, to the people of Alaska: “seriously, WTF!?”
What a Clusterfcuk! Running MS Cluster Services
I’m working on adding support for Microsoft Exchange clusters to the next version of my company’s product. In order to do that, I need to have an Exchange cluster to develop/test on. Ironically, assembling Windows machines into a cluster seems to decrease their stability at an exponential rate.
Microsoft’s clustering solution is pretty lame. Basically you set up two or more cluster nodes with access to some sort of shared disk bus, like SCSI, iSCSI, or Fibre Channel. The nodes talk amongst themselves and decide who will own the shared disk resources and run the clustered apps. Effectively, it’s an active/passive configuration.
Anyway, for our tests, I threw together a VM running Ubuntu Server 7.04, and put the iSCSI Enterprise Target on it. I added three 5GB virtual disks and exposed them as targets with IET.
I then installed the Microsoft iSCSI Initiator 2.04 on my two cluster nodes, and verified it could attach to the iSCSI targets. I formatted the drives and felt smugly self-satisfied.
However, the problem starts after I install Exchange 2003. Suddenly, stopping the clussvc (The Cluster Service) hangs the machine. Consistently. Hard. Wedged.
I tried using the Rocket StarWind iSCSI target instead; same problem. WTF?
I’ve spent days now trying to get this cluster stood up. I’m beginning to think the whole cluster thing is some sort of right-wing Zionist corporate conspiracy to sell high-price ‘cluster certified’ hardware to clueless IT boffins.
Finished 'Enemies Foreign and Domestic'
I just finished reading Matthew Bracken’s right-wing insurgency novel, Enemies Foreign and Domestic. I have a history of enjoying stories depicting a dystopian near-future (sometimes violent) rebellion against an oppressive, tyrannical state, and this is no exception. Whether the villain is a right-wing nationalist government as in V For Vendetta and Children of Men, or a left-wing government as in Enemies, it’s easy to entertain me with the ‘freedom fighter’ meme.
In Enemies, the American government enacts a strict ban on all semi-automatic rifles after over a thousand people die in a sniper attack on a crowded stadium in Baltimore. It becomes clear very early in the book that the disturbed Desert Storm vet to whom the attack is attributed is in fact a convenient fall-guy, diverting attention from the splinter unit within the ATF which orchestrated the massacre to expand its own influence.
It’s common in most of these dystopian rebellion novels for the author’s bogeymen to appear in high relief, and this is no exception. American gun owners have a long and mostly unpleasant history with the ATF (Ruby Ridge comes to mind) and, to a somewhat lesser extent, the FBI (um, Waco), so it comes as no surprise that rogue ATF agents are the real enemies in the book. It’s not the most plausible of plot devices, but if you harbor enough contempt for the ATF going into it, suspension of disbelief isn’t a big problem.
After the ban, a tit-for-tat series of violent acts are perpetrated by gun rights forces and the ATF. With each act of violence by American gun owners (demonized as ‘right-wing militias’ by the book’s MSM) more draconian steps are taken to disarm the citizenry, including highway checkpoints using Fourth Amendment workarounds developed for the Drug War, and unilateral Presidential Directives empowered by the PATRIOT Acts. Civil liberties activists will be pleased to see their most-despised government powers abused extensively, though it’s all in the mean of disarmament.
Ultimately I found the ending of the book to be somewhat unsatisfactory. I like to see the forces of freedom and liberty soundly defeat the oppressors, which is most certainly not what happens here. I’m also not comfortable with many of the tactics used by the anti-government forces in the book, though it does prompt the reader who believes in the right of the individual to bear arms as a hedge against tyranny to ask him/herself what the correct response is when tyrants seek to disarm you.
Overall, I enjoyed the book, and the dark picture it paints of an America where today’s Federal government powers, happily surrendered by the citizenry to fight the wars on Drugs and Terror, becomes tomorrow’s oppressor.
Molon Labe, indeed.
Gotcha cloning Ubuntu VM
I cloned an Ubuntu 7.04 VMWare Workstation 6.0 virtual machine, and found that the cloned VM booted without network access. dmesg | grep eth0 showed that the pcnet32 driver was loaded fine and detected eth0, but ifconfig doesn’t list eth0, and ifconfig -a lists eth1 which is down. WTF?
Turns out this is a feature of Ubuntu and possibly other distros, which remember which MAC address goes to which device using /etc/iftab. I never would’ve figured it out if not for this thread. The fix seems to be to manually edit /etc/iftab to put in the clone VM’s MAC address.
That’s pretty fucking lame. Both Windows and the BSDs don’t have that problem.
Ban Guns, Sure, But Hands Off My Hacking Tools
I recently ran across a piece of Diggbait, written (predictably) by an Australian, lamenting the new German criminalization of possession and creation of hacking tools in much the same way gun possession is banned. The point of the article is to show why hacking tools aren’t like guns, and thus shouldn’t be banned.
This attitude is one I see alot in geeks, and one I don’t understand. How can you support government gun bans, redistributive taxes, and heavy government regulation/banning of things you don’t like, then turn around and complain about things like the DMCA and bans on crypto or hacking tools? Is the difference really just that you like crypto and hacking tools, and don’t like guns and huge corporations?
In case you’re curious, this is how guns bans and hacking tool bans are different:
- You can’t know if a particular hacking tool will be used to commit a crime. Is that suspicious looking character with the copy of
nmapjust a harmless sysadmin probing his own network while looking shifty, or is it a nefarious cybervillain? Contrast this to guns, which are easy to separate into crime tools (‘assault’ weapons, ‘sniper’ rifles, ‘Saturday Night Specials’, ‘copkillers’, pump action shotguns, anything scary-looking) and sporting items (an old Daisy BB rifle and that piece of wood you whittled into the shape of a handgun). - A local (country-wide) ban on hacking tools will disarm the local security pros and white-hats, leaving them defenseless against the foreign foes and domestic law-breakers armed to the teeth with malware. Yet, gun bans apply to all people equally, and make sure that no one has guns, especially not the criminals, who despite their..err..criminal nature, wouldn’t dare violate a gun law.
- Banning hacking tools without an exception for ‘security professionals’, leaving them unable to do realistic pen testing or defense, actually reduces overall security, which is more or less the same point as made in (2). By contrast, gun laws don’t restrict police gun ownership, so the police can protect you.
- If these tools are banned, security pros and whitehats will be unable to learn how to use them, or even how their potential use should influence the design of security systems. On the other hand, you can ban all guns and still allow the now-disarmed civilians to learn how to shoot by playing Counter-Strike, just in case.
- A gun in the house is more likely to kill a family member than an intruder (yes, you and I both know this is a grossly misleading and flawed statistic, but work with me here), while you can’t accidentally synflood someone (ok, so you can if you fuck up the
nmapcommand line, but whatever), or get drunk one night and fly into a booze-induced rage freakout and exploit a cross-site scripting vulnerability. Anyone who’s perpetrating a hack knows its illegal and is doing it intentionally and thus has demonstrated a willingness to break the law, so adding one more law to break won’t deter the attacker in the slightest. Thus, you should ban guns because who knows what some asshole will do with them, but hacking tools should be legal, with criminal penalties focused on crimes perpetrated with the tools.
I must assume the author of these five points, being an urbanized citizen of a country with a rather heavy-handed gun ban regime and a political climate favorable to strict gun controls, is not particularly familiar with the finer points of the gun rights argument, as he has unintentionally raised most of the popular gun rights defenses in his attack on the German hacking tools ban.
In my opinion, guns and hacking tools should be legal, for much the same reason that knives, bats, trans fats, junk food, alcohol, and recreational drugs should be legal: because they are inanimate objects correlated both (in some cases, presumably excluding junk food) with criminal activity (which is already, you know, a crime) and lawful exercises of individual liberty which no just government has any business regulating.
Molon Labe, my German hacker friends, Molon Labe.
According to Nietzsche, I'm Fine
If Nietzsche is to be believed, my boundless sarcasm and cynical snark are simply evidence of my good health. But don’t take my word for it:
Protest, evasion, merry distrust, and a delight in mockery are symptoms of health: everything unconditional belongs in pathology
— Nietzsche
Though Nietzsche and I don’t often agree, we can definitely get together in this. One needn’t be a naive moral relativist to regard with distrust and skepticism the unconditional, and as to mockery, well, let he among you who is without sin cast the first stone.
Ruby Wireshark Wrapper Status
I’ve not posted recently on the progress of my Ruby extension to wrap Wireshark’s packet dissectors and expose a complete protocol tree to Ruby.
I’ve finally reached a point where the initial groundwork is in place and I have a workable solution. I had severe performance problems, and ended up implementing a lookaside list to keep a cache of reusable C++ objects to avoid excess memory pressure, and also switched to use the Ruby memory allocator, which will trigger a GC if necessary to satisfy a memory request.
At this point I’m very pleased with the results. I can write a test app that looks for 802.11 management packets to build a list of wireless access points within a particular packet capture (all in Ruby), and process a libpcap-formatted capture file at a rate of 1500 packets/second, using a debug build of Wireshark and my Ruby extension. Keep in mind that rate includes building a complete protocol tree using Wireshark’s dissectors for each packet.
I can apply a display filter, set preferences, perform high-performance searches for specific field elements; everything I need to implement the network monitoring tool I’m working on.
All my code is in my SVN repository here, though I’ve not taken any pains to allow the code to build anywhere but my dev laptop so don’t expect to be able to get it working.
Also I haven’t taken the time to put in copyright notices yet, but the code is all Copyright (C) 2007 Adam J. Nelson, and the commies over at FSF require me to release it under the GPLv2, since that is the license under which Wireshark is released.
At this point I’m moving on to analyzing, storing, and displaying tens of gigabytes of network traffic using a Rails-based web interface and a SQLite back-end. I’m sure I’ll go back to rcapdissector to fix bugs, improve performance, add missing features, etc, but it’s no longer the primary focus.
I must say I find the Ruby extension experience to be harder than it has to be. I quickly abandoned mkext as it simply won’t work for a complex extension project, and found no suitable substitute. Docs were non-existent, and the lack of a good extension framework required me to come up with my own simplistic C++ idioms for representing extension objects. Then there’s the crappy performance I get out of Ruby 1.8 compared to what I’ve seen in Python.
Ruby’s a great little language, and I’m sure when it’s Python’s age it’ll really kick ass, but it still has a ways to go. And with the concurrent processing tasks I’m facing with this network monitoring tool, I’m tempted to bite the bullet and learn (gasp) Erlang. Ok, not really.
Note to self: new project idea. Design a new concurrent programming language that compiles down to Erlang. Goals of the language will be to use even more punctuation marks than Erlang itself, encourage the authoring of even less readable code, and introduce additional abstractions to increase the obfuscation level. Possible name idea: Hurlang.
Seriously though, WTF are the PragProg guys trying to push some sort of Erlang renaissance? I know, I know, thought-free concurrent programming and all that, but seriously. It was developed by telco guys who were so low on imaginative power that they named it after their company, Ericsson, hence ERlang. If you’re used to Ruby, or C#, or C++, or C, or fucking Javascript, it’ll be really hard to quiet your stomach when you read (and write) shit like this:
-module(test).
-export([fac/1]).
fac(0) -> 1;
fac(N) -> N * fac(N-1).
or this:
-module(tut9).
-export([test_if/2]).
test_if(A, B) ->
if
A == 5 ->
io:format("A = 5~n", []),
a_equals_5;
B == 6 ->
io:format("B = 6~n", []),
b_equals_6;
A == 2, B == 3 -> %i.e. A equals 2 and B equals 3
io:format("A == 2, B == 3~n", []),
a_equals_2_b_equals_3;
A == 1 ; B == 7 -> %i.e. A equals 1 or B equals 7
io:format("A == 1 ; B == 7~n", []),
a_equals_1_or_b_equals_7
end.
Tell me that doesn’t just make you want to cry! Hell, let’s just code everything in Lisp and get it over with. Ick. Pass.
Happy Birthday
Today is the 27th anniversary of the beginning of my life, in the Blackmun sense of the word ‘life’. It’s been fun so far; hopefully it continues to be.
No big plans for this, The Actual Day, though this weekend I’ll have the few remaining family left in the region over to my place for some KFC and cheesecake. I can’t even go to the range for some celebratory fire, since this being a Tuesday it closes at 5PM for kiddie swim.
I’m not sure what I’ll get for myself. I’ve been eying a new Rock River Arms mid-length M4, but now that I have a decent collection of guns I’d much rather spend that money on training if only there was some decent training options that didn’t involve flying to Nevada. Anyway, we’ll see. I’ll think of something.
Face reality: The Iraqi consequences of an American withdraw are clear
The calls for retreat–I mean–’phased redeployment’ of American and Coalition forces from Iraq just keep getting louder, now including some Republican Senators who were once hawks but now have poll numbers to worry about.
I understand alot of the arguments for pulling out, though others are absurd, and their incessant PR doublespeak reminds me of Marine Corps General Oliver P. Smith’s reaction to a press account of his unit’s retreat from enemy forces in the Korean War: “Retreat Hell! We’re just attacking in another direction.”. If only he had the Pelosi/Murtha spin machine, perhaps he might’ve put things more delicately.
One thing I cannot abide is anti-war advocates claiming that a premature withdraw of Coalition forces from Iraq will not result in devastating civil war, genocide, and a mass stream of refugees. If you don’t believe we can win in Iraq, you don’t believe we have an obligation to stay and fix what we broke, and you don’t think our blood and treasure is worth the lives of potentially millions of Iraqi civilians, make that argument. Don’t pretend the insurgents, criminals, militias, and assorted Tangos will just throw down their arms and give the US Army the finger before shaking hands and making up with one another.
Don’t believe me and every other intellectually honest person who knows the first thing about the conflict in Iraq? Take it from N., one of my Iraqi developers who thankfully made it out of Iraq:
I guess what the politicians should start thinking about the Iraqis who helped the U.S army and U.S.G in Iraq and not only think about leaving. every body know if they US army leave now it will be a big civil war and it will not end …
There you have it. From a real live eye-rakee. So cut the crap, anti-war left (and right), and make up your mind: ‘phased redeployment’ and Iraqi bloodbath, or stay-the-course. Those are your only options.