Today I worked on packaging Saxon 8 for Debian. While looking at some of its code I saw the following:

if (System.getProperty("java.vendor").equals("Jeroen Frijters"))
platform = DotNetPlatform.getInstance();

Note: Jeroen Frijters is the author of IKVM.

Today is the 9th of August and we've been at a restaurant (well... a self service cafeteria). Nothing fancy so far about it, but it was the first time this month, which makes it kind of special: On the first a new law come into effect in Lower Saxony (and some other parts of Germany) prohibiting smoking in public restaurants (save in closed, separate rooms). Being a non-smoker it was a nice experience to see how the former smoking area had vanished from the restaurant. Especially, since in that special case you couldn't avoid the smoking zone: To get to the toilette you needed to go through the smoking zone. And where do you bring your tablet back? Right, in the smoking zone. Nice.

Right, so as announced I finished my thesis this week. Its translated title is (if anyone want to know)

"Design and Implementation of a Model for the Retrieval of Free/Libre Open Source Software using a Case-Based Reasoning System".

Writing it certainly was an educational experience but I am still happy it's done now. Especially the last weeks where rather unfunny, more so since about ten days before my deadline we had a massive heat wave here in Lower Saxony. Now that it's done I am still waiting for enthusiam to kick in. So far weariness still prevails. Maybe also because finishing my thesis does not yet end my studies. We also have to do written and oral examinations which will take place in July and after. So at the moment I spend my days mostly sleeping and trying to muster up enough wanderlust for my trip to DebConf7. (At the moment the prospect of traveling long distance with trains and cheap flights and then be surrounded by a few hundred happy people is still rather daunting.) Anyway, in order to give an impression of my last weeks and months and to sum this all up, a list of random notes, taken during the last weeks, of what I learned while writing my thesis:

• 6 months are NOT a long time!
• 10.000 chars are not enough to model a Debian package description
• 50 chars are not enough to model a Debian package name (YES, THAT MEANS YOU, libmaypole-plugin-authentication-usersessioncookie-perl!)
• osi.org does not belong to the Open Source Initiative but to Ontario Swine Improvement (Ontario Swine Improvement (OSI) is an industry-run organization dedicated to providing swine improvement and genetic products, programs, information and expertise. Our goal is to help Ontario pork producers achieve competitive advantages and excellence in the global market place.)
• I must not procrastinate.
  Procrastination is the mind-killer.
  Procrastination is the little-death that brings total obliteration.
  I will face my thesis.
  I will permit it to pass over me and through me.
  And when it has gone past I will turn the inner eye to see its path.
  Where the thesis has gone there will be nothing.
  Only I will remain.
• Dr.-Ing. Roland Bless rules! (So does his LaTeX class for theses.)
• Working without internet is possible. It is even better than working with internet. Simply leave gaps where you need to look up stuff and fill them in in the evening.
• Losing half a litre of blood does not impair my fitness for (brain) work.
• Working with version control requires a minimum of intelligence attention. Unfortunately mostly so when ending work (dead tired) and when beginning to work (dead tired).
• Side effects: Insomnia, itchy area on left leg, belly aches, little blisters on the sides of my fingers, headaches, slight but constant petulance.
• "I know what I want to say, getting it on paper is the least work." - WROOOONG!
• German is such a crappy language to write scientific texts in. Special greetings to the generic masculine. Gah!
• When the cat's writing her thesis ...
  The fun time's over now, darling ;)
• "I have don't really like proof-reading your thesis in PDF, can't you just send me the Word file?" is not what you want to hear from your proof reader.
• Good: Debian, vim, subversion, LaTeX, bibtex, evince, xpdf, pdftk, PostgreSQL, OpenOffice.org, dia, gimp, phpESP, tea, coffee, ramen, chocolate, electric fan, eating at the uni's cafeteria twince a day, raw cornflakes straight from the box, frida (my trusty laptop), power naps, pizza, people understanding my true problems, the freedom to burry myself in my work and absolutely and utterly neglect anything else until I am finished.
• The flat can look worse. Much!
• Bad:
  • The FSIL (student council for teaching students) belt grinding(!) tables on the balcony in front of the students' working rooms.
  • People trying to be nice and asking how it's going with the thesis.
  • Fellow students greeting me with "Hey still here?"
  • Our evil DPL blogging about his highly addictive monsterz just when I got to work.
• I'll do it after I handed in the thesis.
• I'll see a doctor about it after I handed in the thesis ...
• I should commit much more often (svn that is)
• How come there are so many extra 'i's in your thesis?" Because it's Linux!
• Sense of time is overrated.
• Print shop guy is mean.
  A = Me, overtired, having formatted and doing last changes to this document the whole night through and on until 20 minutes before the printing appointment.
  B = Print shop guy
  
  B: You know that's not A4 ...
  A: WHAT?!
  B: Yea, it's too big.
  A: WHAT?! But, but, I ... That can't be!
  B: I'm telling you, it's too big. See, 0.3mm too long and 0.12mm too wide
  A: ... *death stare*
  
  
• The examination office is now located in the fourth floor in the building next to the post office at the Hindenburgplatz.
• Tolimar is the most patient and understand guy I've ever known.
  Thank you!
• 6 months are SUCH a long time!

Scott Lamb commented:

"Measuring police on the absence of crime is even easier to game, with horrible consequences."

In more detail, Baruch wrote:

"The result of measuring absence of crime will be that reports of crime will be rejected if the cops will think that they won't be able to catch the criminals. You will have to seperate the group that takes the reports and the group that handles them to make it work and even then I'm not sure someone won't find a way to go around that with another trick."

Well, if you read any cycling online forum, you'll have seen some reports of police rejecting reports of 'too hard' crimes like harassing cyclists. I think I've had one report accepted in the last year, about a moped user riding along a cycle track near a playground where I had noted the number plate, and two pretty certainly discarded. So, police discarding or discouraging reports of no-obvious-solution crimes seems to be happening already. andy r wrote:

"Hi there, Don't talk to me about tragedy of targets... As a teacher the word 'target' fills me with both fear and laughter. Last year my year 6 class and I worked our butts off and achieved the highest set of grades for any school in North Somerset, thereby rescuing the school from a very sticky situation with Ofsted. Within days of these results being known the senior LEA advisor suggested to me that the targets had, perhaps, in hindsight been too low. My reply was curt and Anglo-Saxon. Hindsight! Looking out of her hind? The LEA love targets. If you hit them you have not pushed the kids enough. If you exceed them you should have pitched them higher. Woe betide anyone who fails to meet their targets (I will this year, different cohort and those % from last year have been INCREASED!)... My kids have targets (though they have so many that they actually fail to remember them all). Teachers have targets for the numbers of children who are 'supposed' to achieve certain grades but the idiots who set them frequently have only a rudimentary grasp of mathematics. In my current school there are 45 children in a year group, so each one represents a little over 2%. In schools with small classes (perhaps 10 per year in some rural schools) 1 child can equate to 10%. If he's sick on exam day or is just not bright enough, that's 10% gone. And with the government expecting 75-80% of children to achieve a level 4 in their KS2 SATS, it's all too easy to drop blow your 'targets' through illness alone. But here's an even worse tragedy of targets in primary schools... a couple of years ago I had to disapply 2 children from SATS, simply because they have profound special needs and could not take the tests. In addition, the school had an Autistim Unit (now called something PC, but I forget what) which that year had 4 children in year 6. Therefore we had 6 children who could not take the exams. We filled in the paper work but were horrified when the results came in to discover that these children (who all had official exemption on disability grounds) were counted as having taken the test, even though they couldn't. For 'statistical' purposes these kids were classified as having scored zero! Out of a cohort of 36 children, 6 were classified as not having done a thing! The department of education acknowledged that this didn't help our statistics, but stated that it was their policy. In a school with a lot of very deprived kids this 16% scoring zero, added to a significant quanitity of under-achievers was enough to push us down to the bottom 100 primary schools nationally. You can only imagine how damaging that was for the school's reputation - parents took kids out, we were slated in the local press and had to fight like mad to justify our continued existence... Targets... bah! Hey, talking of which. The Health Trust has recently done a survey of local primary school children's weights and heights. In our day this sort of thing was compulsory. Not any more. Parents had to 'opt in' to the survey... And guess what? The parents of the largest kids refused to take part - as did the ignorant b*strds, but that's another story. So the WAHT will now be collating a totally skewed data set. I'm just waiting for the press release highlighting our slim North Somerset children... And of course, someone will be complemented on achieving targets for reducing childhood obesity, whilst infact the problem has probably - as it were- grown. I used to like the way that 'on time targets' were displayed in Didcot railway station. There was a board in foyer which highilighed punctuality. The impressive looking bar chart had these words written on it: "% of trains on time, compared to last month." And the brightly coloured chart was always up around 95%, ish. I was always suprised that nobody commented on that. 0.95*0.95*0.95...... month on month those trains were getting less and less punctual! But nobody bothered to point this out because 95% looks impressive! On many occasions I took the time to read, and re-read, the wording of those graphs so I know with 100% confidence that this was what they quoted. We never had a month with more than 100% punctuality compared to the previous month. Shame. That's enough. I'm off to the dog house."

(Almost all links in this text lead to German sources. Sorry, but this is a local topic and there aren't any English sources.) Unfortunately, Hildesheim is home to some rather prominent figures of the German neo-nazi scene. One of them has now registered for a protest march through Hildesheim on the 24 February 2007. The reason for this is, that an other neo-nazi event, that had been disguised as a "birthday party", but was in fact a propaganda event featuring talks by "contemporary witnesses" and "an evening of ballads" and was arranged by "National Forces of Hildesheim and the Association of German Women" had been prevented by the Hildesheim police. As a reaction to this, the aforementioned gentleman has now registered for a demonstration with the Hildesheim city council. (In Germany you need to register demonstrations.) Official head of the whole thing is this other gentleman, who has a history of trying to organise nazi demonstrations. He occasionally does so in Leipzig, where he tries to organise such demonstrations about twice a year. Their attendance is dropping though and they are usually met with about ten times as many counter demonstrators and thus have to be ended prematurely, exposing them as the unwanted and ridiculous farces they really are. However, the fact that people still try to register demonstrations such as this one is worrying. And the fact that this one is meant to be in the town I live in makes me pretty angry. Fortunately the demonstration is met with broad opposition. An alliance has been formed, consisting of the German adult education centre of Hildesheim (VHS), the Federation of German Trade Unions (DGB), Verdi, our public services union, Attac, the Antifa, the refugee council of Lower Saxony and the political parties with the Hildesheim Greens as the most active part at the moment. It is good to see, that such neo-nazi endeavours are met with such a broad opposition, and that this opposition does not only originate from the "usual suspects", but from the centre of society. (The VHS for example is usually a non-political organisation, and seeing them engage in such an alliance and even hosting its meetings is pretty cool!) It's not sure yet, whether the demonstration will be approved. It probably will, but with a bunch of extra conditions. If it is approved, it is even more important to meet it with the resistance it deserves! So, if you are living near Hildesheim, watch this space for announcements of the planned counter measures.

I've been preparing on my exam on programming and modeling languages. The usual classification of imperative, functional, oop and logic programming is kind of inconsequent, since there are e.g. functional oop languages. To me, oop is more of a software engineering thing, usually applied to imperative programming with a load of syntactic sugar. The usual OOP examples suck. They're so basic that all the OOP and modeling stuff is just a complete waste of time. So I was considering more complex examples, and ended up at common design patterns. A couple of design patterns in OOP seem like workarounds to me; a new language (well, maybe C# has addressed some of these, I don't know) could probably add some more syntactic sugar to ease their use. I hate UML diagrams. To me they just emphasize all the obvious stuff, while they quickly get too complex to be of use for "seeing" the important things. Even UML activity diagrams in my opinion don't properly depict the flow of information/data in the program, which is what I really care about. Activity diagrams basically show you a sequence of methods are being called. But often you'll have a method being called thousands of times, with the actual relevant information being in the parameters passed. And some stuff might be done asynchronously, too. For certain problems (well, not for stuff like e.g. the train door used in OOP examples), it could be much more useful to abstract away from the involved classes - which are often just wrappers for data, "records", "datagrams", tcp packets - and instead model flows of data. Think of drawing conveyor belts transporting data, filtering it, duplicating it, ... The gstreamer framework seems to employ such a model for audio and video processing. You build pipelines by placing e.g. sources and sinks there. But you can interpret dozens of code examples with this model. SAX transform a stream of charaters into a stream of XML nodes. UI mainloops are basically a stream of UI events. Network data obviously is easy to model as a data flow; the "obvious" mapping into "packet objects" however often useless. Even when doing a select on a database, the result has an obvious representation as a data flow (a flow of records in this case). You probably only need a couple of "primitives". Sources and sinks, obviously. Filters, Y and Tee modules. Queues and Caches could be interesting, too. Note that data flows can work in two ways: push and pull. Maybe sometimes the same code could be used for pull and push operations, too. When push and pull driven flows meet you often need threads to connect. For example, a SAX parser usually will pull character data from a stream and push a stream of XML nodes as output. One way to get a pull-able output stream out of this (I'm ignoring e.g. the existing XMLpull API for this example) is to use a cache (which will eventuall contain the whole document as Nodes), another is to use two threads and just block the SAX thread until the other pulling thread has requested another node. Of course you can do all this in existing languages (you know, this doesn't give you anything new beyond turing completeness) - just like you could do OOP in assembler. You can, but it would be nice if the compilers offer you an easier syntax. Also it would be nice if I wouldn't have to write different code for pull-driven and push-driven operation. Also note that push type operation is rather typical for imperative programming languages - for i in range(0,10): print i - whereas pull type operations are typical for "lazy" functional languages - take 3 (repeat 'a').

Note: This article is part of my OS Install Experiences series.

Next up: a SUSE 10.1 install. It's been a few years since I touched a SUSE distribution (it was something like SUSE Linux 5.3 or so), a lot has happened since then... Here's a rough sketch of the installation and a few superficial remarks and facts related to security. Install

1. First, I downloaded a SUSE 10.1 CD image, burned it on a CD, and booted from that.
2. The installer that showed up is graphical, and you can choose between a normal installation, booting a rescue system, or running a memory test (uses memtest86, I presume).
3. While the installer runs it merely shows a rotating logo, but you can switch to other consoles (ALT+F1, ALT+F3, ALT+F4) for watching log messages passing by.
4. You can choose the language used in the installer, later also your timezone and keyboard layout. You can also check the installation medium, which verifies the checksum of the CD, I guess.
5. Next, you'll be asked to accept a license agreement (yeeaah, whatever).
6. Your hardware will be automatically detected (worked quite well for me), and after that you can choose between a new install or a system upgrade.
7. As for the desktop, you can use GNOME, KDE, text-mode (no desktop), or a "minimal graphical system" (it turns out that means fvwm, at least that's what I think).
8. The graphical partitioning tool feels a bit awkward at first, I needed several tries until I figured out how to make it use the layout I wanted it to. The default file system suggested by the tool is ReiserFS.
9. There's an explicit option which lets you choose the default run-level for the system (run-level 5 is pre-configured).
10. The bootloader, GRUB, recognized the other partitions (Debian stable + unstable), added an entry for SUSE Linux, and created a working setup. Nice, although more control over the process (e.g. naming of the boot options) would be nice.
11. Reboot.
12. I'm asked to insert CDs 2 and 3, which I don't have (or want), as I only burned CD 1. Clicking "abort" a few times does the trick, and I can continue by choosing a hostname and domain name for the box (hydra + local.domain).
13. Now I must enter the root password. Very nice: I have the choice between DES, MD5, or Blowfish (SUSE default) for the hashing/encryption of user passwords.
14. Afterwards, the network is configured (automatically, via DHCP). You can enable a firewall at this point, and enable/disable access to the ssh port explicitly. It's also possible to enable "VNC remote administration" (default: off), or configure a proxy.
15. Authentication methods for users, available from the installer: local (/etc/passwd), LDAP, NIS, Windows Domain.
16. When adding a new user, there are some options. Per default, the user is in the groups "users" (no per-user groups, it seems), "dialout" and "video", but that can be configured. Password expiration is disabled. The default shell is bash.
17. And now... another registration message (in the release notes, actually). May I quote (from my head): The registration procedure transfers zmd's unique device identifier to Novell's registration web service. The information sent may also include OS, version, architecture, and the output of uname and hwinfo, according to that text. More on that later, maybe...
18. Of course, SUSE Linux comes with SUSE's/Novell's AppArmor enabled by default, but I haven't looked into it, yet.
19. Now some problems appeared. More hardware discovery took place, it seems, then the screen turned black (with only a non-blinking cursor in the upper left), no reaction to any input -> I performed a hard reboot.
20. After booting, I'm dropped into fvwm (although I chose GNOME in the installer), the reason probably being the forced reboot. After looking around a bit in the menus and stuff, I wanted to start sax2 (to find out what it does), but the screen turned black again -> another hard reboot. Could it be that I don't have enough RAM for this (256 MB)?
21. Anyways, at this point I lost interest in playing with the system any further, and gathered the below information for comparison reasons...

Security

• Portscan from another box:
  

  PORT     STATE    SERVICE
  22/tcp   open     ssh
  135/tcp  filtered msrpc
  137/tcp  filtered netbios-ns
  138/tcp  filtered netbios-dgm
  139/tcp  filtered netbios-ssn
  445/tcp  filtered microsoft-ds
  1433/tcp filtered ms-sql-s
  1434/tcp filtered ms-sql-m
  

  Not good. A default install should not have any ports open, IMHO. Quite a bunch of Windows ports, eh? To be fair, if the firewall is enabled, none of those will be reachable.
• Some permissions:
  

  drwx------  2 root root  168 2006-05-25 01:50 /.gnupg
  drwxr-xr-x  3 root root   72 2006-05-25 00:58 /home
  drwx------  8 root root  432 2006-05-25 01:56 /root
  drwxrwxrwt  9 root root  504 2006-05-25 01:55 /tmp
  crw-------  1 root video  10, 175 May 25 04:58 /dev/agpgart
  crw-r-----+ 1 root root    5,   1 May  2 08:45 /dev/console
  drwxr-xr-x  6 root root       120 May 25 04:58 /dev/disk
  crw-rw----  1 root video  29,   0 May 25 04:58 /dev/fb0
  brw-rw----+ 1 uwe  disk    2,   0 May 25 04:58 /dev/fd0
  crw--w--w-  1 root root    1,   7 May 25 04:58 /dev/full
  brw-r-----  1 root disk    3,   0 May 25 04:58 /dev/hda*
  brw-rw----+ 1 uwe  disk   22,  64 May 25 04:58 /dev/hdd
  crw-r-----  1 root kmem    1,   2 May 25 04:58 /dev/kmem
  crw-rw----  1 root root    1,  11 May  2 08:45 /dev/kmsg
  srw-rw-rw-  1 root root         0 May 25 04:58 /dev/log
  crw-rw----  1 root lp      6,   0 May 25 04:58 /dev/lp0
  crw-r-----  1 root kmem    1,   1 May 25 04:58 /dev/mem
  crw-rw-rw-  1 root root    1,   3 May  2 08:45 /dev/null
  crw-r-----  1 root kmem    1,   4 May 25 04:58 /dev/port
  crw-rw----  1 root root   10,   1 May 25 04:58 /dev/psaux
  crw-rw-rw-  1 root tty     2,   0 May 25 04:58 /dev/ptyp*
  crw-rw-rw-  1 root root    1,   8 May 25 04:58 /dev/random
  crw-rw-rw-  1 root tty     5,   0 May  2 08:45 /dev/tty
  crw--w----  1 root root    4,   0 May 25 04:58 /dev/tty0
  crw-rw----  1 root tty     4,   2 May 25 04:58 /dev/tty[1-6]
  crw--w----  1 uwe  tty     4,   7 May 25 04:58 /dev/tty[7-9]
  crw-rw----  1 root uucp    4,  64 May  2 08:45 /dev/ttyS[0-4]
  crw-------  1 root uucp    4,  68 May  2 08:45 /dev/ttyS[4-7]
  crw-rw-rw-  1 root tty     3,   0 May 25 04:58 /dev/ttyp0
  crw-r--r--  1 root root    1,   9 May 25 04:58 /dev/urandom
  crw--w----  1 root tty     7,   0 May 25 04:58 /dev/vcs
  crw-rw----  1 root tty     7,   1 May 25 04:58 /dev/vcs1
  crw-rw----  1 root tty     7, 129 May 25 04:58 /dev/vcsa1
  crw--w----  1 root tty     7, 130 May 25 04:58 /dev/vcsa2
  pr--------  1 uwe  tty          0 May 25 05:01 /dev/xconsole
  crw-rw-rw-  1 root root    1,   5 May  2 08:45 /dev/zero
  

  Nice: /root has mode 700. Um, /dev/fd0, /dev/hdd, and a few others are owned by me (user "uwe")? Why?
• Default users and shells:
  

  at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
  bin:x:1:1:bin:/bin:/bin/bash
  daemon:x:2:2:Daemon:/sbin:/bin/bash
  ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
  games:x:12:100:Games account:/var/games:/bin/bash
  haldaemon:x:101:102:User for haldaemon:/var/run/hal:/bin/false
  lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
  mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
  man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
  mdnsd:x:78:65534:mDNSResponder runtime user:/var/lib/mdnsd:/bin/false
  messagebus:x:100:101:User for D-BUS:/var/run/dbus:/bin/false
  news:x:9:13:News system:/etc/news:/bin/bash
  nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
  ntp:x:74:103:NTP daemon:/var/lib/ntp:/bin/false
  postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
  root:x:0:0:root:/root:/bin/bash
  sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false
  suse-ncc:x:102:104:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
  uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
  wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
  uwe:x:1000:100::/home/uwe:/bin/bash
  

  Quite a random mix of /bin/bash and /bin/false as shells, it seems. Notice the absence of /bin/sh.
• Setuid/setgid files:
  

  # find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -ld ' ' \;
  -rwsr-xr-x 1 root root 31668 Apr 23 08:48 /bin/su
  -rwsr-xr-x 1 root root 35520 Apr 23 03:53 /bin/ping
  -rwsr-xr-x 1 root audio 20252 Apr 23 04:21 /bin/eject
  -rwsr-xr-x 1 root root 321981 May  2 08:50 /bin/mount
  -rwsr-xr-x 1 root root 31696 Apr 23 03:53 /bin/ping6
  -rwsr-xr-x 1 root root 117887 May  2 08:50 /bin/umount
  -rwsr-xr-x 1 root root 5056 May  2 11:14 /opt/kde3/bin/artswrapper
  -rwsr-xr-x 1 root root 6696 May  2 12:02 /opt/kde3/bin/kpac_dhcp_helper
  -rwsr-xr-x 1 root trusted 43940 May  2 09:47 /usr/bin/at
  -rwsr-xr-x 1 root root 836524 May  2 10:28 /usr/bin/gpg
  -rwsr-xr-x 2 root root 4880 Apr 23 05:09 /usr/bin/man
  -rwsr-xr-x 1 root root 18720 Apr 23 04:32 /usr/bin/rcp
  -rwsr-xr-x 1 root root 9340 Apr 23 04:32 /usr/bin/rsh
  -rwsr-xr-x 1 root shadow 73284 May  2 10:50 /usr/bin/chfn
  -rwsr-xr-x 1 root shadow 68992 May  2 10:50 /usr/bin/chsh
  -rwsr-xr-x 1 root root 105084 May  2 09:47 /usr/bin/sudo
  -rwxr-sr-x 1 root tty 10312 May  2 08:50 /usr/bin/wall
  -rwsr-xr-x 1 lp sys 10400 Apr 25 19:15 /usr/bin/lppasswd
  -rwsr-xr-x 1 root trusted 33260 Apr 23 04:36 /usr/bin/crontab
  -rwsr-xr-x 1 root root 59980 May  2 16:38 /usr/bin/fileshareset
  -rwsr-xr-x 1 root shadow 75692 May  2 10:50 /usr/bin/chage
  -rwsr-xr-x 2 root root 4880 Apr 23 05:09 /usr/bin/mandb
  -rwxr-sr-x 1 root tty 8936 May  2 08:50 /usr/bin/write
  -rwsr-xr-x 1 root shadow 13388 May  2 10:50 /usr/bin/expiry
  -rwsr-xr-x 1 root root 15532 May  2 10:50 /usr/bin/newgrp
  -rwsr-xr-x 1 root shadow 72836 May  2 10:50 /usr/bin/passwd
  -rwsr-xr-x 1 root shadow 74528 May  2 10:50 /usr/bin/gpasswd
  -rwsr-xr-x 1 root root 12900 Apr 23 04:32 /usr/bin/rlogin
  -rwsr-xr-x 1 root root 23990 Apr 29 01:08 /usr/lib/pt_chown
  -rwxr-sr-x 1 root maildrop 10440 May  2 09:36 /usr/sbin/postdrop
  -rwxr-sr-x 1 root maildrop 10444 May  2 09:36 /usr/sbin/postqueue
  -rwxr-sr-x 1 root tty 7288 Apr 23 03:40 /usr/sbin/utempter
  -rws--x--x 1 root root 1832764 May  2 09:26 /usr/X11R6/bin/Xorg
  -rwxr-sr-x 1 root shadow 20136 Apr 23 03:54 /sbin/unix_chkpwd
  -rwsr-x--- 1 root dialout 31700 May  2 09:56 /sbin/isdnctrl
  -rwxr-sr-x 1 root shadow 6624 Apr 23 04:35 /sbin/unix2_chkpwd
  

  Quite a bunch... I sure hope those "rsh", "rcp", "rlogin", and so on, are ssh aliases in reality (didn't check)...
• World-writable files:
  

  # find / -not -type l -perm -o+w -exec ls -ld ' ' \;
  srw-rw-rw- 1 root root 0 May 25 23:54 /dev/log
  crw-rw-rw- 1 root root 1, 5 May  2 08:45 /dev/zero
  crw-rw-rw- 1 root tty 5, 0 May  2 08:45 /dev/tty
  crw-rw-rw- 1 root tty 5, 2 May 26 00:02 /dev/ptmx
  crw-rw-rw- 1 root root 1, 3 May  2 08:45 /dev/null
  crw-rw-rw- 1 root tty 2, 0 May 25 23:54 /dev/ptyp*
  crw-rw-rw- 1 root tty 3, 0 May 25 23:54 /dev/ttyp*
  crw--w--w- 1 root root 1, 7 May 25 23:54 /dev/full
  crw-rw-rw- 1 root root 1, 8 May 25 23:54 /dev/random
  drwxrwxrwt 3 root root 60 May 25 23:54 /dev/shm
  crw-rw-rw- 1 root tty 5, 0 May  2 08:45 /lib/udev/devices/tty
  crw-rw-rw- 1 root root 1, 3 May  2 08:45 /lib/udev/devices/null
  crw-rw-rw- 1 root tty 5, 2 May  2 08:45 /lib/udev/devices/ptmx
  crw-rw-rw- 1 root root 1, 5 May  2 08:45 /lib/udev/devices/zero
  drwxrwxrwt 10 root root 672 May 26 00:02 /tmp
  drwxrwxrwt 2 root root 48 Apr 23 03:51 /tmp/.ICE-unix
  drwxrwxrwt 2 root root 72 May 25 23:54 /tmp/.X11-unix
  srwxrwxrwx 1 root root 0 May 25 23:54 /tmp/.X11-unix/X0
  srw-r--rw- 1 root root 0 May 25 23:54 /var/run/zmd/zmd-web.socket
  srwxrwxrwx 1 root root 0 May 25 23:54 /var/run/zmd/zmd-remoting.socket
  srwxrwxrwx 1 root root 0 May 25 23:54 /var/run/dbus/system_bus_socket
  srw-rw-rw- 1 root root 0 May 25 23:54 /var/run/nscd/socket
  srwxrwxrwx 1 root root 0 May 25 23:54 /var/run/mdnsd
  srw-rw-rw- 1 root root 0 May 25 23:54 /var/run/.resmgr_socket
  drwxrwxrwt 2 root root 48 May 25 23:54 /var/run/uscreens
  drwxrwxrwt 11 root root 416 May 25 23:55 /var/tmp
  drwxrwxrwt 2 root root 48 Apr 23 03:51 /var/tmp/vi.recover
  drwxrwxrwt 2 root root 48 Apr 23 03:51 /var/cache/fonts
  drwxrwxrwt 2 root root 48 Apr 23 03:51 /var/spool/mail
  prw--w--w- 1 postfix postfix 0 May 25 23:59 /var/spool/postfix/public/qmgr
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/public/flush
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/public/showq
  prw--w--w- 1 postfix postfix 0 May 26 00:02 /var/spool/postfix/public/pickup
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/public/cleanup
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/lmtp
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/smtp
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/uucp
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/rewrite
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/discard
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/anvil
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/bsmtp
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/defer
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/cyrus
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/error
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/local
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/relay
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/trace
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/maildrop
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/bounce
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/ifmail
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/scache
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/verify
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/virtual
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/procmail
  srw-rw-rw- 1 postfix postfix 0 May 25 23:54 /var/spool/postfix/private/proxymap
  drwxrwxrwt 8 root root 192 May 25 00:06 /usr/src/packages/RPMS
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/i386
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/i486
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/i586
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/i686
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/athlon
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/RPMS/noarch
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/BUILD
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/SPECS
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/SRPMS
  drwxrwxrwt 2 root root 48 Apr 23 02:28 /usr/src/packages/SOURCES
  

  No real files actually, only sockets, device files, and directories. Still, it's quite a lot of them. Do they all really need to be world-writable?

That's it. Comments, suggestions, flames?

I couldn’t resist the temptation, and started to write yet another Scheme logging library; this has been on my TODO-list for quite some time now, but now it became more urgent, since we need a logging facility for conjure. I hope jao will be pleased to see that my branch of conjure already makes use of the new logging module . Of course, I didn’t in fact start from scratch, but had a look at the various logging libraries available; the Scheme ones being:

• The logging package in guile-lib. I couldn’t really use that code, since it’s uses GOOPS, Guile’s CLOS-like object system. Also it doesn’t support hierarchies of loggers, which I consider an important feature, since it allows flexible configuration of the logging behaviour for a software system that is contains of multiple subsystems. For example, you may want to enable debugging output in a specific subsytem, while only getting warnings and errors for everything else.
• log4scm. I don’t know what to say about that but: strange. While named in the log4X tradition initiated by log4j, a rather powerful (and complex, IMHO) logging system for Java, it seems very unflexible, and not suitable for a general-purpose logging system. Nevertheless it uses threads, a callback system for fatal logs, and SSAX to parse XML files for configuration - speak about heavyweight! Strange license, too. I will refrain from commenting further .

I also had a look at log4r and the Python logging package; both seem worthy taking as a starting point. What I’ve come up with so far has a pretty similiar model to these systems; you send a log entry that should be logged to a logger, which has zero or more handlers that are responsible for actually doing anything with the log entry, such as writing it to a port. All loggers, besides the root logger have a parent, (also a logger) which log entries are sent to, in addition to being processed by the handlers attached to the logger; the propagation to the parent can also be turned off. The logger hierarchy is established by a hierarchical namespace: The logger with the name '(conjure cc) is a child of the logger named '(conjure). This may all sound overly complicated, but getting started is very straightforward:

;; ,open spells.logging
(define log-info (make-log ‘(test) ‘info))
(configure-logger ‘())
(log-info “hello world!”)

make-log creates a logging procedure. Logging procedures take a single argument to be logged; the argument may be an arbitrary object; it is up to the handlers on how to go about formatting this object. The argument passed to the logging procedure is wrapped in a log entry, which additionally contains the log level. The name of the logger that is to be used is '(test), and 'info is the log level. If the logger '(test) doesn’t already exist, it is created on the fly with no handlers and the root logger as a parent; it can be configured later. This separation of logger creation and configuration is important: In a real application, the logging can be configured from the command line or a configuration file; you don’t want to (hard-)code it into the same module that uses the logger. (configure-logger '()) configures the root logger (which has the empty list as name) with a default configuration. configure-logger also has an optional argument in which you can provide a custom configuration, but I won’t go into this now, since this part of interface is most likely to change. The default configuration amounts to logging everything on (current-output-port). Finally, we log a simple string through the logging procedure log-info. The output looks like this:

(test: [info] hello world!)
Well, enough of this for now; if you got curious you can take peek at the code.

Compiled over the last few weeks, here's a random list of some subjects I'd love to see covered in XTech 2006. There's now only three weeks left of the call for participation -- so it's definitely time get that proposal in! Mail me if you have any questions.

• OpenDocument vs. Microsoft Office Open XML (am I the only one annoyed by how this format is abbreviated as "Open XML"?)
• Ruby on Rails 1.0
• Firefox 1.5, including its many new features for developers. I loved the idea from Tristan Nitot that extensions are a way to keep Firefox successful. There's a lot of potential here. Anybody want to attend a tutorial on making Firefox extensions?
• W3C Rich Web Clients Activity
• XSLT 2.0 adoption and implementation--anyone but Saxon?
• The Web Desktop. I was incredibly interested in this post of Miguel de Icaza's. For a long time I've felt RDF could hold the desktop together, data-wise, but he also proposes that HTTP and web services could do a similar thing. I suspect these are two strands of development that go hand in hand.
• Design, usability and patterns for AJAX web applications.
• Open Content Alliance
• RSS and Atom: despite the release of Atom, RSS continues to grow down its own path. I reckon it's about time to sort out where each are going, and what they're best for.
• XSL-FO: I use this technology regularly for preparing PDFs with RenderX, and the specification itself is mature. It seems time to take stock of XSL-FO and where it might go in future.

Submit your proposal here: XTech 2006 Call for Participation. XTech will be held 16-19 May 2006, Amsterdam, Netherlands.

I’ve just returned from NIPS 2005. The conference was great, and I hope to post more later about my favourite papers, posters and talks. The highlight of this year’s conference was undoubtedly Jeff Bilmes, Michael Collins, Koby Crammer and Fernando Pereira’s summary of their workshop on structured learning for text and speech processing. Fortunately, I captured the entire thing on video for the enjoyment of the machine learning community (and anyone else who’s interested). So, without further ado, I present Jeff Bilmes (bass), Michael Collins (sax), Koby Crammer (bongos) and Fernando Pereira (vocals) performing “We Gonna Solve AI”. For those of you that wish to sing along at home, the lyrics are:

Summertime, and the learning is easy. Our problem is structured,
And the accuracy is high. Your funders are rich,
And your colleagues are good-looking. So grow little margin,
We gonna solve AI. Wintertime, and the learning is #-P. Our speech is recognized,
But we don’t know why. Our code is in MATLAB,
And our data’s synthetic. So grow little margin,
We gonna solve AI.

[*] sung “sharpee”