Berkeley CSUA MOTD:2003:August:26 Tuesday <Monday, Wednesday>
Berkeley CSUA MOTD
2003/8/26-30 [Computer/SW/Languages/Perl] UID:10018 Activity:nil
8/26    Java, perl, MySQL experience?  20 hr/wk contract available.
        email me if you're interested           -brain
2003/8/26-27 [Science/Battery] UID:29463 Activity:low
8/26    I just got a new NiMH battery for my thinkpad.  I'm going to use it
        occasionally, and I want it to last. Should I store it discharged or
        charged? I can't find anything on google or ibm. Thanks. -brett
        \_Return it and see if you can get a LiIon battery instead. NiMH
        is almost guarenteed to start failing within a year or two. If
        you want to keep it fresh you basically need to do a deep discharge/
        charge on it once it starts failing. I'm not quite sure if storing
        it away discharged will help the situation, as the batteries will
        degrade on their own over time. Storing it charged will not likely
        make much of a difference as the battery will lose voltage over time
        on their own, they actually will slowly leak electricty.
        The key thing is not to charge or discharge NiMH batteries in bursts,
        as they will have a memory effect.
        \_ I must be on crack, it IS Li-Ion, I don't know where I got the
           idea it was NiMH.  Thanks for the info and sorry about wasting
           your time. Ok, what about storing Li-Ion battery.   -brett
        \_ Re the memory effect, are you talking about NiMH or NiCd?
2003/8/26-27 [Computer/Networking] UID:29464 Activity:high
8/26    I've ended up with two dsl lines at my house till the
        end of the year or so. I would like to run some sort
        of routing protocol so that I can maximize my bandwidth
        by using both lines. I'm not sure how to go about setting
        this up, any pointers/ideas? I'm running *bsd if that
        makes a difference. tia.
        \_ there are several ways to do this, but I doubt any of these
           features exist on a desktop OS.  You need a router in between
           your PC and the two DSL lines.  Things such as multilink PPP,
           LACP (link aggregation), and other load balancing schemes can
           make use of two physical links.  PBR can work, but it's really
           overkill.  A link layer protocol can do this in a much
           simpler and stable fashion. -cisco guy
        \_ for the most part, not possible unless you do some very
           fancy policy based routing... not worth the trouble.
           \_ Okay, would it be possible to say just route vpn
              traffic on one dsl line and http/ftp traffic on
              the other?
              \_ and make life, support and debugging a living hell?
                 What if one DSL line goes down? Nevermind the fact
                 that you are probably going to get fired by your
                 company for compromising their vpn/intranet
                 And you're going to go thru the effort to set that
                 up and use it for 3 whole months?
                 Besides, why did you let SBC/PacBell screw you like that?
                 \_ why would my having two dsl lines compromise
                    my company's security? (I own both the lines
                    an neither is directly connected to my company
                    except when I have a vpn up)
                    \_ Because you are trying to set up a split tunnel VPN
                       I am assuming you are doing that because you are
                       bright. If you are doing it for some other reason
                       they you really have a chance to get into trouble.
                        \_ I guess I should clarify. I have one machine
                           with multiple outbound connections. It acts
                           as a firewall/router for the other systems
                           at my house. It doesn't (and can't) run the
                           vpn software. What I want to do is to have
                           this machine route all the ipsec traffic
                           from my other machines out one interface
                           and route all the other traffic out the other
                           interface. When the other machines are using
                           a vpn they run in full tunnel mode so I don't
                           have to worry about debugging problems from
                           using a split tunnel.
                           I know the quick and dirty way to do this is
                           to use a bunch of static routes but I wanted
                           to see if there was some way that I could get
                           around using static routes and just route
                           pkts based on whether or not they were ipsec
                           encapsulated or not.
              \_ Sure, no problem.  Ignore the nay sayers.  They have different
                 IPs so assign a different domain or hostname, etc to each one.
                 Changing DNS later is trivial.  You won't get fired anymore
                 than you would have doing what you're doing on one line.
                 Apache, sshd, and many other common servers can be told to
                 only listen on a particular ip/port.  Unless you've got huge
                 traffic on some service you won't notice the difference but
                 it's a good learning experience.
                 \_ okay.. explain this some more then. what you're describing
                    still requires policy based routing to work. the machine
                    may set the outbound ip to one on the second dsl line
                    but it will still at least try to go out the first line
                    since that is the default route. on top of that, the
                    isp of the first line may drop the outbound packet since
                    it's not one of their own. -shac
                    \_ Static route to vpn server.  It's the only place he
                       wants that line to go.  You can call that 'policy
                       based' routing if you like.  I'm not going to quibble
                       over terminology.
2003/8/26 [Politics/Foreign/MiddleEast] UID:29465 Activity:nil
        \_ This has got to be some kind of joke.
2003/8/26 [Computer/Networking, Computer/SW/OS/FreeBSD, Computer/HW/Drives] UID:29466 Activity:kinda low
8/25    Do people actually verify md5 sums?  I recently ftped a linux
        distribution iso and installed it.  It seems to run fine.  Then
        by chance I run md5sum on the image and the first disk failed.
        Is this just some transmission error or something more sinister?
        \_ freebsd ports do this automatically.  You should probably try
           pulling the image again and rechecking.  it could be truly sinister,
           it could just make your system unstable down the line.  look at it
           as a strong litmus test.
           \_ I already did and the new download passed the check.  I am
                going to reinstall the whole thing.  But if it is the installer
                itself that got corrupted maliciously, should I worry about
                all the partitions of my disks and all the disks that was
                mounted when I did the installation?  That would be really
                too much pain.
                \- based on the strength [sic] of the tcp checksum
                   and the error base rate you can figure out how often
                   you can expect an undetected tranmission error.
                   we made some calculations a few years ago and when you
                   started shoveling gigabytes around you needed to start
                   worrying about these and doing some kind of stronger
                   application level checksumming. lately i havent done any
                   measurements to see if the base error rate has gone down
                   [or up say in wireless or whatever] and what the new
                   expectations might me. however i certainly am not sur-
                   prised to hear large iso or tarballs coming over long
                   paths arrived frayed at the edges. if you are interested
                   in techical details and have a general familarity with
                   tcp, you can mail me. any discussion of this on say
                   NANOG? --psb
                   \_ Google, as a result of their work, keeps track of
                      these numbers. Look up their research.
                      \- oh yeah i remember asking the google folks
                         if they do higher level checks, what chksums
                         they ue etc as the copy around parts of the
                         they use etc as the copy around parts of the
                         cache. do they "publish" these things anywhere?
2003/8/26 [Uncategorized] UID:29467 Activity:high
8/25    I want to teach myself SAS.  Is there some free way to do this?
        (I am not a student)
        \_ find a free(re: pirated) copy of SAS, and stfw for an online
           course complete w/syllabus and lecture notes, or just tool
           around on it yourself -nivra
           \_ I can't believe someone on the motd is advocating the use of
              \_ or from a colleague (if one exists ...).  Hey the user said
                 "free" - nivra
2003/8/26 [Health/Eyes] UID:29468 Activity:nil
8/25    Do you wear glasses with anti-reflection coated lens?  I just got
        one for the first time ($50 extra).  I'm wondering how long
        before it starts to fade.  I've seen glasses with partially faded
        coatings and it looks pretty bad.  Does cleaning it less often make
        the coating last longer?  Thanks.
        \_ About one year. Only clean with a soft cloth and it will last longer.
        \_ Usually 1-1.5 yr for me and I usually abuse it by cleaning with
           tshirt etc.  My current one has 2 year warranty so we'll see how that
        \_ What happens after the coating wears out? Will the reslt be the
           same or worse than using non-coated lens?
           \_ Worse. I bought the coating once. Never again. It's not worth
              it. --dim
              \_ damn, I have been convinced that the anti-reflection coating
                 is worth it. Granted, I'll have another vision test a year
                 from now, and fortunately, the lenses will be changed at that
                 time anyways.
                 \_ Lasik, man.  Save your money!
                    \_ I am not paying much for it. Eye insurance is paid by
                       the employeer.
                       \_ Then get them to lasik you.
                    \_ You only get one set of eyes.
                       \_ Which is why you should lasik them and stop shelling
                          out money for glasses and contacts which both damage
                          your vision and risk infection (for contacts).
                    \_ there's a much higher risk to lasik than coated lenses.
                       \_ nonsense.  URLp.  the risk in both cases is so small
                          as to be inconsequential.
                          \_ Go watch the Simpsons.
        \_ Also, the coating is very sensitive to heat.  Don't leave the
           glasses (even in their case) in a hot car all day like I did.  The
           coating gets all crackly.
2003/8/26 [Politics/Domestic/RepublicanMedia] UID:29469 Activity:high
8/26    Some Nietszche for the day:
        "In our youthful years we respect and despise without that art of
        nuance which constitutes the best thing we gain from life, and, as
        is only fair, we have to pay dearly for having assailed men, and things
        which Yes and No in such a fashion. Everything is so regulated that the
        worst of all tastes, the taste for the unconditional, is cruelly
        misused and made a fool of until a man learns to introduce a little
        art into his feelings and even to venture trying the artificial: as
        genuine artists do. The anger and reverence characteristic of youth
        seem to allow themselves no peace until they have falsified men and
        things in such a way that they can vent themselves on them --- youth
        as such is something that falsifies and deceives. Later, when the
        youthful soul, tormented by disappointments, finally turns suspiciously
        on itself, still hot and savage even in its suspicion and pangs of
        conscience: how angry it is with itself now, how it impatiently rends
        itself, how it takes revenge for its long self-delusion, as if it had
        blinded itself deliberately! During this transition one punishes
        oneself by distrusting one's feelings; one tortures one's enthusiasm
        with doubts, indeed one feels that even a good conscience is a danger,
        as though a good conscience were a screening of oneself and a sign
        that one's subtler honesty had grown weary; and above all one takes
        sides, takes sides on principle, against 'youth'. --- A decade
        later: and one grasps that all this too --- was still youth!"
        (Beyond Good and Evil, 31)
        \_ "I'm a politician.  My job is not to nuance." --GWB
           \_ URLP.
              \_ It's not a direct quote.  I'd post a link but it's all Ann
                 Coulter and the UCB republicans explaining how the quote is
                 actually a good thing.
        \_ Oh great, a pagan fag.
        \_ Are his writings online anywhere in a semi-comprehensive format?
        \_ So, pretty much he's saying young people aren't old enough to
           understand that the world isn't black and white and this leads to
           poor decisions and some people never get it.  Thanks for burning
           an entire packet telling us the obvious.  Deep.
           \_ blah blah blah.
2003/8/26 [Computer/SW/Security, Computer/SW/Unix] UID:29470 Activity:high
        \_ hm... I don't think this is that cool.
           \_ The arbiter has spoken!
              \_ more an attempt to stimulate conversation than to
                 arbitrate. what do other people think? just seems to
                 me like there are many arbitrary ways one could
                 generate music from a web page, gif, whatever, and the
                 results of thsi weren't particularly compelling musically.
2003/8/26 [Reference/Law/Court] UID:29471 Activity:nil
8/26    Court: State (Arizona )must cover care for illegals
        \_ Check those numbers.  1.5 to 2 billion nationally, annually.
           This is hysteria over nothing.
           \_ A billion here, a billion there.  Pretty soon it adds up to real
              \_ Tell that to rummy.
2003/8/26-27 [Computer/SW/WWW/Browsers] UID:29472 Activity:low
8/26    While signing for online access to a foreign bank for a friend.
        Safari 1.0 and Firebird 0.6.1 complains that it could not
        verify the host (Safari: bad server certificate), while IE on win2K
        and Netscape 4.75 (Mac) does not complaint.  which one should
        I trust?
        \_ You can trust IE and Netscape on this issue.  You should check
           the details of exactly why Safari and Firebird said it was bad,
           but it was most likely because the certificate authority was
           3rd tier (i.e., not Verisign or Thawte).
           \_ it is also possible that the certificate has been revoked.
              old IE/Netscape won't catch these when new browsers can.
2003/8/26-27 [Uncategorized] UID:29473 Activity:nil
8/26    A while ago someone posted on motd an url saying that Safari does
        not validate common name fields.  Has this been resolved?  I kept
        up with most Safari updates but never seen this been addressed in
        a release note.  url please.  ok tnx.
        \_ fixed.
2003/8/26-27 [Uncategorized] UID:29474 Activity:nil 61%like:10001
8/23    new imap/pop SSL cert. bugs to root.
2003/8/26 [Politics/Domestic/California, ERROR, uid:29475, category id '18005#6.125' has no name! , ] UID:29475 Activity:high
8/26 (from -urld)
        Bunch of social security free-loaders. Work-safe link.
        \_ 4700 dollars for a fucking paint job?  it's clear who the freeloaders
           are here.  the sad thing is that when the government ends up
           paying for it they'll pay the extortion prices rather than
           fixing the real problem which is that they're being ripped off
           by the prosthesis company in the first place.
           \_ actually I think it is 4700 of the whole foot, and insurance
              was only willing to pay if she got the slightly cheaper
              white version.
           \_ relax, it's in britain anyway.
2003/8/26-27 [Computer/SW/Languages/Functional] UID:29476 Activity:high
8/26    What is the best way to deal/cope with boss who micro-manages?
        \_ Get them fired or transferred. That's what i've done to two mgrs.
        \_ overwhelm them with endless reports and queries about the tiniest
           most trivial details and generally behave the way they treat you:
           you can't do *anything* without their prior approval.  "Bob, should
           I use /tmp or /var/tmp for my zero byte lock file?  Let's have a
           meeting to discuss the pro's and con's and kick it over to >insert
           other group< to see what they think".
           \_ Good advice, but check to see how loved your boss is by the
              next level up first.  Too much love, and you may find yourself
              fired or transferred first.
        \_ on a related topic, how do i handle annoying neighbors around
           my cubicle?  i.e., eating chips/yawning/talking on the phone/
2003/8/26-27 [Computer/SW/OS/Linux] UID:29477 Activity:high
8/26    On a redhat linux box, which gets hit first .forward or .procmailrc ?
        \_ depends on whether you use procmail as your LDA.
            \_ assumin i am then the .procmailrc gets hit first, yes?
               (otherwise i have to .forward to the .procmailrc)?
            \_ It does?  I'm pretty sure .forward will always get hit first.
        \_ It's linux.  It depends.  That's why you've got 3 different answers
           from three different people.  obUseRealOS.
           \_ You're an idiot.  "It depends" on any Unix.  -tom
2003/8/26-27 [Computer/SW/Mail] UID:29478 Activity:kinda low
8/26    The small company I work for would like to set up IMAP and POP over
        SSL, and SMTP (with AUTH) over SSL for relaying.  Anyone have any
        recommendations?  I'm suggesting using qmail with a bunch of user-
        contributes patches.
        \_ It's not too difficult to do that with sendmail.  I'm a software
           engineer playing sys admin for my startup and I figured it out.
        \_ If you're on FreeBSD:
           # portinstall -R imap-uw
           # portinstall -R stunnel
           # portinstall -R qpopper (or whatever)
           # portinstall -R cyrus-sasl
           # vi /etc/make.conf; include the relevant lines commented out in
             /etc/defaults/make.conf relating to sendmail auth stuff
           # rebuild sendmail... it's in /usr/src somewhere... or just
           \_ Thanks a bunch.  I'll forward the two replies on. -op
2018/12/18 [General] UID:1000 Activity:popular
Berkeley CSUA MOTD:2003:August:26 Tuesday <Monday, Wednesday>