chxo internets

EC2 on EBS: Taming the Amazon

Wed, 01 Sep 2010 10:23:04 -0400

I upgraded my old Debian 4 AMI to Debian 5 yesterday, and switched it from S3 storage to the more permanent (and more easily clone-able!) EBS.

With EBS-backed instances, we can finally have a boot drive that doesn’t go away if the instance gets hosed! There is dancing in my street.

Create a bootable EBS AMI from a running instance is more pro, but Creating an Amazon EC2 EBS AMI from a running instance is more helpful. Take your pick, but do not use dd to copy an active file system. My sshd_config ended up with a bit of syslog in it somehow, what a nightmare.

Beware of the default Apache 2 config for PHP

Wed, 01 Sep 2010 08:36:02 -0400

Ilia Alshanetsky points out that AddHandler is the wrong directive to use for executable file types like PHP, because Apache could execute the file bad.php.jpeg (I haven’t tested this yet, but plan to).

The safer directive is apparently AddType:

AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps

Firefox Audio Fail

Tue, 20 Jul 2010 11:18:00 -0400

You would think that if your browser doesn’t support playing audio/mp3 content using an html5 tag, it would do the right thing and fall back to the fallback markup under it.

Consider the following html5 markup:

Click here to play audio

I’m just getting started with html5, but it seems to me that a browser should embed an audio controller if sources of type audio/mp3 are supported, and fall back to the link if not.

Firefox (which doesn’t support mp3) embeds the controller, but shows a big red X because it can’t play the file.

So I ask you, internets, am I misinterpreting the standard?

10 things you may not know about using Amazon Web Services in the enterprise

Wed, 07 Jul 2010 11:32:34 -0400

10 things you may not know about using Amazon Web Services in the enterprise:

Or maybe you know them, so this is 10 things to keep in mind…

I call it a Parks Remix. For obvious reasons. The park green is...

Mon, 21 Jun 2010 19:49:00 -0400

I call it a Parks Remix. For obvious reasons. The park green is #2d802d. See previous post for the original map colors.

New MTA NYC Transit Subway map, June, 2010. Why are the parks...

Mon, 21 Jun 2010 19:37:00 -0400

New MTA NYC Transit Subway map, June, 2010.

Why are the parks olive? Is anyone else bothered by the un-greening of New York parks?

See next post for a greener version.

List of blocked ports in Safari

Fri, 11 Jun 2010 17:00:56 -0400

One of my colleagues likes to use port 6667 for his development environment. As in, when he tests his code, he connects to a url like https://dev.example.org:6667/

He recently noticed that Safari and Google Chrome restrict access to that port. Apparently when you allow a browser to connect to arbitrary ports, an attacker can craft a form that will submit arbitrary data to any port. I mean, duh, right? That’s why internet services should require authentication, something we’ve known since the 90s. But Mozilla’s page on the topic gives the example of submitting email directly to a mail server behind your firewall, which is apparently a problem for someone, somewhere. So they block a bunch of ports in the browser.

Since you can’t disable the port restrictions in WebKit (like you can in Firefox), developers should know what ports are blocked so that they don’t try to put web services on them. You can find the full list of restricted ports in Safari by looking at the WebKit source code file KURL.cpp. Search for “blockedPortsList”. It’s currently at line 1705 but that will change.

Looks like my colleague will need to pick a new favorite port number, like 5234 or something.

Desalinization Update

Sat, 29 May 2010 10:07:40 -0400

IEEE Spectrum explores Eight [Present and Future] Technologies for Drinkable Seawater. Portfolios like this are why I subscribe to Spectrum. Way to scratch that infrastructure nerd itch!

I especially like the idea of the microbial fuel cell, which takes advantage of excess electrons generated by contaminant-eating bacteria.

I mean, whoa. Contaminant-eating bacteria that generate electricity. I think we have a replacement dream technology for flying cars in the 21st Century!

Multiple file upload, the HTML5 way

Sat, 17 Apr 2010 13:25:53 -0400

This is rocking my world:

It does exactly what you think it does, allowing a single file input to upload multiple files in one request, without js or flash.

Available today in Firefox, Safari, and Chrome. Thank you!

Chrome isn't a secure browser yet

Thu, 15 Apr 2010 08:25:48 -0400

In Chrome Phishing, Robert Hanson blows the lid off the “Google knows what it’s doing so Chrome is secure” idea. He argues that Chrome has a long way to go before it’s a mature browser, free of easily-exploitable holes.

Remember the old username-looks-like-web-site-in-the-url trick? http://gmail.google.com@evil.net/ is an example.

Try it in Chrome. Now try it in Firefox. Security is hard, even for Google.

Papyrus made me angry. Can you figure out what’s what in the...

Fri, 09 Apr 2010 19:30:00 -0400

Papyrus made me angry. Can you figure out what’s what in the toolbar?

And they implemented their own text editor. Cursor positioning glass and clipboard support not included.

iPad Filesharing (iWork export)

Sun, 04 Apr 2010 17:40:35 -0400

The iWork suite allows you to export your documents to something called “filesharing” but where do the files actually end up?

It took a while (for me) to figure it out, helped by http://support.apple.com/kb/HT4094:

When you sync up via iTunes, scroll to the bottom of the Apps tab to see the list of files in File Sharing, where you can save them off to other places.

Farmville on Web Scaling

Wed, 10 Feb 2010 12:48:09 -0500

This was a pretty good read, How FarmVille Scales to Harvest 75 Million Players a Month. The lessons learned are worth generalizing:

Interactive apps are write-heavy.
Design every component as a degradable service, and provide a mechanism to degrade services server-side during peak demand.
Cache incoming data - they cache everything coming in from Facebook
Usage spikes during new releases of an app
Use sampling to make sense of large traffic flows

De-columnize Regex

Tue, 02 Feb 2010 22:59:47 -0500

\s+\|\s*\n\|

This regular expression matches the pipes and spaces in mysql output like:

| $dq$$form                  | 
| $dq$$module                | 
| $dq$$place                 | 
| $dq$$site                  | 
| $dq$$thing                 |

Sometimes it’s handy to extract just the values from a pasted query result.

Finding /dev/null from ZDE preferences.

Sat, 23 Jan 2010 17:19:00 -0500

Finding /dev/null from ZDE preferences.

Zend Studio 5.5 hangs "loading source control data"

Sat, 23 Jan 2010 17:17:44 -0500

Thanks to a post buried in the Google cache of Zend’s support boards, I give you the means to solve this annoying bug: set the svn and cvs paths to /dev/null.

I tried setting just the svn path to /dev/null, but ZDE.app was still loading source control data when opening the problem project. Then I set the cvs path to /dev/null, restarted, and no more loading.

According to the thread, this also works, changing ZDE/config_5.5/cvs_options.xml so that the value is false. Not sure if it works, I like the /dev/null solution too much.

Revert svn deleted symlink

Tue, 22 Dec 2009 20:59:00 -0500

Let’s say you have a symlink or two in your svn repository, and one day you decide to delete one of them. You use the svn rm command to do so.

$ ls -l tinymce-3.2.6
lrwxrwxrwx ... tinymce-3.2.6 -> ../../jslibs/tinymce-3.2.6
$ svn rm tinymce-3.2.6
D         tinymce-3.2.6 
$

But a minute later you realize that you actually need that symlink. You haven’t committed anything. Normally you would just svn revert and go about your business.

Alas, your working directory is in limbo now; svn revert won’t restore, and svn up ignores the missing symlink. The trick, apparently, is that you must commit the deletion before you can roll it back.

$ svn commit -m "Uh, accidentally deleted wrong version of tinymce"
Deleting       tinymce-3.2.6

Committed revision 12679.

Then you copy (I kid you not) the link back in from a previous revision, and commit that.

$ svn copy -r 12678 http://svn.example.org/path/to/tinymce-3.2.6 \ 
 ./tinymce-3.2.6
A         tinymce-3.2.6
$ svn commit -m "Respawned tinymce-3.2.6 from previous revision"
svn commit -m "'Resurrected' link from previous revision"
Adding         tinymce-3.2.6

Committed revision 12680.

Now the symlink is back and you can carry on.

The SVN Book calls this “resurrection”, I call it “respawning.” Thanks to this post for the tip.

Rock Solid HTML Emails

Sat, 19 Dec 2009 12:55:31 -0500

Great (no, really great!) summary of the many quirks to keep in mind when building an HTML email template:

http://24ways.org/2009/rock-solid-html-emails

I had to learn most of these the hard way recently, but I haven’t tested against Y! mail so I’m sure some of my work is broken.

The biggest disappointment, by the way, is Gmail. I mean, inline CSS only? Really? What kind of kludge is that? It bulks up message size considerably. I guess the alternative is to use… an iframe. Oh well.

"The goal is to look over our shoulder and see Snow White and Pinocchio and Dumbo standing there..."

Thu, 17 Dec 2009 08:15:27 -0500

““The goal is to look over our shoulder and see Snow White and Pinocchio and Dumbo standing there saying, ‘Be this good.’ We shouldn’t be intimidated by them; they’re an arrow pointing someplace.””

- Roy E. Disney [NYT]

Setting middle click to three finger click in BetterTouchTool.

Thu, 19 Nov 2009 15:00:06 -0500

Setting middle click to three finger click in BetterTouchTool.