July 2006 Archives
Heard of the windows boot loader at all? If you haven't, it's called
NTLDR. It actually does a really good job of being a boot loader, too,
but with on exception. It MUST reside on an NTFS partition that is the
first partition on the first drive that the BIOS sees. No exceptions.
Windows expects this also, and likewise, won't boot unless it's booted
like that. This kinda sucks for people who want to dual-boot windows
and linux, because you have to either repartition to install linux on
the first drive, or live without it (gasp). You can't install linux on
a second drive, and use any linux boot loader to boot windows on the
first hard drive. It just doesn't work.
Solution? The MBR hack.
Windows is installed on /dev/hda1. Linux /boot on /dev/hdb1. For the hack, I recommend grub, though I haven't tried it with grub, only lilo. Why grub is recommend will become quickly apparent.
With the above situation, there is no way to boot windows up from linux. Likewise, if you swap hda with hdb, windows still won't boot. So, once you have your linux boot loader installed on hdb, you image the MBR (master boot record) to a file, copy that file to the windows partition, and add an entry to C:\boot.ini to reference it. Let me put it in a little more verbose way:
dd if=/dev/hdb of=linux.mbr bs=512 count=1
cp linux.mbr /mnt/windows
echo C:\linux.mbr="Linux" >> /mnt/windows/boot.ini
And you're done. When the computer boots up NTLDR, you'll have a "Linux" option that'll pop up grub/lilo/whatever :)
And in case you didn't catch why grub is recommended: if you use lilo, you have to update the linux.mbr file every time you upgrade your kernel... which is typically stored on NTFS. Sure, the file size won't change, but it's another manual step that could be avoided easily with grub.
On another topic, I visited the University of Utah friday, for orientation (which they actually mis-scheduled me for, so I'll go again later). After 30 seconds of poking around, their network allows anything outgoing :53/udp to anywhere in the world. Oops.
/dev/md/0:
Version : 00.90.03
Creation Time : Tue Jul 11 10:31:15 2006
Raid Level : raid5
Array Size : 1172133888 (1117.83 GiB 1200.27 GB)
Device Size : 390711296 (372.61 GiB 400.09 GB)
Raid Devices : 4
Update Time : Wed Jul 12 18:28:40 2006
State : clean
Active Devices : 4
Working Devices : 4
Failed Devices : 0
Spare Devices : 0
Filesystem Size Used Avail Use% Mounted on
/dev/md/0 1.1T 33M 1.1T 1% /data
Now to actually put this to use. :)
gnucash 2.0 was released today. New features? GTK 2, instead of GTK1, which is huge. The second feature worth mention (for me at least) is OFX data transfer. This is the same thing that Quicken uses to sync it's data with some banks.
It turns out that Zions Bank (my bank), uses OFX, which is a plus. I can sync all data with my bank, which is nice. But, there's one small problem.
I have no clue how to setup my bank accounts.
Help. Haha, yeah, I suck. FID, Org, Broker Id, and Server URL anyone? I
might be helplessly lost here. A call to Zions revealed little: "The
URL changes every time you access it." I'm pretty sure that guy was
confused, else Quicken wouldn't work.
Ideas, anyone?
You know what DNS is. It might be the glue of the internet. Commonly using 53/udp, and when needed, 53/tcp, this service is the most used across the entire internet. Likewise, security on this service is somewhat... lax. I don't mean in terms of who can talk to a server, I mean something a little more... subtle.
Some months ago, a friend and I went down to UVSC for a TSA competition. It was over their spring break, so no students were there. He brought his gentoo laptop, plugged into an ethernet jack, and fired up a browser.
Only to be greeted with a login page.
Thus, the quest to get internet on said laptop ensued. After asking UVSC staff, they said that we needed to get the laptop scanned for viruses before such a login would be granted. That alone gave us a few laughs ("I'd like to see them install SpyBot on linux!"), but in the end, that department was closed. Likewise, after asking around a bit more, we found that no username and password would be provided. We'd have to enroll and be a student in order to get internet, as depressing as that is.
That wasn't what we had in mind, so we plugged in and began poking.
Outbound ICMP, blocked. Outbound TCP... redirected to a HTTP login page. Proxy? Also redirected. UDP? Blocked.
So we reconfigured the DNS server to a remote one. The DNS request went on through, even though we were met with the login page still.
OpenVPN + SSL cert over 53/udp to a remote host in Texas connected to a 100mbit line.
I'd love to see a statistical breakdown of internet traffic that day. It's not often that DNS traffic will be over a few megabytes of traffic a day, let alone 3MB/sec of traffic for several minutes on end. The end result of this can be seen here. It was a fun experience.
So why do I bring this up now? Because I'm stuck at a family reunion right now, up at Cherry Hill, with a wifi access point that wants $7 for a day.
I love DNS.
EDIT: Apologies for the mass of edits, this post was written on my Zaurus keyboard while at Cherry Hill. This post might have been filled with typos, and still probably is.
This post isn't about what it did to the web as far as standards go, actually. That's been beaten and beaten again. "Leave the poor horse alone, you're down to a few bloody ribs." That kind of a thing.
Let's pretend for a moment. Let's pretend that IE rendered everything 100% to the existing web standards, and always had.
But uh, that still leaves a few small things of concern, namely the ability to use JScript, VBScript, and ActiveX control on the public internet.
Don't get me wrong: it's amazingly easy to design web pages. Half-Life 2, an incredibly popular (and well-done game) actually uses IE's rendering engine in game to display some things. No, really, it does.
Wait a second. I went from designing on the web to something completly unrelated to the web.
That's the problem. Despite it's name, "Internet Explorer," IE can be used outside of the internet. For things such as game menus, autorun menus, basically anything you please. And, hey, it's a lot easier to write a menu as HTML than it is in C. Hence, IE is used in applications, in combination with JScript, VBScript, and ActiveX. What's more, this is a perfectly legit use of such technologies.
Utilizing VBScript, JScript, and ActiveX, any programmer with any degree of ability (not talent, knowledge, common sense, or brain, but ability) to create a webpage, could easily (for certain terms of "easily") impliment Office in a web browser. Or a game like Half-Life 2. Or Doom 3. AutoCAD. Photoshop, WinFAX, or any program that you can install on a windows box, could be brought over the web with those technologies.
Ignore security (and other OSs) for a moment. That's a really impressive feat. It really is. The ability to do anything at all in a web browser would be very nice. Windows Update is a decent example of this, because through a web page, anyone can update their software. Sure, you could just ship your OS with a client that would pull the files down itself, but really? Compare the workload. It's easier to do it over the internet with a bit of scripting and ActiveX.
I'm also pretty sure that's the only use of ActiveX out there today that's done properly.
But then, you have to mention the end result of ActiveX, JScript, and VBScript being included in a browser. Click a link, format your hard drive. "Oops." In all truth, an ad on a website could completly erase your hard drive without even "asking" you.
Yet, people still persist in using ActiveX on the public internet. That's the bad that was done. That's why I'm sitting here, banging my head on my desk time and time again. I work for a small law (real estate) firm. They use several websites to get the job done, and rightly so.
I hate (strong word!) two websites that they must "use" in particular. Why do I hate these websites? Because they require that a user has both administrator rights and ActiveX + JScript + VBScript enabled. Read as: "I, website, do hereby require full access to your hardrive, other devices in your computer, and access to anything on your network, in order to give you... a picture."
*bangs* *head* *against* *desk*
I tried. No, really, I tried. I tried to put forth a post about Microsoft that illuminated the good points. I really did. The amount... no, I take that back. The quality (OpenClueUT) of the bashing that occurs here is second to none. Take that as you please.
One computer. One license key. Said license key is physically attached to said computer. Said key is unique to said computer, and said computer alone.
So do tell me why, after seven attempts, my product activation was still denied. Tell me why, after speaking with four customer service reps, attempting to use the automated system three times (I even managed to use two seperate systems), I was still denied activation on a legit product license, and told to "please reinstall your product and call again later."
I have no problem at all installing and using Windows Server 2003 and Active Directory. I'll be honest, it's a joy to work with. It makes my life easy, and unlike Windows 98, it has yet to fail me over three years.
But so help me, "preventing piracy" just cost a fellow employee all of her personal email. Because of product activation locking me out of the computer, and from what I can tell, access to said computer over the network, in the name of piracy prevention you have set a business back $1,000 and removed an employee's items of personal value.
Thanks.
