Dropper Fire Grill, and Firefox suxors too
So this came about because I was fighting with firefox and needed
to get away from a screen for a while. I wrote a couple of
plugins (oh sorry, 'addons', no hang on, web-extensions, WHATEVER
THE FUCK YOU WANT TO CALL IT MOZILLA) and the experience was sour
(can't you tell?).
The aforementioned BBQ/firepit thing I haven't gotten around to
using yet, one reason is because I wanted to make a fire grate
first because it's a bit too deep.
So a few droppers, a bit of hacksawing and some angle grinding
later here it is. It just slots together with no fastening or
It's even adjustable! No brick, brick flat, or brick on side!
Actually it might just work better as an esky, but i'll see.
More on the firefox plugins later, they're just for overriding
site fonts and site colours. There do exist such plugins but they
no longer work for some reason. OF course there's not much use
distributing the source becuase you NEED A FUCKING MOZILLA ACCOUNT
JUST TO INSTALL THEM.
Bye Bye Jaxby
So one of the biggst changest affecting my projects with Java 11
is the removal of java.xml.bind from the openjdk. This is a bit
of a pain because the main reason I used it was the convenience,
which is a double pain because not only do i have to undo all that
inconvience, all that time using and learning it in the first
place has just been confirmed as wasted.
I tried using the last release as modules but they are
incompatible with the module system because one or two of the
packages are split. I tried just making a module out of them but
couldn't get it to work either. And either i'm really shit at
google-foo or it's just shit but I couldn't for the life of me
find any other reasonable approach so after wasting too much time
on it I bit the bullet and just wrote some SAXParser and
XMLStreamWriter code mandraulically.
Fortunately the xml trees I had made parsing quite simple. First,
none of the element names overlapped so even parsing embedded
structures works without having to keep track of the element
state. Secondly almost all the simple fields were encoded as
attributes rather than elements. So this means almost all objects
can be parsed from the startElement callback, and a single stack
is used to track encapsulated fields. Becuase I use arrays in a
few places a coule of ancilliary lists are used to build them (or
I could just change them to Lists).
It's still tedious and error-prone and a pretty shit indightment on
the state of Java SE in 2018 vs other languages but once it's done
it's done and not having a dependency on half a dozen badly
over-engineered packages means it's only done once and i'm not
wasting my time learning another fucking "framework".
I didn't investigate where javaee is headed - it'll no doubt
eventually solve this problem but removing the dependency from
desktop and command-line tools isn't such a bad thing - there
have to be good reasons it was dropped from JavaSE in the first
One might point to json but that's just as bad to use as a DOM
based mechanism which is also just as tedious and error prone.
json only really works with fully dynamic languages where you
don't have to write any of the field bindings, although there are
still plenty of issues with no canonicalised encoding of things
like empty arrays or null strings. In any event I need file
format compatability so the fact that I also think it's an
unacceptably shit solution is entirely moot.
By the end of the week i'd modularised my main library and ported
one of the applications that uses it to the new structure. The
application itself also needs quite a bit of modularisation but
that's a job for next week, as is testing and debugging - it runs
but there's a bunch of broken shit.
So using the modules it's actually quite nice - IF you're using
modules all the way down. I didn't have time to look further to
find out if it's just a problem with netbeans but adding jars to
the classpath generally fucks up and it starts adding strange
dependencies to the build. So in a couple of cases I took
existing jars and added a module-info myself. When it works it's
actually really nice - it just works. When it doesn't, well i'm
getting resource path issues in one case.
I also like the fact the tools are the ones dictating the source
and class file structures - not left to 3rd party tools to mess
Unfortunately I suspect modularisation will be a pretty slow-burn
and it will be a while before it benefits the average developer.
Netbeans / CVS
As an update on netbeans I joined the user mailing list and asked
about CVS - apparently it's in the netbeans plugin portal. Except
it isn't, and after providing screenshots of why I would think
that it doesn't exist I simply got ignored.
Command line will have to do for me until it decides to show up in
Java After Next
So with Oracle loosening the reigns a bit (?) on parts of the java
platform like JavaFX i'm a little concerned about where things
will end up.
Outside of the relatively tight core of SE the java
platform there are some pretty shitty "industry standard" pieces.
ant - it's just a horrible to use tool. So horrible it looks like
maven has a lot of issues beyond just being slow as fuck. The
ease with which it allows one to bloat out dependencies is not a
So yeah, if the "industry" starts dictating things a bit more,
hopefully they wont have a negative impact.
Another shitty `technology' company
I have my previous workstation for work sitting idle so I thought
i'd drop in an xubuntu install and try building openjdk &
openjfx on it. It's got a 6x core I7-980 and plenty of RAM so it
should be ok right?
Well all went well until I tried to build webkit, just for
completeness. Result - consistent ICE inside g++. Blast. Well I
thought it was consistent until I tried it with a fresh build of
gcc 7.3, this also crashed but in a different place and when I
went back to the system gcc I noticed the crash whilst repeatable
wasn't in a consistent place. Actually it started crashing
everywhere, even inside various jvm based tasks.
This is typically a symptom of system problems, specifically RAM.
I looked in the BIOS incase it's been overclocked but it is so
ancient there's no settings for RAM, I ran a few memory testers, I
tried various numbers of threads for the build.
Then I remembered Intel and their notorious bugs this year causing
system stability problems in some cases. I tried to find the
options to turn off the bug mitigations but (in part due to isp
maintenance at just that moment) I gave up and just booted with
the 4.10.x kernel.
Oh look, works fine now (well, it compiles cleanly, webkit tests
Perhaps this is a failure of Canonical, or the Linux developers?
No, ultimately it's because Intel cut too many corners and have
shit hardware. Then again any company that could design something
as poor as HPET in this day and age is obviously fucking
On a related note i've been eyeing off a Ryzen system every few
months. I price one up and think about it but ultimately leave it
for the time being. I'm just not doing enough computing beyond
'read internet' to justify it. Another thing I can't decide on is
between some 'low-end' APU system or a beastly 2700X machine. The
RAM is still so $$$ here and you need good ram for either. At
least the last time I specced one up I noticed from some
benchmarks than a 2700X would pretty much cream that old I7-980 at
1/4 of the price (or less, not that I paid for it).
Ahh google, the `great' advertising company!
Oh nice one, they've decided
all of Blender's videos on youtube because they don't want to
turn on advertising.
Essentially blackmailing them into becoming part of their slurping
adversiting empire where they get to make most of the money from
peoples labour whilst paying a pittance. Despite not being a real
user of it, as one of the original supporters who helped fund the
freeing of Blender way back when with a few hundred dollars I'm
pretty apalled they would be treated this way (although not
Fortunately the technology is coming together so that alternatives
exist to a monolithic/expensive server such
as PeerTube which uses
WebTorrent, or InterPlanetary File
System (IPFS), and others. blender.org is experimenting with
a peertube instance
Of course that only works so long as bittorrent isn't blocked, or
WebRTC isn't blocked, or backbone operators start to throttle
protocols competing with those that are part of their corporate
conglomerate or have not been paid for. Or regulatory capture
though some pro-establishment law effectively bans it (like the EU
Copyright `Article 13' crap happening now).
Even if some backlash makes them change their mind it's just
another example of the problem of corporate
centralisation/ownership of culture.
github and m$
I only had a couple of long abandoned projects on github but now
i've deleted my account. I don't see the immediate reason why m$
would want to buy it but it can't be for a good one for anyone else.
I wonder if they'd have bought if it git had the same meaning in
american as it does in english - i.e. bastard, fuckwit, etc.
But anyway I guess it's just as well I didn't move anything there
when google code shut down, saves me the hassle of doing it again.
Evolution and S/MIME
So I noticed there was a S/MIME security fault in a bunch of email
software - including Evolution.
Now my memory is a bit faded because it was 15+ years ago but I'm
pretty sure we wrote the code to handle this case (mostly Larry
and Jeff). For this each decoded segment was displayed separately
with a special gtkhtml tag to reset the html parser between
blocks. Although it might have only been on the signature level
so I could be wrong but in general it didn't just dump the whole
email to HTML for all sorts of reasons. The MIME parser could
handle all sorts of broken streams so truncated HTML was expected
to come up once in a while.
Of course that must've all been thrown away when the renderer was
replaced by the 'better' renderer from apple going by some of the
reports of the 'vulnerability'.
Not that i've ever used S/MIME or gpg - it's pretty much useless
to me since nobody I know knows how to use it and hardly anyone
uses email these days anyway.
I was also horrified to see that evolution now uses cmake. Well
just as well I completely ignored the project after I took a
voluntary redundancy ... I would've gone absolutely ballistic!
Not that compiling with libtool didn't suck complete arse but at
least it worked.
But GNOME was already going to shit back before I quit, both due
to redhat throwing their weight around and Miguel being such an
obnoxiously microsoft fanboi. Haven't touched it in any
meaningful way (or Evolution) in over a decade and all I see of it
is going backwards by continously copying the next shitty
GUI-trend-of-the-month and/or being bullied into shitty designs by
a bunch of fuckwits.
Ahh stuff it
Got sick off all the snot in the logs so i've just moved ssh to
another port and DROP all incoming ssh packets.
Well i'm doing a LOG + DROP for now just out of curiosity, but at
least the failed login attempts have stopped cold.
I also put up a banner on a-hackers-craic redirecting here. This
site still supports access via the year/month/title.html url's
that match the ones on blogger (in addition to the hex-id ones); I
post to the new one but it just seems like too much work today.
NotworkManager and other small things
Had a few problems with system updates lately. One was an upgrade
to my remaining slackware system that broke a few things. First
it wanted to run LILO after updating the kernel and I said no (I
don't use it); not sure if that would have run the grub setup but
what happened it wasn't run. Fortunately one of the kernels in
grub still existed and booted so it wasn't too hard to fix.
It also broke NetworkManager - or rather, it stopped working
again. It's been a flakey piece of shit forever but I thought it
was finally 'stable' enough to use (despite a few quirks on that
machine like it not automatically reconnecting after waking up).
Well not so!
It simply wouldn't connect anymore. No idea why. I went back to
using rc.inet1.conf and it now works flawlessly - even reconnects
after waking up. I'd already done this (or equivalent) on all my
other machines, and it seems to be with good reason.
I knew the internet was pretty slimey these days but actually
setting up a server on the naked internet over the last weekend
was a bit of an eye opener.
I noticed a massive spike in traffic on the 15th - given that the
only service running at the time was the 'experiment' page 1GB
seemed a bit off. It was just someone brute-forcing sshd. Since
this server went live on the 26th of march it has
processed over 300 000 failed login attempts, I
imagine (but haven't verified) most of those were on the 15th.
They certainly weren't me.
It's probably just a drop in the ocean compared to all the `real'
traffic but it seems such a waste. Yay for bots.
So i've put a few mitigations in place over the last few days:
- iptables rules to throttle new connections to port 22;
- disabled root login through ssh entirely;
- added a small blacklist using ipset.
I don't really want to have to maintain the last but i'll see
how it goes.
Anyway it's sort of interesting to see the logins being used
root is obvious
david don't seem too obvious.
Just for fun, here's the complete list of the usernames and
frequency counts as of a few minutes ago.
1 irc 1 sync 1 syslog 2
2 ! 2 12345678 2 1234qwer 2 123qwe
2 12qwaszx 2 1qazxsw2 2 654321 2 777777
2 aaron 2 abcd1234 2 admin@12 2 admintek
2 admUS 2 adriana 2 aion 2 alexis
2 amanda 2 amit 2 amy 2 andrea
2 angela 2 anthony 2 antiviru 2 ARGENTIN
2 arsenal 2 ashok 2 asshole 2 bananapi
2 bank 2 baseball 2 board 2 bobby
2 bonita 2 botmaste 2 byte 2 bytes
2 cameron 2 carditek 2 carmen 2 carolina
2 centos 2 chat 2 chelsea 2 chicken
2 chris 2 cinema 2 claudia 2 corazon
2 counters 2 crystal 2 cs 2 csgoserv
2 csserver 2 customs 2 cuteako 2 cvs
2 cyber 2 data 2 db1 2 db2inst1
2 december 2 deploy 2 destiny 2 docker
2 download 2 dragon 2 dvd 2 edu
2 educatio 2 elastics 2 family 2 fedora
2 flower 2 forum 2 freedom 2 ftpuser1
2 gabriel 2 games 2 gaming 2 gb
2 ghost 2 gmodserv 2 gnu 2 gnuworld
2 greenday 2 harley 2 hdsf 2 hiitplc
2 home 2 hottie 2 html 2 http
2 hunter 2 idc!@ 2 internet 2 ircd
2 isabel 2 jessica 2 jessie 2 jiamima
2 karen 2 kartel 2 keith 2 kernel
2 kitten 2 kmc 2 laura 2 lauren
2 libuuid 2 liferay 2 linaro 2 linux
2 linuxmin 2 liverpoo 2 logon 2 lovers
2 lpa 2 lucas 2 maganda 2 maggie
2 mail 2 mailman 2 maintain 2 manuel
2 marketin 2 matthew 2 mdb 2 miguel
2 muiehack 2 music 2 musicbot 2 mylove
2 myspace 2 nathan 2 Neuchate 2 Norwood
2 ns 2 ns2 2 nuucp 2 october
2 odroid 2 openssh- 2 openvpn 2 oper
2 oracle2 2 orlando 2 otrs 2 pass
2 passw0rd 2 passwd 2 pc 2 pepper
2 php 2 pictures 2 poohbear 2 portal
2 pretty 2 princess 2 proba 2 proftpd
2 project 2 p@ssw0rd 2 purple 2 q1w2e3r4
2 qazwsx 2 qwe123 2 qwerty 2 radio
2 rangers 2 rdp 2 redis 2 redmine
2 richard 2 root123 2 rootme 2 rsync
2 sakura 2 saw 2 scanner 2 security
2 servercs 2 serverpi 2 services 2 shell
2 sinus123 2 skan 2 skaner 2 snoopy
2 soccer 2 soft 2 software 2 steven
2 sweetie 2 sweety 2 tequiero 2 test123
2 test5 2 test6 2 testftp 2 tim
2 tomcat7 2 transfer 2 tsserver 2 ucpss
2 Untersee 2 upload 2 upport 2 uptime
2 user02 2 veronica 2 victor 2 video
2 virus 2 visitor 2 vnc 2 volumio
2 webconfi 2 webporta 2 webtest 2 Welcome1
2 wmware 2 x 2 xbmc 2 xuelp123
2 zhaowei 2 zxin10 4 50cent 4 666666
4 admin123 4 alan 4 alarm 4 alejandr
4 alpine 4 andy 4 antonio 4 babygirl
4 bamboo 4 bin 4 blankend 4 build
4 carlos 4 control 4 csgo 4 daemon
4 daniela 4 dante 4 database 4 debian-s
4 dev 4 edi 4 fabricio 4 fabrizio
4 forever 4 gian 4 giorgio 4 giovanni
4 hannah 4 hello 4 iloveyou 4 jira
4 justin 4 leonardo 4 marco 4 mine
4 minecraf 4 naruto 4 nas 4 nginx
4 odoo 4 odoo2 4 oracle4 4 packer
4 patricia 4 patrizio 4 paul 4 plex
4 qwer1234 4 rebecca 4 roberto 4 rocco
4 sergio 4 shadow 4 shorty 4 shoutcas
4 staff 4 sysop 4 t7adm 4 test4
4 tsbot 4 vincenzi 4 vitaly 4 web
4 welcome 6 2Wire 6 admin2 6 amber
6 bot 6 camera 6 develope 6 dummy
6 Guest 6 hduser 6 jason 6 max
6 mobile 6 mythtv 6 netman 6 proxy
6 !root 6 Root 6 samba 6 server
6 sinus 6 temp 6 teste 6 training
6 ts3bot 6 ts3sleep 6 ts3user 6 vagrant
6 vps 6 zimeip 7 sys 8 albert
8 alessio 8 alex 8 anna 8 aurora
8 bianca 8 elena 8 enrica 8 ethos
8 hadoop 8 informix 8 lorenco 8 lorenzo
8 lucaluca 8 luigi 8 luka 8 marcel
8 marcello 8 maria 8 marta 8 massimo
8 mattia 8 olivia 8 oracle1 8 pia
8 piero 8 pippo 8 romeo 8 sinusbot
8 suporte 8 t7inst 8 test7 8 testing
8 tommaso 8 ts 8 user3 8 valerio
10 0101 10 admins 10 cpanel 10 danny
10 dbuser 10 gnats 10 john 10 lavander
10 michael 10 miner 10 office 10 oracle3
10 postmast 10 prueba 10 test1 10 test8
10 tplink 10 user2 10 vmuser 12 101
12 123321 12 1502 12 266344 12 3comcso
12 aaa 12 acc 12 adam 12 adfexc
12 Admin 12 ADMN 12 agent 12 alessand
12 am 12 api 12 avahi 12 bill
12 bob 12 Cisco 12 draytek 12 echo
12 engineer 12 enrique 12 fax 12 gopher
12 helpdesk 12 houx 12 installe 12 kodi
12 luca 12 mario 12 mark 12 matteo
12 mike 12 mtch 12 naadmin 12 NAU
12 nt 12 pizza 12 Polycom 12 pos
12 print200 12 PRODDTA 12 PSEAdmin 12 radware
12 rapport 12 rcust 12 router 12 shop
12 steve 12 svin 12 svn 12 Sweex
12 SYSADM 12 SYSDBA 12 target 12 telco
12 telecom 12 ts3serve 12 ubadmin 12 user01
12 USERID 12 username 12 vcr 12 vmadmin
12 VNC 12 volition 12 vt100 12 VTech
12 webadmin 14 1111 14 a 14 demo
14 ftptest 14 info 14 library 14 media
14 midgear 14 superman 14 system 14 www-data
16 angelo 16 cvsuser 16 cyrus 16 donatell
16 dvs 16 firebird 16 oracle5 16 scan
16 supervis 16 vyatta 18 Administ 18 backup
18 ftpadmin 18 git 18 jenkins 18 mtcl
18 raspberr 18 steam 18 teamspea 18 tech
18 ts3 18 User 18 www 20 debian
20 martin 20 sales 20 sshd 20 test9
22 12345 22 oliver 22 setup 22 telecoma
22 test2 24 123456 24 client 24 daniel
24 Operator 24 student 24 sysadm 26 0
26 backuppc 26 vision 28 avis 28 cisco
28 david 28 Manageme 28 mother 28 mysql
28 sysadmin 28 uucp 30 plcmspip 30 public
32 apache 32 master 34 applmgr 34 osmc
34 phion 36 butter 36 squid 38 111111
38 cacti 38 cron 38 nobody 38 user1
38 wp-user 38 zimbra 40 scaner 42 anonymou
42 castis 42 ftp_user 46 123 46 22
46 PlcmSpIp 46 usuario 46 webmaste 50 monitor
54 qhsuppor 54 testuser 60 manager 60 sybase
62 jboss 64 ftp_test 65 service 72 tomcat
76 zabbix 78 administ 78 super 90 default
96 adm 96 nagios 102 1234 112 operator
128 oracle 130 postgres 142 ftp 228 ftpuser
242 support 292 pi 4140 ubuntu 4192 guest
4268 ubnt 4302 test 4434 user 6081 admin
Given this i'm not entirely sure it's a great idea to be running
cvstrac - it appears to be unmaintained and so on, but it's only
intended to be a short-term solution anyway.
Weather's too nice to be inside, i've done enough hours for the
week, and a brother is in town so I think it's beer time!
Update 22/4/18: Thinking about the strange usernames, they
are probably bot related accounts? Doesn't really matter.
Copyright (C) 2018 Michael Zucchi, All Rights Reserved.Powered by gcc & me!