Tag: Computing

Google Instant, Anyone?

I saw quite a significant number of tweets mentioning Google Instant, and decided to check it out. Some people might already be aware of it or heard of it before but I am outdated, that I am willing to admit.

First, I went to the Official Google Blog where I saw Search: now faster than the speed of type.

Next, I tried it myself on Google homepage. It’s really impressive.

google-instant

However, if you use a flaky connection like my Maxis Broadband you might see this:

google-instant-off

It says “Google Instant is off due to connection speed. Press Enter to search”. It’ll behave like normal search.

Which also means that it can be turned off.

The prediction feature is quite nicely programmed too. Notice that its suggestions included the word “mac” because I am on a Mac. Not surprising since this is easily detected by the browser’s user agent string.

I bet the prediction considers many other factors too, including Geo-location.

I find it interesting that I can see this now, since in its tweet Google mentioned that “Google Instant is rolling out to people w/ Instant-capable browsers in France, Germany, Italy, Russia, Spain, U.K. & U.S.

So the next time you see it, don’t be surprised!

… and tell me how you like it!

Maxis Transparent Proxy is Causing Problems to Developers

I had to transfer 2 WordPress blogs to another hosting provider last night, as the free one is going to expire today. It should be as easy as:

  1. Transfer the files
  2. Transfer the database
  3. Change DNS servers in registry to the new DNS servers
  4. Configure the new hosting location

In a few hours after the DNS propagation is finished I should be able to point to the new site. If not, I should be able to use the host file /etc/hosts to point to the new server and make sure it works well.

I’ve had the trouble with Maxis transparent proxy before when it was blurting out random errors to random sites.

Today, even when OpenDNS is already updated with the new IP (DNS propagation has finished), the transparent proxy is still outdated and points to the old server.

maxis-transparent-proxy-troubling-developers

I am sure if I call Maxis or even use its MaxisListens Twitter account, they will not even understand the concept of DNS.

The thing with transparent proxy is, as long as it’s HTTP traffic it will be going through it (not HTTPS), and it does not matter if I use a host file.

Oh well. I guess I can’t test this quickly right now except by using an anonymous proxy or connecting to an external VPN. Who appreciates time these days?

BTW, making modifications in domainregistry.my was very fun and it took me more than 30 minutes to modify one domain.

SMTP Smart Host Setup for Postfix in Snow Leopard

snow-leopard

PHP does not have any SMTP authentication mechanism in its configuration, and most developer opt for PEAR packages to perform email sending via custom ports and SMTP authentication.

I am one of those who will avoid using external packages as much as possible unless really necessary, and of course because I wanted a quick solution to my problem (or an excuse to be lazy).

By default, PHP sets SMTP as localhost and port 25. Under normal circumstances, this should be no issue as the built in Postfix will just connect to the destination server and delivers the mail. However, if your ISP blocks outgoing packets to port 25, the mail will go nowhere.

1. Enabling Postfix on Snow Leopard

Postfix is not enabled by default. You may choose to run it by default on system startup.

$ sudo vi /System/Library/LaunchDaemons/org.postfix.master.plist

Add before the closing </dict> tag:

  <key>RunAtLoad</key>
  <true />
  <key>KeepAlive</key>
  <true />

Start Postfix:

sudo launchctl
launchd% start org.postfix.master

You can test by using telnet on port 25 if you speak SMTP protocol.

2. Configuring Postfix to use a Smart Host

A smart host is also called a relay. This means that you need an SMTP account somewhere in the Internet to send the mail for you. With spam problems, open relays are identified in databases and are blocked by destination servers, so this means that legitimate mail servers requires authentication.

I used my Yahoo! SMTP account to help me send my test emails. Yahoo! allows for PLAIN authentication. The not so good thing about this method is that your password is transmitted plain text.

GMail is more secure and requires TLS authentication and this requires postfix to have SSL support but since I need this quick I have no time to research and find out whether it is. (Excuses, excuses).

i. Create a storage file for the password, for example /etc/postfix/relay_passwd

plus.smtp.mail.yahoo.com USERNAME:PASSWORD

ii. Secure the config file

$ sudo chmod 600 /etc/postfix/relay_passwd

iii. Create the hash database for postfix

$ sudo postmap /etc/postfix/relay_passwd

iv. Configure /etc/postfix/main.cf:

relayhost = [plus.smtp.mail.yahoo.com]:587 
smtp_sasl_auth_enable = yes  
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd  
smtp_sasl_security_options =

v. Restart Postfix

sudo launchctl
launchd% stop org.postfix.master
launchd% start org.postfix.master

You should be all set. Test sending an email from PHP.

BTW, if you’re wondering, if you are a Yahoo! Mail web user, chances are that you don’t have SMTP access. However, I have heard that some countries still do have free SMTP access for now.

Connecting to Exchange using Entourage via Outlook Web Access

I wanted to be able to use my personal laptop to check my work email, so that I don’t have to carry around the 3kg DELL beast all the time. Sure, I can use the Blackberry but typing long emails on it can prove painful especially with fat fingers.

I have VPN access, but Cisco (official) VPN client keeps on and on causing my Snow Leopard to crash (kernel panic). The built in VPN client used to work until some security changes were made to the VPN concentrators.

Googling around I found a helpful hint, to set up my Entourage to connect to my work email via the Internet (not having to connect via VPN).

entourage-exchange

All of the fields are self explanatory, but one field was the problem: “Exchange Server”.

If your organization has a “OWA” or Outlook Web Access, you can try entering <servername>/exchange/<your_full_email> into the field and see whether it works. For example if your OWA is owa.romantika.com and your full email is [email protected] you would use:

owa.romantika.com/exchange/[email protected]

One thing I have not figured out yet, is whether or not my organization has public facing LDAP server (for address lookups). Since this is not a standard configuration, the server names are unpublished anywhere. But since it’s available I guess it’s not against the rule.

Hope this helps. I can now check my emails from my Entourage, but that’s it. No VPN access.

BTW I think you can use the same technique with an installation of Microsoft Outlook too!

Error Compiling djbdns and daemontools

While attempting to compile djbdns 1.05 and daemontools 0.76 on a CentOS 5.5 I received the error:

/usr/bin/ld: errno: TLS definition in /lib/libc.so.6 section .tbss mismatches non-TLS reference in envdir.o

The problem can be eliminated by adding:

-include /usr/include/errno.h

In conf-cc files for each tarball. Don’t forget to install gcc first, if you have a basic installation.

By the way, please remember to follow the installation instruction for daemontools exactly as described or you’ll end up with the software somewhere undesirable. Well, you can change /package to be elsewhere. I stupidly did it on /root as a test so the svcscanboot process was unable to execute programs in the /root directory. They run as unprivileged users.

Although these software felt like really old-school to me, they have very small memory footprint and runs very fast. If you’re also looking into DNS, consider PowerDNS too, as it has very good statistical capabilities.

PHP Debugging on PDT using Xdebug, with PHP packaged in XAMPP

It has been a while since I posted something technical so here goes. This article is meant for someone who has done PHP development before, and already has a web server and a working PHP installation.

Traditionally in the old days these are the things that I do to debug my PHP code:

  • Put in extra echo statements that print variable values. It’s easy to miss them when actually deploying the code to production
  • Use “here I am” echo statements to identify positions in the script. These are also easy to miss
  • Modify php.ini to verbosely display every error or warning messages. While this is not a concern on development boxes, it might be a problem on production servers
  • Using custom self-made loggers or something from PEAR or PHPClasses to have a log file written for debugging purpose. This method takes a toll on the time required to actually go through the log which might contain lots and lots of information

A commercial alternative to Xdebug is Zend Studio Web Debugger. Zend’s solution is quite a bit on the pricy side but it’s also supported out of the box by PDT.

Prerequisites

  1. PHP installation. I use XAMPP since it’s clean and it’s quick to set up. If you like to live on the bleeding edge with all the latest updates you can install PHP properly in your system either by using the installer or the zip package
  2. Eclipse installation. I use Aptana Studio
  3. Web server application such as Apache or IIS. I use Apache.
  4. PDT (PHP Development Tools) as a plugin for Eclipse/Aptana.

The debugger

The procedure to configure the debugger is not that different between Zend Studio Web Debugger or Xdebug. I am going to make an example of using Xdebug here.

While Windows users are able to download Xdebug binary and use it immediately, *NIX users have to compile it. Luckily I found that ASPN provides binaries to use with their Komodo IDE (yes, I am lazy to setup binutils and compilers). The zip file contains extension for PHP 4.4-5.3 (at the moment this article was written).

  1. Download Xdebug binary from the ASPN site mentioned above. Extract it to a temporary folder and choose the version corresponding to your PHP version. (Hint: to find your PHP version you can create a PHP file containing < ?php phpinfo(); ?> and view it through your web server)
  2. Copy xdebug.so to the extensions folder. You can also find out where is your extension folder by looking at the phpinfo output, under header “Core” and Directive “extension_dir”.
  3. Edit php.ini (or create an .ini file in php.d depending on your configuration) to include the following: 
    [xdebug]
zend_extension="/full/path/to/your/extension/dir/as/shown/in/phpinfo/xdebug.so"
  4. Restart your web server and you should be able to see xdebug listed in the phpinfo output

*Note: As you might have realized by now, phpinfo(); can be your best friend. It can also be your worst enemy if you put it in a production server, with a super simple name like phpinfo.php as it contains a lot of sensitive information about the server.

Configuring PDT

There are 3 main settings to focus on, to enable debugging in PDT.

1. PHP Executables

pdt-php-executables

As I mentioned earlier, I am using XAMPP. As long you point this to the working PHP installation corresponding to where you install Xdebug, you’ll be fine.

2. PHP Server & Path Mapping

pdt-php-server

This is where you specify your web server.

pdt-php-server-mapping

Mapping is used to tell the debugger the path of the files accessible via the web server and the corresponding path in your workspace.

3. PHP Debug

pdt-php-debug

The options are self-explanatory. You’ll have to select the Server and Executable that you have configured. The default port for Xdebug is 9000 so if you decide to change your Xdebug port remember to change it here too.

Conclusion

Debugging using an IDE is a great way to save time, and to step into your application. If you have done everything correctly, you may use Eclipse/Aptana to debug your PHP files now (Menu > Run > Debug > Run as…) and you’ll get prompted to switch to the PHP Debug Perspective.

Good luck!

DD-WRT as Wireless Client

There is something very wrong with the wireless module on the DELL Precision M4300 I am currently using – after a while files begin to get corrupted and Windows will fail to write the event log. I have just had the motherboard changed by DELL last Monday. In the office I did not have any problem for the whole week since I was using a wired connection. At home, I mainly use wireless because my access point is in the family hall.

Bummer! I can’t be wired at home, it’s simply not practical and I have no suitable surface to work on near the access point. It’s a Huawei E960, property of Maxis. It’s a HSDPA modem so where I place it is very important.

I have an antique Linksys WRT54G v2.2 with DD-WRT v24 on it so I decided to convert it to a wireless client. It acts as a wireless client to the main wireless router, and provides LAN connection via the wired ports. Perfect for a busted wireless module.

Steps on the WRT54G:

  1. Do a hard reset
  2. Connect to the router via wired port
  3. Open the Wireless » Basic Settings tab
    • Wireless Mode: Client Bridge
    • Wireless Network Mode: Match Primary Router
    • Wireless Network Name(SSID): Match Primary Router
    • Wireless Channel: Match Primary Router
    • Wireless SSID Broadcast: Enable
    • Network Configuration: Bridged
    • Save Settings
  4. Open the Wireless » Wireless Security tab
    • Set Encryption to match the primary router. I use WPA2 with TKIP+AES and it works fine.
    • Enter encryption key to match the Primary router
    • Save Settings
  5. Open the Setup » Basic Setup tab
    • Connection Type will show: Disabled
    • Set STP to Disabled
    • IP Address: 192.168.1.2 (Primary Router IP is 192.168.1.1)
    • Mask: Match Primary Router (mine is 255.255.255.248)
    • Gateway: 192.168.1.1 (Primary Router IP is 192.168.1.1)
    • DHCP Server: Disable
    • Save Settings
  6. Open the Setup » Advanced Routing tab
    • Change Type to: Router
    • Save Settings
  7. Open the Security » Firewall tab
    • Uncheck all boxes except “Filter Multicast” in “Block WAN Requests”
    • Disable SPI firewall
    • Save Settings
  8. Open the Administration tab
    • APPLY Settings
    • Click “Reboot” button

On the primary router I only had to add the MAC Address of the WRT54G to it so that it allows connection (I have MAC filtering enabled). To look for the MAC address I simply use the Administration » Commands tab to run ifconfig (or of course via SSH). I am not sure on how other hardware would work but I use my eth1 address.

This is good enough for now, although I am hoping that the notebook gets fixed. I am not going to pack the WRT54G along to Starbucks or any cafe just to get wireless connection.

Malaysian Twitter & Facebook Users Makes Fun of Rais Yatim

You can consider this as an honest and sincere opinion from me, as a Malaysian and a heavy Internet user. Maybe, if Rais reads this it will be much fun.

It’s all because of this news article: Malaysians advised against being immersed in Facebook, Twitter.

In twitter, the tag #yorais has been spreading like mad. The tweets are hysterically funny but too insensitive so I don’t think I should include them here.

In my own opinion, Rais should have not linked any of the online services with religion. In short, he should not have assumed when he has no idea himself.

From the text: “He chided some Malaysians who belittled those who were no savvy of the Facebook and Twitter culture.” it looks like Rais is offended by some people who might have said he’s left behind in technology. What I think he should do, is learn instead of condemning technology.

Admit it, everything has its own disadvantages and advantages. It’s not Facebook that Rais should condemn – it should be the users or more specific Malaysians. There exists fanatics and extremist in every single thing in this world and Facebook is not excluded.

It’s unfair to condemn services just because they were created by Westerners. Blame the users.

Facebook and Twitter has helped a lot of users even Malaysian to publicize their businesses and meet old friends, just to name a few. If you use something correctly it’ll be good, and vice versa.

As a matter of fact I just saw one of my respected businessman being bombarded with bad comments in a fan page named “I hate XXX” just because he made a bad comment about another related profession. Not cool.

I wish that Malaysian ministers would learn more instead of following the traditional way of thinking and assuming – what we all do in our beloved country. Don’t you?

The Star even published the outcome of Rais’ statement: Rais comment has Net users boiling, creates global sensation

rais-facebook-twitter

Battery Powered Server

For real?

googleservermedium

The black box with two terminals is a 12V battery, and it looks like a lead-acid battery. Is it a DELL? Is it an IBM? Is it an HP? No, it is a Google. That’s right people, it’s a unit of many Google’s server inside its data center containers. It’s a 2U thick server, with a Gigabyte mainboard holding 2 CPUs, 2 hard disks, and 8 pieces of RAM.

It’s not really battery powered, but the battery kicks in once the main power is lost. This effectively eliminates the need for more expensive and space consuming giant UPS’s (uninterruptible power supplies) which are batteries anyway. Is this a better solution? You be the judge.

If you ask me, I’d like to have one of those Magnetek power supply unit to install on my PC. The battery can nicely fit in a tower casing, much better than having separate UPS units. However I think the mainboard itself must be custom because the 12V to 5V conversion takes place there. The power supply unit only outputs 12V (approximately 13.65V).

However I can’t find any info on how long can the battery can actually supply power.

Story found on CNET: http://news.cnet.com/8301-1001_3-10209580-92.html

RegisterFly Resurrected as RegFly

I received an email yesterday:

regfly

It’s from RegFly, a resurrection of RegisterFly the lousiest domain registrar ever. I had very bad experience with them – slow system, buggy, unresponsive customer support. And now, they are no longer an ICANN accredited registrar so I guess they are reselling. Even the main domain regfly.com is registered under Tucows.

ICANN announcements:

Stay away. Look for an ICANN accredited registrar.

Image Hotlink Protection

Have people been stealing images from your websites? Well, there are not so many interesting images in this site so I don’t really have that problem. You can add a watermark to your image, but I guess everyone knows that.

Another form of image theft also involves bandwidth theft. It’s has many names – hotlink, inline linking, leeching, and many others. As many of us uses shared hosting and we have limited bandwidth, it will eventually reach the barrier if bandwidth is being stolen from other sites.

I have 1.5TB monthly bandwidth limitation, but I still don’t agree to people stealing my bandwidth by hotlinking images especially since I host quite a number of sites in this account. On Apache hosting it’s easy to prevent hotlinking by utilizing .htaccess file:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourdomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /nohotlink.pne [L]

WordPress users can add the above lines before the WordPress rewrite rule:

# BEGIN WordPress

What the configuration does is check whether HTTP_REFERER to match the specified domain, or if it’s empty (direct calls, for example). If not empty and unmatched it sends the content of file /nohotlink.pne to the browser. Why? Because when images are loaded with the <img tags the referrer is the page calling the image. You can also define a nonexistent image so that a broken icon is displayed on the hotlinker’s site, or better still replace the last line with:

RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]

My implementation will cause the image to be replaced with:

Hotlink protection

By the way the hotlink protection image is named with the .pne extension to prevent an infinite rewrite to occur. You can also use other image formats, and any other extensions. Some fussy browser might not display it correctly but who cares, the point is to prevent people from hotlinking, isn’t it?

Try it out yourself. Good luck!

Deleting Emails From Someone Else’s Mailbox

No, it’s not possible unless you have their passwords.

From my moonlighting jobs and previous jobs I usually include myself in the SysAdmin or IT email groups or distribution lists. I received a good one yesterday (translated from Malay):

There are different headaches in maintaining email servers, for example one might complain of too many spams but sometimes “valid” emails gets filtered. But this one really made my day.

Be Careful With OpenID

No, there is nothing wrong with OpenID, and there is nothing to worry about security or privacy. Giant players like Yahoo! and Google has also been implementing OpenID for quite some time.

I lost my account at Stack Overflow because I was using WordPress.com as an OpenID. Well, I lost it for about a day because the nice people at Stack Overflow was nice enough to help me merge my previous account and a new account I just created.

What happened? I used OpenID without a full understanding on how it works. I used my WordPress.com URL http://romantika.wordpress.com which I used as a placeholder back then to get an API key for Akismet. What WordPress does is embed the OpenID endpoints into each of the blog URL. For example:

<link rel='openid.server' href='http://romantika.wordpress.com/?openidserver=1' />
<link rel='openid.delegate' href='http://romantika.wordpress.com/' />

One important thing that you need to realize is that once you deleted a blog URL in WordPress.com, you will never get it back and a page saying that the blog has been deleted will be displayed. I deleted my WordPress.com blog to prevent it from becoming an eyesore, and to avoid redundancy. Little did I know that my OpenID vanishes along with the blog.

I would not have lost my Stack Overflow account if I realized earlier that they already allow multiple OpenIDs. So if one OpenID provider vanishes, I can use the alternatives and not bug the guys at Stack Overflow. Although, they did mention:

Accounts are keyed on unique OpenID strings, so if by some accident you end up with multiple accounts, or a “new” registered account you don’t want — don’t fret! It is super easy for us to merge any two (or more) Stack Overflow accounts. Just email us at [email protected] with the user IDs or the user page URLs. We’ll merge them for you no problem.

For my next projects, if I include OpenID support I will definitely follow the steps of Stack Overflow by allowing multiple OpenIDs to be attached to one account.

Facebook Is A CIA Device?

I’ve recently received a chain of emails, originated from a celebrity in Malaysia on how Facebook is a device used by CIA and how CIA is harvesting data of the world population in order to reach world domination. The email was quite elaborate, and I am impressed by the level of thinking the celebrity has.

I am not saying I know for sure, or even have the slightest idea whether or not CIA is really using Facebook to reach this objective. All I know for sure is that Facebook is located in the US and there may be a law to dictate that all data must be surrendered to the law enforcement authority when requested.

One thing that I am sure about is the value of privacy. It is indeed true when someone shares their home address, contact numbers, family members, and profession it is at least available to the owners of the site. Any site. We’re no longer talking about Facebook. It has been around at least since Sir Timothy John Berners-Lee invented the world wide web in 1990. Well, thinking carefully it can also happen on paper.

So, we can’t really focus on Facebook alone. Avoid inserting too much information even in forums or advertising spaces. I’ve seen how naive people can be when they post their full names, ID numbers, phone numbers, home addresses, including the full name of their child inside public forums, just to allow the forum administrator to send birthday gifts or vouchers. Post the pictures along, and it’s complete. Now everyone knows how you look like, and you can easily become a crime target.

That is why I am pissed off with something as little as publishing my ID number online, which is practiced by many public bodies in Malaysia. On survey forms at the shopping store, when asked to fill in personal details I input dummy data. Do you know they sell valid phone number and addresses for good money? After a while you will receive phone calls from telemarketers selling stuff you don’t really need.

I value my privacy. Do you?