No Food for Thought

Food is something you should provide to your brain long before coming to this blog. You will find no food recipes here, only raw, serious, non-fake news for mature minds.

Switched to DNSEXIT

admin Sunday October 4, 2015

My good old and short dynamic domain name ido.ath.cx which I used to point to my home PC stopped working after DynDNS stopped being free. Instead of looking for another free provider which could also stop being free at some point, I decided to use a subdomain of my domain philippecloutier.com, which I bought from GoDaddy. Unfortunately, GoDaddy does not offer dynamic DNS, so on my friend Xavier's suggestion, I signed up for free to DNSEXIT and changed my nameservers for DNSEXIT's.

I then simply needed to setup my router to update the IP. OpenWrt allows that using ddns-scripts. DNSEXIT's website is a little amateur, but configuration was not difficult. I was surprised to notice at the end that DNSEXIT asked for a link to its website since I use free DNS. I do not wish to make an electronic payment just for dynamic DNS, but I am not entirely comfortable using such a service for nothing, so... here is your link:

The other surprise was to notice that OpenWrt's DNS update method for DNSEXIT appears to send the password unencrypted.
Meh. Not a panacea, but good enough for me.

TP-Link TL-WR1043ND v1 on OpenWrt 15.05

admin Sunday October 4, 2015

I switched my TP-Link TL-WR1043ND v1 from TP-Link's firmware to OpenWrt 15.05 "Chaos Calmer" a couple of weeks ago. Besides errors when trying to connect from PPTP clients, there were no unfortunate surprises.

I was happy to see OpenWrt now includes a web interface (LuCI) enabled by default. It is not exactly the user-friendliest, but I found my way easily enough.

Although I did not do much with it, I found a few bugs, notably:

  • Broken realtime graphs
  • ddns-scripts sending unencrypted passwords without warning
  • SSH server (Dropbear) apparently only accessible from LAN, despite the configuration

The documentation is extensive, but its quality is poor. Installing while playing safe took me quite some time, though part of that was due to a bug in the previous firmware not accepting long filenames. Overall, I am not impressed, but I have no regrets. Coming from a bunch of volunteers, fair software.

I eventually realized that we have been experiencing "constant" intermittent wireless connectivity problems in 2 locations of the house. One of these is a decameter away from the router. The other is slightly more, but at the same floor and there is no exterior wall in between. At times, there was high packet loss and extreme latency. After discovering OpenWrt bug #12372, which possibly persists in OpenWrt 15.05, I suspected that our issue might have been a symptom of this bug, but the same problem persisted after going back to the manufacturer's firmware or to DD-WRT, so I ended up replacing with a TP-Link Archer C8.

Error 619 when trying to connect a NAT-ed client to a PPTP server - watch your router

admin Saturday October 3, 2015

Today, I realized my PPTP connections from Windows 7 and 8 machines were no longer able to connect to the PoPToP server I setup at the office. Strangely, nothing had changed on the server (still Debian 7 running PoPToP 1.3.4), on the server-side router, and my clients obviously had not both been changed enough to explain the breakage. The Windows error messages were not too precise. Server logs were also unhelpful, apparently pointing to a bug in PoPToP, which timed out after 30 seconds:

Oct  3 16:47:25 deimos pptpd[24176]: CTRL: Client control connection started
Oct  3 16:47:25 deimos pptpd[24176]: CTRL: Starting call (launching pppd, opening GRE)
Oct  3 16:47:25 deimos pptpd[24176]: GRE: Bad checksum from pppd.
Oct  3 16:47:55 deimos pptpd[24176]: GRE: read(fd=6,buffer=804f620,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Oct  3 16:47:55 deimos pptpd[24176]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Oct  3 16:47:55 deimos pptpd[24176]: CTRL: Reaping child PPP[24177]
Oct  3 16:47:55 deimos pptpd[24176]: CTRL: Client control connection finished

I finally realized the change to blame was me switching my TP-Link router from TP-Link's firmware to OpenWrt (15.05). I do not understand much of how PPTP works, but it's quite complicated. Apparently, it uses non-standard GRE packets. Therefore, I am not sure if this is a PPTP bug or an OpenWrt bug, but for me the solution was most simple.

As explained in this description of error 619, there are several possible causes, but even if the client is clearly reaching the server, the issue can be client-side. If there is no firewall on the client OS, you should verify any client-side router, which I did by plugging one of the affected PC-s directly on the modem. The VPN could connect again, which confirmed the router was to blame.

OpenWrt does not have a "PPTP VPN passthrough" option to check, but a package to install (which is not installed by default in Chaos Calmer). Following the instructions on OpenWrt's PPTP NAT Traversal document (installing kmod-nf-nathelper-extra), I managed to get the clients to connect while NAT-ed behind OpenWrt.

WampServer? Wait!

admin Wednesday July 1, 2015

Short version

Do not use WampServer.

Long version

The first time I installed an AMP on Windows, I chose EasyPHP. When I came back to PHP development on Windows, around 2013, I chose WampServer. I knew about XAMPP and EasyPHP, but for some reason (probably the precise software offered), I went with WampServer. That decision would cost me several hours...

The good

PHP is already buggy, but I suppose I didn't realize the distribution you chose could make it much more buggy. I sticked with WampServer, initially in version 2.4, because it contained Xdebug, was simple to install and worked immediately. I must admit the UI looks good - the design is good, and it lets you choose your PHP and MySQL versions.

The bad

Things changed when I started configuring PHP. Inevitably, the first problem you'll notice is that WampServer ignores your changes to php.ini. It turns out that is because WampServer installs (at least) 2 different php.ini files, one in php/, one in apache/. The file used by Apache is the latter... but of course, the one linked by WampServer's UI is the one Apache ignores.

That must be when I had to familiarize myself with the wamp directory's hierarchy. Duplication can be deplored, but the worst part is naming. Indeed, both of WampServer's php.ini files are found in... wamp\bin\. Well, I suppose whoever decided that scheme considered that all files were binary, indeed.

Eventually, some development required me to enable 2 PHP extensions disabled by default - intl and ldap. In both cases, I must have wasted an hour until I figured out that icu and sasl DLL-s needed to be copied from php\ to apache\ for the extensions to work with Apache.

The really bad

After hitting some bugs possibly in PHP, I tried upgrading it to 5.5, which required me to upgrade from WampServer 2.4 to 2.5. Unfortunately, WampServer does not offer upgrades. What do you do with such Windows programs? Of course, you download the new version and run the installer. I did that and everything went fine, except servers would no longer start, throwing cryptic errors. That's when I headed to the net and found a post on WampServer's forum explaining that upgrading is not supported. Good thing I had the presence of mind to backup wamp\ first!

It turns out the way to upgrade is indeed to uninstall, and only then to install the new version. You must think I had surely ignored a README which warned against such a crazy idea. But... there is no README. The "official" upgrade instructions are in a forum post!

The only good thing about this part is the honesty of the instructions' writer, who warns that upgrading will take 2 hours, up to 4 for inexperienced users. And indeed, if you had enabled a few extensions, had a few virtual hosts and some customization, it will take hours, even if you've been using PHP, Apache and MySQL for a decade.

The ugly

One of my projects used extensions which are disabled by default. Even after enabling them, they wouldn't show in phpinfo. PHP would merely log a useful error each startup:

PHP Warning:  PHP Startup:  in Unknown on line 0

After an hour of searches, I eventually applied the same workaround I had used (and since forgotten) when enabling them for the first time, copying the missing DLL-s to apache\.

The workaround

After so much frustration, I realized that the huge release notes for 2.5 (again in the form of a forum post) mentioned a simple fix, not only for extensions not loading, but for the tray icon shortcut pointing to the wrong php.ini. That workaround is to click on Apache->Version->2.4.9 via the tray icon. Yes, clicking on that will create symlinks (yes, symlinks on Windows!) from apache\ to php\ for the missing DLL-s, and make the php.ini in apache\ a symlink to the php.ini in php\. Yes, that is the fix, even if that version is already checked. But do not do that without first backing up your php.ini - it will be silently overwritten.

Still think you might give WampServer a go? Here's one last reason why you shouldn't. Playing with the version made me realize one more issue - the links to get different Apache, PHP and MySQL versions are all broken.

The non-lesson

After wasting all of these hours, I figured I would at least go contribute something to the issue tracker. But WampServer has no issue tracker. Not even a forum about issues. Are WampServer developers aware of these issues, and since when? Who knows.

So the only lesson here is already known - avoid software without an issue tracker. OK really...
Even if the website is fancy,
Even if the project seems active,
Even if you share your native language with the developers...
Do not use software without an issue tracker if you don't have some kind of contract with its developers.
And please, developers, avoid versioning your release 2.x until your software is reasonably functional and has an issue tracker.

Unfortunately, this is fundamentally a rant, not a review (and the list of issues is not complete). I will only dump WampServer when the next time to upgrade comes, and I won't recommend an alternative I have not tested until then. Meanwhile, I found a fairly complete review of WAMP stacks, but it's from 2012. If you're starting PHP development, I'm sure you'll find a better WAMP stack than WampServer 2.5. You may want to read about my unsatisfactory experience with XAMPP or about my similarly unsatisfactory experience with EasyPHP.

Wikimedia Foundation Board of Trustees Elections 2015

admin Sunday May 17, 2015

I voted in this year's Wikimedia Foundation Board of Trustees Elections. I had only interacted with 1 candidate and since I was almost focusing entirely on governance, I was neutral for almost all candidates, except:

  • Supported Dariusz Jemielniak, who has spoken against bureaucracy (although I consider his specific proposition of setting a firm limit to the volume of policies as a bureaucratic proposition... despite its anti-bureaucratic purpose).
  • Supported James Heilman for his general impression
  • Confidently supported Tim Davenport for being reform minded and critical of bureaucracy, and his intention of oversighting WMF.
  • Opposed Samuel Klein, simply because he is proposing term limits (we need less rules, not more arbitrary rules!)

By the way, WMF, please make it easy for voters to fix or at least report problems (such as the large number of broken links (anchors) to candidate presentations). And allow us to modify our vote (or at least warn us we would need to start from scratch to do so).

And as for candidates, most of your presentations say a little too much about your past and too little about your intentions.

SPID: 4233
Version: GnuPG v1


A proposal for a populist party in Canada

admin Wednesday November 12, 2014

Competition has always been a fundamental element in capitalism, and elsewhere. In Canada, the Competition Act aims to promote competition. Unfortunately, the Competition Bureau (the government agency tasked with applying the law) lacks the resources to increase competition. Most of the little resources it has are wasted in anti-competitive practices aiming to restrain businesses. Thankfully, Canada has been governed by the Conservative Party of Canada for years.

Lately, the transaction fees requested from merchants by some credit card networks have been growing. The Competition Bureau, which justifies its existence by populist attacks against successful businesses using practices portrayed by the Bureau as anti-competitive, has threatened the Evil Visa and MasterCard with legal action, blaming the very same practices the State has been adhering to for years.

But these threats have been dropped. Surely, the government has reasoned its agency in order to avoid market interference, right? Unfortunately, reality is quite different. Even with the Conservative Party of Canada in power, Visa and MasterCard feared impending interference to a point where they both "voluntarily" reduced their fees by some 10%, which sufficed to satisfy mister the Minister of Finance.

Visibly, after creating the Competition Bureau and backing its abuses, the Conservative Party of Canada cannot claim it promotes liberal conservatism. It would also be surprising if it was green conservatives who had won a ’Lifetime Unachievement’ Fossil award. And a government funding an agency which reduces competition with a > 50 million CAD budget - while pushing a "stimulus package" - is certainly not fiscally conservative. So if the conservative party is not conserving the free market and the confidence of investors, nor the environment, nor wealth, what is it conserving? Perhaps it is trying to conserve its seats.

Here is a proposal for a populist party in Canada - namely, the Conservative Party of Canada. Stop interfering with the market, or stop pretending to be conservatives, and rename yourself to what you truly are - one more Populist Party of Canada.

The paradox of password complexity requirements

admin Tuesday July 8, 2014

Users often choose unsafe passwords. Administrators wanting to prevent that will sometimes implement requirements on passwords. While these usually try to enforce complexity, any computer scientist will see why they also ease cracking, theoretically. And as Matthew Palmer explains, theory is quite right at times.

Ah, if only users would always choose passwords as complex as heuristics.


admin Tuesday May 27, 2014

So after a long time, summer is back in Quebec... what we call summer anyway. With these high temperatures, bugs are back too. Yesterday I came back at 1 AM. With the street lamps, I noticed that - obviously - bugs were also back on the door, just waiting for me to open it before infesting the basement. At that time a great idea came to mind, which resulted in me coining Chealer's architectural law:

Philippe Cloutier wrote:
One shall never install a white external door.

Cloutier's architectural law can be generalized - external doors and door frames should reflect as little light as possible on their outside part. Unless insects would seek darkness to sleep safely.

Yes, I hate bugs. I must have become an adult the day a summer camp destroyed my childhood dream of a bug-free world, presenting insects as an essential link of the food chain. Bugs should be small, but they're stealing a big part of my life.

Thankfully, I'm mostly an inside person. A few minutes after enunciating my architectural law, I was enjoying the insect-free inside by eating dinner in a well-illuminated but very silent kitchen. At some point, I realized there were some noises coming from one window. After nearly starting to get scared, I realized one awful huge bug was repeatedly trying to go through the windows.

Fortunately, the kitchen stayed bug-free despite the stupid bug's tens of impacts. Bugs can't go through windows, right? Unfortunately, even though I rarely open Windows, my PC attracts lots of bugs. In fact, an important part of my contribution to free software is to report bugs I hit when using or trying software.

I certainly file several tickets per week, but many are never resolved or even investigated. That's why the following view hit me today:
packages.debian.org has been lagging a little more lately. I take more time to confirm resolutions, so now the 7 latest mails in my inbox are bugfix notifications in 7 different projects/packages, which all arrived in less than 100 hours. If that rate was maintained, all of my open bugs would be solved by 2016. Unfortunately, I experienced 2 bugs just in the process of writing this post, one which was already fixed, and one which I reported (my fifth ticket against Debian's issue tracking system), which made me hit a Thunderbird bug (which I didn't report this time). So that schedule might slip a little with the software I use - or should I say, test.

Debian developers don't always treat tickets diligently, but now is an occasion to send a big kudos to my squashing colleagues. The bugs above weren't the most difficult, but there's one which has already started making my desktop less buggy.

I won't surprise anyone announcing that my favorite Firefox extension is Firebug. But as Firebug doesn't apply to Thunderbird, my favorite Thunderbird extension is FireTray. FireTray works around Mozilla's biggest issue on GNU/Linux - new mail notifications.

FireTray still has some way to go before reaching maturity, but my biggest issue with it was by far #119, a show-stopper if a show is expected to be attractive. I expected an easier fix - all I wanted was a non-broken notification icon. But I didn't expect the result to be so pleasing:
After hard work by Foudil Brétel, I now get this superb new icon (at least until I switch back to KMail, to which I'm hoping to give another chance soon). And you too will with version 0.5. Thanks to you too, foudfou! The next bug-squashing spree will be even more enjoyable smile

Now, let's just hope that shiny new icon won't attract more bugs... otherwise, it will take the door.

Update 1

A couple of years after writing this, I found an image about bugs I had forgotten I had created:
In French, the colloquial verb 'to bug' means software is misbehaving due to a software bug.
In French, the colloquial verb 'to bug' means software is misbehaving due to a software bug.

13 years later, after many more started offering such certifications, it is well overdue to put this timeless work of art in the public domain so it can be adapted to your favorite(?) software provider.

Update 2

Years after writing this, I realized the publication date didn't make sense. And eventually figured out that the update I did in 2016 had changed the year from 2014 to 2016. Because the blog engine wasn't designed to publish a post with a past date... so the HTML dropdown's options only started at the current year, causing the date to be silently changed - ah, bugsexclaim

Fully Free

Kune ni povos is seriously freethough not completely humor-free:

  • Free to read,
  • free to copy,
  • free to republish;
  • freely licensed.
  • Free from influenceOriginal content on Kune ni povos is created independently. KNP is entirely funded by its freethinker-in-chief and author, and does not receive any more funding from any corporation, government or think tank, or any other entity, whether private or public., advertisement-free
  • Calorie-free*But also recipe-free
  • Disinformation-free, stupidity-free
  • Bias-free, opinion-free*OK, feel free to disagree on the latter.
  • Powered by a free CMS...
  • ...running on a free OS...
  • ...hosted on a server sharedby a great friend for free