[Cadre-politics] status: <insert something clever here>

Dan MacNeil dan at thecsl.org
Sat Jun 28 01:03:34 EDT 2008 

DISCLAIMER
While all the events in this status report are real, the timeline
of has been twisted for dramatic effect and laziness. (I finished 
it 2 months after I started it)

FUNNY INTRO
I started this update after 2 very quick pints with my roommate.
If I were secure in my masculine identity, I'd have drunk
light beer and felt sober enough to work on the servers.


In may, I took a long pause to help bury yet another
family member  with drug/alcohol overdose problems.
(sad, ironic, overly dramatic but true)

Now (2008-06-28) I've just started  a bachelor weekend with a 
couple pints of expensive manly beer. I want to finish this so I 
can move on to more exciting stuff like version control software, 
application frameworks and weakly typed languages.

DANCING WITH ZOMBIES
I'm getting less and less incompetent at dealing with compromised
php scripts and/or the zombie [4] army mindlessly banging away
trying to compromise them.

[4]http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213422,00.html

This week, [some weeks ago] a few thousand zombies
kept trying to post comments on a blog site we host
for a university group. Stuff like:

	Great post!! see my blog at <Viagra link here>

When 40-50 zombies attack each second, the server
collapses.  The server load [4] was at 100. After
more fumbling around than I'm willing to admit to,
I got Stanisław Polak's script [5] to integrate
iptables [6] and mod-security 	working.

[4]http://lifeaftercoffee.com/2006/03/13/unix-load-averages-explained/
	
[5]http://www.icsr.agh.edu.pl/~polak/skrypty/ban-hackers.var

[6] http://www.netfilter.org/

There were a few quirks to the script, so I sent
Stan a patch. He was happy to hear from a user.
I'm feeling pretty good because I was humble
enough to **NOT** re-write the script in my style.

FIRING A CUSTOMER

I found one of the compromised php applications as
I was leaving for a week away at a funeral.
It was compromised  badly enough to  do drive-by
virus downloads to any copy of Internet Explorer
visiting the site.

Since, the application wasn't one we installed,
was not on a site that pays us support, and
wasn't anyone from Lowell:

I offered two options:

   1) Do a clean re-install of the application
   2) Host someplace else.

The low point of the conversation was their tech
guy's insistence that they had engaged an
security expert who could clean the application
without a re-install.  Google turned up a 2007
page where the "expert" said something like:

    "I'm not an expert, I'm a
     high school student who can
     do some web things cheaply
     for you."

I was a bit conflicted about whole problem,
The group has a decent mission and they
needed the site to do registration for a
big event coming in a week. I even asked
the  experts at the debian-isp list for advice:

	http://lists.debian.org/debian-isp/2008/03/msg00053.html

Oddly enough they selected both options #1 & #2

CRON SYNTACTIC

Did you know that debian/etc/cron.daily/
filenames can't have:

	 '.'
...in them if you expect them to run.

Neither did I.

The closest I've come to documentation
of this unhappy and arbitrary fact is
a patch against Lintian [5] to warn
software packagers.

[5]http://www.mail-archive.com/debian-lint-maint@lists.debian.org/msg06272.html

It's stuff like this that makes me wonder
how anyone can justify $50/hr.

I don't have the bubbles to ask somebody
to pay me $150 to figure out a couple
misplaced periods.

ASSESSMENT

Thanks to our good friends at Jericho
Road [6] we have an organizational assessment.
See my cliff notes version [7] 	Jodi's kind
comments on my crude summary and the actual
assessment attached at the bottom [8]

	[6] http://www.jerichoroadproject.org/

[7]http://lists.thecsl.org/pipermail/divinerightofkings/2008-April/000623.html 
	[8]http://lists.thecsl.org/pipermail/divinerightofkings/2008-May/000634.html

Coming soon is a business plan.

NEATO PLUMBING TOOLS LINE

We're about done upgrading our sarge
machines  to etch.  A nifty, low
learning curve tool is screen.
You type:

	screen

...then the dog eats the wireless router,
interrupting your interactive terminal
session that can't safely be interrupted.
No worries, after a brief and futile
argument with the significant other about
the humanity of dropping the dog in the canal,
  you re-connect and type:

	screen -d -r $PROCESS_ID

...and away you go.

GLORY DAYS
I've just been thinking about http://habitat.org,
because Habitat was mentioned in a non-profit
management book [9] I just read. ( I was sucking
up to a possible big funder that recommended it.)

I know most of the people quoted in the book from
unjamming their printers or crawling under their
desk to plug their power cable back in.
	[9]http://www.amazon.com/Forces-Good-Practices-High-Impact-Nonprofits/dp/0787986127/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1214621648&sr=1-1 


My big take-away from the book was that the
winners write history.

There was a lot of talk by about how
habitat managed to grow from an agency
run by 20  year old people who
substituted sleep  deprivation and
hubris for experience and talent.

The comments were written people
now in their 50s and 60s who were
jealous of the results, we (at the time)
20somethings got.

I got a positive and honest reply to my
sycophantic [10] emailed thoughts on the
book. (The funder hadn't read the book,
and doesn't see having the time to read
the book soon)

[10]http://en.wikipedia.org/wiki/Sycophant

Then I got to be thinking on My favorite
over-played, sentimental 80s classic
rock tune, Springsteen's "Glory Days":

http://www.youtube.com/watch?v=oOpIfbneeHg
	http://www.lyricsdepot.com/bruce-springsteen/glory-days.html

When I was at Habitat, we did great stuff.
In ***1993*** everyone had email (even the
offices in Africa) We had a 3 million name
donor database, We paid 3.5 cents per
minute for long distance phone calls,

When I wanted something, I wrote a PO
and got it.  My minions were guys
taking leave from  their rocket
scientist jobs. They were happy
to get basic health insurance,
a place to live, a weekly $30 gift
certificate at the piggly-wiggly
supermarket and a shot at eliminating
poverty housing from the face of the
earth.. (I shit you not)

It all worked. (except for the few
days we spent recovering from the
time I deleted the index file for
everyone's email)

Lowell MA is arguably a more
cosmopolitan place than Americus
GA

[11] http://en.wikipedia.org/wiki/Americus,_Georgia


..but it is hard to argue these past 10 years
were more productive than the 5 before in
Americus.

LTC got a file server, a bunch of
people passed MCSE exams, some people
learned about linux. We (mostly DS
& EMA ) created the best online
directory  of social services in
the world. [12] --the directory
that  completely covers  only Lowell.

[12] http://mvhub.com

..Nothing really compared to what
we did in GA. The discrepancy is
of course, what the prophet Joel
explains in terms of Dolly Parton [13]

[13]http://www.joelonsoftware.com/articles/DevelopmentAbstraction.html

It is possible my glory days are past.

I hope that it's  just this last year,
that  I've noticed that there was a
whole layer of  abstraction in GA that
we haven't built here yet and that the
glory  days are yet to come.

DREAMHOST NOT SO GREAT

We're still moving toward ditching our hosting. I can't really 
say Dreamhost is better than we are any more. They're probably 
good enough [15]

[14]http://blog.dreamhost.com/2008/04/07/another-anatomy/
[15]http://blog.dreamhost.com/2006/05/18/the-truth-about-overselling/

Coming soon is another message on where we're at with this.

More information about the Cadre-politics mailing list