Rubenerd

I saw these thumbnails on a Fate/Grand Order wiki last week. I adore when the universe randomly lines up like this!

It’s human nature to compare systems you’re researching to ones with which you’re already familiar. Varnish and nginx for web proxying, or Firefox and Safari for web browsing, for example. Do a search in 2021, and chances are you’ll come across one of these:

• Automated comparison sites. These are glorified databases containing basic stats that can be put into a table and wrapped with ads. They rarely offer anything more than what could be gleaned from sites like Wikipedia; and may have even been scraped from it. They’re especially funny when they compare things that have nothing in common, like a package manager and a text editor.

• Churnalism sites (for churn and journalism). These are written quickly and in bulk with barely a superficial understanding of the topic. They’ll mention software A, software B, then some form of in conclusion, both are good options. This isn’t helpful either.

I mentioned something similar at my Linux.conf.au talk about using FreeBSD in the field. Sites tell us that we should go with FreeBSD for broad support, NetBSD for portability, OpenBSD for security, and DragonFly BSD because something something Amiga. That’s all great, but what does any of this mean?

You could be forgiven for thinking that with sufficient data mining you could extract information and provide quantitatively-informed advice. Sports commentary is now largely written by bots, so why couldn’t the same apply to software?

The thing is, algorithms can never replace expertise. Expertise comes from experience and knowledge, and is opinionated.

In conclusion, Varnish and nginx are both web proxy software with different use cases, strengths, and weaknesses. Choose the one that’s right for you!

We don’t need a thousand articles telling us that Varnish and nginx are both caching servers, we want to know your battle stories, experience using in the field, how you think their configuration compares, the implications elsewhere in the stack over choosing one, how responsive and cordial their community is, whether the documentation is useful, how frequently it’s updated, and so on. You can’t get that information by parsing Wikipedia infoboxes.

I’ve been talking about the rise and fall of blogging again for the last few years in the context of independent publishing and RSS. Maybe I need to broaden my scope to wish for more human writers!

The Australian Criminal Intelligence Commission has submitted a proposed amendment for review on online criminal threats. They base the expanded powers on this premise:

The encryption and anonymisation that underpins the Dark Web and encrypted communications has challenged existing powers and allowed serious and organised crime (SOC) groups and individuals to more effectively conceal their criminal activity. In particular, the networks established on the Dark Web and via encrypted communications have provided criminals with platforms to easily and more confidently communicate anonymously about, and obfuscate, their serious criminal activities.

There’s significant conflation in the submission between the Dark Web and Encrypted Communications, as if to suggest the latter implies the former. For law enforcement, encrypted communications may constitute the Dark Web given their inability to decode data, but they’re two very different things. It’s dishonest.

The whole report is worth reading, especially the expanded sections on the new types of warrants proposed. But this paragraph on page two summarises my concerns; emphasis and numbers added:

Encryption and anonymising technologies have a valuable role in protecting the privacy and data of Australians. As such, the ACIC notes new powers cannot be (1) exclusively focused on subverting encryption and anonymising technologies. Instead new powers must provide the ability for agencies, like the ACIC and AFP, to (2) access material at unencrypted points, or to utilise their capabilities to (3) see through the obfuscation that nefarious use of these technologies provide.

“Exclusively” so perfectly encapsulates my concerns for this entire submission. I’m not sure how encrypted communications could be practically subverted without knowledge and access to decrypt all traffic, and ours fears of scope creep and misuse have been proven so many times I’d be very surprised if this didn’t become routine, if what they’re proposing became possible. If “exclusively” was included to assuage concerns that such powers would be used responsibly, with restraint, and in a manner that respects the law, it absolutely didn’t. As an American colleague used to say, “y’all haven’t earned that benefit of the doubt”.

Despite former Australian Prime Minister Malcolm Turnbull’s embarrassing assertion that the laws of Australia trump those of mathematics, points 2 and 3 are not possible with encrypted communications without a man-in-the-middle, or subversive tools like deep packet inspection. How these would be implemented at all, let alone at scale, and what legal framework would need to be in place to compel it, are all monstrous question marks that the report does nothing to address.

I do empathise with law enforcement’s needs to track illegal activity; something of an unpopular opinion from what I can see. But speaking as an IT professional, this submission is a lot of worrying hand-waving, assertions without evidence, and vague euphemisms. These claims demand precision, accuracy, and honesty to be taken seriously.

Klara Inc have done a great job of late advocating for FreeBSD, including its licencing and unique features. I can speak to the experience of pitching a solution with a FreeBSD component only to have people—whom you’d otherwise assume are well informed—not know what it is. Their most recent tweet asked what we started with ZFS on, and what we did with it.

I namedrop ZFS and OpenZFS here a lot, but as a primer for those unaware, it’s a file system and volume manager designed for the express purpose of making storage easier to administer. The two key features for me:

• It offers a simple terminal interface (especially compared to the mess of stuff on Linux), and can expand from a single volume, to mirrors, to RAIDZ pools that are functionally similar to RAIDs.

• It offers data integrity and consistency features no other system has, meaning it’s the only file system I trust for everything from mission-critical data, to precious personal information like family photos. I schedule regular scrubs (full ZFS integrity checks) in cron, and sleep better for it.

I started using ZFS back in the OpenSolaris days, mostly out of curiosity. Sun Microsystems had open-sourced their Solaris OS and tooling, which gave us this kickarse new storage system. I used SunOS/Solaris at university in the late 2000s, but OpenSolaris gave me the first experience with how simple ZFS was to use. I installed it on my old ThinkPad X40 with it back in the day, after Fedora had decided it didn’t like my integrated graphics anymore. I even briefly ran it on my MacBook Pro. You could say the seed was well-planted by then, and thanks to ZFS, it wasn’t about to be accidentally deleted.

Which leads me to a patented Rubenerd.com digression, if you’ll indulge me! I’ve mentioned it here a few times, but ZFS isn’t only useful for large data stores on a remote server. ZFS’s integrity features make it ideal for laptops, because your data will remain consistent even during power loss or a borked suspend/hibernation. On workstations, ZFS snapshots let you upgrade and try new software without risk.

FreeBSD’s ZFS integration is the best out there, and is now where I use it for most of my systems. My homelab consists of a few FreeBSD servers running ZFS for data storage, as well as to simplify deployments of jails and Xen domu VMs. At work we use it to present storage over InfiniBand to our secondary VMware cluster, for clients who have workloads that can’t run on our Linux Xen infrastructure.

And as for NetBSD, I started using ZFS with it starting with their pivotal version 9 release! Benedict and Allan sometimes read my silly posts here on their BSD Now! show which makes me unreasonably happy, and I think my post about trying encrypted ZFS on NetBSD was the first one they discussed.

I still haven’t tried running ZFS on Mac or Windows, mostly because I offload whatever I can from those systems. Or DOS! Yes, wouldn’t it be great for me to try a new CONFIG.SYS memory setting on my 486, and be able to roll back after the inevitable fireworks set in? Don’t answer that.

Give FreeBSD with ZFS a try now, and ping Klara Inc if you need enterprise-grade support for it. The aha! moment I had when I first tried ZFS a decade ago now was something rare and special; if you’re at all interested in this stuff I think you’ll like it.

Last Wednesday I asked if anyone had a term for answers that are factually accurate but pointless. @Screenbeard of The Geekorium suggests the Mathematician’s Answer:

If you ask someone a question, and they give you an entirely accurate answer that is of no practical use whatsoever, they have just given you a Mathematician’s Answer. A common form of this trope is to fully evaluate the logic of the question and give a logically correct answer. Such a response may prove confusing for someone who interpreted what they said colloquially.

And for those in the back:

People do not usually ask for trivial information or information they already possess, which is how competent speakers know not to provide the Mathematician’s Answer.

This is almost perfect! Some of the examples on the page were funny; I’m specifically talking about people who are malicious, wilfully ignorant, or obtuse instead of attempting humour. Maybe I’ll refer to these people as obtuse mathematicians. Or acute? Badumtish!

And with apologies to @domossu, Clara’s and my favourite mathematician, who doesn’t do this… unless it’s hilarious enough to do so.

It only occured to me halfway through writing this that what I’ve said here applies to Intel Macs. Clara has an M1, but I’m still on the fence if I’m going that way.

Antranig Vartanian asked me on The Bird Site:

How’s your Virtualization setup on macOS? I have to use macOS for work for a while, since I use a mix of bhyve and VirtualBox on my FreeBSD machines, I don’t know what to do on macOS [..] last time I installed VirtualBox it messed up my USB ports and I was not able to transfer data, only charge.

I had a similar experience with VirtualBox, only with NICs. It added a network bridge that for some reason kept messing up my Ethernet to USB-C dongle when cutting over from Wi-Fi. Or at least, I think it did. I removed it and it magically all worked again. It was frustrating, because VirtualBox is otherwise pretty capable and has good support for tools like Vagrant.

I used to write a lot about virtualisation here, I should get back into it. It’s a fascinating field of IT, and recent developments on mu tipple fronts are intriguing and worth exploring, especially on NetBSD of late too. I got my current job, in no small part because my boss read VM-related stuff I posted here.

But I digress! As with everything on the Mac, I offload whatever I can to my homelab server running FreeBSD. VMs and jails on my Holo server running a mix of FreeBSD, NetBSD, and Debian run Minecraft, PleX, Netatalk file shares, build environments, dev testing, automated backups, and a music server. Some of these are backed onto an OpenVPN tunnel so I can access wherever. I need to get back into bhyve more; I run a Xen dom0 because it’s what we use at work and its what I’m most familiar with.

With that set up, this leaves me three use cases for Mac virtualisation:

• Games. I don’t play enough Windows-specific titles anymore to justify having a dedicated game machine, so I spent a bit extra on my MacBook Pro to get the 5500M GPU. I can dual-boot with Boot Camp, but Parallels Desktop performs so well for 3D acceleration, and is easier.

• Local testing. Because I already paid for Parallels for games, I use it elsewhere too. It’s simple to use and performs well, even for OSs it doesn’t officially support with Parallels Tools like NetBSD.

• Retro stuff. For this I use straight QEMU without acceleration. It can emulate an isapc, SoundBlaster 16 card, and Cirrus graphics which all work well with ancient OSs. I wrote about this stuff in detail a decade ago, and most of it still applies :). I’ve written my own scripts to automate booting QEMU VMs.

I can say from experience that VMware Fusion is also excellent, and was slightly more useful than Parallels when I was also doing more VMware ESXi stuff back in the day. I standardised back on Parallels to make my life simpler, just as I did with the first betas in 2006!

All this works great, which is why I’m hesitant to move to an M1 Mac, at least for now. A small part of me wonders if this might be impetus I need to jump completely to a FreeBSD laptop, assuming I can run the software I need for work and a few games in a Windows guest. bhyve with PCI passthrough for a discrete GPU would be boss.

For someone who spends so much time tinkering with vintage computer hardware, it surprises people that I don’t do much gaming on them. My Pentium MMX machine I built as kid is mostly used as a multimedia CD-ROM catalogue thesedays. Unlike the World Wide Web that ultimately supplanted them, these discs are fascinating static snapshots in time, as well as being fun to read and explore.

Microsoft Bookshelf 1991 always has some gems. Here’s an unattributed early Persian saying as quoted in Bartlett’s Familiar Quotations:

If you have two loaves of bread, sell one and buy a hyacinth.

🌼

Last week I talked about my love of old Palm gear from the 1990s and early 2000s, receiving a LifeDrive from eBay, and getting USB passthrough working so I could HotSync on FreeBSD. It’s been so much fun reliving the glory days of not only my favourite mobile computing platform, but among what I consider to be the best ever developed. Our modern smartphones can do so much more, but their UIs and hardware are a far cry in usability, ergonomics, design, practicality, and efficiency to what we once had.

Today I add another chapter to this Palm nostalgia series, having just received a replacement Palm IIIx from eBay for less than $30! Here she is, with her supplied docking cradle, and the same Pentium 1 machine that my original IIIx would have plugged into back in the day:

My Palm nostalgia post detailed my history with the IIIx, but in a nutshell it was my first mobile computing device. My parents bought me one for Christmas when I was in primary school, after I watched in awe at the Graffiti writing system being demoed at an IT show in Singapore. I carried it around with me for years, and long after colour devices with better CPUs and more modern features came around. It was a durable, quirky, fun little computer; something I think Palm’s marketing department missed out on in their rush to brand it as a PDA for business users.

The Palm IIIx was a revision on the Palm III, itself an evolution of the PalmPilot and Pilot from the 1990s. It shared the same monochrome screen resolution and size, but was much easier to read thanks to an ingenious new inverted backlight that highlighted text in the dark. It also came with 4 MiB of memory; twice that of the Palm III. Palm software was tiny, so you could stretch that capacity pretty far.

But that wasn’t the whole story. Years later I went to uni in Adelaide, and a room mate in my dorm hadn’t ever seen a Palm before. He took a keen interest in how it worked, and took it upon himself to borrow it for longer and longer stretches of time. I thought it was a bit odd, but then, we were a dorm of computer nerds. By the time we moved out, he conveniently lost it, and I never saw it again. I wonder if he still has it in a drawer years later, or if he threw it away?

My aim is to eventually add Windows 2000 to this Pentium 1 tower so I can sync my LifeDrive with it over USB, and Windows 95 for this Palm IIIx over serial. But I also have an original Palm USB 1.1 to serial converter, so I might try pushing my luck further and seeing if USB passthrough to a QEMU VM on FreeBSD works for this too. Stay tuned!

Craig Thomler asked on The Bird Site:

Hey folks, if you only listen to audio books, can you really call it ‘reading’?

Absolutely :).

I keep being reminded of that paraphrased John Siracusa quote that technical accuracy is necessary, but not sufficient. Effective communication is about being understood as much as is about being correct. A large cohort of the Interwebs seem utterly oblivious to this, whether it be in online debates, or even joke deconstruction. Worse, others wear it as a badge of honour.

Someone posting about how they’re “so full they could never eat again!” will invariably garner a response from someone saying they need to eat throughout your life to survive. A person exasperated at a recursive dependency in a package manager will be told that life was tougher when we only had tarballs to compile. Make a joke about how renewing your passport was a bit pointless this year, and you’ll have it explained to you that passports last a decade. Frustrated that you missed your train? Well, had you considered leaving earlier?

Those responses are factually accurate, and completely miss the point. Some don’t see the forest for the trees, others are just obtuse or lack empathy. But the outcome is the same: metal exhaustion at having to deal with it!

I’ve been trying so hard to think of a term for this kind of rhetoric, anyone have an idea?