|
|
One item on my todo list is to set up a bunch of email addresses on sub-domains of domains that I am responsible for (with the consent of all people involved of course) and perform various actions to get the addresses noticed by spammers and measure how effective the various anti-spam measures are. As part of such tests I would click on every URL in every message sent to some accounts and see what difference it makes. My plan is to run a set of Xen virtual machines with different configurations of some common anti-spam measures used in MTAs and see how they fare with sets of accounts with similar publicity. I am not aware of any work having been done in this area (a quick Google search turned up nothing). There are many honeypots for tracking spam sources, matching email address harvesting to spamming, etc. But I’m not aware of any research into the effectiveness of various methods of combatting spam by setting up multiple honeypots. Please inform me via comments if I have missed something!
The most common advice about spam is to NEVER click on the URL that supposedly removes you from a list. By clicking on such a URL the spammer can recognise that you actually read the email and therefore know that it’s a live address and a good target for more spam. I am not aware of any good studies proving this, which is why it’s one of the things I’d like to investigate. A counter theory (for which there is also a lack of evidence AFAIK) is that spammers used to measure delivery etc but now that bot-nets are large and cheap it’s easier to just send mail to all possible addresses.
Even though I am not aware of any great evidence to support the idea I avoid clicking on URLs in spam messages. Refraining from hitting the spam web-sites can’t do any harm (it’s not as if the meager contribution to their system load caused by my web browser will cause them a problem).
But today I was tricked. A spammer subscribed me to a mailman mailing list, as I am subscribed to many lists (about half of which use mailman) the fact that I didn’t recognise the list name didn’t necessarily mean that I hadn’t signed up to it. After signing in I saw the list archives which had only one post concerning spam. I unsubscribed (there was no other reasonable option open to me) and sent the mailman message to SpamCop.
This technique will probably be effective for a while. People will think that they subscribes to a list and forgot about it and that it’s just another list that doesn’t have strong anti-spam measures. That should greatly increase the amount of time taken to black-list the spam server.
So from now on if I receive a spam via a mailing list that I am not familiar with then I’ll send it to SpamCop immediately. Also this is yet another good reason for not subscribing people to mailing lists without their consent (a practice that is far too common – it’s really not difficult to send someone an email asking whether they would like to join the list). If you subscribe me to a list without prior discussion and the first post I receive on the list is a spam then it will be sent to SpamCop and this might result in you being black-listed.
I recently had to decommission an old Linux server and replace it with a new machine. When I was about to turn it off I noticed a power cable of the type used for IDE hard drives leaving the Linux server and entering an NT server that was in the same rack! It turned out that a DAT tape drive used for backup had been shipped without a power cable and they had been forced to take power from another machine. Incidentally is this likely to risk hardware damage?
So I had to take the NT machine down to fix it. The new cable had arrived so all I had to do was install it. One thing that wasn’t mentioned on the documentation was that the cable was designed to operate as a double-adapter and replace an existing cable. Once the phone support people had explained this (IBM support is really good – they solved the problem well within the SLA) I was able to correctly wire it.
However correct wiring in this case meant having a power cable go through the side of the storage bay and a SCSI cable came from the back of the case underneath the cooling fan assembly (something like 16 separate hot-swap fans in one assembly that can be removed for maintenance). The DAT drive took up space that could otherwise have been used for three hot-swap SCSI hard drives.
What I would like to know is, why can’t they make hot-swap DAT drives that use the same power and SCSI connectors as the hard drives? I don’t expect a DAT drive to be any more reliable than a hard drive, and when the system backup is mission-critical then down-time is required for a replacement. Not to mention the effort involved in the installation, my fingers are significantly longer than average, I can’t imagine how anyone with average size hands could complete the job!
So IBM, congratulations on the great phone support. But please try and make everything hot-swap when designing servers. Also while on the topic, I think that servers should be designed with external DVD drives connected via USB. I really hate it when I’ve got 10 * 2U servers in a rack, my system performance is limited by the number of disks and every single server has space that could be used for at least one disk sitting idle because there is a DVD drive gathering dust. For the IBM 2U servers in question, they could design them with space for 12 disks or 9 disks and one DAT drive which were all hot-swappable if they were smart about it, the current design supports 6 disks or 3 disks and a DAT.
My post about Why Hydrogen Powered Cars Will Never Work has received a record number of comments. Some of them suggested that carbon geo-sequestration (storing carbon-dioxide at high pressure under-ground) is the solution to the climate change problem. The idea is that you can mix natural gas or coal gas with steam at high temperature to give carbon-dioxide and hydrogen. Then the carbon dioxide gets stored under-ground while the hydrogen is used for relatively clean fuel.
Beyond Zero Emissions has produced a media release about the fallacies expressed in the FutureGen document promoting so-called “clean-coal”, the best content is in their PDF document titled FutureGen Conceptual Design Retort. Note that I did some research to support the preparation of the retort, I am not referencing them to support my arguments but as background information.
One overwhealming problem with geo-sequestration for coal based power plants is that it is significantly more expensive than the current coal-fired power plant design. Currently the price difference between coal power and wind power is quite small and there are several technologies that are almost ready for production which will decrease the cost of wind power, it is expected that before so-called “clean coal” becomes viable (they are planning for the first production plants to go live in 2022) the cost of renewable energy will be lower than the current cost of coal power. There is no reasonable possibility of “clean coal” being cheaper than renewable energy.
The underground reservoirs that could be used for storing CO2 currently contain brine, which can contain toxic metals and radioactive substances (according to the Bureau of Land and Water Quality in the US). If toxic and radioactive substances need to be pumped out to make room for CO2 then it’s hardly a clean process!
The US Geological Survey has an interesting page about volcanic gas. Apparently it’s not uncommon for small animals to be killed when CO2 forms pools in low lying areas. If (when?) CO2 escapes from geo-sequestration the same might happen with humans. They also have a page about CO2 killing trees at Mammoth Mountain! Before I read this I never realised that plants could be killed by excessive CO2. Apparently tree roots need oxygen and CO2 in the ground will kill them. The release of 300 tons of CO2 per day killed 100 acres of trees. The FutureGen trial power plant is designed to support sequestration of over 1,000,000 tons of CO2 per year (that is over 2,700 tons per day). If it leaked at 1/9 that rate then damage comparable to Mammoth Mountain would be the result. Note that the FutureGen trial plant will be a fraction of the size of a real coal power station so an escape of significantly less than 1/9 of the CO2 from a real sequestration plant would have such a bad result. It’s interesting to note that tents and basements are documented as CO2 risks, so I guess we have to avoid camping in areas near power plants!
What would happen if a large geo-sequestration project had a sudden failure? IE if the reservoir broke and all the CO2 erupted suddenly? We already have an answer to this question because such things have happened in the past. In 1986 in Cameroon 1.2 cubic kilometers of CO2 gas was released from a volcanic lake, that is 2,400,000 tons (or just over two years of output from the proposed FutureGen plant). It killed over 2000 people. What might happen if 10 years of output from a commercial scale coal power plant was suddenly released into the atmosphere?
As far as I know there has been no research on de-sequestration of CO2. If a reservoir is discovered to be unstable after 20,000,000 tons of CO2 have been stored in it, what will we do?
Geo-sequestration of CO2 makes nuclear power plants seem safe by comparison.
Here is a transcript of a lecture by George Monbiot about climate change and what we need to do. The latest scientific evidence suggests that we need to cut emissions to zero by 2030 to avoid significant increases in the sea level over the next century, George describes some options that will form part of a solution to this problem. Below are my comments on what I consider the most interesting (the ideas that I hadn’t heard of before), I recommend reading the full article for the rest.
- Have a carbon ration for each citizen. Wealthy people who want to use more resources could buy carbon rations from poorer people on an open market. That way people who use less than their ration still have an incentive to save more because the extra savings are worth money! As everyone would then have a financial incentive to reduce emissions there would be a lot of new development of methods and technologies for eliminating or compensating for carbon emissions, capitalism works!
- Build battery powered cars with interchangeable batteries. The idea is that you rent a battery from a fuel company, and whenever it runs low you go to a service station and swap it for a fully charged battery (for a small fee). If doing this the service station could use cheap night-time electricity to charge the batteries, and the batteries that are charged could be used to put electricity back into the grid at times of peak demand. A common idea is to have Prius+ type vehicles charge from the grid when not being used and then sell electricity back to the grid at peak times. Implementing such a system for millions of homes is technically challenging and expensive. But having a much smaller number of service stations sell larger quantities of electricity back to the grid is easier to manage.
- Reduce air travel by 90%. I wonder how much of this can be achieved by using high-speed trains for all national travel systems and for most travel within the EU. I have often travelled between Amsterdam and London by train, it’s much more civilised than flying.
- Classic quote from George on John Howard: “if Howard believes a slight reduction in consumption is a recessionary measure he ought to see what a total reduction of land area would be as a result of the melting of the west Antarctic ice sheet. The two things are just completely out of proportion..”
George Monbiot also has recently released a new book Heat: How to Stop the Planet from Burning .
I have just been asked for advice on whether SE Linux is Linux specific, and therefore whether code related to SE Linux should always be stored with other Linux specific code instead of being in the main branch of certain free software projects.
One example of SE Linux access controls being implemented on a different OS is the work to port SE Linux to Mac OS/X. Here is a paper on the topic presented at the SE Linux Symposium 2007, and the main site is at http://sedarwin.org. One thing I have been doing is trying to get some friends interested in doing similar work for GNU Hurd (there are some similarities between Darwin and HURD so the work done on Mac OS/X “Darwin” will help the HURD effort). I believe that The HURD has the potential to offer significant security benefits due to the micro-kernel design. One significant problem area in computer security is kernel security flaws, if the kernel can be split into a set of independent processes that run with minimal privileges then the scope of such problems is dramatically decreased – and the possibility of upgrading parts of a kernel on a live machine is provided. As people such as Linus point out there is a performance overhead to micro-kernels, but most machines are idle most of the time anyway. I believe that reliability and security are more important than getting the last 10% of system performance for most machines. The success of Xen is evidence that features other than maximum performance are desired.
Another example of SE Linux access controls on a non-Linux platform is the MAC framework in the TrustedBSD project. This implements SE Linux access controls on top of FreeBSD. From reading the documentation it seems that the amount of changes required to the SE Linux code base for implementation on TrustedBSD was significantly smaller than the changes required for Darwin.
Sun is also apparently considering adding type-enforcement to Solaris. It’s yet to be seen whether this happens and if so whether it is compatible with SE Linux.
So it seems that a significant portion of the SE Linux code base is portable, and in particular the user-space code should port well. The interfaces for and methods labelling files etc should port well between platforms. Therefore I recommend not having SE Linux code split into Linux specific trees and instead having a compile option to enable SE Linux support.
I just needed to test something so I mounted the filesystem of one of my Xen domains in the Dom0 and chroot’d into it (I didn’t need the overhead of running a DomU for a quick test). Then strangely I found that my chroot environment had no apt-get and no dpkg installed.
After a small amount of thought I realised that I had accidentally mounted the filesystem for a Fedora image instead of a Debian image.
It seems to me that it might be a good idea for distributions to have shell scripts replacing the package tools for other distributions. For example dpkg on a Fedora box could be a shell script that runs echo “This system is running Fedora, you want to use rpm instead of dpkg”. Such a command would have saved me a couple of minutes of thinking.
This may sound trivial, but if you consider the number of people who make such mistakes (and the even larger number of people who don’t realise that there is even more than one package tool in existence) then wasting a few K of disk space on every system to help them seems like a good idea.
The minimum size of new hard drives that you can purchase seems to be 36G nowadays. So it’s not as if this would really cost anything.
Please leave comments to tell me if I’m being sensible or silly. If the idea is regarded as good I’ll start filing bug reports.
BMW has released a new prototype hydrogen powered car. The bmwworld.com web page about it claims the cruising range is 190 miles. Added to the 400-mile range of the normal fuel tank, the 745h can go 600 miles between fill-ups. The first issue is that 10 miles are not accounted for (maybe it finishes the 190 miles of hydrogen power at the top of a hill). But more seriously the hydrogen needed to drive for 190 miles would take as much space as petrol needed to drive for 646 miles (hydrogen needs 3.4* the volume to store an equivalent amount of energy). I wonder if that BMW has any space left in the boot/trunk?
Now we have some green bloggers praising BMW. An internal combustion engine that burns hydrogen will not give no emissions other than water vapour, it will produce some nitrogen oxides. The processes to produce hydrogen for fuel all consume unreasonable amounts of energy (more than is required to charge a plug-in hybrid).
BMW demonstrates their level of interest by giving the cars to some celebrities. This gets some PR but no analysis of the performance. They also introduce the prototype based on one of the most expensive models (the 745) which you almost never see on the roads. If they produced a 318 or 520 that ran on hydrogen it would demonstrate some level of interest in getting this working for the mass market.
If BMW wanted to make their cars more environmentally friendly they would start by adopting some of the technology from the Prius. Rumour has it that part of Toyota’s plan to make money from Prius development is in licensing the technology that they patent. A couple of years ago I test drove a BMW 316 and a Prius. The Prius was very quiet and gave a smooth ride (you might call these luxury features), and also gave decent performance (it’s widely regarded that luxury cars should perform well – pity the BMW 316 is a slug).
In Australia the concept of “badge engineering” of cars is well established. When government subsidies favoured large manufacturing runs the Ford Laser and Mazda 323 were essentially the same car. Maybe BMW could adopt this concept and sell a re-badged Prius i-tech with a few extra luxury features as a BMW 4 series (it’s a much better car than the 3 series BMW).
Finally bmwworld.com has an amusing FAQ about hydrogen power, here are some of the mistakes that they make:
- They say “About 45 billion kilograms (50 million tons) [of hydrogen] is produced every year—enough hydrogen to fuel 250 million fuel cell cars“, but only if the average fuel-cell car uses 180Kg of fuel per year. According to Wikipedia hydrogen has slightly more than 3* the energy density per mass than petrol, so 180Kg of fuel would be equivalent to 540L of petrol per year. The Australian Bureau of Statistics states that in 1996 the average annual distance travelled by car (it’s not clear whether this is per car or per person) was 14,600Km while among the countries listed the lowest was Japan with 10,130. When efficiently using hydrogen in a Prius (that is quoted as using 5.4L of petrol per 100Km) you might expect that 540/5.4*100=10,000Km could be travelled on the 180Kg of hydrogen. So the FAQ claim that 250M cars could be powered by the current hydrogen production would only apply if the cars are of Prius efficiency and driven the typical distances of Japanese drivers, or the cars were 46% more efficient than the Prius and driven in the Australian manner. Of course in the US things are even worse with 17,862Km being the average distance driven which means that their hypothetical fuel-cell car would need to be 78% more efficient than a Prius.
- They state that “the majority of merchant hydrogen is produced by a process called steam methane reforming“. Why not just run cars on methane then? Anything that burns can be used to fuel cars, and methane has a much higher boiling point than hydrogen so it would be easier to store and transport (see the Wikipedia page on methane).
- In regard to hydrogen production they say “about 95% of the total global hydrogen production is captive meaning it is used at the site where it is produced“, that is of course because it’s difficult and expensive to transport hydrogen.
- The final amusing fact is that it is noted that most hydrogen comes from fossil-fuels. What problem are they trying to solve here? Hydrogen isn’t going to help the environment if it comes from fossil fuels, it will be more expensive than other fuels. Apart from getting government grant money for BMW it doesn’t seem to do any good.
I just noticed that my post about LED Headlights in an Audi Sports Car was linked from audi.host4blogs.com. Strangely they took some of the words from my post, added some other apparently random words to make it look like a response, and then linked to my post.
Having summaries of my blog posts appear on splogs is nothing new. I don’t have any objection to it normally as summaries will in a small way promote my blog as long as they are intelligible. The host4blogs.com site has a couple of other car blogs that link to each other with content of the same quality.
I guess I can’t file a DMCA take-down request as the text is not a summary of mine. I hope that Google will start taking action against the sploggers soon.
One of the most important issues for a commodity fuel for vehicles is that it be convenient and safe to transport. For quite a while LP Gas has been available as a cheaper car fuel. Even with increasing petrol prices it’s acceptance is well below 100% due to extra expense in storing the fuel (high pressure and more insulation are required), the more expensive technology in the engine to heat the fuel before injecting it into the engine, and the extreme difficulty in creating something as convenient as a Jerry Can for transporting LPG.
LPG is mostly comprised of Propane and Butane. Propane has the lower boiling point of -42.09C. Hydrogen however has a boiling point of -252.87C and therefore is much more difficult to store and transport.
The next problem with hydrogen as a fuel is that it has a very low density. The energy density per volume of liquid hydrogen is 10.1MJ/L while the energy density of petrol/gasoline is 34.6MJ/L. Not only is liquid hydrogen difficult to transport but the vessels you transport it in need to be 3.4 times the size! Having a 3.4x larger fuel tank in a car may not be a huge obstacle, but then there is the issue of trucks used to transport it to fuel stations which are already at maximum size so the truck fleet will need to be 3.4x larger with more people driving them etc.
Once these problems are solved there are a variety of safety issues. Hydrogen burns with an almost invisible flame, sustains a fire when at a concentration of between 4% and 75% of the air and ignites at a low temperature. For an explosion you need a concentration of between 18.3% and 59%. I won’t risk promoting foolish behaviour by describing details, but when younger I have performed experiments with ethanol and witnessed experiments with petrol that demonstrate that they are both far less dangerous. Page 22 of this document by the US Bureau of Transportation and Statistics gives more information about the fire risks posed by hydrogen fuel. Page 35 of the same document describes fuel cells as being 45% efficient and an internal combustion engine for methane gas as being 30% efficient thus giving overall efficiencies of 33% and 29.5% respectively. Of course using an Atkinson Cycle engine will give a significant efficiency benefit over an Otto Cycle engine and outweigh this. Also it should be noted that fuel cells tend to require expensive materials such as Platinum in their manufacture.
Hydrogen is promoted by clean-coal advocates (not that any form of coal power is clean) and the nuclear industry (electrolysis is one way of using a huge amount of electricity). But there are many better options for powering cars that are available right now at minimal cost, these include bio-Diesel, ethanol, and plug-in hybrid or electric vehicles.
There is a lot of career advice related to writing CVs in books and floating around the net. Unfortunately almost all of it is tailored to permanent positions.
Some advice that I have seen includes researching the company you are applying for and emphasising your experience in related fields. This probably makes some sense if you have targetted a major company to be your employer for the rest of your life. But if you are after contract work (which incidentally tends to pay better than permanent positions) then it’s not going to work. About half the time when applying for contract work you won’t know the name of the company that is receiving your CV until after they have decided whether to grant you an interview.
Contractors therefore need to write their CVs to have broad appeal (emphasising common technologies such as C programming and skills such as debugging), and to appeal to a recruiting agent.
Some people recommend writing your CV in MS-Word to support agencies and potential employers who are not competent enough to open other file formats (such as PDF and HTML). I strongly disagree with this advice, most contract positions are advertised by multiple recruiting agencies and it would be best for you to be represented by the most competent agency. Therefore having an agency staffed by incompetent people not represent you because they can’t figure out how to read a HTML or PDF file is a good thing! The same applies for employers, while applying for the best paying contracts will often result in some strange and unpleasant working conditions having a manager who can’t open a PDF or HTML file is likely to result in something that is unusually bad – run away!
Recruiting agents will often give specific requirements for a CV. Sometimes these requirements are a little odd (such as demanding that references to C programming be removed from a CV when applying for a Unix sys-admin job), but being merely a little odd is no reason to boycot the agency. To solve this I wrote my CV in M4 macros to generate HTML code. When I wanted to apply for a position I would just type make to compile the M4 source into five or more different CVs. Sometimes a recruiting agent would request two versions when applying for one position, it’s a strange request but when five versions were compiled in one pass it was easy to satisfy it. If I liked PDF I could have written M4 macros that generate TeX and have the make process convert TeX to PS and then PS to PDF.
Unfortunately I can’t share any macros because the code was not of particularly high quality (which is a little ironic) and because it’s tightly tied in to my CV. The best piece of advice that I can give to anyone trying this is to get columns sorted out as the first issue. If you want to have some lists of programming languages, lists of OSs, and lists of hardware, etc in your CV then it usually works best to have two columns in the page. If the largest list is removed then the other lists need to be shuffled around to get the column lengths to match. Doing this in HTML required some ugly M4 macros. There probably is a better way of doing this in TeX (but I’m really not good at TeX and can’t give advice about it).
James has some interesting advice about writing CVs. I think that his most useful points are:
- Use file names based on your name so that agents can find your CV in the directory full of CVs
- Include complete contact details. One thing he doesn’t mention is that you should buy a mobile phone for the purpose of getting a job even if you don’t want one for any other reason. A 5% difference in pay for a year’s work would cover the cost of many mobile phones and the difference between a good job and a bad one is likely to be more than 5%. If you are afraid of brain cancer then don’t worry, if you only spend a few minutes a month talking to recruiting agents then you are at no risk.
- Don’t start a sentence in the career history section with the word worked – everything in that section will be related to where you worked in the past. It seems obvious in retrospect but I realised that I have made this mistake on my CV.
|
|
