Tinkering on what happened in 2019

2019 was a great year for the internet, but some elements are worry-some

Tim Berners-Lee launched the contract for the web. A good initiative. Certainly an answer to what happened with some big companies wanting to take control:

HTTPS everywhere – great for privacy. Downsides: most proxies are broken, network acceleration is back to basics widening the gap in between the western countries and third world countries. How are corporate firewalls handling it? Most of the time, there is no need to deliver data over HTTPS except for a single reason, privacy. Why in a hell is firefox showing a broken lock when a site is not HTTPS. It should be more like a spying eye. Please let users decide whether or not they want privacy. Anyway, as long as we do not control the keystore, there is no privacy.

Facebook stance on privacy. 2019 was the beginning of the fall of facebook. It will either be broken up or people will start to understand how it is abusing your data.

The demise of windows. Even on Azure, now there are more linux installations than windows installations. Only a few years keep us apart from an opensource windows for the public and a closed source version for the enterprise.

Do-not-track. Honestly, I do not understand why we need this. If I go to a web-site, I want content of this web-site. I do not want publicity, nor any other content that is not delivered from other sources as the one on the website. It is time for browsers to block all content from other sources than the URL we just typed in the address bar. The do-not-track would not be required.

WWW has to go. Honestly, I do not understand why we need this. As a sideline, some browsers will not show the parameters in the address bar unless I select it. People already do not understand how a browser works, so why hiding some of its core concepts? Goal, take the hand of your user so you can guide him/her to where you want. This lets me think of the early Microsoft that thought you, nobody will ever need HTML 4 as majority of users stick to 3.2, lets remove it from Internet Explorer Mac so we can force users to silverlight.
For those that do not understand, www is great for routing. A company might have multiple servers, such as mail, webmail, intranet, application1, ftp, … and then a also a server servicing www content.

DNS over HTTP. What the heck is going on? Why would we ever need this? Answer: you certainly can read the reasoning from those promoting it. Until all browsers, phones, operating systems, … will adopt it, it will create a dual speed internet. In the mean time, all those applications that are on iOS or play store will start to function differently than the google browser. (Yes, I should sell this idea to google, great way to force users to come back to them.)

HSTS. What the heck is going on? Why would we ever need this? After the history of certificates, green ‘costly’ certificates, demoting self signed certificates, now the browser is storing DNS entries and caching not only web-content but also web routing. Bye bye accelerating the web and imposing a new cache hell to web-developers.

Huawei gets blocked for the false reason. Why are other countries following suit? Where are the proofs? The US has been caught multiple times in spying, creating backdoors, tampering the BGP routes, imposing operators or the Swift network to spy into their systems, yet we are not blocking Cisco, Facebook, …. because of … maybe the US is not involved in any wars while the others are. This is all a huge lie.

Edward Snowden and Julian Assange. The last part of demonizing those that want the truth to be told and lies to be revealed. Poor guys who dared to tell the public what for large parts we knew already.

QUIC – (aka HTTP/3) a proprietary protocol by Google that wants you to use UDP for content streaming just like audio streaming. They only talk about the benefits. There are several downsides to it: it cannot be cached, if bundled with SSL, how are corporate firewalls going to handle it? It also adds complexity because retransmission is handled by the application and no longer by the network layer. In essence, it makes browsers bigger and more complex just for the interest of some of the big players such as Facebook and Google.

Blocking certain countries to access open source repositories such as sourceforge or github? Who is deciding what? Who is the bad guy and who is the good guy? Its like saying, lets starve a population to death because we don’t like its leaders.

Privacy as a technology concept or privacy by human rights

There are some legitimate reasons why we want to intercept privacy. I give some examples: parents controlling their children, networks that block bad content, companies wanting to protect their interests, countries that want to apply their legislation.

We should not give the right to big companies to control your content and at the same time propose solutions that make controlling by the one who is entitled to control impossible. Putting new protocols in place because you do not agree with what certain governments are doing is not the right thing to do.

Protocols are open and should be easily adopted by all players of the market. Yes, one can develop and propose an enhancement, but being a major player in the market does not mean that you are allowed to impose your choices. Please play it nice. It is not because there are bad offenders in the world that you should become a bad offender of a different kind.

Looking for authors

If you want to post some messages on this board, please contact me. If your interests are SCM, virtualisation and/or wordpress, you can become co-author on this site.

Problem with mounting NFS on Mac OS X

Recently, I got a problem mounting my NFS shares. A shortcut to the /Volumes/Public placed on the desktop would mount the volume in read-only mode. A go to /Volumes and selecting the Public link would mount it in read-write.

Things I tried first:
-chgrp to guest, admin, 20 (group where my user is)
-chown to guest, myself, admin
-chmod to 777

Once a volume was mounted in read-only mode, it would only come back on read-write mode after a reboot of the NFS client and following the manual process. It must have been a while like this but it went unnoticed as when mounting from an application (not Finder), it would mount correctly.

I tried rebooting the QNAP (shame on me) but it would not change the mounts without rebooting the client.

So what did I learn so far. All NFS mounts are cached on the client. If you know how to clear the cache without rebooting, it would help me.

I also run nfsstat to find a lot of problems. Compared to some production systems, the number of nfs problems is abnormally high. (I will include some statistics to prove my point.)


Scene: A cafe. One table is occupied by a group of Vikings with horned helmets on. A man and his wife enter.

Man (Eric Idle): You sit here, dear.

Wife (Graham Chapman in drag): All right.

Man (to Waitress): Morning!

Waitress (Terry Jones, in drag as a bit of a rat-bag): Morning!

Man: Well, what’ve you got?

Waitress: Well, there’s egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam;

Vikings (starting to chant): Spam spam spam spam…

Waitress: …spam spam spam egg and spam; spam spam spam spam spam spam baked beans spam spam spam…

Vikings (singing): Spam! Lovely spam! Lovely spam!

Waitress: …or Lobster Thermidor au Crevette with a Mornay sauce served in a Provencale manner with shallots and aubergines garnished with truffle pate, brandy and with a fried egg on top and spam.

Wife: Have you got anything without spam?

Waitress: Well, there’s spam egg sausage and spam, that’s not got much spam in it.

Wife: I don’t want ANY spam!

Man: Why can’t she have egg bacon spam and sausage?

Wife: THAT’S got spam in it!

Man: Hasn’t got as much spam in it as spam egg sausage and spam, has it?

Vikings: Spam spam spam spam (crescendo through next few lines)

Wife: Could you do the egg bacon spam and sausage without the spam then?

Waitress: Urgghh!

Wife: What do you mean ‘Urgghh’? I don’t like spam!

Vikings: Lovely spam! Wonderful spam!

Waitress: Shut up!

Vikings: Lovely spam! Wonderful spam!

Waitress: Shut up! (Vikings stop) Bloody Vikings! You can’t have egg bacon spam and sausage without the spam.

Wife (shrieks): I don’t like spam!

Man: Sshh, dear, don’t cause a fuss. I’ll have your spam. I love it. I’m having spam spam spam spam spam spam spam beaked beans spam spam spam and spam!

Vikings (singing): Spam spam spam spam. Lovely spam! Wonderful spam!

Waitress: Shut up!! Baked beans are off.

Man: Well could I have her spam instead of the baked beans then?

Waitress: You mean spam spam spam spam spam spam… (but it is too late and the Vikings drown her words)

Vikings (singing elaborately): Spam spam spam spam. Lovely spam! Wonderful spam! Spam spa-a-a-a-a-am spam spa-a-a-a-a-am spam. Lovely spam! Lovely spam! Lovely spam! Lovely spam! Lovely spam! Spam spam spam spam!


People have heard about sharepoint, some people have heard about exchange…. Not difficult to miss if you consider the marketing engine that is behind it. Microsoft is desperately trying to change its business model now that Linux has become an low-cost alternative for people that are not wanting to pay for something that should be free.

The idea behind sharepoint is to tie people into an eco-system that will generate a future-proof eco-system. It took linux years to become ready for the mass market. Now that it is, Windows is only there for specific needs or for the ignorant. The only way windows will survive in the future, is to make it free for the masses.

Now this takes away a revenue stream for Microsoft. So they positioned a new one. Sharepoint is there to surplant Exchange, and to make people dependent.

Here are a few alternatives that already exist on the market (Article on groupwares).

LDAP install guide CentOS

At first sight a good explanation on setting up an ldap on a CentOS machine.

First we start looking at a low profile CentOS machine to activate on my ESXi. Follow these steps:

1) Getting CentOS:

2) Preparing the ESXi instance:

3) Installing CentOS:

4) Installing LDAP:

5) Testing LDAP:
… to be done … I will update the article once finished.

e.g.: http://vuksan.com/linux/LDAP_authentication_under_Linux.html

Single account management

My goal is to set-up a service that can replace my AD server or my Mac OS X server.

First requirement:

All user-account log-ins are stored on a central password server.
Users can log-in from Mac OS X machines using the password on the password server.
Users can log-in from Windows machines using the password on the password server.
Users can log-in on Apache configurations using the password on the password server.

Auxiliary requirements:

Home folders are configured on the password server.
Home folders are configured on the password server but residing on a third server.
Users can log-in from Unix machines using the password on the password server.

Final goal:

Allow unlimited window users on a domain without buying individual CALs.
Replace Mac OS X server to run on commodity hardware.

Comments and remarks are welcome.

Internet explorer officially dead

On web-sites for IT professionals, we see the Microsoft market share declining since a couple of years. Depending on target audience, we see Firefox taking somewhere in between 50% to 80%. However, statistics are statistics, and huge differences can be seen based on who is metering. In Germany/Finland, the public as a whole use open source browsers. In the Netherlands, UK, US, a lot of African countries, … you see a larger portion of the population using Internet Explorer. Everyone uses his/her own statistics to prove a point. Now, everyone seems convinced the trend is final and the world has gone one leap forward in being open and free.

Some reading: http://www.networkworld.com/news/2010/100510-microsoft-ie-browser-firefox-chrome.html.

Remark: Micrsoft did not acknowledge, they are still buzzing around new versions and contesting figures at the same time. At least the press is convinced and most professionals know.

Programming quotations

A nice list of programming quotations: http://www.linfo.org/q_programming.html. A good read.

I like these:
C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do, it blows away your whole leg. — Bjarne Stroustrup

Managing programmers is like herding cats. — unknown

Simplicity is prerequisite for reliability. — Edsger Dijkstra