The Good the Bad and the Ubuntu#
Mon, 18 Feb 2008 01:02:16 +0000
Nothing particularly insightful in this post.
I've had a weekend off. Well, a weekend off doing proper paid work, so I spent Satuday installing IMAP services for the LFNS and moving the marshals forum onto a new machine. And then today I decided would be a good time to install the external USB audio box I bought, er, slightly before Christmas.
Should anyone find this through google, it's a Toshiba 5.1 Audio &
USB 2.0 LAN Hub and
the chief weapon is CONFIG_USB_EHCI_TT_NEWSCHED
in your kernel
config, otherwise you get complaints that it can't allocate bandwidth.
The two weapons are CONFIG_USB_EHCI_TT_NEWSCHED
and a low-latency
kernel, otherwise you get really evil distortion and dropouts.
Eventually I installed Ubuntu Studio to see what that was like, and
found that, really, it's just like Ubuntu ever is: looks very pretty
and has completely utterly fucking useless error messages whenever
anything is wrong. Since for legal reasons it doesn't support
encrypted DVDs out of the box some of these "wrong" situations must be
astonishingly common, too.
Look, error reporting is not rocket science. It doesn't matter if the error message is not going to be something that the end-user(sic) can understand, unless the error situation is such that the end-user can fix it without asking for help. But chances are they're screwed anyway and you need to write the error message with their local geek in mind. That means: what the app was actually doing, the full filename involved if there was file access being attempted, and the errno value if a system call was involved. The Ubuntu philosophy of putting up some dumb message along the lines of "could not access the resource" which doesn't even distinguish between "unix permissions on the cdrom device are wrong", "can't open your sound device", "you don't have libdvdcss" or "this disc is mounted and therefore busy, no, you can't play it" is - well, it's like the difference between a sick ten year old and a sick infant: one of them can tell you what's wrong, the other just carries on wailing and lets you run through the options.
Once I'd got it together again and then persuaded vlc to display on the area of the screen which equates to fullscreen on the TV set (laptop display is 1024x768, tv set is 800x600), I watched the Dr Who Christmas special that's been sitting on my disk since it was shown. Made me laugh, which is nice.
Another thing that made me laugh is this . If you can't
spot what's so funny, the clue is that HTTP_X_FORWARDED_FOR
(which
they're using to authenticate the session id's not a stolen one) is
taken from an HTTP request header - i.e. it's set by the client. And
session ids appear in referrers often enough to make the actual
stealing simple too.
In fairness I should point out that more recent versions of phpbb have
removed this hole: the only occurence of HTTP_X_FORWARDED_FOR
that
grep can find in the most recent 2.x is in a comment
// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as // private range IP's appearing instead of the guilty routable IP, tough, don't // even bother complaining ... go scream and shout at the idiots out there who f eel // "clever" is doing harm rather than good ... karma is a great thing ... :) //
Which, er, I'd say "words fail me" except that it wouldn't be true. I can think of lots of words describing the attitude that must have led to this outburst, but all of them are rude and some of them you probably weren't expecting I knew.
In other news, I dismounted from my bike rather clumsily on Friday afternoon and stabbed my inner thigh with the saddle. Which is something of a step back - it hurts just like it ever used to, so I think that probably confirms the original cause of injury. Though, one assumes, I did it harder the first time.