To vote or not to vote?

I have always voted myself, but these sorts of “you should vote” arguments always leave me feeling a bit uneasy.

Here are just some of the reasons the president and others give for voting:

(1) It is your civic duty/responsibility to vote. Hmmmm. I have all sorts of responsibilities that I have taken upon myself: to work at the university, to pay my mortgage, to provide for my family, etc., etc. But a “civic” responsibility isn’t something that I choose, rather it is something that is forced upon me by society. I reject that such duties can be legitimately imposed on a free person. I have no duties except those that I voluntarily choose to have.

(2) Voting matters. This is most certainly and obviously true in the aggregate. Who can doubt that the world we live in today is very different with W as president than it would have been had Gore been elected? But voting advocates claim not only that the outcome of the election is important (it clearly is) but that your individual vote is important. It clearly is not. To put it bluntly, your vote will not matter. Here I reasonably define “matter” to mean “affect the outcome of the election.”

Furthermore, this is a good thing! We have a name for places where one person’s vote matters: Dictatorship. The whole idea of liberal democracy is based on the notion that we need to diffuse power among “the people” and not concentrate it in the hands of the monarch or dictator.

(3) Democracy is a good thing. Actually I agree with Michael Munger that democracy is overrated but at the same time I think it is worth something. All things being equal, I’d rather live in a democracy than a dictatorship (unless I’m the dictator that is).

But why is this an argument for you to vote? Surely the democracy can survive without your vote. It already does with only about 50% voter turnout in the U.S.–less in many other countries. At some point, I suppose, if voter turnout gets too low it could call into question the legitimacy of the system, but I don’t think we’re anywhere near this point.

[UPDATE: I thought of one more reason that you sometimes hear but is often not spoken aloud.]

(4) Voting to get goodies for yourself. Very often voting advocates, at least when speaking to a targeted audience like young people, will argue that they need to vote to protect programs that benefit them such as student loan programs, etc. While I admit to liking the honesty of this approach–you should vote in order to steal from everyone else–it is morally repulsive. Voting, if it has any value at all, should be about providing for things of common interest like national defense. If you vote simply to get more stuff for yourself, then you’re just participating in theft pure and simple.


So why do I vote if I reject most of the usual reasons for voting? Simple. It makes for good coversation with other people. Voting is sort of like talking about the weather. Talking about the weather really doesn’t matter–it’ll rain no matter what we say about it–but it’s something we enjoy doing. That’s how I feel about voting. (That and I like the little “I voted today!” stickers they give out.)

Bottom line: Vote or don’t vote. It really doesn’t matter much one way or the other.

How they did Presidential debates back in 1907

Forget Donald Trump or Hilary Clinton.. what was the Presidential debates like in 1907?

The Democrat(ic?) party selected William Jennings Bryan to run for President in 1908. The party chose their candidate in 1906. At this time, a century ago, the Republican party hasn’t chosen their candidate (at least not publicly), although there are a number of contenders. One being Albert J. Beveridge.
The timing of presidential politics in 1906-1908 is interesting. The campaign of 1908 seems to have started earlier than most presidential campaigns I can remember – save for the seven Democrats running in 2003. I am not a presidential historian, but I’d wager it took much longer to campaign in the past as communications and transportation technology were less efficient. Further, from what I have read about the debates between politicians from that era (and earlier), it seems that the debate was oftentimes more in-depth, and perhaps honest, than today; thereby requiring a little more time than a YouTube video. Finally, as many in today’s media and society seem shocked that the 2008 presidential campaign seems to be in second, if not third, gear, it is informative (at least to me) to see that the long-campaign is nothing new in our history.
The Feb. 26, 1907 NYT reports on a written “debate” between Mr. Bryan and Mr. Beveridge which was printed in Reader Magazine, focusing, in part, on the role of the states relative to the federal government. It is interesting that Bryan would “debate” with a presidential candidate (not nominee) of the other party so early in the campaign – such interchange today would be so refreshing it might actually be terrifying. Perhaps the willingness of Bryan to engage Beveridge in debate is a signal of the strength of Bryan’s (and Beveridge’s) convictions?

See if you can identify the candidate by their language:

1.

A systematic absorption of power by the Federal Government would not only cause discontent and weaken the attachment of the people for the Government, but a withdrawal of power from the State would breed indifference to public affairs – the forerunner of despotism.The further the legislative body is from the community affected by the law, the easier it is for special interests to control. This has been illustrated in State Legislatures when long-time charters have been granted to franchise corporations by the votes of members whose constituents, not being interested, do not hold them to strict account, and it would be worse if Congress acted on the same subjects.

2.

Every corporation, so great that its business in Nation-wide, is championing State rights. Every railroad that has felt the regulating hand of the Nation’s Government, is earnestly for State rights. Every trust attorney is declaiming against the dangers of centralization. Do you know who is not? I do not say that all advocates of State rights are trust attorneys, but all trust attorneys are advocates of State rights.We are one people, speaking one language, living in one country, under one flag. What affects one of us, affects all of us. Most of the evils that develop among us are common evils, to be reached only by a common remedy. Scarcely any evil is confined to one State. It is clear that where an evil is general, States acting separately cannot uniformly attack it; and it is a fact that in the case of every general evil the States, acting separately, never have uniformly attacked it. The American people alone, acting in common – that is, acting as a Nation – can destroy evils which affect them in common – that is, affect them as a Nation.

Answer…

1. William Jennings Bryan
2. Albert J. Beveridge

Wow.

To Protect and Serve: Open WiFi

I had to go to the airport early this morning and on the way back I thought I’d swing by the Apple Store in Emeryville at an hour well before anything should have been open,  to see if I could get a price check of one of those fancy Ipad pros everyone keeps on going on about.

As I drove down the strangely empty road separating the Bay Street shops I saw that the only car was a police car sitting right in front of the Apple Store. I wondered if Apple was so popular now that it required 24-hour police protection from lunatic Mac-addicts.

But then I saw that the police officer had a ipad pro propped up on his steering wheel and he was intently staring at the screen and typing away.

“HE’S STEALING FREE WIFI!” I internally exclaimed.

It makes sense that Apple would set up a wireless base station so that all their display computers could be on the net, and it seems likely it would leak out to that parking spot directly in front of the store. The surprise was that the Apple Store is either running wide open and the cop figured out that he had found something better than free donuts, or the Apple Store, hoping for a little police goodwill, could have added his MAC address or given him the WEP key.

In a world where law enforcement believes its ok to share open WiFi spots, it’s hard for the rest of us to believe otherwise.

To Whom Is Free Software Relevant?

I have been roaming the internet and I have found an old blog post on  r0ml.net, which say the following:

Availability of the source code is probably only relevant to computer programmers. After all, if you aren’t a programmer, what would you do with source code? In which case, a freely copyable binary would be equivalent to freely copyable source code. The ability to do something with the source code (i.e. to create a derivative work), is something only a programmer could do. Strikes me as the definition of a programmer. Yes, I know that benefits might accrue to the non-programmer indirectly, but conceding that there are no direct benefits to most people doesn’t seem like a great debating point.

We know that only 2.4% of the population are employed in “computer and mathematical occupations”. Which would seem to put an upper bound on the number of people to whom Free and Open Source Software would be relevant. And any movement which can only possibly be relevant to such a small fraction of the population is going to have difficulty garnering widespread support, or even interest.

While I am interested in the topic he goes on to discuss later, whether or not universal programming literacy ought to be a goal of our society, I think these first paragraphs go too far.

Availability of source code is extremely relevant to the non-programmer. The most important example of why is vendor lock-in, a serious problem with proprietary software, and nearly impossible with free software.

If I have to use a piece of software, either to operate this blog or to run part of my business, and I have a choice between a proprietary program (or even a no-cost binary provided without source) where any problems I have can only be solved by the software’s author, who is the only person with source code access, versus a piece of free software where I have access to the source code, and even though not a programmer myself, where I can hire any competent programmer to solve my problems with the software for me, I would, other things being equal, always choose the latter.

Free software creates a competitive market in software services because the code is available for anyone to examine and modify. That means even if I myself can’t modify it to any useful effect, I can at least enter a competitive marketplace of those who can. With proprietary software if I want my problem solved, and if I’m not an important enough customer I may even be ignored. If they are willing to help me, then the proprietary software owner can charge monopoly prices for the fix I want.

This reason alone makes free software extremely relevant to the non-programmer. It removes the proposed upper-bound on to whom free software is relevant, and gives a good reason why free software is having no problem garnering widespread support and interest. I don’t expect that I have to explain this to r0ml, but as I said, those two paragraphs seemed to overstate the situation.

The Even More Perfect Debian Sarge Setup

Falko Timme at howtoforge.com has a number of excellent howtos on setting up GNU/Linux servers. I have learned much from using his Perfect Setup for Debian Sarge 3.1.

However, when I finish his perfect setup, there remain a few things that I think essential to do, particularly regarding security. There are an increasing number of dictionary attacks against ssh servers that should be addressed. I do the following:

# apt-get install logcheck
edit /etc/logcheck/logcheck.conf to change the SENDMAILTO=”your@email.address” line to include your email address so you can be notified of suspicious log activity.

To actually ban those ssh attackers, I love a program called fail2ban that is currently in Debian unstable, but not in stable. I prefer to install it without messing with my apt sources by browsing ftp://ftp.debian.org/debian/pool/main/f/fail2ban/ and noting the filename of the latest version. Then

# wget ftp://ftp.debian.org/debian/pool/main/f/fail2ban/fail2ban_0.6.0-2_all.deb
# dpkg -i fail2ban_0.6.0-2_all.deb

Then I edit /etc/fail2ban.conf and change the maximum failures allowed from 5 to 3 and the time (in seconds) that the failed IP is banned from 10 minutes to a little over two months. Also, set up the section entitled [MAIL] to notify you of the bans.

maxfailures = 3
bantime = 6000000

[MAIL]
enabled = true
from = fail2ban@your.domain.com
to = your@email.address

# /etc/init.d/fail2ban restart

Next, edit /etc/ssh/sshd_config and add the usernames of anyone authorized to have ssh access:

AllowUsers user1 user2 user3

Then, perhaps it’s the nascent attorney in me, but I like to put the SSH attackers on notice that their unauthorized access attempts are not welcome. In the same
sshd_config file, uncomment

Banner = /etc/issue.net

Then edit /etc/issue.net to contain only the following text:

If you are not authorized to access this system, LEAVE NOW.
Access attempts will be logged. Unauthorized access will be prosecuted.

On servers that have excess processor cycles and bandwidth, it’s also nice to help out the Tor network by (at least) being a middle-man server. (Tor is free software that improves your privacy online and their network relies on volunteer servers.) I prefer to run the latest version and stay up to date, so modifying /etc/apt/sources.list is the way to go. Add:

deb http://mirror.noreply.org/pub/tor experimental-0.1.1.x-sarge main

# apt-get update
# apt-get install tor privoxy socat

Then to allow no more than 1 GB of traffic per day at an average rate no greater than 75 KB/s edit /etc/tor/torrc like so:

Nickname something-unique-like-your-hostname
ContactInfo Your Name <your AT email dot address>
BandwidthRate 75 KB
AccountingStart day 12:00
AccountingMax 1 GB

Then be sure to uncomment:

ORPort 9001
DirPort 9030
ExitPolicy reject *:* # middleman only — no exits allowed

# /etc/init.d/tor restart

Then make logcheck do a little more work for you by editing /etc/logcheck/logcheck.logfiles to include:

/var/log/tor/log
/var/log/daemon.log

After a few days, when you know the tor server is working correctly, you should register it. Send mail to tor-ops@freehaven.net with a subject of ‘[New Server] (your server’s nickname)’ and include the following information in the message:

  • Your server’s nickname
  • The fingerprint for your server’s key (the contents of the “fingerprint” file in your DataDirectory — on Linux/BSD/Unix, look in /var/lib/tor or ~/.tor)
  • Who you are, so the tor ops know whom to contact if a problem arises
  • What kind of connectivity the new server will have

Finally, you should implement some sort of backup process. Falko at howtoforge comes to the rescue again with his Automated backups with rdiff-backup. (Strangely, I can get remote backups to work like this fine, but backing up the backup server itself required me to resort to a root cronjob, despite different howtos describing two alternative ways to handle this. –Update: solved.)

Also, if you’re doing rdiff-backups across various GNU/Linux distributions it’s usually important to have the same version of rdiff-backup installed on each. In this event, you might not want to follow the installation instructions at howtoforge (just the subsequent configuration stuff). For manual installations, do this:

Step 1: Get Python dependencies (explained for Debian, but just do the equivalent for your distro).

# apt-get install python2.3 python2.3-dev python2.3-pylibacl python2.3-pyxattr

(Those last two are optional, but you might as well…)

Step 2: Get librsync.

# wget http://easynews.dl.sourceforge.net/sourceforge/librsync/librsync-0.9.7.tar.gz
# tar zvxf librsync-0.9.7.tar.gz
# cd librsync-0.9.7
# ./configure
# make
# make install
# ldconfig

Step 3: Get rdiff-backup.

# wget http://savannah.nongnu.org/download/rdiff-backup/rdiff-backup-1.0.4.tar.gz
# tar zvxf rdiff-backup-1.0.4.tar.gz
# cd rdiff-backup-1.0.4
# python setup.py install

Then you configure according to the howtoforge article linked above and you’ll be backing up in style.

When I get a chance I may also explain how to set up snort, portsentry, and spamassassin. I’ve also used Bastille in the past. For the security-conscious, that’s worth looking into as well.

Multiple WordPress blogs on a Debian server

This HOWTO assumes:

1. You have a server running at least Debian Etch (or are otherwise able to install the wordpress .deb).

2. Your server has Apache 2, MySQL, and PHP installed.

3. You want to use a single WordPress installation to host multiple blogs across several domains.

Ok, let’s get started.

Step 1: # sudo apt-get install wordpress

Handle a few pesky permissions problems with:

# sudo chown :www-data /etc/wordpress/*
# sudo mkdir /usr/share/wordpress/wp-content/uploads
# sudo chown www-data:www-data /usr/share/wordpress/wp-content/uploads
# sudo chown -R www-data:www-data /usr/share/wordpress/wp-content/themes

Step 2: Set up Apache 2 so that exampledomain.org points to /usr/share/wordpress —Here’s one way, and it also assumes you want www.exampledomain.org to redirect to exampledomain.org. You could modify this to have it redirect to blog.exampledomain.org if you want it to go there instead.


/etc/apache2/sites-available/exampledomain.org

<VirtualHost *:80>
ServerName www.exampledomain.org
DocumentRoot /var/www/www.exampledomain.org/
<Directory /var/www/www.exampledomain.org/>
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
</VirtualHost>

<VirtualHost *:80>
ServerName exampledomain.org
DocumentRoot /var/www/exampledomain.org/
<Directory /var/www/exampledomain.org/>
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
</VirtualHost>

# sudo a2ensite exampledomain.org
# sudo /etc/init.d/apache2 reload

# sudo ln -s /usr/share/wordpress /var/www/exampledomain.org

/var/www/www.exampledomain.org/.htaccess
Redirect / http://exampledomain.org

[Go online and confirm the redirect is working—don’t worry that you get a WordPress error. It’s not supposed to work yet.]

# cd /usr/share/doc/wordpress/examples
# sudo sh setup-mysql -n exampleuser exampledomain.com

Note that the username “exampleuser” must be no more than 16 characters (mysql limitation).

Step 3: Do the normal web-based WordPress install (I suggest going to Options|Miscellaneous and giving each blog a unique subdirectory for its uploads otherwise they’ll all be mixed together) and then repeat step 2 for each additional domain.

You’re done! A single Debian WordPress installation is now hosting multiple blogs!

Starbucks: Office Space for Pyramid Schemes?

I’ve been working from Starbucks today on the T-Mobile wireless, and I’m now, in less than four hours, sitting next to the second pyramid scheme pitch. The first one was amusing because it was incomprehensible what the product or service even being sold was. The entire discussion was motivational and about how much money could be made building your “team”. The current one at least has an identifiable product, but it makes me wonder just how prevalent this sort of thing is.

Perhaps high school (or at least some college course) should have a segment explaining why pyramid schemes always fail, because it appears they are alive and well in Starbucks, which is providing virtual office space to these hucksters.

Sony Laptop Locks Out non-Sony Battery

Yesterday I received a brand new replacement battery for my BRAND NEW Sony laptop. However this battery simply does not work anddoes not recharge. I have sinced learnt that this is because on some Sony Laptops sony have built in hardware locks that prevent people from using non sony batteries.

Some people, using Windows, are able to avoid this problem by using msconfig to delete the Sony program, ISBMgr.exe, that monitors for non-Sony batteries, but I am running GNU/Linux and not Windows. Some others using Windows also find that deleting the program doesn’t help because Sony has some hardware or BIOS method of disallowing any non-Sony battery. I think this must be the case for my model laptop.

I’m pondering who can be sued over this. Post your ideas on who the plaintiff(s) should be and what the claims should be in the comments. I’d also be happy with a technical fix, if anyone has one.

Installing a Rich Text Editor in Drupal

This was harder than it should have been as the instructions could be clearer that two separate downloads are required. I’ve summarized here:

I assume you have ssh or command line access to your host. If not, you could accomplish the same thing using ftp, but you’ll have to pay attention to what directory you upload into:

1. Install Drupal 6.x
2. Download the Drupal WYSIWYG part of FCKeditor from http://drupal.org/project/fckeditor
3. Extract that in sites/all/modules (you may have to create the modules dir) with tar -zvxf fckeditor-6.x-1.4.tar.gz
4. cd to sites/all/modules/fckeditor
5. Download the FCKeditor part of FCKeditor: http://ckeditor.com/download
6. Extract that in sites/all/modules/fckeditor/fckeditor [Yes, seriously.] with tar -zvxf FCKeditor_2.6.5.tar.gz
7. Go enable the FCKeditor module in the drupal admin section, it’ll be down below all the core modules in its own section.

Adding Mailman to Postfix with Virtual Domains

I am a big fan of the cut-and-paste howtos provided at howtoforge.com.

I’ve used something like falko’s howto on Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 10.10) in order to get a mail server with those features working on Debian Squeeze.

Then I wanted to add mailman in order to operate mailing lists.

The closest howto for achieving this is the one by Rich Brown, How to add Mailman mailing lists to Postfix under Ubuntu Linux when using virtual domains + virtual users.

I’m going to try to recount what I had to do to go from a working mail server with virtual users and domains (having completed a howtoforge.com howto) to get to that same setup to run mailman. Perhaps some of this was unnecessary, duplicative, or even wrong. But, the mailing lists are working now, so that’s something.

List domain preparation

If the domain that will host the lists is not already served by your setup, be sure you:

  • use phpmyadmin to create the domain example.com in the domains field. NOT lists.example.com!, and
  • add lists.example.com to your dns entry for example.com,

Mailman

As root:

# aptitude install mailman
# newlist mailman
# vi /etc/aliases

And add the following to /etc/aliases:

## mailman mailing list
mailman:              "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

# vi /etc/mailman/mm_cfg.py

and uncomment and/or appropriately edit the following lines:

DEFAULT_EMAIL_HOST = 'lists.example.com'
...
DEFAULT_URL_HOST   = 'lists.example.com'
...
MTA=None   # Misnomer, suppresses alias output on newlist
...
GLOBAL_PIPELINE.insert(1, 'SpamAssassin')

Apache2

create a new file: /etc/apache2/mods-available/mailman.conf that looks like this:

ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/

<Directory /usr/lib/cgi-bin/mailman/>
   AllowOverride None
   Options ExecCGI
   Order allow,deny
   Allow from all
</Directory>

Alias /pipermail/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
   Options Indexes MultiViews FollowSymLinks
   AllowOverride None
   Order allow,deny
   Allow from all
</Directory>

Alias /archives/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
   Options Indexes MultiViews FollowSymLinks
   AllowOverride None
   Order allow,deny
   Allow from all
</Directory>

Now add a symlink to this file so Apache will use your new Mailman aliases the next time it starts:

# cd /etc/apache2/mods-enabled
# ln -s /etc/apache2/mods-available/mailman.conf mailman.conf

Postfix

Create a new file, /etc/postfix/transport, which contains one line:

lists.example.com     mailman:

Then as root:

# cd /etc/postfix
# postmap transport

Finally edit /etc/postfix/main.cf – add these four lines to the end of the file:
relay_domains = lists.example.com
transport_maps = hash:/etc/postfix/transport
mailman_destination_recipient_limit = 1
unknown_local_recipient_reject_code = 550

Use phpmyadmin to add some aliases in the forwardings field:

mailman@example.com	mailman@lists.example.com
mailman-admin@example.com	mailman-admin@lists.example.com
mailman-bounces@example.com	mailman-bounces@lists.example.com
mailman-confirm@example.com	mailman-confirm@lists.example.com
mailman-join@example.com	mailman-join@lists.example.com
mailman-leave@example.com	mailman-leave@lists.example.com
mailman-owner@example.com	mailman-owner@lists.example.com
mailman-request@example.com	mailman-request@lists.example.com
mailman-subscribe@example.com	mailman-subscribe@lists.example.com
mailman-unsubscribe@example.com	mailman-unsubscribe@lists.example.com

Finishing up

# newaliases
# service apache2 restart
# postfix reload
# service mailman start

After some combination of the above and hopefully not forgetting anything–note my uncertainty there–mailing lists just started working! Go to: http://lists.example.com/mailman/admin/ and get started creating a test list to confirm everything is working.