google maps + fcc cell tower locations
www.cellreception.com
use it
Less
More
Archive for July, 2005
If your /var/lib/portage/world file is suddenly empty and you don’t know what to do, run
regenworld
It’ll save your ass!
In New Security Move, New York Police to Search Commuters’ Bags
If I get “randomly” picked I’m not sure if I’d resist… I can’t see how these searches can be considered reasonable. I’m in disbelief that the ACLU and NLG both gave up their legal fights against the policy.
Last year at HOPE the EFF gave out these little CC sized slips of paper that said “I do not consent to this search…” with a copy of the 4th amendment and blank lines for my name and the current date. They were neat to carry around in my wallet for a while but I never thought I’d get the chance to use them!
For everyone coming from gentoo-wiki.com, notice that my site is licensed under a CC license. Feel free to take this article, just give me attribution. Thanks!
1. Sign up to an account with cacert.org.
2. Set up openssl:
cd /etc/ssl/
nano -w openssl.confYou may add your information to the following lines, adding in new fields where appropriate:
countryName_default = US
stateOrProvinceName_default = New York
localityName_default = Brooklyn
0.organizationName_default =
commonName_default = www.cryptocity.net
emailAddress_default = dguido@gmail.com
3. Generate a certificate signing request for your domain:
cd /etc/apache/conf/ssl/
openssl genrsa -out www.cryptocity.net.key 1024
openssl req -new -key www.cryptocity.net.key -out www.cryptocity.net.csr
4. By this point you should have received the verification e-mail from cacert.org. Check your e-mail and verify your account now.
5. Log in to cacert.org and go to Domains -> Add to add your domain. Add your domain as: “cryptocity.net” not “www.cryptocity.net”. Make sure the administrative and technical contacts for your domain point to your current e-mail address. If they do not, you will have to change them with your registrar/dns server before completing this step.
6. Once your domain has been added and verified, go to Server Certificates -> New and paste a copy of the www.cryptocity.net.csr into the form. cacert.org will reply with a server certificate. Save this as www.cryptocity.net.crt in /etc/apache/conf/ssl/.
7. Now see here’s the thing with Named Virtual Hosts and SSL. SSL wants to begin encrypting immediately, but Apache doesn’t know what Named Host it should look at for SSL options because it didn’t get a hostname yet, so you get stuck in a bit of a chicken and an egg problem. What this means is that if you’re using Named Virtual Hosts, you can only have ONE VirtualHost running on port 443. If you wanted you could set up other encrypted hosts on different ports also. So first let’s set up some general SSL options in the /etc/apache2/conf/modules.d/40_mod_ssl.conf:
<IfDefine SSL>
<IfModule !mod_ssl.c>
LoadModule ssl_module extramodules/mod_ssl.so
</IfModule>
</IfDefine><IfModule mod_ssl.c>
Listen 443
<IfModule mod_mime.c>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfModule>SSLPassPhraseDialog builtin
SSLSessionCache shm:/var/cache/apache2/ssl_scache(128000)
SSLSessionCacheTimeout 300
SSLMutex file:/var/cache/apache2/ssl_mutexSSLRandomSeed startup builtin
SSLRandomSeed connect builtin</IfModule>
8. Now we need to set up that ONE VirtualHost I talked about in the last step. What I did was take the one VirtualHost I wanted to encrypt and copied most of its options into a new file and then modified it to come up with this in /etc/init.d/apache/conf/modules.d/41_mod_ssl.default-vhost.conf
<IfDefine SSL>
<IfModule !mod_ssl.c>
LoadModule ssl_module extramodules/mod_ssl.so
</IfModule>
</IfDefine><IfModule mod_ssl.c>
<VirtualHost www.cryptocity.net:443>
DocumentRoot “/var/www/www.cryptocity.net/”
ServerName www.cryptocity.net
ServerAdmin dguido@gmail.com
ErrorLog logs/ssl_error_log#Most of these Directory containers should be like normal…
<Directory /var/www/www.cryptocity.net>
Options -Indexes -FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory><Directory /var/www/www.cryptocity.net/WebSVN>
DirectoryIndex wsvn.php
</Directory>Redirect permanent /gallery http://www.cryptocity.net/gallery2
<IfModule mod_log_config.c>
TransferLog logs/ssl_access_log
</IfModule># Now we get to some SSL-specific options
# Turn SSL on for this host
SSLEngine on# all is a shortcut for SSLv2, SSLv3, and TLSv1.
# I don’t want v2
SSLProtocol all -SSLv2# This only allows HIGH and MEDIUM ciphers
# To check what this means on your particular server
# log in with ssh and type ‘openssl ciphers -v HIGH:MEDIUM’
SSLCipherSuite HIGH:MEDIUM# These are the certificates we made…
SSLCertificateFile conf/ssl/www.cryptocity.net.crt
SSLCertificateKeyFile conf/ssl/www.cryptocity.net.key# StrictRequire means that for all directories
# that have SSLRequireSSL on them, you cannot
# bypass the encryption by perhaps using Basic
# Authentication and then putting a Satisfy any
# directive in the .htaccess. It forces you
# under all circumstances to use SSL
# OptRenegogiate allows Apache to accept connections
# that have already been established without
# redundantly regenogiating them
SSLOptions +StrictRequire +OptRenegotiate# I removed some filetypes from here that
# I know aren’t on my server. This is an
# expensive option to enable
<Files ~ “\.(cgi|php?)$”>
SSLOptions +StdEnvVars
</Files><IfModule mod_setenvif.c>
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown$
downgrade-1.0 force-response-1.0
</IfModule><IfModule mod_log_config.c>
CustomLog logs/ssl_request_log “%t %h %{SSL_PROTOCOL}x %{SSL_CI$
</IfModule><IfModule mod_rewrite.c>
RewriteEngine On
RewriteOptions inherit
</IfModule></VirtualHost>
</IfModule>
9. You can use ‘Redirect permanent https://www.yourserver/directory_you_want_encrypted’ and an htaccess file that says SSLRequireSSL to force connections to go to your SSL VirtualHost.
10. Don’t forget to add -D SSL to your APACHE2_OPTS in /etc/conf.d/apache2 ! You also should change all your normal VirtualHosts from having :* to :80 if they weren’t already like that.
That’s it!
phobos / # /etc/init.d/shoutcast start
* WARNING: “shoutcast” has already been started.
phobos / # /etc/init.d/shoutcast zap
* Manually resetting shoutcast to stopped state.
phobos / # /etc/init.d/shoutcast start
* Starting Shoutcast Server … [ ok ]
That’s right MOTHERFUCKER!
So last week I managed to call Cingular so many times and ask for a better plan than they offered so many times that someone actually offered one to me.
$45/month for two lines + $15 for one additional line
500 Anytime Rollover Minutes
Unlimited Nights and Weekends
Unlimited Mobile to Mobile
I ordered 3 new phones: A Nokia 6230, a Motorola V551, and a Motorola V180. I got them yesterday and activated them last night.
I went online and checked everything out on Cingular.com to make sure my plan and all the phones were in order. Something looked off. It gave me a table like this:
5163593208 44.99
5164566234 14.99
5164563806 14.99
So I figured I’d call customer service in the morning and make sure my plan was what I ordered and agreed to and not what was being incorrectly displayed online.
So I called them from my brand new Nokia 6230 and was told that no such plan exists and I was on a plan for $75 TOTAL. After this, my phone proceeded to disconnect from customer service 6 times in one hour all while each customer service rep refused to forward me to a manager and NEVER ONCE gave me the correct number to a different department. I had them check the plans they offered before June 1st which have since gone out of effect to see if someone offered me a grandfathered plan. They didn’t. There simply NEVER was a plan such as the one I described.
At this point I thought maybe I ought to fix my NEW Nokia 6230 because I can’t do anything if I keep getting disconnected. I switched my SIM card into the Motorola V551 which I had handy and called them back from that. I had them give me the number for Secondary Sales which would supposedly replace my phone without charging me any money. Over the course of this debacle I was given 5 different phone numbers:
866 391 0749
800 801 1101
866 867 5379
1 800 735 8556
1 800 866 1514
Right now, I would like you to call 866 867 5379. Why? Because it’s a PSYCHIC HOTLINE!
So I finally got the correct number for the department I’m looking for (866 650 1836) and as soon as I finish telling the person what is wrong and what I’d like done, I get disconnected with the Motorola V551, with full service…
And now… I’ve given up for the day and will try again tomorrow.
Every Sunday this group of medieval revivalists get together in this town in Canada and have this ultra-nerdy LARP-like battle. Last Sunday Zombies showed up 
http://www.boingboing.net/2005/07/05/nerdwar_dders_with_d.html
svn+ssh is a bitch on windows. I will post a guide tomorrow as I have only figured it out now, after 4 hours of turmoil. I was alerted to the solution by this document: http://www.pri.univie.ac.at/index.php?target=main&command=show&CEWebS_what=Eclipse~43~Subversion
EDIT: Someone already went through most of the trouble for me: http://blog.ibao.net/debian/2005/05/27/using-subversion-and-eclipse-in-windows/
Original Doc: http://mah.everybody.org/docs/ssh
This assumes you have a Linux server and a Windows desktop, although it also includes instructions for setting up an agent on Linux.
1. On your linux server, enter this and follow the prompts. Use a long passphrase. The defaults are fine.
ssh-keygen -t rsa
2. Now you should have two files: id_rsa (your private key) and id_rsa.pub (your public key). You shouldn’t leave these lying around so promptly copy them off your Linux server and delete the originals. Protect your id_rsa file with your life.
3. Say I want to login to ‘phobos’ using my new ssh keys. SSH normally to phobos and open ~/.ssh/authorized_keys with an editor. Paste the contents of your local id_rsa.pub into the remote authorized_keys. Then do chmod 644 on the authorized_keys file and chmod 700 on ~/.ssh. Logout, you’re done. Do this for any servers you want passwordless logins to.
That’s it on the server side, everything is all set up. Now you need to instruct your desktop to automatically load your rsa key into memory and tell SSH to use it when you log in. If you’re running Linux from a console, you should use ssh-agent. If you’re running Linux with Gnome, you should use Seahorse. If you’re running Windows, you should use Pageant.
ssh-agent
Here is a bash script to add to your ~/.bash_profile that starts ssh-agent on login:
SSHAGENT=/usr/bin/ssh-agent
SSHAGENTARGS=”-s”
if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
eval `$SSHAGENT $SSHAGENTARGS`
trap “kill $SSH_AGENT_PID” 0
fi
After you put that script into your .bash_profile, logout and in again and add your key to ssh-agent using ssh-add:
ssh-add ~/.ssh/id_rsa
Pageant
Install the entire Putty Suite. Open Puttygen and use it to load your id_rsa private key. Resave it as a Putty Private Key (.ppk). Also protect your ppk with your life (it’s the same file as id_rsa, just in Putty format). Open Pageant and load your new ppk. You may now start a session with Putty or the right-click menu of Pageant in the taskbar and it will use your key to do logins. Pageant will automatically load your keys on login if you add a shortcut to your Startup folder in the following form: “C:\PuTTY\pageant.exe C:\PuTTY\id_rsa.ppk”
Seahorse
apt-get install seahorse. Figure it out.
It’s huge, go grab a cup of coffee.
http://www.onlamp.com/pub/a/onlamp/2005/06/30/artofprog.html
