Tief und Langsam, Baby!

Help to help Iran

Juni 16th, 2009

Okay, so there’s lots of you who are willing to set up their own SSH->Squid tunnels but don’t know how to do that. I’ll have to leave the house in a couple of minutes so I don’t have enough time to give instructions for every operating system / distro, but for Ubuntu (either virtual or not) it’s pretty simple:

• sudo aptitude install openssh-server squid
• Follow instructions on http://iran.sharearchy.com/ for how to edit Squid’s configuration file and then do “/etc/init.d/squid restart” (as those instructions also state)
• Edit /etc/ssh/sshd_config (i.e. into a terminal type “gedit /etc/ssh/sshd_config” and change the line “Port 22″ to read “Port 80″ or use some other number between 1 and 65535 that isn’t used (above 10000 you should be safe in any case). Similar to Squid, do “/etc/init.d/ssh restart”
• Using Ubuntu’s graphical tools (System->Settings->Users and Groups) create a new unpriviledged user, at best with a random password and write that down somewhere
• Send all your info (IP address of the server, username, password, port you chose and port of the Squid server, 3128 if you didn’t change it) to Austin Heap or whoever you know can pass it on. IMPORTANT: don’t communicate that information through any public channels as the Iranian security forces ARE watching!
• In the case that you’re using your home internet line for this, your router will have to be configured to forward the port you chose to the box that runs the proxy. For most routers this is easy and can be configured under something called “Virtual Servers” or “NAT”.

Freedom for Iran!

Help for Iran!

Juni 16th, 2009

With all the crap going on in Iran at the moment, some of us around the world are setting up proxy servers to help the people in Iran communicate among each other and also get info out to the world. However, simple HTTP proxy servers don’t cut it anymore since the Iranian government seems to be quick to block them.

The best thing right now seem to be SSH tunnels, which can be challenging to set up for not-so technically inclined users. For everybody within Iran who wants to go through such an SSH tunnel, a quick step-by-step guide. You’ll usually get an IP address, 2 ports (usually 80 and 3128), username and password (one distributor of these is Austin Heap). What to do with that info depends on the operating system you’re using.

Windows:

• Use BitTorrent to download http://iran.sharearchy.com/tunnel.torrent
• Read the Howto and run the tunnel.exe file which you got in the torrent
• Enter the info (ports, IP address, username, password) into the Tunnel program
• Configure your browser (i.e., Firefox) as per the instructions in the Howto

Linux, Mac:

• Open a Terminal
• Type this into it: “ssh -oPort=PORT1 -L PORT2:localhost:PORT2 USERNAME@IPADDRESS” - so for example: “ssh -oPort=80 -L 3128:localhost:3128 iran@80.25.15.30″ and press . After that it’ll ask you for the password
• Set your browser to use “localhost:PORT2″ (so, for example, “localhost:3128″) as the HTTP proxy

Please try to get this info into Iran by whatever means available to you.

Installing the Funambol bundled server under Ubuntu Server (AMD64) + MySQL + LigHTTPd

Mai 20th, 2009

After being burned by ScheduleWorld’s policy of first luring you in for free and then beginning to try and charge money, I decided to install Funambol myself and be done with all those synchronization headaches. Turns out installing funambol isn’t quite that easy, so for everybody interested as well, here’s a little step-by-step guide. You will need some command line literacy though.

1. Download funambol-7.1.1.bin (if, like in my case, you have a headless server, also download funambol-admin-7.1.0.tgz for your desktop/laptop)
2. Install the bundle. I went for /usr/lib/funambol as an installation directory, the default is /opt/Funambol. It shouldn’t matter much. Installation is started by issuing sh funambol-7.1.1.bin while ssh‘d into the server. From now on, I’ll assume the Funambol bundle to be installed in /usr/lib/funambol (and not /usr/lib/funambol/Funambol!)
3. If you don’t have it installed already, sudo aptitude install sun-java6-bin sun-java6-jre. This step isn’t theoretically necessary if you’re on a 32bit OS. Next, edit /usr/lib/funambol/bin/funambol to contain export JAVA_HOME="/usr/lib/jvm/java-6-sun" and export JRE_HOME=$JAVA_HOME at the top. Also change COMED=true to COMED=false somewhere around line 50 while you’re at it (this prevents the start/stop script from trying to start or stop the Hypersonic database, since we’re going to use MySQL). To save some space on the server, you can safely rm -rf /usr/lib/funambol/tools/jre-1.5.0. In order to keep track of things, I went into /usr/lib/funambol/tools and did ln -s /usr/lib/jvm/java-6-sun. (Also see the outdated https://core.forge.funambol.org/wiki/HOWTOInstallOn64bit)
4. Go to /usr/lib/jvm/java-6-sun/jre/lib/ext and download mysql-connector-java-5.1.7.tar.gz. The tar.gz should contain a file called mysql-connector-java-5.1.7-bin.jar which you have to put into the ext directory. All other contents of the tar.gz and the tar.gz itself can be deleted again. Now back into /usr/lib/funambol and there to edit ds-server/install.properties. Line 24 will have to be changed from dbms=hypersonic to dbms=mysql. Next, comment lines 63 through 67, uncomment lines 55 through 59 and make them fit to your needs. For me, they read as follows:

   
jdbc.classpath=../tools/java-6-sun/jre/lib/ext/mysql-connector-java-5.1.7-bin.jar
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost/SOME_DATABASE_NAME
jdbc.user=SOME_USER
jdbc.password=SOME_PASSWORD

   Save and close. If you haven’t already done so, create a mysql database with the same name, username and password as you specified in install.properties. That database will now be populated by calling the Funambol install script through bin/install. Just answer yes (”y”) everywhere, unless you don’t want the web demo, in which case you answer no to that question, of course. rm -rf tools/hypersonic to save yet a bit more disk space. (Again, there’s a slightly outdated page for this in the Funambol wiki - https://core.forge.funambol.org/wiki/BundleMyPSSQL)

5. Funambol itself should now run, which you can check by calling bin/funambol start. Check with ps ax | grep funambol and a visit to http://YOUR_SERVER:8080. If it doesn’t work for some reason and you need help, I can recommend #funambol on freenode.net with a tip o’ the hat to Reed there. The easiest way to make Funambol start automagically would be to ln -s /usr/lib/funambol/bin/funambol /etc/rc2.d/S99funambol.
6. In keeping the headline’s promise, as a last step LigHTTPd has to be configured now. I decided I wanted Funambol running in a subdomain, so I put this piece of configuration into /etc/lighttpd/conf-available/funambol.conf:

   
$HTTP["host"] =~ “^(funambol\.).*$” {
proxy.balance = “fair”
proxy.server = ( “/” => (
(”host” => “127.0.0.1″, “port” => 8080, “fix-redirects” => 1)
))
}

   After symlinking it into conf-enabled and restarting lighttpd, you should be rid of the :8080 in the URL. Now would be a good time to install the Funambol Admin in your desktop and read funambol-installation-and-configuration-guide-v7.1.pdf to find out how to change the default admin password.

Happy configuring and drop me a comment or an email (anything @ this domain) if you feel like it :-)

Updates:

• Disable automatic user creation: Open the Funambol Administration Tool, login to your server, go to Server settings and change the Officer entry to com/funambol/server/security/DBOfficer.xml
• A note on MEM_OPTS: when running Funambol in a vserver (as I do), you may very well run into memory problems. The way it works for me now is to set MEM_OPTS="-Xmx32M" in ctp-server, inbox-listener and pim-listener, but set it to 192M in funambol-server.
• HTTP status code 417 when using SyncEvolution: That seems to be a known bug with SyncEvolution, but the corresponding SourceForge bug tracker entry is disabled for some reason. I’ve opened a thread on the Funambol forum to maybe get some help with this. In the meantime, port 8080 will do.

Duschgedanke Licht und Schatten

Mai 18th, 2009

Wollte man -zu welchem Zwecke auch immer- eine unendlich große Menge Licht ansammeln, so bräuchte man sich nur um eine unendlich große Menge Raum, sowie eine unendlich große Menge Zeit kümmern. Da aber nun Raum als auch Zeit (zumindest in diesem Universum) eindeutig endlich sind, folgt daraus, dass Licht immer gegen Schatten, Leben gegen Tod, Gut gegen Böse wird anzutreten haben. Dies ist eine Wahrheit unserer Existenz, mit der wir uns entweder abfinden, oder an der wir zugrunde gehen können.

Kam so über mich…

Blue Skies

März 22nd, 2009

Blue skies, smilin’ at me
Nothin’ but blues skies do I see

[...]

Those blue days, all of them gone
Nothin’ but blue skies from now on

[...]

—Louis Armstrong

Today you could say I flew for the first time. That’s not counting the being-allowed-to-participate in the flight my grandmother got for her sixty-somethingth birthday, or all the airline flights that have become part of “normal” life nowadays. Instead, I flew in a Cessna 172 in a bid to find my vocation. (I’ll also do a one-week course in Egyptian Arabic at the end of April and visit the HGB Leipzig school of photography on my next return from Dresden.) But this flying thing … really struck a nerve. Don’t get me wrong — it was actually far from what I had expected. For example, you’d think an airplane as small as that Cessna might be frightening a bit, but far from it! Instead you feel so safe it is almost unreal, as if some mighty, docile giant was all around you, caring for your well-being. Indeed I would recommend anyone, especially people afraid of great heights I guess, to book a flight in such a small airplane at least once in their lives. It is fascinating in many a way, mostly because you feel so alive, because you feel that the air doesn’t ask who you are, it just accepts you as another traveller and carries you toward your destination. And at the same time it is a very humbling experience because you realize how much one has to learn to be able to operate such an aircraft, but also because you realize in awe the value of life itself and the world below you… that really makes you be left awestruck afterwards. I only wonder how the heck can anyone ever learn to be comfortable with all the instruments, having to steer the airplane and, most of all, having to navigate at the same time. Like all things, it is probably just practice.

lolbat!

März 18th, 2009

Live long and prosper, Brian! (RIP March 17, 2009; via Universe Today)

There is no strength in numbers, but …

März 3rd, 2009

Ein netter Mensch hat auf YouTube freundlicherweise eine ausführliche Erklärung bereitgestellt, wie man Uriah Heep’s “Lady in Black” auf der Gitarre spielt. In den Kommentaren zu dem Video ist aber auch die Rede von Verständnisschwierigkeiten mit dem (englischen) Text des Liedes, also hab’ ich mich mal an einer Übersetzung versucht — ohne Anspruch auf Richtig- oder gar Singbarkeit.

Sie kam zu mir eines Morgens,
eines einsamen Sonntagmorgens.
Ihr langes Haar fliessend
im Mitt-Winter-Wind.
Ich weiß nicht wie sie mich fand,
denn ich wanderte in Dunkelheit,
und Zerstörung lag um mich herum
von einem Kampf, den ich nicht gewinnen konnte.

Ah-haa-aah …

Sie bat mich dann meinen Feind zu nennen.
Ich sagte es sei das Befürfnis mancher Menschen,
zu kämpfen und zu töten ihre Brüder,
ohne an Liebe oder Gott zu denken.
Und ich flehte sie an, mir Pferde zu geben
um meine Feinde niederzutrampeln.
So begierig war meine Leidenschaft,
diese Verschwendung von Leben zu verschlingen.

Ah-haa-aah …

Aber sie wollte nicht an Kämpfe denken, die
Menschen zu Tieren reduzieren.
So einfach zu beginnen,
jedoch so schwer zu enden.
Denn sie ist die Mutter unserer Männer,
die mich dann so weise beriet.
Ich fürchtete mich wieder alleine zu gehen,
und fragte, ob sie bleiben würde.

Ah-haa-aah …

Oh Lady, reich’ mir deine Hand sogleich,
und lass’ mich hier an deiner Seite ruhen.
Hab Glaube und Vertrauen
an den Frieden, sagte sie,
und füllte mein Herz mit Leben.
Es liegt keine Stärke in der Überzahl (?),
mach’ dir keine solch falschen Vorstellungen.
Aber wenn Du mich brauchst,
sei versichert, dass ich nicht weit weg sein werde.

Ah-haa-aah …

Als sie so gesprochen hatte, wandte sie sich ab
und obwohl ich keine Worte zu sagen fand,
stand ich da und schaute, bis ich sah
wie ihr schwarzer Umhang verschwand.
Meine Last ist um nichts leichter,
aber jetzt weiß ich, dass ich nicht alleine bin.
Ich finde jedes Mal neues Herz,
wenn ich an diesen windigen Tag denke.
Und wenn sie eines Tages zu dir kommt,
trink’ tief aus ihren so weisen Worten.
Nimm’ Mut von ihr
als deinen Gewinn
und richt’ ihr Grüße von mir aus.

Ah-haa-aah …

Inscription For The Ceiling Of A Bedroom

November 28th, 2008

By Dorothy Parker (via Entro, thanks for that)

Daily dawns another day;
I must up, to make my way.
Though I dress and drink and eat,
Move my fingers and my feet,
Learn a little, here and there,
Weep and laugh and sweat and swear,
Hear a song, or watch a stage,
Leave some words upon a page,
Claim a foe, or hail a friend—
Bed awaits me at the end.

Though I go in pride and strength,
I’ll come back to bed at length.
Though I walk in blinded woe,
Back to bed I’m bound to go.
High my heart, or bowed my head,
All my days but lead to bed.
Up, and out, and on; and then
Ever back to bed again,
Summer, Winter, Spring, and Fall—
I’m a fool to rise at all!

On the Altruism of Nihilism

November 19th, 2008

You’re abducted and anesthetized. While you’re in wonderland, marvelling at the more pleasant effects of certain drugs, somebody removes one of your organs and dumps you on the street, not far from a hospital (at least). You’re picked up quickly enough so that the hospital can stabilize you for the time being. Doctors estimate they’ll be able to keep you alive for a couple of weeks, or months perhaps. If you’re lucky, maybe someone will donate you a replacement organ, but oh boy, you know how it goes with immunoresistance matters. During day two of your misery, police show up at your bed and inform you that the evildoer has been caught. Unfortunately, you are informed, your organ was already used to save somebody else’s life, a friend of the surgeon’s who had stolen it.

This situation faces you with a dilemma: assuming that is at all possible, do you demand your organ back — thus condemning the unknown receiver to death? Or do you accept faith, which equals the untimely termination of your own existence?

The immediate response to this question might be that anything should be done to reverse the original transplantation and return the organ to its rightful owner. But hold it! Have you ever considered how to define humanity? A better time for doing so might not present itself easily. And after all, aren’t us humans an enlightened people? And would not demanding the return of the organ be most unkosher; definitely be bad karma?

Now consider this: the highest form of enlightenment is death.

Schon mal aufgefallen?

November 1st, 2008

Es gibt genau zwei Arten von Menschen: diejenigen, die alle anderen Menschen in zwei Arten aufteilen, und diejenigen die es nicht tun.

Wollte ich nur kurz loswerden. Ich selbst gehöre natürlich zu einer der 10 Arten von Menschen, die Binärcode lesen können ;-)