All posts by rbowen

Religious tolerance … well, except for Christianity

I suppose I could get inflamatory here, but I’ll try to remain bemused and offer commentary, rather than ire.

I find it interesting, in a culture that appears to value tolerance over discrimination (and here, please note, gentle reader, that I use the term discrimination to refer to the intellectual process of considering options and choosing the better, rather than the brainless process of spurning those who are different) that the principle of religious tolerance appears to apply to only non-Christian religions. Now, I suppose, that as a white protestant male, this should not surprise me, as tolerance in all other areas applies to those that are *not* in the majority groups, while those who *are* in the majority groups are deemed not to warrant such tolerance. Likewise, Christianity, being in the majority in the USA, is not deemed worthy of tolerance. Tolerance, after all, is something that the majority is supposed to extend to the minority, not the other way around.

I find this attitude abhorant at a number of levels. It is hypocritical, with different standards applied to people from different groups, which is, in turn, the very discrimination (of the latter, not former, definition) that it seeks to counteract. But it also seems to imply that the majority are, in fact, in the moral right, and should extend these graces to the “lower” groups, which are not required to reciprocate. This attitude, too, is worse than the evil it seeks to counteract.

As to why I bring this up – A discussion has arrisen on the datetime@perl.org mailing list as to what is the first day of the week. I made a comment that the “general usage” should determine the the API, so that average users would find the API useful. And, although the ISO has declared that Monday is the first day, any calendar on the shelves of your local bookstore will list Sunday as the first day, and that thus the API should reflect this, not the ISO’s statement. But, that, perhaps, this opinion was more that of a USA audience, with largely Christian heritage, at least within the last 3 generations, and that the European perspective was solicited. I suppose that I did not phrase it quite that way. draw your own conclusions.

What amazed me, though, was that this generated not just one, but two sarcastic remarks about how Christians are confused about the distinction between Sunday, the Sabbath, and the Seventh day, on which God rested from his labors of creating the world. This is not the case – Sunday is a celebration of the resurrection of Jesus Christ, not a celebration of the Sabbath, and the Christian tradition is not confused about this, although certain individuals may be.

Now, perhaps I’m oversensitive about this, but it’s not an isolated incident. It is fine, in our culture, to criticize Christians, but not to criticize Islam, Universalists, Buddhists, or Hindus. It is perfectly OK to equate radical wackos like Robert Tilton and Tammy Faye with Christianity as a whole, but if you were to equate Osama Bin Laden with Islam as a whole, you would be accused of religious intolerance and bigotry. Clearly, Robert Tilton does not represent the traditional view of Christianity any more than Osama Bin Laden represents traditional Islam – at least, this would be clear to anyone who took a moment to look at the larger picture.

Now, I’m straying rather far afield from the original remarks made on the mailing list, and I don’t want, by any stretch, to claim that the people making those comments were the same insensitive boors that I’m portraying here. I do think, however, that they are related symptoms of the same social ill. And I think that the majority has as much right to courteous treatment as do any given minority.

But, perhaps, as a white protestant american male, I’m not entitled to that opinion.

=====

Followup: 2003-Jan-13

Note:

Please note that the comments made merely sparked this line of thought, and were not nearly as inflamatory as this article might lead you to believe. This article is part of a long train of thought, and not solely based on the remarks made on the mailing list, which, in retrospect, I appear to have misconstrued anyway. *sheepish grin*

Dates and stuff

I’m waiting for my talk to start. I don’t have network in the room, and there is evidently no way to get it. This is unfortunate, as a number of my examples would benefit from having network access.

I just spoke with Adam Turoff, who is here for the Golden Penguin Bowl. I’m sorry I’ll be missing that. That could have been fun.

We also talked about Calendrical Calculations. For those of you not privy to the extended conversation, C.C. is a wonderful book containing algorithms for a plethora of non-Gregorian calendars. It comes with Lisp code, as well as translations into several other languages. I would like to write Perl modules using these algorithms. However, the “license” that comes with the book forbids using the algorithms for commercial purposes. Well, if I go to the trouble of writing the modules, I will release them to CPAN under the Artistic/GPL joint license, and I don’t intend to put any caveats in there about commercial uses.

There appears to be no way for them to patent their algorithms, and so it appears that, legally, I can do what I want to do. However, I don’t want to make enemies of these fine gentlemen. I would much rather win them over to the Open Source/Free Software mentality, and have them grant me permission on their own, without coercion. The tricky thing will be if they refuse, what can I do then. Hopefully, I can get someone to ghost-write a note to them, being more persuasive.

The book is fabulous. I don’t believe that releasing modules to CPAN will hurt their sales. I recommend this book to anyone interested in calendars. The information in here is fascinating. But smarter people than I, have said that the license agreement that comes with the book is a Very Bad Thing, and, even though it seems legally insupportable, they would still shun using the algorithms, because they have no interest in getting into a legal fight – even one that they would certainly win. Of course, with the way that silly laws like the DMCA are going, they might actually win. Then I’d be broke *and* a loser, instead of just broke.

By the way, there appears to be a GPL C implementation of these algorithms. I need to talk to that guy, and see what kind of arrangement he has with the authors, if any.

Oh, and regardless of how this all turns out, I encourage you to pick up a copy of Calendrical Calculations, by Ed Reingold and Nachum Derschowitz.

mod_perl, DateTime::, and other

Various tech things going on that I thought I’d mention.

DateTime Perl modules

The biggest one, I suppose, is that Dave Rolsky has rejuvinated the Perl DateTime module jihad that I started way back in May 2001, and which subsequently died because I did not have the time or energy to fight the status quo.

Dave’s actual note is here, and is very very worth reading if you have any interest in the state of Date/Time modules in Perl, and the general arean of date/time/calendar calculations on a grander scale.

Summary: Date/Time modules in Perl are a huge joke. There’s more than 15 ways to do any given thing (a case where TIMTOWTDI is not necessarily a good thing is when it gets way out of hand) and they might give different results. There’s no document, other than the random chicken scratchings that I have produced, that give you a roadmap of the available modules. And I really fell down on that pretty early. And, most importantly, the modules can’t talk to each other. So you can get a date in the Discordian calendar, but if you want to convert it to a date in the Mayan calendar, you’re out of luck, because they use different syntax. Or, if you have a date in the Vedic calendar, and want to know what holidays it corresponds with in China, well, that’s really hard too.

mod_perl

Well, not really much to say about mod_perl. Two things, both of them small in the grand scale of things.

One, I have been receiving the mod_perl mailing list at work for 2 years, and periodically deleting all the messages when the total unread message count goes over 2000. That’s gotta stop. It’s an important list, and I need to be reading at least some of it. So I’ve moved the subscription to home, where I have better mail filtering, and tend to be more careful about reading incoming mail. And I’m going to read it all, or at least those things with topics that seem to be important. Consider it a new years resolution of sorts.

Email, Again

SpamAssassin, for no apparent reason, stopped putting spam in /var/spool/mail/spam, and started delivering it to my users, but with [SPAM] in the subject line. This was ok for me, but was not OK for my parents, who did not have an appropriate filter in place, and so received 200+ [SPAM] messages a day for about 2 days.

Then it stopped.

First of all, I blamed this on the upgrade to Perl 5.8, but it turns out that this is one of the machines on which the upgrade was not performed. So I am baffled. Particularly about it stopping.

Oh, and a VERY important lesson that came out of this. First, don’t edit regular expressions at 1 in the morning. Second, the regular expression [SPAM] is not the same as the regular expression [SPAM] Exactly what foolish thing I did is left as an exercise to the reader.

Google rocks! (Re: Prior art)

Long long ago (mid 1995, as far as I can recall) I saw, on the Budweiser web site, a neat feature. It was a digital postcard. You selected a photograph. You typed in a message (the default message, I seem to recall, was “The weather is here. Wish you were beautiful.”) and an email address. That person received an email message containing a URL. When they went to that URL, they would get your photo and your message. And here’s the crucial part (you’ll see why later). You just clicked on the URL. There was no typing in special keywords or ID numbers when you got there. You just clicked. And while I am not certain of the exact mechanism, it seems reasonable to guess that the argument (key, ID, whatever) was contained in a QUERY_STRING argument.

Well, as this was in the early days of the web, and CGI was still young, I thought I would do the same on my site. My site, at that time was http://s.ms.uky.edu/~rbowen/kenya/ Obviously, it’s not there any more. Now it is at http://kenya.rcbowen.com/ But this was back when domain names cost $70 a year, and I was a poor grad student. If you go to the latter URL, right click on the image on the front page, and select “view image”, you’ll notice that the resulting url contains the substring “postcard”. That’s because those images have been in that location ever since – in the /images/postcards/ subdirectory.

Anyways, that’s all ancient history. Fast-forward to today.

I just got a phone call from some Silicon Valley Lawyers. Seems that eBay/PalPal is being sued by some joker who has a patent on technology that they are using. Specifically, the patent describes a method by which a user inputs a message and an email address, the system sends email to the specified user containing a URL. When that user goes to the specified URL, they get the message and/or document. This is therefore a web-based out-of-band delivery mechanism. And they applied for this patent in 1996, receiving it in 1999.

The phone call was in reference to a usenet posting that I made in February of 1996, (HERE) and another I made in May of 1996, (HERE) referring to a script that I wrote “a long time ago” which implemented this web-based postcard thingy. Another note, in December of 1996, refers to a web site that listed “a few hundred of ’em” (HERE). This clearly establishes prior art. Better yet, I am almost certain that the source code of this program appears in a book that I contributed to in 1996, but I don’t have a copy of it here. I’ll have to check when I get home.

So, this would mean that I have prior art on this “proprietary technology.” And that I can play a role in striking down a patent that is Just Plain Wrong.

I’ll post more information, like the patent itself, once I get more information. I sincerely hope that posting this here does not in any way jeopardize the case, but I just had to share this with my readers – all three of you. 😉

===================

Another relevant URL: The web.archive.org version of one of my web pages, containing a .tar.gz file of the postcard script with a file timestamp of Tue Dec 10 16:54:16 1996, and one of the files actually contains the following comment:

# Begun 12/4/95

And here we have a list of people that were using the software as of Jan 1997.

Google cache has a site discussing my script, saying that it is copyright 1996, and that the adapatation was done on Jan 4, 1996.

Foiling Nimda

Nimda and Code Red are IIS worms. As an Apache server administrator, you are not vulnerable, but they do fill up your log files. Here are a few techniquest to prevent that.

One: Apache::CodeRed. Find it at
http://cpan.org/modules/by-module/Apache/ Easy to install, easy to
configure. But needs mod_perl, so if you don’t have that, you’re out of
luck.

Also, I have a hacked version of this, which adds the
address to my firewall deny list. I think I should probably leave that
as an exercise, but basically you have it call a suid script, which
takes an IP address as the argument, and adds a host to your firewall.
Presumably you could do this from a CGI program as well, and invoke that
thus:

Action codered /cgi-bin/code_red.cgi
<LocationMatch "/(default.ida|msdac|root.exe|MSADC|system32)/">
    SetHandler codered
</LocationMatch>

The cgi would look something like:

#!/usr/bin/perl
my $ip = $ENV{REMOTE_ADDR};
`/usr/bin/BLOCK $ip`;
print "Content-type: text/htmlnn";
print "bye, now.";

This will get rid of error log entries, as it will be a valid URL. This
is probably my most recommended approach, unless you want to use
Apache::CodeRed, which also sends email to the domain contacts and ISP
contacts, which is perhaps the best thing to do, but generates a lot of
bounce messages.

Note that even if you don’t add them to your firewall, the above script can be used, minus lines 2 and 3, to eliminate the error messages. And, in conjunction with the “don’t log” recipe below, can remove the problem.

Two: Conditional logging. See tutorial at
http://httpd.apache.org/docs/logs.html#conditional or, for the recipe
version, you need the following:

SetEnvIf REQUEST_URI "default.ida" dont-log
CustomLog logs/access_log combined env=!dont-log

As noted previously, this only covers the access log. The error log is
trickier. One way to handle this is to actually redirect these requests
to a virtual host, with a /dev/null’ed error log. That is how I handled
it before I started firewalling them.

However, this, in conjunction with the recommended CGI program will
eliminate all log entries other than the initial access to the CGI
program, which can also be eliminated if you use the conditional logging
trick.

Note two things about the firewall thing. If you have a busy site, this
is *NOT* recommended, as it will cause your firewall list to grow to an
absurd size. I’m doing this on a home dsl account. Two, if you firewall
them, you’ll get one entry in the error log, perhaps, but no more. There
will be log entries in your firewall log, probably. These are far more
satisfying. Reset your firewall deny list periodically.


Follow-up: Ken Coar notes that you should also check out EarlyBird.

Surreal tech support situation

One of my customers hosts their web site on a Mindspring server, which was bought by Earthlink at some point. The site is running on Apache. The customer had me set up password authentication for a subdirectory, and it was necessary for me to do this with an .htaccess file, which was easy enough. However, since ServerName is apparently set incorrectly in the configuration, they were having the problem described in the FAQ, where you get asked for your password twice, and end up on a hostname that is not what you typed in.

I called EarthLink, and talked with two different support reps before I could get someone that even acknowledged that the problem was happening – the first guy simply would not admit that it was happening. I explained the problem to him (the second guy), told him how to solve the problem, and gave him the URL for the FAQ where it is described. (http://httpd.apache.org/docs/misc/FAQ.html#prompted-twice) After putting me on hold for a lengthy period of time, apparently talking to other experts, he came back and told me that the problem was beyond their expertise to deal with. He encouraged me to read the .htaccess file tutorial on the Apache web site at apache.org. (http://httpd.apache.org/docs/howto/htaccess.html)

Now, for those of you who don’t already know, the reason that this was so very surreal is that I wrote the .htaccess tutorial on the Apache web site. I’m pretty sure that the tech support guy did not believe me when I told him this, but, honest, I really did. And, of course, I’m no closer to having a solution to the problem, because it’s something that has to be done in the main configuration file. ServerName is set incorrectly, and I would need access to the main server config file to fix that, or to set UseCanonicalName off, which is the other recommended solution.

Hopefully, I’ll get someone on the phone next week that believes me, and is willing to implement the recommended solution.

Here, just take it

By the way, in case anyone cares (yes, a few people have asked!) the code that is posted to this web site is released under my proprietary HJTI license. The complete text of this license follows:

————————
Here, just take it.
————————

For those of you who get your panties in a bunch about correct legal phrasing, here it is again:

—————————-
This code is explicitly placed in the public domain. Bend, spindle, and mutilate. Caveat Emptor. YMMV. BYOB. IANAL. Have a nice day.
—————————-

Clear?

Apache Web Server Administration, by Charles Aulds

Linux Apache Web Server Administration
Charles Aulds
Craig Hunt Linux Library
Sybex Press

Well, I tried to be very critical of this book, because, after all, I want you to buy my book. But it really is very good.

It has thorough converage of all important topics. I found a number of places where information was wrong, but most of these were probably attributable to typesetting errors, rather than author errors. Missing parentheses, for example.

The examples were, for the most part, excellent, with good supporting explantions. Diagrams were good too – not gratuitous, but actually useful in most cases.

If I’m going to complain about something, it would be that there is no clear distinction made of when he’s talking about 1.3, and when 2.0. Or is it all 2.0? I’m really not sure. Some of it appears to be 1.3 specific, but other places he’s very clearly talking about 2.0, although this is not mentioned in the text, and might not be clear to other folks.

Overall, recommended and thorough.

(The book was given to me by the publisher, but I did not receive any other incentive to say nice things about it.)

Apache::VhostDB, sort of

I wanted to write a mod_perl handler that would read vhost configurations out of a database. However, it made more sense, at least to get something working quickly, do to this as a <Perl> section in the configuration file

I guess this could be done as a mod_perl handler instead, and I hope to eventually do it that way (mostly as an exercise, actually) but here it is the way I have it working:

#
#
# create table vhosts
#   (ID  int(11) not null auto_increment,
#    servername  varchar(255),
#    serveralias  varchar(255),
#    docroot      varchar(255),
#    scriptalias  varchar(255),
#    primary key (ID)
#   )
#
#  Note: serveralias can be a space-separated list. Change the field to
#  a text field if you have more than 255 characters of aliases.
#        scriptalas should have a trailing slash
#

<Perl>

use DBI;

my $db       = 'DBI:mysql:vhosts';
my $login    = 'www';
my $password = 'www';

my $dbh = DBI->connect( $db, $login, $password );
my $sth = $dbh->prepare( "SELECT servername, serveralias,
                                 docroot, scriptalias
                            FROM vhosts " );
$sth->execute;
$sth->bind_columns( my ( $servername, $serveralias, 
                          $docroot, $scriptalias ) );
while ( $sth->fetch ) {
    push @{$VirtualHost{'*'}},  {
        ServerName   => $servername,
        ServerAlias  => $serveralias,
        DocumentRoot => $docroot,
        ScriptAlias  => "/cgi-bin/ $scriptalias",
    };
}
$sth->finish;
$dbh->disconnect;

</Perl>

This goes in httpd.conf, and requires mod_perl. And, of course, you can add additional fields if you need them, like ErrorLog and CustomLog.