Nerdrium Home

Past entries

2015

March

2012

December
October
June
April
February

2011

December
September
August
July
June
May
April
March
February
January

2010

December
November
October
September
August
July
June
May
April
March
February
January

2009

December
November
October
September
August
July
June
May
April
March
February
January

2008

December
November
October
September
August
July
June
May
April
March
February
January

2007

December
November
October
September
August
July
June
May
April
March
February
January

2006

December
November
October
September
August
July
June
May
April
March
February
January

2005

December
November
October
September
August
July
June
May
April
March
February
January

2004

 

Facebook

Twitter

Archived Entries from September 2010


Whirlwind

It's been blustery for me the past few weeks, to say the least.

I interviewed for a Unix administration (among other things) job at another unit on campus several weeks ago. It seemed like a really cool, albeit much-more-stressful, career move. Gone would be the days of carpooling, leaving work early on a whim to get groceries or go play golf, lengthy lunches, etc. But a good career move nonetheless. I didn't figure I had much of a chance at getting the job. I'm not a mission critical Unix systems admin--I run a bunch of RedHat Linux web servers. Yeah, they're secure, and yeah, they do the job, but it's not like it is for Amazon or anything. And they needed someone to talk Oracle, and I'm a MySQL guy, and even then, what I do is pretty rudimentary.

But I wanted to prove something, wanted to make up for the job interview fiasco back at the College of Engineering a few years back where I showed up unprepared and looked like a complete fool in front of an entire search committee. So I prepared, and did the research on the college unit involved, and had my resume and cover letter tuned up, and answered questions in my head well ahead of time that I expected to be asked.

I was actually surprised when I was offered the job just before labor day. I figured that they surely had more qualified candidates than I was. It wasn't the pay increase that I wanted, but it was over 10%, and these days that's nothing to shake a stick at. So I talked to Sue, my boss, who was totally supportive of this whole thing, and she was, as expected, very happy and excited for me. We're on "soft" money right now and thanks to our new President and his cronies, after many, many years of running this successful grant, they apparently think it isn't necessary any longer. So while we had money through 2012, I was going to have to look for a new job at some point.

Then a funny thing happened on the way out the door. I do some work part-time for our department, maintaining web servers and such. Lately I've been migrating all of our physical web servers onto virtual machines that we contracted through the college. It's actually really cool, though as my pal Tod pointed out, if I do everything correctly, nobody will be able to tell that anything is any different.

So I had to go tell our manager of systems services that I had been offered this other job. He wasn't quite as happy as Sue was about it.

The next thing I knew the department had offered me a new position in the department (sort of) with even a higher salary offer than the other job. Uh oh.

So last Tuesday (or was it Wednesday?) I had the awful task of calling the going-to-be new boss and telling him that I had to un-accept his offer. It made me feel awful. But what could I do? The whole point of the exercise was to get off soft money and guarantee myself a future at the University, and that happened with the departmental offer. The pay increase was sort of a secondary thing, but even that was higher.

And what's the point of being able to afford a new golf cart if I have to give two weeks notice to take a day off to go play golf? I'm used to working in fits and spurts. There are days I'm up late at night taking care of problems at work. There are times on the weekends where I spend several hours getting something done that just needs to be done. And in return, there are times when the building is quiet, and I'm all caught up, and everything is working properly, where I can cut out a few hours early and mow the yard or play golf or whatever.

I also think the other job would have required us to become a two-car family again. And what's the point of a raise if I was going to have to spend the entire thing on a car payment and fuel budget (and more tires, more oil, another parking spot, etc., etc.).

So I hated making that phone call last week, but I think this is all going to work out for the rest. We have a web committee meeting today where some of my new duties are hopefully going to be elucidated to the rest of the staff.

This was an unexpected outcome, but I think I couldn't have asked for a better result. And I think I've more than made up for the fiasco north of Green Street from a few years back.

Posted: Tuesday, September 14, 2010, 10:49 am
Mood: Worn Out | 1 comment| Article URL | Post a comment
 


Fahrenheit 451

This subject has bothered me greatly this past week.

Some moronic minister in Florida wants to have "burn the Quran" day.

And?

So what?

Burn the bible. Burn the flag. Burn your underwear. Burn my networking textbook--wait, no, don't. Wait until the end of this semester.

They are books.

"OMG all sorts of Muslims around the world are going to target our troops because of this!" For starters, not all Muslims target troops, and those that do are targeting our troops whether or not this nutcase burns the Quran or not.

That's why this whole religious thing bothers me. There is SUCH a lack of common sense.

Is the guy burning the Quran being ridiculous? Of course he is. The First Amendment of the United States of America Constitution also allows him to burn the Quran, however.

Do Muslims get a little more bent out of shape than they should. Well, yeah.

It's paper--shaved trees that were once very, very nice trees--with ink stamped on it. It's paper and words. It's not holy. It's not blessed. It's a book.

All of this wouldn't be that big of an issue if the stupid media would quit plastering this moronic pastor all over the place. THEY are the ones feeding this fire. THEY are the ones waiting for the firestorm to explode afterwards so that THEY can cover it.

If they would shut up about it, most overseas Muslims would have no idea what this simpleton is planning on Saturday.

And, of course, there still is part of me that says that if they are going to get upset about it, all the more reason to do it and prove a point. If he burns these books, and Muslims in foreign countries go ballistic about it, maybe there's a point that was made. LET him be childish. If the Muslims react, then they are the ones being childish. At some point someone has to be the bigger person.

John Lennon had it right. Imagine no religion.

Our planet would be much, much better off.

Posted: Friday, September 10, 2010, 2:22 am
Mood: Bothered | No comments | Article URL | Post a comment
 


Damn Russians

One of the things I maintain at work is an antiquated e-mail notification system for an on-line newsletter that gets published weekly during the growing season. Yes, we have an RSS feed, and yes, people should be using that instead, but our audience aren't tech people who are all about the feeds and such. So we have a thing where readers can enter their name and e-mail address and then every week when the new edition is published, I send out an e-mail to 4,000 people letting them know that there is a new issue on-line.

The submission system has evolved over the years as my skills at programming have evolved. I merged such things as subscribe.html, submit.php, etc., into single PHP pages that submit and verify to themselves. I made it such that after users submit their information they get an e-mail message with a link they have to click on to verify that they wish to receive the notification (so people can't sign up any old e-mail address).

I even changed the link in that e-mail message to send an MD5 hash of their e-mail address as the GET id, rather than just the single id number corresponding to what is in the database (so that someone can't just run a loop from 1 to 5000 and hit every verify.php?id=$i script and verify EVERYBODY).

Well one of the things I've had to deal with is people entering bogus e-mail addresses. Someone will enter "qeroiadf" for the first name, "fqerfasd" for the last name, and "dsfqr@vadsdf.com" for the e-mail address. Stupid, I know. But that writes a line to the database (using only a read-write connection to the DB, of course, so even if they were really trying something nefarious they couldn't do too much damage...).

So when this happens I'm just getting junk rows written into the database. Big deal.

Except for that verification e-mail that I talked about? Well, that e-mail bounces back to me, because there is no "dsfqr@vadsdf.com."

One night I got about 50 different bounce-back messages, about a minute apart each. Sigh.

My first line of defense was to check the http-referrer attribute and make sure the page was getting submitted from the newsletter web site and not some outside page. I'm well aware, however, that it isn't that difficult to spoof the referrer information, but figured maybe the kids in Minsk wouldn't bother with doing that.

I guess I was wrong. The bogus addresses kept coming.

So yesterday I thought I'd get even more clever. I made a hidden form field (that you can see in "view source," of course, so just hidden from the HTML output) that has an MD5 hash of the current day of the month plus the current hour. Nothing too complex, but something that the submission part can easily check by recreating that MD5 hashed value and checking it against what was submitted. That way, if someone did view source and send in bogus registrations with those values, it would only work for an hour, and then their hidden form value won't be valid again (until that hour and day a month later, of course).

I got four more bogus registrations last night. Really? Go away, kids. Go outside and play with a ball or something.

The answer, probably, is to implement a "captcha," but again, with our target audience, I really hate to do something annoying like that and inconvenience the readers just so that I don't get a few e-mail bounce-backs.

I log the IP addresses of everyone that signs up, of course, and as expected, all the bogus ones a) have different addresses and b) none of them resolve to a FQDN (that would be a fully-qualified domain name for any of you non-tech types...).

I guess I just don't understand the point of what they are doing. Nobody sees their fake stuff but me. Nothing happens to any of the other addresses in the system. The only person that can send e-mail to the list is me, from my computer at work. I don't know. I just don't get it.

Posted: Thursday, September 09, 2010, 2:44 pm
Mood: Confused | No comments | Article URL | Post a comment
 


Next 10 entries

Return to the Nerdriumblog :: Return to the Nerdrium