Well... My server's primary system drive decided to develop a hugely large number of bad blocks. If you don't know what that is, the short answer is that a large part of the harddrive decided to simply stop working. There was dataloss. There was pain. There was frustration. It was terrible.

BUT! I managed to recover from a backup from 2012-12-20. The majority of important data was all on my RAID5 array, but this does mean that some configs were lost. Fortunately, this largely effects only me.

It looks like my BRGE and BadScience builds are intact (though probably pointed to the wrong repos), but my build for Bitcoin Access is gone. But email, MySQL, etc are all back up... and that's what matters for now. But I guess the rest of that goes on my "TODO" list... again.

On the bright side, I learned something totally awesome you can do with LVM2. PVMOVE. It didn't help in this case (the drive was too far dead and causing the CPU to get locked up with IOWaits), but holycrap. The whole concept of "oh, yeah, we can just copy all this data to another drive, sync them up, then stop using the old one and effectively move the partition to another drive" is just incredible. I love learning all the impossible things you can do on Linux that you just simply CAN'T do on Windows or OSX.

But anyway... I should probably get some sleep before REAL work tomorrow. But if anyone was wondering where the hell my server was this weekend... that should answer it.

Well, started on some personal projects (up on GitHub) and some other things... but mostly I wanted to mention a new thing for the comments: IP addresses are now logged. There is a surprising amount of "OMG! GENERATE MORE TRAFFIC TO YOUR SITE!" spam than there should be for this site (given the content, or, rather, the lack of content).

I'll probably just use iptables to manually block these IPs for now, in the future I might make things smarter so they are just blocked from commenting. Probably just need to add captchas to the comment pages... I'd think doing both would be most effective.

First things first, Minecraft has been moved onto it's own server. It can still be accessed the same way and all traffic still goes through my main server. But now, it has a full 8GB of RAM to itself and a dualcore CPU. Things appear to be running MUCH smoother now, though! In addition, everything Minecraft related on my server(s) will now be at http://minecraft.brwyatt.net/, including the DynMap.

The down side to this, is that running another server costs money in electric costs. The PSU on both my main server and the Minecraft server are 430W, which means they could both end up costing me about $26/month (EACH!) to run 24/7. Fortunately, neither should be taking that much power, and are probably consuming more in the 200-300W range. Do the math, that is still a bit of a cost to me.

In addition, the migration of the server took maybe... 6 hours total of me moving things over, testing it, figuring out and setting up the IPTables rules to forward traffic from my server, copying over the data and bringing it live. It took parts of two of my evenings. Lets say I'm worth about... $16/hour. So that change cost ~$96 worth of my time. Note that I'm not including installing Debian on that server, physically setting it up, wiring it up, setting up static DHCP, setting up DNS internally and externally, the additional switch migration from a DLink DGS-2208 to a Cisco SF302-08, which also required setting up it's own static DHCP and internal DNS. But, I personally got a lot out of both of these moves, as this frees up resources on my server that were being eaten by Minecraft. Fortunately, the Cisco switch was free.

Additionally, if you Minecraft folks need a faster CPU, it looks like a quad-core 2.6GHz CPU for that motherboard is going to cost about $150. And that is something I am NOT paying for. I'll help pay for it, but at least 75% has to come from y'all.

Additionally, I have 25/25Mbps FiOS. Business class with a static IP. This probably helps me more than y'all, to be fair, but the extra bandwidth means y'all won't be as effected if I decide to stream an HD movie, and won't suffer from minor outages because my IP changed and my DNS hasn't been updated to reflect that change. This is costing me $105/month, with $15 of that being from getting the business version.

So here is the final total:

• Electricity for brwyatt.net: $18/month (best guess)
• Electricity for minecraft.brwyatt.net: $18/month (best guess)
• Migrating to a new Minecraft server: ~$96 (possibly up to $140)
• 25/25 Internet: $105/month ($15 for static IP and contractual rights to run servers on it)

I could also go into how both my domain names cost me $12/year each... but I'm pretty sure that that mostly benefits me anyway. And then the added costs of cooling.... But I won't. I mostly just want people to understand what goes into running something like this, even something so small and simple. It does cost money, even if you aren't paying for it.

Internet install was quicker than expected! Took less than an hour. Compared to normal residential installs (Since I'm technically a business customer): he came in, mounted the FiOS modem, plugged in my server, I told him it works, he showed me the modem (since I'm not getting their router, he walked me through verifying the problem is on their end since they can't support my side of the modem), we shook hands, he left and called back a few hours later to verify things were still working. He never even touched a keyboard or looked at my screen. Maybe it was because my router was a full computer with two NICs and had a big "DEBIAN" sticker on the side... but why can't residential installs be like that too?

Anyway! Everything on my server should be up now (MySQL, Apache2, Postfix/Dovecot (email), Minecraft, Freenet, Tor (relay!), and I2P. This server does way too much, and I'm considering moving some things off onto another box I have, but I'd like to see my first power bill first before I add any more things to the grid.

I should also note that I also have a static IP! 71.244.54.5 is mine. It will only change if I decide to leave Verizon, move to a different circuit, or buy a whole block of IPs (they give them out in consecutive blocks, so I might have to give that one up for a consecutive block). So this should help with finding me with DNS... my IP won't change often, at least not for a long while. I'm also talking to Verizon to get my reverse-DNS setup (so when you lookup my IP address it tells you it is brwyatt.net, this is helpful for email servers) and I'm going to continue using JangoSMTP (great service by the way!) until it is setup.

I'm still mostly unpacking and settling in after the move on Saturday. Got my dresser and nightstand built, and I think that is all for furniture till the couch arrives. Still have to unpack a bunch and organize... but that will take time and is an adjustment. It is really kinda cool to look around me and say "all this is mine". Sure I'm technically renting the apartment... but the stuff in it is undeniably mine, and I am paying the rent... so... that is kinda cool... to me, anyway.

I have found the place for my server (and any future equipment). Since I don't have a washer or dryer... I've got it right where the washer would be. And when I get a server rack... it even has a 250v plug. It will take a converter to work... but... it will do. Granted a rack and the stuff to fill it is just under a third of my salary... but... If I stay here long enough it might just get used.

Still have some cleaning of the apartment to do as well, and my mom wants/needs me to clean out my old room as well, which is fair.

... I am not looking forward to bills...

I keep forgetting I have this blog to write my thoughts and ramblings for the world to see (and for spammers to try and spam the comments, apparently...(And FAIL MUAHAHAHAHAHAHA)).

So... Tomorrow (well, I guess today...) I'm moving out of my parent's place and into my own place. It isn't too far, but it is exciting and scary. Still kinda working on packing, though at this point, much of this can just be carried by hand, but I want to make it a little easier on me. I should also probably note that this is all possible because I'm now a FULL TIME, SALARIED employee at work! That, in itself is pretty exciting too... I mentioned it before when I got to sign the paperwork, but now the paychecks are comming in from what was an offer, but is now an official position.

As far as the moving goes, I'll be without my own Internet until sometime Monday when it gets installed. I'll be leaving my server here, though, so there won't be downtime till probably Sunday night, lasting until whenever on Monday when the Internet is hooked up. I'm paying for 25/25 BUSINESS Internet with a static IP address (71.244.54.5).

So that should be fun and exciting... probably should get some sleep or get some more stuff packed...

You guessed it! Sam Johnson! This is what he had to say about CISPA:

Dear Mr. Wyatt:

Thank you for contacting me regarding H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA). I appreciate having the benefit of your views.

As you may know, America now faces serious cyber threats from foreign states and terrorist organizations on a daily basis. These range from cyber attacks that try to disrupt our networks to attacks that attempt to steal classified information and intellectual property. While many of these cyber attacks directly target U.S. government agencies, there are an increasing number of attacks that are targeting U.S. companies that don't have access to the same protections given to government agencies.

As a leader in the development of new technologies, American companies have also seen a large increase in theft of technology and trade secrets from cyber attacks. This is a direct threat to American prosperity, as a loss of these trade secrets will ultimately limit America's economic potential.

To address this, House Intelligence Committee Chairman Rep. Mike Rogers (R-MI) introduced H.R. 3523 on November 30, 2011. This bill would amend the National Security Act of 1947 to allow the government to share classified cyber security threat information with companies and for companies to voluntarily share cyber threat information with the government. This bill would also guard against the theft or misappropriation of private or government information, intellectual property, or personally identifiable information. It is also important to note that under CISPA, the government would not be able to stop access to particular websites, require companies provide any information, or censor or remove content.

Ensuring that America's networks and information are secure is a vital interest, and H.R. 3523 is a necessary tool to accomplish this goal. I also understand that certain concerns have been raised regarding the need for privacy protections in this bill. You will be pleased to know that I supported several amendments to this bill that will limit the scope of the bill to provide adequate privacy protections.

One of the amendments I supported limits the government's use and storage of shared cyber threat information to only 5 specific purposes including the investigation of cyber security crimes, protection of individuals from death or physical injury, protection of minors from child pornography, and the protection of our national security. Another amendment I supported prohibits the federal government from using library records, firearms sales records, or tax returns that it receives from private entities under this Act.

I believe that CISPA, as amended, has a proper balance between security and privacy. I voted in favor of this bill when it came before the House of Representatives on April 26, 2012, and passed by a vote of 248 to 168. Currently this bill has been referred to the Senate where it awaits further action.

Once again thank you for contacting me and please do not hesitate to do so in the future if I can be of any assistance.

Sincerely, SAM JOHNSON. Member of Congress

On Monday, I finally received my first two spam emails on my Tor email account on brwyatt.net. It is no surprise since that address is publicly listed with the list of Tor nodes from when I ran a Tor Relay (and will again). So, I got to install SpamAssassin and tested it out and it works. This is actually kinda exciting, to be honest, getting my first spam email on my domain. I haven't gotten any spam since, however, which is good, but I really wanted to see it get assassinated by my fancy new spam filters.

On the other side of things, I got an official job offer at work today. Still have all the paperwork to do for it, but it is exciting. It is nice to see life moving forward.

I'm just going to take a second to go on a bit of a rant about the major desktop OS releases comming soon to a computer near you. I am, of course, talking about OSX Mountain Lion and Windows 8.

Mountain Lion comes pre-packaged with this "really cool" "feature" to "protect" you from malicious programs. This feature is called "Gatekeeper" and it will be enabled by default. How does Gatekeeper work? It stops you from running any applications that aren't either on the AppStore or digitally signed by a "trusted" developer. A trusted developer is simply a developer who pays Apple $99/year to get a digital signature for their code (I won't get into how that works, but there is a lot of information on how digital code signing and public key encryption works if you are interested).

That all sounds pretty good, right? It will stop you from running malicious programs and only good programs can run, right? Wrong. Here is the issue, no code is actually being verified as being harmless or safe, the only requirement is that developers pay Apple. Sure, Apple can revoke a Developer ID if a program is found LATER to be malicious, but how many people will be harmed by malicious code by the time it is discovered? And what about common Free and Open Source projects? They aren't selling software, and most of the coding is done by volunteers. Adium, FireFox, VLC, Tor. And that's just naming the ones I can think of off the top of my head. So because they can't (or won't?) pay Apple $99/year... you can't run those programs. But even worse, lets look at how Apple handles "controvercial" apps on iPhone. What if I pay Apple $99 to get a Developer ID, and then make some application that Apple doesn't like (and this isn't just speculation) they could revoke my Developer ID, and anyone who had been using my app is now locked out and can't run it. As of right now, enabling Gatekeeper on Lion will prevent Adium from running at all.

Gatekeeper is NOT a tool to help "protect" you. It is a tool to control what you can and cannot do on your computer. Plain and simple. Protecting you from malicious code is a side-effect of this control. Just look up Apple's censorship on the iPhone you will find a lot on the current thing they have censored, but look deeper than that, and there is a LOT more that has been censored. In addition, some speculate that this is a move towards only allowing apps to be installed from the AppStore. If this is true, any program licensed under the GPL can NEVER be on the Apple AppStore due to an incompatability with the AppStore agreement and the GPL. (The AppStore requires users to agree to not share apps more than 5 times, while the GPL allows and even encourages free and open sharing of their programs and source code). What this means is that, if Apple switched to AppStore only, you can say good-bye to FireFox, VLC, and Adium on Macs. But I guess you really should be using Safari, QuickTime, and iChat (or the new "Messages") anyway, right? I mean why would you ever want to use something else?

Ah, and now for Windows 8's Metro UI. Unlike Gatekeeper, I've had first-hand experience with this one. Microsoft likes to do these "Developer Previews" where you can go and grab a copy of the next version of Windows for free to test your programs and, in this case, get a head-start developing Metro apps. So I ran Windows 8 in a VM (Virtual Box), and I tried REALLY HARD to like it. I gave it as much chance as I could. Quite honestly, it is horrible. REALLY horrible. If you plan on getting Windows 8, make sure you have a touch screen, prefereably one about the size of... well, I wouldn't go above 20", honestly. The whole UI is pretty much just Windows Phone 7. That's it. Sure, you can get a "traditional" desktop for using "legacy" non-Metro apps, but the desktop is simply another Metro application. You can't close programs, you just "switch" between them like on a phone or tablet OS, and I can only imagine if there was that one program you had open and wanted to keep running and it gets closed because you started too many programs and it had to reclaim resources to run this other program you started up. And what about running two programs side-by-side? Oh, I'm sure there is a fancy way to do it... maybe. And I don't even want to remember how difficult task switching was, especially if you have a bunch of programs opened, since they NEVER CLOSE. (Here is a hint, don't use alt-tab, which just starts rotating through each application one at a time ("wait, I thought I closed that program! Why is that still running? And I haven't used that one since two days ago!"), just go to your "start screen" and find the program again, and open it directly.)

Now, the most irritating thing is if you lock the screen or want to switch users. Regardless of if you are using a touch screen or a mouse, it brings you to a more... smart-phone like lock screen where you have to swype the screen up to unlock the screen, and then you can log in, switch users, or unlock your computer. To turn off your computer, you have to logout, unlock the screen, and then click the shutdown/reboot button. And it seems that there is no more Windows update prompts. Which is good and bad. No more nagging you to restart your computer, but then again, you will never know that updates were even available, and have been installed. After messing around with the VM and FINALLY finding out how to shut Windows 8 down, it started installing updates. Updates I didn't even know were installed and needed a reboot for. I appreciate it no longer constantly nagging me, but SOME form of one-time notification would have been nice.

And all this, folks, is why I use Linux. Linux won't stop you from running what you want to run on your computer. It doesn't care if you add additional package sources or if you install from source. Of course this assumes that you aren't a moron and that you aren't downloading something from "Trustworthy Bob's Free Virus Scanner!" where every visitor is the one millionth visitor! And if someone (cough Ubuntu cough) decides that they want to try a stupid UI like Metro (cough Unity cough), you have the choice to use the old desktop (Gnome 3) INSTEAD. And lots of people don't like Gnome 3 and are either using Gnome 2 or KDE instead, and the guys over at Linux Mint (a distro based off of Ubuntu) are working on "Cinnamon", a project intended to bring all the features and style of Gnome 2 (which were removed in Gnome 3) to the Gnome 3 platform and features, giving back the customizability and functionality of Gnome 2, without losing the features in Gnome 3.

In short, Gatekeeper is nothing more than a WORSE version of UAC that is not warning you of escalated privleges, but blocking developers who don't pay Apple so their users can install their app. And Metro UI is like Ubuntu's Unity desktop or even Gnome 3, except you can't change it back to the classic desktop, you just have a watered-down classic desktop as a "feature".

On the plus side, Gatekeeper just makes me think of this add Apple ran a few years ago about Vista's UAC. The difference here is that Gatekeeper is just simply "deny" without asking the user.

To get the boring stuff out of the way, I've updated the homepage text and the about page text to have some amount of better information on it, but haven't done anything more than that. Should probably have the most recent blog post showing on the home page, though... Maybe next update...

But, on a more important/personal note... I've been looking at apartments lately. Parents have pretty much said that I need to move out and have given June as the general time that it will be done. This isn't entirely a bad thing, and I suppose I kinda needed that push. I just need to secure things down at work and get that all settled. But I think I have a place all picked out, it is nice, simple, and they offer Verizon FiOS for Internet access, so I can still have super fast Internet at the new place.

So things are looking up, and I'm moving on and at the edge of starting MY LIFE. I have a job doing things I'm interested in (even though it can be stressful at times, but that isn't always a bad thing), I'm preparing to move out to my own place, and it is looking like school is no longer an issue or source of stress in my life. I realized yesterday that this has been the moment I've been waiting for, things have been coming together and I just have to take a couple more steps to get to the edge, but it is right there, within my reach, and it is exciting. Scary, sure... but exciting. I mean, I'm not thrilled about paying bills, but there is something to be said about manaing your own life, even if it means you have to deal with the shitty things like taxes and bills. So, in a way, I'm even excited about paying bills, because it will be MY electricity, MY water, MY Internet, MY phone, MY car.

Like I said: scary, but exciting.

... except me!

I have now implemented User Roles! So what the hell does that mean? This is part of my plans to eventually have open registration, possibly to require registration (and email verification) for comments (to prevent spam). This is just the first step toward that goal. I will still need to implement registration pages, and possibly the email-verification mechanism (at the very least implement this so I can enable it later if needed), and then implement requiring an account to post comments (and possibly the ability to turn that on/off in the site config).

Other reasons why I want to have open registration: Jabber. While I've been having problems getting ejabberd to authenticate against the site's MySQL database, I still plan to get that going, and I want people to be able to use it. It seems that ejabberd's external authentication is... somewhat awkward. Instead of calling a script when authentication is needed, it requires the script to sit in an infinite loop and accept input via stdin. I had something that was working for a little while (except that it would crash after a few hours, and the server would reject incoming connections), but in trying to fix that, the script doesn't work at all anymore.

I also (unrelated to logins) want to get the server stats to be a little prettier, and include graphs for things like bandwidth and CPU load. This is more for my benefit, or anyone crazy enough to care.(But, I mean, I did just reach 5TiB of uploaded data to the Internet over 7 months, that's cool, right? RIGHT?). I'm not sure how I will accomplish this task, I might end up running a script (or application?) as a service on my server, but we will see.

Hopefully, I'll get more work done on this site to benefit others at some point...

EDIT

Added in some basic page hit logging. Should be able to gather useful statistics about what browsers are used, and what pages are accessed, and when. While it isn't so important now while no one really uses my site, it should be useful later. Should be able to generate some interesting statistics with the data later on. Just something I threw together in a few minutes.