The Fourth Place

One of the most irritating things about being a geek (though far from the most irritating thing) is becoming annoyed with apparently foolish or below par performances from technical widgets. What gets you is that you know exactly what’s wrong, it all seems apparently obvious that either a) its simple and common and should have been prevented or fixed already or b) that the hazard was so clearly obvious that it should have received a higher priority. Today, I’m talking about the internet’s obvious single point of failure: DNS.

Have you ever noticed that Firefox is sitting there apparently inactive (translation: nothing is flashing) with a status bar message like “Looking up feelitlive.com…” despite the fact that you looked it up just fine a few minutes earlier? You want to find out whats on and go out, not debug your network, so you never investigate it and never call your ISP because it does work eventually and ISPs use call queuing technology rather than investing in extra human beings.

Anyway, this malady affected some of my favourite political blogs on the night of the US election and it didn’t take much F5 bashing to work out that popular sites like sky.com worked fine and less popular sites worked slowly and really niche market sites like er… ubuntu.wordpress.com, for example, didn’t work at all. Since it was election night I wasn’t going anywhere so I called O2 to have them confirm the obvious – a DNS server somewhere on BTs network was broken and local caches were only populated with the more frequently hit domains so that was all you got. Hmmnn… big event happening, everyone looking for news? Might it get busy on the web? Do you think?

I figured, “this is stupid, I visited the site earlier, why doesn’t my computer keep the IP address and re-use it?” I wanted a DNS cache! That way, my ISP’s DNS service only needed to work once and I would be protected from such foolishness.

The techy bit…

Luckily, the article I wanted was in Google’s cache (accessed using an IP number not a DNS name, so working just fine…)  but its proper URL is http://ubuntu.wordpress.com/2006/08/02/local-dns-cache-for-faster-browsing/

The article is a little over complicated for a laptop user, since most laptop users know the button to reset their wireless connection and aren’t DSL users as such either. I got away with simply installing dnsmasq using Synaptic Package Manager and editing two files using “sudo vim <filename>”.

First I opened /etc/dnsmasq.conf and uncommented the line:

#listen-address=

and entered my loopback IP so it looked like:

listen-address=127.0.0.1

You can also listen on the loopback interface “lo” by editing the line above instead, if you prefer.

Then in /etc/dhcp3/dhclient.conf I found the line:

#prepend domain-name-servers 127.0.0.1;

and removed the “#” to make it active:

prepend domain-name-servers 127.0.0.1;

I gave dnsmasq a precautionary restart with:

sudo /etc/init.d/dnsmasq restart

and after pressing the button to reset my wireless connection – which on Ubuntu is the little blue bar chart thing on the bar at the top right, followed by the little blue round widget for the network your on.

Anyway, that clearly didn’t work because the ISPs DNS server didn’t work at all for the little web sites, so reducing the minimum to having it work one time was still too high a burden on the overloaded machinery.  I didn’t find a solution until just now, after another server blip. OpenDNS allow you to use their DNS servers for free, no questions asked, but with a DNS cache installed it seems silly to use the OpenDNS server as the main server.

Luckily, there is a command to append the OpenDNS servers to the end of your nameservers list, it goes in the file /etc/dhcp3/dhclient.conf :

append domain-name-servers 208.67.222.222,208.67.220.220;

When I checked resolve.conf I saw the .222 address listed at the end, and the .220 server had vanished, but I still have a local cache, and two independent nameservers and my blip is gone, so am quite content (Jaunty doesn’t have this issue, but doesn’t guarantee it’ll try every DNS listed)

Extra dnsmasq.conf tweaks:

Uncomment (make active) line 406 to stop failures being permanent:

no-negcache

If one of your upstream DNS providers has executed an immoral land grab on unregistered domains (a la Verisign) then list their IPs likewise (see line 420):

bogus-nxdomain=64.94.110.11

Note that I don’t put Open DNS in that category, they are giving you something free on certain conditions, its up to you to obey those conditions. It is useful and proper to list Open DNS like this if there is a temporary problem with their redirections, otherwise you are basically stealing. I use this on a network where simple hostnames like “fredspc” don’t resolve on the first attempt.

Today, I sat down on the tube next to a gentleman on my left and leaving space for an approaching lady to sit to my right. Eventually the lady sat down one seat away on the right so I had her, the gentlemen and a three ladies in front of me and to the left of the gentleman, the rest of the carriage was mostly empty but as the train drew away everyone seemed comfortable and there was no atmosphere.

What happened next was very interesting, but first you must understand that I hadn’t actually showered so I could understand if somebody decided I was a bit stinky. Though the gentleman directly on the left seemed entirely tolerant of my existence, as was everyone else.

Then, I reached into my bag and got a book out.

I had two books, on software and religion, but I chose to read the book on religion, which espouses a point of view with which I am somewhat sympathetic. Though I admit, some aspects of some religions make me uncomfortable I have never really proselytised my own views and try to be tolerant and express an interest in other belief systems and the cultures that go with them. I don’t often think about the topic, and am certainly not a religious practitioner, so this is probably the first time I’ve read a book on religion in public.

So what happened? Well a few seconds after I opened the book, the lady one seat away to the right, who certainly did have the option to sit further away earlier on, decided to stand up and move down about one third the length of the carriage. I instantly suspected I was smelly, or had burped or sniffed in a disgusting way, but looking around I saw the confused faces of the other passengers in this little cluster and they all seemed sufficiently surprised to rule that out. The next thing I thought of was the book and as soon as I started examining the back cover – necessarily exposing the front cover – the other faces become less confused, and returned to their own business. Had the book, who’s title was visible on the back cover, made this woman move away? Wow!

I can’t think of any other reasons why this lady would have moved away, and the fact that she had brown skin and my skin and the skin of the author are both white reinforces the reason somewhat since religion often divides – I believe – along the lines of skin colour. So yes, it probably was the book. Er… Wow!

I’m a white male living in 2008 in a polyglot and cosmopolitan city where the traditional culture matches my own cultural upbringing. The historic cultural backdrop of London matches the Christian cultural backdrop I was bought up in. Why should an atheist with such a background experience such extreme religious intolerance simply for reading Richard Dawkins? The book has a scientific slant on the topic and neither science or atheism were – I thought – especially uncommon in London.

Wow… simply moving away demonstrates a high level of intolerance. I would generally define intolerance as murder and arson, and I am neither murdered nor burnt from my home, but on a relative scale this was somewhat more than the none at all I’m used to or the nearly none I feel for others. Yet putting tolerance aside, isn’t it pretty closed minded to assume that a book that is opposed to the existence of God is necessarily intolerable? and that a person reading an intolerable book is himself intolerable? Jesus Christ!

A mailing list message on the topic of Microsoft Live’s search privacy prompted me to take another look at peer to peer web search applications, and I discovered two – YaCy and Faroo – both promise to protect your anonymity while searching, but paradoxically both will index the web using your click stream.

There are some interesting concepts at work there, in particular YaCy’s reverse word index coupled with downloadable Linked Open Data such as DBPedia, WordNet could form a powerful combination as long as the privacy protection was sound.

I was pleasantly surprised to find my old phone, like many others, has a value despite being broken and unusable. Mobiles are a great example of the market delivering on reduce, reuse, recycle.

I’m groaning again – being constructive is just so much work – but again its something highly emotive and in this case something very very important indeed.

A leaked “options analysis” is doing the rounds of UK blogs, I picked it up at Samizdata, where seconds poster Ed says:

Once again, the Government decide what the next authoritarian measure is and then try to find convincing arguments to back it up. That document is truly scary.

I couldn’t have put it better myself.

Read the document, and notice how it lays out options according to how popular they will be and how likely they are to encourage “rejection”. If enough people read this docuement, the country won’t be fooled, I hope we all reject the card with equal violence.

The document “Northern Rock Summary” has been removed from Scribd

This content was removed at the request of copyright agent J. Afia of Schillings o/b/o Northern Rock, plc

For more information, please send questions to support@scribd.com

I said I didn’t want to use this blog to moan, but having moaned once on the topic of censorship, libel and Schillings the above quote (source) demonstrating the chilling effect of copyright on free speech seems entirely justified.

Guido explains the importance of the document concerned in his post “Northen Rock Nationalised“.

Looks like I have been found to be talking nonsense about the Craig Murray censorship incident, however, I’ve been connected to the Law Commission report on Defamation and the Internet, which makes interesting reading.

 Under section 1(1) of the Defamation Act 1996, a secondary publisher is given a
defence if:
(b) he took reasonable care in relation to its publication; and
(c) he did not know, and had no reason to believe, that what he did caused or contributed to the publication of a defamatory statement.

…

we noted that the section 1 defence may cause problems, and that it raised issues that should be examined further. The defence is narrow. It applies only to those who are unaware that the publication contained
a statement with a defamatory meaning, in the sense that it would make reasonable people think worse of the claimant. There is no defence for secondary publishers who genuinely but mistakenly believe that the material is true, privileged or fair comment.

UPDATE: No they didn’t, it was an associate of Murray’s trying to keep the site up. See comments for full story.

Holy mother of God, the Fasthost’s censorship debacle worsens:

On my article about Alisher Usmanov which so incensed his lawyers Schillings, let me ask this question. Has anybody seen an argument posted or published from any credible source to argue that what I say about Usmanov is untrue?

I ask the question because one of the edits to this log my webhost made at Schillings’ behest was to say that my claim was “regarded as false by many people”. I have altered that edit, because there is no justification for such a claim. I have yet to see evidence of anybody, not one solitary person, arguing that I am wrong about Usmanov, other than his lawyers. Who are these “Many people”, and why are they peculiarly silent?

I am very sympathetic to my webhost having to change things for Schillings, but not to the extent of altering things to become defamatory of me!!!

Posted by craig on 3:14 PM 14/09/07 under Uzbekistan

Source

Winston Smith is alive and well and living in Gloucester. Utterly irresponsible.

Fasthosts, that bastion of the web hosting industry and pillar of the Gloucestershire community has pulled the plug on a web server hosting several important (and some less important) political blogs, including that of Boris Johnson. They say its because accusations made by Craig Murray and Tim Ireland at bloggerheads defamed a certain controvertial Russian, and mention a lawyers letter.

“In this case, we examined a website for potentially defamatory material and communicated to the customer that they had indeed breached the terms and conditions for Fasthosts Internet hosting.”

Would someone please pull the plug on this pathetic institution?

More on Fasthosts at the Register.

Links and quotes added 22/09/2007.

Easy:

No Government shall be permitted to initiate any action or pass any
rule whatsoever in relation to the Internet, except to permit
communication by a Government to the public according to the Internet’s
normal protocols or to clarify how the rules of the land will apply to
Internet communication and commerce affecting those within the
Government’s jurisdiction.

I posted the above, half jokingly and half seriously to the ORG discuss list in response to a post on the Dialogue Forum on Internet Rights’ forthcoming meeting. It is obvious that no Government could agree to such a statement because so many groups out there see the Internet as some unique and special evil and there are votes in promises to do something about it.