Monthly Archives: August 2014
He takes a job in London while his family live elsewhere: what does he expect? Did he not realise the job was in London? OK, lots of people have to do that kind of thing, but in his case there’s a real difference: as a member of the legislature, his job is supposed to be about improving the way things work. He could see the problem, he suffered from it himself: did he never think to DO ANYTHING ABOUT IT? At least, use his position as a platform from which to campaign, even if he can’t persuade the government to do anything.
As reported, he seems to be saying that being an MP is incompatible with his family life. WRONG: being an MP is just incompatible with NOT being a Londoner. If you’re not a native Londoner, you become a adoptive one by taking the effing job.
That’s why those of us out in the sticks are constitutionally excluded from representation in parliament. There can’t be many who are such complete idiots as to stand for parliament without wanting to live in London, or at the very least being indifferent to it. This man with family in Lincolnshire probably represents the place better than anyone qualified to be an MP. Or would have done, if only he hadn’t so totally wasted his opportunity to put our democratic
deficitvoid onto the political agenda.
What a total idiot!
Baroness Warsi resigns over a matter of principle. Good to know there’s still a government minister not entirely without principles. Oh .. erm .. hang on ….
But what took her so long? It’s not as if Gaza is the first foreign problem in which our government has behaved disgracefully on her watch. It’s not even as if this was one of the conflicts for which we bear the most substantial responsibility – at least not in our times. Not like those heavily provoked in the first place by western agents provocateurs (like Syria or Ukraine), or the legacy of actual military action (like Libya). Maybe she protests her principles just a tad too much?
How will history view her? I guess precedents like Robin Cook show that a resignation can do a lot to redeem a reputation, even if it comes long after your hands are covered in blood.
The blackberry season is firmly upon us. Indeed, it’s come exceptionally early: I’ve been getting some good pickings for two weeks in the garden.
In the wild, brambles tend to live alongside nettles. In my garden there are no nettles, but in their accustomed place is is ivy climbing anything that’ll support it, including some of the brambles. It’s got some rather attractive white flowers right now!
As a gardener, the ivy can be a pain: if I try to trim the brambles (or other plants the ivy climbs) back I have two intertwined things to deal with, and they need very different treatment. But for picking the blackberries, I discovered today a bit of ivy can be a huge advantage. Something soft and thorn-free I can grab to pull the thorny bits out of the way and give comfortable access to the berries!
From the Plym Valley trail. I’ve been meaning to photograph this sculpture for a while, so I took the opportunity when I passed it today.
OK, since my emergency I’ve had a little time with my new 4g mobile broadband service. And my regular service with Virgin appears to be working again, though now with the redundancy of two networks I wouldn’t necessarily notice the kind of downtime that plagued me before.
The 4G router is an Alcatel “one-touch”, and is only slightly larger than a mobile phone, and runs cool – all very nice. It also has a cradle-cum-power-supply, with micro-USB port for the power supply. It’s not just the cradle that has a port, the router does too, so I thought this has got to be worth a try: yes, if I connect it to a USB port on the Mac, it recognises “mobile broadband” and is connected. Great, that leaves only the (SIP) phones needing a regular ethernet port and therefore the Virgin router or other equipment I don’t have or can’t use with the 4G service.
How about performance? It feels subjectively like a very decent broadband speed, but slower than Virgin during the working day – presumably peak congestion. I tried a speed test on both connections with some of the online speed check services, using the ultrabook over wifi for all tests. First try was early afternoon when the 4g seemed slower; second was in the wee hours when all ISPs in this and nearby timezones should have ample spare capacity.
|peak time||off-peak||peak time||off-peak|
I tried a third speed check service which I’ve used before at http://www.uswitch.com/broadband/speedtest/, but it didn’t work.
What conclusions can I draw? Not very much. It somewhat supports my subjective impression that the 4g service is the more variable of the two. But interesting that 4G upload speeds appear potentially much higher than cable. I guess cable was developed originally just for telly, where only download matters.
Still evaluating what it feels like to live with.
I have a build script that may, as a matter of convenience, download and build a third-party software package. Before the build script goes into any release, I want to tighten up its security to ensure it verifies the PGP signature on the package.
OK, I can do that in a Makefile using two separate targets: the tarball, and the verified tarball. I thought I could make the latter a link to the former, using something like:
gpg –verify $(TARBALL).asc $(TARBALL) \
&& ln $(TARBALL) $(TARBALL-VERIFIED) \
|| (echo “### Please verify $(TARBALL) ###” && exit 1)
However, this is failing me, because gpg is too trusting:
$ gpg –verify nginx-1.7.3.tar.gz.asc nginx-1.7.3.tar.gz
gpg: Signature made Tue 8 Jul 14:22:56 2014 BST using RSA key ID A1C052F8
gpg: Good signature from “Maxim Dounin <email.suppressed>”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: B0F4 2533 73F8 F6F5 10D4 2178 520A 9993 A1C0 52F8
$ echo $?
(OK, now you know the identity of $(TARBALL))
It has not verified that the signature is trusted, but it still thinks all’s well. Ouch! I can verify the signature manually (if rather weakly) but I’d rather not try to script that. Nor do I want to concern myself with issues that might change with each new nginx release, or with changes of pgp keys.
A bit of googling finds this message, from which it appears this was a known bug but fixed in GnuPG version 22.214.171.124 back in 2006 (and yes, my gpg version is more recent than that)! Was that a non-fix that only tells you if it’s a BAD signature or no PGP data at all? That would be no more useful than an MD5 or SHA checksum!
OK folks, what am I missing? What do you use to script the verification of a package?