WhiBal - easy white balance correction

I've taken to carrying around a RawWorkflow WhiBal card when I've been out and about practicing my photography, and had a few people ask me what it's for and how it helps.

WhiBal_PK_Main-9632_480x320.shkl.jpg


One of the nice things about how we see is that our brains are adept at adjusting our perception of what we see according to the lighting conditions. If we know that something is white we perceive it to be white, and can generally ignore the actual lighting conditions. For example, if you put on a pair of tinted sunglasses for a few minutes everything appears to take on the tint of the glasses. And then your brain adjusts, and everything appears to be the normal colour again.

Cameras don't do this.

Smylers’ “Beginners guide to talking at conferences”

I ran in to Smylers' Talking at Conferences: A Beginners' Guide the other day. It's a very useful distillation of things you should consider if you're thinking of giving a talk at a technical conference, such as YAPC Europe 2007, where the talk was delivered.

One recommendation in particular struck me, in re ordering the material in a presentation effectively.

But there is one metric which can be applied to a talk safe in the knowledge that following it would have taken exactly the same preparation time: would the talk have been better had exactly the same content been presented but in the reverse order.


I'll be keeping that in mind next time I have to present something.

TripIt

If you're a frequent (or even semi-frequent) traveller then you may be interested in a website that I've been using for the past few months.

TripIt exists to make it easy to manage one or more travel itineraries, and to share those itineraries with other people (who can be passive viewers, or active collaborators).

Signing up is easy, requiring the minimum of personal information. Once you've registered and activated your account you can start adding to your trip itineraries. It is possible to do this the tedious, manual way, by typing in the details of you trip -- flights, car hire, accommodation bookings, and so on.

TripIt, viewing an itinerary



However, TripIt has an ace up its sleeve.

Spam false positives from British Airways

I note that British Airways e-receipt e-mails are probably going astray for a lot of people.

I've had to book a few flights with BA recently. Up until a couple of weeks ago their acknowledgment e-mails came through fine. And then I stopped receiving them. Taking the time to delve in to the mail logs yesterday I noticed this:

Aug 20 07:47:45 jc sm-mta[15347]: l7KElEmk015347: ruleset=check_mail,
arg1=website +LHS=RHS@bounce.baplc.com,
relay=ceba-mgw04.baplc.com [163.166.43.64],
reject=553 5.1.8 website +LHS=RHS@bounce.baplc.com...
Domain of sender address website+LHS=RHS@bounce.baplc.com does not exist


(I've redacted the left and right hand side of the actual e-mail address it was being sent to)

If that's just so much gibberish to you, it says that BA are sending e-mails with a return path of ...@bounce.baplc.com. Working through the logs shows that they've been doing this for some time.

But at some point in the last few weeks, someone at BA has removed the bounce.baplc.com entry from their DNS. So my, and countless other systems around the world, will begin rejecting messages.

This rejection is quite correct. Since bounce.baplc.com doesn't exist, my system (and any other system with the same configuration) will have nowhere to send any bounces that might occur. And sending messages from domains that do not exist is also an exceedingly common spammer tactic.

I've used the "Report problems with our site" feature to report this to BA, but I don't have high hopes of anyone listening.

Holy crap, I’m moving to Switzerland!

It's been a bit quiet around here for the last couple of months. A quick brain dump.

In February I left my job helping to run the mail systems at Citigroup, having sorted myself out with a contracting role doing software development in Perl (with some Autosys and Murex mangling on the side) for the nice people at Brevan Howard. Quite definitely some of the nicest people I've had the pleasure of working with in the financial industry. If you're a London-based Perl developer looking for work and the opportunity for a contract with them comes up, jump at it.

Along the way I finally got around to sorting myself out with a Flickr account, and you can see my photos at http://www.flickr.com/photos/nikclayton/. Not something I've written much about, but that may change in the future.

Anyway, that proved to be temporary. No, they didn't fire me. Instead, in two days time I jump on a plane bound for Zurich, to start working as a site reliability engineer for Google Switzerland.

I was over there a couple of weeks ago as part of a preview-cum-orientation trip, which coincided with the once-every-three-years Züri Fäscht (Zurich Festival), so I took the opportunity to snap a few shots of fireworks.

Züri Fäscht

Züri Fäscht

Züri Fäscht

Anyway, I hope to write more next week about the process, useful sites for people undergoing a similar move, and so on. That, and getting back to contributing to projects like Subversion -- my free time has been practically non-existent for the past 4 months or so, and that's something that I've let slip.

Issues with SPF and Korean ISPs

If you publish SPF records, send mail to Korean ISPs, and use SPF mechnisms other than ip4:, you may face a problem.

M-x ecb-activate

I'm a long time (x)emacs user. I use vi for small day-to-day stuff (vi TODO, anyone?), but as far as possible I do any development work with emacs, and have done for the past 12 years.

So, a few days ago I was pleased to discover a new mode that I'd not previously known about.

Sendmail 8.14.0: HeloName

Sendmail 8.14.0 was recently released, and it includes a small handful of patches that I sent in. The documentation explains what these options do, but doesn't explain why you might want to use them. So I thought I'd do that in a series of entries here.

First, the new HeloName option.

Getting started with Kubuntu

The Ultra 40 that I won arrived on Wednesday, but I've been too busy since then to do much with it until now.

I have spent a little bit of time carrying out some research. My initial plan was to triple boot this server. First as a FreeBSD machine -- it's my preferred Unix flavour, my other Unix boxes run FreeBSD, and it gives me the opportunity to carry out FreeBSD testing on a 64 bit platform.

Then with Solaris 10. I want to carry on the work that I've already started with DTrace, and get some more experience with other Solaris technologies.

Finally, as a Windows XP box. Two reasons for this. First, Photoshop. I take quite a lot of pictures, and, not currently having a Dual Core Mac to hand, Photoshop on XP is my preferred image editing system. I also have something of a workflow built around it. The other reason is games. I don't get much opportunity, but when it arises I can quite happily while away the time playing Half Life 2.

That's not quite what happened.

Subversion UK User Group / Google open source jam writeup

Last Thursday (the 18th) I attended two open source events in London. The first was the third Subversion UK User Group meeting, and the second was Google's second Open Source Jam.

Subversion commit access

I'm very pleased to say that I've just been granted with a partial commit bit for the Subversion source code. The developers have had enough of me popping up on the mailing list talking about issues with the Perl bindings and posting patches, and have given me the necessary access rights to fix and improve things myself.

As is traditional, my first commit was to the list of Subversion committers. This ensures that the ACLs are set up correctly and so on.

I'll be working on the perl-bindings-improvements branch, making sure that they're up to date with respect to the rest of Subversion, and that they behave as "Perlishly" as possible for anyone else who needs to interoperate with Subversion repositories using Perl.

Planet Subversion updates

I've given Planet Subversion a facelift, and decided to splash the cash on a domain for it too -- planet-subversion.com. I've also recently added (but neglected to mention here) a feed from Mark Phippard, who has been writing some very interesting articles about the Subclipse project.

Perl parameter validation and error handling

I write and maintain quite a lot of Perl software. Much of it is open source and available on CPAN. Most of it consists of libraries designed to be used by other applications, rather than applications in their own right.

One of Perl's strengths is that "There's more than one way to do it" (TMTOWTDI, often pronounced tim-toady). This makes for a language that is flexible, and allows you to write a solution to a problem that matches the problem, rather than trying to shoehorn the problem in to the language in order to solve it.

This is also one of Perl's weaknesses. There can be many ways to solve a particular problem -- some of them are not optimal.

Open Source support and OpenLogic

One of the common pieces of FUD used to argue against the use of open source software is "There's no vendor support. If it breaks, who do we turn to?".

There are a number of answers to this particular concern.

SVN::Web 0.50 released

After a slightly longer development process than I would have liked (I had several hard disks choose inopportune moments to go south -- no data loss thanks to backups, but I took the opportunity to shuffle some hardware around), SVN::Web 0.50 has been released, and should now be available on CPAN.

There are quite a few significant changes in this version...

Subversion UK User Group / Google Open Source Jam, 18th January 2007

If you're in London on Thursday 18th January and you've got an interest in Subversion then you might want to come along to the next Subversion UK User Group meeting. It's at 3pm, there are directions and sign up instructions at that link.

I'll be there, giving a tour of the Subversion related applications and tools that are available in the Perl space.

And after that it's the first London Google Open Source Jam of 2007 -- an opportunity to catch up with other open source developers, and find out more about interesting projects that people are working on.

Alerting users that their PCs are compromised

A great deal of spam is sent by "botnets". These are (typically) Windows PCs that have been compromised in some manner, and are now illicitly controlled by a third party. This third party uses the network of thousands of PCs that they have compromised to:


  1. Send spam

  2. Host phishing sites

  3. Carry out denial of service attacks



There are many DNS based Black Lists (DNSBLs) operated by numerous groups that aim to list the IP addresses of systems that have been compromised in this way. This allows mail server operators to configure their systems to query these DNSBLs and reject messages that are being sent from a compromised system.

The problem with this approach is that it's not visible to the owner of the compromised system. They might notice that it's behaving a little slower, or that their network connection doesn't seem as fast as it was, but they're not going to know why, because there's no easy mechanism to alert them.

In a perfect world, Internet Service Providers would monitor these DNSBLs, notice when IP addresses of their customers appear on them, and terminate (or provide limited) service to that customer, along with appropriate assistance to help them clean their system.

In practice this rarely happens.

It occured to me that one way to make the fact that their PC has been compromised more visible to end users would be by enlisting the help of companies that host or provide online game environments.

For example, consider Second Life, Eve, or World of Warcraft. All huge, multi-player games/environments, to which millions of people connect every day.

If the companies that host these environments were to check the IP addresses of connecting systems against these DNSBLs, they could provide a warning to the player that it's highly likely that their PC has been compromised, and that they should make sure their anti-virus is up to date, and so on.

Further, suppose you've got a PC and an XBox or Nintendo Wii at home1. Both of those game systems support online play. And through a networking quirk that I don't need to go in to here (NAT), it's highly likely that the PC and the games console(s) are going to appear online with the same IP address.

So if the PC appears on a DNSBL the Wii or XBox is going to appear on that DNSBL too. This provides an opportunity for Microsoft and Nintendo to check the IP address, and again, place a warning in the "dashboard" (XBox dashboard, Nintendo Wi-Fi Connection) that their systems display to the user as they go online.

This could significantly raise the awareness of owners/operators of compromised PCs.

1 Guess what I got for Christmas :-)