When I was first learning Linux and personal system administration a dozen years ago, I was taught the importance of security. However, at the time it seemed something like the importance of knowing a fire drill. We all agreed that the threat was real, but at the same time it had the air of a bogey-man story: nebulous and unlikely. And so for a long time I ran my public servers -- jmac.org and its related interests -- without thinking about any of that stuff too hard. I always use solid passwords just like I always lock my front door behind me, and I left it at that.

I think the world's changed since then. As far as I can tell, it's the case now that all computers visible to the public internet are under constant attack. If your machine has a public IP address, then I can guarantee you that throughout the day, it's getting continually peppered with network traffic from across the globe whose only purpose is probing it for security flaws. Imagine that every time you approach your home or your car, you have to elbow your way through a thin but inevitable crowd of characters tapping at the doors and windows, looking for a crack they can jimmy open and slip through. As far as I can tell, that's how it is now with every computer on the internet. Every single one, at all times.

This traffic is entirely malicious, though it probably doesn't give a shit about you or your data; it just wants to steal your computing resources to further its own ends. It might be the stereotypical maladjusted nerd-boy building a botnet to vanquish his foes in Black Ops by crushing their Xboxes under a network-traffic firehose. My understanding, though, is that it's increasingly likely to be the undertaking of organized criminals, tending to the always-lucrative SEO spam-generation market. Or, geez, at this point I fully expect that several governments and NGOs are playing, too, creating weaponized networks of 0wned personal computers for god knows what, heedless of what country they actually reside in.

I write all this because I've been having some frustrating issues with my own server over the last couple of months. There's a particular, very popular web technology I'd like to use[1], but literally within minutes of my installing the software in question I find my machine enthralled, running scripts by some teenager to knock over a rival's IRC server, or by some 21st-century entrepreneur to smear viagra ads all over someone else's blog. Removing the software would make this stop; re-installing it would re-zombify the server, but in an entirely new way and from a wholly different aggressor. Only today did I start making inroads on why this was happening[2], and I knock on wood that I have actually fixed it for now.

The machine has already been fully compromised once, just last summer; I had to move everything to a new server. It took a long time and I lost stuff in the process, as one always loses things during a move. With the help of friends wiser than I about such things, I set up the new server to be harder to attack than the last one. And still the orcs come, and still I worry that they might have breached the walls yet again.

I don't know what I'll do if they did. I don't want to have to set aside two weekends or more every year to rebuild the machine for the Nth time, just so it can be swamped by agents of the pharmaceutical-selling mafiosos du jour.

Maybe running a personal Linux server just isn't a good idea any more. If so, I literally don't know what I ought to do instead. I expect that there is an answer, and I expect that it would involve giving up a lot of the freedom that I enjoy from running my own Linux server with my own root account. And that would make me awfully sad.

[1] Wordpress, and hence PHP.

[2] The default php.ini file that Debian installs is surprisingly insecure, to the point that it even states at the top of the file that it's too insecure to run in a production environment. Yes, I am deserving of your penguin-waving scorn for installing software without total awareness of every effect it would have on my machine's security, sure. I'm still surprised and disappointed that Debian, of all organizations, would take this stance.

Wait, "Blog"?

Wednesday, 1 December 2010 11:17
• If I have been using LJ more, it's largely because I've finally gotten around to subscribing to various LJ-friends' (and, increasingly, Dreamwidth-friends') RSS feeds, using the proper kung-fu that allows the reading of locked posts therein. It's a small hassle to treat every "friend" as a separate blog, but since I've gotten used to curating a long list of incoming feeds over the last couple of years, it's doable. (I never got any full-friends-page subscription magic to work in a way that made me happy.)

• That said, I'm likely to try again to launch a new personal blog on www.jmac.org, sometime in 2011. I last tried it three years ago and didn't get anywhere, but I have new reasons now to try again, and new directions to take it. The top of my personal-project stack, which has been waiting patiently for me to finally finish Warbler, is the top-to-bottom remodeling of www.jmac.org. I've talked a good talk on this before, but it's been many years since I've done anything other than applying new CSS or rewording the front page a little. It's still too much the website of who I was in 1999. Needs less "I am jmac, and I seek the holy grail" and more "I am jmac, and I sit resplendent in my glory." You know how it is.
Leaving aside the inexact layout and "Hey, you haven't paid for this yet" garbage on the graphics (they're from istockphoto.com and I do intend to drop a little dough on them), this is my current in-mind design for a personal business card. I plan on finalizing it and then getting a pile printed before PAX.

It's the spiritual successor to my card design from 2000. That was perfect for me then, and for several years thereafter: having a bit of fun with the fact that I had no idea I wanted to do with my life. It's not like I now know precisely what I want to do, and it's not like the thing that I do find myself doing doesn't change from year to year anyway. But things have gelled a bit over the last decade, regardless.

For what it's worth, note also that this marks a change of my Twitter ID. As of today, I am now JmacDotOrg over yonder. I chose my last username, "jasonmcintosh", in early 2008, the start of a phase when I figured I'd straighten my tie and show a more professional face to the world; this was just before I incorporated Appleseed.

And here I am today, just two years later, flinging that tie back off, at least for a time. I also just now edited my default GMail signature to remove all mention of Appleseed. (In fact it now contains only the same text as this new card, minus the slogan.)
I am pleased to announce the opening of the jmac.org video store, where you can buy DVDs of the first six episodes of The Gameshelf and Jmac's Arcade, respectively.

If you like the things I make, please consider buying a shiny discful of it! As it says on that page, your purchase helps me improve the state of game journalism and critique — and, by extension, supports quality amateur media from game-obsessed overthinkers everywhere.
I humbly request critique or comment on jmac.org's redesign. What do you think?

Allow me to say that I do feel pretty studly in my ability to transform it from this using only a new stylesheet. There are some small HTML changes between old and new, but they are incidental touch-ups that have nothing to do with the page's format. I didn't even assign any new id or class attributes.

That said, pretty much everything on the site beyond the content area of the front page feels either years out of date, or is overtly preserved personal memorabilia, frozen in time. Personal home pages, man... it's a 1.0 concept in a 2.0 world. Still not sure how best to approach that old stuff.
jmac.org (and gameshelf.jmac.org and appleseed-sc.com) is mostly back up, and should stay that way, because I fully expect Linode to do me right where Tektonic has failed. Please let me know if anything seems amiss; gonna keep the old server running for a little while (at a different name) just in case.
Web services on jmac.org are hosed. I have a plan for fixing it, which I will start immediately and then continue as time permits; I'm in the midst of some time-sensitive Appleseed work that is of greater priority. I will post again with further status updates, as they come along. Things should be permanently better before next weekend.

Part of my plan involves migrating hosts once again, this time moving from tektonic.net to linode.com. Stating here that I am very impressed with Linode's service, which Planbeast now uses, and disappointed with Tektonic's. The latter was OK when I started using it last year, but either it's gone downhill fast or I was just lucky for a while. I have lately found its service unreliable, its online diagnostic tools faulty, and its customer service quite lacking. Bummer.
I've been getting a lot of calls from tech recruiters. One caught me yesterday morning while I was still sipping coffee, and before I'd gotten started with anything important, and so I chatted with him for a few minutes. I learned that he found me by just Googling a few key terms, which led him to my resume on jmac.org. When I told him I wasn't available for work he joke-groaned with disappointment because I looked so perfect for the job. This is all a nice ego boost, but at the same time I don't need the extra interruptions, so I've just updated my resume with a mind to deflect them.

Was of two minds about splitting my most recent consulting period into two entries, with the formation of Appleseed as the split-point, but decided to go with a single entry and making it clear in the summary that I sell my expertise through the company now.

While I was in there I updated the jmac.org about page, which still had a lot of pre-millenial cruft on it. The opening paragraph used to suggest that my entire online presence was on jmac.org, when in fact it's been spread across a wide cloud of domains, just like with everyone else, for years now. I only use the domain for miscellany that doesn't fit anywhere else, now. So it says that now. Also admitted that I'm now using a commercial hosting service, after eight years of the server equivalent of couch-surfing.
After a hard day's work (for serious), watching Lost via abc.com. They upgraded their video player in such a way that the ads are bigger, which is nice, except that it doesn't work on my G5 any more and plays with lotsa sound hiccups on my laptop, enough to drive me kinda bonkers. I'd totally pay $2/pop to iTMS to download and watch pristine Quicktime versions, but since that's no longer an option, it's thepiratebay.org for me!

It's a race; I may end up watching all the current eps online anyway just from impatience, but we'll see.

I wasn't looking forward to season 4, but [livejournal.com profile] ruthling gave it the thumbs-up in her LJ recently and that sold me, since our feelings on the show have historically run about the same. (It's got tons of cool stuff, and tons of really annoying stuff. Arrrgh, so much annoying stuff. But... but the cool stuff!)

Understood that jmac.org/blog isn't as unread as I thought. Very good.

I'm going to resume my hunting for cross-posting solutions later. Someone has to have solved this problem correctly, by now...
I'm kinda giving up on jmac.org/blog. I've already stated why I failed to leave LiveJournal, and there's no good crossposting tools that I can find. Meanwhile, the jmac.org blog has 0 subscribers. So LJ kind of wins.

You know what doesn't win? xJournal. It used to be a pretty good LJ client for Mac, but it's been getting crappier. Since I "upgraded" a month or three ago (probably because the old one didn't work on Leopard) my tags have only shown up about half the time, and I have no idea why. In case you were wondering about that, too.

(In fact, the reason I haven't found any good crossposting tools yet is because they do exist but none of them support LJ tags properly. I don't know if this is because LJ's tags are nonstandard and hard to cope with, or if the toolmakers are just lazy.)

Anyway, meh. I think the jmac blog might morph into my company's blog, once my company has a website.
Announcing The Gameshelf Blog, a new community of intelligent-if-eclectic game news and discussion. I hope that it will fill out the long and dreary spaces between new Gameshelf episodes with interesting game-related tidbits that share the show's spirit.

I've invited everyone whose name has appeared in an episode's credit roll to join the site as a contributor. I went by memory so it's entirely possible I overlooked you (or your mail client ate the invitation as spam); if that's the case, and you want to help, please contact me!

Yes, it's the same URL that the show has held for years. I quietly replaced the static site with blog software a few months ago, and more recently redesigned it so that a link to the most recent episode will always appear at the top. The blog and the episode videos have separate RSS feeds, too. (Rather, one's a subset of the other.)
So after a month it's become clear to me that one can't just leave LiveJournal to start one's own blog and expect everything to be the same. Movable Type is excellent fun to run and tinker with (at least if you're a software tinkerer), but no combination of plugins can replicate LJ's community features. I particularly miss comments, which for a number of reasons lack the spontaneous and conversational nature of the comments here.

I find that I don't want to return to LJ as my blogging home, though. On reflection, I've decided that the "Flag this post / Flag this journal" controls offend me beyond reconciliation. They are idiot "How's my driving? Call 1-800-555-1234" bumper stickers, implying that I write at the convenience of a higher authority, who depends on you! loyal reader! to come running to them with reports of my transgressions. And if the LiveJournal AUP has in fact made this true since 2001, and it's just been easy to ignore until now, then all the more reason to take my business elsewhere.

So, I am going to start regularly cross-posting to this LiveJournal, by way of a cross-posty Movable Type plugin that someone else wrote. It's not perfect - in fact it is half-broken, and I aim to fix it as a small side project - but it will do for the nonce. This will probably make [livejournal.com profile] jmac_org redundant, and I apologize for the implied suggestion that you muck further with your friends list for my sake. But I invite you to wait and see how it actually ends up working out.

I'm also going to start using the Gameshelf website as a blog (since it is one, after all) posting my own game news and reviews and stuff there. I would also like to extend an invitation to people in the Gameshelf community to join the blog as a games writer. Basically, if your name has appeared in the show's credit roll for any reason, consider yourself invited. Please comment here or contact me elsewhere if you're interested.

The prerequisite is another side-project: I've got to redesign the site template to have a big fat link to the show's most recent episode up at the top of the page somewhere, safe from off-scrolling due to new posts. And I'll slap a less-obvious-but-still-obvoius link to the show archives somewhere, too. I have some big new ideas for the 'Shelf this year, and I love the idea of meeting them with the potential of a blog-based online community, oo la la, instead of the crusty static website that's was there for years.
I have decided to stop using LiveJournal as my primary blog experiment with using a blog other an LJ as my primary online journal. While I will retain my LJ account, and shall continue to use it for reading my friends' journals and making my own locked posts, I do not plan on regularly making public posts here beyond this point.

Please visit http://jmac.org/blog/ for all your jmac-bloggy needs. LJ users may add [livejournal.com profile] jmac_org as a friend, and it'll be like old times.

My reasons are various and largely predictable, if you've been following along. They come down to a desire to exert more control over the presentation of my writing. I've had a vague hankering to do this for years, actually, but several coincidental factors have convinced me that now's the right time to shove off.

Naturally, I reserve the right to take it all back later. But, let's see what happens.

Edit: Allow me to reclassify this an an experiment. Let me putter through the rest of December in this mode, and make a final decision with the new year.
I have figured out why a lot of expected email's been completely unfindable, not even in my spam folder. It's because it's been falling into jmac.org's spam folder, which is different from my mail gmail account's spamtrap, now that I've started to let Gmail handle all jmac.org's mail directly. Only the survivors of the jmac.org spam filter were moving along to my gmail inbox. Failures were just invisible. Arrgh.

So now I look like an ass to at least one client, and maybe to a few friends as well. If you were expecting a reply from me about something and it's been missing, please let me know. I'm attempting to configure things better now.
I've been posting the YouTubey Gameshelf excerpts to BGG and getting lots of hits as a result. Yay. I have also discovered that comments are broken on the new site. Boo. Firebug will help me root it out.

Here's an oldie from 2005. The quippy gameplay between [livejournal.com profile] mrmorse and [livejournal.com profile] taskboy3000 makes still makes it worth watching, even though the clip's production values are so rough by modern Gameshelf standards. Unscripted er um uh monologues, over-casual wardrobe, and inappropriate furniture leading to lots of frame-centering on knees and crotches.


Tuesday, 2 October 2007 00:01
Today was wacky. A kerfuffle resulted from volity.com's highly intolerant mailserver refusing an important mail from a client several days ago, due to the fact that the mail was sent from a hotel with a reputation for spam. The client didn't see the bounce message that the server instantly shot back at them, so they didn't know that I never read the mail. Come Monday morning, frolics abounded. By Monday evening, everything's settled, insert folk juju-dispersal here.

Then had a good Volity meeting. There's only a few steps left before the alpha, which is now slightly late if you want to be a bastard and hold me literally to the dates I called months ago, but it's gonna be close-enough-dammit. Cross your fingers.

During the bits of downtime today, I worked on updating my professional presence. Following a conversation I had with [livejournal.com profile] taskboy3000 last week, I'm switching my self-assigned title to "Software Consultant", and have been busily retouching all my resumes and linkedins and such appropriately. I also redid my contracting consulting page, expanding the portfolio section and dropping a lot of the technobabble and buzzwords, reckoning that the resume's a better place for that stuff.

Need to redesign jmac.org. I am tired of the "Big Gray 7" layout that's, what, four years old now? On pages like this, that top bar is just oppressive.

Some days

Sunday, 23 September 2007 22:49
Thursday was a sick day. Clobbered and miserable. At the end of the day I greeted the returned [livejournal.com profile] classicaljunkie and she gave me Tylenol cold & flu pills, which (after an hour of sleep) snapped me back into sensibility like a light switch. I swear by this product now.

Friday did some contract work for the first time in a while. (This coming week I'm gonna be doing a lot of it, actually.) After that, delivered an HTML snapshot of the web client's table UI (not super-easy to do since it's a slippery DHTML app) to[livejournal.com profile] radiotelescope. He insisted that this demo needs to make a much better first impression than I was preparing, and then volunteered to help make it happen himself. I have no problem with this sort of criticism!

Saturday started to set up the machine that will host jmac.org. After moving over! It's mostly Gameshelf episodes, and I discover that a few seem to exist in duplicate. Well, i can do something about that, at least. Then attended an art salon featureing [livejournal.com profile] cthulhia's paintings, marymary's poetry and C's recorder-playin. It was delightful.

Sunday, more machine setup, and reaching out to prodigal jmac.org users via email to tell em what's up and ask if they'd like to stay. Discovery, via [livejournal.com profile] daerr, of Google's domain-level management apps. I am likely to point jmac.org's MX records at it to let Google handle all my domain's incoming mail. Yeah, I know.

Afternoon meeting with [livejournal.com profile] taskboy3000 about the Gameshelf shoot we're having on Tuesday, including a script read-through. Also, we played MULE again. Trader Joe's dinner with [livejournal.com profile] classicaljunkie, and then we hung out at [livejournal.com profile] dictator555 and Nate's place for a while, drinking their tea while I wrote some new game news segments. It will be a good show.

Out of necessity, I am once again relocating jmac.org to a new host. I've accumulated many user accounts for friends and FOAFs over the years, and would like to get an accounting of which I should take with me and which I should jettison.

If you have an account on my machine and still use it, please let me know in the next week or so, and I'll set you up on the new host. If you'd just like a zipfile of your homedir made available to you, I'll do that instead, and won't set up your account. All accounts I don't hear about will get zipped up and placed in cold storage.

The Mgt

The host, BTW, is with tektonic.net, which so far has lived up to its reputation with my friends as boasting an incompetent sales process but fine support once you've gotten past it. It's the first time I've actually paid for this domain, instead of having it couch-surf on friends' machines or ISPs. Something like $20/month for a Linux VPS.
That last post reminded me:

For some time I've wanted to make a page on jmac.org about my freelance programming business, more than the front-page blurb and link to my resume that's there now. One element I'm missing from this is a nice photograph of myself, with a big fat alpha channel as a backdrop, letting me work it into any layout.

I am actually looking to lay down a little dough on getting a nice couple of smart-lookin studio-made portraits that I could bend to this sort of use. I have also run into multiple instances in the recent past where entities - conference applications, "professional" blogs, et cetry - have requested high-quality photos, and I've had nothing to offer (I attached a manky iSight photo to the ETech app).

Any of y'all have any recommendations of where I could make this happen locally? (This includes you yourself, possibly; I really have no idea.)

(Also held back from making the page by a basic hesitation to promote myself as a freelance programmer when my "real" job is being the president of Volity Games. But hell, if putting a lot of work into it would have a just-my-luck effect of causing Volity to suddenly get a million bucks, forcing me to abandon my freelance job? I wouldn't cry much.)

Hivemind: hosting

Wednesday, 16 May 2007 14:09
Jmac.org web & email has gotta move again, and soon. [livejournal.com profile] daerr has been my latest kind host, but his machine is falling apart and he's planning on bailing soon. I figure that, after more than eight years of hoboing this domain around, it's finally time to move it off of FriendlyNet and into the realm of paid-for hosting.

Any recommendations for hosting solutions? I am assuming that, since I want me own MySQL tables and Mason-based websites, I am too much of a control freak for Dreamhost, but feel free to tell me otherwise. (I don't need mod_perl, so long as Mason works.)

I am leaning towards getting a virtual user-mode Linux thing somewhere. They're more expensive, but you can go crazy on them. OTOH you have to do your own sysadminning, and enh.

I politely decline in advance offers to host on your own server or your friend's server or whatnot, thank you anyway. (Unless your friend runs a legit hosting business.) This will support, among other things, my professional identity. I need to be able to yell at someone when it falls over, without feeling like I'm stretching a personal favor thin.

May 2015

1819202122 2324

Expand Cut Tags

No cut tags