System Overlord

A blog about security engineering, research, and general hacking.

Learn Regular Expressions. Seriously.

I can't tell you the number of IT Professionals (whether developers, sys admins, etc.) who have told me that it's not worth their time to learn regular expressions. I thought that way at one point, but now I'm astounded at that thought. Regular Expressions are one of the most powerful tools available for working with data.

I'm currently working on a tool that reads /proc/net/tcp.  Trying to parse that without regular expressions would be dozens of lines of code.  With regular expressions (in Python) I have a one-liner to parse each line of the file.  And that's for a file that's intended to be machine-readable.  (Though, admittedly, /proc/net/tcp is a lot less machine-readable than, say, /etc/passwd.)

The authors of the RE engines have done the hard work and figured out how to optimize the parsing of the lines and matching the RE.  For stupidly simple cases, an RE may be slower, but once you get to complex parsing, it's much easier.

The only thing I haven't figured out is how to parse values that don't conform to a particular order (ala GNU getopts).


Wordpress and APC 3.1.3p1

In order to improve performance on my blog (it is on a light-weight Linode after all), I use APC as both an opcode cache and an object cache.  On Ubuntu Server 10.04, you get APC 3.1.3p1 if you install the php-apc package.  Unfortunately, this version of APC has an issue with the same script execution inserting 2 values for the same key, which is apparently something several of Wordpress's configuration pages does.  If you run into this issue, you'll see lots of messages like:

[Thu Jan 13 18:25:26 2011] [apc-warning] Potential cache slam averted for key 'wp:abcc00cacabcc9adefb123ffde234abc:1:options:alloptions' in /srv/wordpress/wp-content/object-cache.php on line 235.

You may also notice that changes to configuration options don't seem to get saved, despite Wordpress saying they're saved.  (I didn't check if the database was correctly updated, but I suspect it was, and only the data currently being used from the cache is incorrect.)

Some people will tell you to use apc.slam_defense=0; or apc.slam_defense=Off;, but it turns out that APC 3.1.3p1 is lacking that option.  In later versions of APC, they have modified the code to cleanly handle the same key being inserted more than once within the execution of a single script.  So, perhaps the solution can be found in a newer version of APC.

PECL has APC 3.1.6, so let's try installing that:

sudo apt-get remove php-apc
sudo apt-get install php5-dev php-pear libpcre3-dev
sudo pecl install apc

Make sure you still have your /etc/php5/conf.d/apc.ini set up properly (it should still be), and you should be good to go after a quick sudo service apache2 restart. You should now not see the "cache slam" messages appearing in your Apache error logs.


Net Neutrality: Why It Matters

The discussion about Net Neutrality continues to heat up.  Over at LifeHacker, they asked "What Would You Miss Most if the Net Wasn't Neutral Anymore?"  One user responded with a comment that compared Cable TV to the Internet.  Either I failed to understand his sarcasm, or he's totally missing the point.

Until recently, your cable company was just a transporter of someone else's data -- the TV networks.  You paid extra for extra channels, which is fine with me, as your cable company is then paying the TV producers for the content.  If paying my ISP meant all sites were then free to access, that might even be fine.  But it won't be, I'll still be paying Netflix and my ISP.

I don't mind the idea of paying reasonable fees for my bandwidth.  I don't mind the idea of prioritizing traffic so that VoIP is seamless, streaming video doesn't stutter, etc.  Why I do mind (and will NOT tolerate as a customer) is the idea of my ISP prioritizing their VoIP product over that of a competitor, or the idea of an ISP blocking certain services unless you pay extra.  Bandwidth is what I pay for, it shouldn't matter where it's going.

Ultimately, if my ISP adopts blocking or anti-competitive practices, I will be cancelling my services and I will be filing complaints with the FTC, BBB, and other organizations.  The internet has become what it is because of the innovation promoted by a free and open internet, and filtering by ISPs will be disastrous.  Perhaps it's time for an ISP revolution.

[Edit: Steve Wozniak (inventor of the PC) also has some strong views on Net Neutrality.]


Apology to the LoCo

To the Ubuntu Georgia Local Community:

Around September of last year, I began to take over from Nick Ali and others in coordinating the activities of the Georgia LoCo.  Unfortunately, I haven't done very well at that.  I have not set up any events or otherwise taken steps to help the LoCo grow.  However, it's a new year and it's time for a new tack.  It's time for the LoCo to get out there and get active.  I have a large stash of 10.10 CDs for us to distribute and I'd like to try to get events scheduled at least every 2-3 months.  I'd also like to start new partnerships with other like-minded organizations.  Hopefully, I'll be able to turn a new leaf and jump-start activity in the organization. I'd like to invite anyone with thoughts on the future of the LoCo to contribute their ideas, and I'll do what I can to get them rolling.

I'd like to start thinking about a 11.04/Natty release party.  Thoughts, ideas, desires, suggestions?


Merry Christmas, and Thank You!

A big Merry Christmas to all my readers, and a big Christmas thank you to my favorite groups & organizations:

Also, of course, Merry Christmas to my friends and coworkers at Kennesaw State University, to my family, and especially to the love of my life (and wife), Ann.