fwaggle.org

I hate shopping for SSL certificates almost as much as I hate shopping for auto insurance – in fact I think I’d rather enter all the grisly details of my driving career (which really aren’t all that much, really) than try to figure out the hidden costs associated with SSL certs.

Our first certificate was signed by GoDaddy. I used to be the biggest GoDaddy fanboy ever back when they were the cheapest around – but realistically the total cost of ownership on anything sold by GoDaddy is so insanely high really. Sure that first year where your domain is $1.99 or whatever is great, but then you forget about it and they auto-renew it the month before it’s going to expire for $16. That cert that’s $12 with a free year of .com/.net/.org registration suddenly becomes $30.

I’m so sick of their predatory billing and doing the coupon dance every year that I moved all of our domains over to Moniker instead. But now it came time to renew the cert for Sabrienix’s portal… I found namecheap, who resell RapidSSL for a ridiculous $10.95 a month and as near as I can tell there’s no scams or anything.

I was going to just pay for the verification for StartSSL, but unfortunately our car probably needs a tire, and the portal certificate expires tomorrow (which would break Google Checkout) so I wouldn’t be able to get the verification done in time. Boo.

Maybe next year.

I thought I’d address this issue on my blog – and encourage folks to comment on it – because our company website isn’t really the place to do it. A lot of people ask me “what’s so great about Mumble? Why should I use it instead of a competing product?”

Here are the few reasons I could come up with off-hand:

• The Overlay. This is a huge feature in my opinion, and it’s all set to get better. Basically you can have either an opaque or transparent overlay over most any game (as long as hackshield/gameguard/punkbuster doesn’t mess with Mumble’s ability to inject the overlay code) so you can still see what’s going on in a full-screen game.It’s set to get better too… open up a Steam game, and press shift+tab. Rumor has it, that’s the direction Mumble’s overlay is headed in.
• The Translations. This is pretty much a non-issue for people like me who only really speak English, but for non-english speakers, it’s a godsend. Instead of half-arsed automated translations that say shit like “Oh, Dios mío, el Minka Aire!” when they really mean “Enable Push-to-Talk”, Mumble has a dedicated group of volunteer translators, most of whom are very skilled in their own language and instead of taking the source text and translating it out-of-context, will translate it based off their own usage of Mumble and knowing what the function does.
• The Quality. Not only does Mumble sound awesome (full disclosure: TS3 rivals it at times because they share the CELT codec), but it’s well written code as well. The bulk of the software is written using publicly available libraries like QT4 and Google Proto Buffers which means that much of the code has already been audited and vetted by thousands of other developers and any bugs show up quite quickly.

  We have a disclaimer on our Mumble servers webpage about how Murmur is constantly under development and “Bad Things” can happen because we were expecting Murmur to crash every so often. We  typically track the git HEAD at each release and we build on a not-terribly-well-supported OS (FreeBSD) so naturally we were expecting to have a few bombs here and there.

  So far though, we’ve had exactly one (knock on wood) Murmur crash, and the cron script brought it straight back up. Our UK server was unsatisfactory, but that was the host’s fault not Murmurs.

• It’s Growing and Evolving. Mumble hasn’t really stagnated at all in it’s history – it’s constantly evolving and there’s always something new to look forward to. It doesn’t sit with the same release for two years because there’s been no security bugs.

Overall, if you’re a voice-chat user and you haven’t given it a shot (or worse, you used it in the 1.1 days and wrote it off), I genuinely urge you to give it a shot.

We’ve been using Pingdom for about a year and a half now, but with a baby on the way and the economy falling to pieces around us… I can’t really justify $10 a month to monitor 5 services, when I could be checking all of the services on our four servers for less than that. It’s time to downsize a little and be a bit smarter with our money, putting it into things that benefit the customers instead of websites with nice interfaces that make me feel all warm and fuzzy.

So we setup Nagios on a small VPS and we now have it monitoring all our servers, including the public instance on each of our Murmurs. We were monitoring Murmur using check_tcp, which is basically the same check Pingdom uses… unfortunately it’s really bloody noisy in the logs!

So I went on IRC and bugged pcgod for his Python Mumble-Pinger script, which implements the UDP ping-sweep used by the Mumble client’s connect dialog, and returns your ping to the server, how many users are on it, etc.

It was a hop, skip and a jump to modify it to output something useful to Nagios – I removed the timestamp and added “OK ” in front of the output – I believe this is optional because Nagios mainly goes off the return code of the script. Speaking of which, I modified the exception for the socket timeout (to indicate the server’s down) to print something like “CRITICAL – UDP Socket Timeout”, and to exit with return code 2.

A quick command definition in Nagios, and it’s working. It’s not great – there’s no support for warnings for elevated pings or anything like that… but it’s working. I’ll probably go through and write a better one and post it eventually, but right now I’m busy going through moderating all the junk from my comments… Viagra? Slimquick review? GTFO.

I still have a ton of stuff I need to get sorted out before I can go get a work-outside-the-house job, which is frustrating because a friend of mine works for a company who was hiring someone for a position I’d be really well suited to. Another friend in Canada has been trying to get me to work for an IT security company he’s a partner in for the better part of a decade now.

A part of me’s still convinced that our company is the path forward – in a shady job market the most secure job is one you create for yourself, and that’s where I see our long term plans pointing. Our company’s growing steadily, and I certainly don’t resent the hours I’m putting in any more.

Either way, whether I go work in the IT field for someone else while our company grows or whether I continue to pour my soul into it and branch out, certification would go a long way. I’ve been managing UNIX-like operating systems for in excess of half my lifetime – almost a decade and a half to be precise. I have a pretty decent background in security (though it could be better, if I’d apply myself to any one thing) and I’m a competent hacker when it comes to programming, though I’m by no means a developer (again, could be better if I could apply myself to any one language for a length of time).

But to all but the most enlightened employer, all of this means nothing – most of them look purely at certification and my resume would probably not knock most folks’ socks off. Thankfully our company gets precious little clients who actually ask what our qualifications are, most of them are usually pleasantly surprised when the proverbial hits the fan to know that I do know my stuff… but any who were to ask beforehand would again, be less than impressed.

I’ve been looking at this Western Governors University, which is one of the first schools offering online degrees that are actually worth more than the fancy paper they’re printed on. Their online IT degree… Well, I was particularly looking at the security program, which incorporates Cisco’s CCNA and the CCNA-Security certification, as well as A+ and Security+ – which, while I’ve never been terribly keen on them as a measure of someone’s worth, would substantially pad my resume.

The course has a Microsoft component too – I’m not entirely sure how much of it is Microsoft-centric, but I’m pretty confident I could get the hang of that rather quickly. According to Wikipedia, WGU is a “competency-based” education, so you’re free to take the exams whenever you think you’re ready, so chances are I could speed through a few sections of the courseware. About 10 years ago I was reasonably confident I could pass the MCSE exams, I just couldn’t afford them. I’ve poured over the CCNA/CCNP courseware periodically for the last ten years too.

It’s ridiculously cheap though – at the time of writing it looks like a hair under three grand for a semester’s tuition, and because it’s not one of those goofy online “colleges” there’s federal financial aid available (though again, I have no idea whether I’d qualify).

Does anyone who happens to be reading this have any familiarity with how quickly someone like myself could pass such a course? WGU charges tuition based on semesters, so obviously the faster I complete everything the better off I’ll be. Most of my familiarity is with the FreeBSD operating system, so I’m not kidding myself that I’ll have quite a bit to learn.

It’d be awesome to have some pieces of paper to prove what I know.

For those of you who are running your own Murmur (please note this script is not compatible with Sabrienix/MumbleDog Murmurs!) here’s a free PHP snippet for moving idle Mumble users to a different channel.

Note that it’s released under the BSD license, and no warranty of any sort is provided. It’s got zero error-checking, it’s just an example to push people in the right direction.

I’ve been toying with the idea of getting an Android based phone when my contract with Verizon runs out and they try and entice me into signing a new one – however, my current phone is WinMo based, and I don’t really know how we can live without Quicken on it.

Seriously, I’ve found keeping track of accounts to be a nightmare without something like Quicken. I can’t seem to stop myself from using things like pay-at-the-pump for gas, which can be a real pain in the arse to keep track of. You get the crappy little charge of $1, which is usually removed immediately from your balance, then at some point between now and two weeks from now, the actual charge is added and the $1 authorization is removed.

That means when you look at the balance on, say, Paypal… you have to remember how many times you put gas in and about how much it was. With Quicken on my phone, I don’t have to – I just put the exact amount in on my phone before driving off, and then when I sync my phone up when I get home it reconciles everything for me.

Unfortunately, there doesn’t seem to be any decent apps for Quicken on the Android platform. There’s a $3 add-on for “loot”, which will let you download .QIF format files… but that sucks. QIF is an ancient form of transaction download used from when internet banking was very, very young. I’m led to believe it was originally only intended for doing the initial download – as far as I know it’s nothing but a glorified and proprietary CSV format.

Before Paypal had proper Quicken-syncing (well, proper being used very liberally here – Paypal’s support of Quicken is still pretty damn terrible), we used to download the statements in QIF format and import them into Quicken, and it was almost always traumatic. There’s almost no handling of duplicate transactions, so if you’re not careful you end up with an account you can’t balance… so you’re going through checking off each transaction on two lists until you find one that doesn’t match. I don’t wanna spend $200 on a phone to do that all over again!

Enter Mint, which apparently works reasonably well from mobile devices. It’d also have the added bonus of my wife could check things from her computer, instead of going to mine or picking up my phone to check the balances. I was able to add access to almost all of our accounts (it’s not adding one, despite the fact I’m sure it’s the right bank and the credentials are correct) within a few minutes, and before long I was off playing with all manner of financial advisories.

I’m not sure I like it… I mean it’s one of those things where you like it, but you feel like you should hate it. It’s border line creepy having something go through your finances, automatically putting together a rough budget based on your history of spending – you almost feel like you’re being judged. Sure it pops up with savings and budgeting tips and I understand that the whole thing’s funded by them throwing bank and credit card offers at you to save you money, but it’s hard to let go of this silly notion of privacy.

You need to keep in mind that we readily surrender privacy all the time for the sake of convenience, and Mint is just a natural extension of that. It’s still unnerving though, I half expect the thing to come up with an alert “Szechuan Garden again? It’d be cheaper just to adopt a chinese teenager you know”.

On the whole though, it pretty much does what it says it will. The whole interface is an asynchronous DHTML wonderland, and unlike Quicken it’s pretty much maintenance free. There is, however a dealbreaker for me… you don’t appear to be able to enter a transaction manually – so you’re still left with the pay-at-the-pump problem above, except you’re looking at a different site instead.

One of our server providers, the one that hosts our california location for our Mumble servers (and this blog too, for what that’s worth) is pulling our old IPs (which were a sub allocation from one of their carriers, Cogent) and replacing them with their own direct allocation.

Because most of our Mumble hosting clients access their servers via IP address, rather than a DNS hostname, it’s creating quite a bit of a nightmare. At the moment I’m wrestling with trying to get the glue records changed for ns1.sabrienix.net via Moniker. GoDaddy was easy to change, because their support people already walked me through it once.

Moniker is like pulling teeth, I can’t seem to find the option anywhere, and I tried changing the domain’s nameservers and changing them back… but nothing. It’s like eating a month’s worth of cheerios trying to lowering bad cholesterol only to have the doctor tell you nothing’s improved. Admittedly their support folks haven’t gotten back to me yet, but hopefully we get it figured out sooner rather than later.

Changing the websites over should be a pretty transparent process, I’ll just have Apache listen on both IPs at the same time for each hostname… change the A records over and it shouldn’t affect anyone, then once the TTL expires no one should be using the old IPs.

That’ll just leave the Mumble servers, which I’m trying so hard not to mess up anyone’s day but most people aren’t responding to our mass emails.

Mumble’s been making leaps and bounds in terms of quality lately… a huge amount of client bugs are getting squashed all the time and it’s just overall becoming a really robust system. 1.2 has been an awesome release so far, despite a few minor updates to squash bugs, I haven’t heard even 10% of the complaints I’d had to listen to about 1.1!

I was thinking about spending a day pretty soon drumming up attention for Mumble again, by going through blog searches looking for where people mentioned Mumble and suggesting they go through and give 1.2 a shot. Hopefully I don’t get shit-canned along with all the scumbags peddling the best weight loss pills or some other off-topic shit.

So we’re gearing up for the release of MumbleDog, which will be Sabrienix’s Mumble hosting subsidiary. Nothing much is going to change, but we’ve just had complaints that Sabrienix is really hard to remember if you don’t bookmark it. I suppose it’s all good, really, because Sabrienix was intended to be more of an in-person, web consultation company where our chief customers would usually have a business card and a telephone number of their assigned rep.

The Mumble hosting section exploded though, and it’s really hurting us. So we came up with a nice, simple, easy-to-remember name and we’ll be pushing the heck out of it in the next month or so.

So after 3 years of borderline trolling a certain MapleStory fan-site, spending the entire time thinking I’m impervious to infractions… I finally got my first SW warning!

It’s somewhat anti-climactic though, considering what I actually got it for. Basically after breaking every rule in the book, I got busted for telling some kid posting some idiotically outlandish bullshit about people being able to hack you if you buy a certain item… to “post proof or STFU.”

It must’ve been a noob moderator or something, perhaps they don’t know who the fuck I am. God damn it.

In other news, I thought Moodoo got some action earlier, but it turns out it was just a spam-bot posting links to workout articles and adipex reviews. Fuck.

With people at Google saying stuff like this, it’s pretty easy to reconsider the Droid, despite how attractive they look. They do look rather cool though, and I’m almost tempted to think about getting one when my contract is up in about another 9 months. Of course you keep going back to the subtle infiltration of our entire lives by Google… hrm.

I love my current phone, and I’ll probably wind up sticking with a WinMo platform just because… I have but a couple of complaints about my phone – first of all it’s a wee bit laggy when you’re doing more than calling (and occasionally when all you’re doing is calling!).

But my biggest complaint is the lack of a real GPS… Verizon want me to pay $15 a month for the privilege of using their substandard software when I can get around just fine with Google Ma-…. oh god damn it.