botWerks

this is obviously a big focus for me on the work front particularly given some of the speaking engagements as of late.  hence, the egg on my face when i realized i’d missed the original announcement that google is supporting IPv6 for app-engine. then i was catching up on some news today and i caught the updated announcement that indicated they were expanding the support IPv6 support and enabling better testing facilities.  additionally, they announced that they were providing a means for folks to support this outside the whitelisted DNS servers. kudos. this brings a host of applications (pun slightly intended) into the IPv6 domain with little or no requirements / on the part of the app developers. it’s just there in the infrastructure.

nicely done googles.

nothing revelatory here, but some interesting background pointers.

i’ve been catching up on a massive reading backlog as of late. one of the topics egregiously in the backlog has been digesting the information associated with internationalized domain names (IDNs) and poking at some of the attendant follow-on considerations. given that there’s a huge hunk of the world that doesn’t use latin character sets, this is an increasingly interesting and relevant topic. particularly for network infrastructure dweebs.

for those looking for a good place to start on the topic of internationalization i highly recommend geoff huston’s writeup on the topic, Internationalizing the Internet. he provides a reasonable primer on interesting topics such as digraphs, glyphs, etc.

fortunately, localization of content presentation is an area which has received a considerable amount of attention within the computer industry. further, it benefits from the fact that there’s been a bit of give and take socially and from a development perspective to accommodate various localization requirements. e.g.: japanese writing and layout has undergone a bit of accommodation to “modern” publishing capabilities and computer interfaces.

internationalization of the Internet is another matter. of considerably greater difficulty is enabling the infrastructure to support the variety of localizations that are out there. the first among these is the DNS infrastructure. this leads you down a windy path of different encoding mechanisms and a whole host of additional security implications. of notea number of interesting variants on homograph
attacks.

looking at this from the perspective of network engineering, we’re really moving into a world where there will be new stresses and strains placed upon the DNS infrastructure.  what was previously a relatively low bandwidth infrastructure service will rapidly explode in terms of bandwidth utilization and processing requirements going forward.  considerable attention will need to be given to application design and verification mechanisms in the background to alert users to a host of new attacks.  it’s unclear what the implications will be on service / application developers over the near term given that most of the infrastructure elements associated with web services are ascii oriented.

misc. background reading:

• punycode – a means of encoding unicode into the ASCII character space.
• Phishing defense against IDN address spoofing attacks – abstract: Address spoofing is a common trick used in phishing scams to confuse unsuspecting users about a Web site’s real origin. With the introduction of Unicode characters into domain names, also known as Internationalized Domain Names (IDN), the risk has significantly increased even for the most cautious users. The author explores the various types of address spoofing attacks focusing on IDN, and presents a novel client-side Web browser plug-in Quero which implements several techniques—including highlighting—to protect the user against visually undistinguishable address manipulations.
• RFC 4690 – abstract: This note describes issues raised by the deployment and use of
  Internationalized Domain Names.  It describes problems both at the time of registration and for use of those names in the DNS.  It recommends that IETF should update the RFCs relating to IDNs and a framework to be followed in doing so, as well as summarizing and identifying some work that is required outside the IETF.

i’ve come to the conclusion that chromium for the mac is close enough to start poking at consistently.  now, i need to find a way to make this honor the default cocoa keybindings and support for ctrl-a/f/n/p + w would go a really long ways towards making me happy.

the speed is quite frankly mind-boggling.  javascript apps scream, rendering is honored appropriately, java support is dicey (keep safari handy) and the interface is really snappy.

this week gives me enough breathing room to poke at the latest firefox 3.6 build as well.  this is the default workhorse browser for 99%+ of what i do.  frankly, i don’t know what i’d do without the “it’s all text” add-on.  given the amount of wiki editing and integration with online systems that i have to handle on a daily basis.  if i could get this for chrome, i might be sorely tempted to jump ship.  firefox 3.6 carries with it the attendant hassle of a new release in terms of add-on support.  but fortunately i’ve been able to hack or cajole all the major ones for me into submission.  there’s some decided improvement in rendering speed.  but beyond that, it looks pretty much the same to me.  which is more than ok, it’s a solid performer in the workflow.

don’t get sucked into buying the augmented reality issue of esquire.  about the 3rd time you hear “boo-yaa” from robert downey jr.  you’re pretty tempted to throw the magazine through your monitor. cute and clever?  yes.  tedious as hell? definitely.

follow the advice here: http://www.jwz.org/doc/backups.html

seriously. just do it.

if you need a GUI, SuperDuper, works wonderfully.  this will save your ass. no joke.

in no particular order – here are some notes on the use of OSX for my UNIX dweeb friends who are making the jump.

essential tools / things to get:

go and get the developer toolkit (aka Xcode) – this will get you a working compiler and a kick ass development environment.  unfortunately, i haven’t had a lot of time to monkey with Xcode for its primary purpose of developing mac apps.  you should be able to install this off of the optional software installation on the OS distribution disk.  alternatively you can get this from the apple developers web site. (http://developer.apple.com/mac/ – note you might have to create an account on this site to get the latest tools and they are a big download.  get it when you’re someplace where you have a solid and fast connection.)

macports – run, don’t walk, to get this one.  i’ve messed with fink, i find this to be more complete and  more often than not, it just works.  to make life easier, you should periodically update your ports collection.  this is trivially accomplished via a periodic sudo port selfupdate.  note, you’ll need to have a working Xcode installation to get this appropriately installed since, like the FreeBSD version of ports, it will build this stuff from source and resolve dependencies in the process.  it’s not a binary build system like fink, et al.

editors

emacs / vim – without taking a religious perspective on this topic it’s good to know that there are first rate implementations of both on this platform.  i install both and toggle between the two of them as it makes sense.  personally, i’ve toyed with some very useful 3rd party editors as well. i’ll include some additional notes on these as well.

• emacs – i use this one, there are folks that swear by aquaemacs, but i can’t make the keybindings happy enough for my taste.

• vim – macvim – need i say more?  i used this version for a long time prior to finding an emacs that made me happy on the mac.  the new version of macvim is sexy as hell and has tabs and shit.
• TextMate – this one seems to have all of the web 2.0 folks in a twist.  i find it to be a remarkably good editor with emacs-like keybindings that work for most things. (meta-b/f don’t work as expected so that’s a frustration for me, personally.)
• SubEthaEdit / Coda – i mention these in the same breath.  SubEthaEdit is a collaborative text editor which allows folks to simultaneously edit a document, this editor is embedded within the coda web development package.

OSX oddities

su / root account – if you’re used to just su’ing to root, then you’re going to be surprised by the fact that root isn’t enabled by default.  instead you use sudo for pretty much everything.  if you’re used to running things as root and you feel like doing this all over the place you’re welcome to enable root (done by following these directions), over the past couple of machines i’ve had, i haven’t enabled root.

cron – OSX doesn’t run the crond like you’ve seen on other platforms instead there’s launchd.  which assumes the responsibilities of a whole host of classic UNIX processes (notably, init and crond).  if you use crontab -e a la the classic UNIX interface to crond, then all of the launchd stuff is handled in the background for you. if you expect to just copy over your crontab files from /var/spool/cron then you’re in for something of an awakening.  to make all of this just work, use crontab, it will make sure that launchd is updated appropriately.