I get my domestic ADSL connectivity from the rather excellent people at Andrews and Arnold.
They also happily take (and similarly reply to) GPG encrypted support questions.
Good guys. Thoroughly recommended.
Now can you /really/ see BT doing any of that?
Every now and then I decide I'll try and sort out my VoIP setup. And then I give up. Today I tried again. I really didn't think I was aiming that high. I thought I'd start by making my email address work as a SIP address. Seems reasonable, right? I threw in the extra constraints of wanting some security (so TLS, not UDP) and a soft client that would work on my laptop (I have a Grandstream hardphone and would like an Android client as well, but I figure those are the easy cases while the "I have my laptop and I want to remain connected" case is a bit trickier). I had a suitable Internet connected VM, access to control my DNS fully (so I can do SRV records) and time to read whatever HOWTOs required. And oh my ghod the state of the art is appalling.
Let's start with getting a SIP server up and running. I went with repro which seemed to be a reasonably well recommended SIP server to register against. And mostly getting it up and running and registering against it is fine. Until you try and make a TLS SIP call through it (to a sip5060.net test address). Problem the first; the StartCom free SSL certs are not suitable because they don't advertise TLS Client. So I switch to CACert. And then I get bitten by the whole question about whether the common name on the cert should be the server name, or the domain name on the SIP address (it's the domain name on the SIP address apparently, though that might make your SIP client complain).
That gets the SIP side working. Of course RTP is harder. repro looks like it's doing the right thing. The audio never happens. I capitulate at this point, and install Lumicall on my phone. That registers correctly and I can call the sip:email@example.com test number and hear the time. So the server is functioning, it's the client that's a problem. I try the following (Debian/testing):
I'm bored at this point. Can I "dial" my debian.org SIP address from Lumicall? Of course not; I get a "Codecs incompatible" (SIP 488 Not Acceptable Here) response. I have no idea what that means. I seem to have all of the options on Lumicall enabled. Is it a NAT thing? A codec thing? Did I sacrifice the wrong colour of goat?
At some point during this process I get a Skype call from some friends, which I answer. Up comes a video call with them, their newborn, perfect audio, and no hassle. I have a conversation with them that doesn't involve me cursing technology at all. And then I go back to fighting with SIP.
Gunnar makes the comment about Skype creating a VoIP solution 10 years ago when none was to be found. I believe they're still the market leader. It just works. I'm running the Linux client, and they're maintaining it (a little behind the curve, but close enough), and it works for text chat, voice chat and video calls. I've spent half a day trying to get a Free equivalent working and failing. I need something that works behind NAT, because it's highly likely when I'm on the move that's going to be the case. I want something that lets my laptop be the client, because I don't want to rely on my mobile phone. I want my email address to also be my VoIP address. I want some security (hell, I'm not even insisting on SRTP, though I'd like to). And the state of the Open VoIP stack just continues to make me embarrassed.
I haven't given up yet, but I'd appreciate some pointers. And Skype, if you're hiring, drop me a line. ;)
Docker is the new best thing ever.
The technology behind it is pretty cool. It works very well and it's incredibly easy to just make things work.
But that's not the best bit!
My favourite thing about Docker is that it's simple to explain to semi-technical folks and better yet, it's easy to get people enthusiastic about it.
As I've previously mentioned, simplicity is something I aspire to in all things and the fact that "post-technical" [cheers Goran ;)] types get excited about how Docker can be used to break your services down into small components that you thread together makes my life that much easier when I'm trying to "sell" the benefits of doing so.
I have failed at sentence construction. Maybe I need to dockerise [eww] that.
Is it annoying or not that everyone says SSL Certs and SSL when they really mean TLS?
Does anyone actually mean SSL? Have there been any accidents through people confusing the two?
So its been a few years since I’ve posted, because its been so much hard work, and we’ve been pushing really hard on some projects which I just can’t talk about – annoyingly. Anyways, March 20th , 2011 I talked about Continual Integration and Continual Deployment and the Cloud and discussed two main methods – having what we now call ‘Gold Standards’ vs continually updating.
The interesting thing is that as we’ve grown as a company, and as we’ve become more ‘Enterprise’, we’ve brought in more systems administrators and begun to really separate the deployments from the development. The other thing is we have separated our services out into multiple vertical strands, which have different roles. This means we have slightly different processes for Banking or Payment based modules then we do from marketing modules. We’re able to segregate operational and content from personally identifiable information – PII having much higher regulation on who can (and auditing of who does) access.
Several other key things had to change: for instance, things like SSL keys of the servers shouldn’t be kept in the development repo. Now, of course not, I hear you yell, but its a very blurry line. For instance, should the Django configuration be kept in the repo? Well, yes, because that defines the modules and things like URLs. Should the nginx config be kept in the repo? Well, oh. if you keep *that* in then you would keep your SSL certs in…
So the answer becomes having lots of repo’s. One repo per application (django wise), and one repo per deployment containing configurations. And then you start looking at build tools to bring, for a particular server or cluster of servers up and running.
The process (for our more secure, audited services) is looking like a tool to bring an AMI up, get everything installed and configured, and then take a snapshot, and then a second tool that takes that AMI (and all the others needed) and builds the VPC inside of AWS. Its a step away from the continual deployment strategy, but it is mostly automated.
The cliché is that lotteries are a tax on the mathematically illiterate.
It's easy to have some sympathy for this position. Did you know trying to get rich by playing the lottery is like trying to commit suicide by flying on commercial airlines? These comparisons are superficially amusing but to look at lotteries in this rational way has seems to be in-itself irrational, ignoring the real motivations of the participants.
Even defined as a tax they are problematic – far from being progressive or redistributive, it has always seemed suspect when lottery money is spent proudly on high-brow projects such as concert hall restorations and theatre lighting rigs when—with no risk of exaggeration—there is zero overlap between the people who would benefit from the project and who funded it.
But no, what rankles me more about our lotteries isn't the unsound economics of buying a ticket or even that it's a state-run monopoly, but rather the faux philanthropic way it manages to evade all criticism by talking about the "good causes" it is helping.
Has our discourse become so relative and non-judgemental that when we are told that the lottery does some good, however slight, we are willing to forgive all of the bad? Isn't there something fundamentally dishonest about disguising the avarice, cupidity, escapism and being part of some shared cultural event—that are surely the only incentives to play this game—with some shallow feel-good fluff about good causes? And where are the people doing real good in communities complaining about this corrupting lucre, or are they just happy to take the money and don't want to ask too many awkward questions..?
"Vices are not crimes" claims Lysander Spooner, and I would not want to legislate that citizens cannot make dubious investments in any market, let alone a "lottery market", but we should at least be able to agree that this nasty regressive tax should enjoy no protection nor special privileges from the state, and it should be incapable of getting away with deflecting criticism with a bunch of photogenic children from an inner-city estate clutching a dozen branded footballs.
I put out the call for nominations for the 2014 Software in the Public Interest (SPI) Board election last week. At this point I haven't yet received any nominations, so I'm mentioning it here in the hope of a slightly wider audience. Possibly not the most helpful as I would hope readers who are interested in SPI are already reading spi-announce. There are 3 positions open this election and it would be good to see a bit more diversity in candidates this year. Nominations are open until the end of Tuesday July 13th.
The primary hard and fast time commitment a board member needs to make is to attend the monthly IRC board meetings, which are conducted publicly via IRC (#spi on the OFTC network). These take place at 20:00 UTC on the second Thursday of every month. More details, including all past agendas and minutes, can be found at http://spi-inc.org/meetings/. Most of the rest of the board communication is carried out via various mailing lists.
The ideal candidate will have an existing involvement in the Free and Open Source community, though this need not be with a project affiliated with SPI.
Software in the Public Interest (SPI, http://www.spi-inc.org/) is a non-profit organization which was founded to help organizations develop and distribute open hardware and software. We see it as our role to handle things like holding domain names and/or trademarks, and processing donations for free and open source projects, allowing them to concentrate on actual development.
It now supports:
Needless to say, this software is not endorsed by Strava. Suggestions, feedback and contributions welcome.
I arrived in Klagenfurt early on Thursday before Sunday's race and went to register at the "Irondome" on the shores of Lake Wörthersee. I checked up on my bike at Race Force's HQ and had a brief look around the expo before it got busy.
Over the next few days I met up a number of times with my sister who had travelled—via Venice—to support and cheer me. Only the day before the race did it sincerely dawn on me how touching and meaningful this was, as well as how much it helped having someone close by.
I had planned to take part in as much of the "Ironman experience" as possible but in practice I not only wanted to stay out of the sun as much as possible, I found that there was an unhealthy pre-race tension at the various events so I kept myself at a slight distance.
Between participants the topic of discussion was invariably the weather forecast but I avoided paying much attention as I had no locus of control; I would simply make different decisions in each eventuality. However, one could not "un-learn" that it reached 40°C on the run course in 2012, landing many in hospital.
As this was my first long-distance triathlon with a corresponding investment of training I decided that conservative pacing and decisions were especially prudent in order to guarantee a finish. Ironman race intensity is quite low but this also means the perceived difference between a sustainable and a "suicide" pace is dangerously narrow.
Despite that, my goal was to finish under 11 hours, targeting a 1:20 swim, a 5:30 bike and a 4:00 marathon.Race day
I got to sleep at around 10PM and awoke early at 3AM, fearing that I had missed my alarm. I dozed for another hour before being woken at 4AM and immediately started on two strong coffees and waited for a taxi.
Over the next 2 hours I ate two Powerbars, a banana and sipped on isotonic energy drink. I also had a gel immediately before the swim, a total of approximately 600 calories. Many consume much more pre-race, but I had not practised this and there would be plenty of time to eat on the bike.
I got to transition as it opened at 5AM and checked over my bags and bike and then made my way slowly to the lake to put on my wetsuit.Swim
I felt my swimming ability to be just on the right of the bell-curve so I lined myself up according to their suggestion. I'm quite good with nerves so in the final ten minutes I kept to myself and remained very calm.
After some theatrics from the organisers, the gun finally went off at 7AM. It was difficult to get my technique "in" straight away but after about 5 minutes I found I could focus almost entirely on my stroke. I didn't get kicked too much and I reached the first turn buoy in good time, feeling relaxed. Between the next two buoys I had some brief hamstring cramps but they passed quickly.
After the second turn I veered off-course due to difficulties in sighting the next landmark—the entrance to the Lend canal—in the rising sun. Once I reached it, the canal itself was fast-moving but a little too congested so I became stuck behind slower swimmers.
The end of the swim came suddenly and glancing at my watch I was pretty happy with my time, especially as I didn't feel like I had exerted myself much at all.T1
Due to the size of Ironman events there is an involved system of transition bags and changing tents; no simple container beside your bike. There was also a fair amount of running between the tents as well. Despite that (and deciding to swim in my Castelli skinsuit to save time) I was surprised at such a long transition split – I'm not sure where I really spent it all.
I also had been under the impression volunteers would be applying sunscreen so I had put my only sun spray in the bike-to-run bag, not the swim-to-bike one. However, I found a discarded bottle by my feet and borrowed some.Bike
The bike leg consists of two hilly laps just to the south of the Wörthersee.
It felt great to be out on the bike but it soon became frustrating as I could not keep to my target wattage due to so many people on the course. There were quite a few marshalls out too which compounded this – I didn't want to exert any more than necessary in overtaking slower riders but I also did not want to draft, let alone be caught drafting.
This also meant I had to switch my read-out from a 10-second power average to 3-seconds, a sub-optimal situation as it does not encourage consistent power output. It's likely a faster swim time would have "seeded" me within bikers more around my ability, positively compounding my overall performance.
I started eating after about 15 minutes: in total I consumed six Powerbars, a NutriGrain, half a banana, four full bottles of isotonic mix and about 500ml of Coca-Cola. I estimate I took on about 1750 calories in total.
The aid stations were very well-run, my only complaints being that the isotonic drink became extremely variable—the bottles being half-filled and/or very weak—and that a few were cruelly positioned before hills rather than after them.
I felt I paced the climbs quite well and kept almost entirely below threshold as rehearsed. Gearing-wise, I felt I had chosen wisely – I would not have liked to have been without 36x28 in places and only managed to spin out the 52x12 four or five times. Another gear around 16t would have been nice though.
There was quite heavy rain and wind on the second lap but it did not deter the locals or my sister, who was on the Rupitiberg waving a custom "Iron Lamb" banner. It was truly fantastic seeing her out on the course.
On the final descent towards transition I was happy with my time given the congestion but crucially did not feel like I had just ridden 112 miles, buoying my spirits for the upcoming marathon.T2
Apart from the dismount line which came without warning and having a small mishap in finding my bike rack, transitioning to the run was straightforward.Run
The run course consists of two "out-and-backs". The first leads to Krumpendorf along the Wörthersee and the railway, the second to the centre of Klagenfurt along the canal. Each of these is repeated twice.
I felt great off the bike but it is always difficult to slow oneself to an easy pace after T2, even when you are shouting at yourself to do so. I did force my cadence down—as well as scared myself with a 4:50 split for the first kilometer—and settled into the first leg to Krumpendorf.
Once the crowds thinned I took stock and decided to find a bathroom before it could become a problem. After that, I felt confident enough to start taking on fuel and the 10km marker on the return to the Irondome came around quickly.
Over the course of the run I had about three or four caffeinated gels and in latter stages a few mouthfuls of Coke. I tried drinking water but switched to watermelon slices as I realised I could absorb more liquid that way, remaining moving and gaining a feeling of security that comes from simply carrying something.
The first visit to Klagenfurt was unremarkable and I was taking care to not go too hard on the downhill gradients there – whilst going uphill is relatively straightforward to pace, I find downhill running deceptively wearing on your quads and I still had 25km to go.
The halfway point came after returning from Klagenfurt and I was spotted by my sister which was uplifting. I threw her a smile, my unused running belt and told her I felt great, which I realised I actually did.
At about 23km I sensed I needed the bathroom again but the next aid station had locked theirs and for some bizarre reason I then did not stop when I saw a public WC which was clearly open. I finally found one at 28km but the episode had made for a rather uncomfortable second lap of Krumpendorf. I did run a little of the Klagenfurt canal earlier in the week, but I wished I had run the route through Krumpendorf instead – there was always "just another" unexpected turn which added to the bathroom frustration.
In a chapter in What I Talk About When I Talk About Running, Haruki Murakami writes about the moment he first ran past 26.2 miles:I exaggerate only a bit when I say that the moment I straddled that line a slight shiver went through me, for this was the first time I'd ever run more than a marathon. For me this was the Strait of Gibraltar, beyond which lay an unknown sea. What lay in wait beyond this, what unknown creatures were living there, I didn't have a clue. In my own small way I felt the same fear that sailors of old must have felt.
I was expecting a similar feeling at this point but I couldn't recall whether my longest run to date was 30 or 31km, a detail which somehow seemed to matter at the time. I certainly noticed how uphill the final return from Krumpendorf had suddenly become and how many people had started walking, lying down, or worse.
32km. Back near the Irondome, the crowds were insatiable but extremely draining. Having strangers call your name out in support sounds nice in principle but I was already struggling to focus, my running form somewhat shot.
In the final leg to Krumpendorf, the changes of gradient appeared to have been magnified tenfold but I was still mostly in control, keeping focused on the horizon and taking in something when offered. Once I reached Klagenfurt for the last time at 36km I decided to ignore the aid stations; they probably weren't going to be of any further help and running on fumes rather than take nutrition risks seemed more prudent.
The final stretch from Klagenfurt remains a bit of a blur. I remember briefly walking up a rather nasty section of canal towpath, this was the only part I walked outside of the aid stations which again seemed more important (and worrying) at the time. I covered a few kilometers alongside another runner where matching his pace was a welcome distraction from the pain and feelings of utter emptiness and exhaustion.
I accelerating away from him and others but the final kilometer seemed like an extremely cruel joke, teasing you multiple times with the sights and sounds of the finish before winding you away—with yet more underpasses!—to fill out the distance.
Before entering the finishing chute I somehow zipped up my trisuit, flattened my race number and climbed the finish ramp, completely numb to any "You are an Ironman" mantra being called out.Overall
I spent about 15 minutes in the enclave just beyond the finish line, really quite unsure about how my body was feeling. After trying lying down and soaking myself in water, Harriet took me off to the post-race tent where goulash, pizza and about a litre of Sport-Weiss made me feel human again...