Category Archives: Software

Test your IPv6 connectivity

Posted by Patrick Vande Walle on 17 May 2008 2 comments
Share
If you are connected to this blog using a IPv6 link, you will notice that near the top of the right column of the front page there is a message saying: "Congratulations ! You're using IPv6 ! Your address is XXXXXXX" In case you ask, the PHP code that performs this check is below: 
if (substr_count($_SERVER['REMOTE_ADDR'],":") > 0 &&substr_count($_SERVER['REMOTE_ADDR'],".") == 0) {
echo 'Congratulations ! You're using IPv6 ! Your address is'.$_SERVER['REMOTE_ADDR'].'.';
}  else {
echo "You're just using IPv4. Your address is '.$_SERVER['REMOTE_ADDR'].'.';
}
Update: Martin J. Levy suggested the following, more compact code: 
function is_connected_ipv6(){
return (substr_count($_SERVER['REMOTE_ADDR'], ":") > 0 && substr_count($_SERVER['REMOTE_ADDR'], ".") == 0);
}
echo is_connected_ipv6() ? "(via IPv6)" : "(via IPv4)";

Missing Firefox, badly

Posted by Patrick Vande Walle on 17 May 2008 None comments
Share

I recently switched to a new position in my day job. I moved to another campus and office, where I found on my desk a computer with the default standard configuration. The default browser in this configuration is Internet Explorer 6.

I am still in a state of shock. Over the last four years in my previous position, I had been using Firefox as my main browser, mostly because of AdblockPlus, a remarkably efficient advertisement blocker.

With IE6, I have rediscovered how advertising on web sites can be distracting and invading. Suddenly, the pop-up windows, Flash animations and other nasties are there again. Unlike a paper magazine, when you only need to turn the page to ignore them, advertisements on web sites really prevent you to work until you close the pop-up window, stop the animation, turn off the volume, etc.

I guess one could say that Wladimir Palant, the developer of Adblock Plus, is one of the greatest benefactors to computer productivity over the last few years. Thanks, mate. Great job. I am forever grateful.

Apple offers Safari browser for Windows

Posted by Patrick Vande Walle on 12 June 2007 None comments
Share

Apple has announced it is developing a Windows version of its Safari browser.  The browser will be freely available for Windows in October 2007.  This is good. Safari has demonstrated its many qualities on the Mac. It is a fast and reliable browser, maybe just lacking the range of extensions that Firefox has.
More competition in the Windows world is always welcome, if only to prevent overall market dominance from happening.

I tried Beta 3 of Safari for Windows this morning on my office computer. The good news first.  I was pleasantly surprised by the speed at with it launched, compared to Firefox or Internet Explorer. According to Apple, it beats all the competitors for speed of HTML rendering, Javascript execution and launch times.

As is typical with beta versions, some things do not work yet.

  • Importing Firefox bookmarks. I have not tried importing IE bookmarks
  • Although Safari identified my company’s automatic proxy, the keychain module in the browser does not seem to work yet, so I had to enter a user name and password for each and  every HTTP connection. You may have several for each page you want to display, so in this case it is very inconvenient.
  • The user interface is typical MacOSX. This may be surprising for Windows users, especially in the preferences menu, where there is no “OK” or “Apply” button to confirm the changes you made.

Overall, Safari for Windows is very promising. I look forward for the next beta and the official release in October.

This host is DNSSEC enabled

Posted by Patrick Vande Walle on 4 June 2007 None comments
Share

We keep hearing in the ICANN and IETF crowds that DNSSEC is unavoidable and that it is the way to go. These are the same crowds saying that we should move to – or at least support – IPv6. In both cases, the prophets are not always those who actually do it. While www.isoc.org and www.ietf.org are running on a dual IPv4/IPv6 stack, much of the companies working within the IETF do not run dual stack web sites: Cisco, Microsoft, IBM, Sun, etc.

So, rather than telling others that they should run DNSSEC, I figured I should do my homework and run DNSSEC myself, without waiting for my TLDs to get signed.

The job is done, but it was no easy task. If you are looking for a simple button on a GUI to sign your DNS zones, move on. Currently, this is not for the faint of heart, which might explain the slow adoption path. Bind does include all the tools, but you first have to figure out how the damn thing works and use the right parameters.

I found a tool which made my life much easier. It is called ZKT. Once you have configured the header files to your environment and adapted your file directory structure to the requisites of ZKT, you can actually sign all your zones in one pass. It will call the necessary Bind tools with the right parameters. I have created a cron job that will periodically check which signatures need updating and change the zone files accordingly. Highly recommended.

The side effects of fighting Internet censorship

Posted by Patrick Vande Walle on 2 June 2007 None comments
Share

We all know some countries heavenly censor what their Internet users are allowed to see. The reasons are many. Some point out the mistakes of the Great Dictator (or “Liberator”, as they usually call themselves) or critize the annexion of territories or denounce the use of torture (sorry, this should read “physical pressure”) by the regime, etc. Usually, this means censoring newspapers, civil liberties association web sites, usually hosted outside the country.

Over here in democratic countries, we are often well intentioned in trying to help those who cannot access all information to still be able to. It usually takes the form of letting your computer act as a relay for the person wishing to access those banned sites. There are different technologies, one of them being Psiphon.

Forbes has an interesting story on the unwanted side effects of letting a remote individual use your connection to access banned content. According to Forbes, the Psiphon network is often used not so much to read the web sites of the likes of Amnesty International, Human Rights Watch, the Guardian or the Washington Post, but also to access porn sites.

This has led some people to leave the Psiphon network, because they do not think they should offer bandwidth for looking at porn material.
Fair enough, but one hypothesis the Forbes story did not investigate is that those regimes which censor might be willing to poison the system itself. Rather than trying to block the use of the relaying technology by technical means, they may find it easier to fill the Psiphon network with fake porn lovers, thus disgusting those who offer uncensored access. A quite effective way to prevent their citizens to access the full Internet.