Evolutionary Psychology, Memes and the Origin of War

Somebody (possibly Henson himself) posted Evolutionary Psychology, Memes and the Origin of War over at Kuro5hin in 2006. I had no idea Kuro5hin still existed, and Henson’s paper could use some consideration of group selection, but anyway it’s a worthwhile and controversial read.

It seems to me that if Henson’s basic thesis is right, our current global political situation is not just eerily similar to that of the mid-1930s, it’s actually the same phenomenon – so we better get it under control.

Comodo up to more tricks

People occasionally ask me who they should buy security certificates from. I absolutely will not recommend anyone in particular – even the most honest and honorable Certificate Authorities are inherently swindlers, because the trade itself is pretty much a legalized extortion scheme – but I am willing to say who I don’t recommend – Comodo is the worst CA, hands down. Witness their latest hijinks:

When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Additionally, all shortcuts are replaced with Chromodo links and all settings, cookies, etc are imported from Chrome. They also hijack DNS settings, among other shady practices.
[Link to Chromodo download elided]
Chromodo is described as “highest levels of speed, security and privacy”, but actually disables all web security. Let me repeat that, they ***disable the same origin policy***…. ?!?..

This certainly isn’t the first time Comodo’s been caught doing things they shouldn’t, but somehow they still control around a third of the world’s certificate issuance. People need to stop giving business to known bad actors, even when it’s unclear whether the actions stem from malice or incompetence.

Query all non-subscribed RHEL7 repos at once

The old Red Hat Network was simple and easy to use. The RHN website presented a list of systems in your web browser, with counts of outstanding patches and outdated packages. You could click on a specific system name and do various things like subscribe to specific repositories (channels) etc.

The current Red Hat Network is a glittering javascript tour-de-force that multiplies the number of clicks and the amount of specialized knowledge you will need to manage your systems. You can pay extra for add-on capabilities such as the ability to select groups of systems and apply a set of operations to all of them, which is almost certainly necessary if you have a large number of systems. It’s a sad travesty of the much-maligned system it replaced.

If you’re completely entangled in the new RHN with your Red Hat Enterprise Linux 7 systems (by which I mean that you haven’t managed to exit the Red Hat ecosystem for a more cost-effective infrastructure yet) you might want to do something like figure out which of the various poorly named repos (such as -extras, -optional, and -supplementary) contains some particular package you want.

Command line to the rescue! Ignore all RHN’s useless beauty and use ugly, reliable Gnu awk. This, for example, finds the repo where the git-daemon package has been hidden away.

subscription-manager repos --list | gawk '/^Repo ID/{print "yum --showduplicates list available --disablerepo=\"*\" --enablerepo=" $3}' | bash | grep -i git-daemon

After several minutes (there’s a lot of network traffic involved) you’ll find that versions of git-daemon are in five different repos.

git19-git-daemon.x86_64 1.9.4-2.el7 rhel-server-rhscl-7-eus-rpms
git19-git-daemon.x86_64 1.9.4-3.el7 rhel-server-rhscl-7-eus-rpms
git19-git-daemon.x86_64 1.9.4-3.el7.1 rhel-server-rhscl-7-eus-rpms
git-daemon.x86_64 1.8.3.1-5.el7 rhel-7-server-optional-fastrack-rpms
git-daemon.x86_64 1.8.3.1-4.el7 rhel-7-server-optional-rpms
git-daemon.x86_64 1.8.3.1-5.el7 rhel-7-server-optional-rpms
git-daemon.x86_64 1.8.3.1-6.el7 rhel-7-server-optional-rpms
git19-git-daemon.x86_64 1.9.4-2.el7 rhel-server-rhscl-7-rpms
git19-git-daemon.x86_64 1.9.4-3.el7 rhel-server-rhscl-7-rpms
git19-git-daemon.x86_64 1.9.4-3.el7.1 rhel-server-rhscl-7-rpms
git-daemon.x86_64 1.8.3.1-5.el7 rhel-7-server-optional-beta-rpms

So, you query the Red Hat Package Manager, rpm, to find out what version of git you have.

rpm -q git
1.8.3.1-6.el7

Since 1.8.3.1-6.el7 matches the latest version of git-daemon available from the rhel-7-server-optional-rpms repository, that’s the one you need to add in order to load git-daemon.

subscription-manager repos --enable rhel-6-server-optional-rpms
yum install git-daemon
.

This process is much easier than using the Red Hat Network web gui, and requires less specialized knowledge. Which is pretty sad, considering how arcane these incantations are.

Wrench Wednesday

Once upon a time, tractors and other farm implements came with a wrench that fit all the nuts and bolts on the machinery. Farmers being the clever and parsimonious people they are, they never paid for ten wrenches when just one would do the job! I used to find these things laying all over the place in Uncle Irving’s junkyard; now they are collector’s items.

Page from the 2015 Wrenching News fall auction

Firefox annoyance #5: redirect caching

Firefox Annoyances:

1) Sync
2) pocket
3) hello
4) everything else, other than the plug-in API itself, that isn’t a paper-thin shell around gecko
5) 301 redirect caching

To clear the 301 redirect cache for a single page, go to the “View” menu and light up the “History” sidebar (yeah, of course you forgot about that, nobody uses it), find the site you’re working on, right-click and select “forget about this site”.

annoying git

I’ve been installing git on some corporate servers with the idea of converting existing CVS and ad-hoc code management systems into something reasonably fast and modern.

It’s been somewhat tedious and painful, but supposedly once I’m done the installation will be stable and maintainable. For an enterprise SCM that’s a lot more important than ease of installation, at least in theory. (I ran OpenLDAP for a decade or more, so I can appreciate the value of putting all the pain up front.)

Today’s annoyance is that the gitolite documentation and web site refer to a “hosting user” but the toolset and other web sites describing gitolite installation talk about an “admin user”. After wasting several hours with Google trying to find out exactly what the difference was, I created a new user account for the admin user and executed the commands – at which point it became immediately obvious that THOSE ARE THE SAME DAMN THING.

Curse you, gitolite. I WANTED US TO BE FRIENDS.

British Museum Iron Age virtual exhibit

Heather writes:

One of my web design e-newsletters had a link to the indoors Google Street View of the British Museum. So I wandered around a bit and found this… Celtic Life in Iron Age Britain: A British Museum exhibition of Iron Age objects from collections across the UK.

You can do science just as badly as you can do religion

I can’t read the Science Based Medicine website, despite my complete agreement with many of its conclusions, without getting annoyed by the priestly attitude of its authors.

They make broad generalizations that could often be equally well applied to the mainstream physicians the site claims are qualitatively superior. For example, from Scott Gavura, Naturopaths offer an array of disparate health practices like homeopathy, acupuncture and herbalism that are linked by the (now discarded) belief in vitalism – the idea we have a “life force”. I’ve certainly never had any difficulty finding doctors who believe in “life forces” and “souls” and such – the churches are full of ’em, seriously. And I’ve heard at least one physician recommend acupuncture, because it had worked on other patients of his.

SBM’s authors also often seem to promote a Medieval doctrine of contagion when they talk about alternative medicine – if any person who claims to be an herbalist or chiropractor does something wrong, this proves that all herbalists and chiropractors are equally wrong. Such a doctrine, if applied equally harshly to mainstream medicine, would make SBM’s own doctors somehow guilty for the Tuskegee Syphilis Study. I can’t abide that kind of sloppy thinking.

I wish I could choose less preachy, more convincing allies. It’s good that SBM names and exposes actual quacks, and homeopathic superdilution remedies truly are outmoded nonsense… but I keep finding myself wondering if perhaps Medieval witch-hunters burned some folks who actually deserved it, occasionally.

ISP hacked, blog savaged

Our ISP, iPower.com, was hacked and an amateurish attempt was made to plant various forms of malware on this site. Fortunately for my non-existent readers, the hackers weren’t particularly competent. Unfortunately for me, the same might be said of my ISP…

User registrations are disabled, for the nonce, which again will be a trial for my non-existent audience.

Foswiki dependency hell

I really wanted to run Foswiki, because it seems like most of the TWiki devs ended up there, and because my employers want to run an enterprise wiki with fine-grained access and revision control driven from a corporate directory. Since Foswiki is written in perl, and Graham Barr’s excellent perl-LDAP modules can easily handle arbitrarily complex directory integration, I figured I’d just rip out all the code that checked users and groups against the Foswiki DB and replace it with appropriate LDAP calls, then send my mods upstream to the Foswiki devs. They seem like a good crowd, they’d probably appreciate a non-caching LDAP module.

But we’re heavily federally regulated, and we can’t run unmaintainable code. The number of unpackaged dependencies I’d need to run Foswiki on Red Hat Enterprise Linux is just unsupportable. I can’t find an audited, securely maintained package of File::Copy::Recursive, for example, anywhere. And there’s quite a few more (although some are available from EPEL).

I’d love to find a wiki engine that used real LDAP, instead of just caching copies of data retrieved by LDAP in a local database.

How many unemployed?

In this post-Reagan era, you can use the Government’s “official” count of unemployment – which is broken up into categories from U1 to U6, but everybody uses the U3, currently 5.3% – or you can check out John Williams’ Shadow Government Statistics, with puts the current count at 23%. Williams attempts to use the pre-1990 method of calculation (which is difficult because the government is trying really hard not to obtain anything resembling real unemployment figures) so that you can compare modern unemployment figures with historical data.

Dillon Marsh: For what it’s worth

These images combine photography and computer generated elements in an effort to visualise the output of a mine. The CGI objects represent a scale model of the materials removed from each mine, a solid mass occupying a scene showing the ground from which it was extracted. By doing so, the intention is to create a kind of visualisation of the merits and shortfalls of mining in South Africa, an industry that has shaped the history and economy of the country so radically.