Linux and PC cubes

PC cubes! Yes, I want a cube-shaped computer, because it’s small. No, I don’t want one made by Apple, or an obsolete NeXT (I used those in college when I couldn’t get time on an SGI). I want something small and cheap, and if it’s reasonably good looking, that’s a bonus.
Enter the Shuttle SV24.

Unlike Apple’s cube, it has a brushed-alumninum case, so it won’t crack. Just like Apple’s cube, it generates extreme reactions, and not everyone who likes Apple’s cube likes Shuttle’s.

I admit, it doesn’t have Apple’s styling. But I like Lian-Li’s styling a lot better. I wouldn’t put this in Lian-Li’s league either. But it’s certainly no uglier than any of the PCs I own now, and it’s small and light. So yeah, it has me thinking.

Where can you get one? Two of my favorite vendors have it, at a price of $250: Newegg.com and Mwave.com.

I also saw on Ars’ forums that MSI makes a slimline PC called the 6215. Newegg has it (search for “6215”) for $210. It’s tiny, but has two PCI slots and is more conventional-looking. I’m thinking the 6215 would be great for a server appliance, seeing as it has two PCI slots so you could put a SCSI card in it. You could also disable the onboard Realtek NIC and replace it with a card like an Intel EtherExpress Pro that uses less CPU time.

More Linux. The biggest thing holding me back from migrating to SupaSite is its requirement of the Apache, MySQL and PHP trio. I’ve tried to get those three to work together before, and the setup wasn’t exactly trivial, especially when trying to do it from RPMs. It looks like it’d be a whole lot easier to just compile it yourself. But this past week I found Apache Toolbox, which downloads the source for those three, plus bunches of Apache modules and compiles them for you. It sounds like it even helps out with configuration. I’ve gotta give this one a shot.

Mail server successful!

A lightweight Windows web browser. Windows!? What’s that? Yes, I still use it at work, even though my Windows time at home is dwindling. A couple of weeks ago I told you about Dillo, a superfast, minimalist Web browser for Linux that’s in development. It’s still considered alpha-quality; I’ve had absolutely no trouble with it but some readers report it crashes on them occasionally. I’ve had enough success with it that I want it at work.
Well, I didn’t get my wish exactly, but yesterday at work after following a link to a link to a link while looking for something else (you know how that goes–you never find what you’re looking for when you’re looking for it, on the Web or in real life) I found Off By One a free standards-compliant HTML 3.2 browser. Its executable is a full 1.1 megs in size. There are sites it won’t render quite right, because it lacks Java and JavaScript and it’s an HTML 4.0 and CSS world out there these days, but it’s the fastest browser I’ve ever seen on Win32. If I had to live with Windows 9x on a 486 or a slow Pentium, this is the browser I’d want.

A nice-looking Weblog package. I found a blogger on Freshmeat called Supasite. It doesn’t look like it does a nice calendar by default like Greymatter, but it does categories, natively. And it looks like nothing would stop me from changing the system date and putting in entries from way back when, so I could start moving content in from this site’s previous incarnations (including some stuff that hasn’t been online for most of this year). Greymatter breaks when you try to do that.

The downside? Setup is much more difficult, since it relies on PHP and MySQL, in addition to Apache and Perl.

Local mail server revisited. I figured out what I was doing wrong. To get exim, procmail, fetchmail, and courier-imap all working together, I had to do a couple more steps. First, I had to create a maildir for my non-priveliged account with the maildirmake command. Next, I created a .forward file:
# Exim filter
save $home/Maildir/new/

Next, I created a .procmailrc file:
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/new/
LOGFILE=$MAILDIR/Maillog

Then I ran fetchmail manually. It pulled down three messages from my SWBell account. I connected to the experimental server with Sylpheed and… I had mail! Suh-weeet!

Now if I can just get one of those canned spam filters running, I’ll be a very happy camper…

I said I wouldn’t work on my computers yesterday…

So I helped a coworker configure a Freesco box over the phone, then I went over and helped set up Gatermann’s PCs. Making Freesco work with a PPPoE connection is a bit of a drag, but with Google’s help we got it going. I also had to hack into his Web server because he forgot his password. So naturally I defaced his site while I was there. I also fixed his Apache configuration file. I’m such a nice guy…

Worst practices for e-mail

If you want to wreck your computer with a virus and put your neighbors’ computers at serious risk, there’s a really easy way to do it. Just be really cavalier with your e-mail habits. Approach e-mail with reckless abandon, and you’ll quickly receive your just reward.
But if you like having a computer that works well, and you kind of like your neighbors, there are things you can do to minimize your risk. If, on the other hand, you want to leave your mark on the world in a negative way, do the opposite of the things I suggest here.

1. Acquire good anti-virus software and keep it up to date. I’ve been configuring Norton AntiVirus to update itself every day. It’s excessive, but since it’s impossible to guess when the next big thing will come out, and it might hit you before you know about it, it’s the only safe way. Update every day, and keep autoprotect on, so that files are scanned as they’re created. That way, if you get a virus, it won’t get far. I also set NAV to scan the entire computer–all files, not just executable files–at least once a week.

While sweeping the network at work, I found copies of Nimda, but I also found old friends like SirCam, Happy99, PrettyPark, and Kak. Obviously people were aborting the scheduled updates and scans.

2. If you do get infected, don’t count on your antivirus package to completely clean up the mess. Visit www.sarc.com or www.antivirus.com/vinfo/virusencyclo to download a specialized removal tool for the virus your antivirus package caught. Run it to remove any residual damage your antivirus package may have missed.

3. Don’t take e-mail attachments from strangers. I take an even stronger stance than that. Frankly, when someone sends me e-mail with an attachment, the first thing I do is delete the message. I don’t even open it. I don’t care if I’ve known the guy who sent it for 10 years. Some attachments can execute without you even opening the message, so the only safe thing to do is delete it.

The only exception I make is when someone e-mails me and tells me something’s coming. Sure, I’ll look at my friend’s resume, as long as he lets me know ahead of time that it’s coming and I should look for it.

Yes, I miss some good jokes and fun games that way. But you know what? I’d rather be accused of having no sense of humor than to have to rebuild my computer. I don’t have time to rebuild my computer. I’m already too busy rebuilding the computers that belong to people who open each and every e-mail attachment they get.

The virus of the week is W32.Vote.A, which masquerades as a chance to vote for peace or war between the United States and the Middle East. It doesn’t actually let you vote; it e-mails itself to your contacts and deletes files off your drive.

4. Don’t be the first on your block with the newest Microsoft software. Microsoft continues to refuse to take security seriously. No one in his right mind should be running Internet Explorer and Outlook Express 6.0 right now. Every single dot-oh release from Microsoft in recent memory has been an atrocity. Get Internet Explorer 5.5SP2 and stick with it. It’s fast, it’s as stable as anything Microsoft has written, and all the known holes that viruses exploit have been patched. Is the same true for 6.0? Who knows?

5. Don’t use a Microsoft e-mail client if you can help it. Microsoft’s the biggest kid on the block, so their mail clients are the most frequent targets. They also have more security holes in them than a vacant building in East St. Louis. There are a number of competent alternatives out there, including Pegasus, Netscape Messenger, and Qualcomm Eudora. (Just watch out for Euroda’s spyware–run Ad-Aware from www.lavasoftusa.com after you install Eudora.)

6. If you must use a Microsoft e-mail client, turn off the preview pane. Also, go to the client’s security options and put it in the Restricted Sites zone. That way when some idiot forwards you a message with hostile ActiveX code in it to automatically execute an attachment that e-mails itself to everyone in your inbox and address book and then low-level formats your hard drive, you won’t be affected. There is absolutely no legitimate reason for HTML e-mail to contain any ActiveX, Java, or JavaScript.

7. Don’t run any Microsoft software if you can help it. A Mac doesn’t count–the most popular Mac application is (drum roll please) Microsoft Office. Besides, there are plenty of Mac viruses out there to get you too. I’m writing this on a cheap PC running Linux. I use a tiny, lightning-fast mail client called Sylpheed. It takes up 733K on my hard drive. Outrageous, isn’t it? I use a tiny, lightning-fast Web browser called Dillo. It’s secure as a rock because it doesn’t do Java, JavaScript, or ActiveX. It renders pages instantly. It’s 240K in size. They’re both in alpha testing, but they crash less for me than Internet Explorer 5.5 and Outlook 2000SP2. And don’t be fooled by the tiny size: I compiled them for speed, not size. If I’d used size optimizations they’d be a lot smaller.

8. Don’t run your Web site on IIS. Even the Gartner Group is recommending everyone abandon IIS ASAP. It’s impossible to keep up with the patches well enough to prevent outbreaks like Nimda. Nimda knows about 16(!) security holes in IIS that it can exploit in order to send itself to people who visit your Web page. Yes, people try to hack Apache. Of course they do–70% of the Web uses it. But I hear of one Apache vulnerability a year. That compares to one IIS vulnerability a week. It is fiscally and socially irresponsible to bank your business on such an insecure, poorly written piece of software. (This site runs on Apache, and its only downtime in five months has been from a power failure. Zero crashes, no having to take it down to apply a patch. My system uptime reads 112 days.)

If you didn’t compile it yourself, it’s not really yours.

I’m on my Linux From Scratch kick again. Unfortunately, compiling a complete workstation from scratch takes a really long time (the systems that benefit the most from it, namely low-end P2s, need close to a day to compile everything if you want X, KDE and GNOME and some common apps) and requires you to type a lot of awkward commands that are easy to mess up. The upside: Messages like, “I did my first LFS on a Pentium II 18 months ago and it was by far the best workstation I’ve ever had,” are common on LFS discussion boards.
So what to do…? If you want to learn a lot about how Linux works, you type all the commands manually and let the system build itself, and if you’re away while the system’s waiting for the next set of commands, well, the system just sits there waiting for you. In a couple of days or a week you’ll literally know Linux inside and out, and you’ll have the best workstation or server you ever had.

If, on the other hand, you’re more interested in having the best workstation or server farm you ever had and less interested in knowing Linux inside and out (you can always go back and do it later if you’re really interested–CPUs and disks aren’t getting any slower, after all), you use a script.

What script? Well, RALFS, for one. Just install Mandrake 8 or another 2.4-based distribution, preferably just the minimum plus all the compilers plus a text editor you’re comfortable with, then download the sources from www.linuxfromscratch.org, then download RALFS, edit its configuration files, get into text mode to save system resources, and let RALFS rip.

RALFS looks ideal for servers, since the ideal server needs just a kernel, the standard utilities that make Unix Unix, plus just a handful of server apps such as Apache, Samba, Squid, or BIND. So RALFS should build in a couple of hours for servers. And since a server should ideally waste as few CPU cycles and disk accesses as possible, RALFS lets you stretch a box to its limits.

I think I need a new mail server…

A remote administration Unix trick

OK, here’s the situation. I had a Linux box running Squid, chugging away, saving us lots of bandwidth and speeding things up and making everything wonderful, but we wanted numbers to prove it, and we liked being able to just check up on it periodically. Minimalist that I am, though, I never installed Telnet or SSH on it. And besides, I haven’t found an SSH client for Windows I really like, and Telnet is horribly insecure.
Sure, I could just walk up to it and log in and look around. But the server was several city blocks away from my base of operations. For a while it was a good excuse to go for a walk and talk to girls, but there weren’t always girls around to talk to, and, well, sometimes I needed to check up on the server while I was in the middle of something else.

So here’s what I did. I used CGI scripts for the commands I wanted. Take this, for example:

#!/bin/sh
echo ‘Content-type: text/html’
echo ”
echo ‘‹pre›’
ps waux
echo ”
cat /proc/meminfo
echo ‘‹/pre›’

Then I dropped those files into my cgi-bin directory and chmodded them to 755. From then on, I could check on my server by typing http://192.168.1.50/cgi-bin/ps.cgi into a Web browser. Boom, the server would tell me what processes were running, how much memory was in use, and even more cool, how much memory was used by programs and how much was used for caching.

Here’s how it works. The first two lines fake out Apache and your Web browser, essentially just giving them a header so they’ll process the output of these commands. The next line tells it it’s pre-formatted text, so don’t mess with it. This isn’t necessary for all commands, but for commands like ps that output multicolumn stuff, it’s essential. Next, you can type whatever Unix commands you want. Their output will be directed to the Web browser. I echoed a blank line just so the memory usage wouldn’t butt up against the process info. The last line just cleans up.

I wrote up scripts for all the commands I frequently used, so that way when my boss wanted to know how Squiddy was doing, I could tell him. For that matter, he could check it himself.

But if I knew there were going to be girls around, I went ahead and made an excuse to walk that direction anyway. Some things are more important than remote administration, right?

Building a Squid server

I’ve talked about Squid before. Squid is a caching Web proxy, designed to improve network speed and conserve bandwidth by caching Web content locally. How much it helps you depends on how you use the Web in that particular environment, but it’s usually worthwhile, seeing as the software is either free or costs next to nothing (it comes with most Linux distributions) and it doesn’t take much hardware to run it. Don’t use your Pentium-75, but you can deploy a standard desktop PC as a Squid server and it’ll work fabulously, unless you’ve got thousands of PCs hitting it. For a thousand bucks, you can seriously reduce your traffic and chances are it’ll pay for itself fairly quickly.
And ironically, Squid integrates beautifully with Internet Explorer 5.0 and newer.

Here’s what you do. Build up a minimal Linux server. For this, I prefer TurboLinux 6.01–it’s more lightweight than the current version, and you can still get patches for it that keep it from being h4x0r h34v3n. Pick the minimum base install, then add Squid and Apache. Yes, you need Apache. We’ll talk about that in a minute. I don’t like to have anything else on a Squid box, because Squid tends to be a big memory, CPU, and disk hog. Keep your computing resources as free as possible to accomodate Squid. (For that reason it would probably be better under a 2.4 kernel using ReiserFS-formatted partitions but I didn’t have time to test that.)

Once Squid is installed, modify /etc/squid/squid.conf. You’ll find a pair of lines that read “allow localhost” and “deny all.” That allows Squid to work only for the local machine, which isn’t what we want. Assuming you’re behind a firewall (you should be, and if you’re not, I’ll help you make a really big banner that says, “Welcome, l337 h4x0r5!”), change the “deny all” line to read “allow all.”

Next, make sure Apache and Squid are running. Go to /etc/rc.d/rc3.d and make sure there are scripts present that start Apache (httpd) and Squid. If there aren’t, go to /etc/rc.d/init.d and make copies of the Apache and Squid scripts. Give them a name that starts with S and a number, e.g. S50httpd.

Next, let Squid build and configure the directories and logs it needs with the command squid -NCd1. No, I don’t know what the -NCd1 means. I found it in a forum somewhere.

Now, go to your DNS and add an entry called wpad.yourdomainname. How you do this depends on the DNS you use. Someone else handles those duties at my job, so I just had him do it. Point that to your squid server.

Now, in /home/httpd/html (assuming TurboLinux–use the default Apache directory if you’re using a different distro), create two files, called proxy.pac and wpad.dat. They should both contain the following Javascript code:

function FindProxyForURL(url,host)
{
return “PROXY 192.168.10.50:3128”;
}

Substitute your Squid server’s IP address for 192.168.10.50.

What’s this do? Well, when IE is set to autodetect your Proxy settings, it goes looking for http://wpad.yourdomainname/wpad.dat, which tells it where to find the Proxy server. You could use any Web server you wanted; I just use the Squid server on the theory that if the Squid server is for whatever reason unavailable, a Web server running on the same machine is the most likely to also be unavailable, so IE won’t find it and won’t use a proxy, giving you a degree of failover.

The cool thing is, this combination of Apache and Squid works well, and can be quickly implemented with almost no work since Internet Explorer by default goes looking for a proxy and most people don’t uncheck that checkbox in the control panel.

We did this to reduce traffic on a T1 line for a short period of time (it saves us from needing to get multiple T1s) and so far we’re very impressed with the results. I recommend you try it.

Airshows, photography and Linux routing

Gatermann and I went out shooting again yesterday. More exploration of the warehouse district, and we found out that the warehouse district is a halfway decent place to watch an airshow. A couple of cargo planes buzzed us, tipping us off to what was going on, so I went chasing. I’m not the airplane junkie my dad was (few people are), but I’m still a sucker for exotic military planes. I borrowed Gatermann’s telephoto lens and took shots as planes went by. A pair of vintage P-51 Mustangs zoomed by, so I got a few shots of those. A couple of modern fighters made a brief appearance, but I couldn’t get them into the lens quickly enough to identify them. Chances are they were F-16s; not as common a sight as they once were, but you still see them.
I was hoping for a chance to see the Stealth Bomber; about four years ago I was in St. Louis on the 4th and as Gatermann and I were stepping outside to go get something to eat, we heard a low rumble overhead, looked up, and got a spectacular view of the rarely seen and highly classified B-2. Of course there wasn’t a camera in sight so we didn’t get a shot.

This year, a B-52 came from out of nowhere. It was huge–I mean HUGE–and very obviously not an airliner. I’d never seen one in person before so I didn’t identify it immediately. I got it in the camera, zoomed in on it, and figured out what it was. I got several shots. The B-52 is an oldie but a goodie; we used it heavily in Vietnam and in the late 1970s we intended to replace it with the B-1. Carter cancelled the B-1; later Reagan re-initiated it, but it was a disappointment. The B-1 never fully replaced the B-52 and now there’s talk of decommissioning the B-1 completely.

The B-52 was followed by a series of stunt pilots. I guess that’s good for oohs and ahhs, but I wanted to see weird airplanes.

The grand finale was the B-1. It totally snuck up on me; I think Gatermann spotted the thing first. I recognized it but the camera couldn’t catch it–the autofocus wasn’t fast enough. I switched to manual focus and waited. And waited. I spotted it looping around on the east side of the river; most non-classified stuff makes two passes. But you can’t get a good shot from that distance with this lens. I never saw it come back. It didn’t really look like it was landing (Scott Air Force base is across the Mississippi River, in Illinois), but I couldn’t find the thing. I gave up, turned around, and started walking back when Tom yelled and pointed. I quickly turned around, and the B-1 was just barely in range. I pointed and shot as it disappeared behind a warehouse. I think I got it.

I shot more than a full roll of just airplanes.

After airplanes and lunch, we headed out to CompUSA. Gatermann wanted a KVM switch; I wanted Baseball Mogul 2002. A Belkin 4-port switch was $200. A Linksys was $150. Gatermann grabbed the Linksys. I came up empty on Baseball Mogul. We went back to his place, hooked up the Linksys, and it was a real disappointment. It doesn’t pass the third mouse button. Numlock doesn’t work. And it has a slight ghosting effect on the picture. I didn’t notice it but Gatermann did. Stepping the resolution down and lowering the refresh rate didn’t help a whole lot. He’ll be taking the Linksys back. (To Linksys’ credit, the box is made in Taiwan, though its wall wart is made in Red China. I’m not a fan of financing World War III, nor am I a fan of slave labor, so I try to avoid products made in Red China whenever possible. Gatermann does too. I’m not sure what his reasons are but Red China’s treatment of the seven prisoners of war after their pilot kamikazeed our spyplane probably has something to do with it.)

Bottom line: Belkin’s KVM switches are better. I like the Linksys’ metal case better than the plastic case on my Belkin, but the Belkin performs a lot better and its buttons feel more solid. I also like the ability to change displays from the keyboard, rather than having to reach over to the switch like the Linksys requires.

I’m generally not impressed with Linksys’ products. Their DSL router, though it looks really slick, doesn’t forward ports very well. If you just want to split off a cable or DSL connection, it’s great. If you want to learn how the Internet works and run some servers behind your firewall, it’s going to frustrate you. It’s just not as stable as Gatermann’s Pentium-75 running Freesco, which we cobbled together from a bunch of spare parts. Get a used Pentium-75 motherboard with 8 megs of RAM, put it in a $20 AT case along with a $15 floppy drive and a pair of $15 PCI NICs and download Freesco, and you have something much more versatile and reliable for half the price. And a lot of us have most of that stuff laying around already.

And Linksys network cards are absolute junk. Their workmanship isn’t good, their drivers aren’t stable, and the cards have a tendency to just die. Or they age really poorly, spitting out tons and tons of bad packets as they carry out their wretched lives. Netgears are much better, and not much more expensive.

I also gave Gatermann’s Linux configurations a look. Freesco didn’t appear to be forwarding port 80, even though we configured it to, and Apache was installed and I’d verified it was working by opening a browser and going to 127.0.0.1. I tried a variety of things–including forwarding the ports manually from a command line, using the ipportfw command if I remember right–but it never worked. Finally, I tried hitting the Web server from a Windows PC inside Gatermann’s private network. It was denied too. Workstation-oriented Linux distros tend to come locked down really tight by default these days, which is probably a good thing in general, but it makes it really hard to just turn on Web services to the world. I know it can be done but I wouldn’t know where to begin. So I had him download TurboLinux Server 6.5, which will probably solve all his web serving problems.

One way to defeat spammers

Ever since Brightmail closed up their free filtering service, I’ve been thinking a lot more about spam because I’ve been getting a lot more. I know where these losers are getting my e-mail address. It’s right here on my Web page. But I need to post that so people can contact me. Fortunately, I found a trick. Look at this:
dfarq@swbell.net

That’s just an e-mail link, right? It works just like any other, right? Well, here’s the HTML code for that:

mailto:dfarq@swbell.net

See what I did? I obscured the @ sign with an ASCII code (64), along with the dot (46) and a couple of other characters like the colon. Most automated e-mail address harvesters don’t decode the HTML, so their search routines, which look for things like @ signs and dot-somethings will blow right past that.

So if you run a site, obscure your e-mail address. If you don’t remember your ASCII codes, hopefully you’ve still got QBasic on one of your machines. In QBasic, the command PRINT ASC(“A”) will give you the ASCII code for the letter A. Substitute any letter you like. Or you can remember that A is 65 and lowercase a is 97. A is 65, B is 66, and so on.

When a Web site asks you for an e-mail address, you can see if it’ll let you obscure parts of it. Unfortunately, my forums flag illegal characters, but I may be able to modify that. Some Web sites aren’t that smart.

Obviously this trick won’t work in e-mail, unless you always send your mail in HTML format, which I (along with about half the world) really wish you wouldn’t–it’s annoying. And even if you obscure the mail you send, if I copy and paste your mail to my site, it’ll go up there unobscured. So this advice is mostly for webmasters.

Anyway… On to other things.

We’ve moved, if you haven’t noticed. These pages should be at least a little bit faster. The forums will be several times faster. And the forums are goofy. I haven’t figured out exactly why, but posts are missing and user files are acting up. If you’re having problems (Steve DeLassus just told me he can’t post because it tells him his .dat file can’t be accessed), go ahead and re-register. If you want your post count raised to its previous level, just let me know. I can change that. (Hmm, I wonder if Gatermann would notice if I set his post count to a negative number…?) I’d have preferred to move everything intact, of course.

Anyway. Go play in the forums. See what breaks. If I don’t know it’s broke, I sure can’t fix it. (I may not be able to if I do know, but hey, I can give it my best shot.)

Update: It’s 5:45 in the p.m., and you’re watching… Wait. That’s something else. The forums seem to be working properly now. Lack of uniformity between Linux distributions bites me again… It wasn’t the location of the files YaBB was objecting to, nor was it permissions. It was ownership. Under Mandrake, Apache runs as a user named “apache” and thus files created by CGI scripts like YaBB are owned by “apache.” Under TurboLinux, Apache runs as user “nobody,” and thus files created by CGIs are owned by “nobody.” And when you just tar up your Web site and move it to a new box like I did, those files remain owned by their old owners. Since Linux assumes you know what you’re doing, it happily handed those files over to a non-existant user. So when YaBB came knocking, Unix security kicked in and said, “Hey, nobody, you don’t own these files,” hence those error 103s everyone was getting.

I want to go live with the new server…

And for a few minutes last night I had it cranking. It was fast and wonderful until I got into the forums. Everything was there, but when I tried to read the messages, I got error messages. I’ve had that problem all along. At first I figured the problem was due to the files being stored somewhere else under TurboLinux, so I reconfigured Apache to store everything in /var/www like it does under Mandrake. Then I figured the :8080 in the URL was throwing it off. So I flip-flopped the two servers, so as far as YaBB knows, it hasn’t moved. All the permissions are the same on everything. But it still can’t find the files if I move it.
I’m really sick of this P-120’s speed, or lack of it, especially since I’ve got a Celeron-366 sitting under my desk in a case that once housed a Pentium-75 (how’s that for irony?) that’s fast and lovely and chomping at the bit to go.

We’ve got 149 messages on the forums at the moment. A couple of the topics are active. Nothing’s stopping me from grabbing the text of the messages and dumping them somewhere on the site where the search engine can still find them and the wisdom (or lack thereof) they contain.

Anyone have any thoughts? If there aren’t any big objections to it, I’ll make the move tomorrow night.

In the meantime, I’m not feeling so great. So I think I’ll just rev up the Farquhar Time Machine, make my server think it’s Tuesday, post, forget that there are such things as e-mail and telephones, and call it a night.