Monthly Archives: March 2006

The Slow Death of Democracy

Old Europe is dying. For 200 years philosophers and thinkers have predicted the failure of Democracy. Not from the slow creeping encroachment of civil liberties, but because of the steady natural drift of progress socialism. Once a people learn that democracy can be use as a vehicle for wealth redistribution; the unstoppable decline of freedom will have already begun. While civil liberties are often taken away and returned based on the ebb and flow of a counties appetite for conflict; economic liberties (arguably the more important of the two freedoms), once taken away, are almost never returned.

Witness, France. Long thought to be a fountainhead of liberal progressive socialism. Where, whatever your state of being, the government can always be counted on to save you. The reality is entirely different however. Some places in France are experiencing unemployment levels equal to those of the United States DURING the great depression. The economy is in shambles and the almost universally recognized reason, the very government programs that the citizens have come to depend on. Within a decade or two, the economy of France will be so bad that the government will go totally bankrupt trying to pay for it all.

This problem is both well known and well understood. Regardless of the Utopian ideals of college professors and social activists; the reality is that there is simply a limit to what a government can be expected to do to help its citizens. At some point trust (and personal responsibility) must be places in the citizenry themselves. The USSR (and almost every communist country in the world) failed because of the realization, China has stayed a communist country because they identified and reformed (just) their economy in light of this realization Yet in France’s developed democracy; any reform (to fix the admittedly identified problem) is met with such hostility that their are riots in the streets.

Its a sad reality that the Presidents domestic spying and counter-terrorist programs (in the form of the Patriot Acts) are less likely to hurt American Democracy than his prescription drug package and the “No Child Left Behind” initiative.

AJAX Links

Couple quick links to some quality AJAX and DHTML.

  • DHTMLGoodness – Website for DHTML and AJAX scripts. Well managed and useful, the scripts are fairly well encapilated. Includes demo pages of their scripts.
  • Max Kiesler’s Blog – Max has a roundup of some of the best AJAX tutorials around. Good way to give new developers an intro to web application development using XML and Javascript.
  • Catalyst – A Perl/AJAX framework for rapid web application development. It is similar in functionality to Ruby on Rails including such niceties as template auto-creation, structured MVC controls, and a plugin interface. All this and, because its Perl, you can use your regular CPAN modules including mod_perl.

Preventing Dictionary Attacks in SSH

ssh is arguably one of the most useful remote administration tools in existance; but it is no good if you cannot turn it on. Whenever I check my Linux server logs (on my externally faceing machines) there are ALWAYS hundreds of attempts to get remote access through ssh via brute force dictionary attacks. While I always have strong passwords and generally have strong usernames; there is always the chance that an attacker might get lucky.

Thankfully Linux has ipTables. The Linux kernel level firewall can be amazingly complex (some people actually consider it a full blown programming enviroment.) But that complexity allows for a dramatic amount of flexablility for a firewall. For example, if I want to block hosts who have attempted to login and failed 4 times in 60 seconds:

iptables -N SSH_CHECK
iptables -A INPUT -p tcp –dport 22 -m state –state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m state –state NEW -m recent –set –name SSH
iptables -A SSH_CHECK -m state –state NEW -m recent –update –seconds 60 –hitcount 4 –name SSH
iptables -A SSH_CHECK -m state –state NEW -m recent –rcheck –seconds 60 –hitcount 4 –name SSH -j DROP

While we are on the subject of here is a great tutorial on getting IPCop working.  IPCop is an alternative firewall for Linux.

10 Little Things

I have been dealing with some scary-bad web development work lately. For anyone getting ready to do a website, “abs” has a great list of ten things that you should do (or expect from) a professional web developer. Anyone can get a website up, but it takes a real understanding of the internet and its strengths to take full advantage of it. Otherwise your site comes across looking like it was done by a high school senior.

The Math of Filtering

Found this great introduction to Bayesian Filtering from the mathematical perspective. Bayes’ agorithem is useful for more than simply spam and the article does a pretty good job of explaining how it works in laymans terms.

CompSci Concepts

Brandeis College has a posted some reference material for their “Structure and Interpretation of Computer Programs” class. It is interesting for a number of reasons but this should clinch it for you programmers:

There are only five ideas in Computer Science, and by the end of this course, you will know three of them.
–Harry Mairson