FRQ - RSS validation, Firefox/Firebird, door knocking firewall, etc

I meant to post this last Friday, but was too busy to send it off. Here's just some links and comments I've collected while being away from blogging...

Development

Mark Pilgrim in this blog entry "validator services" talks about IT people's view on web standards. Validating XML/RSS hasn't been that successful. Especially generated data with less-than-careful coding, a lot of RSS out there might not pass validation. Who cares? Customers first and then web standard later...

Not only the RSS not validating, you also need to ask the question, "which version does it validate to?" as Mark pointed out that there are actually 9 different incompatible RSS versions. If that does not give the aggregator author headache, I don't know what else gives.

Mozilla Firefox On the note of Mozilla Firebird, it has now changed its name to Firefox to avoid name conflicts with another Open Source Project, the Firebird Database. Personally I don't feel any conflicting at all as they are two completely different products, and those who might get them confused should stay using Internet Explorer and Microsoft Access. However, I shall still congratulate the Mozilla guys to make compromise.

And Firebird, the SQL database, has just released their 1.5RC9 with various bug fixes. Hopefully it is going to be the 1.5 final in one or two weeks. I also noted a project that tries to port Firebird to WinCE. It would be nice to have a powerful open-source embedded database running on a handheld. Too bad that I don't have a CE.

On the topic of SQL, this guy predicted the death of SQL in 5 years, where database query will be replaced by XML's XQuery. I have not had much experience with XML based database engine, but from my limited experience I hardly see that it is in the foreseeable future.

Finally, What's New in Python 2.4 is on the Python website, and there are some interesting features in the up-coming new release. On most my boxes I am still using Python 2.2. I know Python 2.4 will probably be released on the day after I converted all of my boxes to Python 2.3...

Network Security

Slashdot has pointed to a site on port knocking, which is a protocol to ask the firewall on the server computer to temporarily open up a port for connection. This enables the service to be sitting behind the firewall most of the time, from tinkering of script kiddies outside. The protocol will be something like connection attempts on closed port x, y, z in one sequence within 5 seconds, and then port n will be opened for the next 10 seconds.

This article on Linux Journal talked about the pro and cons of this design. However it did not mention the difficulties of designing firewall on the client side, as random ports need to be opened to initiate the port knocking protocol...

Or you can run OpenBSD to achieve maximum security - after all there is only one exploit in default install in more than 7 years! Oh, wait! I think someone is trying to upset Theo's babe again. Apparently you can remote crash an OpenBSD box by hand crafting an IPv6 packet, by "setting small ipv6 mtu and then doing tcp connect". Great! But quoted Theo, "it is just a crash"...

Life

Melbourne has been ranked the world's top city? It just sounds weird when 5 Australian cities are ranked world's top 10. Or maybe we are just lucky...

Guitar. Self-tuning guitar - press a button and it can automatically tune the 6 strings to whatever tunes you give to it. Very very cool indeed, and certainly would save guitarists a lot of time.