Three days ago, I received an email from DigitalOcean. They said that they were doing some maintenance and my VPS, the one that currently runs this website, will be rebooted soon. I didn’t pay much attention to that.

Today, I wanted to look at my website… and it didn’t open. The server didn’t even respond to ping. Yes, yes, I should use a service that monitors my stuff, I know. Few people care about my website though :D

So I rebooted the server, went to the DigitalOcean VNC console, logged in… as a regular user that can’t sudo. Becuase For Security™, my sudoer account does not have a password. Only authorized SSH keys. Fuck.

The solution was to use the JavaScript devtools to automate typing the ssh key into the console and ssh to localhost as the regular user. The script was suggested by someone on DigitalOcean’s support site. I had to modify it a little to work with newlines. However, mistakes were introduced: some letters ended up as lowercase instead of uppercase or vice versa. After getting in as a sudoer, I was able to set up networking.

The actual problem? bsd-cloudinit didn’t work because a symlink in /etc/rc.digitalocean.d was broken, and as a result, the network settings were not set.

I’d say that the actual actual problem is the use of cloud-init stuff instead of, you know, DHCP/SLAAC.

So I’m switching between libressl, libressl-devel and openssl on my FreeBSD Raspberry Pi to see if any of them works (without segfaulting) when used from Python (spoiler: they don’t). And suddenly! Deinstalling openssl results in this:

pkg: sqlite error while executing DELETE FROM packages WHERE id = ?1; in file pkgdb.c:2305: database disk image is malformed

But I can query /var/db/pkg/local.sqlite using the SQLite shell! WTF. Maybe some index got corrupted or something because of the awful microSD storage of the Pi.

So, recovery procedure I figured out: move the database to a different place, recreate a new one (run, like, pkg upgrade), use a clever grep trick to separate the data from the schema (on the old DB, obviously), do some manual editing on the resulting data-only file (the trick doesn’t catch pkg_search because it’s a virtual table created using an INSERT or something), pipe the resulting SQL into the newly created database, use the shell to delete everything related to the offending package.

No, pkgng doesn’t like it when you just dump the DB into a new file, it will try to recreate tables as if you were upgrading. For some reason.

Just experienced the most ridiculous Android FAIL ever.

You know the PIN entry screen on boot, for unlocking disk encryption, right? I rebooted my phone and… the bottom row of the PIN keyboard — the one with the “OK” button — was not usable! Touching anywhere on the bottom row instead was opening the notification center (!!!) which was only visible through a small frame at the top of the screen, same height as the top bar usually is. The unlock icon was also visible on the top of the keyboard.

I took screenshots but they weren’t saved :D I guess it just showed the screenshot animation but couldn’t save it anywhere because of the disk encryption.

Upgraded FreeBSD on my laptop to drm-next-4.6 (branch with GPU drivers ported from Linux 4.6). So, *ERROR* timeout waiting for SBI to complete read transaction dmesg spam (that slowed down booting for a couple seconds) is gone. New dmesg spam is hdac0: Unexpected unsolicited response from address 0: 00000000 at the end of the boot process, right before the login prompt, and not taking any time. clinfo doesn’t show self-test failed anymore. VAAPI video decoding acceleration still works. Haven’t tried connecting an external display yet.

The only real problem is that Firefox with full OpenGL compositing (layers.acceleration.force-enabled) is artifacting, but whatever, it’s fine without that.

Current status: reinstalling 1114 packages because o m g the ABI version changed to 12 :D

The default build options for Blender in FreeBSD are weird. CYCLES=offFFMPEG=offCOLLADA=offCAMERATRACK=off‽ Why. Another package to compile instead of pkg installing…

By the way, only recently I’ve learned that Blender is the FOSS answer to not only 3ds max + V-Ray, but also Premiere/Final Cut and After Effects/Motion. (Damn, that makes so much sense! If you have a 3D animation editor, if you put video into it, it becomes a video editor!)

The sequence editor looks like old Final Cut, not new Final Cut… But it’s Blender. The program that shows Python code in UI elements’ tooltips to show how to do the same things programmatically. I guess I should be able to make a plugin that makes the timeline magnetic, if such a plugin doesn’t exist yet.

Oh also this video series is sooooo pretty

Just set up a network scanner — an old Canon that’s fully powered through USB, plugged into my OpenWRT router, which I configured to run saned with xinetd. Just because I had the scanner :D

By the way, looks like it’s also possible to connect to 6LoWPAN over Bluetooth LE on OpenWRT. I’d like to play with 6LoWPAN but ironically, the cheap & compact & low power DIY IoT thing, the ESP8266, uses Wi-Fi with WPA2. Even with EAP-TLS auth! Which is also a thing OpenWRT does.

I’m working on a server-side HTTP cache! It’s a Haskell WAI middleware. It’s controlled by Cache-Control / Vary. It doesn’t have real storage backends yet, but it has a test that I’m really happy with and some thoughts about using caches against DoS attacks in the README.

Oh, also it’s probably a good example of OOP-ish Haskell. Thanks to GADTs, the CacheConf constructor “eats” the backend types :D It’s like class Conf { BackendInterface backend; } in Java/C#.

A couple days ago, I saw an email from Keybase saying that someone I know started tracking me. So I typed the command to do the same and… realized I don’t remember my GPG passphrase. I’ve been using it mostly for signing git tags, but I haven’t done that in a couple months.

Brute force with rephrase and even John the Ripper didn’t help. Found the revocation certificate, printed on paper. OCR’d, fixed the text, typed it manually – “Bad signature”.

Today, I needed to actually sign a git tag. Guess what. I remembered the passphrase! :D



Unfortunately, I feel I have to increasingly justify myself for preferring tabs. I do justify it, though.


Tabs are inherently perfect for indentation. They embody the concept of indentation.


Their size adapts to anyone’s readability needs, unlike spaces which force you to accept the project’s indentation levels.


More perfectly in design, tabs can be replaced by spaces with sed; but such an operation only goes one way.

And that is exactly why I prefer tabs as well. It’s a special character which is easy to search and replace if that is ever needed. Space is good for separating words, but using spaces for indention is the same as using spaces for centering titles in Word(-like) documents.

Modern Android problems: update to a CyanogenMod nightly which is based on a slightly newer AOSP → need to flash vendor.img from the newest factory image → WPA2 EAP-TLS Wi-Fi connection starts behaving weirdly: not connecting, then connecting and finding “no internet” after a few seconds, etc.

Last time I fixed this by issuing a new certificate and using it, now even that doesn’t seem to help. Decided “fuck it” and connected to my old WPA2 Personal network :D

The Windows install on my desktop suddenly decided to start resetting some settings every time I log in. The wallpaper, Start and taskbar pinned items, Firefox profile… Thankfully, not the Steam profile :D

Oh, by the way, recently I was reminded of one of the most infuriating Windows things. It’s 2016 and Windows is still not UTF-8 everywhere. The cmd console is whatever (CP1251 for Russian locale), Visual Studio saves by default in whatever (I’ve seen CP1251 and… UTF-8 with BOM). There’s also the \r\n newline stuff. And Windows users are convinced that Windows defaults aren’t the problem, it’s those weird Unix people who cause problems.