Syllogism

As with much that happens in the media, people catch onto buzz words and decide that they are our saviour against broadband issues in South Africa. First it was PLCC which failed hopelessly many time over while government after government wasted millions on proof of concept. Then it was 3G which still has its place, but towers are hopelessly over contented and each time I have to use it I feel like sawing my hands off to end the pain.

Still the biggest wombat around has to be LLU. The concept is simple, you bully your previously state owned monopoly into opening the doors to their infrastructure to other providers. People stick some fibre into the exchange and ride on the rest of the PSTN.

It recently became apparent to me that the effect of LLU in SA will be nominal, if any at all. The reason for this is one of the major problems - our copper is old, and Telkom are doing nothing about it. They upgrade area exchanges on demand, if you're one poor sod with bad copper you're screwed and no amount of LLU is going to help you unless someone else starts laying copper (but more hopefully, fibre).

I recently discovered just how bad this is, in a very shocking way. I'm moving to Sandhurst, a place which Wikipedia snobbishly lists as "one of the wealthiest suburbs in South Africa". So you'd be forgiven for thinking that a modern and rich suburb right near Sandton would be abundant with every form of broadband available. I mean, if rich people aren't going to buy our expensive broadband then who is?

To my surprise, 3 weeks after logging a line migration request Telkom had "lost" the order due to migrating to a new ordering system. Ok great, so how about that ADSL then? Suddenly we were on a 2 month waiting list. Rather unacceptable since I work from home and had one week left to move, they had 3 weeks already to open their gob, and I happen to know that 2 weeks is their cut off point for acceptable install times. So what is the problem? It took an eventual escalation to Telkom corporate to get a solid and reliable answer of "we can't". Yes, somehow when Telkom run an exchange they don't bother with any sort of capacity planning, they just wait until it's completely full with no hope of provisioning anything more and then they start to order some new kit and cables - not the sort of kit you find at Incredible Connection either. The best answer I got from someone was "I'm not sure what date it's scheduled to be upgraded".

How is it possible for our largest telecomunications company to make such a hopeless blunder? How on earth, if our exchanges are running at very much maximum capacity, is LLU going to aid the situation when the buck still stops with the owner of that local loop? I remind you again, we're not talking about getting ADSL in Alexandrea (which is actualy possible), we're talking about somewhere which is a stones throw from the JSE. A place where many Telkom executives themselvs live. You can even leave asside ADSL, they are not provisioning voice either and their staff are hopeleslly clueless about WiMAX which (according to the hopeless staff) requires a 30 day wait.In the most simple terms, Telkom have told me to use 3G (no thanks) or to go to hell.

So I'm sorry FNB, WebAfrica, Internet Solutions and Nexus. I can't buy your bandwidth anymore even if I wanted to. And even if the local loop was unbundled, there simply isn't one to unbundle for me either. I can only imagine how many other exchanges are in a similar predicament, or very close to it.

There is a lot of general displeasure about the current model that ADSL is currently sold in SA, but are there actually benefits to this model?

Since ADSL was launched in SA, and there was only one place to get your upstream bandwidth, the 3GByte cap has been the norm. Despite reductions in cost, the 3GB cap has become almost traditional with most ISP's even moving to sell bandwidth in a prepaid fashion with smaller increments.

The one benefit we have over other markets is the ability to change upstream providers with a simple PPPoE account. This has in many respects lead to increased complexity in the underlying network which adds to cost for the benefit of some limited mobility. Undoubtably there is benefit to being able to tell your ISP to shove it with one months notice and move onto another without having to get your local loop modified. This is of course not to say local-loop competition is not seriously needed in this country.

One of the benefits though of purely usage-based billing is that upstream carriers pay for their mistakes instantly. In my house we currently maintain 3 different PPPoE connections, one through FNB, one through IS and one through Telkom SAIX.

Routing happens dynamicly based on several policies. Gaming is lowest international latency - FNB generaly wins here. Browsing is on highest international throughput, where SAIX wins hands down almost all the time. Local traffic goes the cheapest route which is IS. The instant the situation changes we route around problem carriers.

With this setup one thing is clear, when a carrier isn't pulling their weight we stop using bandwidth and they stop earning money.

Still, the prices of the bandwidth are too high and most of the margin is not realised enough by the non-Telkom carriers to give them an incentive to resolve issues faster. The other problem is debatably that many of the problems don't occur in their own networks, the over complicated and not very redundant IPC systems as well as the massive overhead cost of delivering bandwidth to other carriers results in most of our high prices and poor performance. Still, if we could resolve these problems in a similarly flexible network could benefit the consumer more so than purely un-capped lines. 

There are quite a number of blacklists (or some claiming not to be blacklists) who operate under the faulty idea that they are aiding peoples ability to use email.

The problem is that these security "experts" and companies are out of touch with the front line reality - they cause more problems than they solve, and they do so aggressively.

Lets take a look at UCEProtect for example. They offer "express" de-listing for a fee with the claim "As soon as a provider's abusers go below that 0.2% within 7 days their AS leaves Level 3 automatically and FREE OF CHARGE."

The naivety and ignorance of such a statement is almost unfathomable. It could almost certainly only be made by someone who is lying about the fact that they not are holding people to ransom, or by someone who has clearly never had interaction with a customer before. I challenge anyone to be on the receiving end of a phone call regarding mail being blocked by UCEProtect and respond "That's ok, just stop doing business for 7 days until you are de-listed".

It may be one thing to prevent spammers and try to bring ISP's to task, but this is surely not a conscionable way to go about it.

The primary problem is that many of these people are victims. Regardless of how good anyones out-bound mail scanning is the reality is that viruses hit hard, and they hit fast. There will always be someone who is infected by them before even the biggest anti-virus vendors are able to detect it, and these days by the time that anti-virus update arrives the users anti-virus software was the first thing to be taken down by the virus.

There in lies the problem, it is far too easy to land up on these lists by no fault of the user. Users are stupid, they open viruses but that does not give security nerds the right to prevent them from maintaining contact with the rest of the world. If you want to solve the problem then fix Windows or convince people to stop using it.

The cooldown periods imposed by these peoples faulty abuse of statistics is just too harsh to match with reality, and providers who support this ideology are simply going to go out of business or cause themself a large amount of pain.

There has been quite a bit of advertising about FNB Connect. I figured since I'm an FNB customer and the service is dirt cheap I'd sign up for a few of the packages and give it a whirl.

The primary point of interest for me was the VOIP since it was advertised as SIP, however the website covers no details. Fortunately they were easy enough to figure out on my own.

First of all, the client they give you uses IAX not SIP. This is fantastic and makes life so damn easy. I already have a VOIP phone and Asterisk exchange which connects to our work exchange, the thing I've lacked is some way to break out personal calls. A few tcpdump's later I found the IAX endpoint address which is voice.fnbconnect.co.za

Setting up my FNB IAX provider was a breeze once I worked out a few hiccups with our resident Asterisk expert.

iax.conf

register => 087<mynumber>:<mypassword>@voice.fnbconnect.co.za

[fnb]
type=peer
host=voice.fnbconnect.co.za
username=087<mynumber>
secret=<mypassword>

[087<mynumber>]
type=user
host=dynamic

Now to route some calls out of there

extensions.conf

[local]
<my local stuff goes here>
exten => 087<mynumber>,1,DIAL(SIP/<my extension>)

[default]
exten => s,1,DIAL(SIP/511)

<snip>

[outbound]
exten => _X.,1,DIAL(IAX2/fnb/${EXTEN})

FNB's calls come in as "s@default".

Works like a charm. At first it was a little choppy, but once I brought up the FNB Connect PPPoE and routed FNB's prefixes (41.183.0.0/16 and 196.11.0.0/16) over it the quality is acceptable. Nice bonus is the latency to the FNB VOIP exchange is around 8ms from ADSL in Sandton.

There was some discussion regarding the cost of telecommunications licenses in South Africa and the implications of them. The ultimate argument being whether the R10,000.00 ($1000) cost of the lowest level license provides any value, what problem any cost is trying to solve over just charging R27 (for example) for the raw materials of the paper it is printed on.

Someone gave a run down of some baseline costs and posed the question "If you are not already spending on all of the above then what kind ofnetwork are you running?"

I decided to tell the following story, and then realised it might be nice to put it here as well.

When I was in primary school I loved electronics. Computers were scarce then, but I remember wanting to run a cable over the road to my friends house so we could make an inter-com and mess around with other ideas. There was mountains of surplus cable in my dads garage, and we could totally have done it. We were told it was illegal, under the apartheid government.

When I was in school, I spent much of my past time dumpster diving and sweet talking friends with real jobs.

By the time I left varsity I had a 42U rack, 5 pc's running BSD and Linux, two Catalyst switches and a few odd-ball Cisco 1600 and 800 series routers. I ran an experimental BGP network and peered with the local WUG and a bunch of internet space over VPN's and even through some fluke had a BGP6 peer with Hurricane Electric for a while.

This cost significantly less than R10000, actually all I paid from my own pocket was a few memory modules, blank CD's, CAT5 cable, a WRT54G and a Yagi antenna. Grand total probably ~R3000.

Of course it was all still completely illegal despite apartheid being long over, and the government probably could have fined me many thousands more for "operating" without a license.

Why couldn't I have branched out into a full scale network and gotten a few customers? I have questionable amounts of clue, and yet seemingly the only reason I couldn't do this was peoples insistence that it was illegal.

It certainly is a nice world we live in.

South Africa

There has been a big racket about Conficker lately. One of our sites appears to be infected with it, of least surprise since the cheapness of said sites owners results in almost every virus taking its toll at some point or another.

Despite all the noise about how Conficker will destroy the universe on April 1st (dang, that's tomorrow...) the information was far too technical in nature. I literally had to swath through pages of graphs detailing its code and propagation methods before arriving at the eventual conclusion of "what the hell are we supposed to DO about it".

Anyway, there is a great script by Felix Leder and Tillmann Werner. I repackaged it as a tar since zip is an awful beast, and I shoved Impacket into it as well.

http://syllogism.co.za/~karnaugh/scs.tgz

Our systems have a fairly large Python stack by default so you might need pycrypto as well according to some reports, but from what I saw it was just a warning so it probably works without it unless it's trying to use the NTML in Impacket.

I wrote the following on a mailing list today. The context is somewhat irrelevant, and I hope Neil doesn't mind me pasting here. I'd link the list archives but they haven't been updated since last week Saturday for some reason so I will try to link the thread when they are fixed.

On 2009/01/19 06:39 PM Neil Blakey-Milner wrote:
> KnowledgeTree could be reasonably easily (say, only a few hundred
> lines of code) made to support office/branch environments pretty
> easily by writing your own StorageManager, at least back when I was
> working on it (and I can't imagine it has lost that since then).
>
> Admittedly, that would have meant writing a few hundred lines of
> robust _PHP_ code... ;)
>
> It's possible someone has already done it - I guess KTForge would be
> the place to check.

The problem is balancing that off against the commercial support. In terms of risk management most places want a company behind something, so if I get hit by a bus or Andre finally makes good on his plans to off me there is a fall back to maintain the solution.

So hacking new storage back-ends is only useful if it can be adopted upstream. Which puts me in a bind, do I bother to write something if there is a possibility its future depends on me maintaining it my self? From my point of view, if the change I see necessary in a project is cultural or exists in the fundamental architecture then it's dead and my option is to start again and then push that back into the community. Unfortunately I don't have time to do even that so it dies there.  

People need to realise it's not good enough to be free or open source. And I also get irritated with a few projects out there who I can't comprehend their motives. They seem uninterested in maintaining use of their project, but at the same time complain about lack of assistance.

The best example I can thing of is gnome-terminal. A while ago I decided to finally write a detailed bug report about something that has irritated me in gnome-terminal for a long time. Despite it tying into the global clip-board it still treats the selection buffer differently from anything in the global clip-board, but only on some very strange and arbitrary terms or when the moon is in the right location. I spent quite a bit of time figuring out the behaviour and what was irritating me, and then writing a bug report which I decided to file on the Ubuntu bug tracker (they do all sorts of odd things with packages so it's the right place to hit first). The ticket was marked "won't fix" within a matter of minutes, with a description that many people already complained and Gnome rejected the bug already.

What the fuck is going on with Open Source that when your users take the time to provide feedback (instead of just buggering off back to Windows) they get shot down by arrogant developers who are just too lazy to re-architect their software. And I'm not talking about the one or two complaints some people have, I'm talking about serious usability or structural issues that many many people take issue with.

You can pass off Gnome as whackjobs perhaps, but I've hit the same issues with ClamAV, Firefox, GIMP and countless other projects.

Personally I take pride in my work and if someone has a problem with it I want to know why and how I can try to help them, but honestly 80% of the Open Source projects and developers out there seem to just be after some fame.

So I discovered the other day that my application for credit transfer from UKZN, that I have been waiting for for 2 years, was lost at the Unisa applications office. I have to reapply. Joy to the world...

The grand thing is that most of what I will need to do next year requires me to get credits for those prerequisites, so I'm either going to have to redo some of the modules that I essentially have already done, or take a year long break somehow while it gets fixed. Of course university rules require I pass 4 modules a year - except I don't actually have 4 modules that I can take unless I decide to branch out into sports science or something.

This among other things is mostly my fault for not investigating it sooner - sorry, I was too busy studying and working to check on whether the registration people had done their job properly. I did receive a very nice apology from the faculty, but somehow I feel it pales in comparison to the pain I will now have to go through, which includes getting my transcripts again which is something I can't do until next year anyway. I can't blame them though, there are many more students than myself and I do not envy their job of dealing with all of them.

I'm not sure what it is about me, or some grand force in the universe that is trying so very hard to prevent me from ever gaining tertiary education. I have come to appeal to the whole world; Won't someone please just give me a damn degree? Far more ignorant and stupid people than I have numerous doctorates on their CV, and many more will continue to do so, so why should people with real talent suffer?

I've never really written about the subject previously, since my departure from UKZN came at a really bad time for me personally. Dropping out was not a consequence of my poor personal life, it was my saviour. On all possible levels I was extremely unhappy studying there. The staff were uninterested and hostile, the coursework was deliberately obscure and irrelevant and in particular the programming subjects were a waste of time. I can safely say that grade 12 Computer Studies was more rewarding than the various advanced programming credits I completed at UKZN. Lately UKZN has come under a great deal of media fire over various things, and every time I read an article I thought "And people ask me why I left...". They are trying very hard to repair their image of course, but most of it seems like empty words and denial. It seems as if the amount of problems that surround them since their merger with the University of Westville can only really be solved with a large scale demolition.

I'm not bitter about it, it just wasn't for me. Ok, so I am bitter about it but purely from the point of view that I can't figure out why I clash so vastly with tertiary education. Especially when everyone keeps telling me it's so important to my success.

Over the last two years I have thoroughly enjoyed almost all aspects of Unisa, but I think what I enjoy the most is the ability to not be forced to deal with high level bureaucracy. I liken it to the government in many ways. I like having a government, so long as I never have to deal with them.

Perhaps what makes other people succeed at university is perseverance when administration is being obtuse. From speaking to others though, this is not a unique problem. It's not even unique to South African universities. Perhaps then what makes me incapable of persevering with university bureaucracy is my feeling that tertiary education in it's current form, for my specific set of interests, has become redundant.

Most education in computer science has been superseded in content by the internet, it contains far more accurate, current and peer reviewed information than tertiary institutions seem to care to provide. I said previously that I enjoy the Unisa course work, the simple reason for this is that it sticks to the basics in most cases. C++ will never really be redundant, it's a necessary evil for almost every programmer to know. Regardless of this, I still find there are far better ways to learn these things. The real reason I like Unisa is that their testing methods work for me personally.

The biggest reason why I seem incapable of getting a degree though is that I simply can't seem to understand why I need one.

In a recent Guardian interview, Stallman attacked the concepts of cloud computing and the ideals of SaaS (Software as a Service) referring to them as "stupidity".

Whilst the ideals of Stallman have been put to good use in the form of the original GPL (a license I personally think is paradoxical), I feel it might be time for Open Source in general to distance itself from people that display obvious signs of insanity.

For one thing, somehow this lash out at web based services came with the increasing use and development of cloud computing services. It did not come when free webmail services empowered millions of people who did not have full time access to a PC or the ability to pay exorbitant ISP costs for a mailbox.

No, it comes now when that idea wants to extend the luxury of information retention and application use to those self same people.

Sure, there is an element of trust but you need to consider critical mass and look at the privacy statements on a case by case basis. Some SaaS providers will probably have dubious privacy or intellectual rights clauses - that's why they are usually there to be read. At the same time however, I think a balance needs to be struck between common sense and delusional paranoia. Does Google really have the time and/or resources to sit and go through my personal documents? I doubt it.

I also don't quite comprehend the confusion about "ownership". The laws are pretty clear cut. If I write something and don't explicitly sign away my implied legal copyright on it, it is mine. The laws are there to protect people and they have been proven to work. Just because I write something on Waltons stationary does not create confusion about who owns the resulting work, why should it now?

Perhaps it is the 'stall' in 'Stallman' rings too close to 'stalwart' though. It makes even more sense from that perspective for a backward company like Oracle, who have yet to advance much past their 1980's principals of big clunky centralised databases, to side with such things.

"It's just as bad as using a proprietary program. Do your own computing on your own computer with your copy of a freedom-respecting program."

Well Richard, try telling that to the people who can't afford their own computers or even the electricity to power one.