D&D item: Martyr’s Collar
Seeing how everyone else is currently creating interesting items, I thought that I should throw one of my ideas into the mix. And after a bit of tinkering with how it should work, I present:
Martyr’s Collar Level 5
Resting tight against the throat, the wearer is always reminded of the price of sacrifice.
Lv 5 1.000 gp
- Item slot:
- Neck
- Property:
- This item can mean instant death for the character. To wield it, the character must succeed at a hard willpower check. After three failures, the character needs to take an extended rest before trying again.
- Power (At-Will ♦ Necrotic):
- Standard action. A conscious and willing character may activate the collar while it is around their throat. The collar magically constricts, severing the user’s head from their body. The user’s life energy serves as a power source for the collar and sends every attuned ally in range (burst 10) to the point defined by the attuning process.
Being able to survive the decapitation does not save the user, as all of their life energy is used up to power the collar’s magic.
The allies do not need to be willing, conscious, or even alive. If, for whatever reason, the destination is not reachable, the collar will not activate. After the teleportation, the collar expands to its normal proportions and loses any attunement. - Power (Daily):
- Standard action. Every willing ally in a burst 5 are attuned to the collar, and the item itself is attuned to the location. When the at-will power is used, all allies attuned and in range are transported back to the current location. The collar does not need to be worn to be attuned; any character touching the item can initiate the process. When passing between owners, the item does not lose connection to any attuned user or the attuned location.
Nobody really knows how these devices ever came to be, but they seem to have been used by devout and loyal warriors throughout time to save comrades from certain death by using their own life to shield them. The ultimate heroic sacrifice, most souls sacrificing their bodies this way ascend to the Astral Sea.
Trusting self-signed certificates with Google Chrome on Linux
Update: added the “C” flag to SSL attributes which I accidentally forgot to include.
Also changed $HOST to $host, as $HOST is the shell parameter for the current hostname…
If you’re not really sure about how you can stop Chrome from permanently reminding you that the server you’re connecting to is a bad boy (read: using a self-signed certificate), you’ll probably end up looking at CACert’s Browser Client page by way of Google. With a bit of reading documentation, you can probably find out how to import a self-signed certificate and mark it as trusted, but since you’re probably lazy, you’d rather just copy and paste a few instructions.
First, I have to stress is that blindly trusting a certificate you download off the internet is a Bad Idea. But expressing a certain laissez-faire attitude: if you’re stupid enough to copy and paste blindly, you deserve it.
Second, simple copy and paste instructions:
openssl s_client -connect $host:443 -showcerts > temporary_file certutil -d sql:$HOME/.pki/nssdb -A -t CP,,C -n "$host" -i temporary_file
Third, explanations:
- s_client just connects to the given hostname, 443 being, as you should know, the (default) HTTP SSL port.
- –showcerts shows all kinds of information about the certificate, including the certificate itself. You will probably have to hit ^C/^D to stop s_client.
- If you get multiple (and different) certificates, first one will be the server certificate, and second one the CA certificate.
- certutil (package hint: libnss3-tools can be used to manage your local «Network Security Services» SQLite database.
- The specified argument for certutil are:
- The database to use (in this case, the user-specific NSS database).
- The flag to add something to the database (-A).
- The “trust types” for the certificate, in “SSL, S/MIME, CA” notification: “P” for a trusted peer, and “C” for a certificate authority that may issue server certificates.
- A shortname to identify the certificate in the database. The hostname works well and is fairly obvious.
A records on top level domains
After I stumbled upon the wonderful URL shortener http://to/ today and immediately began posting it on IRC, I received a comment that someone didn’t even know that is was possible to do so. I, of course, could only comment “of course it’s possible”. But in the same train of thought, I just had to have a look at who else has a valid A record on their top level domain. So I fetched the IANA TLD list and, after being baffled by the punycode TLDs, threw some sh at the problem:
(for domain in $(grep -v '^#' tlds-alpha-by-domain.txt); do host -t A "${domain}."; done) | grep -v 'has no A record'
For the sake of enjoyability, I thus offer the results in table form, along with what kind of site is running on port 80. Data timestamp is 2010–01-08T16:05:00+0100, location for routing is DTAG-DIAL26 / AS3320.
| TLD | IP | content (port 80) |
|---|---|---|
| AC | 193.223.78.210 | “Always connected” (NIC.AC) |
| AI | 209.59.119.34 | “Offshore Information Services” |
| BI | 196.2.8.205 | “It works!” |
| CM | 195.24.205.60 | cm [195.24.205.60] 80 (www) : Connection refused |
| DK | 193.163.102.23 | “DK Hostmaster” (NIC.DK) |
| GG | 87.117.196.80 | Channel Isles Domain Registration |
| HK | 203.119.2.28 | hk [203.119.2.28] 80 (www) : No route to host |
| IO | 193.223.78.212 | NIC.IO |
| JE | 87.117.196.80 | Channel Isles Domain Registration |
| PH | 203.119.4.7 | HTTP 500.100 via broken Microsoft IIS |
| PN | 80.68.93.100 | Apache default home page |
| PW | 203.199.114.33 | pw [203.199.114.33] 80 (www) : No route to host |
| SH | 64.251.31.234 | sh [64.251.31.234] 80 (www) : No route to host |
| TK | 217.119.57.22 | “TK your long URL”, free .tk domain name registry |
| TM | 193.223.78.213 | NIC.TM |
| TO | 216.74.32.107 | TO./ URL shortener |
| UZ | 91.212.89.8 | some WAP page I can’d decipher |
| WS | 63.101.245.10 | ws [63.101.245.10] 80 (www) : Connection timed out |
So, in short, 5 of 18 (27%) are downright broken, one is being autistic, and a further 2 (11%) are not configured to do anything meaningful, leading to a total of 8 — or 44% — of TLD A records being useless. Bonus: none of the sites have AAAA records and, thus, no IPv6 availability.
Shadowrunning GTA4
One of the things I recently noticed is that GTA actually gives you a fair amount of choice on how to do some missions, but doesn’t really advertise the fact.
Playing the game after some time (and only few days after a Shadowrun session), I went ahead and got to do the mission “Dining Out”, where Yours Truly (on his avatar in this case, Niko Bellic) had to run a hit on one Kim Young-Guk. Young-Guk was dining at a place called Mr. Fuk.
Warily, I drove Niko to the encounter, investigating the site — a rather accessible and free-standing restaurant. Tired of all previous hit missions, which mostly ended up in me chasing the person on bicycle or car most of the time, I decided to try to be creative. I went around the back, and indeed, in the parking lot I found a motorcycle and a PMP 600 (which is a remake of one of those Chrysler estates). Fearing that this would exactly end up as I predicted, I rang up Packie and got myself a nice little car bomb.
Placing this under the PMP 600, I went inside and sure enough, the stale air in the restaurant had an unhealthy dose of lead after a couple of seconds. So one kills all the goons, goes upstairs and talks (while sighting down along the sights of the gun) to the manager, who said that Kim just fled out through the kitchen. Of course.
Chasing Kim down, one badgers through the kitchens, only to find that Korean bugger already having jumped down the fire escap, dodging into his PMP 600. One would then have to jump down after him and swing yourself unto the motorcycle.
Smirking, I let Niko pull out his mobile phone and call (handily preselected) the bomb, which promptly blows up the car and Kim with it. $13,250 earned without having to break your neck on the motorcycle and probably crash into something with a spectacular slow motion scene.
The thing is that GTA often silently encourages such behaviour. There’s a few missions where the city gets mission-specific instances, thus undoing some changes to the scenery you might have caused. But more often than not, you can just start laying traps if you either suspect or know what’s going to happen. Place bombs, blockade exits with a lorry, ram down fences to get other ways of access to a location, start sniping people from some totally different location, or just go all Altaïr and shuffle to a site via the rooftops.
It’s fun, really.
Gaim to Pidgin log conversion
I was browsing through some older files of mine and cleaning up when I stumbled over a bunch of old instant messenging log files. These logs were still in the legacy unified log file format which Gaim (today knows as Pidgin) used in the beginning. I didn’t find a converter after about ten seconds of using Google, so I went ahead and wrote my own.
It’s mostly feature-complete, and will split up any number of [something].log you pass to it into [something]/[date].txt style files. What it can’t really do is determine what kind of protocol it’s dealing with, so you’ll still have to move the log directory manually to the appropriate protocol directory inside of ~/.purple/logs. Be wary when moving files, though, as you might accidentally overwrite other log files. Use rsync.
Anyhoo, you can either get the file directly or just try this delicious copypasta:
#!/usr/bin/perl # gaim2pidgin.pl # author: towo <towo@ydal.de> # version: 3 # license: CC-BY-DE-3.0 use strict; # convert short month names to numbers. my %shortmonths = ( 'Jan' => '01', 'Feb' => '02', 'Mar' => '03', 'Apr' => '04', 'May' => '05', 'Jun' => '06', 'Jul' => '07', 'Aug' => '08', 'Sep' => '09', 'Oct' => '10', 'Nov' => '11', 'Dec' => '12' ); # go through files FILE: foreach my $file (@ARGV) { my ($header, $target); # sanity checks unless (-f $file) { warn "$file is not a file.\n"; next FILE; } unless(open(LOG, $file)) { warn "Unable to open $file for reading: $!\n"; next FILE; } # get file header, get target name chomp($header = <LOG>); $header =~ s#<.*?>##g; $target = $file; $target =~ s/\.log$//; # check header for correctness unless($header =~ m{^(<HTML><HEAD><TITLE>)?IM Sessions with .*? \ (</TITLE></HEAD><BODY BGCOLOR=".*?">)?$}i) { warn "$file does not seem to be a gaim conversation.\n"; next FILE; } # read LOG to file my @contents = <LOG>; close(LOG); # parse log file (one loop ^= one chat session) while(@contents) { my ($session, $identifier, $date); # get session identifier chomp($session = shift @contents); # Strip HTML. #$session =~ s#<.*?>##g; $session =~ s#</?(FONT|B|I|ALIGN|HTML|HEAD|TITLE|HR|BR|BODY|H3).*?>##ig; # sanity check for the session identifier unless ($session =~ m/^ ?---- New Conversation @ \w{3} (\w{3}) ([0-9 ]{2}) \ (\d{2}):(\d{2}):(\d{2}) (\d{4}) ----$/) { warn "Could not recognize session identifier: «$session»\n"; next FILE; } # extract date from session identifier and create target identifier $date = "$6-$shortmonths{$1}-" . sprintf("%02d", $2) . ".$3$4$5"; $identifier = "$target/$date.txt"; # sanity check for target directory unless (-d $target) { unless(mkdir $target) { warn "Could not create directory $target: $!\n"; next FILE; } } # open output file unless(open(OUTPUT, "> $identifier")) { warn "Could not write to $identifier: $!\n"; next FILE; } select OUTPUT; # extract log to log file until($contents[0] =~ m/^(<HR><BR><H3 Align=Center>)? ?---- New Conversation/ \ or !@contents) { my $line = shift @contents; $line =~ s#<.*?>##g; print $line; } close OUTPUT; } }
Licensed as CC-BY-DE-3.0.
Discordian iCal calendar
Since I was playing around with Date modules a bit, I decided to conjure up some iCal files for the Discordian calendar, which chronicles the Year of Our Lady Discord, as described in the Principia Discordia.
With the goal eliminating any kind of dependency on actions by me to generate the calendar files, I just pregenerated them for the whole 21st century.
The files are stored at /discordian/$year.ical, with $year ranging from 2001 (which was the real start of the century and the millenium) to 2100.
For the sake of easy access — and as an experiment to see what Google’ll make of it — I’ve compiled a handy table so you can just click for the file you want.
Feel free to include this on your Google calendar (will make for an interesting traffic study) or redistribute it with a kudos to me, linking to this page (http://ydal.de/discordian-ical/). Copyright shouldn’t be an issue since this compilation does not exceed the Schöpfungshöhe, but I’ll declare them to be CC-BY-DE 3.0 just in case.
Ubuntu — why it sucks
Earlier this year, I switched from Debian to Ubuntu on both my netbook and my desktop machine, because it quite pleased me how well it worked. For the netbook, this was sort of appropriate, when ignoring the fact that a netbook is slow by principle, but with my desktop, my choice might have been less than wise.
Jaunty, 9.04, left me with occasional random crashing of my X server, and applications sometimes only starting at the second try, if at all. You’d get situations like banshee firing up, drawing the window on the desktop, and then locking up — which my compiz duly acknowledged by shading the window after about fifteen seconds. You kill it, you restart it, everything works.
Add to this some other applications (like Evolution, Nautilus and Tomboy), along with the fact that GNOME Do just seems to randomly evaporate into digital nothingness in the course of my uptime, and voila, you have a system that works mostly well, but just sometimes annoys the hell out of you, especially when the X server crashed the system because you did something like Alt-Tabbing while you had two applications running fullscreen on different monitors. Yep, it happened.
So, alas and behold, comes the saviour: Ubuntu 9.10, Karmic Koala! It shines, it glitters, and it saves kittens from trees! Everything is so much better with it!
… not.
Karmic, in the vain hope to be so much greater to the common good, tries to optimize and dumb down things for the users. Which, according to others, seems to work splendidly — but absolutely failed on my end.
My woes with the rare animal
odin (the desktop)
For the record: odin’s specs are something along the line of a Core2 Duo, GeForce 260 linked to two screens, a couple of terabytes of hard drive and a SoundBlaster SB Live! 5.1, after the onbound soundcard started acting up and being generally retarded on the gaming OS.
- Boot time has gone way … up. Even though it’s supposed to be optimized for quicker boot and whatnot, my previous “less than ten seconds” boot time somewhat diminished in the face of the optimized bootup, which made my resolvconf (which I haven’t even touched!) for no apparent reason, adding a 30 to 60s timeout on the top.
- It solved the crashing problems … not at all. The only it actually managed is to get bug-buddy to be all “It looks like nautilus crashed” with a nice dialog saying I should report a bug to Ubuntu. Which I won’t, since there’s nothing logworthy to submit, it just dies and that’s it.
- The sound interface has been made super-easy! And, also, bloody hard to configure correctly. The new sound preferences eschew any kind of knowledge about your sound card and just presume to know better than you, which is exactly why it thinks it should fiddle with the Master volume of my Soundblaster when on four way stereo mix up, which controls only two channels, and not the PCM, which then regulates everything. Jaunty allowed me to change the mixer control to one I deemed best — no dice in Karmic. I now need to fire up alsamixer for that, and can’t use my keyboard volume wheel without fiddling.
- Speaking of sound, it has become even more annoying to find a way to turn off the logon sounds with GDM, since gdmsetup has been replaced by something which does quite about nothing at all.
- And, of course, hibernate doesn’t work anymore. As if any distribution would ever get that right.
baldr, the netbook
- Boot time has gone way … up. Yes, even one the famed “we sooo lurv you” Atom notebooks Karmic pretends to like so much, performance pretty much went down the drain.
- Improved external monitor support! Plug in a second screen, get none of the real estate! As soon as I plug in the VGA display while the laptop is still running, screens go irreversibly blank until reboot. Having it plugged in while rebooting allows you to run 800×600 on both displays, cloned, without the ability to change the resolution.
- Hibernate doesn’t work. Even though it did before.
- And myriads of minor nuisances like stutters and all that jazz.
May I note that this even happens when being freshly installed from source on the netbook, so this is no tale of the common upgrade blues.
Conclusion
Well, I’ll probably be changing distribution soonish, yet again. Fedora might be a neat idea for the netbook, not yet sure if I will revert to Debian on odin.
The Karmic Koala is becoming increasingly extinct and fails to reproduce appropriately even with an accepting mindset.


