AppArmor Fun with Firefox 4 Daily Builds

So, here’s a problem I’m sure millions of computer users have.

The latest nightly Firefox builds from the Ubuntu Mozilla Daily Build PPA suddenly stopped working for me; every time I started with my usual profile (in my Encrypted Private Directory), it complained that Firefox was already running (it wasn’t). Running with a profile in my unencrypted home directory, in the usual place, seemed to work. For a while I though the profile was hosed, or the new Firefox build had a problem with the encryption.

Turns out the AppArmor profile has been updated to confine write access to the only default Firefox profile location ( ~/.mozilla/firefox-4.0 in this case), and a few other select directories (like the default downloads directory). Since my profile was outside that directory, AppArmor was preventing Firefox from writing to the profile. Updating the AppArmor profile (by editing /etc/apparmor.d/local/usr.bin.firefox-4.0) with the following fixed the problem.

owner @{HOME}/Profiles/** rwk,

Just in case someone else out there runs into a similar problem. There might be somebody.



Welcome to the Queens Zoo, Again

I swear, the Mets as an organization are starting to look more and more like the Yankees at the height of Steinbrennerian drama. Which is not a good thing for Mets fans.

The recent tempest in a teapot over who did and didn’t show up at Walter Reed is a good example. For the uninitiated, during the Mets’ recent road trip to Washington, most of the team paid a visit to wounded veterans at Walter Reed Hospital. They apparently do this every year – bu t this year nearly all of the team (including the September callups!) came. The only exceptions were Dillon Gee, due to make his Major League pitching debut that evening, and Carlos Beltran, Luis Castillo, and Oliver Perez, each of whom has had various issues with both the team or parts of the fan base.

Cue the Tabloids! A whole lot of disk space and network bandwidth were consumed with varying degrees of outrage and speculation over nefarious motives of the absentee players, and rumors that the owners were quite displeased. Never mind that in years prior, there were many more absent from the visit. Never mind that the visit was voluntary.

But it’s New York, this silliness is to be expected. Mike Lupica will be a sanctimonious prat, always looking to entertain himself with the sound of his own voice. The New York Post will look for any excuse to get people riled up over trivialities, as will the yakkers on WFAN. Owner Fred Wilpon, having been involved with this team since 1980, ought to know this by now.

So why didn’t he, or his son Jeff, the team’s Chief Operating Officer, make sure that if they were angry that Beltran, Castillo, and Perez skipped the Walter Reed Visit, make sure that things were handled internally? If they were expected to go, why didn’t they (quietly) make it mandatory? Why did they throw three players who they are reportedly trying to trade under the bus, thus lowering their trade value? Do they hold a grudge against Carlos Beltran, much like Steinbrenner did against Dave Winfield?

If handled right, this story could have been about a bunch of baseball players doing good. Instead, the Mets got more drama in a season with far too much of it. To quote Metstradamus, “Only in Flushing can a charitable endeavor become controversial.”. It may be 2010 in Flushing, but it sure does feel like the Bronx in the ’80s these days in Mets Nation.

Ubuntu’s Firefox 3.5 and Facebook Chat

Those of you using the official Firefox 3.5 packages for Ubuntu 9.04 have probably noticed that it’s actually labeled as “Shiretoko,” which was the code name while Firefox 3.1/3.5 was in development. This is done to avoid confusion with the default installation of Firefox 3.0. For several technical reasons, the Firefox 3.5 package does not replace 3.0, but is installed alongside it.

My wife noticed that her Facebook chat popped up in a separate window when using her browser, which is very annoying (especially because she’s an Ubuntu Netbook Remix user, where all windows are maximized). Facebook claimed that she was using “an old browser,” and ironically chided her to upgrade.

Ubuntu’s Firefox 3.5 User Agent string is this:

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1) Gecko/20090701 Ubuntu/9.04 (jaunty) Shiretoko/3.5

My guess is that Facebook is using simple user-agent sniffing, and since it sees “Shiretoko” and not “ Firefox,” gets confused.

So to fix this, we’ll enlist the help of the User Agent Switcher extension and use it to tell Facebook you’re using the “real” Firefox 3.5. Here are the steps:

  1. Download and install the User Agent Switcher if you haven’t already.
  2. After Shiretoko restarts, go to Tools->Add-Ons-. Select “Preferences” for the User Agent Switcher.
  3. Click the “New” button to create a new User Agent string.
  4. Put “Fake Official Firefox 3.5,” or something else that makes sense to you in the “Description” field. The other fields are automagically populated with the “ default” user agent, which makes our life easier.
  5. At the very end of the “User Agent” field, replace “Shiretoko” with “Firefox” and click OK.
  6. Go to Tools->Default User Agent and then select “Fake Official Firefox 3.5”.
  7. Go to Facebook.

You can use this trick for any other site out there that claims you’re not using an up-to-date or unsupported browser.

Enough About Brett Favre!

Dear Jon Miller and Joe Morgan:

As you are marginally competent baseball announcers, I am only marginally interested in what you have to say about baseball during Sunday Night Baseball. What makes you think I care about what you have to say about Brett Favre and the Packers, especially while there’s baseball action happening right now in front of your eyes? If I wanted to find out about the latest in the Favre Drama, I wouldn’t be watching the baseball game.

That is all.

The Usefulness of Fact-Checking

In the news today, it was revealed that the University of Maryland accidentally printed Social Security Numbers of students on a mailing about on-campus parking, possibly exposing about 20,000 students to identity theft. The affected students were advised to put fraud alerts on their credit files, and generously offered some free credit protection, which is all well and good.

I was about to go all postal on UMCP for using SSNs as student ID numbers, but a quick look at the FAQ revealed that was not the case; a separate University ID number (explained here) is generally used. The SSNs got on the mailing accidentally. Why the application that generated the mailing labels for this particular mailing even had access to a table that contained students’ SSNs is a very good question, and a question that needs to be asked of the IT staff. But that particular error is not as jaw-droppingly stupid as using SSNs as student ID numbers, which was a common practice at universities about 10-15 years ago. Just a little bit of research beyond what I read in an AP wire story kept me from jumping to a completely wrong conclusion.

But if I did not blog about this incident, I likely would not have looked further into what was going on, and I would have continued to assume that Maryland was still using SSNs as student ID’s (they did when my wife did some graduate work there in the late ‘90s, but they apparently stopped the practice around 2005). Sometimes it’s easy to jump to conclusions about what you read, especially when you have a small amount of inside information about the subject at hand. Because of this, taking the time to fact check before going on a rant is a good thing. Even if it’s not a very bloggy thing to do.