Sid Sidberry Reads

Ever wish you could use a random number in your shell scripts? Luckily you can:

my_random_number=$RANDOM

linux returns a random number everytime the $RANDOM variable is accessed.

This is imho the best guide for shell scripting. I’m always referencing it when writing a shell script ( was it -n or -z?)

From: http://linuxcommand.org/writing_shell_scripts.php#contents

With the thousands of commands available for the command line user, how can you remember them all? The answer is, you don’t. The real power of the computer is its ability to do the work for you. To get it to do that, we use the power of the shell to automate things. We write scripts.

Scripts are collections of commands that are stored in a file. The shell can read this file and act on the commands as if they were typed at the keyboard. In addition to the things you have learned so far, the shell also provides a variety of useful programming features to make your scripts truly powerful.

What are scripts good for? A wide range of tasks can be automated. Here are some of the things I automate with scripts:

Check It Out:
LinuxCommand.org: Writing shell scripts.

While benchmarking performance for deathy death match I realized something: Benchmarking sucks!

That said, and me being the lazy person I am, I asked myself how can I make this easier? My answer: benchsid, two shell scripts that make benchmarking easier.

disclaimer

This is a 1,2,3 trick pony – use it as such

These scripts are offered as is and I am not responsible for anything you do, create, break, etc.

Both scripts are released under the do whatever the hell you want, but don’t blame me license. This of course isn’t a real license, but you get the point.

Make benchmarks easier, if only a bit

I’ve tried as much as possible to keep your commands to a minimum. If running as root you can run a complete benchmark, save both the results and you benchmark servers top + free output, and reboot with 3 commands. See lazy right?

monitor.sh – run this script on the machine your benchmarking
bench.sh – run this script on the machine your benchmarking from

you do not need to run these on separate machines, but I recommend it

How do I use…

monitor:

 ./monitor.sh

 ./monitor.sh help

bench:

 ./bench.sh

 ./bench.sh help

If your still having issues post a comment

monitor.sh

Monitor should be ran on the machine your benchmarking. It automates the process of recording free (free -m) and top, and if running as root will reboot the server when you tell it to stop monitoring a benchmark

Sounds good so far right?

monitor.sh process overview

start process

clear out any benchmarks that will be overwritten
save output from free to a file (free -m)
save output from top to a file
start a top process to monitor to a file while we benchmark
confirm that we are up and running

stop process

stop top
save output of free to file
save output of top to file
reboot server

monitor.sh: umm why?

monitor.sh saves the information about the server before, during and after your benchmark has been run. By running top during the benchmark process (10 second intervals), we can get a real time overview of both server load and the loads created by applications

bench.sh

bench.sh is the benchmarking portion. bench.sh can benchmark your server using one of three programs: ab, siege, or httpref. I considered adding an option to do all three, but honestly that more poor mans dos than benchmark.

bench.sh first will perform a warm-up cycle of 2000 requests to your server using your desired (or default) concurrency. After that it will perform 3 benchmark cycles of your desired number of requests and concurrency.

All cycle results (including warm up) are saved to the filesystem.

download

download benchsid: http://gregsidberry.com/httpdocs/wp-content/uploads/2008/12/benchsid.tar.gz

known issues

siege output – siege outputs a couple of variables to screen that aren’t included, or properly recorded, in the created file. I’ve tried output redirection, script, etc, but haven’t been able to find a fix that keeps everything in one script

input validation – there is no input validation, so please don’t put these files in a web public location.

funyuns – I’m out of funyuns, please send more

enjoy
Sid

I’ve been seriously getting my kicks with scalability fora number of months, so why not start on ongoing series where I talk about what I’ve learned / found?

So welcome to to the first: Building Something Scalable – An ongoing experiment. This post covers caching. I’ll cover delivery in the next post.

Keep in mind language wise I’m using php, but the general advice should be sound, regardless of language. If you disagree with something or have a better way, feel free to comment.

So now that I’ve ranted off 4 topics, maybe I should expand on them a bit.

Use Caching

Caching is a good thing, but use caching is a pretty vague statement, so let’s expand.

Caching isn’t just a one ring to rule them all type of solution. Its actually a fixture of a number of different solutions, that work together to boost your site / applications overall performance.

Database caching

I consider database caching a 2 part solution. You have the mysql query cache, but I also like to have a server side query cache as well. Why? I tend to use oop and having a server side query cache allows me to cut some overhead both appilcation wise, and by preventing me from having to connect / query mysql.

The big issue with server side query caches is stale queries. The mysql query cache prevents stale caches automaticly, but with a server side query cache we’ll need to set a TTL (time to live). I tend to go with something really low like 5-10 seconds.

5-10 seconds may seem pointless, but it allows higher traffic applications to handle a number of requests with fewer queries to mysql. This takes some of the load from mysql, so  your database is performing under less load than it would have without the server side query cache.

There is plenty of information on the mysql query cache online, so fire up google and start researching. For your server side cache here a few things to keep in mind

1. keep your cache in a secure location. If your using a file cache this means outside of your web directory
2. hashing is a quick and painless way to uniquely id your queries. md5(’select * from table1′) will allows return md5(’select * from table1′) if done correctly.
3. prevent cache filename collisons.
4. do a light weight encoding on cache files. base64_encode / base64_decode are quick and easy to use. They’re not secure, but its a good idea to add some basic obfuscation
5. keep your TTL low. Your query cache should try to stay as fresh as possible.

Opcode Cache

Php is compiled / ran at runtime (when you request a page / script). Opcode caches store the compiled code so that your code doesn’t have to be compiled for every request. Opcode caches can increase your codes performence by up to 90%, but then again, any increase helps the overall perforence of your site / application.

There are a number of opcode caches avaible for php. I prefer xcache, but there are a number of other opcode caches available for php.

Static content cache

Static content unlike dynamic content is, well static. Your probably wondering: Why cache something thats already static? Simple, performence. Static content though is cached / served differently than dynamic content. I know this touching more on delivery, but its still worth mentioning.

Static content is often served through a CDN (content delivery network) or a web cache. A CDN and web cache act similarly, except that a cdn has a number of servers setup in various locations.

Content Delivery Network
A CDN acts just as it’s name says: It delivers your content via its network of servers. The CDN selects a server closest to the location of the user, and serves your content from that location. Whats the benifit? Faster delivery of your content. Is it worth it? That’s a question only you can answer. Do some research, compare the solutions, check you budget – and you’ll have your answer.

Web Cache
A web cache or reverse proxy simply put delivers your content faster. I’m not to well versed in the science of it all, but here’s a basic break down of what I do know:

Web caching software like vanish (in the past squid was the standard) handle servering static content better than apache, and with a smaller footprint. The web cache creates a cache of your content when requested and then delivers your content from its memory / disk cache.

The most obvious benefit from all this? Reduced server load. Apache is a resource hog (there I said it), but that will be covered in a future post in this series. By moving static content delivery to software created just for this task your freeing resources and of course getting content to users quicker.

Output Cache
So far we’ve looked at a number of ways to increase the speed of dynamic and static content, but there’s still one major item left out: Output Caching.

As your scripts / application generates pages, you can cache them to be served for future requests. Output caches in general can be as basic or complex as you need them. A few things to keep in mind.

1. stale content, your cache should have aTTL(time to live) that prevents it from serving stale content
2. filename collisons – your naming scheme should prevent filename collisons
3. store your cache outside of your web folder
4. logged in users / vs non logged in users – come up with a solution that deals with this.

Variable / Object Caches

Your code has objects and variables, often some of these objects are database intensive. An object / Variable cache is a way to store your objects and variables. The thing to keep in mind with these types of caches is speed.

It makes no sense to cache something like $var=1+1;. You can run that command quicker than you would access it from the cache. A good example of somethign to cache would a class object that runs a number of queries on the database, but accesses content that doesn’t change as often. By caching this object you can prevent a few database queries (or cache calls). Or a class object that generates a number of child class objects.

I could go on and on about this subject but lets get to the point. If your application is running on only one server use a file cache. If your application uses more than once server look into memcached / memcachedb.

Thats it.
Hopefully that was short and sweet, the next post will cover delivery.

Greg – Out

It’s fun to think on when i first started flash. i think i first started back in 2000 at feast new media. that was my second internship and right before the bubble burst. the place where i first learned about tweens, and astalavista.

i went home, cracked a trial and shortly after realized i’d forgotten everything i’d learned at work that day.

it wasn’t till a few months later after seeing dero 357’s site that i got back into it. went to barnes and noble, and grabbed the first edition of new masters of flash.

my first movie still is the best tween i ever did, but that probably because
1. i admired praystation
2. his quote in in that book

i was already a huge praystations fan. After reading what he thought : i decided i was a coder, not a tweener.

these days that old debate / line is pretty much blurred, if not dead, but i still stick that mentality. i used code pretty much for everything, and if i tween : i control it with code. lol

so by now it’s the end / beginning of 2000/2001. I’m coding everyday (read entire manual twice) and working as a asp programmer by day, and doing flash projects and coding every other waking moment.

back then it was praystation, dreamless, syder, were-here, actionscripts.org and flashkit. those sites (hell dreamless and praystation alone) stepped my game up big time. funny thing is i wouldn’t let my job know i was an as/flash guy. i felt like they we’re to unpure and would only whore flash, vs loving it – yes completely young passion visioned back then. I like to think i still kinda think like that, with hopefully something finally resembling common sense.

2001 was a big year for me, it’s when i finally started making my own path, left school (computer information systems) and started working for myself. it’s also the first i ever realised i was good at flash(we’ll for those days – lol).

came across this list of expressions while trying to figure out a problem with a regex. Might come in handy for someone in the future.

PHP regular expressions examples

I have a friend I’m teaching foundation security to. This post is for him, but also as a protest to some of the materials I’ve found when looking for reference material for him.

Security at it’s simplest form is common sense. ask yourself, how can I make sure I get exactly what I want? How do I make sure I only give what I want. One article mentions xss attacks, and only says prevent them. Why? Thats the question alot of people have when starting why? So why not teach them how to do it first?

How to avoid sql injection / xss, and other misc attacks.

As mentioned this is part rant, part helpful. I’ll explain the following tips and why / how you do it.

• always use require_once, or include_once. why? it keeps someone from getting your files stuck in loops.
• clean everything that calls, enters, looks at your db.
• typecast whenever you expect a certain type of variable.
• control access and check permissions
• use your own sessions
• track everything in some form
• setup php correctly
• hide whats not to be seen / accessed

first off let me say I’m by no means a security god. Actually I’m not even an advanced user. Sad as it is maybe to say: I’ve never used pear. that said, the majority of attacks / exploits can be easily avoided. Why? because the majority of attacks on the web don’t come from hackers they come from script kiddies. We can be lax with our own stuff ( like this blog ), but any application you build for a client should at least have the basics.

Enough ranting now to the meat and tators…. I’ll keep everything short and sweet. fyi – this is pretty much a brain dump, so prob not in “good form”.

why do we use the _once functions?

if you have a file that loads another file, say index.php?get=/calender.php

what happens if someone changes get to /index.php? yeap your suck in a loop, unless you use require_once / include_once

simple huh?

State changes

Your first question is prob, what the hell is a state change? a state change is simply any change, anytime you change something, whether in the db, a file, an upload: it should always use post. why? Post can be hacked yes, but it’s harder to hack post.

imagine we’re using an online game
ex: update=1&user=87897&add_money=8.

so any user who can add will know: hey i can change add_money to 100 and gain 100 points. On top of that any user can now see all your get vars. Why does that matter? The less they know about your vars, the harder it is for a kiddie / developer to exploit it?

why else? It makes it easier to validate changes. Why? Honestly I don’t even remember why right now, but hopefully you won’t hold that against me

all users are evil

I know kinda overzealous, but you need to have this mindset, why? users will accidentally mess up your system every chance they get. And script kiddies love telling you how l33t they are if they do something as simple as figure out how to make a game page display a different page.

as for making a game page display a different page, honestly: who cares ( yes that was me venting). But in order to prevent accidents, or worst kiddie hacks, control everything! I’m not saying make your app so restrictive that users hate it, but – actually an example would fit best.

today the team made a new flash widget that requires user data.
ex1: pass user data as flash vars, then use loadvars to pass update to server

or more secure
ex2: use loadvars to recieve user data from server, and then pass update to server with loadvars.

in this example we could have honestly used either way as the update script validates all data and any real changes are driven off the database, not the state change, but you get the point. Its one less thing worry about if a user decides to try and change the vars passed, and also one less file to update if we change something.

Users will enter strings when numbers should be entered, upload swf’s when you only want images – you get the point. And the point is validate, and whenever possible take the control from the frontend and move it to the backend.

Be as lazy as possible

I say I am a smart lazy person. building 30 different files takes more time than building one file, and using includes, or a template structure. Pretty lazy huh? but also easier to update and more secure. The more files you have that each have their own independent / copy + pasted code, the more opportunities you have for a slip up. Make one file, and let it handle the logic. You’ll have more freetime, and get more sleep. Or maybe you’ll just spend that time working on more projects. See being lazy is a good thing, but only if done correctly.

we can take this a step further and say why even ftp into the server, it’s so time consuming. why not just build a backend that not only manages your files, but controls access to them – Thats more of a teaser than anything, but try it out, you’ll like the results.

typecast whenever possible

imagine we’re using an online game
ex: update=1&user=87897&add_money=8

ok so what if someone changes add_money to a delete statement, or attempts some form of sql injection. whats the simplest way to defeat it? $money=(integer) $_GET[' add_money'];

Yeap one simple change is all it took to defeat the sql injection. why? Typecasting is basically a way of forcing something to be something. huh? if i want a value to always be an integer, i use (integer). If I want a double i use (double), string (string).

Yeah it’s that simple. the only issue i’ve run into is that you can’t use typecasting in defining function / method params. huh?

ex: function foo((integer)$f=0)

that will cause an error, but you can do

ex: function foo($f=0){

$f=(integer)$f;
}

Make sense? of course I can’t force something to (mocha frap with extra mocha) $coffee, but thats life. good now on to more, or learn more about typecasting

Validate, validate, validate

using typecasting is great for numbers, but theres other ways to validate your data. the best and most powerful being regular expressions

ex: preg_replace(‘/[^a-z0-9]/i’,”,$value);

The above regex replaces any non alpha numeric characters in value. spend sometime getting comfortable with regex as its an extremely powerful and useful feature. Not just for validating data, but regex has many other uses as well.

Be a neat freak, or cleaning your sql

By now you understand sql injection, if not

ok so now we all understand it. basically its a cool way of saying, someones trying to make my query do bad things, but saying it like that would make me should like a user, so we say sql injection and confuse the heck out of clients :p

we just saw how to prevent one form of sql attack. now lets see how we can handle preventing them at the query level.

Whenever data is sent to your db it should always be cleaned. Me I like to make sure both the table, columns are cleaned using a function that makes sure tables / column names follow a standard, and a cleaning function for actual data. Why? When developing an app from scratch you normally have freedom over how tables, columns are named. I prefer to keep all tables and columns lower case, and only allow _ as a special char (non alpha numeric character). what does it look like?

ex: //convert name to proper db format
function dbProperObjectName($objectName){
//if you want to use caps is table / column names then please uncomment this
$objectName=strtolower($objectName);
return @preg_replace(“/([\\x00-\\x2d\\x3a-\\x40\\x5b-\\x60\\x7b-\\xff{$this->mSystemDatabase['restricted_chars']}\\x2f])/e”, ‘_’, $objectName);
}

You can ignore the {$this->mSystemDatabase['restricted_chars']} thats some carry over from the db class. If you don’t understand what heck that says I’ll explain. first I’m changing $objectName to all lowercase, if it’s not already. then we’re using a regular expression (regex) to clean our string of anything thats is not a letter or number and replacing it with _. why does this matter? because if for any reason our table name contains a sql injection, when ran it will only return nothing. why? because if $objectName was SELECT * FROM HOME, it will now be select___from_home. which will return nothing because select___from_home isn’t a valid table. See and you thought cleaning wasn’t fun.

Ok you do windows, but what else?

As much fun as cleaning a table name maybe, we really need to make sure our data is safe. why? ummm because I say so. There are many reasons, ranging from controlling content, preventing xss, sql injection. But I like to think you’ll do it because users are evil

ex: //strip bad things from a string you plan to use in a query
function dbFriendlyValue($value=false,$fixNewlines=true,$allowedTags=[pass your list of allowed tags here]){
//if no value then just return 0, use this because empty returns false if $value =0
if($value===false) return 0;

//convert to string for checking, this is fine for text / numeric values
$value=(string)$value;

//strip slashes if magic quotes enabled
if( get_magic_quotes_gpc() ) $value = stripslashes( $value );

//clear white space
$value=trim($value);

//fix \r\n
$value=str_replace(“\r\n”, “\n”, $value);

//clear tags (except allowed) or just use html entities
$value=(!empty($allowedTags)) ? strip_tags($value,$allowedTags) : htmlentities($value, ENT_QUOTES);

//change newlines to <br>
if($fixNewlines) $value=nl2br($value);

//clear any bad sql we might find untested regex
$value=@preg_replace(‘/(insert(\s?)into|\).(\s?)values.(\s?)\(|DELETE.(\s?)FROM|CREATE.(\s?)[datbsetl]{5,8}|alter.(\s?)[datbsetlcoumn]{5,8}|drop.(\s?)[datbsetlcoumn]{5,8}|update.\s?(.*?).\s?set|alter.(\s?)[datbsetlcoumn]{5,8})/i’,”,$value);

//add slashes
$value=(@mysql_real_escape_string($value)) ? @mysql_real_escape_string($value) : addslashes($value);

return $value;
}

woah what the hell was that? it was me doing the windows and the oven. lets break it down

when calling the function we pass the value, whether to fix newlines ( default : true) , and the string containing allowed tags if any.
next we make sure we have a value to clean, if not return 0, just in case the function is being used to create a sql statement. we check for magic quotes because if this value came from a submitted variable and magic quotes is on, it will add slashes. if its on the strip those slashes so we can continue.

i’ll skip trim and str_replace, now we’re at strip tags. php is pretty good at striping tags, but you want another option use htmlentities( $value, ENT_QUOTES)

and now on to our regex. this is untested ( sorry still building the class ), but points you in the right direction. the regex searches the value for any sql statements and strips them. lastly we add slashes to our value to make its sql / db safe.

woah – we’ve covered alot. almost done

setup php right

TURN OF REGISTER GLOBALS! yes thats all caps for a reason. Also disable magic quotes and change the headers sent my apache to hide version / software information. Can’t turn of register globals? try this function:

function clearRegisteredGlobals(){
global $_GET,$_REQUEST,$_POST,$_SESSION,$_COOKIE,$_FILES;

//check if register globals is on – register globals check taken fron drupal installed patch : http://drupal.org/files/issues/register_globals_check-D6_3.patch
//get php ini setting
$register_globals = trim(ini_get(‘register_globals’));
//check ini value
if(!empty($register_globals) && strtolower($register_globals) != ‘off’){
//ok now lets clear the variables set with register globals

//make array of superglobals
$registered=$_REQUEST;
$registered=(!empty($_POST)) ? array_merge($registered,$_POST) : $registered;
$registered=(!empty($_GET)) ? array_merge($registered,$_GET) : $registered;
$registered=(!empty($_SESSION)) ? array_merge($registered,$_SESSION) : $registered;
$registered=(!empty($_COOKIE)) ? array_merge($registered,$_COOKIE) : $registered;

foreach($registered as $var=>$void){
@unset($GLOBALS[$var]);
}
}
}

Hide everything

hide everything – that simple. if a folder, file, etc doesn’t / should be seen hide it. How? well if you use the .inc file extension like me, configure apache to handle .inc files with php. another option, or added protection: use htaccess to prevent access to .inc files, this will not effect your scripts, just web browsing.

In addition to hiding your inc files, don’t allow access to directories that aren’t needed to view your site. so you images directory should allow access, but your lib, class, or inc folder shouldn’t.

Important files (db config) should be in a directory outside of your hosting directory, but if you name it .inc, or .php and follow these directions you should be ok.

Lastly – turn off directory browsing.

Control access

ever part of your site should have an access level. So areas like your home page, public areas would a level 0. areas a users settings page would be a 1 (making sure only the user can access it of course), and your admin area – thats another story. Your admin area is the heart / backbone / investors dream of your site. That said protect it! all users in your admin should have an access level, and different parts of admin should have different access requirements.

ex: moderator – login, see’s flagged post area, does not see links to other areas, can not access other areas. manager: login, sees users, can add or remove users, but can not access critical site areas, and can not add a user >= his level. Admin can do almost everything, and lastly: rot – your root account can be named anything, but only allow one account full control over the system.

so quick review: users should only be able to see and access areas within their permissions scope, users should never be add / give users permissions >= their permissions.

Lastly, track everything your admin users do. You can go as far as adding an approval system for changes, tying your backend to svn to undo / redo changes, it’s pretty much up to you and the project / budget.

using sessions

sessions are like raymond, everybody loves them. But if your depending fully on php sessions you should make some changes. There should only be 1-2 cookie and session variables sent ( you can also send session id with get ), everything else should be handled internally in your application. Which means session / user validation, tracking, and variables.

misc

• using isset only tells you if a var is set, not if it contains a value, use empty instead.
• instead of adding more columns to your db for certain options, you can build a flag system. this allows you to add new options, without always adding a new column.
• encrypt sensitive data (ssn’s, sin’s, cc data, phone taps, next weeks lotto numbers)
• aes is your safest bet if your using encryption
• if your using encryption, you need to spec out an information access process, permissions system (more than just roles)
• kiss, the simpler it is to the end user, the less likely they are to break, figure out how to exploit it.
• Variable names shouldn’t match table column names
• separate code from design. not so much security a being smart and lazy – saves alot of work in the future

Read the php manual, you’ll find lots of good advice / functions in the classes.

Are we done?

Yes, hopefully someone gets something out of this, and I kept my promise of short and sweet. a quick google is all you’ll need to learn more about a subject. so right click -> search google

Gotta question, feedback, or recommendation? leave a comment

Cheers Sid / Greg

this is old news, Just realized i’ve never mentioned simple viewer.

simple viewer is a flash gallery system. I’ve used it for a number of projects (actually using it now) and it allows for dynamic content / config.

Features:

* Intelligent image pre-loading.
* Intuitive image navigation
* Lightweight (17k).
* Customizable interface – Set text color, frame color and width, navigation position.
* Resizable interface – Interface scales to fit browser window.
* Cross platform – Windows/Macintosh/Linux (requires Flash 7 or higher).
* Flash 7 detection. Users without Flash 7 are messaged to upgrade Flash.
* International font support.
* Keyboard Navigation (Cursor keys, Home, End, Page Up/Down)
* Mousewheel navigation
* Optionally right-click to open image in a new window.
* Free!

Creating your own SimpleViewer gallery is easy. There are 5 options for creating a SimpleViewer gallery:

*
Automatic via Desktop software

Automatically create a SimpleViewer gallery using desktop software (such as PhotoShop, Picasa, iPhoto, RapidWeaver, Aperture, Lightroom). View Automatic Desktop Instructions.
*
Automatic via Server-side Script

Automatically create a SimpleViewer gallery using a script that runs on your web server. Scripts are provided for PHP, ASP and Cold Fusion. View Automatic via Server-side Script Instructions.
*
Manual

Manually create a SimpleViewer gallery using a text editor and image editing software of your choice. View Manual Instructions.
*
FlickrViewer

FlickrViewer allows you view Flickr photo sets using SimpleViewer. Download FlickrViewer here. Note: FlickrViewer currently supports SimpleViewer v1.7. Dustin Senos has updated FlickrViewer to work with SimpleViewer v1.8.
*
SimpleViewerAdmin

SimpleViewerAdmin is an web based admin interface which allows you to create and manage multiple galleries. Note: SimpleViewerAdmin currently supports SimpleViewer v1.7. Ben Hughes has updated SimpleViewerAdmin to work with SimpleViewer v1.8.
*
Using WordPress

WP-SimpleViewer is a plugin to easily integrate SimpleViewer galleries into Wordpress.

check it out: get it now!
http://www.airtightinteractive.com/simpleviewer/

going through some old code, and realized i never posted this. You can run php as a shell script.

add #!/usr/bin/php -q replace /usr/bin/ with your php path. a quick which php will find it for you.

chmod the file to executable and call the file from the command line. also remember to call the file directly, you don’t need to call it through php.

I like to use this for keeping database / file maintenance tasks outside of the web directory.

Yes this works with cron.

tongiht after spending sometime getting jackfield to work (it loads, just without the widgets – lol), my room mate (he’s a windows admin, but uses ubuntu at the apt) and I started talking briefly about why we like linux. which of course has lead me to this.

I got into linux for one reason : i thought it was cool. i was around 17 when i first heard about it, and i found myself wanting to learn it right away. My dad is an ex unix guy (maybe thats why) and i loved hearing his storys about his “golden days” of baud, coffee houses, command lines, etc.

Also i really liked the idea of a completely different system than windows. Not only was it different – it was a challenge.

When i started php that only made me want it more.

Why?
I’m a strong believer that the only languages that run good on windows, either come from ms, or where originally made by allure. The language i loved developing in needed linux (php iis performance has always sucked ), adding on the fact that i used linux for all production serving.

Another big thing was the cool factor (yes, only a geek would say that). I thought linux was awesome. A os that you had to build from scratch, was secure, and the entire thing is built in c?! Just the fact that my tinkering could move past a limited command line and regedit, that I actually had to build what i wanted, it really got be fired up. I loved the continuous challenge of it all.

I also wanted to be able to share stories with my dad.

reality sucks

In reality i was like a horny virgin, i loved the act, but when it was done i sat there looking stupid – like now what. I’d load linux, setup apache, mysql, and php. Make a few aliases, play with gimp, maybe mount a few windows partitions, and then i was stuck. I had no idea what to do next. maybe try wine (really buggy then) or vmware. normally within a 3-8 days i was back in windows.

I did this a few times a year. i even used lightstep for a bit in an attempt to get somewhat away from traditional windows.

oxymoron

in the end it was my room mate that made me fully switch : a windows admin who only runs linux!

To say the least he put me to shame. Here i was a nix friendly developer, writing shell scripts, running apache, etc. and i did all this on windows.

the next week i started wiping every machine i had / except my dev machine. I eventually got my dev machine backed up and wiped, and i’m happy to say : i’m never bored anymore.

end results

the end result of all this is that all my machines run extremely better. a 1.8 p4 that used to drag in xp is going great in ubuntu, my dev laptop ( centrino 1.7 ) that was constantly hanging in xp, is multi tasking at least 2-3 times more and running a hell of a lot better. I don’t have to worry about security as much, learning alot quicker, and i finally can shut the mac boys up and back it up.

Best of all i have continuous challenges now. i can come home and find something fun to figure out, or some new way to do an old trick. when i was using windows i found myself frequently feeling burned out from the same routine, with linux theres always something, and when that stops : you can build something else!

what am i missing
oh yeah and the only thing i really need windows for now is flash (but thats what vmware is for).

end
to anyone wanting to make the jump i say do it, and if you get brain dead like i used to : try the linux courses