Flying in the post-liquid bomb world

So I had the missfortune of picking last thursday to fly on vacation. For those of you living under a rock, last thursday was when the news broke out that some terrorists were plotting to blow up planes using explosives in the form of liquids and/or gels.

The solution was obviously to stop anyone from flying in their carry-on any liquid, gel or simular substance such as chapstick. Apparently now, you can’t even have gel inserts in your shoes.

As someone in the security world, these planned attacks and our response are somewhat interesting to me. Anyways, a few observations:

  • Some people traveling really are living under a rock. One woman who was trying to go to Disneyland was shocked that she needed some form of a government issued ID to fly.
  • TSA is obviously incapable of determining who is a terrorist and who is not a terrorist, hence everyone is now treated as a possible terrorist.
  • The terrorists are constantly coming up with new ways to blow stuff up.
  • The TSA responds by constantly banning perfectly harmless things which resemble dangerous things in an attempt to prevent terrorists from blowing things up because it is unable to efficently distinquish things like drinking water from nitroglycerin.
  • The impact on perfectly honest citizens who aren’t terrorists seems much larger then the impact on the terrorists (not just the people traveling, but the owners of duty-free stores, wineries who’s customers don’t buy as much wine, causing the price of oil to skyrocket, etc)
  • If the terrorists goal is to just strike fear into the average traveller, cause havoc with our economy, etc then the terrorists are meeting their goals. My guess is that actually blowing up a plane would be bonus points. It also explains why we call them terrorists not “random murderers of many people who take themselves out in the process”.
  • How long before the terrorists figure out how to embed exploisives into clothes and the TSA requires everyone to fly naked?

Help me help you.

So here’s the deal: I don’t charge a single cent for tcpreplay regardless if you’re using it for educational or commercial use. You can even embed tcpreplay in your product and sell it, I don’t care.

I don’t charge for the docs, man pages, or FAQ even though I spend quite a bit of time trying to keep the docs up to date, accurate and useful. I’m also more then happy to provide free technical support to anyone who emails the tcpreplay-users mailing list. Having people use the list means that the questions and answers are archived for future use and it gives other people a chance to help you out. If you only email me, then only I can help you and nobody else can benifit from the answer.

I suppose there are two ways you can look at this, “something for nothing” or “you get what you pay for”; either way, it seems like a pretty good deal to me. On the other side of the coin, in the last 5 years I’ve been working on tcpreplay, I’ve gotten little fame, a few “thank you” and a DVD. Obviously, I’m not doing this for the money.

So here’s the rub, don’t get offended when I balk at giving you free, 1-on-1 support directly over email. Contrary to popular belief in the open source community, developers are not your slaves. We don’t have to give you support. We help out users because we like to and because it helps make our project better. While I’m sure some developers are more then happy to go to great lengths to help you with your problems (even when they are clearly between the chair and keyboard), you’ll have to excuse me if I’m too busy to do so. And you’ll have to excuse me if I do a poor job of explaining it for the hundredth time to someone who was too lazy to read the support page without sounding like an a**hole.

So please, please use the tcpreplay-users mailing list.


3.0.beta10 is out the door

Yep, 3.0.beta10 is available here. So far, at least one person has compiled it successfully, so at least this release is already better then beta8. :)

Anyways, as stated in the release notes, this is the final beta release for 3.0. I’m planning on one release candidate which will have a working tcpbridge (which has been broken since moving all the editing code to libtcpedit) and then put out 3.0.0 shortly after that depending on any bugs people find.

Anyways, give it a try and let me know how it well works for you!


Big changes in 3.0.beta10

Just a quick note to everyone paying attention that 3.0.beta10 is almost ready. Some rather significant changes since beta9:

  • Libnet is now completely optional. I’ve created an abstraction layer supporting BSD’s BPF, Linux’s PF_PACKET, libpcap’s pcap_inject() and libnet’s packet injection methods. So while you can still use libnet, in many cases you won’t need it which should hopefully make installation a lot easier for many people.
  • tcpprep and tcprewrite no longer need to run as root. tcpreplay still does for obvious reasons.
  • A new and improved packet timing method is available in tcpreplay. Those people needing more accurate inter-packet delays should be better served by this method.
  • tcprewrite now can skip rewriting broadcast/multicast IP and MAC addresses which is good news when your pcap contains ARP’s or DHCP packets.
  • Various smaller bug fixes which some people noticed and some people didn’t.

Nework maintenance

According to Speakeasy:

On Wednesday night/Thursday morning, August 9th and August 10th 2006, we
will be performing scheduled maintenance on the Point of Presence (POP)
through which your Broadband connection is routed.

Maintenance will begin at 11:59 PM PDT on Wednesday night and end by
03:00 AM PDT on Thursday morning. While you will experience a service
disruption during this time, it is unlikely that your service outage
will extend through the entire time frame. Service interruptions
during a routine maintenance event like this often last only a few

So expect synfin.net to go dark for a little while I guess…