var _gaq = _gaq || []; _gaq.push([‘_setAccount’, ‘UA-21270991-1’]); _gaq.push([‘_trackPageview’]); (function() { var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true; ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘.google-analytics.com/ga.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s); })();Tumblr (3.0; @lifeofweb)http://lifeofweb.com/<a href="http://clayallsopp.posterous.com/building-an-android-app-from-scratch-or-this">Beginning Android for iOS Developers; or, How to Build a Real-World Android App</a>: <p>Great intro to Android development</p>http://lifeofweb.com/post/3750433736http://lifeofweb.com/post/3750433736Thu, 10 Mar 2011 02:30:28 +0000<a href="http://www.dustindiaz.com/smallest-domready-ever/">Smallest DOMReady code, ever.</a>http://lifeofweb.com/post/3485175970http://lifeofweb.com/post/3485175970Thu, 24 Feb 2011 21:12:16 +0000<a href="http://www.quora.com/What-are-the-scaling-issues-to-keep-in-mind-while-developing-a-social-network-feed">What are the scaling issues to keep in mind while developing a social network feed? - Quora</a>: <p>Great answers to this question on Quora - interesting comments too</p>http://lifeofweb.com/post/3313559019http://lifeofweb.com/post/3313559019Wed, 16 Feb 2011 00:42:42 +0000<p>The simplest method is to add the following to my.cnf:</p> <p><code>skip-networking</code></p> <p>Which disables network access completely. This is often fine if you can do everything you need over a unix socket.</p> <p>If not you&#8217;ll want to ensure that only certain machines can make a connection. The quick and easy way is to add the following to my.cnf:</p> <p><code>bind-address=127.0.0.1</code></p> <p>But you can only add one address, which isn&#8217;t always what you want.</p> <p>Using <a href="http://www.netfilter.org/documentation/index.html">iptables</a> gives much more flexibility. This example is for Red Hat, other distros will be very similar but your /etc/sysconfig/iptables location might be different. I used <a href="https://help.ubuntu.com/community/IptablesHowTo">this iptables how-to at Ubuntu</a> to figure out the basics.</p> <pre><code> # accept local connections to port 3306 iptables -A INPUT -p tcp --dport 3306 -s 127.0.0.1 -j ACCEPT # add any other IP addresses we want to give access iptables -A INPUT -p tcp --dport 3306 -s $MONITORING_SYSTEM_IP -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -s $ADMIN_IP -j ACCEPT # reject anything else iptables -A INPUT -p tcp --dport 3306 -j REJECT # save these rules so we don’t lose the changes on restart iptables-save &gt; /etc/sysconfig/iptables <br/></code></pre> <p><strong>Update 20110427:</strong></p> <p>Using a plain REJECT doesn&#8217;t hide the existence of the service completely as iptables issues an ICMP Port Unreachable response.  A <a href="http://diaryproducts.net/about/operating_systems/unix/nmap_port_scanner_iptables_firewall">better solution</a> is to REJECT using the iptables <span>&#8212;reject-with tcp-reset</span> option which issues a TCP RST - the same response that a connection attempt to an unused port would receive.</p> <pre><code># accept local connections to port 3306 iptables -A INPUT -p tcp --dport 3306 -s 127.0.0.1 -j ACCEPT # add any other IP addresses we want to give access iptables -A INPUT -p tcp --dport 3306 -s $MONITORING_SYSTEM_IP -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -s $ADMIN_IP -j ACCEPT # reject anything else iptables -A INPUT -p tcp --dport 3306 -j REJECT --reject-with tcp-reset # save these rules so we don’t lose the changes on restart iptables-save &gt; /etc/sysconfig/iptables </code></pre> <code><br/></code>http://lifeofweb.com/post/3182523575http://lifeofweb.com/post/3182523575Fri, 11 Feb 2011 11:34:00 +0000<a href="http://code.google.com/p/google-authenticator/">google-authenticator - Project Hosting on Google Code</a>http://lifeofweb.com/post/3230264115http://lifeofweb.com/post/3230264115Fri, 11 Feb 2011 06:22:33 +0000