Month: February 2016

Posted on

Contratos deixam de poder ser celebrados por telefone

Contratos deixam de poder ser celebrados por telefone – PÚBLICO

Boa!

Muito abuso têm feito com isto. Já por duas vezes rebati (felizmente com sucesso) a EDP e a NOS (então Zon) que vinham alegando que eu por telefone tinha negociado redução do serviço.

Com a NOS tiveram o azar de eu ter contrato em papel na mão, assinado 3 meses antes da alegada redução para quase nada.

Então dizem que meros 3 meses depois de eu assinar um contrato para aumentar significativamente o serviço fui por telefone reduzir para menos do que tinha quando subscrevi serviço na TVCabo? Ora provem lá isso, que eu tenho aqui o contrato…

“Ai tem o contrato? Aguarde um momento por favor”

🙂

Já a EDP tentou alegar que o débito directo não estava autorizado e se eu autorizava novo mandato que mandavam novo contrato para assinar (provavelmente perdendo algum dos descontos).

Ao telefone tive literalmente de lhes gritar para que me enviassem provas do débito recusado, porque não voltava ao banco alegando problemas sem prova, e rejeitando qualquer responsabilidade por falhas, e ai deles que me cortassem a electricidade…

Como se recusaram a enviar, lá voltaram a tentar e deu. Que generosos!

Por isso telefone é muito giro e tal, mas tenham sempre o papel na mão…

Posted on

Portuguese are DEFINITELY NOT LAZY…

Ooo… sorry for shouting. I hope I haven’t hurt your ears, specially if you enjoy that mantra about lazy Portuguese. Actually… the most people I hear it from are right-wing nuts parroting The Message their idols injected in their puny minds.

Here it goes, from OECD and restricted to the EU countries so it’s easier to understand:hours-worked-eu-2013One thousand, eight hundred and fifty two hours per year on average.

(Yes, I didn’t notice the graphic included other countries, I thought the EU filter reduced, and it did, the list of countries but it didn’t remove explicitly selected countries, I’ll fix that later)

Aha, your neo-liberal devil whispers in your ear… in average… now we got him!

Well, the definition of work for this graphic is:

Average annual hours worked is defined as the total number of hours actually worked per year divided by the average number of people in employment per year. Actual hours worked include regular work hours of full-time, part-time and part-year workers, paid and unpaid overtime, hours worked in additional jobs, and exclude time not worked because of public holidays, annual paid leave, own illness, injury and temporary disability, maternity leave, parental leave, schooling or training, slack work for technical or economic reasons, strike or labour dispute, bad weather, compensation leave and other reasons. The data cover employees and self-employed workers.

So this actually means that should you only consider full time jobs it would be an even higher value… and it’s not counting with “too many holidays”, or strikes, or whatever.

Reality calls, people…

(via Jan Wildeboer)

Posted on

#ilovefs – I 💕 Free Software

#ilovefs

Hey, it’s that time of the year when some megafuck dudes drop the strongest advertisement campaigns for selling chocolates, perfumes and flowers to your sweetheart!

But never fear! As usual in the world of Free Software, we like to turn things around 180º to turn around the evil powers into good powers and give a much better meaning to things.

As the GNU GPL and the copyleft movement have used copyright’s powers to bestow upon us the wonders of software freedom, let’s now turn this horrid day into a day of celebration of our love for Free Software.

Thank you all Free Software developers out there! I love your work and hope to be able to stand on your giant shoulders.

Love ya! 🙂

Posted on

Sleepy

Today would have been a good day to stay in bed a little bit more. 😪

Posted on

pam_ipahbac (and why not pam_hbac)

ipahbacThose implementing FreeIPA (possibly in the enterprise ready version called Red Hat Identity Management) in a hybrid environment (meaning… not just recent GNU/Linux operating systems but particularly including AIX and Solaris) may have noticed the lack of support of an essential component in AIX and Solaris: Host Based Access Control (HBAC).

Without HBAC support, when you join a server to a real every single enabled user will be able to login into that server, which just might not be what you want, specially in more “”””enterprise“””” (please do notice the several quotes) environments with different servers having different access roles (developers can go into development servers but not into application life-cycle, operations people not having to logon to developement servers, system administration teams, security officers, etc…).

Some applications sort of implement HBAC by letting you restrict the users that can log into them, but that is definitely not elegant as it defeats the purpose of HBAC: a centralized place where one can define such access rules.

Being a PAM module it needed to have a few features:

  1. KISS: it doesn’t have to do much more than get the rules, give success on the first match or just deny for any other reason
  2. be secure: be not fancy, worry not about UNICODE, do not worry about supporting the kitchen sink, etc. This means:
    1. most AIX and Solaris environments do not have special characters like ç or ó or µ, and actually user logins are short in length, so a design strategy was to make this module extremely restrictive about the character set it allows, UNICODE is awesome but it’s also a sea of unexpected security issues;
    2. do not over-engineer in libraries and sub-files, just implement the PAM groups it needs, do a simple ldap query, navigate through the results, reply to PAM with allowed or denied
    3. I definitely do not mean to imply pam_hbac is not secure, only that it’s a critical focus on pam_ipahbac

If in the future such fancy use cases that need these things come up, then it can be re-evaluated. It’s not set in stone. Just not the focus. Priorities and such.

And this is why pam_ipahbac was born rather than working with pam_hbac.

I believe jhrozek’s module to be much more advanced, but I also believe in the above principles, and the primary focus of this module is to work in AIX and Solaris so those plagued with those systems can at least use the awesome Free Software that FreeIPA is.

Also, because it’s fun to father some code.

Happy hacking!