Misc. Ramblings

September 15, 2004

Miracle Workers

For years, people have been trying to create emulators that don't suck. So far, as far as I know, no one has succeeded. Wired has an article saying someone has created an emulator that will run software developed for any platform to run on any other, without noticeable speed degradation.

If this is true, it would be a miracle. But. I'll believe it when I see it. Until then, I have some hot beach front property for sale. Cheap. No worries about neighbors. No need for a hot water heater or night lighting. Priced to move.

Phising for the Phoolish

I suppose it was only a matter of time before the first Gmail phishing attempt went out. This post here has an example of what appears to be an attempt to harvest Gmail logins and passwords disguised as a way of getting additional Gmail invites.

No word yet on when the pundits will start matching fonts to MS Word and saying it came from the Kerry campaign.

Aloha!

September 14, 2004

Open Hunting

You may have noticed that comments have been re-enabled. I don't know how long it will be until the spam bots find this site (yes, I have MT-Blacklist installed) and start spamming it again but until then, your comments are welcome.

Note that when you click on the comments link what you see will vary depending on your browser. It appears the MovableType folks wrote code that is interpreted differently by the major browsers. For Opera and Firefox I see a link that says "If you have a TypeKey identity, you can sign in to use it here."

But if I follow that link, and use my TypeKey identity to try to login I get an error messaging saying "The site you're trying to comment on has not signed up for this feature. Please inform the site owner." Heck if I know how to sign up since I have already inputed my TypeKey Token but I guess I'm supposed to do something else? I dunno.

If you are using IE, you probably won't see the link so it doesn't matter. But if you are using Opera or Firefox (and you should), ignore that link and just fill out the comment form.

UPDATE: I seem to have it figured out. In TypeKey, where it asks for the address of your applications it seems to mean where do you have, for example, mt.cgi installed. For some reason, I thought they were asking where the index.html file was (which in my installation are two different places).

In any case, I'm still having problems but I will note them by browser below:

For IE, if your security settings are high, you may not see the link to TypeKey for logging in. I tried changing my seetings by adding www.seto.org to my trusted sites and got the login link. But when I tried to login all I got was a blank screen. I'm not sure what other settings I need to change but if you get logged in, let me know.

For Firefox, it works without problems. 'Nuff said.

For Opera, I get the link but when I get logged in I get a blank page. I assume, like IE, the security settings are blocking things but I can't say for sure. More later if I get it figured out.

As noted before, you don't need to use TypeKey to login but it's there if you want/are able to use it.

Firefox Hunting

Speaking of browsers, Firefox Preview Release 1.0 is supposedly out. I say supposedly because, as of this writing, following the link they have to download the file ends in a 404. My guess is they released it then found a show stopper and pulled the file. I assume they will put the file back in due time but remember the PR is considered betaware so don't use it in a production environment without testing it first.

Or it could be something completely else. Whichever.

UPDATE: I was able to get in and download the file. All seems to be okay but if you wait a week or so the first Release Candidate will be out.

September 10, 2004

Almost There

It looks like Firefox 1.0PR will be out sometime early next week

September 09, 2004

MT to WP to MT

First up, version 3.11 of MovableType (hereinafter MT) is out. It fixes a bunch of installation bugs and other things found in version 3.1. Unfortunately, as of yesterday, the instructions don't say how to install the upgrade over a 3.1 installation.

Having now used both WordPress (hereinafter WP) and MT, I think I can do a short comparison. WP's install is much more robust and easier to do. This is not surprising given rival MT has a business designed to do the installations. Hence, MT has an economic incentive to make the install as difficult as possible so you will pay them to do it for you. WP has no such incentive so their install runs smoothly.

Once installed, WP appears to be less polished then MT. WP apparently assumes you will do all your writing in their GUI. Hence, as a feature, their interface automatically inserts line breaks. Unfortunately, if you use another editor to prepare your posts, and then copy the results into WP, it will insert line breaks where it chooses. Even if that is in the middle of a tag. Inserting a <br> tag within another tag disables the tag. This is not a Good Thing. MT has an option to disable this function but, as far as I can see, WP does not.

In addition, plugins written for WP are still in the early stages of development (as is WP itself). So, you should not be surprised if changes in WP break certain plugins or if the plugins themselves don't work. For example, a port of MT-Blacklist (an anti-comment spam plugin) for WP doesn't work. Another plugin, one to automatically close comments after a certain number of days, actually closes the database to all changes (making it impossible to login or out of WP nor to add any new comments at all).

I assume these kinds of problems will be corrected and that WP will become more polished and usable. Until then, I'll continue to use MT.

Aloha!

September 08, 2004

MovingBack

I’m in the process of re-installing MovableType 3.1. I think I know why the install didn’t work the first five times I did it. It wasn’t the permissions nor the paths. The 500 error I got was because the Perl scripts couldn’t find the files they were trying to execute. Why? Because I had set my FTP program (WS_FTP) to convert all file names to lower case letters. I do this because I standardize all file names that way to be consistent.

In a Unix based operating system like FreeBSD, case is important. I don’t want to jinx things so I’ll say no more until I have MT up and running.

Please remember to bookmark my current.html page as that will always point to the current post. Thanks for your understanding.

Aloha!

September 07, 2004

Start Your Engines

Marc Andreessen said it best when he said; “In a fight between a bear and an alligator, what determines the victor is the terrain.” So it will be interesting to see who wins this race between NASCAR champion Jeff Gordon and Formula One champion Michael Schumacher in the 2004 Race of Champions in France.

Aloha!

September 03, 2004

Breaking Through

I use HTML-Kit as my HTML editor mostly because of a plug-in called Tidy (recently updated, fixing some bugs that have bothered me for years. The download is separate from HTML-Kit.). This plugin does an HTML syntax check and automatically brings, as much as possible, the HTML into compliance with the W3C standards.

While HTML-Kit is not designed to accommodate entire websites, it does a pretty good job of editing one page at a time and worked just fine with MovableType.

Now that I’m using WordPress, I see that it (WordPress) takes the output from HTML-Kit and inserts a <BR> tag at every line break. This does nasty things to the HTML. I found out how nasty when I imported my MT posts into WordPress. For now, you can take a look at some of the old posts that I imported from MT and see broken links and other strange artifacts caused by this behavior. If anyone has any ideas on how to do my editing in HTML-Kit and then copy the text into WordPress without having additional line breaks but in let me know.

I think the best thing to do is delete the MT posts and just link to the static files which MT created. As you may have noticed, I am a big fan of static files as they will always be there no matter what happens to the database itself (which is not the case with WordPress).

I’ve hand edited a few of the old pages but have decided that it’s not worth my time to go through the hundreds of old posts to correct these problems. If anyone knows of a good solution let me know. Otherwise, I’m going to eventually delete the imported posts and just link to the MT archives.

Music to Tin Brains

Microsoft has launched their iTunes-like music store (see it here). It’s not much to look at and certainly is not as user friendly as iTunes but I guess it’s a start.

Having said that, the same artists that aren’t available on iTunes (e.g., the Beatles and Led Zeppelin) aren’t on MSN either. In addition, MSN is charging the same as iTunes. So, other than downloading in a different format, MSN seems to be on the short side of the ledger.

It seems to me that if MSN wants to get a larger share of the business, in an environment in which they are not the leader, they have two choices: sell at a lower price or provide a better user experience (Did he just say “user experience"? -ed.). Since MSN has historically done everything except lower prices (removing functionality, yes. Prices, no.), they had better get going on re-doing the interface.

For example, they provide a short clip of a song so you can preview it before deciding to buy. Only, they don’t make it obvious how to hear it. Even when you click on the song, nothing appears to be happening even though the clip is in fact being downloaded. They need to give the customer some visual feedback that indeed, something is happening (especially on slow dial-up accounts).

Oh, by the way, depending on what browser you are using, you may in fact get no response when you click on a song. I tried using Firefox and Opera and couldn’t get either to work but using MS IE did (after I added the URL as a trusted site).

Another example: you shouldn’t have to scroll around the screen to find navigation links. They have some links at the bottom of the page that go to complete listings of, for example, the most popular songs and new albums. This means you have to scroll down to use them (unless you are running on a screen resolution higher than the 1280 X 1024 I’m running). This assumes, of course, you hang around long enough to discover the links. Many people won’t because they don’t have the time to waste.

In addition, upon clicking one the links, IE blew up. After restarting I tried to see how I was supposed to create an account. I figured I would try “My Account.” I clicked on it and was taken to page saying I had scripting disabled so I had to go through a different process by clicking on a button marked “Continue.” So I clicked on the button and was taken to what looked like a login screen. It asked for my email address and below it was a box for something. I assume it was for my password but there wasn’t anything saying one way or another. Since it looked like my Hotmail/.Net Passport would work (they had a small .Net/Passport graphic) I tried that. Nope, no joy. In fact, since all there was on page was the two boxes, plus a small check box I’m not sure how I’m supposed to setup an account. Trying to click on “Buy” just took me to the same place.

On the bottom of the home page was a link to Customer Service so I tried that. From there was a link to creating an account. Okay, but what I see there isn’t what I see when I try to create an account. I assume again it’s because I have IE running with no “features” enabled. I checked out the system requirements page and found I must enable cookies, ActiveX controls, navigation across domains, and accept the installation of something called MSN Music Assistant (requires that something called “Background Intelligent Transfer Service” is enabled). And, of course, you would need to be logged in with Administrative rights to allow the background installation of MSN Music Assistant.

From this, as far as I can tell, MSN wants you to run only IE and only with very little security enabled. I’m not going to go into a long rant about just how insecure IE is and how even CERT recently took the unprecedented step of recommending people think about using, as one of several possible steps towards higher security, another browser. But if MSN wants any money out of me, they better try creating a site that is standards compliant and doesn’t require me to use insecure procedures to access it.

I then tried downloading Microsoft’s new Media Player 10. It’s a 12MB download and took a little less than 20 seconds to download. After installing, it appears using the Media Player is a much better way of listening to music on the MSN site. But, when I tried to buy some music, I ended up at the same page with the two boxes that I saw before. And as before, I was not able to create an account. Sigh.

The only good thing I can say about the MSN site is that I heard a couple new songs that I wanted so I fired up iTunes and bought them there.

Have a Great Weekend Everyone - Aloha!

September 02, 2004

In The Beginning, Part 2

I’ve tried fixing whatever is broken in MT 3.1 but have not been successful. So I decided to temporarily load something else so I could at least get a post out.

So, what I’ve installed is Wordpress. I could not believe it when they said their install would take only five minutes and I was right. It took less. Not only doesn’t it matter what directory you install the application, you don’t have to worry about permissions or paths. All you have to do is know your database configuration (username, database name, password, and if needed - hostname) and that’s it.

The install ran without problems and here we are.

Having said that, “here” is looking a little sparse and I still need to figure out how to display links but that will come. Of course, I’m still worried that it dynamically creates pages so if the database ever becomes corrupted, lost, or hit by aliens joy riding on a Saturday night all will be lost.

Oh well, I gotta go…

Aloha!

Let There Be Color

I’ve found a site with many different WordPress themes. Alex King has done a great job of creating some of his own and gathering the best from others in one place. If you are using WordPress and are interested in changing the look of your site, by all means visit Mr. King’s site.

I’m starting with one called “Blue Fade” that I will, over time, edit to match my own taste.

September 01, 2004

Movin' On Up

MovableType 3.1 is out. The long awaited update to version 2.6x includes the choice between static or dynamic page functionality, sub-categories, post scheduling, and other new features. As usual, the thundering herds will probably be at the trough (although its a small 1.7MB file so it won't take long to get once you're there). Note, you have to be registered (free) but it will probably be worth it to do so. I know I will heading off to download it right after I finish uploading this post. Note also that the free version includes no support and is set-up for one author and no more than three weblogs. If you need more power (Scotty, we...need...more...power!) you have to pay $69.95 for the five author unlimited weblogs version.

August 31, 2004

Soon to Be Out

Orion computers 96 node PC Tired of UberGeeks kicking sand in your face when they whip out their twin Xeon processor PC? Well, just wait until you see the envy when you slide this Orion 96 node box from under your desk. That's right, 96 processors, 150 gigaflops sustained (300 peak), 192GB of RAM (192 gigabytes of RAM?!?!?), and up to 9.6 terabytes of disk storage. All in a box that's not much larger than your run-of-the-mill server tower (Okay, maybe a little larger than your standard full tower case. The point is it's in a case that you can plug into any wall outlet, flip one switch to turn it on and doesn't require a team of workers to keep it running).

It runs the Linux 2.6 kernel (you didn't think this would be running Windows XP Home now did you?) and includes the "standard parallel programming libraries, including MPI, PVM and SGE." [I think I got the links right but I'm not into cluster programming so I could be wrong on some of them.]

If the thought of selling your house to afford one of these ("priced at less than $100,000") is beyond what you want to do you can instead get the 12-node version ("priced at less than $10,000) that sits on your desktop. Note that neither is currently available for purchase although both are slated for release Real Soon Now.

Out, But Not Down

WinAmp has issued a security update to their popular music player. If you are using versions 3, 5, or 5 Pro, go read the article from WinAmp here and then update your player here.

I'm not qualified to say whether the fix is really a fix since it appears the exploit can still be executed, although it would require your explicit permission but it still makes sense to get the update. The bottom line is security must include the user and this is, I think, a good example of that.

August 30, 2004

Hang Fire

It is probably still subject to change (as was the last...sigh) but the Mozilla Firefox browser road map says 1.0PR is due out today. 1.0PR will be followed by 2.0PR and then RC-1, 2, and so forth until 1.0 Gold comes out (scheduled for October 11th).

As noted, the schedule has already slipped at least once and will probably slip again but all we can do is watch as they move closer to going gold.

Does Anybody Know What Time It Is? (Does anyone care?)

Speaking of dates, I've decided to switch to ISO-8601 compliant notation. I think there is too much chance for mis-communications when using numbers to represent dates. For example, in the US, 05/12/04 represents May 12, 2004. But in most other countries, it would mean 5 December 2004. Under ISO-8601, I think both are wrong as it should be read as 4 December 2005.

This means when I use numbers (as opposed to spelling out the month which, as I understand it, ISO-8601 is silent on since there is no ambiguity when you spell out the month) to designate a date, it will be in the general form of YYYY-MM-DD. In addition, time will be expressed using the 24-hour clock with the offset to Universal Coordinated Time displayed after the local time. For example, 23:30-10:00 would be displayed instead of 11:30 p.m. Hawaiian Standard Time.

Since I very rarely, on this blog, type out dates using only numbers, there shouldn't be much of a change. On the other hand, I do refer to the time, from time to time. But I assume most people will understand what time it is.

As an interesting sidebar, those wacky ISO people apparently created two different designations for midnight. From what I understand, you can say 2004-08-31T24:00-10:00 or you can say 2004-09-01T00:00-10:00. Don't ask me why because it seems to create an ambiguity, something I thought they were trying to get rid of (in addition, no digital clock I know reads 24:00 at midnight). In any case, I'll just say midnight rather than use numbers.

Aloha!

August 26, 2004

SP2 SPlat

The first known SP2/IE vulnerability was reported and verified last week Friday (five days before SP2 for XP Pro went live on Windows Update). Clicking on a web page image with a hidden program downloads an executable to your startup folder. Hence, the next time you reboot the program executes and your box would be 0wn3d by 133t h4x0rs.

August 25, 2004

Ends to the Means

Sometimes people can forget what their goals are or confuse the goals with the means to the goals. In the case of network security, it may manifest itself in people tending towards either security or usability. But I would say each is an objective towards a goal, but not the goal itself.

If neither is the goal, just what is? The goal, in my opinion, is to facilitate the operations of the business or government entity so that, in the case of business, it makes money and in the case of a government entity, the policies of the decision makers are carried out.

Notice that I am in no way saying the network should be configured solely to make it easier for IT people to maintain nor solely to make it easy users to access. In the first case, no one would have access and the data would remain in a pristine, if useless state. In the second, everyone would have access and the data might be suspect and therefore also useless.

In order to reach their respective goals, security must be balanced with usability. But this balance is based on criteria such as, but surely not limited to, how secure the data must be (based on context) and how computer savvy are the users.

Data that someone would want to access, without the proper authority to do so may need a higher level of security than something that is not valuable to anyone other than those already authorized to use it. For example, salary levels are considered highly proprietary information by businesses. On the other hand, public officials have their salaries, many times, set in statute and therefore are open to anyone. How much government spends and what its revenues are is also public information. Hence, the context of what is being stored may make a difference on the level, if any, of security.

Likewise, if people authorized to access salary data are not able to, due to security, because it is overly cumbersome then they can't help, for example, the business make money.

Now, you would think all of this is obvious and why am I wasting these electrons telling you this. Well, there is a saying that the customer is always right and perhaps there will come a day in which the competing values of network security and usability will not longer be a problem. But as many businesses learn, not all customers are right for their business. I mean, in a service business like, for example, computer customer support, a minority of your customers create a majority of your work. In most cases, a business model like this is workable because everyone pays for the service but only a minority actually use it. So a business can still make money under this model.

But get enough of the wrong kind of people, either as users or people wanting to inappropriately access your data and it is possible that the experience of providing support is higher than the money coming in.

In my case, I know of two people in our office that between them, generate more service calls than the rest of us combined. Why? Partly it's because network security is not as transparent as some would believe and partly it's because these users don't understand the concept of a computer, much less a network of computers.

One solution would be to open the network to anyone. In our office that might not be so bad of an idea. Being a court house, this building has pretty good physical security. I'm not going to list what this includes but suffice it to say no one gets in without being noticed. Further, the resources available are not so much different from what is available on our public facing Internet servers. So heretical as it may sound, a case could be made to eliminate network passwords or at least standardize on one password that gives access to all required data (as opposed to having one to login, one to get email, one each to access the mainframes and minis, etc.).

But you may work at a place where data positively must be kept only for those authorized. If so, you have to balance that with making it accessible to everyone that is authorized. To do that, you may have to spend money and get retinal or fingerprint scanners. This costs money, but so may losing proprietary information to a competitor.

The bottom line is to remember what your goal is and not to confuse it with the means to the goal.

August 23, 2004

Have It Your Way

As Microsoft rolls out Service Pack 2 for Windows XP, there are now several ways to get the update. The first, as noted on these pages earlier, is to download the full 272MB file here. The second is for MSDN subscribers where you can download the 474MB ISO image for installing from CD (it includes utilities described as useful for corporate environments). A third way to install SP2 is to download this 1.6MB express installer that will then download only the files you need (which may or may not be less than 272MB). Of course, the fourth way to get SP2 will be to wait for Windows updates (automatic or otherwise) to go live on August 25th for Windows XP Pro users (XP Home should have gone live already). You choose which way is best for you.

August 19, 2004

Scripted Answers

I'm currently working on using an Adobe Acrobat form as a front end to a Microsoft Access database. The form is used to request vacation or sick leave time off. The database would keep track of the used time and calculate how much time is left at the end of the year.

To try to automate the process, I'm using the Acrobat plugin that enables Acrobat JavaScript (AcroJS). AcroJS allows me to use SQL commands that access the database.

This means I get to learn AcroJS and SQL. Joy and rapture. Not. But I guess it keeps me off the streets and out of trouble. [g]

August 17, 2004

DOS Ist Goode

Browser, I don't need no stinkeen' browser. I'm no expert on firewalls but it seems our Information Technology office is having problems with our firewall this morning. Anything through port 80 is being blocked but everything else is flowing. So I can do email, telnet, and ftp but no web access.

So, I can telnet to my account at pair.com and use Lynx to surf the net. Having done that, there isn't a whole lot interesting going on right now so I'll leave you with this that I found under a mossy rock:

A Tale of the Shire

Long ago, in the days when all disks flopped in the breeze and the writing of words was on a star, the Blue Giant dug for the people the Pea Sea. But he needed a creature who could sail the waters, and would need for support but few rams.

So the Gateskeeper, who was said to be both micro and soft, fashioned a Dosfish, who was small and spry, and could swim the narrow sixteen-bit channel. But the Dosfish was not bright, and could be taught few new tricks. His alphabet had no A's, B's, or Q's, but a mere 640 K's, and the size of his file cabinet was limited by his own fat.

At first the people loved the Dosfish, for he was the only one who could swim the Pea Sea. But the people soon grew tired of commanding his line, and complained that he could be neither dragged nor dropped. "Forsooth," they cried. "the Dosfish can only do one job at a time, and of names, he knows only eight and three." And many of them left the Pea Sea for good, and went off in search of the Magic Apple.

Although many went, far more stayed, because admittance to the Pea Sea was cheap. So the Gateskeeper studied the Magic Apple, and rested awhile in the Parc of Xer-Ox, and he made a Window that could ride on the Dosfish and do its thinking for it. But the Window was slow, and it would break when the Dosfish got confused. So most people contented themselves with the Dosfish.

Now it came to pass that the Blue Giant came upon the Gateskeeper, and spoke thus: "Come, let us make of ourselves something greater than the Dosfish." The Blue Giant seemed like a humbug, so they called the new creature OZ II.

Now Oz II was smarter than the Dosfish, as most things are. It could drag and drop, and could keep files without becoming fat. But the people cared for it not. So the Blue Giant and the Gateskeeper promised another OZ II, to be called Oz II Too, that could swim the fast new 32-bit wide Pea Sea.

Then lo, a strange miracle occurred. Although the Window that rode on the Dosfish was slow, it was pretty, and the third Window was the prettiest of all. And the people began to like the third Window, and to use it. So the Gateskeeper turned to the Blue Giant and said, "Fie on thee, for I need thee not. Keep thy OZ II Too, and I shall make of my Window an Entity that will not need the Dosfish, and will swim in the 32-bit Pea Sea."

Years passed, and the workshops of the Gateskeeper and the Blue Giant were overrun by insects. And the people went on using their Dosfish with a Window; even though the Dosfish would from time to time become confused and die, it could always be revived with three fingers.

Then there came a day when the Blue Giant let forth his OZ II Too onto the world. The Oz II Too was indeed mighty, and awesome, and required a great ram, and the world was changed not a whit. For the people said, "It is indeed great, but we see little application for it." And they were doubtful, because the Blue Giant had met with the Magic Apple, and together they were fashioning a Taligent, and the Taligent was made of objects, and was most pink.

Now the Gateskeeper had grown ambitious, and as he had been ambitious before he grew, he was now more ambitious still. So he protected his Window Entity with great security, and made its net work both in serving and with peers. And the Entity would swim, not only in the Pea Sea, but in the Oceans of Great Risk. "Yea," the Gateskeeper declared, "though my entity will require a greater ram than Oz II Too, it will be more powerful than a world of Eunuchs."

And so the Gateskeeper prepared to unleash his Entity to the world, in all but two cities. For he promised that a greater Window, a greater Entity, and even a greater Dosfish would appear one day in Chicago and Cairo, and it too would be built of objects.

Now the Eunuchs who lived in the Oceans of Great Risk, and who scorned the Pea Sea, began to look upon their world with fear. For the Pea Sea had grown, and great ships were sailing in it, the Entity was about to invade their oceans, and it was rumored that files would be named in letters greater than eight. And the Eunuchs looked upon the Pea Sea, and many of them thought to immigrate.

Within the Oceans of Great Risk were many Sun Worshippers, and they wanted to excel, and make their words perfect, and do their jobs as easy as one-two-three. And what's more, many of them no longer wanted to pay for the Risk. So the Sun Lord went to the Pea Sea, and got himself eighty-sixed.

And taking the next step was He of the NextStep, who had given up building his boxes of black. And he proclaimed loudly that he could help anyone make wondrous soft wares, then admitted meekly that only those who know him could use those wares, and he was made of objects, and required the biggest ram of all.

And the people looked out upon the Pea Sea, and they were sore amazed. And sore confused. And sore sore. And that is why, to this day, Ozes, Entities, and Eunuchs battle on the shores of the Pea Sea.

Aloha!

August 16, 2004

Making a List

Microsoft has created a page listing programs that "may behave differently" after you install Windows XP Service Pack 2. I assume this is a euphemism for everything from blowing Windows into a blue screen to corrupting data. The list includes, among about 200 others: Pagemaker, Photoshop Elements, Extra!, Autocad 2004, Citrix ICA Client, ArcServe, WordPerfect Office 11, Cute FTP 5, Quicken Deluxe 2001, Office XP, Outlook 2000/2002/2003 and ZoneAlarm 5.0.590.

In addition, MS has a list of programs that are blocked by their firewall.

August 13, 2004

Just Popping In

As you may remember, I'm in the process of building a PC for SWMBO. So far I have the Intel 2.8E CPU (Prescott), Intel 865GBF-L motherboard, Sony 700A Dual Layer DVD burner, Antec 380TruePower supply, 1GB of Kingston RAM, Windows XP Pro (OEM version), and Windows Office 2003 (student version). I still have to get a hard drive (probably a Seagate SATA), and a case.

In looking for a case I found that Intel has thermal specifications for its processors that have been translated into a case guideline called Thermally Advantaged Chassis (there is a version 1.0 and 1.1). You can read what Intel has to say about it here and a little more here. The second link includes cases Intel has tested and says will keep the CPU temperature at or below the 38°C (~100°F) maximum of the specification.

While I am sure other cases can also keep the temp below 38°C, you may want to consider picking your case from one of the companies on the Intel approved list (and perhaps replace their power supply with one from Antec). Or not. It's up to you. YMMV.

The problem I'm having is finding someone locally who sells any of the tested cases. If I try to mail order one of these I end up having to pay almost as much for the shipping (and in one case more) than the case itself! Oh well, just another example of the price of paradise.

Have a Great Weekend, Everyone - Aloha!

August 11, 2004

Off the Mark

This one was just too good to pass up. If you live in Thailand, Malaysia, or Singapore, Microsoft has an operating system for you. It's called Windows "Starter Edition" and costs about $36 (I assume this is a US equivalent). However, the edition reportedly will allow only three applications to run at once (assuming you have the hardware to run more than one application at a time).

The crippled edition, due out in October, is apparently Microsoft's response to inroads made by the Linux operating system. Unfortunately for MS, Linux is widely available for free (so are stolen copies of Windows in Asia - ed.) so even at $36, Windows will be more expensive than Linux.

While I think a lower price is a good idea, getting an even more crippled operating system, in my opinion, is not the answer. The answer is to sell Windows XP Pro for no more than $50, which is what it's worth. When Longhorn comes out, they could raise the price to $75. But otherwise, Windows just isn't worth the two or three hundred dollars they charge now.

See the story from TheRegister here.

Mail Call

Date: Wed, 11 Aug 2004 12:11:49 -0600
From: John Doucette
Subject: Novell client 4.9sp2

Hi Dan

I did not need to upgrade Novell clients when I installed WinXP SP2 but decided to try 4.9sp2 just for fun. I find so far that connecting to mapped drives to a Novell 4.11 server is now faster. Other than that I see no difference and the change log did not look like it would do anything for me.

I should note that fast access to Novell drive from XP is a known issue I see a lot. I have tried other Novell client versions to find initial access speed good then it goes away. I am hoping 4.9sp2 will be a winner and so far after 18 hours of use is still going strong which I think for me is a record.

John

Aloha!

August 10, 2004

Mozilla Firefox 1.0, RC1

According to the road map, Mozilla Firefox version 1.0 Release Candidate 1 is supposed to be released soon (like today). Since the Moozes haven't been able to reach many if any of their goals on time, I would take the time line as a guide and start checking soon for the RC1.

Windows SP2, II

I had an update to my post on Microsoft Windows XP SP2 yesterday so take a look if you didn't see it. As a follow-up to that I've now installed the update on three PCs. The first, as noted earlier was my Dell OptiPlex 260 at work. I followed that with my Dell Inspiron 1150 laptop, and then my main PC at home (which is a whitebox PC). All installed successfully except for the last one.

My main PC at home has an Intel 815-based motherboard, Intel Pentium III 933MHz CPU, Plextor CD burner, Maxtor hard drive, and 512MB of Kingston RAM. When I tried to install SP2, the install stopped at the point of installing MovieMaker 2 (don't ask me why it installs that since I don't use nor want it but you have little or no control over what gets installed). I let it sit there for two hours just in case it would start up again but no joy. So I ended up doing a hardware reset.

The PC rebooted Windows and came up with an error message saying the system was in an unstable state (no sh*t, Keemo Sahbee) and to remove SP2. So I went into Control Panel, Add/Remove Programs, and started the process to remove SP2. Note that you may get a couple of dire warnings saying removing SP2 will cause everything, including the NTKernel to stop working. Ignore the warnings and continue on. Once SP2 was removed and the system rebooted I tried installing SP2 again. This time it worked. I don't why it got hung up the first time but all seems well now.

Having now seen what gets installed I'm sorry to say I'm underwhelmed. I downloaded over 270MBs for what? I don't use Internet Explorer so it doesn't matter to me if it's allegedly a little safer to use. I don't use MovieMaker. I already have a firewall (ZoneAlarm at work and Sygate at home on the laptop). I don't use Outlook or Outlook Express so I don't care if it's less of a security hole than before. I dunno. Maybe recompiling everything with most buffer overruns cleared out is worth it. Assuming here that they got all of them (which time will tell).

Anyway, if you support PCs for a living, I assume you have already downloaded this and are evaluating the impact it will have on operations. If you are JoeAverage with a dialup connection, I would wait until Windows Update has the smaller 90MB update available (rumored to be around August 25th).

August 09, 2004

What's What?

So, the IT professional version of Windows XP SP2 is finally out (see the page here). Microsoft says this version is for installing to multiple computers and that if you only have one PC to update you should wait for it to hit the Windows Update site (around August 25th according to the rumors) since there will be a more compact version available then.

Note that the network version of the download is over ~~266MBs!~~270MBs. That's right, over ~~TwoHundredSixtySixMegaBytes~~Two_Hundred_Seventy_MBs. Even with our VeryFatPipe at work it took a little over three minutes to download this file. Those with slower connections should really think about waiting until it's available through the Windows Update. You Have Been Warned.

Late Update

Installing SP2 took almost 20 minutes on my Dell 2.6GHz Pentium 4. At about the 15 minute mark things look like nothing much is happening but eventually it completed. Once you reboot and Windows comes up you _MUST_ choose either to enable the firewall now or enable it later (choose one of the radio buttons "Help protect my PC..." or "Not right now.").

Once Windows finished booting I noticed the Novell Netware login script failed to execute. Thus, none of my Novell network resources (shared drives and email via Lotus Notes) were available. Major Bother. I could live without the shared drives but I cannot get by without our internal email.

So I went to Microsoft to search in the Knowledge Base for anything but was not successful. From there I went over to the Novell site and searched. Eureka! I found a new Netware Client 4.9SP2. This is a 20MB download but was not a problem for our network. After installing and rebooting all is well. It would be nice if MS would acknowledge that Netware has a problem with SP2 (assuming here it hasn't).

In any case, I've also found that the MS firewall has failed to enable. Perhaps it's because I already have ZoneAlarm installed and running but I don't know for sure. All I know is I've tried enabling the MS firewall three times and each time I get no error message but I also don't see it enabled. I guess I'll have to check into this further but since I already have a firewall installed this is not a high priority.

Aloha!

August 05, 2004

What's the Point?

There are a couple of point releases to Mozilla's Firefox browser and Thunderbird email programs. Both updates apparently address security concerns. Be aware that the first release of the Firefox update has/had an install bug (I guess depending on which direction you are facing, it says it's installing .2 when it's actually .3 and if you check the Add/Remove programs from Control Panel it will identify it as .3, unless of course, you actually get the .2 release, which will then say .2. If you really want to be sure which version you are getting you can follow this FTP link here). By the time you hit their site they will probably/hopefully have fixed it.

On Point

With the release to manufacturing yesterday (RTF) [update: now delayed again! No word on the release date.] of Microsoft's Service Pack 2 for Windows XP comes this good review of just what the fuss is all about. Of course, most of my 11 irregular readers have already downloaded the various release candidates and already know. But for those drive-by visitors who haven't, take a look. Note that the site has a sidebar that says you can start downloading the gold code today but as of this writing I have found no evidence to support this statement [update: the RTM has been delayed again due to problems identified at the last minute. When the problems are solved, you will be able to download it from the site below].

For those of you who develop or maintain web sites that use ActiveX components you may want to take a look at this Microsoft article on how to modify the site to work with the changes in SP2. You could also check out a site MS created that includes Resources for IT Professionals as it relates to SP2 [This is the site mentioned in the review above that says you can download the gold code today. This site used to have links to the various release candidates but as of this writing, does not have a link to the gold code. However, from what I understand, when the problems mentioned above are resolved, the site will have a link to the code].

By the way, there is also a SP1 for Office 2003 (Office update site here). It includes the regular bug fixes and security patches but also what is being described as substantial changes to Infopath and OneNote. I don't have either installed so I can't say but if you do, you may want to check it out.

Aloha!

August 04, 2004

Mail Call

Date: Wed, 4 Aug 2004 13:11:42 +0100 (BST)
From: Phil Hough
Subject: Scripting

While it's true that scripting is inherently a problem. Both from the security standpoint and the compatibility standpoint I think you're overreacting a little.

While it's pretty straight forward to craft a website that uses only server-side code (heck... I've written a good few), and that site then is inherently more secure (and compatible), at the end of the day it's the users that want more.

From my experience I tend to find that Javascript is essential to add "usability" polish. There are some things you just can't do with server-side scripts, that users want, or in my case demand.

Let's take an example of a form. The customer wants the form to be checked on submission and if the user hasn't filled a certain part out, for the submission to be cancelled.

To do this in Javascript you catch the onsubmit event, popup an alert and return false. a couple of lines of code, and the user is able to quickly modify and resubmit.

To do this sever side. The submission must be made. Any data that passes validation saved, the user then returned to the previous page, with their data in place. You can't do a popup at this point, so you must display the message prominently. And to do this you've added lots and lots of extra code. You've also slowed and made less obvious the whole process.

A brilliant example though is date selection. On the sites I've worked with we've got two date widgets. One a small pop-up window with a current month calendar, click the day and the form field gets filled in with that date. The other is a date field with today's date in, which has an arrow either side. Click to increase or decrease the date.

You simply can't do that anywhere near as well with ASP. At the very least you'd end up keep submitting the page every single click. Not good for the user experience at all.

So I'd suggest that while Javascript isn't essential, it certainly leads to a much nicer user experience, and possibly a less complicated set of code as a result.

ATB.

Phil

Date: Wed, 04 Aug 2004 06:35:08 -1000
From: Dan Seto
To: Phil Hough
Subject: Re: Scripting

While all of that is true, I think the situation you describe is not what I had. Dell was asking for information from me as opposed from me wanting something from them. Hence, if they want my input, they should make it easy and safe for me to do so.

As far as checking the form, I don't particularly care if the survey is complete or not. If I wanted to, I could leave it all blank and it wouldn't make any difference to me. In fact, if they did checking and bounced me back into the survey to answer all the questions I would probably just shutdown the browser and move on.

So, I think the user experience depends on who wants what from whom. Since Dell wanted me to tell them what their business should be, they had better make it easy and safe for me to do so or I won't come out and play. [g]

Date: Wed, 4 Aug 2004 18:16:38 +0100 (BST)
From: Phil Hough
Subject: Re: Scripting

So what we're boiling down to is that the use of such tools is very much dependent on the task which is being carried out. Right tool for the job and all.

And to that, and your example, I don't disagree :)

ATB.

Phil

From: John P. Dominik Subject: Javascript, etc.
Date: Tue, 3 Aug 2004 13:28:24 -0500

Well, color me a box in the "here here" column. I've disabled all of that stuff, or required it to ask. I routinely check cookies, and reject those that don't expire until next year - or thirty years from now. Like I'll still be using the same computer/browser that long.

ActiveX and other technologies are cool - the problem is, as with any tool, the more powerful you make it, the more responsible the user needs to be. And a very powerful tool with skript kiddiez around is a bad idea. For a time I managed to secure at least my own work machine by using IE only for internal work, and Netscape for external sites - but that didn't last long.

Oh well. My $0.02 - in Hawai'ian currency. ;-)

---
John Dominik
http://john.clandominik.com/current.html

Aloha!

August 03, 2004

Enough is Enough

I thought my post on javascript might get a reaction out of some of my visitors. But I still stand by my statements: Javascript is being used when there are alternatives available. You don't need to use javascript to create a submit button, or a link to the next page, or link to an image. While there may be some advantage to the web site creator to use javascript, the security disadvantages to the user, in my opinion, outweigh the benefits.

Javascript is a security hole waiting to be exploited so why trade safety of the server against the safety of your customers? Why not secure the scripting engine on the server rather than trying to secure thousands of desktop PCs?

Does javascript serve a purpose? Yes. But then, so does ActiveX or .Net or .ASP. Does that mean I have any of these (mostly) client-side technologies enabled on my PC? Nope. I don't have any figures on how many people have secured their desktops but I would think it is a growing number as more and more people realize the security implications of these features. Each one of these security conscious people is a lost customer. Are things so regulated that you can dismiss these customers?

There are those who say we shouldn't throw the baby out with the bath water. That is, over time, these security exploits will be found and written around. Perhaps. You could say if you have server-side Perl or PHP running there are exploits possible but, over time, most have been closed. Which would be true. But these typically exist on the server, not the desktop and the duty to fix it is with the writer of the script, not the user.

Which brings me to my last point. I talked earlier about fiduciary responsibilities. While I am not a lawyer, I would think forcing someone to open themselves to security exploits, in order to use their service, opens the service provider to liability to ensure that doing so does not result in a loss (economic or otherwise). I can see the lawyers salivating at the lawsuits now...[Why do you think many sites have "warranties" that warrant nothing? These warranties are actually disclaimers saying the sites know nothing, see nothing, and do nothing. My reaction to these sites is to TURN THE DAMNED SCRIPTING OFF.].

Deciding what security exploits are important enough to disable client-side scripting is up to you. Only you can decide the costs and the benefits. But I've decided that just because someone wants to use javascript to create a submit button on a form doesn't mean I'm going to open my desktop to the exploit of the week. Enough is enough.

Mail Call

From: Sjon Svenson
Subject: daynote
Date: Tue, 03 Aug 2004 00:33:26 -0700 (PDT)

Script this

One advantage of JavaScript (or VBS or...) is that it runs on the local machine. That means it's fast (users running under-utilised multi-gigahertz boxes while your poor overtaxed server is overheating). If, for example, you make a form and want the user to enter a time and date you can check that on the page. Without browser-wide scripting the whole form has to make a round trip to the server. Without the script the page may be smaller but it has to pass back and forth. So what you gain in bandwidth with smaller code you loose on roundtrips (unless the user makes no errors...). So the gain/loss is not in bandwidth but in execution speed and connection latencies. The difference is negligible unless you hang on with and old PSTN modem to a flakey line.

-- Kind regards,
Sjon Svenson

From: Jon Barrett
Subject: Javascript vs. Post/Get
Date: Tue, 3 Aug 2004 08:24:48 -0400

"But even if I didn't use a different browser, why use javascript to submit a form when you could use post or get? Neither post nor get opens the user to any security threats (AFAIK). Nada. None. Zip. What advantage to the user is there to using javascript submit button? Again, nada, none, zip. "

OTOH, many website attacks rely on buffer overflow in POST or GET. Using javascript allows the website owner to perform post-processing and data validation on the local PC rather than on their own server. Thus it provides the site owner with improved security.

Jon

Jon Barrett
Kensington, MD

Aloha!

August 02, 2004

Script This

Given all the security problems associated with ActiveX/javascript/etc., I have to wonder about a couple of things (insert disclaimer here). First, isn't there a fiduciary responsibility to disable these technologies? That is, if you are a trustee and responsible for information technology and you choose not to mitigate or eliminate these technologies can't you be held personally responsible for any financial losses the company suffers as a result of your action/inaction? I'm no lawyer but I have to wonder.

Secondly, whether there is a responsibility or not, why would you want to use javascript when there are alternatives that work in all browsers but don't open security holes? For example, I got an invitation from Dell recently asking me to participate in a survey to help them redesign their support web site. OK, I'm willing to spend a few minutes to help improve their support site since I use it once in awhile.

So I fill out the online survey and hit the submit button. But nothing happens. I click on the button several times before I notice the submit button was written using javascript code. Hmmm. Since javascript is a common way to inject viruses/Trojan horses/etc. on to your computer, I've long since disabled it. In fact, most of what Microsoft considers to be features turn out to be security holes so I don't use their outdated browser anymore (see this article from Brian Livingston here on why). As an aside, I decided to complain to Dell about the use of javascript but their comments page also uses a javascript submit button. Sigh.

But even if I didn't use a different browser, why use javascript to submit a form when you could use post or get? Neither post nor get opens the user to any security threats (AFAIK). Nada. None. Zip. What advantage to the user is there to using javascript submit button? Again, nada, none, zip.

So why use it when that is the only javascript on the page? All you are doing is keeping all users who are security conscious from using your site. Is this a good thing? Is there a competitive advantage to barring people from using your site? If so, what advantage is that? Wouldn't a site written to the widest standards have an advantage over those written specifically to Microsoft's standards?

Aloha!

July 30, 2004

Meeting Markup

Okay, things went much better yesterday than the days before. But before I proceed I want to emphasize that these are my personal opinions and do not reflect those of my employer. Further, I have not yet received any formal training in the system nor seen the system as a whole. And finally, I do not wish to cast dispersion on anyone connected with this project, whether within the Judiciary or the vendor chosen to create the system. Everyone involved seems to be committed to doing as good a job as possible and the vendor appears to have qualified people here to lead the project.

With that said, the system worked and I got to see how things are configured. I will try to use an analogy to describe what the system does (fully acknowledging again that I've seen just one very small part of it).

At the level of use I saw yesterday, the system is similar to a content management system like MovableType. By that I mean you take something like HTML and then add your own tags that work only with your system. In this case, you use WordPerfect or Word as your form editor to create the look and feel of the form. You then insert their (a company called ACS) tag variables where ever you want information from the central database to be displayed. You then publish the form by doing a merge that populates the form with the data drawn from the Oracle database.

There are something like 400 predefined variables. These variables come with the system and are the same whether you using it here or anywhere else the vendor has sold their software. It is possible to custom design variables but, of course, you are on you own when it comes to supporting any changes you've made (which sounds fair to me).

In order to save money, the Judiciary is trying, to the extent possible, to keep customization of the base software to a minimum. As fellow Daynoter Sjon Svenson correctly states in his email below, one of the major reasons for the failure of large projects like this (centralized or not) is feature creep. That is, the scope of work, as originally designed, changes so much, as new features are added or existing features are substantially modified, that the project collapses in confusion, cost over runs, and cross charges of featherbedding or incompetence.

In my opinion, to the extent that the Judiciary and the vendor can avoid this is the extent to which this multi-million dollar multi-year project will succeed.

July 29, 2004

Deja Vu All Over Again

Well, that was interesting. Yesterday afternoon I got to see how to create a form in the new information management system that is being written for the Judiciary. Unfortunately, it didn't go very well. Things started going down hill when the speaker tried to copy a form (in PDF format) to WordPerfect for editing. He chose "Select Table" from the Adobe Acrobat menu and then drew a box around the entire one page form. He then opened WordPerfect but when he tried to paste in the what he had highlighted he realized that he had not copied the data to the clipboard so there was nothing to paste in.

Okay, no problem, I've done that myself a time or two. So he highlighted everything again and copied it to the clipboard and then tried to paste it into WP. Unfortunately, nothing was displayed. We waited. And waited. But nothing. When something did finally copy over, it was the text from a previous copy. Sigh.

Okay, rather than trying to copy from PDF, lets start from the original WP file. So he copied the WP file (form diskette, yikes!) to a network drive and opened it for editing through the information management system. Once open, you insert database variables (pre-defined fields in the Oracle database being used). But after doing that, he couldn't do a merge between the template and the data to output the final form.

I think I overheard that the servers running the applications and/or the database had gone down. I don't know why. But servers crashing do not engender trust in this new system. Whatever happened, we were sent back to our offices.

I've used one other large scale, state-wide, centralized online system before. This was about 15 years ago. To this day, there are still severe bugs in the system that bring it down on a regular basis. The project went over budget. So many of the planned modules never got implemented (and apparently never will) thus making the system less helpful to the users. In addition, system performance is a joke during regular periods each month when many people are using the system (but not more than the system was supposedly designed to handle).

I seem to remember somewhere that the majority of the efforts to create large scale centralized information systems fail. And by fail, they mean completely and utterly unusable and you have to start over again. If this is true, there are many reasons why this occurs. Sometimes what is being computerized doesn't lend itself to automation. Sometimes the contractor chosen to write the application is not qualified to do so. Sometimes the software tools chosen to create the applications are inappropriate to the task. Sometimes not enough money is realistically budgeted for the task. Sometimes the infrastructure (network and servers) is not up to the task.

And sometimes, a centralized database is not the best way to go. Sometimes, its better to decentralize and distribute things while still being networked and being able to query the other databases/servers.

Oh well, today is the last of the three days (I hope) so we will see what what we will see.

Aloha!

July 28, 2004

Moving On

The folks over at MovableType are announcing what will be in the next version of their popular content management system (see the announcement here). Version 3.1 will include a choice between static versus dynamic page displays on a per page basis, post scheduling (allows you to create posts ahead of time then have them posted at whatever interval you want), and a bunch of award winning plug ins. No word yet on a release date.

Table This

Using CSS to replace tables in web page design is not new. Some have been doing it for years. For those who haven't taken the plunge yet, this site here gives an overview, based on converting how Microsoft's home page would look if it were done in CSS, and how much faster and lighter the page would be. That's not to say all is goodness in CSS land because different browsers interpret CSS differently. Sometimes the differences are minor and sometimes they aren't. Of course, you minimize the problems by using a modern browser such as Mozilla or Opera.

July 27, 2004

Mail Call

From: Jan Swijsen
Subject: share
Mon, 26 Jul 2004 10:30:15 +0200

One of the less known problems with [file/printer] sharing is that the sharing Windows PC becomes a server. So it starts broadcasting the availability of shared resources on to the network.

For a typical small peer-to-peer network that is not a big problem. For a big server based network letting lots of workstations become -peer-like broadcasting- servers can put a serious strain on the network.

-- Kind regards,
Sjon Svenson

Aloha!

July 23, 2004

Browsing Forward

TheGuys over at MSDN Channel9 have a bunch of video interviews with various people at Microsoft. One of the coolest interviews is this great video (note, the link works in Internet Explorer and Mozilla Firefox but not Opera. Also, you need the Windows Media Player or compatible to view it) of something Microsoft's Research is working on called the Media Browser. It's kind of a visual look at a database of photos or videos which allows different views, including 3D stacking of images.

It's difficult to describe what it does, which is why they did a video of it. So if you have about eight minutes and a broadband connection, click on the link above and watch what may be the next generation of explorer/finder in Windows Longhorn.

Share and Share Alike

One of the features of Windows is the ability to share printers (and folders). But you know, most people aren't aware of this functionality and only find out about it when they accidently print something to someone else's printer or vice versa. So I was not surprised this morning when someone asked me how was it that a document they did not print ended up coming out of their printer (as if by magic).

I guess it was a good opportunity to explain networks and, in the instance of sharing folders, security and how it's possible for people to read what you have on your computer. But I really wish MS would not install the printer and sharing protocols by default.

Have a Great Weekend, Everyone - Aloha!

July 21, 2004

Can You See Me Now?

Using a cross site scripting exploit, this site here was able to display text of their choice on sites such as the MasterCard, Barclays, and others. By using these sites, rather than their own, they can present to you, even under SSL conditions, whatever they want to and you would not know the site was under the control of someone else.

Needless to say, this opens a new avenue for phishing attacks that could occur even if you go directly to, for example, your banking site. Or Amazon. Or eBay. Or PayPal. You don't need to respond to emails. You don't need to click on links. All you have to do is visit your bank, etc. The attackers could conceivably create such a realistic presentation on your own site that you would not know you have been taken over.

Unfortunately, the site does not indicate how to prevent such attacks (Another site says to check all user provided input in forms. However, they give no examples for what to look for.).

Can You Believe Me Now?

This article here says WiFi chip makers are producing products that intentionally interfere with their competitors products. These so-called "Turbo" mode products promise speeds double the usual 54Mbs of 802.11a/g. But if a competitor's system is operating nearby, the interference caused by the systems will effectively slow or even block all transmissions (unless, of course, you switch to their brand of chip).

A pox on all their houses I say. I disconnected my Linksys access point and got a Microsoft one instead. Not only do I get higher throughput without "Turbo" mode, I also get greater range.

Do You Hear Me Now?

Every so often someone takes up the challenge of deciding which audio codec is the best. The latest is ExtremeTech and their review (see it here) of MP3, Ogg Vorbis, AAC, and WMA.

According to their results, which varies by bit-rate (they used 64, 128, and VBR set at 98 percent), the best is...now wait for it...dependent on several factors.

Those factors boil down to what hardware are you using. For example, if you are using a flash memory based product that has very little storage you may need to compress at 64K. On the other hand, if you are storing your music on a 5TB array you can encode pretty much at any rate you want (including no compression at all). On the other hand, should you choose the ubiquitous Apple iPod, you only have one choice, albeit a pretty good one based on the results.

The results in the table below are the geometric means of the ratings used. Each subject rated the sample from 1 through 5 with the higher number meaning better sounding. The numbers below are the overall aggrate of four different music samples:

Codec	64k	128k	VBR
MP3	1.44	4.06	3.82
WMA9	3.15	4.27	4.10
Ogg Vorbis	3.29	3.94	3.88
AAC	2.97	4.27	N/A

So, if you are forced to encode at 64k, use Ogg Vorbis (assuming your hardware supports it, which many do not, otherwise, use WMA). If you can encode at 128k, use WMA9 or AAC. It is difficult to recommend VBR since the resulting file size is about twice that of 128k while the scores, albeit subjective as they are, are lower than 128k. YMMV.

Programming Notes

For some time now, when I code these pages, I've been using the <acronym> tag to surround acronyms like NATO. If you point your mouse over the word NATO, you should see a text box with the words "North Atlantic Treaty Organization." This is helpful to people who are not familiar with a particular acronym. But I've also been using this tag to surround abbreviations. Now, as you English majors out there know, acronyms are words formed from the initial letters of other words (e.g. laser stands for light amplification by stimulated emission of radiation). On the other hand, an abbreviation also uses the first letters of other words but they, in English anyway, do not spell a word.

For example, VBR is the abbreviation of the words Variable Bit Rate. But if I use the tag for <abbr>, like this VBR, not all browsers will create (ahem, cough, Internet Explorer, cough) the text box. While modern browsers like Firefox and Opera do just fine, others do not. So, I am conflicted about what to do. If I use the correct tag, many of you (i.e., those using Microsoft's Internet Explorer) won't see the text box. But if I use the acronym tag, I am technically using the wrong markup. If this matters to any of you, one way or the other, feel free to email me using the link to the right. For now, I'll continue to use the acronym tag even if it is incorrect. Hopefully, most people will soon switch to a modern browser and at that point I can start using the correct tags.

By the way, enjoy the posting now as I will be very busy next week attending all day meetings. I think I will have enough time to put up some short posts, but that is as much as I will be able to do.

Aloha!

July 19, 2004

Wipe and Load

This article from Microsoft simply confirms what many of the Daynoters have know for a long time. When it comes time to switch from one version of Windows to another, it's best to "wipe and load." That is, it's best to format the hard drive first and then install Windows rather than doing an "upgrade."

The downside of doing this is you have to reinstall all your applications and data (which takes time and requires that you have copies of your applications and data). Of course, if you partition your drive (or use more than one drive) you can place Windows and your applications on one partition and your data on other. Thus, it's possible to reformat the Windows partition but keep your data.

In addition, for many programs, you have to have a version that has a full install as opposed to an upgrade version. Even though many so called upgrade versions actually are the same as the full install, the installation program will check of an earlier version. If it doesn't find said earlier version, it won't install.

Further, in the age of Microsoft's efforts to prohibit software stealing, you have to have the product codes to unlock the installations. No code means no installation.

Hence, make sure you have all the program disks and their codes (and your data) before you reformat the drive!

The upside is you get rid of what Microsoft calls "performance problems that occur due to normal performance degradation." Some of those problems are listed below:

Registry size and fragmentation.
Master File Table size and increase.
Page file fragmentation.
Discretionary applications.
No longer needed or outdated device drivers.
No longer needed networking protocols.

July 09, 2004

Just When You Thought It Was Safe

Mozilla has confirmed a security vulnerability in Mozilla/Firefox/Thunderbird (see the announcement here). You download either a patch or new versions (Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.7.2). It affects only the versions running on Windows (why am I not surprised) so if you are using a Mac or *NIX this does not apply.

While no one wants to see security problems in their software, it is heartening to see Mozilla owning up to the problem and fixing it in one day. Compare this to Microsoft's typical behavior of first attacking the person who discovered and reports the problem, then denies it's a problem, then admits it a problem but insists it is not widespread, then admits it is widespread but fixing the problem will take time because their browser is integrated into the operating system, to releasing a fix that doesn't (fix that is), to releasing a fix that works but also breaks an earlier fix, to a fix that works but doesn't break anything else. You decide which company you trust. The one that fixes its mistakes immediately or that "den of scum and villainy."

Have a Great Weekend Everyone - Aloha!

July 08, 2004

Mail Call

Subject: sve: whitebox
From: Jan Swijsen
Date: Thu, 8 Jul 2004 13:14:05 +0200

<quote>The first kink in the armor, however, may be the line of white-box laptops by Asus </quote>

Umm, I don't think they were first.

I bought my first notebook somewhere in 1996. A Mitac (AMD486/100) but there was no Mitac label (other than the serial-number sticker) on the box. There was no real manual either, just a stapled stack of leaves with the pictures each on a separate leave.

At the time Mitac produced lots of notebooks on order for relative[ly] small brands, lots of small desktop firms were branching out into notebooks. The notebook had a few cutouts in the plastic caseing where the companies could fix brand name labels to it.

The advantage was that I could easily and relative[ly] cheaply upgrade the standard memory (from the 1MB to 4MB) without using the single expansion slot (which took another 16MB later). I also upgraded the disk from a standard 120MB to a generous 800MB (now there is a 2GB disk installed).

I admit that those Mitacs were not directly available to the public, I got mine from a reseller (low price but no warranty).

-- Kind regards,
Sjon Svenson

Date: Thu, 08 Jul 2004 06:37:11 -1000
From: Dan Seto
To: Jan Swijsen

I guess what they are saying is you can buy the case without memory, hard drive, or CPU. This is not the same as being able to increase memory or switch the hard drive. Whether you save any money doing it this way I don't know, but at least you control what goes in - not the manufacturer.

Aloha!

July 07, 2004

Here, Here

While building your own white-box desktop PC has a long history, doing something similar for a laptop was a problem. Namely, the laptop manufacturers made sure you couldn't do it by keeping things proprietary to the extent possible.

The first kink in the armor, however, may be the line of white-box laptops by Asus. Legit Reviews has an article on their building a laptop based on this line (see the article here).

There Be Dragons Here

These guys here have created a PowerPC emulation that runs on either Linux or Windows. That's right, you too could be running Mac OS X 10.3.4 on you very own Linux or Windows machine. Of course, running may be too strong a word to describe software emulation that turns a 3.0GHz blazer into the equivalent 77MHz Tiger wannabe. But hey, as the guys say, it's still cool that it runs at all.

Getting There From Here

Speaking of FederalExcrement, this guy has written an application that uses RSS to let you keep track of your shipped packages. YMMV, use at your own risk, I have not tested this myself.

July 01, 2004

Point Panic

There have been a few updates to two of the more popular modern (i.e., non-I.E.) browsers out there. Firefox is at 0.9.1. While you're there, you may want to update the Thunderbird e-mail client which is at 0.7.1. Over at Opera, they've updated their browser to 7.51.

Mafia Mania

Speaking of modern browsers, now is the time to switch from Microsoft's Internet Explorer (IE) to something else. Why? Regardless of what you may think about Microsoft, the types of attacks being launched against IE now make it likely that your personal banking/credit card information will be stolen. If not today, then tomorrow, or next week. It's become a matter of when it will happen, not if it will happen. Prior to now, most attacks were from teenage boys trying to prove their manhood to their friends by owning as many other PCs as possible.

Bad as that may have been, now, Russian/Pakistani/Indian organized crime syndicates have begun to exploit security holes in IE to steal your banking and/or credit card information so they can steal your money and identity. If you've ever been a victim of such crimes you know that it takes years to clear the problems caused by these attacks.

So, there is no time to waste. Right now, go to Mozilla or Opera and download one of their browsers. Use them instead of IE and remember to be careful out there...

June 30, 2004

POPing Off

Why is there so much e-mail spam? The short answer is because there is money to be made. The bottom line is, first, because it's cheaper than sending snail mail. Second, because, according to this article here, 20 percent of the recipients actually buy through them.

The number seems much higher than numbers I've seen before but even if orders of magnitude wrong, it still answers the question of why so much spam. If you send out 100,000 e-mails, a number not out of line with figures I've seen before, and you get a one percent response rate, that's still 1,000 sales (Don Armstrong please double check my arithmetic). Making 1,000 sales on a cost of, probably, pennies per sale is one excellent way of making money. Hence, as long as it is profitable, people will continue to clog your e-mail box with stuff you may not want, but 20 percent of other people do.

As for me, I've modified how my e-mail is filtered. Recently, I've been using two layers of defense. The first is SpamAssasin that my host provider, pair.com uses. The second is what Mozilla Thunderbird has built in. But even with these two filters, much too much was getting through. So I re-installed a filter I've used in the past. It's called POPFile.

While I've only used the three together since yesterday, I'm already near 97 percent accuracy in identifying spam. However, I've found two POPFile bugs that weren't in the previous version I used. The latest version of POPFile (version 0.21.1) has a really nasty bug relating to the system tray icon. If you have it on, and you go to the "Buckets" tab of the POPFile user interface (UI), WindowsXP Pro will lockup so hard you will have to press the reset button. The temporary workaround is to disable the tray icon by using the UI (Configuration->Windows->Show POPFile icon in Windows system tray?->No). The second bug is not as big a deal. If you access the UI by going to the Windows Start menu -> All Programs -> POPFile and start the UI there, you may get an error message saying Windows cannot find 127.0.0.1:8080 (which is where the proxy runs). You can ignore the error as your browser will find the address just fine. The workaround for this is to access the UI directly by first starting your browser and then typing in the 127.0.0.1:8080 address yourself.

June 29, 2004

Blosxoming All Over

You may remember I was looking at different content management systems (CMS). One that I looked at is called Blosxom (pronounced like blossom, as in flower). Unfortunately, it did not meet my needs because it was very minimalist. That is, there were very few features that would make it worthwhile switching from MovableType. But as oftentimes happens on the Internet, I followed one link that led me to another and I ended up at Blojsom.

As you may be able to tell from the name, it is based on Blosxom but adds many of the features I was looking for: RSS/Atom, comments, trackback, web-based administration, etc.

I guess this CMS looked so good Apple decided to bundle it with the coming Mac OS X codename "Tiger". Congratulations to the Blojsom (and Blosxom) team.

WiFi-Gate

Speaking of not meeting the objectives. I've learned a few things about setting-up and using a wireless network. The first thing nobody tells you is if you are using 802.11b or 802.11g (by far, the two most popular and both operating in the 2.4 GHz band), you have a maximum of three channels to use (1, 6 or 11 in the US). These channels are not supposed interfere with each other so you should be able to get a good connection if any one of the three is available.

But if you live in an area with access points already using those channels, which I do (there are four, including my own), you will not be able to use your network at all or at the most, intermittently. I don't want to point fingers at anyone but this seems to fall on the lack of planning on the Institute of Electrical and Electronics Engineers (IEEE) who developed the standards.

Surely it was obvious that three channels would not be enough. Surely it was obvious that a way of working around this would be needed. Surely Hawaii is not the most connected places in the world so I'm not alone in having so many hotspots near me. Surely the press needs to report these problems because they are doing a great disservice to the growing number of people who buy this hardware, only to find it doesn't work.

Indeed, with the coming of non-compliant "turbo" modes that bind two channels to get more bandwidth, it's getting even harder to get an open channel to use. Further, it will only get worse as more and more people buy these systems (turbo or not).

The temporary solution is to move to 802.11a. Strangely, as the numbering systems works, 802.11a runs at a higher frequency, 5 GHz, and has 12 independent channels (rather than 802.11b or g which has only three) to work with. The problem is very few companies are producing 802.11a compliant hardware. And those that do aren't exactly spending a lot of money keeping their chipsets up-to-date (Atheros, one of the big players in chipsets, introduced their third-generation in May of 2003. To date, according to a search on the Atheros site, only Sony is using it in their access points).

So, in the short run, if you live where interference is keeping you from using your wireless LAN, switch to 802.11a. But unless something better comes along, even 802.11a will become crowded. At that point, I don't know what else can be done.

Aloha!

June 28, 2004

Perly Gates

Tim O'Reilly has a longish essay on The Open Source Paradigm Shift. O'Reilly says the Open Source shift (assuming here that there is one) is a reflection of three long-term trends (see the list below) and uses the trends as lenses to examine the shift:

Software as Commodity (Software itself is no longer the primary locus of value in the computer industry. The commoditization of software drives value to services enabled by that software. New business models are required.)
Network-Enabled Collaboration (Open source is the "natural language" of a networked community. Given enough developers and a network to connect them, open-source-style development behavior inevitably emerges.)
Customizability: Software-as-a-Service (Software as a process.)

He concludes: "But a historical view tells us that the commoditization of older technologies and the crystallization of value in new technologies is part of a process that advances the industry and creates more value for all. What is essential is to find a balance, in which we as an industry create more value than we capture as individual participants, enriching the commons that allows for further development by others."

Aloha!

June 25, 2004

Nota Bene

I'm here at work but I don't know if I'll make it through the day.

I had an interesting experience yesterday. It started with problems editing a PDF file and ended with hours of formatting a word processing document.

Many of you know that PDF files are not intended to be edited. That is, you create the original in another program such as a word processor and when done, and only when done, you convert the document into a PDF. Once in PDF form, you really don't want to be making substantial changes to the PDF. This is because, in essence, a PDF is a picture of a document just as a jpg file is a picture of something you photographed or created in a paint program. Hence, trying to edit a picture as if it were a word processing document is not going to get you very far.

Indeed, if you do need to make substantial changes, you go back to your original word processing document and make the changes there - then convert again to PDF.

A problem occurs when you have to make substantial changes but don't have the original word processing file but you do have the PDF file. If the PDF came from a word processing document and you saved the font into the PDF, you may be able to make substantial changes to the PDF. But if the PDF came from a scan of the hard copy, you're pretty much toast because all you can do is rescan the document and run it through your Optical Character Recognition (OCR) software.

This is where things get hairy. Said software is far from perfect even though it is getting better. You would think with systems available to recognize handwriting that software would be able to read printed documents. But you would be wrong because much of how we recognize written ideas is through the context.

For example, a numbered list gives order and is intended to be seen as a whole. To OCR software, the numbers are just characters and have no attachment to the words that follow. Hence, even if the OCR correctly reads the characters, your word processing software will not recognize the output as a numbered list. Hence, you spend much time formatting the document to create the context.

I don't know if anyone has done a study as to what point it becomes more efficient to type in a document versus trying to make corrections and format an OCR read document. But with the 33 page document (a memorandum of agreement) in question, all I can do is cut and paste parts of the OCR into a clean word processing document rather than waste time making corrections.

June 18, 2004

XP SP2 RC2

You IT professionals out there (you know who you are) probably already know this (because, you are like the mythical town of Lake Woebegon, Minnesota, where the women are strong, the men are good looking and all of the children above average intelligence(r)), but if you haven't started testing Microsoft's latest Service Pack 2 Release Candidate 2 (instructions for installation here or here), get it now. There are changes that will break applications. Many of these applications are network related and will fail because of the firewall that SP2 enables by default.

The Release Notes list some of the applications that will have to be updated or modified. Read the other information on the MS site to find others.

Also, be on the lookout for updates from your own PC manufacturers.

The bottom line, in a corporate environment anyway, is that SP2 may cause some problems. How many and what kind will depend on what you are running. Most of you should be okay, but not everyone will be so fortunate.

June 17, 2004

Apart of the Solution

The question comes up periodically as to why I switched to a content management system (CMS). I'll lay out some of the problems and how they are solved by a CMS (without evangelizing too much about which CMS I think is best) but I'll also highlight some of the costs that are involved in using one.

I chose a CMS (I presently use MovableType) because I was tired of having to update my templates the beginning of each week and felt that computers were meant to help make me more productive, not be forced to manually slave away at boring tasks.

For example, each week I would have to edit the main index page to update the dates for each day, the "last week" and "next week" links, the redirector page, and the calendar page that had links organized by month. This was a lot of detail work with attendant mistakes cropping up. Hence, much of my time was spent updating the templates instead of writing these insightful posts [g].

I understood, however, that switching to something to automate these tasks would come at a price.

Since I don't have the expertise or the time to write my own system, I would need to rely on someone else. By doing so, I give up control, to a certain extent, over how my site looks and operates. This is because most (all?) CMSs are based on a set of pre-written templates. While it is true that the templates can be modified, there are bits that should not be altered. Hence, to a great extent, websites using a CMS tend to look very similar, if not exactly alike.

But these templates, and the underlying PERL/Python scripts, are required to automate the very processes I didn't want to do by hand anymore.

Further, once going down this road, deciding to go back may be very difficult and time consuming. Some CMSs dynamically create the page as it is requested. But once served, it disappears into the ether. Lose the database where the posts are stored, or access to it as users of Dave Winer's service have found, and everything you have written is gone (even with the help of Google's cache or The WayBackMachine).

On the other hand, other CMSs (such as MT) use a static structure whereby pages are created and permanently archived (or as permanent as things can be on the Web) to the server. Nonetheless, if you want to switch to something else, you may still end up having to do much hand coding. In either case, you are essentially locked into the system you choose. Hence, you have to decide if the cost of having to switch, should you need or want to, is worth the benefits of any CMS.

In summary, using a CMS automates tasks that you would otherwise spend time doing. The downside is you loose a certain amount of control. In the end, only you can decide what the costs and benefits are of any system. Use whichever tool works best for you. But for now, I'm sticking with Ben and Mena Trott's MT.

Aloha!

June 16, 2004

The Inside Stuff

"I am learning," Yen Hui said.
"How?" the Master asked.
"I forgot the rules of Righteousness and the levels of Benevolence," he replied.
"Good, but could be better," the Master said.
A few days later, Yen Hui remarked, "I am making progress."
"How?" the Master asked.
"I forgot the Rituals and the Music," he answered.
"Better, but not perfect," the Master said.
Some time later, Yen Hui told the master, "Now I sit down and forgot everything."
The Master looked up, startled, "What do you mean, you forgot everything?" he quickly asked.
"I forgot my body and senses, and leave all appearance and information behind," answered Yen Hui. "In the middle of Nothing, I join the source of All Things."
The Master bowed. "You have transcended the limitations of time and knowledge. I am far behind you. You have found the Way!" [From a good tutorial on PERL debugging found here.]

With all the talk about how we have to do more with less, it is interesting that the Judiciary requested, and the Legislature approved a new position. They approved a "webmaster" for the Judiciary's intraweb site. Now, this is not a story about how politics works and how you almost never get what you want or need, but you do get what the politically connected want.

Rather, it's a story about being told to do something but not being given the access required to do it.
So sit right back and you'll hear a tale,
a tale of a fateful trip.
That started from this tropic port, aboard this tiny ship.

Part of our intraweb site runs on PERL. That is, the search engine and electronic voting booth runs via PERL scripts. I installed the scripts about two years ago and all was well.

Until our new webmaster came along, that is. Our new webmaster is good at creating fancy HTML. However, he doesn't seem to be as experienced in running and maintaining a web server. For example, he doesn't know what PERL/PYTHON is. He doesn't know about setting permissions. He doesn't know about a lot of things a webmaster needs to know to do his or her job.

So, all of sudden the scripts stopped running and I was told to fix them (perhaps not coincidentally after he deleted and re-created the directories the scripts are in). The problem is I no longer have read/write access to the PERL scripts. In fact, I can't even run PERL on the command line. These are BIG problems if I'm supposed to fix the scripts. I reckon these are also artifacts of his deleting the directories and then re-creating them that I talked about earlier.

Looking at the PERL error messages I'm now getting, I've narrowed it down to two possibilities: 1. The permissions are set wrong for the sub-directory and/or the files in the directory. 2. The path has changed and the PERL scripts need to be updated to point to the correct directory.

But since I can't copy, edit, read, write, fold or staple any of the scripts, I can't check to see if I'm correct. So, I emailed the webmaster asking for permissions to be set so I could do so (either through my login or by actually changing things on the files themselves).

Our webmaster replied saying the error message indicates PERL is running so he has nothing to do. It's up to me to fix things. [sound:fx sound of steam being released and someone slowly counting one...two...three...four...] Sigh. Don't get me wrong, he is a very nice guy and trying to do the best he can. But perhaps he needs some training in how to do the things he needs to do.

So, that's where we stand right now. Our webmaster thinks I can fix things without having to change permissions. So I'm going to clear my mind and forget this problem as life is too short to make a big deal out of this.

June 15, 2004

Sooner or Later

Microsoft may do a lot things right but getting software out the door on time is not one of them. So MS rightly takes a lot of heat when it delays releases multiple times. In the case of Windows updates, the delays can be measured in years.

But is the same standard applied to non-MS offerings? Not always. For example, Mozilla Firefox 0.9 has finally been released. If I remember correctly, it was due in March. Then it was delayed to April. Then May. So, on June 15, it finally went out the door.

But, it was supposed to be "feature complete." Only, it doesn't appear to be. For example, you can't do an upgrade update. You have to either uninstall your earlier installation and then install the new or install the new in a different directory. No, this is not hard to do but it confirms that 0.9 is not "feature complete." Or at least, in my opinion it's not if you consider in place upgrades a "feature".

So, while I am no MS evangelist, I think we need to remember that MS is not the only one to miss deadlines so maybe we should cut them some slack.

June 10, 2004

He's a Complicated Man

Sometimes it's nice to know that even Linux computer gurus have problems that drive them nuts. Not that I enjoy their pain, but at least it shows that not everything is as easy as reading the How-To.

For instance, Jamie Zawinski (see the comments back and forth here) is trying to install something called Catweasel. This is a disk controller that apparently can read PC, Amiga, Atari, Mac, Commodore, and Nintendo (Nintendo?) diskettes.

But I guess the site correctly warns you that, at least for the ISA version, "The drivers are not designed to be easy-to-use. Instead, they are tools "for-freaks-only"."

Now, I don't know which version he is using but with that kind of there be dragons here warning, you shouldn't be surprised if you can't get it to work out-of-the-box. Still, if you've had any experience actually getting one of these things to work in Linux, give him a hand because he's a good guy and could use the help.

June 09, 2004

Wash, Rinse, Repeat

For whatever reason, I've had all kinds of problems trying to use GnuPg and have ended up generating a new set of keys. So, as before, delete any public keys from me that you may have and use the one linked to on the right. Sorry for any problems this may cause. Thanks.

Rinse, Wash, Repeat

SWMBO is getting tired of using the Sony Vaio 600MHz Celeron desktop that she's been using for the last couple of years. So I'm putting together a white box PC using an Intel 2.8GHz P4 Prescott, Intel D865GBF-L motherboard, Seagate 120GB SATA hard drive, and 512MB of Kingston RAM. It will be some time until I get all the parts in but once built, it should should be adequate (for awhile) for what she needs to use it for.

June 08, 2004

Cable Box Independence Day

Well, not exactly. But you may be hearing more about CableCard (see one article here that explains things better than the CableLabs site) in the near future.

Starting July 1st, if you have a CableCard ready TV (which you probably don't, but will be able to purchase in the near future), you can pop in one of these cards and get rid of your set-top decoder box. This means you can use your TV's tuner, rather than a separate box, to watch analog, digital, or HDTV (assuming your TV can display them). Of course, you must be a subscriber of these services but you would no longer need the extra box to watch them via cable.

Note that the CableCard is unidirectional, meaning that such services as Video-on-Demand or various bi-directional TV guides would no longer work. Further, while CableCard ready DVRs will have a slot, it appears you would need to have two CableCards to use them to watch one scrambled channel on your CableCard enabled TV (or using features such as picture-in-picture) while recording another on the CableCard ready DVR.

In addition, I'm not sure where you would get the cards other than from your cable provider. Said provider would probably have a monthly rental charge for the cards. What that cost will be I don't know but when its available, you will need to determine whether it's worth your while to switch or just stay with what you have (which would continue to operate as before).

Aloha!

June 07, 2004

WiFizzeled

I've been using the Linksys WRT54GS wireless router/access point for a little over a month now and find that I can't get much use out it. I don't know why, but as more of my neighbors fire up their own access points (there are now at least two others within range of the Seto Shack), the Linksys signal strength goes down until the connection is lost.

At first, I thought I had configured things wrong but after trying everything I could think of or find on the Internet, I noticed that as the number of other access points went up, my signal strength went down. Note, some sites talk about RF interference from cordless phones or even microwave ovens. But I don't think that's the source of my problem.

Here's why. When no one else has their access point powered, I get what the Linksys software says is "good" to "excellent" signal strength. But when one neighbor goes online, signal strength immediately drops to "poor". When the second access point comes on, signal strength goes to zero and my connection is lost.

The big question is why is this happening. Some people said to change channels or to use specific channels like 1, 6, or 11. So I did, even though none of the access points were on the same channel. So, of course, changing that did nothing. Others have said to change various other settings but none made a difference.

There have been reports (here, and here) that, in fact, having more than one access point within range does cause interference. But they also say to change channels.

Surely, the 802.11 standards committee would have anticipated environments with more than one access point. Surely, they would not have created a standard that allows the presence of other access points to negatively affect the performance of others even when on different channels. This is such a basic problem that surely it would have been solved by now by using, for example, spread-spectrum technology, long in use in the cordless phone world. Right?

Perhaps. Maybe I should switch to another brand of access point? I've heard good things about the Microsoft offering but, of course, they've since stopped making them. What I need to know is if anyone lives in a similar environment to mine in which at least two other access points are nearby, all on different channels, and whereby they all get good access.

So, if you live in a such an environment and are getting good reception, let me know what brand of access point/laptop card you are using. Thanks.

Aloha!

June 03, 2004

Cowabunga, Dude

For you X Window manager fiends out there comes the latest update to Waimea (Hawaiian, noun, pronounced why-may-uh and meaning reddish-brown river in English, referring to the famous surfing spot on the island of O'ahu). Waimea uses the cairo graphics library to render a spiffy desktop. Unfortunately, there's not a whole lot there at the website but I guess if you know what a X Windows manager is you can figure out how to use it. YMMV.

Aloha!

June 01, 2004

Illogically Speaking

As Spock would say, sometimes, fixing a computer requires illogical solutions.

On Friday, our IT people were able to get me access to the Intraweb server again. They did it the old fashion way: by facing in the right direction and incanting the correct magic syllables.

Actually, they did what smart IT people do: they applied logic and began to eliminate possible sources of the problem. First, they attached a laptop to our network drop and determined that the problem was not specific to my PC. By doing this, they refrained from wasting hours trying various changes on my PC that probably would not have made a positive difference.

Once they determined the problem was not specific to my PC, they focused on the server's configuration. This is where the chanting came in because they couldn't find anything wrong. Yet every time anyone would try to login they would end up in the wrong directory. They tried deleting my login and creating a new one but no joy.

So, they copied everything in the directory I needed to get to and temporarily stored it in a new directory. They then deleted the old directory and re-created the directory again. After which they copied the files back in and all was well.

No one knows why that worked but it did and so far it still does.

May 28, 2004

Good News/Bad News

First, the good news. I posted recently about the change to new network cabling which is part of our switch from IBM Token-Ring to Ethernet. What we had was old CAT-3 wires that can't operate at the higher speeds found on Fast Ethernet so out they went.

Now that we have switched over (no pun intended), you can see the results below:

That's a shot from Broadband Reports indicating I got about 6.8Mbps down and 3.0 up. Whoooo and Hooooo. Before the switch over I was getting about 1.5Mbps up and down. Well done to our IT guys!

Now the bad news. Many (all?) of our Windows servers were setup to be accessed via the NetBEUI protocol. Said protocol was pretty snazzy in 1985 for use with Windows for Workgroups. But in 2004, Windows XP doesn't even support it. If you have XP and you need NetBEUI, you can find it on your install CD (see MS KB Article 301041 for installation instructions) so all is not lost.

Or, it is? NetBEUI is non-routable (except in a token-ring environment) and will not cross subnets. The Ethernet side of our network is, I think, segmented and on a different subnet. So, as far as I know, I can't get there from here using NetBEUI.

That doesn't mean I can't get there at all but it does mean it's not as user friendly. With NetBEUI I could browse the list of Windows servers (and there are a lot of them here) and mouse click on the one I needed. Now, I have to use the keyboard and type in the specific server and share I need in the form of \\server\share.

Now the worse news. Even if I do that, what happens seems to be randomly assigned. Sometimes I get a login, which is what should happen. Sometimes I don't get a login but do reach the server. Unfortunately, since I'm not logged in, I don't have the rights to see or do anything on the server. And finally, sometimes I don't have to login but I do have access to all the files.

Fortunately, I don't need to get to that server, which is our Intraweb site, often since I only need it when I update the site. But if things get busy again as far as adding things to the site I'll be in a heap of hurt ("But boss! It's not by fault! It's Netbeeeuuuuiiii!"[insert sound effect of footsteps echoing down a long, dark hall and a scraping sound that can only come from a body being dragged away]).

Oh well, I do have to congratulate our IT people for getting the Ethernet side going and thank all four IT people who came by yesterday morning to try to fix things re: server access.

May 26, 2004

Keyed In

I've updated my public key for mail at seto dotted organization. You should see a link on the right side of the screen at the bottom of the "Links" section. If you don't, you can download it here. If I should ever send an attachment, I will sign the email with my public key. Please delete all previous keys. Thanks.

Mail Call

From: Gary M. Berg
Subject: Pair systems, Thunderbird
Date: Tue, 25 May 2004 15:10:39 -0400

Dan,

The Pair systems email problem should be over; one minute it was working and the next it wasn't. I emailed the support folks and they said they ended up undoing some changes they had done on a back-end server (presumably the one that handles authentication for POP/IMAP/Webmail for domain mailboxes). They also lost the ACC for a while, but it was back too as of about 12:45 PM EDT.

As for Thunderbird, the best bet is to indeed copy the folder that contains everything (your "profile" folder). Then on the new machine you will create a new profile and then drop everything back inside of that. I think this will even preserve all of your account information.

I've played with using Thunderbird for POP3 and IMAP access to my Pair-hosted domain, and it works fairly well. I think that Outlook 2003 is a better email client, especially since it can easily be set to not display embedded links inside of "untrusted" email correspondents. Yes, I know about all the potential security issues in Outlook, but the 2003 version does a fairly good job of reducing those problems to a minimum. It's not fair to compare Outlook 2000 (a 4 year old product) to Thunderbird (which is under very active development) as far as security.

I've been using SpamAssassin on the Pair server to flag my mail as to what looks like spam. With a good whitelist on Pair, and a similar whitelist in Outlook 2003, I probably see about 99% accurate filtering of spam with very few messages making it through the double filter of SA on my host and Outlook 2003.

Aloha!

May 25, 2004

A Host of Errors

My web host (pair.com) is having problems with email so if you sent me something in the past 24 hours I won't be able to respond until they get around to figuring out what is wrong. If there is an emergency need to get a hold of me, feel free to try dkseto at hotmail dotted commercial.

In addition, the specific server my site is on has gone down a couple of times in the past weeks due to "heavy load." So if you can't get to my site, you'll know why. Sort of. And for this I pay over $300 USD a year. Sigh.

If I had my own static IP address and a provider that would allow me to host my own site I would do so. Of course, I would carefully re-read everything fellow Daynoter Brian Bilbrey has on his site and then contact Daynoter Phil Hough since he also hosts his own site...

Can't Get There From Here

I've been using either Mozilla email or Thunderbird for some time now but have found an area they are lacking. Namely, exporting. If, for example, I want to export all of my email so I can store it while reformatting my hard drive I'm left up the creek without the proverbial paddle. Neither Mozilla email client can export email. So what are you supposed to do? I don't know. Copy the folders?

Drop me a line if you know of a way of exporting then importing back in. By they way, after using both for awhile, I think Thunderbird runs better. YMMV. FWIW.

Aloha!

May 21, 2004

Trojan Wars

Sorry about the late post but as a precaution I disconnected from the network and reformatted the C: drive yesterday. I did this because someone on the network may have been compromised by a Trojan Horse program.

If this is true, and the only indication we have is from the anti-virus software (an old version of Inoculate) running on their PC, the entire network may be at risk.

I am now back online and am putting my faith in the firewall software (Sygate) and anti-virus software (Computer Associates Int. - eTrust EZ AV) that we are using.

Have a Great Weekend Everyone - Aloha!

May 18, 2004

Kiwi Kilobyte Kit

Leave it to those resourceful Kiwis to come up with a homegrown Wifi antenna using a Chinese wok stir-fry scoop. Check it out in pictures here.

May 17, 2004

MT Promises

Dive into Mark has a pretty good posting on MovableType 3.0. MT has never been OpenSource or free. But in Mark's opinion it was open and free enough for most people. But with the coming of version 3.0DE, MT has made a choice. If you want to use it, you have to pay. A lot.

Mark goes on to say, if I understand what he is saying, that commercial software like MT doesn't have a future and that only OpenSource efforts do. I have to disagree with this. If anything, the history of software indicates just the opposite. I mean, most programs OpenSource or not, aren't around very long. But I think people tend to do things that they get rewarded for and if a program is successful and the author gets money for it, he or she will probably continue development of the program. On the other hand, people working on OpenSource alternatives don't get money for their work. Sometimes that doesn't matter. But most times it does since most people aren't independently wealthy and need to earn some money to have a roof over their heads and food on the table. Hence, at best, they may spend some free time working on the program but they will spend the majority of their time on things that pay them money.

Note that I'm not making a value judgment here. It's simply the way things are.

But being that as it may, there are other content management systems. You have a choice. You can stay with MT and support its development or you can switch.

I'm in the process of testing MT 3.0 Developer's Edition. I've installed it but so far am disappointed. The comment registration system, designed to ban spam, works against various robots, but does nothing against armies of low paid people in India hired by spammers to send their drek far and wide.

As Mark notes, he's already received spam while running a beta of the new registration system. Hence, the main reason for going to MT 3.0 is probably void.

Even before MT 3.0 came out, I began taking a look at other solutions. Pair.com, the host to this site, supports two: Blosxom and Geeklog. Either would work, although, for my taste, Blosxom is too minimalist and Geeklog is too fussy.

But another program has gotten a lot of word-of-mouth and is called WordPress. I haven't had much time to work with it so I won't say anything about it yet but if you are looking for an alternative, you may want to check it out (although I'm a little concerned about the dynamic versus static-based page debate).

The bottom line is you have a choice. You don't have to use MT3.0DE. Hence, rather than demonizing Mena and Ben, who are just trying to make a living producing a product people want and are willing to pay for, find something else.

May 14, 2004

In Your Eye

As the old saying goes, beauty is in the eye of the beholder. And when it comes to user interfaces, beauty is not a word that usually comes up. Unfortunately for Opera Internet browser users, the interface of the latest version, in my eyes, is no beauty.

Opera 7.5 went gold yesterday. As usual, the ThunderingHerds(tm) were at the trough feeding so it took awhile before I could download the latest version. I was eventually able to get in and I'm underwhelmed. No, let me take that back. I think I'm astonished at this step backwards.

Opera has taken this point upgrade opportunity to change the user interface by moving many of the most used buttons to a panel on the left side of the screen. I don't know why they did this but the first thing I did was to change things back, as much as possible, to how I like it to look.

Also, be aware that the install goes into its own directory, leaving your present version in place. This surprised me as most programs install into directory being used by the current version. Doing it Opera's ways requires you to manual un-install the old version. Not very user friendly unless you are afraid that most people will want to keep the old version?

I don't know if you'll like the changes in 7.5 but feel free to take a look. As for me, I'm using Mozilla Firefox more and more so I guess it doesn't matter that much anymore.

May 13, 2004

MT 3.0

Movable Type has released MT 3.0, Developer Edition. This is a version of the long awaited update to one of the more popular, if not the most popular, "content management systems (CMS)" (can't we come up with a better description than this? -ed.). The ThunderingHerds(tm) are hitting their site so I can't give you much information other than there appears to be two versions: the Developer Edition which costs money, and a version that will be free (but not yet released). Within the Developer Edition, there appear to be two types of licenses: a commercial one costing $299.95 ($199.95 introductory price) to $699.95 ($599.95 introductory price) and a personal one costing $99.95 to $189.95 (introductory pricing $69.95 to $149.95).

I think I'll wait for the free version but even as we speak, I am evaluating other CMS options.

UPDATE: Fellow Daynoter Phil Hough sent the link to the free version:

MT 3.0 Here

Thanks Phil!

May 10, 2004

The Natural Choice

To lighten things up a bit, here's a story about a Swedish company that encases PC peripherals in wood, rather than usual beige or black plastic. You can choose from ash, mahogany, or beech and get your monitor, keyboard, and/or mouse covered in the stuff. Although cases are not yet in the lineup, they are working with a company to come up with some samples. [Hey John D., yet another idea for you!]

Aloha!

May 06, 2004

Securing WIFi

This article from MaximumPC is a how-to on securing your wirelessLAN. While I kind of agree that security and wireless LANs are oxymorons, you have to do what you can. So I've enabled WEP and MAC address filtering, but have not disabled SSID broadcasting.

As the article indicates:

Most access points, however, include an option to disable SSID broadcasting. It's generally a good setting to disable, but we have had some problems maintaining connectivity when using Windows built-in wireless configuration interface to connect to Wi-Fi LANs with SSID broadcasting disabled. And this problem is exacerbated if other people in your neighborhood have wireless LANs setup.

In my case, I'm not using Windows built-in wireless configuration interface but I'm still having intermittent problems with connections so I've left SSID enabled. I realize this makes things slightly less secure but what's a person to do? With SSID enabled I am always able to connect, with it disabled I get connected less than 50 percent of the time. Perhaps this is caused by other nearby wireless LANs, at least one of which my LAN can see.

But in any case, I've done all that I can do, including adding the wireless router downstream of the main LAN's router. Of course, there is one more thing I've done. I turn off the wireless router when I'm not using it. That gives me 100 percent security.[g]

Aloha!

May 04, 2004

Watching and Waiting

The Legislature is set to adjourn on Thursday so we are carefully monitoring the outcome of the Judicial Salary Commission recommended salary increases [link is to 1.4MB PDF report]. I am checking the status, on an hourly basis, of the concurrent resolution that would disapprove the recommendations.

Speaking of updates, Mozilla Thunderbird 0.6 is now available. The updated e-mail client is listed as having, among other things, improved junk mail handling [What? They strangle the spammers? - ed.]. The companion browser, Firefox, should also see an update soon so stay tuned.

Speaking of updated browsers, Opera 7.5, Beta 1 is out. I don't know how many betazoids there will be before going gold but it shouldn't be long now.

April 30, 2004

In Your Eye

You may have heard about security devices that do retinal scans to determine who you are. But have you heard of a laser-projection device that projects an image directly on to your retina? In this case, the image is the shop manual for Honda vehicle mechanics. The system leaves the mechanics hands free to work on the vehicle while they "see" the repair instructions seemingly floating in front of their face.

This Must Stop

The AviationNow site has a story on someone by the name Dan O'Dowd who is saying Linux and all OpenSource applications are security threats to the U.S. Department of Defense. O'Dowd is quoted in the article saying:

If Linux is compromised, our defenses could be disabled, spied on or commandeered," O'Dowd said at an April 8 panel during the NetCentric Operations 2004 conference sponsored by the Association of Enterprise Integration and held in McLean, Va. "Every day, new code is added to Linux in Russia, China and elsewhere throughout the world. Every day, that code is incorporated into our command, control, communications and weapons system. This must stop.

It may not be a coincidence that O'Dowd works for a company that sells a proprietary operating systems supposedly designed for defense systems. But that is not to say people don't have to audit changes made to OpenSource initiatives for security concerns but, in my opinion, it's a long way to saying all OpenSource is less secure than his or any other proprietary offering.

Inspired Inspiron

Yesterday was a Good_Day(tm) at the Seto Shack. The Dell Inspiron 1150 came in as well as the Linksys WRT54GS wireless 802.11g router. You better believe I was up late playing with these toys last night.

Even though the Inspiron 1150 is a "cheap" laptop, it looks like it will do just fine for what I need it for. Namely, running spreadsheets and doing memos/reports. As noted earlier, the trade-off for cheap is that the 1150 weighs so much my shoulder was sore from carrying it after walking only two blocks to the parking garage.

The Linksys was also fun to play with. I have to make sure I understand how to secure the wireless network but so far it's up and running and I can't tell any difference in web surfing speed between being wired and wireless. Web sites come up just as fast as when I have a CAT-5 cable plugged in as when I have the Linksys card plugged in the card slot.

Anyway, this will be a good weekend for me...

Have a Great Weekend Everyone - Aloha!

April 27, 2004

In Transit

Things have kind of slowed down here at the Seto Shack. But I have a couple of things on order that are "in transit" so I hope to be able to report on them when they come in. The first is a wireless network based on the Linksys WRT54GS 802.11g router with what they call "SpeedBooster" technology.

The second is something to work with the wireless network. Namely, a Dell Inspiron 1150 laptop computer. Up to now, I've avoided getting a laptop because the cost just didn't justify the benefits. I mean what one paid for a middle-of-the-road laptop would buy a desktop speedster that would run rings around any laptop. Well, the future is here and the cost of the cheapest laptops have finally fallen into the range where I've decided to get one.

The Inspiron 1150 is a cheap laptop. If you understand what that means, you know what the tradeoffs are. For example, there's the weight. This one starts at 7.2 lbs. (~3.3kg). This is by no means a lightweight. Lugging 7 pounds, plus A/C adapter and nylon case around an airport will not be fun.

Second, this is not a speed demon. The CPU is an Intel 2.4GHz Celeron. While having such a processor a few years ago would lead to envy, now a 2.4 Celeron won't get you into bed with a Baywatch Babe (or able to watch her pr0n video).

Third, the screen is a 14.1-inch display rather than one of those snazzy 17-inch wide-screen jobs that everyone seems to be falling over themselves trying to snag.

But the bottom line is I got one for about $750, which is about what a cheap desktop goes for. So now I will be able to take the laptop to meetings and run spreadsheets or write minutes, as things happen. When SWMBO goes to the neighbor islands she can take it with her.

And lastly, when not used at work, I can use it at home to surf the net from the comfort of the living room sofa while watching those bouncing babes on Baywatch [ducking and taking cover].

Aloha!

April 19, 2004

Now Hear This

I did my semi-annual reformat of my hard drive recently on my PC at home. As part of re-installing the latest versions of the programs I use I found that my CD-ripper, AudioGrabber has gone freeware! This was welcome news. While at their site I noticed the the FAQ said the fastest MP3 encoder was Xing's MP3encoder. Of course, it costs $19.95USD while many others are free but I do these things so you won't have to waste your money.

So I paid my money, downloaded the 1.8MB file, and ran the installation program. AudioGrabber uses the Xing encoder as an external program but has default parameters set for it so all you have to do is point AudioGrabber to where the encoder is installed and you're ready to rip.

I chose Diana Krall's rendition of "Let's Fall in Love" as a test file. This song is 4 minutes and 17 seconds long and creates a 43.8MB wav file when ripped in stereo at 128Kbits/sec. My test PC was a Dell OptiPlex GX260 with an Intel Pentium 4 running at 2.66GHz and 512MB of RAM. I ran three tests each for Xing, LameEnc 3.96, and Ogg Vorbis 1.0 and averaged the results in seconds and the resulting MP3 file size:

Xing 23 seconds 4,020kb
LAME 36 seconds 4,020kb
Ogg Vorbis 38 seconds 3,957kb

Clearly, Xing was indeed faster than the other two encoders and if you rip 60 minute long symphonic works perhaps the speed difference is worth it. But I will leave it up to you to decide whether the $19.95USD cost is equal to the 57 percent or 65 percent respective speed increase. YMMV.

Aloha!

April 14, 2004

Wiki Wiki

This link leads to a list of suggested rules for a corporate Blog or Wiki. The rules are common sense things that should be adhered to by all corporate bloggers. But what I found interesting was a reference to where the word "wiki" comes from. I always figured it was some Scandinavian word. But according to the article, it comes from the Hawaiian word for fast (actually, the word is wiki wiki).

This seems to be confirmed by what fellow Daynoter Bo Leuf says is the first wiki, the Portland Pattern Repository and developer Ward Cunningham.

Small world. There are other Hawaiian words that have crept into the vernacular. Three other examples are lanai (a porch or veranda), lei (a garland of flowers), and kahuna (a wise man or shaman). No doubt there are others so if you know of any, let me know and I'll start a list. Note all of the definitions are from the Oxford English Dictionary so I figure if it's there, it must be generally known.

March 30, 2004

Bots Be Gone

If you use Spybot Search and Destroy to remove tracking cookies, hijacking programs, or other detritus left by businesses trying to get your attention on the Internet, you may also want to use Spyware Blaster from Javacool Software. The Spyware Blaster site says the program:

Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restricts the actions of potentially dangerous sites in Internet Explorer.

Spyware Blaster works with Spybot Search and Destroy although it can apparently run as a stand alone program. How ever you run it, it blocks some stuff that Spybot Search and Destroy doesn't. It also protects you if you use Mozilla, something Spybot can't do. Check it out, it could keep you from descending into the hell of hijacked browsers.

March 26, 2004

Mail Call

From: Peter Thomas
To: Dan Seto
Subject: XDS
Date: Fri, 26 Mar 2004 01:16:47 -0500

Dan

I think you're being a bit hard on the XDS Modula system.

Having installed it, it has VERY much to me the look of an older, DOS based environment, and thus, it would not be happy with either a directory with spaces in it OR one that is longer than 8 characters....

Peter

Have a Great Weekend Everyone - Aloha!

March 25, 2004

Modded Up

My trial of Excelsior's Native XDS-x86 for Windows has come to an end (see Tuesday's post here). I found that even when I got the IDE to recognize a test module as something that could/should/had better be compiled/made/built, clicking on the menu choice to do so would result in an error message saying the program could not be found.

I can only guess this is an artifact of the install where even though it gives the impression that you can choose the directory to install the program, you REALLY should use the default of c:\xds. Installing ANYWHERE else will mean nothing works. This includes the uninstall due, I suppose, to hard coding the default directory.

I have a long standing rule that any program that can't install to anything other than the default will probably have other problems. Problems I don't need to deal with. So I manually deleted the directories and scoured the Registry for all instances of the program.

It's just a guess, but I wonder if this program wasn't written in another environment and they blindly ported to Windows without an extensive testing program (if there was any testing at all). In any case, should you decide to install this program, remember to use the default directory. YMMV/Don't blame me if it doesn't work.

March 24, 2004

Mail Call

From: Jon Barrett
To: Dan Seto
Subject: Installing into Root
Date: Tue, 23 Mar 2004 15:45:43 -0500

That changed, actually, with FAT32, when they allowed even the Root directory to be extensible. It's also not an issue with NTFS. It's not a terribly good idea from the standpoint of disk clutter, and an even worse one to not allow you the choice of installation points, but any system that's in danger of running out of root directory entries is probably going to run out of storage space first.

Jon

Jon Barrett
Kensington, MD

In addition to the information from Jon above, Microsoft FAT16 has a maximum of 512 root entries. For FAT32, entries are apparently limited only by the size of the drive/partition (or 32GB under FAT32 in Windows 2000 and 32 terabytes under NTFS).

So the moral of the story is if you are using FAT 16 under Windows 95 or Windows 98 you are limited to 512 entries in the root directory. Hence, it makes sense to keep the root directory below that number at all times or, if otherwise possible, switch to FAT32 or upgrade to NTFS.

By the way, for those of you out there who think no one would have that many files/directories in root it is obvious you have never been involved in PC support because I've seen it several times. I've seen users install programs directly into root and I've seen users saving their data files in root. And then, to top that off, when they needed more space, they simply deleted all of the files in root. The consequences of which are for another post.

Needless to say, there are probably millions of people out there still using Windows95 so this information is still relevant to a lot of people.

Thanks to Jon for reminding me of something I knew at the time but have since long forgotten.

Aloha!

March 23, 2004

Mod Hatter

Every once in awhile I seemingly loose my mind and decide I want to learn another computer programming language. This time around, just for laughs [kicking self in head], I chose Modula-2.

Excelsior is nice enough to offer something called Native XDS-x86 for Windows. It's advertised as a "complete development system that supports full cycle of software development for Microsoft(R) Windows(tm) platforms using Modula-2 and Oberon-2 programming languages."

Unfortunately, getting it installed has not worked out well. First, be aware you have to give them a working e-mail address to which they will send the download URL. I guess harvesting your e-mail address is considered the cost of giving you their software.

After downloading you run their install utility. Said utility defaults to installing in the root of your C: drive. I haven't seen a program try to install to root since Lotus Notes so I was surprised to see it here. Installing into the root directory is not a good thing because there is a limit to how many directories can be created there. In addition, it just clutters up the root directory. So I changed the location to C:\Program Files\Modula\. Everything appeared to install correctly but when I tried to execute the program via the Start Programs menu, Windows could not follow the link created by the install program. So I deleted the links and manually added them to the Start Programs menu.

Once over that hurdle I tried to write and compile a program. Actually, what I did was simply paste an example module that was part of an Internet tutorial into the Integrated Programming Environment (IPE) or Integrated Development Environment (IDE). But having done so, I found I could not run or compile the code as all of those types of options were grayed out.

So, to the help file I went. The first thing you apparently have to do is manually create a project directory. The help file says to issue a command line sequence that will run part of their program and create the required sub-directories after you've created a directory. Hmmmm. It sure would be nice if that was taken care of without having to drop into the command line to do it. Little did I know that apparently a lot of things would need to be run from the command line. But I digress.

So I create a directory for projects and then go to the command line and type in xcwork which creates the sub-directories. That appeared to work fine so I exited from the DOS box and tried to compile/run the code. Nope. Still grayed out. Sigh.

About then is when I ran out of time and patience. I'll get around to reading the help file some more to figure out just what I need to do to get this program to run in Windows (I know you can run the compiler from the command line but that defeats the purpose of having "a complete development system...for Microsoft Windows..." You may as well have a machine running DOS 5 or some such for all the help that this Windows IPE/IDE program gives.

March 16, 2004

Notes to Self

Remember to backup the Popfile spam filter before formatting the drive (although I may switch to using the one built-in to Mozilla's Thunderbird e-mail program). Also, remember to write down the iTunes login. And delete all default links in Opera before importing otherwise you will get duplicate folders and links (Opera should check for duplicates and delete them when importing).

Happy Easter!

Speaking of it being just a matter of time. I've posted before about how automobiles are becoming platforms for computers running various operating systems. So I shouldn't be surprised that the programmers for the BMW M3 sequential transmission would create an "Easter egg."

This article from Popular Science says if you press the right buttons in the right order the M3 will rev its engine to 5,000 RPM before launching you into hyperspace. Well, okay you aren't launched into hyperspace but you could end up in jail if you do this near a speed trap.

Oh, by the way, if you do this in the garage, please remember to be pointing outward with the garage door open. YMMV. Use at your own risk. The door is ajar.

However, as noted before, as we get closer to April 1st one must keep a certain detached attitude about the veracity of some of the reports above...

March 11, 2004

Strange Happenings

You know, sometimes when I read stuff on the Internet I have to wonder if it's just an elaborate hoax (the stuff, not necessarily the Internet - ed.). For example, ZDnet has a story that says a company is set to launch a service that would counter-attack anyone doing a DDos or hacker attack. Left unsaid is how the company would identify the source of the attack as many DDos attacks operate through so-called zombie machines hijacked earlier.

On the other hand, the story on the Internet about the 9th Circuit Court of Appeals striking down the new Iraqi constitution is a hoax.

March 10, 2004

Lightfast

Burn a label after burning a CD? With HP's new LightScribe system and DVDs/CDs you can burn music on one side and then flip the disk over and burn a silk screen-like image on the other. The drive is reported to cost about $10 more than other drives and the blank DVDs/CDs could add about 10 cents more per disk. See the story from PCWorld here.

March 08, 2004

IE7

Microsoft's latest browser? Nope, just some guys attempt to make IE 5.5 and above compliant with Cascading Style Sheets. I haven't tried this so your mileage may vary, but at least there are people out there trying to bring IE into the 20th century. Wait. We're in the 21st century? Well, never mind, feel free to use a 21st century browser like Firefox or Opera instead.

Today's the day that the Salary Commission votes on the recommended salaries for state judges for the next eight years. This will be a busy day for me so I gotta go.

Aloha!

March 03, 2004

Get Your Hot Bagels

ZDNet has an article up about variations of the Bagel Worm released this past weekend. While shipping items may be a problem, sending worms across the Internet to Hawai'i is not. I've gotten two infected emails in the last few minutes. Both had return addresses of fellow Daynoters so I assume a bot has come along and scanned the addresses and is using them as fictitious return addresses.

The new variations also insert the domain name of the receiver into the body of the message as a way of trying to make the email look more trustworthy. They also try to get around virus scanners by archiving the payload as an encrypted .zip file. The use of encryption is interesting because it keeps virus scanners from automatically opening and scanning the file.

Nonetheless, SpamAssassin correctly flagged the mail as containing the Bagel virus, although it failed to also flag it as spam!

In any case, never open an attachment. I repeat, never open an attachment.

Aloha!

March 01, 2004

Not My Cup of Tea

Dr. Pournelle is fond of saying everything on Macs are either easy or impossible. Well, you could say everything on *nix is either impossible or done on the command line. Okay, so I exaggerate. A little. Personally, I think if Apple can tame the wild Unix beast, why can't the same be done for Linux? Yes, the desktop on Linux is getting easier to use but fonts and printing are still problematic.

For example, this guy has a long, well documented posting on the problems of using CUPS to output through a printer attached to another networked PC - something trivial to do in Windows and supposedly Macs. He also includes my pet peeve, "Help Screens" and "how-tos" that provide no help (or worse, actually give information that is wrong). But I digress.

Before you send all kinds of emails about how there are thousands of man pages on how to set-up printers, which any b00b should be able to understand, I'm talking about using a desktop, not dropping into a command line interface. The day Linux can give you the functionality, via the desktop GUI, to do what you need to do without editing configuration file may be the day that Apple OS ports to Linux. <g>

Aloha!

February 25, 2004

Mail Call

From: Jon Barrett
Subject: Foveon sensor
Date: Tue, 24 Feb 2004 14:29:18 -0500

The Foveon X3 is the sensor used in the Sigma SD9 and SD10 DSLRs. You can compare it with other cameras here: http://www.imaging-resource.com/IMCOMP/COMPS01.HTM. One problem - since no one uses exactly the same algorithms for compression, and no one uses the same sensor sizes, finding two cameras with comparable images (same nominal pixels, same compression ratio, same image multiplier/display size) is a bear. Closest camera I was able to find in terms of file size was the Canon PowerShot G5, a 5 MP camera, while Sigma claims a 10.5+ MP equivalent because of their technology. At that, there should be a LOT more difference between the two of them. In terms of "native" linear image size (finding two pictures which looked about the same size on-screen when the "full image" was brought up), it looked closer to the Canon 1D, a 4 MP camera.

My visual take on it is it's like Olympus' claims that lenses for digital cameras have *unique* needs (beyond the (usually) smaller sensor area) that normal SLR lenses can't cope with. A wonderful marketing ploy, but is it any more? I don't think so - by the time you get into this price and pixel range, there are just too many things affecting the outcome, and the sensor's only one of them.

Jon
Kensington, MD

From: Lawrence See
Subject: Tri-color imaging
Date: Tue, 24 Feb 2004 11:39:53 -0800

Good day, Dan

Re the Foveon imager, I guess that you knew that "broadcast" video cameras have always been Tri-color but through the means of three sensors and a complex optical color splitting system (some current "prosumer" cameras offer this as well). Doing most of the heavy electronic processing on the sensor chip is pretty impressive, though.

Best regards,

Larry See

February 24, 2004

Digital Decoder

For those of you in the UK or the Netherlands who enjoy building electronic kits, here's one that's supposedly the digital equivalent of the famed Enigma coding machines used during World War II.

Aloha!

February 20, 2004

Flat Out Good

This very short article says flat panel monitor shipments will, for the first time, surpass those of CRTs this year. According to the post, abundant supplies of the LCD panels will drive prices down over the next few years.

I hope the prediction is true as I would like to replace my aging 17-inch monitor at home with a flat panel model. I've really gotten used to 17-inch panel I have at work from Dell. The colors are great, there is no smear and no defective pixels to be seen. The only thing I've been waiting for is the price to drop below $300 for a good one. Perhaps next year.

February 19, 2004

Lion's Dan

I see that Dan Bricklin has resigned from Interland and has returned to Software Garden. Bricklin is perhaps best known for his co-authorship of the seminal spreadsheet program VisiCalc.

Apparently, Mr. Bricklin is a hands-on kind of guy that would rather be creating something rather than managing it. So he left the relative security of a large company, where he was Chief Technology Officer, to become President of a software company with two products for programmers. Talk about leap of faith. But I have to admire the man for following a path that he finds mentally/spiritually rewarding, if not financially so. Best wishes to him in his new endeavor.

Patch I

OpenOffice 1.1.1 is scheduled for release on March 8th ( see the timeline here). This is a substantial ~~bug~~ "issues" fix and will probably be worth the download. Check their site around that time just in case things slip a bit.

Patch II

Speaking of substantial patches, StarOffice 7 has a 16MB patch that came out in December. If you are using StarOffice you may want to download the patch. To help you figure out if you need to, the ReadMe is here and the download itself starts here.

Aloha!

February 18, 2004

Flipping Out

What is 5.8" x 4" x 1" (148mm x 101mm x 26mm), weighs 1 lb. (450g), runs Windows XP Home or Pro, and has a 5.6-inch (14cm) screen? The FlipStart PC.

It's being pitched at people who need the portability of a handheld, but the ability to run all Windows applications without the weight of a laptop. No word yet on pricing or availability.

FlipStart PC photo.

February 13, 2004

Windows 2000 Goes OpenSource

Okay, maybe not. But I think the reaction from MS pretty clearly shows you how they think in the ~~Valley of Mordor~~ Redmond. MS is getting all hysterical about how people will take the code and write viruses or steal their deep, ultra-secret way of creating icons. On the other hand, the Linux kernel code has been available for years and I don't see anyone using it to write viruses. Instead, people use it to find bugs and then provide the code to fix them.

This clearly points out the differences between the two philosophies. While I'm not saying there should be only one way of doing things, nor am I saying there shouldn't be any trade secrets, I am saying releasing the code for Windows 2000 isn't going to end the world as we know it.

See the story here.

February 11, 2004

One a Week

Some people may be confused. Especially when it comes to Microsoft and security. As you may know, Microsoft recently changed how often it releases security patches to its products. Up to now, patches were released as they were ready. On average, this seemed about one a week.

Now, what they do is bunch the patches in one mega-patch and release that once a month. For example, there are four patches (three for PCs and one for Macs) in this month's submission.

So, what's the confusion? Well, it seems some people, seeing only one patch a month, appear to be saying that MS has finally learned how to secure their products. But I think this is at least very premature, and perhaps wrong. As far as I can see, there are about as many security patches are before (one a week), even though they only release them once a month.

In fact, there is a case to be made that by delaying the release of patches, as they are doing, MS is actually making cyberspace less secure then if they were to release patches as soon as they are ready since the vulnerabilities are left open, even though a patch is available.

In my opinion, this is all cosmetics. It's about appearing to be doing better when, in fact, you may not be. In any case, I think it's too early to say for sure, one way or the other. By the way, one of the patches is for something that some people are calling the most critical error that MS has ever had. You decide if MS is doing better. YMMV. Insert disclaimer her.

February 09, 2004

Fire Burning

Well, Mozilla released the update to their browser but have changed its name. Again. What was once Phoenix, then Firebird, is now Firefox. I hope they realize that Firefox is probably not available either but surely they know this? Maybe not. If not, maybe it's time for them to hire one of those fancy agencies that come up with product names for stuff by making up words like Altima, Acura, Accenture, or Pentium. Or go here and generate one for free. Like Optilogo, Rapidene, or Misc Deltaco...

In any case, the download page starts here. Be aware that the thundering herds are at the trough so downloading the 6MB install file may be slow until the dust settles. Of course, a 6MB file is just a bug patch to Microsoft's Internet Explorer browser so I guess I shouldn't complain...

You Choose

As this article says, if someone gave you $650USD would you (a) Buy food for three or four months, (b) pay the gas and electric bill for a year, (c) purchase a really nice digital camera, or (d) buy Adobe Photoshop?

For everyone who chose a, b, or c, go to the article and read about a few alternatives to Photoshop. For all those who chose (d), what are you doing here reading this blog?

Aloha!

February 05, 2004

Reading the Leaves

The tea leaves indicate that the Gecko-based browser Firebird 0.8 will make it out the door on Monday. Don't ask me why it's taking so long for the bird to rise since Mozilla 1.6 went gold several weeks ago. In any case, check it out on Monday.

Get A Life

Stories of Mac Fanatics are legion. So if you are ~~stupid~~ bold enough to take jab at them you should not be surprised when they live down to their reputation. This story from Wired gives the details of a perfect hoax: Take one brand new G5, gut it, and replace the internals with PC components. Then post it on Overclockers to rub the Mac Maniacs noses in it. Step back and watch the hilarity ensue. Only, that's not what the guy actually did but the damage, according to the Mac Mordors, was already done. How dare this guy deface a Mac?

February 04, 2004

Shall...We...Play...A...Game?

This story says a teenage hacker (Isn't it redundant to say 'teenage hacker'? - ed.) broke into the Fermi National Accelerator Lab in Illinois triggering a nuclear terrorism alert while the break in was traced to a U.K. youth. The youth used the computer to store downloaded films and music.

I can't believe that any computer exposed to the Internet would have critical security matters stored on it but who knows? As far as I know, if information needs to be secured, the system is not only not connected to the Internet, it's not connected to anything so no one from the outside can get in. In addition, the system is situated in a room surrounded by copper shielding so nothing can get out.

I'm currently working on writing the first draft of the Salary Commission report. This is complicated by the fact that they have not yet made a recommendation. Not wanting to let that hold them back, they gave me a week to write the first draft. So I gotta go.

Aloha!

February 03, 2004

Unrehearsed, unplanned, and completely unintentional...

There are a lot of good things about using MovableType but comment spam is not one of them. So I've tried doing the usual stuff like installing MT-Blacklist and the latest MT updates. But to no avail. I've even deleted the comment templates but somehow the span still gets posted.

One of the ways to try to combat this is to close comments after a period of time. Unfortunately, in MT you have to do this manually, post by post. For me, with over 300 posts, this is not an option. So I looked around to see it there was an easier way of doing that. Eventually, I settled on trying to issuing the following SQL command (although there is a add-in module that purports to do this for you it didn't work for me):

update mt_entry set entry_allow_comments = 2 where TO_DAYS(NOW()) - TO_DAYS(entry_created_on) >= 10;(That's one long line of commands.)

The intent was to close all comments older than 10 days. In order to to issue this command, I needed to login to the MySQL command line interface. At pair.com, the host for my site, the instructions to do this is as follows:

username@server% mysql -hdb14.pair.com -uusername -p username_dbname

Enter password: [enter password here]

Note the part about entering a password. That's very important as you will see (he says with great foreboding in the CNN voice...of...doom).

In order to open the database, pair.com wants you do use a password. This seems logical enough because without one, anyone can enter anything they want (like spam). But, since the database did not have a password [see update below], I needed to add one. Pair.com has a handy web interface for doing so. So I did.

The problem is, by setting a password, no one else can read or write to the database. No one. That means when MovableType tries to access the database it can't because it doesn't have permission to do so. Since MT can't write to the database, I can't either (at least not through MT, I could use MySQL directly but that kind of defeats the purpose of having MT in the first place).

All together now...SIGH.

So, this explains why you are reading this in a plain page like I used to use. I emailed pair.com yesterday with an urgent request for help. But as of this morning (afternoon in Pittsburgh where pair is located) I have received no response. So much for their speedy service.

I'm way too busy right now to spend any time on this so this will have to do for now. Sorry.

UPDATE. During my 45-minute lunch break, I was able to re-read the installation instructions for MT. There, I found that a password was in fact used for the database when I installed it. Being that it's been over a year since that occurred, I had no recollection of that nor what the password was (not that it matters since I changed it yesterday when I typed in a new one).

So, the question was how to update MT with the new password. Reading farther into the installation instructions I found the file to edit. You can find it for yourself if you need to but I'm not going to make it easier for l33t hax0rs to change it so I'm not going to mention it here. Suffice to say I set the rights so that only I can read/write to it.

Once that was set, all was well. Although I'm still a little wary about having that file with the password in it...Sigh.

Aloha!

January 30, 2004

Spam Dam

The battle against comment spammers seems to be never ending. The latest craze is to flood a MovableType based site with comments or trackback pings, similar in effect to a DDoS attack. MT responded with a change that attempts to throttle the number of comments received over a period of time. Ironically, installing MT-Blacklist, which is an attempt, albeit not the most robust, to stop comment spam, inactivates the throttling code. But I digress.

This site attempts to show how to get these two working together and offers links to other resources to help reduce, but not eliminate the problem. I guess this is the best that can be hoped for, short of turning off comments completely.

January 27, 2004

DRM Disentailment

Microsoft evangelist Robert Scoble has a post up of why you should buy anything else other than an Apple iPod(tm). You can read the article but, to me, it boils down to his saying, paraphrasing here, use our (i.e., Microsoft's) DRM rather than Apple's.

While I think he makes a good case about how you can find more MS compliant players out there, as compared to Apple, I say why use either of their proprietary, crippled software? Why lock yourself into a DRM jail that keeps you from using music you PAID for?

Why not use Ogg Vorbis or the almost universally accepted MP3? If you had music in these formats you could probably listen to them on even more players than either of the proprietary formats of Apple and MS combined.

However, as noted in an earlier post, you can convert from Apple's proprietary DRM format by burning an audio CD. This process creates CDA tracks which can then be ripped by your favorite software into whichever format you like and therefore playable on whatever you like. I don't know if you can do something similar with Microsoft's offering. If you you can, drop me a line using the email link over on the right column.

But the bottom line is, in my opinion, it is a false choice to say pick Microsoft's DRM over Apples' because you can find more players compliant with MS when you can find even more that are compliant with MP3. YMMV. Insert disclaimer here.

Aloha!

January 26, 2004

Can't We All Just Get Along?

I don't know what to make of Co-Linux, but if it's for real, you may have a use for "running Linux on Microsoft Windows natively." I caution that I have not tried this (and most likely won't) but again, if you have a need to run Linux this way, it may be a solution. YMMV. Insert disclaimer here.

I have a Judicial Salary Commission meeting today so I gotta go.

Aloha!

January 21, 2004

See SPOT

Microsoft announces Smart Personal Objects Technology (SPOT) based wrist watches.

Aloha!

January 20, 2004

New Sheets

I am hardly an HTML guru so it is easy for me to learn new stuff almost every day. One of the things I learned recently is that you can use CSS to, assuming a compliant browser, display a different mouse pointer. For example, hovering over any of the acronyms on this page should cause your mouse pointer to change to whatever you are using for "help".

Thanks to the diveintomark site for the code.

acronym, abbr { cursor: help; }

I know this is starting to sound like a broken record but I need to get going so I can work on Salary Commission stuff so I gotta go.

Aloha!

January 16, 2004

Phoenix Rising

As itemed earlier, Mozilla 1.6 has hit the wire. They haven't updated the change log yet so I don't know what new/improved/fixed features they have but it's probably worth a looksee.

As of this writing, they have not revised Firebird but I assume they will Real Soon Now(tm).

Imperial Entanglements

I don't think this story on Adobe inserting government code into Photoshop has been given the publicity it deserves.

First, I need to disclose that I don't use Adobe products (except for Acrobat which is required at work). I don't use them because of their corporate culture that views their customers as criminals.

So it is not out of character for them to add code from BigBrother(tm) to ensure that you vill obey der rules. Honest people, of course, are not worried about having a private company partner with TheGreatSatan(tm) to monitor what you are doing with the software you purchased. Honest people are not concerned that TheBlackHelicopters(tm) can insert other code into programs to ensure the safety of OurHomeland(tm).

It's only the bad guys who would get upset about having what amounts to spyware running on their computers monitoring what you do so that you won't do anything wrong.

Brian Livingston's Tool Tips

If you ever unintentionally delete photos from your digital camera, all is not lost. Some, if not all, digital camera systems use FAT. If so, fire up your handy un-eraser (Norton, Fix-It, etc.) and un-erase the images.
If you've ever needed to rename a bunch of files, say those digital photos you just un-erased, you've probably used the DOS utility REName. But did you know Windows XP(tm) also provides a way to do something similar? In Windows Explorer, multi-select the files you want to rename. Press F2. The new name you type will be applied to all the files, plus an incremental number at the end.

Windows XP adds (1), (2), (3) and so forth to the ends of the filenames you selected (preceding the dot and the extension). You can force Windows to start with a number of your choice by including it within parentheses in the name that you type. For example, if you enter Foo(10).txt, the additional files will be renamed Foo(11).txt, Foo(12).txt, and so on. Perhaps you'll want to use this to give your digital-camera photos meaningful titles, replacing filenames like DC0001.jpg with Lucy(10), Lucy(11), etc.

Have a Great Weekend Everyone - Aloha!

January 13, 2004

Win98/SE/ME

No sooner does Microsoft announce the end of support for, among other things, Windows 98/SE, that it turns around and extends it through 2006 (see the article here). Thanks, apparently, to customers complaints, MS reversed itself and will provide security updates after all. This is a Good Thing(tm) as the article indicates there may be as many as 58 million people still using Windows98.

YAB

While I'm sure MS would like you to think that Internet Explorer is the ultimate in browsing the web, there are competitors out there and Netcaptor is yet another one of them. This browser has tabs (allowing you to have multiple pages open at the same time and to easily switch between them), pop-up suppression, and URL blocking (perfect for blocking everything from *.doubleclick.com). Check out the site for its other features. Netcaptor comes in two version, one free and one you pay for. Note that the free version comes with ads and the pay version costs $29.95USD.

January 08, 2004

Think Thin

Sony X505 laptop computer The lucky folks over at DesignTechnia have a review up of what may be the thinest laptop in the world - the Sony X505. It weighs in at just under two pounds (~910g) and is made of either nickel carbon or carbon fiber (your choice). The mini-laptop measures 10.07 x 8.19 inches (~256 x 208mm), and slopes from .38in (~10mm) thick in the front to .86in (~22mm) in the back. Yes, you read that right, at its widest it's less than an inch thick. Wow.

As with any extreme design, there are tradeoffs. A trackpoint replaces the usual touchpad, and it doesn't have an integrated DVD/CD drive, wireless LAN, or memory card slot. You can get external dongles to remedy these potential problems so you aren't completely left in the lurch but it is less convenient to use because of it.

The price for the grey market import is about $3,500 for the nickel carbon and call it $4,000 for the carbon fiber. As with all grey market items, there is no manufacturer's US warranty or support. But if you must have the absolute thinnest laptop, this may be the one to have. YMMV.

Core Dump

I believe it was sharp shooter and fellow Daynoter Dave Markowitz who mentioned a secure FTP program called CoreFTP. If memory serves me, he mentioned it in relation to a problem he was having with another program called WS_FTP (now in release 8) being too fast for what he was doing.

While most people say you can never be too rich, too thin, or have an application run too fast, I guess there are times when this is so. In any case, CoreFTP recently updated their offering to version 1.3, fixing several problems and adding features, so you may want to check it out (especially as it is free and offers secure connections).

On the other hand, if you need a fast transfer program, you may want to check out WS_FTP instead. For you students or faculty members out there, Ipswitch makes a "lite" version that is free for personal use. If you qualify, you can download the free version here.

Update This

Speaking of updates, the Linux-based firewall software I use, CoyoteLinux, is now in version 2.05. You may want to check out the changes and see if you should install it. Note that they haven't uploaded the Windows-based installer version yet so, for now, you need a fully installed Linux distribution to create the floppy.

Speaking of Updates II

According to the roadmap, Firebird, the Gecko-based browser is almost set to rev to 0.8 (rev 1.6 if you need the Mozilla combination browser, email, HTML editor, IRC chat, and partridge in the proverbial pear tree). So, check its site every once in awhile as it should be out Real Soon Now.

Aloha!

January 06, 2004

The End is Near

Work calls so I gotta go. In the mean time, MS deadlines for supporting its products:

Internet Explorer 6 SP1 on Windows 98: 16-Jan-2004
Internet Explorer 6 SP1 on Windows 2000 SP2/SP3:30-Jun-2004/26-Jun-2004
Windows ME: Ended on 31-Dec-2003
Windows 2000 Professional: 31-Mar-2005

Aloha!

January 05, 2004

/Foo/Bar/

Foo Bar. We'll probably never know for sure where the terms foo and bar came from, even though almost everyone has seen it used. But believe it or not, there is an RFC that tries to do exactly that. From World War II slang to comic strips to Chinese figurines, the authors (Eastlake, Maros, and Raymond (as in Eric S.)) do their best to find the answer to the question: How much foo can a man chew if a foo man could chew foo?

December 31, 2003

Cooler Heads

It was called the 5GHz Project. It required liquid nitrogen. Find it at Tom's Hardware.

No rest for the wicked, I have much to do before the end of the day so I gotta go.

Aloha!

December 29, 2003

MovableType Atom Template Install How-To

As always, this information is provided as is, without any warranty of any kind (inset disclaimer here). You use this at your own risk. YMMV.

If you are using Movable 2.64 and recently upgraded to 2.65, you may know that there is a new template available. The template is for the Atom syndication format feed. Note that if you did a clean install of 2.65, you can probably skip this entire post as I assume everything is configured for you. But, if like me, you did an upgrade install and want to enable the Atom feed, you may want to read on.

In general, there are two things you need to do to enable the Atom feed. The first is to get the template from MT. The second is to edit your Main Index to include an "auto discovery" link to the feed.

The Atom Template

1. Go to the MT site and look for and click on the the link to the Atom Index.

2. Highlight and copy all of the text, making sure to scroll down to the bottom of the window.

3. If you aren't already, login to your MT installation.

4. Click on Manage Weblog.

5. Under Manage, click on TEMPLATES.

6. Find and click on the link to Create new index template.

7. Under Template Name type in Atom Index (I'm not sure what the full installation official name is so if anyone knows what it is, feel free to leave a comment below. Although, you could just as well use Atom 0.3 Index instead.).

8. Under Output File type in atom.xml

9. Leave "Rebuild this template automatically when rebuilding index templates" checked.

10. Leave "Link this template to a file" blank.

11. In the Template Body input box, paste all of the text you copied from the MT site default Atom index in Step 2.

12. Click on the SAVE button but do not rebuild the files yet.

13. If you aren't there already, click on TEMPLATES to get the listing of your default templates.

14. Check to make sure Atom Index is now listed as one of your templates with atom.xml shown as the Output File.

Main Index Template

15. Go back to the MT site, default templates page, Main Index by clicking on the link here.

16. Look for the following line: <link rel="alternate" type="application/atom+xml" title="Atom" href="&@60;$MTBlogURL$>atom.xml" />

17. Highlight and copy that line. Note where this line is in relation to the other lines of the template because you will need to insert it into your own Main Index template in the same place.

18. Go back to your MT page that lists your templates (logging in again if you need to - see Steps 3, 4, and 5 above).

19. Click on your Main Index template.

20. Find the location in your template where you need to paste the line you copied in Step 17. When you find it, copy the line in.

21. Click on the SAVE button and Rebuild your indexes.

Validation

Now that you have everything installed, you may want to check to make sure it validates. Now, I have no idea if there are other feed validators out there nor if this one is the best. All I can say is it is the one I used.

In any case, you need to type in the full URL to your atom.xml page. For example, www.foo.com/mt/atom.xml That last part where you include the atom.xml page is important if you want to validate your Atom feed. Otherwise, the validator will probably, by default, check for your regular RSS feed instead even though it's supposed to automatically find the atom.xml file based on the line you copied into your Main Index.

In my case, it came up with one error: line 20, column 23:url must be full URL (15 occurrences)[help]

Clicking on the help link took me to a page that said I needed to have the http:// part on my URL. In order to do this, I had to do the following:

22. Login into my MT site.

23. Click on EDIT YOUR PROFILE.

24. Find the Website URL (optional) input box.

25. Type in http:// to the already there www.seto.org

26. I rebuilt all pages, although I'm not sure I needed to.

27. Done.

I don't know if adding the Atom feed is helpful to people since, as far as I know, it's not something that is generally supported by many, if any, aggregator programs. Indeed, many people don't even know what this is all about in the first place ( here is a short tutorial on RSS that also lists where to get some of the better known aggregators). But if you do, and are using MT, then you could be the first on your block to be Atom 0.3 compliant.

Aloha!

December 17, 2003

Out! Out! You Demons of Stupidity!

President Bush signed the "anti-spam" bill yesterday. I have it in quotes because it actually makes legal what would be illegal under tougher state law. For example, I understand that California has a new law that requires opt-in rather than, under the federal law, opt-out.

Not waiting for BigGovernment to "solve" the problem, I've been testing two different spam filters (in addition to SpamAssasin that my host uses). The two are POPFile and K9. Both run on Windows, although POPFile is Perl-based so it could run on any platform that executes Perl. By the way, on Windows even if you don't have Perl installed the PopFile installer will install what is needed so it's fairly easy to get up and running.

After running a little over 1,000 emails through both filters I've found that POPFile is clearly more accurate. Right now, POPFile is at 97 percent. That's 30 errors out of about 1,000 emails. Two of those 30 were real emails that ended up in the spam bucket while the others where spam that made it into the inbox. On the other hand, K9 is at a relatively low 85 percent (i.e., 150 errors) and very slowly rising.

Unless you get so many emails that a Perl-based filter would be too slow, I would recommend PopFile. But whichever you choose, I think relying on only one spam filter is not the way to go. Rather, having a layered approach using different methods to filter the spam seems to be the best that we can do for now. At least, until enough spammers are thrown in jail.

YAB

Okay you browser junkies out there, MYIE2 is yet another browser but this one is based on the IE engine, rather than Gecko. At the same time, it tries to add features and fix the security vulnerabilities found in IE faster than Microsoft. If you need something IE compatible but has more features (tabbed browsing, mouse gestures, privacy protection, popup blocking, etc.) you may want to check them out. Or not, since it is still in beta and has its own set of bugs.

December 16, 2003

Do Not Adjust Your TV Set

K-Meleon - "The Browser You Control" is trying its best to not be yet another Gecko-based browser by being letting you customize the toolbar, context menu, and keyboard shortcuts. They also say that load times are the lowest for any Gecko browser. Other than that, I'm not sure what distinguishes this from its competition but feel free to check it out.

December 09, 2003

Bubbling Over

First it was your very own street light jammer. Now comes something that interferes with cell phone usage by jamming the frequencies it uses. I guess I'm behind the times, but I did not know there are such things as cell phone jammers. One model, the SH066PL2A/B, costs about $300USD and has a range of about 30 feet (~9m). There are others, including one that has a 100-ft (~30m) range. Now, before anyone calls their lawyer, I'm not advocating using one of these things because in the US they are apparently illegal. I'm just saying they exist. What you do with them are up to you. YMMV. Use at your own risk. Insert disclaimer here.

Flexing Old Muscles

One of the early professional grade single lens reflex cameras was the Leica line of cameras. If you were a photo-journalist in the 1950s you were probably using a Leica, or wishing you could afford one. Comes now the Leica Digilux 2 that moves the venerable name into the 21st century. As one might expect, given its heritage, there are no automatic controls. That means focusing, aperture, shutter speed, and focal length are all done manually. By forcing you to use your brain to make these decisions, you are potentially rewarded with images that few other cameras can make. Obviously, this level of control is not necessarily for the Sunday afternoon photographer. But if you know what you are doing, there are very few cameras, digital or otherwise, that offer you more control over what the final image will look like. Oh, if you have to ask how much it costs you can't afford it (nor can you get it until February of next year - ed).

Where Do You Want to be Towed Today?

I saw something on TV recently that said the computer systems in new cars were getting so complicated that they were crashing on a regular basis. No, I don't mean the cars were running into windows (pun intended). Rather, the systems would shut the car down due to bugs in the software. So I guess I shouldn't be surprised that the company that wanted to put a Windows PC in every home now wants to put one in every garage.

This story from Yahoo News says Microsoft operating systems are already running in 23 different car models. This includes the BMW 7 series, Daimler, Volvo, and Toyota. It's too easy to make a snide remark about having to reboot your car to get it to run but there you go.

December 04, 2003

Speaking of Determined

Web page userbility gurus have long talked about what is called the "Three Click Rule." That is, no information on a site should be more than three clicks away. This rule of thumb seems like common sense. I mean, in our hurried busy lives, it seems logical that people want instant gratification, not hunting through a confusing complex of web pages. So, if you have a choice between two sites where you want to purchase something and one of them allows you do that in three clicks and the other takes 25, it seem intuitive that you would shop at the first site.

However, a site called User Interface Engineering did a study on what people actually do and found that people don't leave a site in frustration after three clicks. In fact, the number of clicks don't seem to have any relation to when a person leaves.

Obviously, people go to sites for various reasons so intentions may play a part in this. In addition, expectations may also affect how you perceive the experience.

But in the final analysis, the study says the most important thing is that you are successful in doing what you came to the site to do, regardless of how many clicks it takes. Even if true, it still makes sense to keep in mind what your customers want to do and make it as easy as possible for them to do it because if you don't someone one else will.

Hardware Heaven

When you have the time, check out Wired's gear for geeks 2K3. There's everything from a 3-D display laptop to tube audio amps to over 70 gadgets to make the geek in you glad.

Aloha!

December 03, 2003

Speaking of IF, THEN

NetworkWorldFusion is reporting that if you are running a version of the Linux kernel prior to 2.4.23 you may want to check on a patch for a serious security exploit that could allow 3133t hax0rz 2 0wnz U. All distributions with kernels prior to 2.4.23 are affected. The exploit has already been used in the wild so the bad guys are already aware of it and are using it. So, get your patch and install it. Now.

Aloha!

December 02, 2003

Geek Golconda

Things are getting a lot busier and lot faster here at work than even I thought they would so I gotta go.

You know you are a Geek when:

Someone asks you what languages you know, and you reply Upper Slavic, French, Esperanto and C.
You can remember your web address faster than your phone number.
When someone mentions "The Other OS", you think they are talking about FreeBSD.
You start to get credit card applications for the LinuxCard ("Never start your server without it.").

Aloha!

December 01, 2003

Back in the Day

Thanks to everyone who wrote in about my poor attempt at using a old, old computer language called BASIC to inject a bit of humor and let people know where I was on Friday. Based on the comments, I think I succeeded on one and failed on the other <G> In either case, it was kind of fun trying to remember how to ~~mis~~-use BASIC but I apologize for the late replies.

In any case, you have to remember that in the mid-1970s, there weren't a whole lot of languages, interpreted or otherwise, available to run (maybe COBOL, assemblers, LISP, and FORTRAN). I think later came FORTH, Pascal/Modula, RPG, etc. but don't write a letters if I have the sequence wrong. The point is you couldn't run down to your local CompUSA or Frys and buy a copy. In fact, since the IBM PC didn't even come out until the early 80s, the usual way to learn a language was to have an account on a timesharing system on a mini or mainframe. During that time, I was in college and had access to a DEC PDP-11/45 in the Math Department and an Apple II (no hard drive) in the Psychology Dept.

I have to admit that I wrote some pretty awful code in AppleBasic but you have to remember, it was pretty advanced for its time. For example, I don't recall too many languages that used color graphics. And if you were careful, you could write structured code. On the other hand, I have to agree that if you've learned BASIC as your first language, you will probably always have problems learning others because they require a completely different mind set. In either case, I used AppleBasic to convert a paper-based psychological test (the Stroop Color-Word Interference Test) into a PC-based version for my senior project. The program was several thousand lines long and was as bug-free as any MS program <G>.

To show just how demented we Psych majors are, the test subjects sat in front of a TV monitor that displayed the test. The subject would respond by pressing the key of the first letter of the appropriate word displayed on the screen. But, at the same time, they were listening, on headphones, to one of four recordings. The first was a passage of a comedy bit by someone I have since forgotten his name. The second version was the same bit, but had the text jumbled up in random order. The third recording was a piece of classical music, and the fourth was silence. Unfortunately, there seemed to be an interference problem between the portable tape recorder I was using and the Apple II so when I ran the actual experiment, the PC locked up several times.

Anyway, I am amazed at how many different languages there are now. But with all its faults, BASIC probably solved more quick and dirty problems than any other language of the day.

Aloha!

November 26, 2003

Sun Setting

I talked earlier (see Monday) about a few small problems StarOffice 7 a had in importing an MS Word document. Today I'll take a look at how StarOffice does with a Corel WordPerfect 9 sample.

But first, let me say I like alternatives. Having a choice in office suites is, I think, a Good Thing. But if your office uses WordPerfect and you want to switch to Sun's StarOffice 7, you are in for a world of hurt.

As a test document, I used a fairly typical, for us, report. It is a little over 10-pages long (including two charts at the end), uses bulleted lists, and indented paragraphs to indicated extended quoted material. What you have could vary so you have to take what follows in the context of how you usually format your documents.

All of the problems I found are related to formatting. Rather than go through a long narrative, I'll just create a list:

Failed to display and print out the watermark.
Changed the font from Univers to Thorndale (a Times Roman clone).
Ignored tab settings, substituting its own on a seemingly random basis.
Failed to display all bullets.
Substituted some, but not all, bullets with Roman Numerals.
Inserted the following string in random places: 600160.0160.0160)0160)0160)0160)0160)060.0160.0160)
Converted the footnote type size from eight points to something that looked like two points (even though it said it was 8 pts).
Altered page breaks.

In addition, StarOffice opened the document in read only mode. This means I could look at the document, but could not edit it. I read the on-line help and found you have to click on the "Edit File" button to enable editing mode. This is very curious behavior for any program. One can only wonder why they have this mode and what advantage(s) they think it has. As for me, I consider it nonsensical.

In a marketplace dominated by Microsoft Office, alternatives are to be supported and praised. Unless, of course, the alternatives can't inter-operate with the documents you already have. In our case, many offices still use various versions of WordPerfect. But given the list of problems StarOffice 7 has in importing WordPerfect 9 documents, I can't recommend its use in such environments.

I wonder if Sun isn't missing a market segment that they could serve (WordPerfect users) rather than going after Microsoft? I think they could make a good return on investment going after the millions of users who still use WordPerfect (who everyone seems to have forgotten, or at least ignored) rather than being yet another clone of MS. As it is, Sun is also competing against OpenOffice which, at a price point of zero, is impossible to beat. YMMV.

http://wfp.Microsoft.com/dcp.htm

Hating Microsoft II

I tried to leave a comment on Microsoft employee Robert Scoble's site yesterday but his comment window did not display the full text of what I had written in [gasp] MS Word and copied into the comments section</irony>. So I am reproducing here what I meant to say there in relation to his request for comments on how to create a win-win situation re: MS.

You asked how to create a win-win situation. So here's a couple based on the asymmetrical relationship between Microsoft and its customers.

Let's start first with the warranty "EULA". You can use, for example, the one for Office XP found here.

Step 1: Create a quality product and then stand behind it with a warranty worth a damn.

When you buy your car it has a bumper-to-bumper warranty that last years. When you buy a TV you get a warranty that lasts at least a year, if not three. If something fails in either, and you are hurt because of it, you can collect damages against the manufacturer because they are responsible for the loss.

Contrast that with the paragraph numbered 9, where it says Microsoft is not responsible for any "incidental, consequential and certain other damages." To a small business owner, as I understand it, this means if the third quarter profits suddenly shifts and Office XP *doesn't* automatically pick up the changes because of a bug in the software, and thus the company goes into bankruptcy, that's just too damned bad because the full risk of using Microsoft software lies with you, the customer. Microsoft makes no warranty, implied or otherwise that the software will do what is promised (by TV advertising or otherwise) it does.

Try making a product that you are willing to stand behind with a warranty that puts Microsoft assets in jeopardy. If nothing else, this should focus people's minds on quality and create a basis for trust that does not exist now.

Step 2: Make everything transparent.

For example, most people who use Windows XP are willing to let Microsoft know certain information when a program crashes. This is based on the trust that whatever information is transmitted to Microsoft is directly related to the crash and will be used solely to fix bugs in Windows. And nothing else. I say it's based on trust because the customer has, as far as I know, no way of knowing what is being transmitted to Microsoft.

Ratchet up that a bunch and think about the Microsoft Windows Feedback Panel. This is optional software, downloaded from Microsoft, gathers even more information. Go to this URL to see what is being recorded:

Even if I trust Microsoft, why is it important for Microsoft to record the names and locations of all directories within the Program Files, My Documents, My Music, My Pictures, and My Videos? Further, why does Microsoft need to record a complete listing of all of my files in root?

And then, why is it critical to transmit all of this information in binary format without the customer being able to review and decide whether they want to transmit the information? There is no reciprocity here. Everything is asymmetrical. I am being asked to trust Microsoft without any way, as President Reagan said to "verify." Why not provide a way for the user to see what is being sent?

I have other examples posted on by weblog: http://www.seto.org/mt-diary/archives/2003_11_03.html#000246

Thank you for this opportunity to comment on this subject.

Aloha,

Dan

November 24, 2003

Sun Rising

Sun's StarOffice 7 Office Suite, the big brother to OpenOffice came out recently and I decided to pick up a copy (MSRP $79.95).

Any office suite that wants to take on Microsoft Office (as most do) has to be compatible with its file formats and StarOffice does a pretty good job. I have not run it through any kind of test suite, but it read our 120-page masters capstone project (created in Word 2000) and I found only three problems.

The first is the pagination changed. I'm not sure if I tried to set the default margins it would have kept the page breaks but in a document this large, having to go through it page by page to check the breaks is not a Good Thing.

The second is an embedded bullet list. The list shows a numbered list with bullets within the numbers. To be fair, I had a heck of a time formatting the list in MS Office so it shouldn't be a surprise that StarOffice also had problems.

The last problem is with the margins for some imported Excel spreadsheets. The print area was wider than the page and would required some reformatting to fit.

For the most part, I consider these problems as being minor but only you can decide how important they are.

As for me, I still need to test how well a WordPerfect document, which StarOffice, unlike OpenOffice, is supposed to be able to open and edit, works. But if you don't need WordPerfect compatibility, and don't want to send a lot of money to Redmond, you may want to check it out.

Man Bites Dog

In a stunning turnaround, the Houston Chronicle is reporting that PC maker Dell is returning some customer support jobs back to the US. Dell, trying to cut costs, was one of the first companies to rush support jobs to India. However, it soon became clear that its corporate accounts were not satisfied with this lower level of support and threatened to switch. Faced with this possible mass defection to its competition, Dell is now bringing back the jobs, but only for its corporate customers. You individuals out there are still out of luck.

On a personal note, if the experience of our secretary, who bought a Dell and had to call customer support to resolve some problems, is any indication you will need every bit of luck because Dells support sucks. She had to call Dell multiple times to resolve her problem. In an attempt to speak to the same person each time, rather than explain again what the problem was, she had to synchronize her calls with office hours in India. But even she could soon tell that the people she was speaking with had a limited script to work from and if the problem lay outside of that script, you were not going to get any help. YMMV. Use at your own risk.

November 21, 2003

Boot This

As many of you know, using the Windows NTFS file system has advantages and disadvantages. One characteristic that could be viewed as a disadvantage is the inability to boot from a DOS disk and have access to the NTFS volume(s) on your hard drive. Which, if you think about it, is logical. DOS does not support NTFS so if you boot from a DOS diskette you shouldn't expect to see any of your NTFS volumes.

As an alternative, you can boot from the install CD but it's setup to do either a repair or clean install. The repair install may be able to do what you want, but there is another way.

You can use something called Bart's PE Builder. It runs on Win2K, XP, and 2003 (what they heck is 2003? Are they talking about server editions? - Ed.) but not NT4 or, of course Win9x and ME. Among other things, the CD allows you to:

Access very large (>2TB) NTFS volumes or access volumes that are not seen by the BIOS, like some fiber channel disks.
Very reliable scanning and cleaning of viruses using a "clean boot".
Active Directory support.
Have remote control over other machines, using vnc or remote desktop.

In order to create the CD you will need your original Windows install CD and more than a passing understanding of Windows (which all of my 11 readers already have, right?). As always, use at your own risk and insert disclaimer here.

Speaking of Repairing Windows

This tip from Brian Livingston's Newsletter:

A friend of mine was downloading Service Pack 4 for Windows 2000 on his laptop when his system locked up and gave him the Blue Screen of Death. Microsoft acknowledged that this does happen sometimes, and the only solution was to reformat his hard drive and reinstall Win2K.

He came to me because he had a substantial amount of data on his system that he couldn't afford to lose. In essence, what I did was boot to a floppy and then re-size the existing NTFS partition with Partition Magic. Next I created a new FAT partition and installed a new copy of Win2K on this partition.

Once the Win2K installation was complete, I had this installation of Win2K recognize the NTFS partition and, presto, all of his data was accessible. I've left out a few steps, but to me this seems like it's pretty easy to get to this data.

PC Magazine Awards

It's that time of the year when the awards are being handed out. PC magazine has their Technical Excellence Awards and Best of Comdex Awards.

Some highlight are: Technical Excellence System Software - VMware ESX Server 2 and Virtual SMP and for Comdex "Best in Show" - Microsoft Small Business Server 2003.

Hawking Back

While I can't recommend the Hawking Tech FR24 Dual WAN router (see my earlier posts here, here, here, here, here, and here) I hear from some people about an reported problem with throughput. Apparently, some people are having problems with the FR24 locking up and these users feel the cause is an inability of the FR24 to handle the bandwidth of their speedy cable modems.

But, as far as I know, no one has a modem running at over 9Mbps! SmallNetBuilder did a review of the FR24 and found a transfer rate of 9.4Mbps. I figure that's fast enough for even the fastest cable modem service anywhere in the U.S.

Having said that, the FR24 still has a bunch of problems. Let's recap what I had. First, from what I understand, it will load balance your two connections only if the connections are from the same provider using the same DNS. If, like I did, you are using two different providers acting as a fail over, you are out of luck for load balancing. Second, even if you have two connections from the same provider, the balancing to the second connection will only occur if the request to the connection is coming from another computer on your network. Hence, your computer will not see any speed increase, but someone else on another computer will not be slowed down by your network activity. Finally, setting the FR24 to bring online the second connection only when the first goes down did eventually work but was not reliably so. No matter how I tried setting it up, the FR24 simply failed to consistently switch over, even if I unplugged the primary connection, the FR24 would sometimes fail to switch to the secondary.

To be fair, I understand that there have been a couple of firmware updates. Whether these fix the problems with lockups and automatic failover I can't say. Perhaps, some weekend when I have the time I'll hookup the FR24 and see if it works more reliably than it did before.

Have a Great Weekend Everyone - Aloha!

November 20, 2003

Cool Running

In what some are calling the wave of the future comes now the Mac G4 CubeQuarium. The water cooled G4 has yet to be run against the usual test suites but we are assured it should create a bit of a splash.

Seeing the Noise

Ron Pacheco has a tutorial on how to reduce noise found in some digital images. The process is not for every image nor everyone because you can spend a lot of time and get a very small bit of improvement. In addition, if you overdo the corrections you can end up with an image that looks worse than what you started with. But, like any tool, if used right it can make a difference.

I'm running late this morning so I gotta go.

Aloha!

November 19, 2003

Getting All (RSS) Aggregated

I've finally got around to installing an RSS feed aggregator. For no particular reason other than I found them first, I chose to install a .Net 1.1-based (i.e., executes like Vermont molasses in December) program called SharpReader and something called FeedDemon. There are a bunch of similar aggregators out there so feel free to choose whichever you find useful.

What it's about is getting short snippets or headlines of what someone has just posted (at least in the weblog world. It can be used in other contexts). So if you want to get a wider range of news, while at the same time not having to actually go to each site to check on what's new, the aggregator can make more productive use of your time. On the other hand, if you only hit a handful of sites each day, you probably don't need one.

But now that I've seen how one works, I think I will be changing the format of my posts. For awhile now, I've been just using the days of the week as a headline. Looking at this in an aggregator doesn't give you any useful information to decide whether to click on a link or not. So I will try to have headlines that encapsulate what the post is about so those of you who use feeds can make an informed decision (or at least as informed as you can get with headlines).

In addition, rather than including several subjects under one posting, I may break them up into separate posts so that each has its own headline. I originally was doing that but got tired of having to publish individual sections rather than just one. I'll have to see if it's worth the trouble to do so (especially as there aren't that many people using aggregators anyway).

Aloha!

November 18, 2003

Tuesday Tropism

Abandon All Hope. What if there were no effective technical solution to spam? There are those of us who still think the majority of the people do not mean to cause harm to the Internet. But then there are the spammers who once again prove the Tragedy of the Commons. That is, there is an individual economic incentive to destroy the thing that is providing for your very existence. At least, this is the argument that I think DiveIntoMark is trying to make when he says spammers will win the battle of comment spam on content management systems like MovableType.

It seems Jay Allen, of MT-Blacklist fame, is starting a global effort against comment spam. DiveIntoMark apparently feels it won't work. That, in fact, the spammers are faster and more agile than any individual trying to stop them. That they will turn and attack Mr. Allen. That since there is no way to "win" the war against spam Jay should, I guess, just roll over and play dead.

Maybe DiveIntoMark is right. There are many instances of where the tragedy occurs. We see it here in Hawai'i where the fish which were in such abundance are now completely gone. Where the rolling hills were once covered in green trees are now completely gone. Where the fresh waters once ran clean and clear are now either completely gone or so polluted it has to be infused with poisons like chlorine just to drink it. But that does not mean it has to be that way. The solution, if not technical in nature, can and perhaps should be, economic.

What that economic solution would look like I can't say. But as far as I'm concerned, I think Mr. Allen is at least trying to be part of the solution rather than part of the problem.

On the Other Hand. According to an article from CNN, the end of pop-up spam may be in sight. Now that Microsoft, who sells pop-up ads in its HotMail site, is saying they will include a pop-up filter to disable such ads in their Internet Explorer, it may decrease the utility of said ads. Of course, never believe that the advertisers will just sit back and do nothing. They will, I'm sure, try to program around filters by using javascript (another reason to disable javascript) or other means to fool the filters. But at least, we hope, the change to IE will make a major economic dent in their revenues.

Aloha!

November 04, 2003

Tuesday Tao-te-Ching

Picture This. Not only does the site dslreports.com have reports on broadband providers (well, duh) but they also have a cool section of photos taken by contributers (see it here). The images come in various resolutions up to 1600 X 1024. Check it out, if you have a broadband connection ;>

Walled Off. Like keeping warm in the winter, security on the Internet is about layering. For example, even if you have a perimeter firewall built into your router you still need something to block attacks coming through in the form of email or web-based attacks. To continue the analogy, you also need to have anti-virus software to stop attacks that have gotten past your first line of defense and an operating system that has all of the latest security patches installed. However, today's post will concentrate on PC-based software firewalls.

One of the more popular software-based firewalls is ZoneAlarm (see it here). It not only closes the doors to hackers from outside, but it also monitors outgoing connections to guard against Trojan horse programs phoning home.

But, for whatever reason, if you want to check out a couple of other solutions you might want to take a look at Agnitum Outpost (see it here) or Kerio Personal Firewall (see it here). Both have versions that are "free", although the free version of Outpost appears to be an older version with fewer features. I have not tried either of them but if ZoneAlarm is giving you problems and you want to take a look at some alternatives, these two would be a place to start.

For those wanting to know about other solutions, Agnitum also has a nice comparison chart here (needless to say, consider the source when viewing the chart) that shows the major players in this field. Pick one that works for you and use it.

Aloha!

November 03, 2003

Trust Me

How to Hate Microsoft. Microsoft (MS for short) employee Robert Scoble has his own blog (visit it here). He put up a question intended, I think, to provoke comment on how to make Longhorn (codename for the next version of Windows) better. The subject of the post is "How to Hate Microsoft."

But I think he asked the wrong question because if a broken trust exists, it doesn't matter what features Longhorn has, it will be a failure.

In any case, I think he succeeded in his intention to get comments. You can read the post here. The comments scroll down for pages. Some say Longhorn should be more like Unix/Linux while others say it should be the opposite. Some love MS and some hate it.

But the thread that seemed common to many of the comments is that people don't trust MS. Permit me to display how old I am when I relate this example. Many years ago, I drove a new 1978 Chevrolet Z-28 Camaro (see an example of what it looked like here). I thought it was a great car. It was low and mean looking, handled well, and could blow the doors off of cars costing three times its price ($6,000USD).

But did I trust Chevrolet? I don't know if I would say that. Although to a certain extent I did, otherwise I wouldn't have bought the car in the first place. But perhaps it wasn't so much I trusted, or didn't trust, them as much as I wanted the car and felt I could deal with any problems an untrust worthy manufacturer might throw my way.

Move forward 25 years and I'm now driving a Toyota. Do I trust Toyota? To the extent that it is possible to trust a non-human entity I would say yes, I do. I trust that its business model is based on designing and manufacturing vehicles that are high quality but reasonably priced. Why do I trust Toyota? Because they do what they say. That is, my experience indicates that the company in fact builds quality vehicles at a reasonable price. Our two Toyotas have been virtually trouble free. If something does goes wrong, under warranty, they fix it. Once, they even fixed something that was no longer under warranty because past experience had shown an abnormal amount of failures in the part. So they fixed it at no charge.

Conversely, look at MS. Do they always do as they say? Various state prosecutors and a couple of federal judges would say no and have the facts to back it up. Do they have a good warranty and stand behind it? Warranty? What's that? Isn't that what they used to call a disclaimer? That is, a document stating that there is no warranty whatsoever?

In addition, how can anyone trust them when they have made it clear they don't trust its customers? Let me tell you about one example from the site: MS now uses product activation to reduce copy right infringement (with digital rights management apparently to come). They even go so far as to write their security updates, which correct flaws in their product, such that if the copy you have is not "legal", the update will not install. Doing this creates an entire class of servers/PCs that are security risks to the rest of us. These computers are open to every worm, Trojan horse, hacker, etc. out there. Is this how corporations build trust?

Other examples: How many times has MS security updates broken fixes made by earlier updates? How many buffer overruns does there need to be before MS finally "gets it" and eliminates every_single_one_of them? How many badly implemented features will it take before MS understands that it is security first, last, and always? If they have product activation, why don't they have product deactivation so that I can legally transfer the product from an old PC, that I won't be using to a new one (without having to call MS to explain what I'm doing with a product I paid for).

Even worse, this lack of trust works both ways. I recently received an e-mail from MS asking if I wanted to provide additional information as to why XP seems to be locking up a lot. Okay, I reckon if I can give MS information that can make Windows more stable that is a Good Thing. But the way MS wanted to gather the information was via a downloadable program that would automatically collect the data MS wants, and it was A LOT even though MS insists it isn't (see it here), and would automatically send it in binary format.

To put it plainly, I would have no control over what was sent to them nor when it was sent. Being that the data was in binary format, even if I wanted to look at what was being transmitted I couldn't easily do that so if I were to proceed, I would have to trust that MS was doing what they said they were doing.

A few thoughts on what MS is saying. If, as it says, they aren't collecting much data, why send it as a binary? Why say they are sending the data back in binary format to keep the transmission as small as possible so the impact to your PC is lessened if it is so small to begin with? Why say it would be too complicated to write a program to show, in plain text, what was being transmitted when they wrote a program to convert it to binary in the first place? To be charitable, they seem to be speaking in contradictions.

I wish I could trust MS because it would make life so much easier. But, based on what they do, I can't. So we both loose. MS doesn't get what they want (data on why Windows is blowing up) and I don't get a reliable operating system.

So what's the bottom line on how do improve the Windows? First, build trust between MS and its customers by telling them what and why they are doing things. Do it. Then verify to everyone that what they did is exactly what they said they would do. Do that every time and people will slowly begin to trust you. Don't follow this advice, even just once, and you will break this trust. For a long, long time.

Aloha!

October 29, 2003

Wednesday Waldo

The Internet changes everything and nothing. One way it changes things is that it flattens the landscape. That is, why have middlemen in a world where conversations are now one-to-one? In an environment where I can speak to someone across the globe as easily as if I were talking to a neighbor across the backyard fence, why do I need a go between? If I am a singer, I no longer need a record company to produce stacks of wax. I can burn my own CDs or provide downloads and sell them directly to the customer. In one fell swoop you reduce your costs while increasing your profits by several orders of magnitude (i.e., instead of pennies per album, you are making dollars). In addition, you get instant feedback from your customers. What is selling? What isn't? Why (your customers will make the connection to you whether you want them to or not)? Further, the harder you work and the better you are, the more you make.

What it doesn't change is market dynamics. That is, if there is an unmet need, someone will fill the vacuum and become successful doing it. For the instant availability and downloading of music, Napster; KaZaA; and Gnutella have/had millions of people using their services.

For whatever reason, people want to be able to conveniently and immediately listen to their music in forms and in places that is convenient to them. Whether it is because they don't want to spend the money on buying a complete album when only one song that interests them or because they don't want to spend money on something they can get for free or because they are tired of being pandered to on radio stations that treat them like cows to be force fed through the nose. The business models that filled those needs succeeded. Until, that is, the middlemen fought back.

The response of the music industry middlemen to this market is to create barriers. Barriers in the form of "copy protection" (AKA Digital Rights Management or DRM for short) such as NetBurn Secure and/or MediaMax (I would include a link to their site but it is so obnoxious and clueless that I can't, in good conscience, do so). Barriers in the form of treating their potential and actual customers as thieves by prosecuting them and hoping to make examples that will instill fear, awe, and yes shock into all who may dare question their power.

Into this mix comes now Apple Computer and their iTunes service (see it here). The service provides 400,000 tunes available for immediate download at a cost of .99 cents each (plus tax). However, all of the music is protected by DRM. Nonetheless, there is a way to convert the files from the proprietary formats.

The instructions below are taken from Apple themselves so one must assume they consider this to be fair use:

If your computer has a CD-RW drive, you can make your own audio CDs containing the songs you add to a playlist. You can listen to the audio CDs you create in iTunes in most consumer CD players and on your computer.

iTunes converts the songs to standard audio files before writing them to the CD. You can fit about 74 minutes of music, or about 20 songs, on a 650 MB CD-R disc. Some discs allow 80 minutes (700 MB) of music.

1 Choose Edit > Preferences, then click the Burning tab at the top of the window.

2 Choose Audio CD as the Disc Format.

3 To have all the songs on the CD play at the same volume level, select the Sound Check checkbox.

4 Click OK.

5 Select the playlist you want to burn to the CD, then click the Burn Disc button.

You can only burn a CD from the songs in a playlist.

If the playlist contains more songs than will fit on the CD, iTunes will burn as many songs as will fit on one disc, then ask you to insert another disc to continue burning the remaining songs. (You can see the size of the selected playlist at the bottom of the iTunes window.)

6 Insert a blank CD-R disc and click Burn Disc again.

If you plan to play the CD on a consumer CD player, you need to use a blank CD-R disc. If you plan to only play the CD using your computer, you can also use a CD-RW disc.

It takes several minutes to burn an audio CD. You can cancel the burn by clicking the X next to the progress bar, but if you're burning to a CD-R disc you won't be able to use the CD after canceling.

If a playlist contains any songs purchased from the iTunes Music Store, you can only burn the same playlist 10 times. If the playlist includes Audible spoken word content with chapter markers, the chapters are burned as separate tracks.

For more information about external CD burners that work with iTunes, visit the Apple Support website at www.apple.com/support/itunes.

Note that to convert their protected files you must burn them to CD first. Further, you must follow the instructions above to do it. That is, you must create an "Audio CD" (files have the standard .cda extension) rather than trying to go directly from Apple's format to anything else. Once the audio CD is created, you must then read the files using a ripper (I use AudioGrabber, see it here. But you can use Windows Media Player 9, if you don't mind converting to Microsoft's own proprietary format. Otherwise, you can buy plug-ins for Media Player 9 that convert to MP3). The ripper program would then save the target file from the CD into the format of your choice; such as wav, Ogg Vorbis or MP3.

As a side light to the above post, I did a Google News search. While looking at the hits, I noticed something odd. Page after page of hits with the exact same headline: "Decision coming on technology to prevent internet piracy...". By page after page I mean four pages of the exact same thing. The URLs for most appear to be TV stations. Of the five sites I looked at, all had the same basic layout (three columns with a banner across the top). All had the buttons in the left column. All formatted the AP story exactly the same way. I don't know what to make of this but I don't think it is coincidental.

Whatever the case, the stations are:

WKYT, KY - Oct 24, 2003
WHAG-TV, MD - Oct 24, 2003
WHNS - Oct 24, 2003
WANE, IN - Oct 24, 2003
KRON4.com, CA - Oct 24, 2003
KPLC-TV, LA - Oct 24, 2003
KAIT, AR - Oct 24, 2003
WLUC-TV, MI - Oct 24, 2003
KFOR-TV, OK - Oct 24, 2003 
WHNT, AL - Oct 24, 2003
WBAY, WI - Oct 24, 2003
WLOX, MS - Oct 24, 2003
KWWL, IA - Oct 24, 2003
WSTM-TV, NY - Oct 24, 2003
WTVM, GA - Oct 24, 2003
WQAD, IL - Oct 24, 2003
KAMC, TX - Oct 24, 2003
WMC-TV, TN - Oct 24, 2003
WRIC TV, VA - Oct 24, 2003
WCAX, VT - Oct 24, 2003
KRNV, NV - Oct 24, 2003
WAVY-TV, VA - Oct 24, 2003
KSFY, SD - Oct 24, 2003
WALB-TV, GA - Oct 24, 2003
WSFA, AL - Oct 24, 2003
WAFF, AL - Oct 24, 2003
KESQ, CA - Oct 24, 2003
WTVO, IL - Oct 24, 2003
KPOM-TV, AR - Oct 24, 2003
KTVO, MO - Oct 24, 2003
KVIA, TX - Oct 24, 2003
KCAU, IA - Oct 24, 2003
WHBF, IL - Oct 24, 2003
WISH, IN - Oct 24, 2003
WHO-TV, IA - Oct 24, 2003
WOOD-TV, MI - Oct 24, 2003

Aloha!

October 27, 2003

Monday Moil

It was October 20, 1999 that this blog/journal began its life. I had been using the Internet (and bulletin boards before that) for several years and had come upon Dr. Jerry Pournelle's site through my readings of the former dead tree periodical Byte. Once I found his site, it wasn't long before I found the Daynotes Gang. I started conversing with a couple of them and appreciated their openness and willingness to help its members.

I soon began my own journal and was gratified to hear from Tom Syroid that I had been inducted into their august group! It is a bit ironic that Tom has since taken a sabbatical (along with several other members, of various lengths of time: Shawn Wallbridge, Chris Ward-Johnson, Matt Beland, Jim Crider, Steve Tucker, Greg Lincoln, Mat Lemings, JHR, and Jon Hassell. It's nice to see Al Hedstrom back on the run, as it were, with at least weekly postings (or is it weakly? [G] - Ed.))

As I've gotten to know them, through their journals and e-mails, I realized they are a group of terrific individuals. Yes, there have been spats that have caused long-term rifts, but the group continues on (even if I don't seem to get any of the Back Channel e-mails anymore).

As I trod into my fifth year of doing this, I wonder where I'll be in five years? Will I still be typing in this journal or will I have lost interest and regained the time it takes to write these things? I honestly don't know. What I do know it has been an honor to be associated with these gents and I would like to thank each and every one of them. I have learned much and hope, in my own small way, to have given back in at least equal measure.

But for now, it is into the breach once more...

InfoWorld's Bob Lewis has an insightful post (see it here) on one person's run-in with office politics. The specific situation is one in which an employee is layed off, but then magically returns when a "special" position is created for the person. This situation is fraught with all kinds of traps that can lead to your own ouster.

Lewis has some good advice - be professional and look past the obvious to the underlying motivations. Of course, this is easier said then done but the successful employee must be able to do this.

PBS columnist Robert X. Cringely talks about the differences between Microsoft and Open Source and why MS doesn't seem to understand what the strengths and weaknesses of each are:

At the core of Ballmer's remarks is a fundamental misunderstanding not only of Open Source, but of software development as an art rather than as a business. Cutting to the bone of his remarks, he is saying that Microsoft developers, since they are employees, are more skilled and dedicated than Open Source developers. They are better, Ballmer suggests, because Microsoft developers have their rears (presumably their jobs) on the line. All those lines and all those rears are part of a road map, he says, and because of that road map the $30 billion plus Microsoft gets each year isn't too much for us to pay, so the model works pretty well.

This is nonsense. It is nonsense because Steve Ballmer, like Bill Gates before him, confuses market success with technical merit. Microsoft's product roadmap is a manifestation of a business plan, and what matters in Redmond is the plan, not the map, which is in constant flux. How many technical initiatives has Microsoft announced with fanfare and industry partners, yet never delivered? Dozens. That is no roadmap.

See the full column here.

There be a Red Storm coming. Cray Inc. announced they will be sell a commercial version of their Red Storm supercomputer that it is building for Sandia National Labs (see the story here). As is the case with more and more supercomputers, this one will use massively parallel clusters of AMD's 64-bit Operterons.

Last Thursday and Friday I was indeed layed flat on my back. Just getting out of bed was an adventure in pain. But things got better by Saturday. Sunday found me doing work around the house. I am back at work today and hope my back holds up.

Aloha!

October 20, 2003

Monday Mosaic

For your CSS/HTML Geeks out there comes this list here of effects using the aforementioned stylings. One highlight is how to create shadow lines with CSS (see it here).

How's Your Eye-Hand Coordination? Here's a simple Flash demo that you can run when you have a spare moment. The goal is to throw the wadded up paper into the trash bin. The complicating factor is a fan blowing at varying angles and force. Note that the demo includes sound so you may want to mute that before going here.

Aloha!

October 16, 2003

Thursday Taikonaut

Firebird Rises. As noted in Tuesday's post, the Mozilla Firebird browser 0.7 was released to the masses (get it here). Note that they've instituted a reverse lookup to the domain you are coming from (for security purposes, wouldn't want just anyone using Firebird). For most people, this will not be a problem. However, it is a problem here because our ~~idiot~~ poor, overworked IT staff doesn't know how to setup domains/DNS correctly. So I ended up using PuTTY (get it here) to securely login into Pair (my web host), then used the text-based Lynx browser (get it here) to pull down the file. I then used WS_FTP LE (get it here) to get the file from Pair to my PC. A little complicated but there you go.

Wink, Wink. If you are in PC application support, you probably could use something that demos mouse movements or allows you to show screen shots with custom callouts or balloons. IF so, check out Wink (see it here). You can output to Flash SWF, EXE, PDP, or HTML. The best is it's freeware.

The Need for Speed II. So you think you have a fast Internet connection eh? Well, try transferring a CD with 60 minutes of music in one second. The Swiss CERN has a link to CalTech that runs at 5.44 gigabits per second. That's gigabits folks. Per second. See the story here.

Aloha!

October 14, 2003

Tuesday Tamagotchi

MovableType has finally commented on the record about spam in MT's comment section (see it here. The short of it is they are working on something but in the mean time they are recommending Jay Allen's MT-BlackList (see it here). Fellow Daynoter Phil Hough (see his site here) is also recommending the Black-List but has this link here. Both seem to go to the same place so use either one.

Phil reports the module is easy to install and seems to work quite nicely. Until MT themselves come up with something, perhaps this is the way to go. Before I can do that though, I'll need to reload the Perl scripts so it may be awhile before the comments go live again.

Mighty Mozilla. Be on the lookout for the 0.7 release of the Mozilla Firebird browser (see this page here). The site says it will be released "~ October 14, 2003" which happens to be today. This point release is way late (see the original Mozilla road map here which has "ideal" release date of 3 September. Of the three previous release dates, none have been so late as this one.) so one has to speculate whether the recent changeover from Netscape funding to a foundation threw a monkey wrench into the works.

In any case, the latest release should be out soon so keep checking the download page here if it's not there already.

Aloha!

October 13, 2003

Monday Mundanity

There a buzz going on about the 16-year old teenager from England that sings soul music like it hasn't been sung since the 1970's. Her name is Joss Stone (see her site here). If you are into the likes of Aretha Franklin, then you owe it to yourself to listen to this young woman. Then watch the video on her site and be prepared to be blown away by how such a soulful sound could come out of someone so young.

Be aware this is straight from the heart soul music. It is not over produced and is definitely not for everyone. But as I said, if you are into soul, check out Joss Stone.

Cracking Up. I was sealing the grout of our new bathroom tile when I noticed several small cracks in said grout. I'm going to have to call the contractor to have him take a look and see what can be done. Sigh.

Mail Call

From: Gary M. Berg
To: Dan Seto
Sent: Monday, October 13, 2003 2:10 AM
Subject: MT comment problems

I happened to get a pointer to this in a newsletter today Lockergnome, I think):

http://cheerleader.yoz.com/archives/000849.html

From: Dan Seto
To: Gary M. Berg
Subject: Re: MT comment problems
Date: Mon, 13 Oct 2003 06:44:36 -1000

Thanks Gary, there are several different ways of hacking MT to try to reduce spam. As is suggested on the site, MT itself needs to get into motion to implement and support their own solution as the quality of various hacks are, shall we say, uneven.

From: Al Hedstrom
To: Dan Seto
Sent: Friday, October 10, 2003 6:40 PM
Subject: MT Spam

Dan -

Check out http://www.jayallen.org/journey/2003/09/killing_comment_spam_dead. Maybe not a complete solution, but ...

From: Dan Seto
To: Al Hedstrom
Sent: Monday, October 13, 2003 9:37 AM
Subject: Re: MT Spam

Thanks Al. This looks better than some of the other solutions people have come up with but I'm not so sure a blacklist is the way to go. I'll re-read the site to be sure I understand what they are doing but I would really rather have MT themselves come up with something that they would support.

In either case, I still have my email address there so if anyone wants to email a comment they can do that.

From: Al Hedstrom
To: Dan Seto
Sent: Monday, October 13, 2003 7:05 AM
Subject: RE: MT Spam

Understood. And all I can offer is commiseration!

I see a lot of other MT blogs struggling with the same problem. The MT folks offer nothing - not even notes on research/tests?

Just curious.

From: Dan Seto
To: Al Hedstrom
Subject: Re: MT Spam
Date: Mon, 13 Oct 2003 07:09:37 -1000

Nothing official on their site (at least nothing I could find). There is a lot of message traffic in their forums but nothing that I found that suggests MT is working on a solution that will be incorporated into an update. On the other hand, I can't imagine that they aren't doing something.

Aloha!

October 10, 2003

Friday Forfend

Spamming MT. I got more spam in the "Comments" section (I use MovableType (MT), the content management system for my blog) yesterday. This, even though I had turned off comments so it should have been impossible to create anything new. So I made some other changes to try to keep the spammers away. Unfortunately, this means past comments will no longer be viewable.

I am very disappointed that MT has apparently done nothing so far to close these obvious security holes. Others, stepping in to try to solve the problem for MT, have added modules that blacklist IP addresses but as we know from trying that with e-mail, you are fighting a battle you can't win because the addresses will change as fast as you can block them. As Simon from American Idol would say; "Pathetic."

But what is really strange is I don't know why spammers are focusing on blogs because, so far, the comments are showing up in posts months old. Hence, no one would see them unless one were to go back that far and, in any case, I delete the spam within 24 hours. So, it is highly unlikely anyone would read any of their drek, even if they wanted to.

However, if the spammers leave any more comments I will stop using MT and go back to how I did things before as this is really making me angry. They have no right to post their commercial crap on MY site. I decide what is posted here, not them. This shall not stand.

Speaking of Spammers. Wired has a chilling story of how a Polish group of hackers is claiming to provide untraceable websites. Don't ask me how they are supposedly able to do this since, as far as I know, this shouldn't be possible. But apparently, if the story is correct, they have a way of screening their spam sites from the usual tools used to identify who is behind a site (e.g., traceroute and whois). See the story here.

Almost Home. The repairs to our bathroom is almost complete. The painter came and repainted the drywall of the ceiling below the shower that leaked. Then, the floor guy came to patch in some flooring where the old shower/tub used to be. The last thing to do, which has not been scheduled yet, is to patch the scratches the tile guy put in to the new tub when he was setting the tiles.

Have a Great Weekend Everyone - Aloha!

October 08, 2003

Wednesday Wiener Schnitzel

I'll be at home tomorrow. The plumbing contractor will be sending people to fix the vinyl flooring, paint the drywall, and patch the scratches put into our new tub by the tile guy. We hope these people are professionals but given the performance of the other sub-contractors I am not very hopeful it will turn out that way. Sigh.

In any event, it is unlikely I will be posting tomorrow unless something really, really big comes up.

Good Stuff for Geeks. If you are in PC support and want a small utility that tells you what the Microsoft error codes are, then this one is for you. It's called "Error Messages for Windows" (full marks for originality) by Gregory Braun and can be downloaded here. You can either type in a specific error code and get what each means or you can get a listing of all error codes and print them out.

Sun's StarOffice 7 Office Suite is set for release next week Tuesday (14 October). But you can get the evaluation version now from Sun here. StarOffice, as opposed to its little brother OpenOffice, is not free. The MSRP is $79.95USD. Only you can decide if the benefits are worth the cost so try the evaluation version to find out. Or not.

Over at ThinkGeek, they have the perfect thing for CubicleWars: the wireless color mini video cam mounted on one of the tracked rovers (see it here). Just the thing to scope out what's happening around the next bend.

If that doesn't get your geek meter pegged, then check out the Lian-Li PC case with a built in aquarium (see it here). I kid you not. An aquarium built into the aluminum PC case. The kit includes fish, air pump, cathode light, and mounting accessories. Water not included.

And finally, for the US Geek who just has to know what time it is comes the Casio Waveceptor wristwatch that receives its time signal from the atomic clock in Fort Collins, Colorado. You have to be within 2,000 miles of the atomic clock to get a signal but if you are, there aren't too many watches that will be more accurate than yours. At least, not at $39.95. See the watch here.

Aloha!

October 07, 2003

Tuesday Tishri

Reverse Engineering. Windows is rife with ways to install viruses but probably the easiest way is to trick the gullible into installing it themselves. For example, over the weekend, my inbox was filled with e-mails supposedly sent from Admin, Security Support, Network Security, Security Division, and Security Department. Of course, none of these we sent from any such organization. Of course, all of them had payloads packed waiting for me to click on them to unleash their viruses.

For your information, some of the subjects of these e-mails are: :Undelivered Message: User unknown, Bug Announcement, Current Net Update, Last Microsoft Security Patch, Latest Pack, New Upgrade, and new internet critical update.

I'm sure the regular readers (all 12 of you - Ed.) of this page are not fooled by these people but maybe you can spread the word and help the less fortunate help themselves by not falling for these e-mails.

Engage. Most 'net savvy folks realize by now that the guy who played Ensign Crusher on the TV show Star Trek: The Next Generation bears no resemblance to the character he played. I mean, he's an actor. Actors play parts that are not necessarily similar to themselves. So it should not come as a surprise that columnist Dan Gilmore has a nice write-up (see it here) on now author/actor Wil Wheaton (see the Wheaton site here).

InstallShield Bug. A bug that I had heretofore not seen cropped up yesterday. It seems there is a problem with the InstallShield program and MS Outlook/Outlook Express. When you install a program with InstallShield, the progress bar may proceed until it reaches 99% and then seem to hang.

Letting it sit there for a couple of minutes may have the install start up again but another work around is to shut down Outlook/Outlook Express (and any mail proxies you may be running). I don't know why this occurs, only that yesterday was the first time I've seen it.

In any case, keep this in the back of your mind if you should have problems with InstallShield.

And Finally. For those of you in California, it's election day. As always, get out there and vote early and often. If nothing else good comes out of this, it does hold politicians accountable and responsive to the people. So make yourself be heard.

Aloha!

October 03, 2003

Friday Folie de Grandeur

It's Friday and I'm going to be reformatting my hard drive to get rid of the last vestiges of the bug filled Novell Netware client. I suspect the slow down in speed I'm experiencing is related to the hard drive read cache either being disabled by the client or at least substantially curtailed by it.

In any case, if it wasn't for our bug filled, expensive, and bloated Lotus Notes, I wouldn't need to access the Netware servers at all. In fact, if the ~~sloths~~ hard working individuals who run the Domino server would just turn on POP3, and maybe the web interface, I wouldn't need the Netware client nor the Lotus Notes client because I could use OpenSource IP compliant web apps instead of proprietary crapware (Perhaps there is a connection between business monopolies and quality of output? - Ed.).

So I will be offline for the better part of the day as I reformat and reinstall what I need.

Have a Great Weekend Everyone - Aloha!

October 02, 2003

Thursday Thaumaturge

JavaScript is a tool that some programmers use to build web sites. However, as with most tools, they can be misused. I don't know the exact number, but there appear to be numerous JavaScript-based security exploits. Said exploits take advantage of "features" that may include the running of arbitrary code.

Hence, many security minded users simply turn JavaScript execution off as this is the only way to have a 100 percent barrier against this kind of exploit.

So, what is a JavaScript programmer to do? If you use JavaScript you are guaranteeing a certain percentage of your site visitors will not be able to use your site as you intended it. For a commercial site, this translates into lost business. As Martha would say, this is not a Good Thing.

One solution is to use the tools that XHTML and CSS have.

For example, this site here created accessible image tab rollovers without the crutch of JavaScript. Now, I am the first to say that using CSS opens up a whole new world of browser incompatibility. But what it doesn't do, as far as I know, is open your PC to l33t hax0rs to ownz U.

I am glad that people are making imaginative use of the tools to work around JavaScript. I wish more would do the same. If they did, the cyber world would be a safer and more accessible place.

Mail Call

To: Dan Seto
From: Sjon Svenson
Subject: Novell ...
Date: Thu, 02 Oct 2003 05:11:58 -0700 (PDT)
Novell ....
I think I now know what you mean. I took my PC (NT4) to a client that runs a Novell network. Of course I couldn't connect so we called a support guy from the client. He started installing a netware client. For some reason that didn't turn out right. Yep, by noon I was back in the main office with a PC where no one could log on to anymore.

ps. I'm not on my own box now so I don't have your eMail address (I don't even have a mail-client installed). And I don't know it by heart. But hey, you have a 'contact me' on your page so I pulled your address from the HTML source. Yep, simple and easy ... I did crack it without using tables or looking up codes though ^__^

Kind regards,
Svenson.

From: Dan Seto
To: Sjon Svenson
Subject: Re: Novell ...
Date: Thu, 2 Oct 2003 06:29:02 -1000

I think the problem with Novell goes back years to the DOS wars when they tried to compete against MS DOS by pushing, I think DR DOS. As I recall, MS did not take kindly to that and thereafter refused to help Novell with the code needed to access MS networks.

Unless I'm wrong, it was about then that MS started writing their own client. As it turned out, MS did a better job of reverse engineering the Novell client than Novell did of reverse engineering Windows...

Glad you were able to decipher the encoded mailto. It usually works just fine when you have a default mail client installed and click on the link. Otherwise, as you probably saw, if you hover your mouse cursor over the link, it's almost readable (it's encoded to try to slow down the spammers).

Aloha!

October 01, 2003

Wednesday Weltschmerz

Segway Lite. This guy here decided he wanted a Segway but didn't want to spend $5,000USD to get one. So he built his own.

Ctl-Alt-Del. This guy here was the guy who gave the world the three fingered salute. The article is short but gives some general background into the man who came up with the common key combination that everyone now uses.

Novell 32 - Dan 0. My problems with the Novell client continue. As a review, we have servers running network operating systems (NOS) from Microsoft, Novell, IBM, DEC, and Wang (Last time I looked, there were about 50 servers, including IBM mainframes.).

Each NOS has its good and bad points. But each requires the loading of client software to login and interact with the server. Some of these clients are fast and easy to use. Some aren't.

Up until one of our servers was converted to Netware 6.x (the latest version), I used the Microsoft Client Services for Netware (CSNW) that comes with Windows 2000/XP to access our Novell Netware servers. The MS client is fast, bug free, and works great with Netware 4.x and 5.x.

Compare this with the official Novell client that is full of hundreds of bugs and causes all manner of problems with my copy of WindowsXP. For example, boot time is increased by a factor of at least three. Accessing Netware servers went from almost instantaneous to 20 seconds. Running applications, especially MS Office (what a coincidence - Ed.) on a Netware server is a great excuse to go get a cuppa while you wait for the hour glass to clear.

Once the Novell client is installed, uninstalling does not clear the problems. The only thing to do is to reformat the drive and install everything, except the Novell client.

But in my case, if I don't use the Novell client when connecting to a Netware version 6.x server, the MS CSNW does strange things. While you do get logged in, drive mapping does not seem to occur. Yet, if you manually map a drive to a volume, the other drives magically appear. I don't know why this is happening but I guess I'll be reformatting my drive and starting over.

All I can say is Novell makes a terrific network operating system. But their client software ~~blows chunks~~ leaves much to be desired. Sigh.

Aloha!

September 24, 2003

Wednesday WYSIWYG

Filtering spam probably will never be 100 percent effective. Why? Because it is possible to create an e-mail that does not use any of the standard spam techniques but still get its message across.

For example, I got one last week that scored 0.0 in SpamAssasin. That is, as far as SpamAssasin could determine, there was nothing to indicate it was spam.

Even the text seemed to say that the sender had found a broken link to their site on one of my pages and would I like trade links with them by just clicking on the handy HTML link at the top of the e-mail?

Of course, I had no such link to their site and clicking on their handy button would just confirm that they had reached a live e-mail account that they could then sell to other spammers.

So, what to do? I don't know. All I can say is the most effective deterrent would be one based on economics. That is, one that makes it cost more to send spam than the income they get back from it.

When someone figures how to efficiently do that, they will be crowned king of the world.

Opera 7.2 is Gold. The latest version of the Opera browser went out the door recently (get it here). While I seem to be using Mozilla Firebird as my browser of choice right now, Opera still has it uses. For example, when I think I need a hardened, bullet-proof browser to wade into enemy territory, it's Opera I turn to lock and load (mixing metaphors). Yes, Firebird may be faster, but how secure is something that hasn't even reached the 1.0 release yet? Especially one that specifically states it should not be used for mission critical tasks!

So when the going gets tough, get Opera.

To the Moon. Speaking of going places, the European Space Agency is set to launch their first probe to the moon. The SMART-1 (Small Missions for Advanced Research in Technology) propulsion system includes a main ion-drive engine powered from a solar cell array. See the story here.

One Correction from yesterday's post on the Apple array. I did not realize that Virginia Tech was looking only at 64-bit processors (Thanks to Ken Scott for the information). As such, the cost of the G5 is probably (although I have not checked this) lower than the alternatives they looked at.

Of course, as Sjon pointed out to me, they could have also looked at AMD. In addition, as I understand it, the point of a massively parallel array is to use the power of as many nodes as possible. Regardless of whether they are 64 or 32-bits.

For example the Maui High Performance Center Linux SuperCluster uses 260 nodes with a pair of Pentium IIIs per node. At the time of its power-up, this cluster was the worlds most powerful array there was and, for all I know, still is.

It seems to me that if you spent less money on getting 64-bit processors and instead got a bunch more of cheaper 32-bit ones you would reach a point of higher total power. On the other hand, what do I know? I could be wrong and Apple will reign supreme in the 64-bit super computer world. Not.

Aloha!

September 23, 2003

ICAAN Can't

The Internet Corporation for Assigned Names and Numbers, asked VeriSign to "voluntarily suspend the service and participate in the various review processes now underway." The "service" in question is the redirection of requests to domains that do not exist to VeriSign's own servers.

Said servers give you other possible spellings for the domain you were looking for as well as links by categories. There is also a "Search the Web" box.

The polite response from VeriSign was to say they will continue to do what they want but are willing to take a meeting to discuss things. The English translation of VeriSign's corporate speak is "Bugger off."

Note the privacy policy of the page states:

We use third-party companies to serve paid and unpaid search results and other content to our Site Finder. In the course of serving these results, these companies may place or recognize a cookie on your browser, and may use information (not including your name, address, e-mail address, or telephone number) about your visits to this and other web sites in order to serve content to our site, improve the services offered on our site, or measure advertising effectiveness of paid search results. For more information about this practice and to know your choices about not having your information used by these companies, please visit http://www.content.overture.com/d/Usm/about/company/privacypolicy.jhtml.

See the ICAAN site here for the request and VeriSign's response.

The Power of 1,000 Monkeys. Over at Virginia Tech, they're creating a 1,100 PowerMac G5 cluster "super computer." I'm not sure using Apple computers is the most cost efficient way of doing it but I guess they think so. Take a look at the site here.

Speaking of Monkeys. Our IT folks switched over to Netware 6.x while I was on vacation (without letting me know, of course). Unfortunately, this broke the MS Client Service for Netware that we had been using since the MS client was faster and more stable than the Netware offering (Yes, I know, hard to believe but I think this reflects how bad the Netware client is more than how good the MS one is).

I searched the MS website to see if there was anything on this. But, in doing a search on "Netware 6" or "Netware 6.x" it did not bring up any Knowledge Base articles at all. Strange. Surely there must be something, unless our IT people are doing something to lock out all clients except the Novell one so that they can "manage" our PCs.

If so, with due respect to our fine IT folks, we do not want, nor do we need them to manage our PCs. We do very well without their "support". We had anti-virus software and firewalls running on our PCs years before IT got around to even thinking about such things. We were running MS Office years before IT got around to recommending it over WordPerfect. We began running Windows 2000/XP years before our IT had a copy to try out. We advocated for joining the 20th century, before the 21st was over, by installing Ethernet instead of the over-priced, proprietary, and difficult to get IBM Token-Ring NICs.

In other words, we don't need no steekin' IT office miles away to tell us how to best do our work when they are so behind the times that they think IBM/Lotus Notes is a cost effective way to get e-mail.

To our IT, change is something you get when you buy something with cash. Otherwise, change is something to be avoided. And if you can't avoid it, contract a vendor to institute the change because they (IT) don't have the expertise to implement nor manage it.

If you ask me, doing business this way will lead to the logical conclusion of contracting out all of IT since they can't do anything useful now. Except maybe "manage" PCs.

Aloha!

September 18, 2003

500

I'm at home again today and will be so tomorrow and Monday. Sigh. While the plumbers and tile guy did show up yesterday, they are AWOL this morning. One just called to say they will be here this afternoon. No word yet from the others.

I also noticed that these plumbers all seem to be interconnected or at least farm out work to others when they are busy. I've had two calls from the original plumbing contractor but neither shows up on caller ID with that name. In addition, guys arrive in vans with names on the side that are not the name of the contrator we are supposedly dealing with.

This makes it very difficult to keep track of who is doing what and, should the need arise, who to go after.

Oh well, what's a person to do?

Aloha!

September 15, 2003

Flash in the Pan

I went over to Wil Wheaton dot net and saw a Flash based tribute he put up on September 11th. I got to wondering how to create a Flash file so I went over to the Macromedia site to take a look.

Unfortunately, the cost of the software ( $499USD) is prohibitive to all but people who make a living at doing this. So, of course, I looked for alternatives. While I could not find an Open Source program, I did find something that was substantially cheaper.

It's called SWiSHmax (before you ask, no, I don't know what it's supposed to mean. But you have to wonder...) and costs $79.95. I have no idea if it has the full functionality of the Macromedia original but it can do some interesting things.

I created a text only Flash program that is only 8KB in size. Feel free to follow the link here if you want to see it. Of course, you will have to have the free Flash viewer plug-in already loaded otherwise you won't see much.

In addition, I'm not sure how to display the file using standards compliant HTML so I am using what Wheaton used. If I can figure out how to code it without using the deprecated <embed> tag I'll re-do it.

Speaking of Streaming Media, here's IP over water. As in using water as a medium to transmit information between computers (follow the link here).

H2O/IP functions in a similar way as TCP/IP but focuses on the inherent viscous properties of water that are not present in traditional packet networks. The StreamingMedia demonstration of H2O/IP is as an installation of two computers at different heights where one captures an image and transmits it to the second computer in the form of modulated water drops. The project attempts to show how digital information can be encoded and decoded into organic forms to create a physical network between digital devices.

I'm out of time so I gotta go.

Aloha!

September 10, 2003

Wednesday Workaday

Not much going on over in the Seto Shack. As an update to the never ending list of domestic things to do: I finished painting the interior of the front house and am now working on cleaning it from top to bottom. I hope to be able to get it rented in about a month or two. In our back house, where we live, the bathroom upstairs is still waiting for the plumber to schedule work on replacing the leaking shower. It won't get scheduled for at least a couple more weeks and in the mean time, we will have to use the shower in the front house since the shower downstairs is also acting up.

As the number of pages on our intranet site at work has increased, an easy way of getting to pages became critical to its use. We decided to attack the problem with three different tools. The first was to create a "Yahoo" style index page that listed the various major categories of what the web site has. By doing this, you can get to where you want in one to at the most three clicks. The second tool was to create an index, like you have in the back of a book. Using the index will get you to any page in no more than two clicks, and for the most part, in one click. The last tool was to create a site map.

While the person who created the index was willing to code and maintain it by hand, I wanted to find something easier for the site map. I first tried to find an open source solution but whatever I found seemed to be keyed to running on *nix and Perl/Python. Being that our server runs Windows and IIS, all would not work without substantial editing. By the way, if someone says you can convert a non-trivial Perl program written for Unix to Windows with minimal changes, run as fast as you can away from this person because they are clearly mentally ill and don't know what they are talking about and have never actually done what they say can be easily done. This is especially true when it comes to dealing with how the two operating systems represent drives, directories, and even forward or back slashes. They are just not compatible and I've never seen anyone come up with a How-To that lists all the differences and how to program around them.

Being that as it may, I ended up buying a rather expensive program, for what it does, called SiteXpert (see it here). It costs $65USD and runs on Windows. You can point it at a page and it will spider the links on the page creating a site map with very little work on your part. Note this is different from a program that just lists the HTML pages linked to another. SiteXpert will follow all links and display said links in a hierarchical display. This is critical to us because we have pages that have links to Adobe PDF files. We want these files listed on the site map. Yet most site map programs ignore links to all binary files such as, but not limited to, pdfs and doc files. Why that is so I don't know but it appears to be almost universal.

So, if you need a Windows program that spiders all types of links, this may be the one for you.

Aloha!

September 09, 2003

Tuesday Tetragram

Life is but an illusion. Go to this page here to see some unreal optical illusions. The page is kind of big and the bits are coming from Japan so be patient and all will be revealed. Although, not all of the illusions work for me, the first "Rotating Snakes" is pretty cool.

Otter: I think this situation absolutely requires that a really futile, stupid gesture be done on somebody's part!
Bluto: And we're just the guys to do it.

The above quote has nothing to do with anything other than I was over at Amazon.com getting something for SWMBO (shh, it's a secret) when I accidentally added the item to my wish list instead of the shopping cart. I did not realize this until I went to checkout and couldn't find one of the items I thought I had ordered.

By applying my superior powers of intellect (i.e., pure luck - ed.) I deduced what I had done and deleted the item from aforementioned wish list. Unfortunately, I didn't want to have a wish list account but I guess the fact I had added the item to it will forever more mean I have one. No, there's nothing in it nor will you find any other information there.

But this got me to thinking (a novel experience, to be sure - ed.) and I decided to checkout what the other Daynoters may have on their lists.

John Doucette's name came up for five lists but none were in Canada. I bet John didn't know there were so many of him running around.

Chris Ward-Johnson, of St Felix de Pallieres, France wants a copy of "Desserts from Your Bread Machine: Perfect Every Time: Cakes, Cookies, Pastries, Doughnuts, Sticky Buns, and Other Recipes You Never Thought You Could." Yup, I'd guess that'd be our Good Doctor K. Although I wonder where he's been since he hasn't posted for awhile.

Brian Bilbrey's name came up once but was listed in Kentucky. I don't think our Brian has moved that far south but who knows? If so, someone should tell Sally before she starts wondering what happened to her human tennis ball chaser.

Steve Tucker must be a popular name because 25 of them have wish lists. I don't know if any of these are Daynoter Steve's though.

One Dan Bowman of Modesto, California is wishing for "Embracing the Fear: Learning to Manage Anxiety and Panic Attacks". Things must be a bit tense over in the Central Valley.

Ben Ator has a passel of paperbacks too many to list.

There are four Moshe Bar's out there wishing you would buy them stuff and four Frank McPherson's.

There are three John Dominik lists, two of which are located in Minneapolis, MN. Each of the two in Minnesota (The Cadillac Engine State) have geek enriched stuff like "Teach Yourself MS SQL Server 2000 in 21 Days" and "Mac OS 9: The Missing Manual" so this indeed could be our man in Minnesota, don'tcha think?

The thing about wish lists though, if people don't know you have one, they probably won't buy anything from it. In addition, some of the lists are quite old, and if anyone actually wants any of the stuff on their list, they should update it.

Correction to yesterday's post. I have to plead massive stupidity for calling Jasc Paint Shop Pro, Photo Shop instead. I don't know why I did that, other than as a test for reader Jon Barrett (which he passed with flying colors). In addition, Aussie Don Armstrong (G'day mate) reminded me of another program that I should have considered: IrfanView. I'll try to take a quick look at it when I find the time but what I like about Paint Shop Pro is its one button "Enhance Photo" that runs a macro script which automagically adjusts the color balance, contrast, saturation, smoothes, sharpens, and clarifies the image. All I had to do was some minor adjustments here and there. This saved me a lot of time. Speaking of which, I'm out of time so I gotta go.

Aloha!

August 19, 2003

Googling

A website I read every once-in-awhile asked if it was okay to Google someone they were thinking about dating. In turn, the question got me to thinking about the bigger question I've talked about here before. Namely, privacy and the Internet. Below is, in large part, my response to the question.

There is a lot of information that is considered to be in the public domain. For instance, vital records such as births, deaths, marriages, divorces, and bankruptcies are routinely reported on in the newspapers. But when this information is compiled into a database, as it is when a search engine comes across it, creates troubling new questions:

1. Is it moral/ethical to do an Internet background check on someone regardless of why you are doing it?

2. What expectation(s) of privacy do we have relating to public information on the Internet?

3. Does the Internet bring both unprecedented access to information and, at the same time, presents new challenges to individual privacy?

As with any tool, the Internet can be used for many purposes. I know when I first got on the Internet I searched on my name and found at least two others (one in Canada and one, I'm not sure where, but he seemed to be associated with stocks/bonds/securities/banking so maybe New York?). I did this without any purpose other than pure curiosity.

But as I got more familiar with the Internet, I became concerned that maybe there was a little too much information out there in forms that made it easy for anyone to lookup. For instance, many states allow companies to put their entire phonebook listing up on the 'net. This is fine as long as you have an unlisted number, but not so fine if you don't and you start getting calls from tele-marketers. In fact, you can type in a phone number (xxx) xxx-xxxx and if Google finds a match, will display the name, address, and link to Yahoo! Maps or MapQuest to show a map of exactly where you live.

A second example, when you register an Internet domain, you have to fill out a form that asks for your contact information such as name, address, and phone number. All of this is available on the Internet. Is this a Good Thing?

So, I began to try to limit the information that I had control over. First, no listing in the phonebook. And secondly, I changed the contact information for the domain registration for my website to a PO Box and fictitious phone number.

I realize I may be a little paranoid about this, but it is truly amazing that public information, in printed form, that we didn't give a thought about now becomes a whole different subject when it becomes available on the Internet.

I'll let you decide what public/personal information you feel comfortable with on the Internet and how it may be used but, as for me, it just gives me the creeps.

Aloha!