Misc. Ramblings

Spent most of yesterday updating a couple of tables which show what the other 49 states are doing in relation to the subject matter of the legislation. Sorry I can't say what the subject is until the package of bills are finalized. But there is nothing I can think more frustrating (except maybe trying to install Win98SE onto a clean disk when you only have the upgrade version to work with) then trying to compare statutes across states. Each state, as is its right, creates there own system of laws. However, trying to identify the similarities and differences between those laws is fraught with much difficulty. It almost makes you want to look at federal laws, which usually are the same for all states.

So, is there a way of installing Win98SE onto a clean disk when all you have is the upgrade version from MS? I understand that the retail upgrade version can be used to install but I'm not sure the version I got directly from MS is the same as the retail. I tried all kinds of switches to get setup to run but it always said that I needed to run it under Windows (which of course, had not been installed yet).

Ally McBeal (sp?) was on last night. Sometimes that is the coolest show on TV. And sometimes, it just sucks. Last night sucked. If their goal is to make all of their characters as unlikeable as possible, they are doing a bang-up job. Many of the lawyers here already hate it, if the writers keep this up, I may also.

What with meetings and continuing research and updating of the statutes I will be a busy person this week. Hope your week is better than mine is looking like...

Sports Night last night was a good one. If they keep it up, it may become my new, favorite show on TV (after Ally). The writing and acting are excellent. Which of course means it will be cancelled.

Work on the legislation I am revising is progressing slowly. I've checked 20 states so far. 30 to go! Unfortunately, this morning will be eaten by meetings on the budget and to finalize what will be included in our legislative package.

Saw on InfoWorld that MS has confirmed a February 17 launch date for Win2000. As soon as I can get my hands on a copy I will load it on one of my PCs (Right now I have three. None of which are exactly state of the art but they do what I need them to do).

I will, of course, have to upgrade the target PC first. But I have time to do that. I figure a Pentium III running at 500MHz should be enough. 256MB of RAM. 10GB drive. DVD. And as Dr.Keyboard would say, "All the twiddly bits."

Tomorrow I'll give a run down of what I am using at home. Today, I'll tell you about the Dell OptiPlex GX1 at work. It's about a year old and is a Pentium II - 333MHz. 128MB of RAM. 6.2GB drive. CD-ROM and built-in Crystal Sound card and ATI Rage Pro video (8MB). I have Win98SE on it. The only problem I've had so far was when my Maxtor HD started to make very bad noises. It would sound like the heads were trying to bash their way out of the case. Dell sent out a Wang technician and he swapped the drive.

While I do recommend Dell PCs, I have a bone to pick with their "On-Site" service. It isn't. At least, they try mightily to do everything except provide on-site service. They will talk to you on the phone for hours, but send someone out to service your PC? Only if the problem appears to be in the box itself and you are unwilling to open it and replace the suspected part yourself. If you have a bad monitor or keyboard they will express to you a new one. But you then have to box up the old and ship it back to them (otherwise they charge you for the new part).

This level of "service" may be OK for people who are comfortable with PCs. But what of the great majority of Dell's customers that are not? Of course, I doubt the other manufacturers are any better but perhaps there can be levels of service, each with a different cost structure. "Regular" service like they have now. "Premium" service for those who are willing to pay a couple of hundred dollars extra per year for real on-site service. That is, you call and tell them the suspected problem, and they come out within four hours to diagnose and fix it.

More tomorrow on what kind of PCs I have at home. See 'ya.

As promised, a quick run down of the PCs at home. I don't have names for the PCs since none of them are networked (that will come some time in the future) so I will refer to them as Mo'opuna (grandchild), Keiki (child), Kane (man).

Mo'opuna isn't being used much now. It, as well as Keiki have Shuttle motherboards (HOT-555 I think). It has a Pentium 120MHz. If I remember right, a Fujitsu 800MB HD, 32MB of RAM and runs Win95/Office97. I'm not sure what I'm going to do with this. Either rip the guts out of it and replace the mobo/CPU, HD, and RAM or maybe use it to experiment with Linux (Caldera 2.2).

Keiki is used by SWCNBD (she who can not be denied). Up until last night, it was the PC I was using to experiment with Linux (more on that another day). As of last night, its running Win98SE. It has a Pentium 166 MHz, 64MB of RAM, a 2GB Maxtor HD, SB AWE64 sound card, and a Diamond Stealth 3D 2000 video card. She will be using it for making her monthly calendars with PrintShop Premier Edition. Later, I'll add Office2000 so she can do her letters and stuff.

Kane is mine. It has an Abit BX-6 Rev. 2 motherboard with a 400MHz Celeron, 128MB of RAM, 6.2GB Maxtor HD, 3D Blaster Riva TNT 16MB AGP video, and SB Live! audio. This one also runs Win98SE and will have NT2000 installed on February 17, 2000.

Friday will have the tales of Linux and other horror stories. Just in time for All Saints' Day

But first, this message. I've been following the America's Cup (or follow the link here) races via the web since no one seems to be televising anything on TV about it yet. Even more frustrating is that the Hawaii team Abracadabra2000 is not doing well. They are 8th out of 11 at the end of the first round with a record of 4 wins and 6 loses. The Italian team, Prada Challenge, is a perfect 10 and 0. If things don't change soon, it may be a New Zealand vs. Italy cup race! Unfortunately, the only thing that would be proven by such a race is that them who has the money, wins...

And now, this. You may have noticed the new email address link at the top of the page. It took me two days to get it going (an eternity in Internet time) so feel free to start sending those cards and letters in. Replies, albeit not necessarily prompt, are guaranteed. Your mileage may vary. Objects are larger than the appear. The door is ajar. The dog ate my diskette. And now my first official email (Brian was actually the first but that doesn't count *grin*). This in from John Doucette. He writes in reply from my question about installing Win98SE onto a clean drive if you don't have the retail version to install from. He writes:

Hi Dan

Got the link to your page from Brian. I have only read the current week so far but looks good to me.

I also saw Sports Night this week and thought it was one of the best written episodes of any show I have seen in a very long time.

I am as I write this working on an install of Win98 Upgrade. You can use the Win3.1 disks as an upgrade product. As I recall Win95 only wanted to see Disk 1 of Win 3.1 but Win98 just asked me for disks 1,2,4, and 5. Too bad Win98 isn't like Dos upgrades which if you use the /g switch acts like full version of Dos.

John Doucette

Thanks John for the information and the kind words. I think that Sports Night may be one of the better, if not the best written series this season. It seems to me that Frasier lost its edge last year and has not regained it yet. And Ally can go off into the deep end sometimes while exploring her psychological problems.

As to the install, what I ended up doing was using a copy of the commercial version of the original Win98 (is there a term now for this version - First Edition?) first, then used the upgrade to get to Win98SE. And as DrKeyboard has said, MS is getting ridiculous in the length of the product keys now-a-days. They are long and prone to miskeying (is that a word?).

And now my children, gather round while I begin the scary tale of how I installed Linux and learned to love the bomb. But to those who are wise, RUN! Run for you lives!

Not being one to scare easily, I figured I would see what all of the hubbub was about and bought a copy of Caldera's Linux 2.2 on the advice of several reviews which said that it was the easiest distribution to install. And I guess that (the install) could be true if the hardware you have matches what is on the very small compatibility list. Unfortunately, if you have a video card less than 5 years old the GUI-based install won't work. Which is still OK, its just not as easy.

On the other hand, if you were planning on using Linux as a desktop operating system as a replacement for Windows, think again. Because you need to get KDE up and running so that you can use the StarOffice office suite or WordPerfect. Either of which you would need to have to actually do some work on. So, the first problem is hardware compatibility.

The second problem is that if you can't get the GUI running, everything else becomes long and sleepless nights learning how to change configuration files. Many of which are hidden from you so you won't change them. And in the case of one of the communications programs (which actually runs under KDE), a file needs to be there, but it has to be empty...

If you do get the GUI running, which I did eventually after playing email tag with Caldera support for a couple of weeks (they no longer talk to me because their "free" support structure literally includes a ceiling on questions) then you get to see all of the bugs in programs designed to run under Linux. Bugs? you say. Yes bugs. These programs that run under Linux are FULL of bugs. While the Linux kernel may be rock solid, almost everything else looks like it was written by a six year old.

Over and above the bugs is the fact the even when the software runs, its not as easy nor as powerful as what runs under Windows. Say what you will about MS Office, but I can't find anything better. And MS Office stands way above StarOffice 5.1.

So the moral of the story my children is that you can fool some of the people all of time, and all of the people some of the time, but Linux, as a replacement for Windows, has no clothes.

Have a Happy and Safe Halloween! See you Monday.

I now have digital email certificates from Verisign, Inc. for my mail accounts. From now on, if you get email that appears to be from me, but it does not contain a verified certificate, it is probably not from me. Unfortunately, if your email program (e.g. Eudora Lite) does not know what to do with the certificate it will consider it as an attachment and save it to your drive. It won't do either of us much good if that happens so all I can say is perhaps you can use another program for you email. Outlook Express, which is what I use for an email client is compatible with the certificates and unless you have another program that is compatible, I suggest you use that.

On the America's Cup front, the Hawai'i Team Abracadabr2000, won a great race against Team Dennis Conner (TDC) in Stars and Stripes. TDC was ahead at the start and the first four marks. From that point to the end, the Hawai'i team dueled it out with the TDC team winning by a razor slim three seconds. Unfortunately, Hawai'i in an earlier match against Nippon lost by a whopping three minutes 29 seconds. Hawai'i lost the start and never was in a position to challenge Nippon.

Good stuff over at Dr. Pournelle's site re:Microsoft Monopoly. Both in the view as well as the mail. Since most of you will probably be sick of the subject, I figured I would talk about something that Dr. Pournelle mentioned in passing. Namely, the early PCs. No I'm not talking about the IBM PC. I'm talking about the Atari, Amiga, or Apple II. This was in the mid-to-late 1970s, years before the first IBM PC came out. The first PC I ever used was an Apple II. I think it had something less than 64K of RAM and an external 5 and 1/4 floppy drive (no hard drive). The monitor was a 13-inch TV from Radio Shack. The printer was some unknown company that used a roll of silver coated paper and heat to form the letters (well, at least you never had to change a ribbon).

The first PC I ever owned, was an Atari. It had about 64K of RAM, with the keyboard built into the case and a game cartridge port in the top. Again no hard drive and actually came with a cassette interface so you could store your programs on cassette tapes. Eventually I got a floppy drive for it since I got tired really fast of trying to use cassettes. I also had a state-of-the-art YELLOW monochrome monitor!

And remember, at that time, there were no bulletin boards or internet to download programs from so the main source of utilities and such was magazines. That is, you would type in row after row of long lines of gibberish. Then see if your checksum matched the authors. If so, you would then run a translation program which would create the executable. Yikes! Talk about the dark days of PC computing.

Of course, once the IBM PC came out in the early 1980s, everything changed. On one hand, the industry was able to standardized on one architecture. And this was good. But on the other hand, the industry standardized on one architecture. And this was bad. But there was no looking back and I traveled to Los Angeles and bought a 8086 clone (I think it was an NEC chip if I remember right). This one had about 256K of RAM, and 5MB hard drive, a 5 and 1/4 floppy. The video card was a Hercules compatible monochrome output. From then on, its been one Intel chip after another. From the original 8086, to the 80286, 80386, 80486, Pentium, and now Pentium II. I think I'll skip the Pentium III and go for the next generation after that. But what memories...

Quick Notes:
Dr. Pournelle has a link to Dan Bricklin's Log. Once there, there's a subsection of the log on the Microsoft trial. It's worth a quick look. Especially interesting to me was the "Ethical Issues" section which attempts to trace our current laws back 1500 years! Recommended (as long as you are not offended by quotes from the Talmud).

The UK Register has a hands on review of the "Chipzilla" CuMine Chip. As always, its worth a quick look at their site. They always have interesting things to say across the pond.

In all the hubbub about the MS trial I forgot to mention a small item about certain builds of Caldera Linux 2.2. There is a small security hole. The default install creates a user called "Help." This user has root access and no password. Let me say that again. It creates a user with root access and no password. This allows even the dullest NT hacker to come in and do all sorts of mischief. Caldera's 2.2 was one of the more popular distributions out there and I bet more than a few of them still have the "Help" account active. Makes you want to switch to OpenBSD Unix doesn't it? OK. Maybe not.

The roaches were eating again last night. Almost literally. Oh I got the DVD hooked up OK. As Dr. Pournelle pointed out yesterday in his column, 90% of PC problems are cable related. And sure 'nuf. Even if this isn't a PC, fiddling with the fiber optic cable from the DVD to the receiver brought the Rolling Stones to life (they are dead aren't they? Or is it they just look that way sometimes? ;>).

And I even got the center channel and sub-woofer speakers hooked up OK (though its a rats nest of wires soon to get worse). Still to be done is the cassette and VCR. I would have finished those also except for the fact that in the middle of my befuddlement, I mean work, we got a call from one of our tenants saying the toilets were backing up and flooding the carpets. Sheesh. As if I'm actually going to do something about it. What do they think I am anyway? A PLUMBER (paging Dr. Jim, paging Dr. Jim). So I called Roto Rooter and they said someone would be there in about an hour.

Since the tenents were getting a little hysterical over a little sewer water in their living room, my wife and I ended up mopping up the mess which, as we found out later, was probably caused by the tenents trying to flush the city of Calcutta down the toilet. Eventually, the Roto Rooter man showed up and began to run his metal snake through one of the sewer line clean outs. Apparently, no joy. So he went around the house to the other clean out and ran it again from there. Again, apparently no joy because he could still see standing water in the pipes. But then before going into the house and ripping out the toilet to run the snake through there, he decided to test things to see it they would back up again. Thank goodness everything was working fine at that point and he figured he probably cleared the blockage the first time around. So, two hours and a lot of mucky water later he was on his way home. And so were we. Needless to say, I slept very well last night (and I'm sure those dreams about huge flying roaches will go away eventually).

Quick Notes
Email/Spam Harvesters trawl along the web trying to find email addresses to add to their databases of hapless people. Since the web is so huge, your site may not have been hit, yet, by one of them. But at some point they will. When that happens, you will know it because you, or anyone elses address on your site will begin to get Spam (Gamble Online at our Casino!). Take a look at this site which gives some interesting information on how to try to stop this. Especially if you are running an Apache server. Or you can take a look at this site.

Today is the first day of the two day training on facilitating meetings so I do not know if I will be able to do a noon update. Check back if you have time, otherwise see you folks tomorrow!

Aloha

Atomized. I was over at Dr. Pournelle's site searching on a link for a keyboard that he was looking for. I knew it was somewhere on his site but not where. I knew it was there because I had sent it to him sometime ago.

So, I figured I would try out his whiz-bang search engine Atomz. Since I sent the link I figured I would try searching on my last name (since it is not common and should not return a bunch of hits). Well, was I wrong. Apparently, Atomz defaults to a "fuzzy" search if it can't find what it is looking for (as far as I can see anyway). So in excess of 380 hits came back. And fuzzy it was. For example, city, st., site, suite, SST, 1st., sweet, SETI, stay, set, sat, swat, and cite. I went through the first 100 hits and then gave up. This kind of search engine is great if you don't know exactly what you are looking for. But even if you do, you may as well as forget using it if this is any indication. YMMV. Not recommended unless you are really desperate.

Oh, by the way, by searching on the word "Aloha" I was able to find it. On the Recommended Hardware Page. And it didn't seem to do a fuzzy search. Don't ask me. Because I don't know. Sigh.

False Alarm. Saturday's mail brought a letter from the University of Hawai'i. I opened it with some trepidation but found only that they have not been able to finish deciding who made it into the Masters of Public Administration yet. They said they will be done in two weeks. Oh well, at least it got my heart going for awhile. Big Sigh.

Speaking of Alarms. A flight of vintage P-40 Warhawk aircraft were seen buzzing the battleship USS Missouri moored in Pearl Harbor yesterday. But not to worry. It was just the start of filming of the movie "Pearl Harbor." Included in the cast are Ben Affleck and Cuba Gooding Jr. Industrial Light and Magic is doing the special effects.

***** Noon Update *****

Whew! Lots going on in the Daynotes Realm. Brian Bilbrey is beginning his dream to be a published author by teaming with Tom Syroid (see Tom's post here). Congratulations and Good Luck, Brian. However, given the horror stories that the others tell about writing a book, please remember to make some time for you and your wife. Priorities. It's all about priorities.

Robert Bruce Thompson and Bo Leuf continued the cat fight as to which browser is alpha dog (to mix breeds if not phylum). Bob came out with what, at first glance, looked like a good point about how all browsers should be able to read pages created by FrontPage just as all word processors should be able to import and read Word formatted documents. The problem with this analogy is that it assumes MS developed and owned HTML just as it did with the Word format. Only. It didn't. Hence, the analogy does not hold up.

Still, to me the question is do you want Microsoft to dominate everything? I don't think so. Otherwise you wouldn't be looking at Linux would you? And how would you like it if Microsoft created their own version of Linux (April Fool's Day notwithstanding)? And what if that became the dominant distribution? Hmmm? I though not. Oh well, use what browser you want. But remember, if you lie down with dogs, don't blame me for getting mange. Or some such.

Times A'changin' I forgot that many of you poor folks had to change your clocks this past weekend. We Equatorians, and Arizonans, don't have to put up with such foolishness. Changing time to suit your needs, indeed. Such wickedness! See a history of this abomination here.

Seeing Double. According to a report by InfoWorld Columnist Brian Livingston ( here), if you have a dual processor system, and you do a clean install of Win2000, it will recognize only one CPU. The procedure to have it utilize both CPUs requires the changing of a driver. Read the article above to see how.

Help Desk Hell. There's an interesting tale of being on the help desk one night when all hell breaks loose due to a DoS attack. See it here at Byte. It answers the eternal question of why PCs hum.

Most of my objections to using Movable Type (MT) appear to be baseless. While the installation of the software could have been made easier by having an install script/program and the instructions could be clearer, I still got it up and running after *only* three tries. One of those tries could have been avoided had I known the cryptic error message I got meant I needed to delete the MySQL database if I wanted to start over again.

Whichever the case, MT is now installed using the default template. It creates an index.html file that is W3C standards compliant for XHTML 1.0 (although I have not checked it for accessibility) and only about 5.5KB in size.

Note that it is a work in process and will change in size and look so I guess I should reserve final judgment. I further note that it creates a page that uses javascript for the comments facility so a certain percentage of people will not be able to use it (including me).

And finally, installing the software is not the same as using it. I reckon it will take awhile to get things how I would want it to look and then I need to decide if it's worth switching over or not.

But as of now, it looks like I should be looking for Dr. Pournelle's crow gif.

In a similar vein, I finally got Movable Type (MT) to automagically email me when someone leaves a comment. At first, I thought I had a problem with sendmail either being in a different location or not being available at all. But all it was is I had to check a box in the configuration file for MT that enables that feature. Doh!

So now if someone leaves a comment, it gets emailed to me rather than me having to check the site periodically during the day.

I'm sure even the great tenor Placido Domingo had nights where the voice wasn't up to snuff. So I guess I shouldn't be surprised when a company releases an update before its time.

I recently installed the Opera 7.01 browser (see their site here). Long-time readers, all eleven of you, will remember that I have been a proponent of Opera for years. There is much to like about a program that is relatively small, fast, secure, and standards compliant.

But I can not recommend this browser in its current state and am very disappointed that Opera would release this obviously unfinished version. Here's why.

This version of Opera has what I consider to be several show stopping bugs - some of which are intermittent and some not. The transfer window, even though it has a place for the amount of bytes transferred in real time, fails to display anything, even when the transfer is done. When I click on the bookmarks menu, it opens three panels, but refuses to let me see any other book marks past the third panel. When setting preferences, I went from the "Browser look" heading to accessibility and found that the display was not fully updating. That is, parts of it changed to the new section, parts of stayed the same, and parts of it became transparent and I could see the wallpaper behind it. The next time I went in it worked fine.

This version has apparently moved valued features and made them complex to implement. Version 6.05 included, in Preferences, the ability to customize the browser's layout. Included here were options for displaying only icons or icons with text, whether the icons should be fixed width or variable, and whether the "Go" button should be displayed. While you can now right click on the icons and set text below, you must turn off the the special effects found under "Skins" if you want the text to be displayed all the time (as opposed to only when you hover your mouse over them). This is different, but is it better?

This version seems to begin the display of web pages slower than 6.05. I opened both versions and pointed both to a website neither had recently cached - www.novell.com. Version 6 almost immediately began to display the site while downloading the approximately 90k of html code. I stopped version 7 after it said it had download over 1MB of HTML! This, when it hadn't even displayed anything yet!!! I decided to try another site - www.disney.go.com. Version 6.05 still started to build the page before version 7.01, but version 7.01 did finish a fraction of a second faster. I figured I'd do one more test so pointed both to www.sun.com. Once again, version 6.05 began displaying the page first but version 7.01 finished first.

Based on these problems, you may want to stay with 6.05 or Mozilla until Opera 7.x stabilizes. YMMV.

Aloha!

I did some additional digging on the bookmarks problem I noted in yesterday's post. From what I can read in the the Opera support forum this is literally a feature and not a bug. According to one post, Opera decided that you didn't need to have more than 50 links displayed at one time.

Since they know best, they arbitrarily and capriciously changed it for 7.x so that you shall delete or move links into folders. Sigh.

Competition is good. There are alternatives to Opera. I will avail myself of those alternatives.

The public good, is in nothing more essentially interested than in the protection of every individual's private rights. - Blackstone

Programs generically called spyware invade your privacy by secretly sending back information about how you use your PC to their masters. How this information is used may or may not be in your best interest. But be assured it is in the best interest of advertisers and perhaps the government.

To combat this, there are a couple of free programs that scan your PC looking for spyware. One is called Spybot and can be found here. The other is Ad-aware (see their site here) and of the two, is probably the better known. Ad-aware recently came out with version 6.0 so if you haven't updated yet, you may want to head over to their site. But whether you choose Spybot or Ad-aware, you probably should be using one of them.

Over and above any privacy issues is the practical one of CPU usage. These spyware programs can consume much of your CPU's time, thus dramatically slowing everything else you want your PC to do. So if your PC seems to have slowed to a crawl, and you've ruled out the usual suspects of low disk space or memory, then perhaps you might want to download and install one of these.

Aloha!

I understand that there are at least two problems with how this page is rendering. The first is in IE 6.0.2800.1106. The post at the top of the page does not display the date or if it does, it shows only the bottom fraction. The other is in Opera 5/6 (but works okay in 7.0). The links in the post at the top of the page do not work. The other links in the page work fine. When the top post is replaced by a newer one, the links start working in the replaced day.

I do not know if the problem is in the Cascading Style Sheets (CSS) or if MT itself is the culprit. But in looking at the underlying HTML, I don't see anything wrong - especially the links problem. This is straight HTML and should work in all browsers. But for some reason it doesn't.

I've started searching the support forum and see there are quite a few problems related to how different browsers work with CSS. When I have the time, I may get back to working on getting Geeklog (see their site here) working. Geeklog has the advantage of being OpenSource, while MT, although "free", is not.

Aloha!

Understanding any language hinges on understanding the words, and the context the words are used in. However, sometimes, the words are unclear so too then is the meaning unclear. Similarly, implementing the Cascading Style Sheets (CSS) standard (see them here from the W3C) hinges on understanding the words. But sometimes, the meanings of the words are unclear. Hence, different companies, each using the same standards, can create pages that look markedly different - even when companies make good faith efforts to meet the standard. Conversely, some companies don't see the standard as keeping them from extending or interpreting the standard as they see fit and others see no market advantage to implementing it at all.

Within this context of varying understandings and differing values, it should not be a surprise that CSS is a Tower of Babel of differing interpretations.

If things are so confusing, what can be done? The obvious answer is to find the lowest common denominator that all can decipher. Unfortunately, even current browsers interpret things as simple as tables in different ways. So this won't work.

The way I've decided to go is to use CSS that seems to work in the current browsers. Hence, I've switched from the theme known as Gettysburg to GeorgiaBlue (GB). GB seems to solve the two problems noted earlier (thanks Sjon, JHR, Phil, Paul, Jonathan, and Mike). Sometime, when I have the time (like when they start having snowball fights in Hell - ed.) I'll do a comparison between the two and see why one works and the other doesn't. In either case, onward and upward.

Aloha!

Movable Type 2.6 is out. I downloaded the update without problems so I guess the thundering herds have not hit the server yet. Get'em while they're hot here.

Have a Great Weekend Everyone - Aloha!

Recently, I've started to get more and more spam. Unwanted and unsolicited email has begun to clog my mailbox with advertisements for lasting longer, growing bigger, getting out of debt, or getting into debt (via mortgages). So much so that I've even thought about closing the email account and opening a new one. But before I get to that point, I decided to see what kind of anti-spam software there is out there.

One of the better known is SpamAssasin. Be aware that there are only so many automated ways to identify spam. SpamAssasin uses:

• header analysis: spammers use a number of tricks to mask their identities, fool you into thinking they've sent a valid mail, or fool you into thinking you must have subscribed at some stage. SpamAssassin tries to spot these.

• text analysis: again, spam mails often have a characteristic style (to put it politely), and some characteristic disclaimers and CYA text. SpamAssassin can spot these, too.

• blacklists: SpamAssassin supports many useful existing blacklists, such as mail-abuse.org, ordb.org or others.

• Razor: Vipul's Razor is a collaborative spam-tracking database, which works by taking a signature of spam messages. Since spam typically operates by sending an identical message to hundreds of people, Razor short-circuits this by allowing the first person to receive a spam to add it to the database -- at which point everyone else will automatically block it.

Another is called CRM114 (from the Stanley Kubrick movie Dr. Strangelove Or How I Stopped Worrying and Learned to Love the Bomb in which a radio device called the CRM114 plays a pivotal role in the plot). CRM114 uses "sparse binary polynomial matching with a Bayesian Chain Rule evaluation" to determine what is or is not spam.

Another is called ifile and is different from others in the following ways:

1. ifile does not require the user to generate a set of rules in order to successfully filter mail
2. ifile uses the entire content of messages for filtering purposes
3. ifile learns as the user moves incorrectly filtered messages to new mailboxes

ifile is not dependent upon any specific mail system and should be adaptable to any system which allows an outside program to perform mail filtering.

I have not tried any of these yet, but I plan to. More as I learn more.

One reason keeping people from converting from Windows-based applications is the difficulty finding MS Office interoperable versions in Linux/KDE/Gnome.

Presently, there are two general options. Use semi-compatible office suite software such as OpenOffice, Sun's(tm) StarOffice or semi-compatible individual applications like AbiWord or KWord. For those with fast processors and lots of RAM (and lots of patience - ed.), you can try to use an Windows emulator such as WINE.

Each has it's problems. The Linux office suites are, at best, at version 1.0 levels of compatibility and stability. It is not unusual to find documents created in Windows appearing very differently in Linux. From simple things like bullet lists to complicated tables, the Linux version will look amazingly horrid. In many cases, trying to use a Linux based office suite in a production environment is an exercise in frustration as they continually segfault. And running an emulator is a slow, bug filled process.

While the long-term solution is to let Linux-native applications mature, for those that can't wait, an interim answer is to run MS Office in Linux via an emulator. Codeweavers' CrossOver Office tries to do this using WINE as a base.

I installed CrossOver version 1.3.1 without problems. The interface is a simple list of applications that they have install scripts for such as Office97 or Office2000 (sorry XP fans, no version for OfficeXP yet. Neither is FrontPage supported), Visio, Lotus Notes R5, and Quicken. Obviously, to install these applications you still have to have the software, but CrossOver emulates a Windows environment into which you can install, although not necessarily run as we shall see later, the above applications.

First up, I installed Office2000 Professional (Excel, Word, PowerPoint, Outlook, Internet Explorer, and Access) without problems although there are times when nothing seems to be happening. Conversely, running the applications found several problems. As of this writing, Access is not supported and IE has several problems (such as not being able to save favorites). A show stopping bug I had was printing which, through their own WINE PostScript driver, doesn't work.

But over and above problems in running MS Office in Linux, there are questions such as how do you download and install security fixes and updates? If you have Linux and Windows on the same drive, and Office already installed on the Windows partition, can you legally install it on the Linux partition without buying another license?

But the bottom line is you can install and run most of the MS Office applications which removes compatibility as a barrier from moving to Linux. This is a Good Thing. But do not expect things to run as smoothly (who would have thought to use the word "smoothly" when referring to Windows?) or as fast (ditto) as they do under native Windows.

As interesting as installing MS Office was, my main objective was to install and run Lotus Notes R5 since this is the mail system we use here at work. While the install went smoothly, I can not get Notes to connect to the Domino server. However, this is more a problem with the underlying operating system than CrossOver. In our environment, Notes is running on a Novell Netware server. And while Novell is switching over to using native IP, our Netware servers currently run IPX. Now as many of you know, IPX is not compiled into the Linux default kernel. And without IPX, and a bunch of betaware kludges, you can't log into a Netware server.

So, before I can even test how well CrossOver emulates Windows for the Notes R5 client, I have to get Linux to connect to our Netware server. Under Linux, this is not a trivial task so I will not be doing this until Red Hat 8.1 is out. Note that under Windows, it is a trivial task to connect to a Netware server.

But for now, if you need 100% compatibility with MS Office products, one way of doing that is to run Office in Linux. Just don't expect things to run as well as they do under Windows (heresy I say! Heresy!).

Aloha!

In the continuing story of the triumph of the geeks comes this link here to a guy who decided to get high. Or more accurately, send a camera, transmitter, and assorted other hardware high into the sky via a weather balloon. The result is some pretty amazing images.

For those interested more in kitchens than the sky, comes this guy here or this one here who has a PC toaster. No, I'm not talking about the Mac software, I'm talking about a PC in a toaster.

Thanks to jwz (yes, that jwz - Jamie Zawinski of Netscape Navigator and Mozilla fame) for the pointers.

I leave work early today for the first of two days of medical scans and lots to do before I go. So I am out of here [he needs more here, so feel free to send all your here, here - ed.]

Aloha!

One of the Daynoters had a recent column on creating and editing sound files. The columnist recommended the Ogg format because it is royalty free and creates smaller files than those saved as MP3. The first part is definitely correct and so may be the second, but I have not found this to be the case.

Long time readers will remember I did a unscientific file-size comparison between Ogg and MP3 (see it here) and found Ogg created a significantly larger file size. So I decided to give it another try, this time using one of the applications, Goldwave, noted in his column. To be fair, Goldwave is not the one he apparently used, but the one he did, Sound Forge, has only a limited use downloadable version. It is so limited use (see the limitations here) that I could not do a comparison that would be of any use. Hence, I used the other application - Goldwave.

In either case, this is the configuration:

Ogg Vorbis version 1.0, 44,100Hz, stereo, 128kbps
MP3 LAME 1.32, Engine 3.93, 44,100Hz, stereo, 128 kbps
MS WAVE, 16-bit stereo

And here are the results of ripping Dave Koz's "Can't Let You Go":

WAVE: 44,441KB

Ogg: 14,637KB

MP3: 4,032KB

Obviously, since this is just a couple of instances, I can't extrapolate these results very widely. But I'm really confused as to why everyone seems to be saying Ogg gives a smaller file size when, so far, I've found otherwise. I know that ripping a few files is hardly an exhaustive investigation but you would think the difference would be closer. As it is, it's not even in the same ball park. In fact, Ogg is over in the next county playing soccer.

Whatever is happening, be clear I am not impugning anyone's reputation. Rather, I am simply reporting the results I have. If you do your own testing and find differently, please let me know what your configuration is so I can change mine to match and re-run the test. Your mileage may vary.

Aloha!

There have been various schemes to reduce or stop the number of unsolicited junk e-mails we all receive. But if it were something easy to do, it would have been solved by now.

Many people think passing laws against spam will stop it but fall silent when asked how US laws would be enforced in Nigeria, Russia, or China. But as PBS columnist Robert X. Cringely (see his column on spam here) says, the most efficient answer (other than shooting a few spammers - ed.), is an economic one.

For example, you don't get as much unsolicited snail mail (other than from credit card companies) because it costs a lot of money to have it delivered to your door. Hence, marketeers have to focus their mailing to people they think will actually buy their product or service.

Cringely argues that we could setup a system in which e-mail is filtered and held unless the sender is either in your address book (thus having your explicit consent to send you e-mail) or is willing to pay, through PayPal, some amount of cold, hard cash. The money received, if any, could be split between you and the service performing the filtering.

As with all schemes, there are problems. Suppose you buy something from sharperimage.com and they send a confirmation e-mail to you. How would you know what the e-mail address they would be sending from would be (so you could add it to your address book in advance)? Yes, you could set the amount that they would have to pay to some small amount, perhaps equal to the cost of a stamp, but what if they don't want to pay?

Well, okay, this problem could be solved by companies indicating the address they will be sending from so you can add them to your list but that solves only half the problem. What if you want to send an e-mail to someone that doesn't already have your address in their list - for example, a governmental agency that you need information from, would you be willing to pay to have your e-mail delivered? Maybe. Maybe not.

The net effect of this solution is to transform the Internet from being free to something you pay for. Perhaps this is a Good Thing and perhaps it isn't. But I can't think of a more efficient solution to reduce spam. The question is, is the solution more onerous than the problem? You decide.

Mozilla 1.3 went gold last week Thursday. Got get it at mozilla.org.

Opera 7.03 slipped out the door to fix a security hole (get it here). I don't know if the pace of security problems is increasing because of a loss of focus by Opera or because more people are taking a serious look at it and finding things that have always been there. It may be both, but I think it's more the former than the later.

Ever since 7.x first came out, I've been wondering if Opera is experiencing financial problems. No, I don't have any insider information nor am I claiming any kind of expertise. But it seemed to me that Opera shipped a product that was not ready and was obviously so. If this is true, then the question becomes why would you do that and the answer is economics. If you don't ship, you don't get money. If you don't get money, you don't exist. Obvious. What is not so obvious is that shipping product before it is good enough will, over time, decrease sales.

The Internet operates by word of mouth and good will. Ship a product before its time and the word of mouth will be bad and the good will evaporates. Now, in a monopoly, this doesn't matter. But in a world in which other browsers are available for the price of a download, you can not afford to operate with impunity.

Aloha!

It looks like it may be a never ending war against unwanted commercial e-mail. But my web host, pair.com, has finally gotten half-way serious about SPAM by installing SpamAssassin to filter out spam. I say half-way because there are other filters that can, after a period of time, reach a 99 percent accuracy rate, which SpamAssassin doesn't come close. I've talked about those filters before (see it here) so I won't bother recounting it.

Suffice it to say I am happy just to have something. Time will tell whether this service is useful.

For those using pair, and probably everyone else, you must first enable the filter by going to your server account and editing your mail settings. There are fairly clear instructions on how to do this by going to here. Once you have the server side setup you need to create a filter in your email client. The instructions for the common clients are here.

As the process suggests, SpamAssassin does not delete spam. What it tries to do is identify what may be spam and adds something like **JUNK** to the header. What happens to these e-mails are then up to you to decide. It is suggested that you set-up your mail client to filter on the keyword **JUNK** and automatically have them moved into a separate folder that you can check at your leisure.

Why not just automagically delete the e-mails identified as spam? Because no filter is perfect. Some e-mail that is not spam will be misidentified as such (Type I error). If you automatically deleted all such mail you would be loosing mail you actually wanted to read. Of course, if you try to avoid Type I errors, you tend to increase the probability of having Type II errors. That is, more spam could be let through the filter. As in many things in life, it is about balance.

For the first 10 e-mails I got after enabling SpamAssassin, seven were correctly identified as spam, two were correctly passed through, but one legitimate e-mail was misidentified as spam. I added the sender to the list of acceptable domains and all should be well. Depending on how many mailing lists you are on, it may take awhile to "train" the program to let through what you want.

Is it worth it to use SpamAssassin? Well, that's something only you can decide but one error in ten ain't bad. YMMV.

As you've noticed, the CSS on this site has changed back to the optional "Georgia Blue" layout. This is because former Daynoter Jonathan Sturm found problems viewing this site via Internet Explorer 6. I tried to duplicate the scrolling problem he had but could not do so. But I figured if he was having problems, other were also. So I went through a process of rolling back the site to the default template and worked forward to where it is now.

I may leave it as it or may decide to make a few modification which, I hope, will not break things again.

Aloha!

The self-install ADSL kit finally arrived yesterday. I say finally because Verizon said the kit would arrive in three to five days (yesterday was just short of one week). They even sent me an e-mail prior to yesterday saying I should have received the kit and they hoped I was enjoying the increased speed of their service.

In either case, the Westell Wirespeed ADSL modem, along with five phone line filters and assorted cables was left on the floor of our garage by the UPS person. I opened the box and read the three steps required to install everything: 1. Plug in the filters on all phone lines except the one to be used for the modem; 2. Plug in the input cable from the wall outlet to the modem, plug in the Ethernet cable from the modem to my router/firewall, plug in the power; and 3. Turn it on and reboot the router/firewall.

If I were using a Windows box step three would have been to install the software they have but since I'm running a Linux router/firewall the software would not work nor was it needed. As soon as I plugged in the power to the modem I got a sync on the ADSL side and as soon as the router/firewall was finished booting I had Internet access.

I love it when things work that easily. Nothing to change (other than the outgoing SMTP mail server address in my mail client). It just works.

However, the speed is not as fast as RoadRunner. The Verizon service is supposed to be "up to 768kbits/sec" down stream but, of course, that's not what you actually get. What I measured last night was a little over 600kbits/sec versus a little over 1000kbits/sec for RoadRunner (I used the service here to measure the speed, but there are others that would work probably just as well). This is consistent with what I reckoned I would get. In my location, RoadRunner is clearly faster. Much faster in fact. The speed difference is easy to see. But the purpose of getting the ADSL in addition to RoadRunner is to have a broadband failover service available when RoadRunner is down. As slow as ADSL is, it's still many times faster than dial-up at about 50kbits/sec.

Is it worth it to pay for two broadband connections? It is to me because Internet access is no longer just a nice thing to have, it is essential. But wouldn't it be cheaper to have a regular dial-up account for back-up rather than broadband? Yes, but the price difference between $25USD for dial-up versus $40 for broadband is so small yet the speed difference is so large.

In addition, at some point, I will get the Nexland Pro800turbo which provides load balancing between the lines. That is, downloads are split between the two lines such that it appears your connection speed is doubled. It's not, of course, but it has the effect of being so. And having the effect of a T-1, while paying much less, is a Good Thing. YMMV.

Business may be bad, but there are opportunities out there - if you look hard enough. One of those opportunities came recently to the University of Hawai'i (UH).

For you long time readers, you already know that the UH and the Mau'i High Performance Computing Center have some of the most advanced computers in the world. Some of you even know that what is now called Ethernet was first developed at UH.

So it should come as no surprise that the university is partnering with InfoWorld magazine to do a "shoot-out" between Internet equipment companies Foundry Networks and Force 10 Networks. The tests pit the companies' 10-gigabit Ethernet switches and routers against each other to determine which has higher performance and ease of use.

The upside for UH is they get to keep much of the equipment. The upside for the companies is they get bragging rights based on a disinterested third-party (as well as saving on the cost of having to contract out for their own independent testing). And the upside for InfoWorld is they get to publish the results. Sounds like UH could become a hub of testing activity.

Most of this one probably won't affect very many of you but if you are in a large organization and you have Microsoft volume 6.0 licenses, you better read this InfoWorld link here. In cases where one company is bought by another, your license may become null and void unless you give MS copious amounts of money.

But if you are a volume 6.0 licensee, giving MS copious amounts of money is something you are already used to.

Oh, the part about WMD, that stands for Weapons of Microsoft Destruction.

One strange thing I've noticed when I switch from the RoadRunner cable modem to the Verizon ADSL modem is that even after I reboot, doing an ipconfig /all says the domain is roadrunner and the DNS is road runner. But when I check the gateway/router/firewall, it correctly indicates the Verizon domain and DNS. Everything still works fine, but I wonder if Windows is actually using the RoadRunner DNS? Just to be sure, I manually typed in the DNS IP addresses.

For those poor souls that may need to do this, the procedure is:

1. On the desktop, right click "My Network Places".

2. Left click on "Properties".

3. Right click on "Local Area Connection".

4. Left click on "Properties".

5. On the "General" tab, scroll down to the "Internet Protocol (TCP/IP)" component and left click it.

6. Left click on "Properties"

7. On the "General" tab, click the radio button for "Use the following DNS server addresses".

8. Type in the addresses for your preferred and alternate DNS servers.

9. Click "OK" twice and you should be done.

I have to meet this morning at 7:30 a.m. with one of our interviewees for our capstone project so I gotta go.

Aloha!

Even though there is a looming employees' strike, and I said I would not be buying any toys, gadgets, critical network infrastructure items until after the strike, I came across the Hawking Technologies FR24 Dual WAN 4-port Firewall Router (see it here). No, it does not appear to be as robustly built as the Nexland Pro800turbo (see it here), nor as easy to set-up or use, but then it costs substantially less than $100 ($63 from Amazon.com) versus over $300 for the Nexland.

Time will tell whether this is a wise buy or not but it should arrive sometime late this week and I'll let you know more when I do. In either case, the point of getting a dual WAN port router is that it allows two broadband inputs. This should provide for failover capability should one or the other of the inputs fail. Thus, I hope for increased reliability.

The downsides? I loose my Linux-based firewall in place of the one built in the FR24. Also, the eight-port D-Link switch I was using goes out the window in place of the 4-port in the FR24. While making things less complicated is usually a good thing, having all my eggs in one basket, as it were, means a single point of failure could knock out everything all at once. So while I am gaining reliability as far as access, I may be reducing total system reliability. Again, time will tell how well it works and what the balance point is.

Secondly, having two ISPs apparently causes problems, at least with the Hawking, as far as bonding the two lines together. Hence, only one line will be in use at a time, rather than two. This means I can't double the speed, as I had hoped I could. Having said that, I may be able to work around this with software (see this here or here) but I will need to actually get the box in my hands and test to see if I can do this.

Finally, I've emailed and received responses from both Nexland and Hawking (full marks to Hawking who responded within an hour, on a Friday evening) to confirm that they can work with two different ISPs. If you think about it, there are some very serious potential problems with two sets of DNSs, mail servers, news servers, not to mention IP addresses. How either of these boxes work around that I don't know. Stay tuned and I'll let you know if it does, work that is.

Aloha!

The popularity of digital video recorders like TiVo seems to have gained momentum. So much so that now comes an OpenSource Linux-based competitor called Freevo (see it here).

I have not tried using it but it seems promising. The installation looks pretty straight forward but then, very little in Linux is straight forward. Yes, you need the hardware to run the program as well as get the TV signal into your box, but otherwise, it seems like it should work (famous last words - ed.).

There is even a Gentoo ebuild available for you Gentoo folks out there (you know who you are), although it isn't part of the portage tree yet. Go to the news page here and search for Gentoo to find the brief note. I don't know Gentoo that well but I assume the note tells you what you need to know to install, um, emerge it under Gentoo.

This is going to be a mini-review because I'm spending most of my time working on finishing my Masters in Public Administration.

As Internet access has become a necessity and not a luxury, so too has the need to have reliable service increased. However, even today, just having broadband access is something to be happy about. Hence, having two broadband inputs from two different providers is something even rarer still.

But as the price of broadband access decreases, and the service areas increases, reliability will become more of a concern. While it would be great if you could have so-called five-nine reliability (i.e., 99.999 percent), my own experience with RoadRunner is not even close to two-nines.

Perhaps one-day, Internet access will be as reliable as phone or electricity. But until then, you can either live with what you have, or do what I did.

First, know that this is not something new. The larger service providers use multiple routes to the Internet via different providers. The intent is to have diverse paths so that there isn't any single point of failure that can bring down the service.

So while the concept is not new, there aren't a lot of hardware out there for home users who want to do the same. If you are lucky enough to have multiple broadband access, you either had to switch things manually, or use one of the two devices below.

The Hawking Technology FR24 Dual WAN Broadband 4-port Firewall Router (see it here) is one of two consumer grade dual WAN routers (the other is the Nexland Pro800turbo - see it here). As with the large providers, the purpose of having a dual broadband inputs is to increase reliability through redundant access.

These devices provide automatic switchover should one or the other of your broadband sources go down. Note that you may need to reboot your clients PCs but otherwise, the switchover is seamless to the user.

Assuming here that anyone attempting to setup this kind of access knows their way around an IP address, setting up the FR24 is fairly simple. Turn off your modems, connect their outputs to the WAN1 and WAN2 ports. Plug in the FR24, turn on the modems and the connections are done.

Using the built in web server, you access the FR24 with a browser at 192.168.1.1. For me, all of the defaults were correct and most will probably be OK with you.

There is a setup wizard that takes you through the entire process starting with setting the time and date. Step 2 is confirming the routers default IP address [192.168.1.1], subnet mask [255.255.255.0], gateway [192.168.1.1], Network Address Translation enabled (part of the firewall), and port number for accessing the setup [80].

Step 3 has places for inputting host name, domain name, and MAC address but I don't need to set any of those and most people won't either unless your ISP requires this information or you are running a server. This step also asks if you want your DNS to be assigned automatically by your ISPs DHCP server (you probably do).

Step 4 is setting your WAN2 settings. The most important question is the criteria for switching over from WAN1 to WAN2. You can choose always disconnected (I guess for those who don't have dual access); switch over when the primary WAN1 is disconnected; or switch only when the primary WAN1 is busy (based on adjustable throughput levels).

From what I understand from Hawking technology tech support, if you have two different ISPs, you can only use option 2 above. They did not explain why, just that it is the only way it will work.

Assuming your client PCs are already stepup to get their IP addresses and DNSs automatically from DHCP, you are done. Reboot the FR24 and any client PCs currently online and you start surfing.

The above instructions will work for most people, but if your situation is more complicated, the FR24 should be able to handle your needs. For example, if you don't use DHCP in your local LAN, the FR24 can work with static IPs. If you have a server that needs access outside of the firewall, you can setup an DMZ. If you want to have your servers behind your firewall, you can map incoming requests to a designated host. If you use Microsoft's VPN access, the FR24 supports one user being able to pass through the firewall. If you need it, you can modify the routing table to fit into your particular LAN. And finally, if you use dynamic DNS, so that your server with a dynamic IP address can be reachable by domain name, the FR24 can be setup to work with www.dyndns.org.

So far, the only problems I've had is to remember to reboot the router and the clients when I make changes to it. Otherwise, it seems to work just fine. The only thing I have not had time to check is how well it works in switching over. When I get a chance, I'll pull the plug on the primary WAN1 modem and check to see if the switchover occurs as it should.

Aloha!

Linux, as a Windows desktop replacement, gets closer everyday to what it needs to be. Having said that, it's still not there.

I installed the latest offering from Red Hat (version 9) on my PC at work last week (after I first deleted version 7.3. You can, if you want, do an upgrade install but I've found, over the years, it's best to do a clean install because doing it seems to reduce the number of problems).

But first, the configuration of the PC is an old Dell Optiplex GX1 with a Pentium-II 333MHz and 384MB of RAM. I chose a kitchen-sink install to try to reduce the number of dependencies later on down the road. Note that you apparently need to choose the "custom" installation first, and then later in the install, when you actually choose the packages to install, you can scroll down to the bottom of the list and choose "full."

Be aware a full install takes a long time and 4.849GB of space. For me, it took about an hour-and-a-half to complete. I realize the PII is hardly a speed demon, but 1.5 hours? This, in addition to the 15 or 20 minutes to configure the install and another five or 10 minutes after the install for more configuration.

Then, having spent all that time, I find that sound does not work. This is strange because the installer found the sound card, I went through the configuration, but upon rebooting, the module fails to install. While sound is not a high priority in our work environment, this has been a problem with Linux from as long as I've been installing various version (several years now). This bug has been evident for so long one wonders if anyone even cares about fixing it anymore.

The other perennial problems also still exist. Printing is still a hit or miss kind of thing. Once again, the installer correctly probed the HP 2200, but did nothing with the information. That is, I still had to manually install the driver by identifying the printer myself. Further, I can't find anyplace where I can modify the defaults for the driver. As such, it prints duplex all the time. While this certainly saves paper, sometimes I just want to print as fast as possible.

Then there's Internet access. Our network administrators set up a DHCP server that gives out IP addresses. But that's all. No DNS, no gateway, no mail, no news, no nothing. From what I've been told, they did this because they didn't want just anyone getting access to the Internet. So we still have people whose PCs are hooked up to the Internet, but don't know that all they need to do is set the DNS and they could be surfing.

So, you say, how is that a Linux problem? Well, let's call it an installer problem. The installer assumes that if you check DHCP, you don't need to set anything. Which, in our case, is incorrect. Hence, when you first boot into Linux, you don't have access until you manually input the addresses for the DNSs. Perhaps a small and relatively unique problem, but a problem none the less.

As an aside, after typing in the IP address, I tried to shutdown to get the change to go into effect, but I got a segfault as I was doing that. Needless to say, the vaunted reliability and robustness of Linux takes a hit when you make one change and the system blows up. But I digress.

And the final major problem - fonts. Yes, they are a lot better than they were in version 7.3. But they still suck, when compared to TrueType fonts. I really don't know when this will be solved, but you really have to wonder why it has taken so long to be corrected.

Not related to Linux, but Red Hat itself is their update service. It's so over saturated that it is unusable two out of three times I tried. I don't know if the situation will get any better, but if you are paying for access to updates, but the service is so overloaded that you can't download what you need, then you have to ask yourself why are you paying for this?

So, is there anything good about version 9? Sure, it looks prettier. I've already mentioned the improved fonts, but the default desktop really is pretty. It's not any easier to use, and you could make a case for it being actually harder, but it does look smooth. Otherwise, I haven't used the applications yet, so I can't comment on that.

The bottom line is, if you are using version 7.3, it probably would make sense to upgrade to 9. But if you are at version 8.0, I'm not so sure this is worth the time and money. In fact, in my opinion, they should have just called it version 8.1 and given it away for free. YMMV.

The purpose of having a dual WAN router is to make the process of switching between inputs transparent. That is, should the primary access go down, the secondary should come on line with little or no intervention from users. At the most, those online at the time of switch over might have to reboot to refresh the DNS/email/news server IP addresses.

So when I got home yesterday I noticed the RoadRunner cable modem was not online. Great, I thought, a real world test of the Hawking Technology FR24 dual WAN router. So I booted up a PC and was disappointed that there was no Internet access.

I logged into the FR24 via browser and saw that it was still indicating no problems with the primary connection. So I unplugged the modem from the router, rebooted the router and the PC I was using and found the same problem. As far as the FR24 was concerned, the cable modem was still online, even though it was now physically disconnected from the router.

The next thing I did was unplug the Verizon ADSL modem from WAN2 and plug it into WAN1 at the same time manually configuring the DNS address in the FR24. Rebooted the router and the PC I was using and still no connection.

As a final step, I reset the router to all its default settings and then inputed the correct settings for the ADSL modem. Rebooted the router and the PC I was using and still no connection.

At that point, I unplugged everything from the FR24 router and plugged them back into the CoyoteLinux-based router I had been using prior to getting the new router. I booted the CoyoteLinux router and rebooted the PC I was using and all was well.

I sent off an email to Hawking Technology last night at around 9:00 p.m. local time asking them about this problem. It is now 7:00 a.m. (10:00 a.m. PST, 1:00 p.m. EST) and I do not have a response. I'll let you know if and when I hear anything. But if you are considering purchasing this router, please be aware there may be problems.

Aloha!

The need for speed. This story from MSNBC (see it here) seems to confirm what I've been saying about the relative speeds between cable modems and DSL. The report indicates cable modems are about two times faster than DSL (which is about what I got when I last tested the difference between RoadRunner and Verizon ADSL locally).

Unfortunately, the report says nothing about reliability of such service. For me, RoadRunner seems unavailable on at least a weekly basis and sometimes on a daily basis. So much so that I am seriously thinking of terminating RoadRunner. But before I do that, I want to see how Verizon does on a long-term basis. So I'll keep both for at least six months and see which is more reliable.

The search for the perfect PIM continues. Just out of the blocks is Chandler ver. 0.1 (see it here). Chandler is an OpenSource alternative personal information manager. Since it's just in its 0.1 release, it has a long way to go. But you may want to monitor it as it proceeds down the path to enlightenment.

Speaking of alpha code, it was 10 years ago yesterday that a group of students at the University of Illinois National Center for Supercomputing Applications started development of the Mosaic web browser. Read the story here about what hath Andreessen wrought.

Don't be surprised if you download a patch from Microsoft for Windows XP and find your PC drops to a crawl after you install said patch. This report here says MS is investigating but has not received widespread complaints.

We have about a week more before the first draft of our last paper is due so it is heads down for me. I will try to post as I am able but I can't say when that may be. Until then, feel free to check out the other Daynoters.

Aloha!

SixApart, the company behind the Movable Type weblogging system, is set to launch a new "hosted" service called TypePad. There isn't a whole lot over at the TypePad site but the story here gives some of the details:

Like its rival, Blogger, the new system will be stored along with the user's writing on a central server. This means that, for the first time, budding webloggers who want to use Movable Type - regarded as the one of the most powerful weblog-building systems - will not have to hire server space from hosting companies. Nor will they need to go through the sometimes difficult processes required to install the Movable Type system on their server.

It is expected that there will be three tiers of pricing, with varying levels of features and complexity. Pricing will be officially announced in May, with a public beta (or test) version being launched in June.

Sorry about forgetting to put the link in to the story about the MS patch that brings Windows XP to a crawl (CPU utilization spikes to 100 percent). The link is now in (see yesterday's post). I can also say there appears to be a similar problem with Windows 2000 although I'm not sure it's the same patch or another. I've been hit recently with a slow as molasses response times from two of my three Windows 2000 PCs. I say appears because while the patch was loaded on my PCs, only two of the three are affected and removing the specific patch doesn't seem to help that much.

Otherwise, the symptoms are the same. Changes to network settings slow to a stop. Virus software and ZoneAlarm abends. "Savings settings", when shutting down takes minutes to complete. CPU usage spikes to 100 percent.

At first, I thought virus or drive failure. But now that others are reporting this, perhaps not. YMMV.

Aloha!

So, there's two more days, as of yesterday, until our capstone thesis is due which, of course, means anything that can go wrong will. First, at work, the image on my screen all of sudden starting shifting up and down. What the heck? Then I notice the PC doesn't seem to be responding. No matter what I click on, nothing happens. Oh, great, says I. Just what I need.

But I quickly notice the problem is exhibited only when the mouse pointer is placed over a scrollable window. Otherwise, I can use keyboard shortcuts and all is well. Hmmm. I have an old MS Intellimouse in a drawer so I unplug the USB Red Eye Trackball (AKA Trackball Optical) and plug in a PS/2 plain Dove Bar mouse. And all is well.

So the end of the day comes and I copy my work files to a floppy to work on at home. I get home, open and edit the files. No problem. Until I try to save my work back to the floppy. It says here the write failed because the disk is write protected. Hmmm, no it isn't. Bother. I tried another diskette, I tried rebooting, I tried casting the entrails of a chicken to see which way to face to Mecca, but no lucky.

I figure I have a couple of choices: Shoot the floppy drive, use ftp to transfer the files, or email them. I chose the last two options and all is well.

Oh, by the way, I also stayed up all last night so I am about the go to sleeeeeeeeeee.......[snore]...[/snore]

Aloha!

Follow the link here to a quick alpha 3 build 4015 preview of the next version of Microsoft's Windows, codename: "Longhorn." This is still pre-beta but is described as having "sweeping changes over its predecessors and be the most significant release of Microsoft's desktop operating system since Windows 95." I dunno. All I know is what I see on the site and it looks a lot like XP. To use a tired phrase, the changes appear to be evolutionary rather than revolutionary. But again, I don't have a copy of it and so I can only comment based on what I see in the review. YMMV. Thanks to the good Doc for the link.

I've been farting around with testing the new Phoenix/Firebird/Mozilla browser and am getting to like it. I'm not sure I will switch from Opera/IE but Firebird has some good points (mostly borrowed from Opera, me thinks).

Fir' example, tabbed windows. I can setup a folder and place links to all of the Daynoters in it. Then, in one click, I can have all of the links open into separate tabs - ready for me to read at my leisure, rather than waiting for slow connections. Kewl. Not original, because Opera can do that, but kewl nonetheless.

In addition, all of the tabs make use of the favorite icon function, if your website is so enabled. And like Opera, there is a small window for typing in queries that are sent to google for searching on. Unlike Opera, it doesn't have ads, at least, not yet. You have to reckon that their business model will require the transfer of money from you to them at some point, but I guess that is down the road a bit.

Computer stores must love people who don't know anything about computers. At least, they must love the money they can separate from technophobes. For example, think of the non-technical person looking for a flatbed scanner. Now-a-days, scanners are dirt cheap. The local CompUSA has several HPs for less than $100 USD (not that I'm advocating buying HP).

No, you aren't going to be doing super high quality work with any of the sub-$100 versions and no you aren't going to be doing it very quickly, but they do the job for most people. So salesmen must fall over themselves when a naive person comes walking in saying: "Sell me a scanner. No, I don't know anything about scanners. No, I don't know what kind of software I need. No, I don't know what kind of output file I need. Just sell me something because I know I need one."

So, of course they sell him or her the $450 model that can scan in TRILLIONS of colors. Surely, trillions of colors must be better than mere millions. Right? Surely 2,400 X 2,400 resolution must be better than lowly 1,400 X 1,400. Right? Surely one that can scan transparencies and film is better than one that can't right?

But what if all you will be scanning is a sheet of paper with a signature on it? What if all the receiver wants is confirmation that you got their document and have signed it?

In that case, who the *%^! cares whether it can scan in 48-bit color or at 2,400dpi? All of that is irrelevant BS to make people think they are getting value for their money. I don't know who to be more angry towards - the salesperson for taking advantage of people or the buyer for not knowing enough to ask the right questions.

There are a lot of Linux command-line users who think its the best thing there is in operating systems (OS). And for what they use Linux for, they may be right. That is, they can run their web and mail servers for months without having to lift a finger and the total cost of doing so is low relative to other operating systems.

But when it comes to the desktop, things get a little more cloudy. Oh, these people still look down their noses at anyone who doesn't use Linux, but then, most of them probably don't earn a living by running a word processor or spreadsheet.

Those that do are the early adopters. These are the people that enjoy exploring new environments. To boldly go where no man has gone before. They seek out the challenge of getting the OS to do your bidding. To conquer it, to beat it into submission is sufficient justification to continue.

But for the rest of us, all we want our OS to do is run the applications that help us do our jobs. We don't care what OS it runs on as long as it runs.

The Linux adherents respond saying: There are thousands of applications that run on Linux. And they are right. But most of them are alphaware full of bugs. Of the few that are stable, many are not compatible in reading and writing file formats with what we use.

Still, even if Linux desktop applications were as stable, compatible, and usable as any other operating system - people still wouldn't switch to Linux, or any other OS, because they would have to learn a new way of doing things.

People do not like change that costs them something (e.g., time, money, or effort) but results in nothing more than a net of zero. Hence, if another OS is to catch on with the rest of the human race, it will have to much better than what people use now. Not as good. Not a little better. But much better.

It must be faster, more stable, backwards compatible, cheaper, and marketed better.

Otherwise, inertia alone will keep people from changing to it.

----------------------------------

Sorry for no post yesterday but I was down with a cold. I haven't been able to get much sleep because we were working on the second draft of our capstone thesis paper. We turned that in on Monday. This afternoon we will get feedback from our professor and probably do a third, and hopefully last, draft by this weekend. We have our work cut out for us.

Aloha!

The Register has a post here about another Microsoft Windows security update being pulled because it creates problems greater than it solves. The update cuts all access to the Internet because of an interaction with third-party anti-virus/firewall software.

This is similar to the last update, noted in my April 23rd post (see it here) where I made a brief mention about the problem because it seemed to be affecting one of my PCs. The problem could be resolved only after disabling the ZoneAlarm firewall that I was using. Essentially, the PC came to almost a complete halt while CPU utilization went to 100 percent.

The original 811493 patch I talked about has been reissued here. There is also a Knowledge Base 819634 article here.

I don't know when the latest problem will be fixed, but one must wonder about how much regression testing is done before these updates are released. I realize that there has to be a balance between rushing a fix to a security flaw versus testing the fix to ensure it does not create its own problem. But to modify the old saying; "If you can measure the number of errors you are creating, you are creating too many."

Aloha!

Sorry for the slightly late posting this morning. I wanted to install the latest update to MoveableType before posting. Thanks to fellow Daynoter Phil Hough for the heads up. This also reminded me to resubscribe to the MT listserv. I'm not sure why I stopped getting their notices but this was as good an opportunity as any to get back on the list.

Speaking of updates, Opera is in version 7.11 if you haven't downloaded it yet. I tend to use Firebird (notwithstanding some of the misguided people who don't get out much) more often then not now-a-days but Opera is good to use if I think I might need the heavy armor to back me up.

Speaking of armor, there was a popular pro-war email that made the rounds that purported to be between pro and anti-war supporters and how the reason(s) for the war kept changing (I did a Goole search to try to find it but was not successful). Well, now comes the other side. See the "What a tangled web we weave" here. I've said it before, Gulf War II had two public objectives: Kill Sadam Hussein and recover the weapons of mass destruction. So far, it is not clear that either have been achieved.

Have a Great Weekend Everyone - Aloha!

End of the road for IE? C|net has a story here that says Microsoft's Internet Explorer 6, SP1, is the last in the line of stand alone browsers from MS. The article quotes MS IE Program Manager Brain Countryman as saying:

As part of the OS (operating system), IE will continue to evolve, but there will be no future stand alone installations. IE6 SP1 is the final stand alone installation,"

I don't know if IE will continue as a stand alone application but if it doesn't, one has to wonder what that means as far as updates. That is, will you have to wait for the next version of Windows to get a browser with significant changes?

Further, with the browser integrated within the OS, what affect does that have on security? IE has not been the most secure browser so it may be reason for alarm to give it hooks directly into the OS.

Obviously, all of this is speculation but one wonders why the change?

Salam Pax Outed? The UK Guardian has an article here that says they have tracked down the "Baghdad Blogger" known as Salam Pax who blogged under the "Where is Raed" banner.

The Soldier is the Network This link here shows what the well dressed soldier of the future could be wearing. The uniform, called the scorpion ensemble, would make the soldier part of the network of battlefield data sources. Part of a collective, ummm, hive, if you will, where everyone is interconnected. No word yet if Microsoft will get involved or if Bill Gates himself will head the effort.

Aloha!

Three interesting computer related problems at work this week. The first two had to do with hard drives. Both PCs gave errors saying the hard drives did not exist. For the first, which is running Windows 2000 Pro, the solution was running the recovery console (boot off of the install CD and choose a recovery) and running chkdsk. Why that allowed the drive to boot I'll never know but apparently that is what did it.

The second PC did not even show that the BIOS was recognizing there was a drive plugged in. So opened the case up and fiddled with the power lead to the drive. Shaking the lead back and forth would bring the sound of a drive spooling up so I reckoned the problem was intermittent contact. I pulled that plug and put in one of the spares hanging from the power supply and all was well.

The third problem was WordPerfect related. Yes, there are offices that still use WP, especially in the legal profession. The symptom was you could not print. If you tried, two error messages would come up saying program files were missing. Strangely, if you clicked on a file, via Explorer, to print first, rather than starting WP and then opening the file, it would print just fine. A quick search of the drive found both "missing" files so that did not appear to be the problem. I checked the Corel WP site and found that one of the files needed to copied to the "Startup" folder so that it would be running before printing was commenced. And all was well.

I love it when problems get solved on the first try.

If this story doesn't make the hair on the back of your neck stand on end you must be dead. See the story here of the Internet worm called "Slammer" and how within three minutes of entering the wild the number of infected servers was doubling every 8.5 seconds. Thanks to Dan Gillmor for the link.

Good Night David.

Aloha!

I can understand the move, in other states, to outsource all of Information Technology (IT), especially since when any problems come up the typical response is to call in help from outside.

Internet access, here at work, has always been less than reliable. If it isn't the DNS, it's the firewall. If it isn't the firewall it's the gateway. If it isn't the gateway it's the router. If it isn't the router it's something else. All of which was installed and configured by consultants because our IT is not qualified and, what may be worse, doesn't seem to want to learn.

Moreover, literally every time we've requested information from the databases they run we get these long lists of reasons why we don't want to use their data. They give all kinds of reasons about how that data are not captured, or if it is captured it isn't reliable. Their solution? We should sit in court and gather our own data.

Sometimes, even if it ain't broke, you have to fix it. That is, if there is a department that should embrace change it is IT. The computer revolution is about nothing, if it isn't about change. Change in how we work. Change in how we play. Change in how we interact with one another. But as a user, I can say the common response from them is we don't want to change anything because we don't know how it works.

Not anticipating change is not an option. If you are in IT you must be proactive and boldly go where no one has gone before. You must test new technologies while they are still in beta so you will be ready when the time comes to decide whether to go or not go. You must become the experts so you can do the job of supporting the people that depend on you.

If IT isn't adding value greater than its costs, what is it good for? I wish I could say our IT people were the salt of the earth. And maybe I shouldn't complain because I don't know what conditions they have to work under. But what good is all the Internet hardware if they don't know how to run and maintain them? What good are the databases if we can't get reliable information out of them? How valuable are people who aren't ready for change and instead are major obstacles to moving forward? Think about it.

Aloha!

I'm still busy working on getting my new PC set-up so this will be short. After playing around with it for awhile, I got to the serious business of wiping the drive clean, deleting the partitions Dell has (including a hidden one where I think they install their diagnostics) and setting it up how I like.

This being the wonderful world of Windows, it came formatted in NTFS. This means your handy Windows98 boot disk with FDISK on it can't do a whole lot (since it boots into DOS, which doesn't recognize NTFS). So I used the install CD to do all the changes to the partitions creating two to replace it. The first partition is NTFS and will be where all my applications go. The second partition is FAT32 and will be for my data.

I do this for two reasons, first, having a partition with just data on it makes it a whole lot easier to backup what I want to backup; that is, the data. I don't care about applications because I have the CDs they originally came on so I can always re-install them. The data, on the other hand, is what I need to backup.

Secondly, God forbid I should have some kind of drive failure, but if I do, I may be able to access the drive by booting from a DOS floppy disk. If I do, DOS will recognize the FAT32 partition and I may be able to copy stuff off the drive that way. Of course, there are drive failures that even booting from a diskette will not be able to help, but at least I'm giving myself another option, one that has saved my bacon more than once. YMMV.

Aloha!

I 've talked before about the Hawking Technology Blackhawk FR24 Dual WAN firewall router. The intent of this box is to route two incoming broadband connections to one network. The reason for two connections is to act either as a backup, or if the connections are from the same ISP, split the load across two pipes.

As you may remember, I had problems getting the second connection to automatically come online. But recently, Dr. Pournelle's Byte column talked about how he was able to do this very thing with his FR24 (I wonder where he heard of it).

I figured if it works for him there must be a way of getting it to work for me. So I decided to do some experimenting. But first, the problem I seemed to have was with the DHCP of the FR24. If I manually released the IP addresses it would switch to the backup input. But what I wanted was the FR24 to switch automatically.

I reckoned if I tried changing over to using static internal IP address this might solve the problem. So I manually assigned addresses to the three PCs we have at the Seto Shack, disabled the DHCP in the FR24, noted in the FR24 that these were addresses to let through, rebooted everything, including the FR24, and Bob's your uncle, it worked!

Now, anythime the primary connection fails, the secondary automatically comes online (the FR24 checks the connections about every 30 seconds so it takes about that long for the change over to occur).

Life is sweet.

Tomorrow is an US holiday (Independence Day) so I will not have a post up. I hope you have a safe, but Great Weekend Everyone - Aloha!

Leapin' Lizards. I don't know what to make of yesterday's announcement that AOL would cut Mozilla loose and give $2 million USD over the next two years as start-up funding to a foundation (see the press release here). The foundation would be tasked with developing Mozilla. Left unsaid is what happens after the funding is used up.

Perhaps as an indication of what is in store for the lizard is this article here that says "...AOL has cut or will cut the remaining team working on Mozilla in a mass firing and are dismantling what was left of Netscape (they've even pulled the logos off the buildings). Some will remain working on Mozilla during the transition, and will move to other jobs within AOL."

Perhaps these are just two sides of the same coin but I hope Mozilla has a business plan that can take it into the future because I respect and value the fine work they are doing. Having said that, they must find another source of funding or this effort too will fade.

The computer revolution, to a great extent, has passed by the very people who need it the most. Namely, those in offices who could be more productive but are unable to grasp the power of the PC.

Note the power I'm referring to is not just the speed of processing in a PC. If it were that easy, all you would have to do is buy a faster PC and you would become smarter.

But it doesn't work that way. Bringing automation to the office environment is at least worthless, and possibly counter-productive, if you don't modify how you do things to take advantage of the leverage found in PCs.

Making electronic a process you do on paper may decrease the time needed to move the paper. But unless you rethink the process and how it could be integrated into an electronic environment, you are missing more than half the power of the PC.

But how can you modify your processes until you are trained in using PCs? For example, I recently configured and installed six new Dell Pentium 4 PCs. Part of the process is transferring the data and configuration files from the old PCs to the new. These files include word processing documents, spreadsheets, Internet Explorer favorites/Netscape bookmarks, email, and macros.

So I tell our people they need to copy off such files because,obviously, the new PCs will not have them. But all I get are blank stares.

Q: What do you mean they won't be on the new ones?
Q: Files? What are files?
A: Those are the documents, spreadsheets, or e-mails that you've created over the last four years with the applications you have.

Q:What are applications?
A: Those are the word processing, spreadsheet, and email programs you use to create documents.

Q: Where are these files?
A: They may be on your hard drive or you may have saved them to floppies.

Q: What's a hard drive?
A: It's a device that stores information that you want to keep until such time you erase it.

Q: Okay, why don't my files show up in the new PC?
A: Because you have to copy them from the old to the new as they will not automatically do so by themselves.

Q: Will I have to load Windows Explorer on the new PC?
A: No, that's part of Windows and has been so for years.

Q: Oh. Well, what about my UltraTurbo PDA sync software that I downloaded from the Internet?
A: That you'll have to install yourself. All I'm doing is setting up the office standard suite of programs. Anything beyond that you are responsible.

Once the new PCs were on their desks they looked confused.

Q: I thought you installed Microsoft Office.
A: Yes, I did.

Q: Well, where is the picture thingy on the screen that I click on to start Word?
A: Office does not place icons on the desktop. If you want to, you may right-click and drag these from the Start menu/programs listing.

Apparently, this was not explanation enough as several re-installed programs because they did not see the "picture thingy" on their screen (which they proceeded to clutter their desktop with because programs do not exist unless they can see it on their desktop). Even though these programs were already installed and configured. They then wondered why the programs weren't working right, seeing that they had just written over the configuration files with the new install. Sigh.

These are some of the questions asked by people here. These are not uneducated people. They are all people who have Ph.Ds and MAs. Two were even teachers. But these are people who clearly do not understand even the most simple of concepts regarding PCs. How then are we to become productive using devices we have no understanding of? How then can we be productive when we actively resist going to a new PC because we would have to learn a new way of doing something? Something that has taken us four years to become comfortable with?

Aloha!

As I understand it, fellow Daynoter Sjon comments below seems to be saying the answer to yesterday's problem with getting people to understand PCs is to not have any. That is, the answer is apparently to go back to using thin clients and centralized computers running, storing, and controlling all applications and its data.

There is much to be said for this approach. There is no need to install new software on each PC and the data is all stored on a central server. The need for user support can be reduced since everything is centralized and controlled by people who are trained to do so. In addition, using thin clients allows the creation of a virtual desktop in which you can login from any terminal anywhere on the network and see the same suite of applications and data that you have sitting at your desk. It's already being done as many people are using Microsoft's services: Hotmail and .Net.

So the answer is not necessarily a choice between one or the other. There is value in both.

But for me, they can take my PC when they pry it from my cold dead fingers. With all due respect to the people who toil everyday trying to support users who are dangerous with the tools they already have, the answer to ignorance is not more ignorance.

The power of personal computing is a distributed power. It is democratic. It is entrusting the user to understand better what they need to do their jobs than a well-intentioned technician in an office two towers away. It is a realization that centralized planning, for the most part, has not and does not work. It gives voice to the user in a time where the opportunity for conversation is in mortal danger.

No, the answer to yesterday's problem is not to take away the very tools needed to do our jobs. The answer is education. Teach people how to use PCs. Then teach them to think about the processes they apply during the workday and reflect on how they could be modified/deleted to leverage the power of the PC. In other words, how to become not only faster in processing what they do, but doing it in a smarter way. A way that streamlines or totally eliminates steps.

For example, cases filed in court used to be registered by writing their names in a ledger. If anyone wanted to know what was filed, you had to consult the ledger. When mainframes came along, applications were written to computerize this so that everyone who had access to the mainframe had access to this database. While this certainly was a Good Thing, productivity did not rise very much because all that was being done was transferring the process from one medium to another.

But productivity really soared when people had PCs on their desks and could use them to download the data and then fold, spindle and staple it into information that could be used. Where they could take data collecting dust and use it as fuel to power the engine of change. Where ad hoc queries could be done instantly rather than requiring a SQL programmer to code a request and return the result sometime later that year. All of sudden, information that could be used to make good decisions became available. But only by those who had the tools and the knowledge to use them.

In summary, there are applications and data that make sense to be on a centralized server. But at the same time, there are other applications and data that allow productivity gains only when located on a personal computer. What is needed is the knowledge, and perhaps some wisdom, to the determine which belongs where and how best to use it.

Aloha!

Firebird 0.6.1 Mozilla released what they describe as a "minor bug-fix release" recently. Fixed are: The auto-complete crash bug, the DOM security restriction bug that broke many bookmarklets, contentEditable support, brushed up default theme, including updated toolbar icons, and a new application icon. If any of these bugs have bit you, you may want to visit their site here.

Inductive Reasoning The Mitsubishi Electric Research Laboratories site has an interesting page on something they call iGlassware (see it here). It is based on the following:

Since restaurants often make much of their profits on drinks, it is critical for servers to offer refills in a timely fashion. We propose wireless liquid level sensing glassware to aid in this task. Specially instrumented glassware detects fluid levels via a high-resolution capacitance measurement. A coil embedded in the table inductively couples power to the glasses, and provides a path for data exchange. Our prototype glass uses a standard microprocessor and a small number of passive components, making it extremely inexpensive.

Don't ask me if this is for real or a very well done hoax, but it's interesting nonetheless.

I've got a busy day ahead so I gotta go.

Aloha!

I seem to have a never ending battle with our IT people. Right now, two things are bothering me, both involving e-mail.

The first is the smaller of the two and involves how the Lotus Notes server is setup. Currently, we have to use the proprietary (read that expensive) Lotus Notes client to access the server. Although the server can be setup to use the widely accepted POP3 and SMTP protocols, our IT people would rather tie us to the proprietary software from Lotus. While this does allow us to use the "features" of Notes, such as calendaring and such, it comes at a very large cost (about $100US per license vs. no cost for any POP3/SMTP mail client and, of course, about $50,000 for the Notes server license). In these times of economic downturn, one has to wonder which is more important, calendaring or saving tens of thousands of dollars per year?

The other thing relates to domain names. Our current domain is courts.state.hi.us. As far as I know, it is compliant with the standard naming conventions for non-federal (US) governmental agencies. While all government entities in the US, through about 1994, used the .GOV top-level domain, I think it changed to having only US federal agencies to use .GOV and all other government agencies to use the .US domain. This is based on RFC 1581.

I don't know if things have changed since then, but as far as I know, it hasn't. If it hasn't, I have to wonder why we are beginning the process to change from .US to .GOV? I contacted the head of our IT division and he said we are just following the Hawai'i Executive Branch which has already changed over. When I asked him what RFC or other Internet standard this was based on he said he did not know and referred my to the Executive Branch person in charge of that change.

If anyone can point to anything that says, one way or the other, which domain state government agencies are to use I would appreciate it. Thanks in advance.

Aloha!

Many of the people who work at Microsoft are smart and insightful. I know this because some of them have their own blogs and you can see for yourself. I also know that Bill Gates did not become a billionaire by hiring dumb people.

So one must wonder why, after all the hoopla about stopping everything to do security scans of their software, we continue to get the buffer overrun security threat of the week (see MS Security Bulletin MS03-024).

On average, there is almost one security bulletin per week. No, not all of them are considered "critical", unless you happen to bitten by one of them, but I'm really concerned about known problems with unchecked buffers.

I haven't done any analysis of the number of these programming errors versus how many were being found prior to their review, but I seem to recall there is audit software to check for these problems. If this is true, then why are there any buffer overruns at this point?

I can only conclude that as long as MS doesn't take this seriously enough to audit all of their software that this will continue to happen.

Hence, this can but only accelerate the rate of Linux adopters who want to get off the security merry-go-round that MS seems to be on.

Speaking of Acceleration. Verizon finally got around to increasing my ADSL speed to 1.5mb/sec yesterday. Of course, I don't actually get that in real use, but I've been averaging about 1.2 to 1.3mb/sec and that is a noticeable increase over the 768kb/sec I was getting before.

So, as I've noted before, if you are a Verizon residential user at 768, call Verizon tech support and ask them to check if your line is qualified for the higher speed, if so, request the upgrade as there is no additional charge (at least here in Hawai'i) for the higher speed.

As to yesterday's post about my pager, the second tier tech support has not contacted me so far. I will give them until the end of today, if they haven't contacted me by then, I will terminate my pager service.

Aloha!

A website I read every once-in-awhile asked if it was okay to Google someone they were thinking about dating. In turn, the question got me to thinking about the bigger question I've talked about here before. Namely, privacy and the Internet. Below is, in large part, my response to the question.

There is a lot of information that is considered to be in the public domain. For instance, vital records such as births, deaths, marriages, divorces, and bankruptcies are routinely reported on in the newspapers. But when this information is compiled into a database, as it is when a search engine comes across it, creates troubling new questions:

1. Is it moral/ethical to do an Internet background check on someone regardless of why you are doing it?

2. What expectation(s) of privacy do we have relating to public information on the Internet?

3. Does the Internet bring both unprecedented access to information and, at the same time, presents new challenges to individual privacy?

As with any tool, the Internet can be used for many purposes. I know when I first got on the Internet I searched on my name and found at least two others (one in Canada and one, I'm not sure where, but he seemed to be associated with stocks/bonds/securities/banking so maybe New York?). I did this without any purpose other than pure curiosity.

But as I got more familiar with the Internet, I became concerned that maybe there was a little too much information out there in forms that made it easy for anyone to lookup. For instance, many states allow companies to put their entire phonebook listing up on the 'net. This is fine as long as you have an unlisted number, but not so fine if you don't and you start getting calls from tele-marketers. In fact, you can type in a phone number (xxx) xxx-xxxx and if Google finds a match, will display the name, address, and link to Yahoo! Maps or MapQuest to show a map of exactly where you live.

A second example, when you register an Internet domain, you have to fill out a form that asks for your contact information such as name, address, and phone number. All of this is available on the Internet. Is this a Good Thing?

So, I began to try to limit the information that I had control over. First, no listing in the phonebook. And secondly, I changed the contact information for the domain registration for my website to a PO Box and fictitious phone number.

I realize I may be a little paranoid about this, but it is truly amazing that public information, in printed form, that we didn't give a thought about now becomes a whole different subject when it becomes available on the Internet.

I'll let you decide what public/personal information you feel comfortable with on the Internet and how it may be used but, as for me, it just gives me the creeps.

Aloha!

Life is but an illusion. Go to this page here to see some unreal optical illusions. The page is kind of big and the bits are coming from Japan so be patient and all will be revealed. Although, not all of the illusions work for me, the first "Rotating Snakes" is pretty cool.

Otter: I think this situation absolutely requires that a really futile, stupid gesture be done on somebody's part!
Bluto: And we're just the guys to do it.

The above quote has nothing to do with anything other than I was over at Amazon.com getting something for SWMBO (shh, it's a secret) when I accidentally added the item to my wish list instead of the shopping cart. I did not realize this until I went to checkout and couldn't find one of the items I thought I had ordered.

By applying my superior powers of intellect (i.e., pure luck - ed.) I deduced what I had done and deleted the item from aforementioned wish list. Unfortunately, I didn't want to have a wish list account but I guess the fact I had added the item to it will forever more mean I have one. No, there's nothing in it nor will you find any other information there.

But this got me to thinking (a novel experience, to be sure - ed.) and I decided to checkout what the other Daynoters may have on their lists.

John Doucette's name came up for five lists but none were in Canada. I bet John didn't know there were so many of him running around.

Chris Ward-Johnson, of St Felix de Pallieres, France wants a copy of "Desserts from Your Bread Machine: Perfect Every Time: Cakes, Cookies, Pastries, Doughnuts, Sticky Buns, and Other Recipes You Never Thought You Could." Yup, I'd guess that'd be our Good Doctor K. Although I wonder where he's been since he hasn't posted for awhile.

Brian Bilbrey's name came up once but was listed in Kentucky. I don't think our Brian has moved that far south but who knows? If so, someone should tell Sally before she starts wondering what happened to her human tennis ball chaser.

Steve Tucker must be a popular name because 25 of them have wish lists. I don't know if any of these are Daynoter Steve's though.

One Dan Bowman of Modesto, California is wishing for "Embracing the Fear: Learning to Manage Anxiety and Panic Attacks". Things must be a bit tense over in the Central Valley.

Ben Ator has a passel of paperbacks too many to list.

There are four Moshe Bar's out there wishing you would buy them stuff and four Frank McPherson's.

There are three John Dominik lists, two of which are located in Minneapolis, MN. Each of the two in Minnesota (The Cadillac Engine State) have geek enriched stuff like "Teach Yourself MS SQL Server 2000 in 21 Days" and "Mac OS 9: The Missing Manual" so this indeed could be our man in Minnesota, don'tcha think?

The thing about wish lists though, if people don't know you have one, they probably won't buy anything from it. In addition, some of the lists are quite old, and if anyone actually wants any of the stuff on their list, they should update it.

Correction to yesterday's post. I have to plead massive stupidity for calling Jasc Paint Shop Pro, Photo Shop instead. I don't know why I did that, other than as a test for reader Jon Barrett (which he passed with flying colors). In addition, Aussie Don Armstrong (G'day mate) reminded me of another program that I should have considered: IrfanView. I'll try to take a quick look at it when I find the time but what I like about Paint Shop Pro is its one button "Enhance Photo" that runs a macro script which automagically adjusts the color balance, contrast, saturation, smoothes, sharpens, and clarifies the image. All I had to do was some minor adjustments here and there. This saved me a lot of time. Speaking of which, I'm out of time so I gotta go.

Aloha!

Not much going on over in the Seto Shack. As an update to the never ending list of domestic things to do: I finished painting the interior of the front house and am now working on cleaning it from top to bottom. I hope to be able to get it rented in about a month or two. In our back house, where we live, the bathroom upstairs is still waiting for the plumber to schedule work on replacing the leaking shower. It won't get scheduled for at least a couple more weeks and in the mean time, we will have to use the shower in the front house since the shower downstairs is also acting up.

As the number of pages on our intranet site at work has increased, an easy way of getting to pages became critical to its use. We decided to attack the problem with three different tools. The first was to create a "Yahoo" style index page that listed the various major categories of what the web site has. By doing this, you can get to where you want in one to at the most three clicks. The second tool was to create an index, like you have in the back of a book. Using the index will get you to any page in no more than two clicks, and for the most part, in one click. The last tool was to create a site map.

While the person who created the index was willing to code and maintain it by hand, I wanted to find something easier for the site map. I first tried to find an open source solution but whatever I found seemed to be keyed to running on *nix and Perl/Python. Being that our server runs Windows and IIS, all would not work without substantial editing. By the way, if someone says you can convert a non-trivial Perl program written for Unix to Windows with minimal changes, run as fast as you can away from this person because they are clearly mentally ill and don't know what they are talking about and have never actually done what they say can be easily done. This is especially true when it comes to dealing with how the two operating systems represent drives, directories, and even forward or back slashes. They are just not compatible and I've never seen anyone come up with a How-To that lists all the differences and how to program around them.

Being that as it may, I ended up buying a rather expensive program, for what it does, called SiteXpert (see it here). It costs $65USD and runs on Windows. You can point it at a page and it will spider the links on the page creating a site map with very little work on your part. Note this is different from a program that just lists the HTML pages linked to another. SiteXpert will follow all links and display said links in a hierarchical display. This is critical to us because we have pages that have links to Adobe PDF files. We want these files listed on the site map. Yet most site map programs ignore links to all binary files such as, but not limited to, pdfs and doc files. Why that is so I don't know but it appears to be almost universal.

So, if you need a Windows program that spiders all types of links, this may be the one for you.

Aloha!

I went over to Wil Wheaton dot net and saw a Flash based tribute he put up on September 11th. I got to wondering how to create a Flash file so I went over to the Macromedia site to take a look.

Unfortunately, the cost of the software ( $499USD) is prohibitive to all but people who make a living at doing this. So, of course, I looked for alternatives. While I could not find an Open Source program, I did find something that was substantially cheaper.

It's called SWiSHmax (before you ask, no, I don't know what it's supposed to mean. But you have to wonder...) and costs $79.95. I have no idea if it has the full functionality of the Macromedia original but it can do some interesting things.

I created a text only Flash program that is only 8KB in size. Feel free to follow the link here if you want to see it. Of course, you will have to have the free Flash viewer plug-in already loaded otherwise you won't see much.

In addition, I'm not sure how to display the file using standards compliant HTML so I am using what Wheaton used. If I can figure out how to code it without using the deprecated <embed> tag I'll re-do it.

Speaking of Streaming Media, here's IP over water. As in using water as a medium to transmit information between computers (follow the link here).

H2O/IP functions in a similar way as TCP/IP but focuses on the inherent viscous properties of water that are not present in traditional packet networks. The StreamingMedia demonstration of H2O/IP is as an installation of two computers at different heights where one captures an image and transmits it to the second computer in the form of modulated water drops. The project attempts to show how digital information can be encoded and decoded into organic forms to create a physical network between digital devices.

I'm out of time so I gotta go.

Aloha!

I'm at home again today and will be so tomorrow and Monday. Sigh. While the plumbers and tile guy did show up yesterday, they are AWOL this morning. One just called to say they will be here this afternoon. No word yet from the others.

I also noticed that these plumbers all seem to be interconnected or at least farm out work to others when they are busy. I've had two calls from the original plumbing contractor but neither shows up on caller ID with that name. In addition, guys arrive in vans with names on the side that are not the name of the contrator we are supposedly dealing with.

This makes it very difficult to keep track of who is doing what and, should the need arise, who to go after.

Oh well, what's a person to do?

Aloha!

The Internet Corporation for Assigned Names and Numbers, asked VeriSign to "voluntarily suspend the service and participate in the various review processes now underway." The "service" in question is the redirection of requests to domains that do not exist to VeriSign's own servers.

Said servers give you other possible spellings for the domain you were looking for as well as links by categories. There is also a "Search the Web" box.

The polite response from VeriSign was to say they will continue to do what they want but are willing to take a meeting to discuss things. The English translation of VeriSign's corporate speak is "Bugger off."

Note the privacy policy of the page states:

We use third-party companies to serve paid and unpaid search results and other content to our Site Finder. In the course of serving these results, these companies may place or recognize a cookie on your browser, and may use information (not including your name, address, e-mail address, or telephone number) about your visits to this and other web sites in order to serve content to our site, improve the services offered on our site, or measure advertising effectiveness of paid search results. For more information about this practice and to know your choices about not having your information used by these companies, please visit http://www.content.overture.com/d/Usm/about/company/privacypolicy.jhtml.

See the ICAAN site here for the request and VeriSign's response.

The Power of 1,000 Monkeys. Over at Virginia Tech, they're creating a 1,100 PowerMac G5 cluster "super computer." I'm not sure using Apple computers is the most cost efficient way of doing it but I guess they think so. Take a look at the site here.

Speaking of Monkeys. Our IT folks switched over to Netware 6.x while I was on vacation (without letting me know, of course). Unfortunately, this broke the MS Client Service for Netware that we had been using since the MS client was faster and more stable than the Netware offering (Yes, I know, hard to believe but I think this reflects how bad the Netware client is more than how good the MS one is).

I searched the MS website to see if there was anything on this. But, in doing a search on "Netware 6" or "Netware 6.x" it did not bring up any Knowledge Base articles at all. Strange. Surely there must be something, unless our IT people are doing something to lock out all clients except the Novell one so that they can "manage" our PCs.

If so, with due respect to our fine IT folks, we do not want, nor do we need them to manage our PCs. We do very well without their "support". We had anti-virus software and firewalls running on our PCs years before IT got around to even thinking about such things. We were running MS Office years before IT got around to recommending it over WordPerfect. We began running Windows 2000/XP years before our IT had a copy to try out. We advocated for joining the 20th century, before the 21st was over, by installing Ethernet instead of the over-priced, proprietary, and difficult to get IBM Token-Ring NICs.

In other words, we don't need no steekin' IT office miles away to tell us how to best do our work when they are so behind the times that they think IBM/Lotus Notes is a cost effective way to get e-mail.

To our IT, change is something you get when you buy something with cash. Otherwise, change is something to be avoided. And if you can't avoid it, contract a vendor to institute the change because they (IT) don't have the expertise to implement nor manage it.

If you ask me, doing business this way will lead to the logical conclusion of contracting out all of IT since they can't do anything useful now. Except maybe "manage" PCs.

Aloha!

Filtering spam probably will never be 100 percent effective. Why? Because it is possible to create an e-mail that does not use any of the standard spam techniques but still get its message across.

For example, I got one last week that scored 0.0 in SpamAssasin. That is, as far as SpamAssasin could determine, there was nothing to indicate it was spam.

Even the text seemed to say that the sender had found a broken link to their site on one of my pages and would I like trade links with them by just clicking on the handy HTML link at the top of the e-mail?

Of course, I had no such link to their site and clicking on their handy button would just confirm that they had reached a live e-mail account that they could then sell to other spammers.

So, what to do? I don't know. All I can say is the most effective deterrent would be one based on economics. That is, one that makes it cost more to send spam than the income they get back from it.

When someone figures how to efficiently do that, they will be crowned king of the world.

Opera 7.2 is Gold. The latest version of the Opera browser went out the door recently (get it here). While I seem to be using Mozilla Firebird as my browser of choice right now, Opera still has it uses. For example, when I think I need a hardened, bullet-proof browser to wade into enemy territory, it's Opera I turn to lock and load (mixing metaphors). Yes, Firebird may be faster, but how secure is something that hasn't even reached the 1.0 release yet? Especially one that specifically states it should not be used for mission critical tasks!

So when the going gets tough, get Opera.

To the Moon. Speaking of going places, the European Space Agency is set to launch their first probe to the moon. The SMART-1 (Small Missions for Advanced Research in Technology) propulsion system includes a main ion-drive engine powered from a solar cell array. See the story here.

One Correction from yesterday's post on the Apple array. I did not realize that Virginia Tech was looking only at 64-bit processors (Thanks to Ken Scott for the information). As such, the cost of the G5 is probably (although I have not checked this) lower than the alternatives they looked at.

Of course, as Sjon pointed out to me, they could have also looked at AMD. In addition, as I understand it, the point of a massively parallel array is to use the power of as many nodes as possible. Regardless of whether they are 64 or 32-bits.

For example the Maui High Performance Center Linux SuperCluster uses 260 nodes with a pair of Pentium IIIs per node. At the time of its power-up, this cluster was the worlds most powerful array there was and, for all I know, still is.

It seems to me that if you spent less money on getting 64-bit processors and instead got a bunch more of cheaper 32-bit ones you would reach a point of higher total power. On the other hand, what do I know? I could be wrong and Apple will reign supreme in the 64-bit super computer world. Not.

Aloha!

Segway Lite. This guy here decided he wanted a Segway but didn't want to spend $5,000USD to get one. So he built his own.

Ctl-Alt-Del. This guy here was the guy who gave the world the three fingered salute. The article is short but gives some general background into the man who came up with the common key combination that everyone now uses.

Novell 32 - Dan 0. My problems with the Novell client continue. As a review, we have servers running network operating systems (NOS) from Microsoft, Novell, IBM, DEC, and Wang (Last time I looked, there were about 50 servers, including IBM mainframes.).

Each NOS has its good and bad points. But each requires the loading of client software to login and interact with the server. Some of these clients are fast and easy to use. Some aren't.

Up until one of our servers was converted to Netware 6.x (the latest version), I used the Microsoft Client Services for Netware (CSNW) that comes with Windows 2000/XP to access our Novell Netware servers. The MS client is fast, bug free, and works great with Netware 4.x and 5.x.

Compare this with the official Novell client that is full of hundreds of bugs and causes all manner of problems with my copy of WindowsXP. For example, boot time is increased by a factor of at least three. Accessing Netware servers went from almost instantaneous to 20 seconds. Running applications, especially MS Office (what a coincidence - Ed.) on a Netware server is a great excuse to go get a cuppa while you wait for the hour glass to clear.

Once the Novell client is installed, uninstalling does not clear the problems. The only thing to do is to reformat the drive and install everything, except the Novell client.

But in my case, if I don't use the Novell client when connecting to a Netware version 6.x server, the MS CSNW does strange things. While you do get logged in, drive mapping does not seem to occur. Yet, if you manually map a drive to a volume, the other drives magically appear. I don't know why this is happening but I guess I'll be reformatting my drive and starting over.

All I can say is Novell makes a terrific network operating system. But their client software blows chunks leaves much to be desired. Sigh.

Aloha!

JavaScript is a tool that some programmers use to build web sites. However, as with most tools, they can be misused. I don't know the exact number, but there appear to be numerous JavaScript-based security exploits. Said exploits take advantage of "features" that may include the running of arbitrary code.

Hence, many security minded users simply turn JavaScript execution off as this is the only way to have a 100 percent barrier against this kind of exploit.

So, what is a JavaScript programmer to do? If you use JavaScript you are guaranteeing a certain percentage of your site visitors will not be able to use your site as you intended it. For a commercial site, this translates into lost business. As Martha would say, this is not a Good Thing.

One solution is to use the tools that XHTML and CSS have.

For example, this site here created accessible image tab rollovers without the crutch of JavaScript. Now, I am the first to say that using CSS opens up a whole new world of browser incompatibility. But what it doesn't do, as far as I know, is open your PC to l33t hax0rs to ownz U.

I am glad that people are making imaginative use of the tools to work around JavaScript. I wish more would do the same. If they did, the cyber world would be a safer and more accessible place.

Mail Call

To: Dan Seto
From: Sjon Svenson
Subject: Novell ...
Date: Thu, 02 Oct 2003 05:11:58 -0700 (PDT)

Novell ....
I think I now know what you mean. I took my PC (NT4) to a client that runs a Novell network. Of course I couldn't connect so we called a support guy from the client. He started installing a netware client. For some reason that didn't turn out right. Yep, by noon I was back in the main office with a PC where no one could log on to anymore.

ps. I'm not on my own box now so I don't have your eMail address (I don't even have a mail-client installed). And I don't know it by heart. But hey, you have a 'contact me' on your page so I pulled your address from the HTML source. Yep, simple and easy ... I did crack it without using tables or looking up codes though ^__^

Kind regards,
Svenson.

---

From: Dan Seto
To: Sjon Svenson
Subject: Re: Novell ...
Date: Thu, 2 Oct 2003 06:29:02 -1000

I think the problem with Novell goes back years to the DOS wars when they tried to compete against MS DOS by pushing, I think DR DOS. As I recall, MS did not take kindly to that and thereafter refused to help Novell with the code needed to access MS networks.

Unless I'm wrong, it was about then that MS started writing their own client. As it turned out, MS did a better job of reverse engineering the Novell client than Novell did of reverse engineering Windows...

Glad you were able to decipher the encoded mailto. It usually works just fine when you have a default mail client installed and click on the link. Otherwise, as you probably saw, if you hover your mouse cursor over the link, it's almost readable (it's encoded to try to slow down the spammers).

Aloha!

It's Friday and I'm going to be reformatting my hard drive to get rid of the last vestiges of the bug filled Novell Netware client. I suspect the slow down in speed I'm experiencing is related to the hard drive read cache either being disabled by the client or at least substantially curtailed by it.

In any case, if it wasn't for our bug filled, expensive, and bloated Lotus Notes, I wouldn't need to access the Netware servers at all. In fact, if the sloths hard working individuals who run the Domino server would just turn on POP3, and maybe the web interface, I wouldn't need the Netware client nor the Lotus Notes client because I could use OpenSource IP compliant web apps instead of proprietary crapware (Perhaps there is a connection between business monopolies and quality of output? - Ed.).

So I will be offline for the better part of the day as I reformat and reinstall what I need.

Have a Great Weekend Everyone - Aloha!

Reverse Engineering. Windows is rife with ways to install viruses but probably the easiest way is to trick the gullible into installing it themselves. For example, over the weekend, my inbox was filled with e-mails supposedly sent from Admin, Security Support, Network Security, Security Division, and Security Department. Of course, none of these we sent from any such organization. Of course, all of them had payloads packed waiting for me to click on them to unleash their viruses.

For your information, some of the subjects of these e-mails are: :Undelivered Message: User unknown, Bug Announcement, Current Net Update, Last Microsoft Security Patch, Latest Pack, New Upgrade, and new internet critical update.

I'm sure the regular readers (all 12 of you - Ed.) of this page are not fooled by these people but maybe you can spread the word and help the less fortunate help themselves by not falling for these e-mails.

Engage. Most 'net savvy folks realize by now that the guy who played Ensign Crusher on the TV show Star Trek: The Next Generation bears no resemblance to the character he played. I mean, he's an actor. Actors play parts that are not necessarily similar to themselves. So it should not come as a surprise that columnist Dan Gilmore has a nice write-up (see it here) on now author/actor Wil Wheaton (see the Wheaton site here).

InstallShield Bug. A bug that I had heretofore not seen cropped up yesterday. It seems there is a problem with the InstallShield program and MS Outlook/Outlook Express. When you install a program with InstallShield, the progress bar may proceed until it reaches 99% and then seem to hang.

Letting it sit there for a couple of minutes may have the install start up again but another work around is to shut down Outlook/Outlook Express (and any mail proxies you may be running). I don't know why this occurs, only that yesterday was the first time I've seen it.

In any case, keep this in the back of your mind if you should have problems with InstallShield.

And Finally. For those of you in California, it's election day. As always, get out there and vote early and often. If nothing else good comes out of this, it does hold politicians accountable and responsive to the people. So make yourself be heard.

Aloha!

I'll be at home tomorrow. The plumbing contractor will be sending people to fix the vinyl flooring, paint the drywall, and patch the scratches put into our new tub by the tile guy. We hope these people are professionals but given the performance of the other sub-contractors I am not very hopeful it will turn out that way. Sigh.

In any event, it is unlikely I will be posting tomorrow unless something really, really big comes up.

Good Stuff for Geeks. If you are in PC support and want a small utility that tells you what the Microsoft error codes are, then this one is for you. It's called "Error Messages for Windows" (full marks for originality) by Gregory Braun and can be downloaded here. You can either type in a specific error code and get what each means or you can get a listing of all error codes and print them out.

Sun's StarOffice 7 Office Suite is set for release next week Tuesday (14 October). But you can get the evaluation version now from Sun here. StarOffice, as opposed to its little brother OpenOffice, is not free. The MSRP is $79.95USD. Only you can decide if the benefits are worth the cost so try the evaluation version to find out. Or not.

Over at ThinkGeek, they have the perfect thing for CubicleWars: the wireless color mini video cam mounted on one of the tracked rovers (see it here). Just the thing to scope out what's happening around the next bend.

If that doesn't get your geek meter pegged, then check out the Lian-Li PC case with a built in aquarium (see it here). I kid you not. An aquarium built into the aluminum PC case. The kit includes fish, air pump, cathode light, and mounting accessories. Water not included.

And finally, for the US Geek who just has to know what time it is comes the Casio Waveceptor wristwatch that receives its time signal from the atomic clock in Fort Collins, Colorado. You have to be within 2,000 miles of the atomic clock to get a signal but if you are, there aren't too many watches that will be more accurate than yours. At least, not at $39.95. See the watch here.

Aloha!

Spamming MT. I got more spam in the "Comments" section (I use MovableType (MT), the content management system for my blog) yesterday. This, even though I had turned off comments so it should have been impossible to create anything new. So I made some other changes to try to keep the spammers away. Unfortunately, this means past comments will no longer be viewable.

I am very disappointed that MT has apparently done nothing so far to close these obvious security holes. Others, stepping in to try to solve the problem for MT, have added modules that blacklist IP addresses but as we know from trying that with e-mail, you are fighting a battle you can't win because the addresses will change as fast as you can block them. As Simon from American Idol would say; "Pathetic."

But what is really strange is I don't know why spammers are focusing on blogs because, so far, the comments are showing up in posts months old. Hence, no one would see them unless one were to go back that far and, in any case, I delete the spam within 24 hours. So, it is highly unlikely anyone would read any of their drek, even if they wanted to.

However, if the spammers leave any more comments I will stop using MT and go back to how I did things before as this is really making me angry. They have no right to post their commercial crap on MY site. I decide what is posted here, not them. This shall not stand.

Speaking of Spammers. Wired has a chilling story of how a Polish group of hackers is claiming to provide untraceable websites. Don't ask me how they are supposedly able to do this since, as far as I know, this shouldn't be possible. But apparently, if the story is correct, they have a way of screening their spam sites from the usual tools used to identify who is behind a site (e.g., traceroute and whois). See the story here.

Almost Home. The repairs to our bathroom is almost complete. The painter came and repainted the drywall of the ceiling below the shower that leaked. Then, the floor guy came to patch in some flooring where the old shower/tub used to be. The last thing to do, which has not been scheduled yet, is to patch the scratches the tile guy put in to the new tub when he was setting the tiles.

Have a Great Weekend Everyone - Aloha!

There a buzz going on about the 16-year old teenager from England that sings soul music like it hasn't been sung since the 1970's. Her name is Joss Stone (see her site here). If you are into the likes of Aretha Franklin, then you owe it to yourself to listen to this young woman. Then watch the video on her site and be prepared to be blown away by how such a soulful sound could come out of someone so young.

Be aware this is straight from the heart soul music. It is not over produced and is definitely not for everyone. But as I said, if you are into soul, check out Joss Stone.

Cracking Up. I was sealing the grout of our new bathroom tile when I noticed several small cracks in said grout. I'm going to have to call the contractor to have him take a look and see what can be done. Sigh.

Mail Call

From: Gary M. Berg
To: Dan Seto
Sent: Monday, October 13, 2003 2:10 AM
Subject: MT comment problems

I happened to get a pointer to this in a newsletter today Lockergnome, I think):

http://cheerleader.yoz.com/archives/000849.html

From: Dan Seto
To: Gary M. Berg
Subject: Re: MT comment problems
Date: Mon, 13 Oct 2003 06:44:36 -1000

Thanks Gary, there are several different ways of hacking MT to try to reduce spam. As is suggested on the site, MT itself needs to get into motion to implement and support their own solution as the quality of various hacks are, shall we say, uneven.

---

From: Al Hedstrom
To: Dan Seto
Sent: Friday, October 10, 2003 6:40 PM
Subject: MT Spam

Dan -

Check out http://www.jayallen.org/journey/2003/09/killing_comment_spam_dead. Maybe not a complete solution, but ...

From: Dan Seto
To: Al Hedstrom
Sent: Monday, October 13, 2003 9:37 AM
Subject: Re: MT Spam

Thanks Al. This looks better than some of the other solutions people have come up with but I'm not so sure a blacklist is the way to go. I'll re-read the site to be sure I understand what they are doing but I would really rather have MT themselves come up with something that they would support.

In either case, I still have my email address there so if anyone wants to email a comment they can do that.

From: Al Hedstrom
To: Dan Seto
Sent: Monday, October 13, 2003 7:05 AM
Subject: RE: MT Spam

Understood. And all I can offer is commiseration!

I see a lot of other MT blogs struggling with the same problem. The MT folks offer nothing - not even notes on research/tests?

Just curious.

From: Dan Seto
To: Al Hedstrom
Subject: Re: MT Spam
Date: Mon, 13 Oct 2003 07:09:37 -1000

Nothing official on their site (at least nothing I could find). There is a lot of message traffic in their forums but nothing that I found that suggests MT is working on a solution that will be incorporated into an update. On the other hand, I can't imagine that they aren't doing something.

Aloha!

MovableType has finally commented on the record about spam in MT's comment section (see it here. The short of it is they are working on something but in the mean time they are recommending Jay Allen's MT-BlackList (see it here). Fellow Daynoter Phil Hough (see his site here) is also recommending the Black-List but has this link here. Both seem to go to the same place so use either one.

Phil reports the module is easy to install and seems to work quite nicely. Until MT themselves come up with something, perhaps this is the way to go. Before I can do that though, I'll need to reload the Perl scripts so it may be awhile before the comments go live again.

Mighty Mozilla. Be on the lookout for the 0.7 release of the Mozilla Firebird browser (see this page here). The site says it will be released "~ October 14, 2003" which happens to be today. This point release is way late (see the original Mozilla road map here which has "ideal" release date of 3 September. Of the three previous release dates, none have been so late as this one.) so one has to speculate whether the recent changeover from Netscape funding to a foundation threw a monkey wrench into the works.

In any case, the latest release should be out soon so keep checking the download page here if it's not there already.

Aloha!

Firebird Rises. As noted in Tuesday's post, the Mozilla Firebird browser 0.7 was released to the masses (get it here). Note that they've instituted a reverse lookup to the domain you are coming from (for security purposes, wouldn't want just anyone using Firebird). For most people, this will not be a problem. However, it is a problem here because our idiot poor, overworked IT staff doesn't know how to setup domains/DNS correctly. So I ended up using PuTTY (get it here) to securely login into Pair (my web host), then used the text-based Lynx browser (get it here) to pull down the file. I then used WS_FTP LE (get it here) to get the file from Pair to my PC. A little complicated but there you go.

Wink, Wink. If you are in PC application support, you probably could use something that demos mouse movements or allows you to show screen shots with custom callouts or balloons. IF so, check out Wink (see it here). You can output to Flash SWF, EXE, PDP, or HTML. The best is it's freeware.

The Need for Speed II. So you think you have a fast Internet connection eh? Well, try transferring a CD with 60 minutes of music in one second. The Swiss CERN has a link to CalTech that runs at 5.44 gigabits per second. That's gigabits folks. Per second. See the story here.

Aloha!

For your CSS/HTML Geeks out there comes this list here of effects using the aforementioned stylings. One highlight is how to create shadow lines with CSS (see it here).

How's Your Eye-Hand Coordination? Here's a simple Flash demo that you can run when you have a spare moment. The goal is to throw the wadded up paper into the trash bin. The complicating factor is a fan blowing at varying angles and force. Note that the demo includes sound so you may want to mute that before going here.

Aloha!

It was October 20, 1999 that this blog/journal began its life. I had been using the Internet (and bulletin boards before that) for several years and had come upon Dr. Jerry Pournelle's site through my readings of the former dead tree periodical Byte. Once I found his site, it wasn't long before I found the Daynotes Gang. I started conversing with a couple of them and appreciated their openness and willingness to help its members.

I soon began my own journal and was gratified to hear from Tom Syroid that I had been inducted into their august group! It is a bit ironic that Tom has since taken a sabbatical (along with several other members, of various lengths of time: Shawn Wallbridge, Chris Ward-Johnson, Matt Beland, Jim Crider, Steve Tucker, Greg Lincoln, Mat Lemings, JHR, and Jon Hassell. It's nice to see Al Hedstrom back on the run, as it were, with at least weekly postings (or is it weakly? [G] - Ed.))

As I've gotten to know them, through their journals and e-mails, I realized they are a group of terrific individuals. Yes, there have been spats that have caused long-term rifts, but the group continues on (even if I don't seem to get any of the Back Channel e-mails anymore).

As I trod into my fifth year of doing this, I wonder where I'll be in five years? Will I still be typing in this journal or will I have lost interest and regained the time it takes to write these things? I honestly don't know. What I do know it has been an honor to be associated with these gents and I would like to thank each and every one of them. I have learned much and hope, in my own small way, to have given back in at least equal measure.

But for now, it is into the breach once more...

InfoWorld's Bob Lewis has an insightful post (see it here) on one person's run-in with office politics. The specific situation is one in which an employee is layed off, but then magically returns when a "special" position is created for the person. This situation is fraught with all kinds of traps that can lead to your own ouster.

Lewis has some good advice - be professional and look past the obvious to the underlying motivations. Of course, this is easier said then done but the successful employee must be able to do this.

PBS columnist Robert X. Cringely talks about the differences between Microsoft and Open Source and why MS doesn't seem to understand what the strengths and weaknesses of each are:

At the core of Ballmer's remarks is a fundamental misunderstanding not only of Open Source, but of software development as an art rather than as a business. Cutting to the bone of his remarks, he is saying that Microsoft developers, since they are employees, are more skilled and dedicated than Open Source developers. They are better, Ballmer suggests, because Microsoft developers have their rears (presumably their jobs) on the line. All those lines and all those rears are part of a road map, he says, and because of that road map the $30 billion plus Microsoft gets each year isn't too much for us to pay, so the model works pretty well.

This is nonsense. It is nonsense because Steve Ballmer, like Bill Gates before him, confuses market success with technical merit. Microsoft's product roadmap is a manifestation of a business plan, and what matters in Redmond is the plan, not the map, which is in constant flux. How many technical initiatives has Microsoft announced with fanfare and industry partners, yet never delivered? Dozens. That is no roadmap.

See the full column here.

There be a Red Storm coming. Cray Inc. announced they will be sell a commercial version of their Red Storm supercomputer that it is building for Sandia National Labs (see the story here). As is the case with more and more supercomputers, this one will use massively parallel clusters of AMD's 64-bit Operterons.

Last Thursday and Friday I was indeed layed flat on my back. Just getting out of bed was an adventure in pain. But things got better by Saturday. Sunday found me doing work around the house. I am back at work today and hope my back holds up.

Aloha!

The Internet changes everything and nothing. One way it changes things is that it flattens the landscape. That is, why have middlemen in a world where conversations are now one-to-one? In an environment where I can speak to someone across the globe as easily as if I were talking to a neighbor across the backyard fence, why do I need a go between? If I am a singer, I no longer need a record company to produce stacks of wax. I can burn my own CDs or provide downloads and sell them directly to the customer. In one fell swoop you reduce your costs while increasing your profits by several orders of magnitude (i.e., instead of pennies per album, you are making dollars). In addition, you get instant feedback from your customers. What is selling? What isn't? Why (your customers will make the connection to you whether you want them to or not)? Further, the harder you work and the better you are, the more you make.

What it doesn't change is market dynamics. That is, if there is an unmet need, someone will fill the vacuum and become successful doing it. For the instant availability and downloading of music, Napster; KaZaA; and Gnutella have/had millions of people using their services.

For whatever reason, people want to be able to conveniently and immediately listen to their music in forms and in places that is convenient to them. Whether it is because they don't want to spend the money on buying a complete album when only one song that interests them or because they don't want to spend money on something they can get for free or because they are tired of being pandered to on radio stations that treat them like cows to be force fed through the nose. The business models that filled those needs succeeded. Until, that is, the middlemen fought back.

The response of the music industry middlemen to this market is to create barriers. Barriers in the form of "copy protection" (AKA Digital Rights Management or DRM for short) such as NetBurn Secure and/or MediaMax (I would include a link to their site but it is so obnoxious and clueless that I can't, in good conscience, do so). Barriers in the form of treating their potential and actual customers as thieves by prosecuting them and hoping to make examples that will instill fear, awe, and yes shock into all who may dare question their power.

Into this mix comes now Apple Computer and their iTunes service (see it here). The service provides 400,000 tunes available for immediate download at a cost of .99 cents each (plus tax). However, all of the music is protected by DRM. Nonetheless, there is a way to convert the files from the proprietary formats.

The instructions below are taken from Apple themselves so one must assume they consider this to be fair use:

If your computer has a CD-RW drive, you can make your own audio CDs containing the songs you add to a playlist. You can listen to the audio CDs you create in iTunes in most consumer CD players and on your computer.

iTunes converts the songs to standard audio files before writing them to the CD. You can fit about 74 minutes of music, or about 20 songs, on a 650 MB CD-R disc. Some discs allow 80 minutes (700 MB) of music.

1 Choose Edit > Preferences, then click the Burning tab at the top of the window.

2 Choose Audio CD as the Disc Format.

3 To have all the songs on the CD play at the same volume level, select the Sound Check checkbox.

4 Click OK.

5 Select the playlist you want to burn to the CD, then click the Burn Disc button.

You can only burn a CD from the songs in a playlist.

If the playlist contains more songs than will fit on the CD, iTunes will burn as many songs as will fit on one disc, then ask you to insert another disc to continue burning the remaining songs. (You can see the size of the selected playlist at the bottom of the iTunes window.)

6 Insert a blank CD-R disc and click Burn Disc again.

If you plan to play the CD on a consumer CD player, you need to use a blank CD-R disc. If you plan to only play the CD using your computer, you can also use a CD-RW disc.

It takes several minutes to burn an audio CD. You can cancel the burn by clicking the X next to the progress bar, but if you're burning to a CD-R disc you won't be able to use the CD after canceling.

If a playlist contains any songs purchased from the iTunes Music Store, you can only burn the same playlist 10 times. If the playlist includes Audible spoken word content with chapter markers, the chapters are burned as separate tracks.

For more information about external CD burners that work with iTunes, visit the Apple Support website at www.apple.com/support/itunes.

Note that to convert their protected files you must burn them to CD first. Further, you must follow the instructions above to do it. That is, you must create an "Audio CD" (files have the standard .cda extension) rather than trying to go directly from Apple's format to anything else. Once the audio CD is created, you must then read the files using a ripper (I use AudioGrabber, see it here. But you can use Windows Media Player 9, if you don't mind converting to Microsoft's own proprietary format. Otherwise, you can buy plug-ins for Media Player 9 that convert to MP3). The ripper program would then save the target file from the CD into the format of your choice; such as wav, Ogg Vorbis or MP3.

As a side light to the above post, I did a Google News search. While looking at the hits, I noticed something odd. Page after page of hits with the exact same headline: "Decision coming on technology to prevent internet piracy...". By page after page I mean four pages of the exact same thing. The URLs for most appear to be TV stations. Of the five sites I looked at, all had the same basic layout (three columns with a banner across the top). All had the buttons in the left column. All formatted the AP story exactly the same way. I don't know what to make of this but I don't think it is coincidental.

Whatever the case, the stations are:

WKYT, KY - Oct 24, 2003
WHAG-TV, MD - Oct 24, 2003
WHNS - Oct 24, 2003
WANE, IN - Oct 24, 2003
KRON4.com, CA - Oct 24, 2003
KPLC-TV, LA - Oct 24, 2003
KAIT, AR - Oct 24, 2003
WLUC-TV, MI - Oct 24, 2003
KFOR-TV, OK - Oct 24, 2003 
WHNT, AL - Oct 24, 2003
WBAY, WI - Oct 24, 2003
WLOX, MS - Oct 24, 2003
KWWL, IA - Oct 24, 2003
WSTM-TV, NY - Oct 24, 2003
WTVM, GA - Oct 24, 2003
WQAD, IL - Oct 24, 2003
KAMC, TX - Oct 24, 2003
WMC-TV, TN - Oct 24, 2003
WRIC TV, VA - Oct 24, 2003
WCAX, VT - Oct 24, 2003
KRNV, NV - Oct 24, 2003
WAVY-TV, VA - Oct 24, 2003
KSFY, SD - Oct 24, 2003
WALB-TV, GA - Oct 24, 2003
WSFA, AL - Oct 24, 2003
WAFF, AL - Oct 24, 2003
KESQ, CA - Oct 24, 2003
WTVO, IL - Oct 24, 2003
KPOM-TV, AR - Oct 24, 2003
KTVO, MO - Oct 24, 2003
KVIA, TX - Oct 24, 2003
KCAU, IA - Oct 24, 2003
WHBF, IL - Oct 24, 2003
WISH, IN - Oct 24, 2003
WHO-TV, IA - Oct 24, 2003
WOOD-TV, MI - Oct 24, 2003

Aloha!

How to Hate Microsoft. Microsoft (MS for short) employee Robert Scoble has his own blog (visit it here). He put up a question intended, I think, to provoke comment on how to make Longhorn (codename for the next version of Windows) better. The subject of the post is "How to Hate Microsoft."

But I think he asked the wrong question because if a broken trust exists, it doesn't matter what features Longhorn has, it will be a failure.

In any case, I think he succeeded in his intention to get comments. You can read the post here. The comments scroll down for pages. Some say Longhorn should be more like Unix/Linux while others say it should be the opposite. Some love MS and some hate it.

But the thread that seemed common to many of the comments is that people don't trust MS. Permit me to display how old I am when I relate this example. Many years ago, I drove a new 1978 Chevrolet Z-28 Camaro (see an example of what it looked like here). I thought it was a great car. It was low and mean looking, handled well, and could blow the doors off of cars costing three times its price ($6,000USD).

But did I trust Chevrolet? I don't know if I would say that. Although to a certain extent I did, otherwise I wouldn't have bought the car in the first place. But perhaps it wasn't so much I trusted, or didn't trust, them as much as I wanted the car and felt I could deal with any problems an untrust worthy manufacturer might throw my way.

Move forward 25 years and I'm now driving a Toyota. Do I trust Toyota? To the extent that it is possible to trust a non-human entity I would say yes, I do. I trust that its business model is based on designing and manufacturing vehicles that are high quality but reasonably priced. Why do I trust Toyota? Because they do what they say. That is, my experience indicates that the company in fact builds quality vehicles at a reasonable price. Our two Toyotas have been virtually trouble free. If something does goes wrong, under warranty, they fix it. Once, they even fixed something that was no longer under warranty because past experience had shown an abnormal amount of failures in the part. So they fixed it at no charge.

Conversely, look at MS. Do they always do as they say? Various state prosecutors and a couple of federal judges would say no and have the facts to back it up. Do they have a good warranty and stand behind it? Warranty? What's that? Isn't that what they used to call a disclaimer? That is, a document stating that there is no warranty whatsoever?

In addition, how can anyone trust them when they have made it clear they don't trust its customers? Let me tell you about one example from the site: MS now uses product activation to reduce copy right infringement (with digital rights management apparently to come). They even go so far as to write their security updates, which correct flaws in their product, such that if the copy you have is not "legal", the update will not install. Doing this creates an entire class of servers/PCs that are security risks to the rest of us. These computers are open to every worm, Trojan horse, hacker, etc. out there. Is this how corporations build trust?

Other examples: How many times has MS security updates broken fixes made by earlier updates? How many buffer overruns does there need to be before MS finally "gets it" and eliminates every_single_one_of them? How many badly implemented features will it take before MS understands that it is security first, last, and always? If they have product activation, why don't they have product deactivation so that I can legally transfer the product from an old PC, that I won't be using to a new one (without having to call MS to explain what I'm doing with a product I paid for).

Even worse, this lack of trust works both ways. I recently received an e-mail from MS asking if I wanted to provide additional information as to why XP seems to be locking up a lot. Okay, I reckon if I can give MS information that can make Windows more stable that is a Good Thing. But the way MS wanted to gather the information was via a downloadable program that would automatically collect the data MS wants, and it was A LOT even though MS insists it isn't (see it here), and would automatically send it in binary format.

To put it plainly, I would have no control over what was sent to them nor when it was sent. Being that the data was in binary format, even if I wanted to look at what was being transmitted I couldn't easily do that so if I were to proceed, I would have to trust that MS was doing what they said they were doing.

A few thoughts on what MS is saying. If, as it says, they aren't collecting much data, why send it as a binary? Why say they are sending the data back in binary format to keep the transmission as small as possible so the impact to your PC is lessened if it is so small to begin with? Why say it would be too complicated to write a program to show, in plain text, what was being transmitted when they wrote a program to convert it to binary in the first place? To be charitable, they seem to be speaking in contradictions.

I wish I could trust MS because it would make life so much easier. But, based on what they do, I can't. So we both loose. MS doesn't get what they want (data on why Windows is blowing up) and I don't get a reliable operating system.

So what's the bottom line on how do improve the Windows? First, build trust between MS and its customers by telling them what and why they are doing things. Do it. Then verify to everyone that what they did is exactly what they said they would do. Do that every time and people will slowly begin to trust you. Don't follow this advice, even just once, and you will break this trust. For a long, long time.

Aloha!

Picture This. Not only does the site dslreports.com have reports on broadband providers (well, duh) but they also have a cool section of photos taken by contributers (see it here). The images come in various resolutions up to 1600 X 1024. Check it out, if you have a broadband connection ;>

Walled Off. Like keeping warm in the winter, security on the Internet is about layering. For example, even if you have a perimeter firewall built into your router you still need something to block attacks coming through in the form of email or web-based attacks. To continue the analogy, you also need to have anti-virus software to stop attacks that have gotten past your first line of defense and an operating system that has all of the latest security patches installed. However, today's post will concentrate on PC-based software firewalls.

One of the more popular software-based firewalls is ZoneAlarm (see it here). It not only closes the doors to hackers from outside, but it also monitors outgoing connections to guard against Trojan horse programs phoning home.

But, for whatever reason, if you want to check out a couple of other solutions you might want to take a look at Agnitum Outpost (see it here) or Kerio Personal Firewall (see it here). Both have versions that are "free", although the free version of Outpost appears to be an older version with fewer features. I have not tried either of them but if ZoneAlarm is giving you problems and you want to take a look at some alternatives, these two would be a place to start.

For those wanting to know about other solutions, Agnitum also has a nice comparison chart here (needless to say, consider the source when viewing the chart) that shows the major players in this field. Pick one that works for you and use it.

Aloha!

Abandon All Hope. What if there were no effective technical solution to spam? There are those of us who still think the majority of the people do not mean to cause harm to the Internet. But then there are the spammers who once again prove the Tragedy of the Commons. That is, there is an individual economic incentive to destroy the thing that is providing for your very existence. At least, this is the argument that I think DiveIntoMark is trying to make when he says spammers will win the battle of comment spam on content management systems like MovableType.

It seems Jay Allen, of MT-Blacklist fame, is starting a global effort against comment spam. DiveIntoMark apparently feels it won't work. That, in fact, the spammers are faster and more agile than any individual trying to stop them. That they will turn and attack Mr. Allen. That since there is no way to "win" the war against spam Jay should, I guess, just roll over and play dead.

Maybe DiveIntoMark is right. There are many instances of where the tragedy occurs. We see it here in Hawai'i where the fish which were in such abundance are now completely gone. Where the rolling hills were once covered in green trees are now completely gone. Where the fresh waters once ran clean and clear are now either completely gone or so polluted it has to be infused with poisons like chlorine just to drink it. But that does not mean it has to be that way. The solution, if not technical in nature, can and perhaps should be, economic.

What that economic solution would look like I can't say. But as far as I'm concerned, I think Mr. Allen is at least trying to be part of the solution rather than part of the problem.

On the Other Hand. According to an article from CNN, the end of pop-up spam may be in sight. Now that Microsoft, who sells pop-up ads in its HotMail site, is saying they will include a pop-up filter to disable such ads in their Internet Explorer, it may decrease the utility of said ads. Of course, never believe that the advertisers will just sit back and do nothing. They will, I'm sure, try to program around filters by using javascript (another reason to disable javascript) or other means to fool the filters. But at least, we hope, the change to IE will make a major economic dent in their revenues.

Aloha!

I've finally got around to installing an RSS feed aggregator. For no particular reason other than I found them first, I chose to install a .Net 1.1-based (i.e., executes like Vermont molasses in December) program called SharpReader and something called FeedDemon. There are a bunch of similar aggregators out there so feel free to choose whichever you find useful.

What it's about is getting short snippets or headlines of what someone has just posted (at least in the weblog world. It can be used in other contexts). So if you want to get a wider range of news, while at the same time not having to actually go to each site to check on what's new, the aggregator can make more productive use of your time. On the other hand, if you only hit a handful of sites each day, you probably don't need one.

But now that I've seen how one works, I think I will be changing the format of my posts. For awhile now, I've been just using the days of the week as a headline. Looking at this in an aggregator doesn't give you any useful information to decide whether to click on a link or not. So I will try to have headlines that encapsulate what the post is about so those of you who use feeds can make an informed decision (or at least as informed as you can get with headlines).

In addition, rather than including several subjects under one posting, I may break them up into separate posts so that each has its own headline. I originally was doing that but got tired of having to publish individual sections rather than just one. I'll have to see if it's worth the trouble to do so (especially as there aren't that many people using aggregators anyway).

Aloha!

Ron Pacheco has a tutorial on how to reduce noise found in some digital images. The process is not for every image nor everyone because you can spend a lot of time and get a very small bit of improvement. In addition, if you overdo the corrections you can end up with an image that looks worse than what you started with. But, like any tool, if used right it can make a difference.

I'm running late this morning so I gotta go.

Aloha!

In what some are calling the wave of the future comes now the Mac G4 CubeQuarium. The water cooled G4 has yet to be run against the usual test suites but we are assured it should create a bit of a splash.

While I can't recommend the Hawking Tech FR24 Dual WAN router (see my earlier posts here, here, here, here, here, and here) I hear from some people about an reported problem with throughput. Apparently, some people are having problems with the FR24 locking up and these users feel the cause is an inability of the FR24 to handle the bandwidth of their speedy cable modems.

But, as far as I know, no one has a modem running at over 9Mbps! SmallNetBuilder did a review of the FR24 and found a transfer rate of 9.4Mbps. I figure that's fast enough for even the fastest cable modem service anywhere in the U.S.

Having said that, the FR24 still has a bunch of problems. Let's recap what I had. First, from what I understand, it will load balance your two connections only if the connections are from the same provider using the same DNS. If, like I did, you are using two different providers acting as a fail over, you are out of luck for load balancing. Second, even if you have two connections from the same provider, the balancing to the second connection will only occur if the request to the connection is coming from another computer on your network. Hence, your computer will not see any speed increase, but someone else on another computer will not be slowed down by your network activity. Finally, setting the FR24 to bring online the second connection only when the first goes down did eventually work but was not reliably so. No matter how I tried setting it up, the FR24 simply failed to consistently switch over, even if I unplugged the primary connection, the FR24 would sometimes fail to switch to the secondary.

To be fair, I understand that there have been a couple of firmware updates. Whether these fix the problems with lockups and automatic failover I can't say. Perhaps, some weekend when I have the time I'll hookup the FR24 and see if it works more reliably than it did before.

Have a Great Weekend Everyone - Aloha!

It's that time of the year when the awards are being handed out. PC magazine has their Technical Excellence Awards and Best of Comdex Awards.

Some highlight are: Technical Excellence System Software - VMware ESX Server 2 and Virtual SMP and for Comdex "Best in Show" - Microsoft Small Business Server 2003.

This tip from Brian Livingston's Newsletter:

A friend of mine was downloading Service Pack 4 for Windows 2000 on his laptop when his system locked up and gave him the Blue Screen of Death. Microsoft acknowledged that this does happen sometimes, and the only solution was to reformat his hard drive and reinstall Win2K.

He came to me because he had a substantial amount of data on his system that he couldn't afford to lose. In essence, what I did was boot to a floppy and then re-size the existing NTFS partition with Partition Magic. Next I created a new FAT partition and installed a new copy of Win2K on this partition.

Once the Win2K installation was complete, I had this installation of Win2K recognize the NTFS partition and, presto, all of his data was accessible. I've left out a few steps, but to me this seems like it's pretty easy to get to this data.

As many of you know, using the Windows NTFS file system has advantages and disadvantages. One characteristic that could be viewed as a disadvantage is the inability to boot from a DOS disk and have access to the NTFS volume(s) on your hard drive. Which, if you think about it, is logical. DOS does not support NTFS so if you boot from a DOS diskette you shouldn't expect to see any of your NTFS volumes.

As an alternative, you can boot from the install CD but it's setup to do either a repair or clean install. The repair install may be able to do what you want, but there is another way.

You can use something called Bart's PE Builder. It runs on Win2K, XP, and 2003 (what they heck is 2003? Are they talking about server editions? - Ed.) but not NT4 or, of course Win9x and ME. Among other things, the CD allows you to:

• Access very large (>2TB) NTFS volumes or access volumes that are not seen by the BIOS, like some fiber channel disks.

• Very reliable scanning and cleaning of viruses using a "clean boot".

• Active Directory support.

• Have remote control over other machines, using vnc or remote desktop.

In order to create the CD you will need your original Windows install CD and more than a passing understanding of Windows (which all of my 11 readers already have, right?). As always, use at your own risk and insert disclaimer here.

In a stunning turnaround, the Houston Chronicle is reporting that PC maker Dell is returning some customer support jobs back to the US. Dell, trying to cut costs, was one of the first companies to rush support jobs to India. However, it soon became clear that its corporate accounts were not satisfied with this lower level of support and threatened to switch. Faced with this possible mass defection to its competition, Dell is now bringing back the jobs, but only for its corporate customers. You individuals out there are still out of luck.

On a personal note, if the experience of our secretary, who bought a Dell and had to call customer support to resolve some problems, is any indication you will need every bit of luck because Dells support sucks. She had to call Dell multiple times to resolve her problem. In an attempt to speak to the same person each time, rather than explain again what the problem was, she had to synchronize her calls with office hours in India. But even she could soon tell that the people she was speaking with had a limited script to work from and if the problem lay outside of that script, you were not going to get any help. YMMV. Use at your own risk.

Sun's StarOffice 7 Office Suite, the big brother to OpenOffice came out recently and I decided to pick up a copy (MSRP $79.95).

Any office suite that wants to take on Microsoft Office (as most do) has to be compatible with its file formats and StarOffice does a pretty good job. I have not run it through any kind of test suite, but it read our 120-page masters capstone project (created in Word 2000) and I found only three problems.

The first is the pagination changed. I'm not sure if I tried to set the default margins it would have kept the page breaks but in a document this large, having to go through it page by page to check the breaks is not a Good Thing.

The second is an embedded bullet list. The list shows a numbered list with bullets within the numbers. To be fair, I had a heck of a time formatting the list in MS Office so it shouldn't be a surprise that StarOffice also had problems.

The last problem is with the margins for some imported Excel spreadsheets. The print area was wider than the page and would required some reformatting to fit.

For the most part, I consider these problems as being minor but only you can decide how important they are.

As for me, I still need to test how well a WordPerfect document, which StarOffice, unlike OpenOffice, is supposed to be able to open and edit, works. But if you don't need WordPerfect compatibility, and don't want to send a lot of money to Redmond, you may want to check it out.

I tried to leave a comment on Microsoft employee Robert Scoble's site yesterday but his comment window did not display the full text of what I had written in [gasp] MS Word and copied into the comments section</irony>. So I am reproducing here what I meant to say there in relation to his request for comments on how to create a win-win situation re: MS.

You asked how to create a win-win situation. So here's a couple based on the asymmetrical relationship between Microsoft and its customers.

Let's start first with the warranty "EULA". You can use, for example, the one for Office XP found here.

Step 1: Create a quality product and then stand behind it with a warranty worth a damn.

When you buy your car it has a bumper-to-bumper warranty that last years. When you buy a TV you get a warranty that lasts at least a year, if not three. If something fails in either, and you are hurt because of it, you can collect damages against the manufacturer because they are responsible for the loss.

Contrast that with the paragraph numbered 9, where it says Microsoft is not responsible for any "incidental, consequential and certain other damages." To a small business owner, as I understand it, this means if the third quarter profits suddenly shifts and Office XP *doesn't* automatically pick up the changes because of a bug in the software, and thus the company goes into bankruptcy, that's just too damned bad because the full risk of using Microsoft software lies with you, the customer. Microsoft makes no warranty, implied or otherwise that the software will do what is promised (by TV advertising or otherwise) it does.

Try making a product that you are willing to stand behind with a warranty that puts Microsoft assets in jeopardy. If nothing else, this should focus people's minds on quality and create a basis for trust that does not exist now.

Step 2: Make everything transparent.

For example, most people who use Windows XP are willing to let Microsoft know certain information when a program crashes. This is based on the trust that whatever information is transmitted to Microsoft is directly related to the crash and will be used solely to fix bugs in Windows. And nothing else. I say it's based on trust because the customer has, as far as I know, no way of knowing what is being transmitted to Microsoft.

Ratchet up that a bunch and think about the Microsoft Windows Feedback Panel. This is optional software, downloaded from Microsoft, gathers even more information. Go to this URL to see what is being recorded:

http://wfp.Microsoft.com/dcp.htm

Even if I trust Microsoft, why is it important for Microsoft to record the names and locations of all directories within the Program Files, My Documents, My Music, My Pictures, and My Videos? Further, why does Microsoft need to record a complete listing of all of my files in root?

And then, why is it critical to transmit all of this information in binary format without the customer being able to review and decide whether they want to transmit the information? There is no reciprocity here. Everything is asymmetrical. I am being asked to trust Microsoft without any way, as President Reagan said to "verify." Why not provide a way for the user to see what is being sent?

I have other examples posted on by weblog: http://www.seto.org/mt-diary/archives/2003_11_03.html#000246

Thank you for this opportunity to comment on this subject.

Aloha,

Dan

I talked earlier (see Monday) about a few small problems StarOffice 7 a had in importing an MS Word document. Today I'll take a look at how StarOffice does with a Corel WordPerfect 9 sample.

But first, let me say I like alternatives. Having a choice in office suites is, I think, a Good Thing. But if your office uses WordPerfect and you want to switch to Sun's StarOffice 7, you are in for a world of hurt.

As a test document, I used a fairly typical, for us, report. It is a little over 10-pages long (including two charts at the end), uses bulleted lists, and indented paragraphs to indicated extended quoted material. What you have could vary so you have to take what follows in the context of how you usually format your documents.

All of the problems I found are related to formatting. Rather than go through a long narrative, I'll just create a list:

• Failed to display and print out the watermark.

• Changed the font from Univers to Thorndale (a Times Roman clone).

• Ignored tab settings, substituting its own on a seemingly random basis.

• Failed to display all bullets.

• Substituted some, but not all, bullets with Roman Numerals.

• Inserted the following string in random places: 600160.0160.0160)0160)0160)0160)0160)060.0160.0160)

• Converted the footnote type size from eight points to something that looked like two points (even though it said it was 8 pts).

• Altered page breaks.

In addition, StarOffice opened the document in read only mode. This means I could look at the document, but could not edit it. I read the on-line help and found you have to click on the "Edit File" button to enable editing mode. This is very curious behavior for any program. One can only wonder why they have this mode and what advantage(s) they think it has. As for me, I consider it nonsensical.

In a marketplace dominated by Microsoft Office, alternatives are to be supported and praised. Unless, of course, the alternatives can't inter-operate with the documents you already have. In our case, many offices still use various versions of WordPerfect. But given the list of problems StarOffice 7 has in importing WordPerfect 9 documents, I can't recommend its use in such environments.

I wonder if Sun isn't missing a market segment that they could serve (WordPerfect users) rather than going after Microsoft? I think they could make a good return on investment going after the millions of users who still use WordPerfect (who everyone seems to have forgotten, or at least ignored) rather than being yet another clone of MS. As it is, Sun is also competing against OpenOffice which, at a price point of zero, is impossible to beat. YMMV.

Thanks to everyone who wrote in about my poor attempt at using a old, old computer language called BASIC to inject a bit of humor and let people know where I was on Friday. Based on the comments, I think I succeeded on one and failed on the other <G> In either case, it was kind of fun trying to remember how to mis-use BASIC but I apologize for the late replies.

In any case, you have to remember that in the mid-1970s, there weren't a whole lot of languages, interpreted or otherwise, available to run (maybe COBOL, assemblers, LISP, and FORTRAN). I think later came FORTH, Pascal/Modula, RPG, etc. but don't write a letters if I have the sequence wrong. The point is you couldn't run down to your local CompUSA or Frys and buy a copy. In fact, since the IBM PC didn't even come out until the early 80s, the usual way to learn a language was to have an account on a timesharing system on a mini or mainframe. During that time, I was in college and had access to a DEC PDP-11/45 in the Math Department and an Apple II (no hard drive) in the Psychology Dept.

I have to admit that I wrote some pretty awful code in AppleBasic but you have to remember, it was pretty advanced for its time. For example, I don't recall too many languages that used color graphics. And if you were careful, you could write structured code. On the other hand, I have to agree that if you've learned BASIC as your first language, you will probably always have problems learning others because they require a completely different mind set. In either case, I used AppleBasic to convert a paper-based psychological test (the Stroop Color-Word Interference Test) into a PC-based version for my senior project. The program was several thousand lines long and was as bug-free as any MS program <G>.

To show just how demented we Psych majors are, the test subjects sat in front of a TV monitor that displayed the test. The subject would respond by pressing the key of the first letter of the appropriate word displayed on the screen. But, at the same time, they were listening, on headphones, to one of four recordings. The first was a passage of a comedy bit by someone I have since forgotten his name. The second version was the same bit, but had the text jumbled up in random order. The third recording was a piece of classical music, and the fourth was silence. Unfortunately, there seemed to be an interference problem between the portable tape recorder I was using and the Apple II so when I ran the actual experiment, the PC locked up several times.

Anyway, I am amazed at how many different languages there are now. But with all its faults, BASIC probably solved more quick and dirty problems than any other language of the day.

Aloha!

Things are getting a lot busier and lot faster here at work than even I thought they would so I gotta go.

You know you are a Geek when:

• Someone asks you what languages you know, and you reply Upper Slavic, French, Esperanto and C.

• You can remember your web address faster than your phone number.

• When someone mentions "The Other OS", you think they are talking about FreeBSD.

• You start to get credit card applications for the LinuxCard ("Never start your server without it.").

Aloha!

NetworkWorldFusion is reporting that if you are running a version of the Linux kernel prior to 2.4.23 you may want to check on a patch for a serious security exploit that could allow 3133t hax0rz 2 0wnz U. All distributions with kernels prior to 2.4.23 are affected. The exploit has already been used in the wild so the bad guys are already aware of it and are using it. So, get your patch and install it. Now.

Aloha!

When you have the time, check out Wired's gear for geeks 2K3. There's everything from a 3-D display laptop to tube audio amps to over 70 gadgets to make the geek in you glad.

Aloha!

Web page userbility gurus have long talked about what is called the "Three Click Rule." That is, no information on a site should be more than three clicks away. This rule of thumb seems like common sense. I mean, in our hurried busy lives, it seems logical that people want instant gratification, not hunting through a confusing complex of web pages. So, if you have a choice between two sites where you want to purchase something and one of them allows you do that in three clicks and the other takes 25, it seem intuitive that you would shop at the first site.

However, a site called User Interface Engineering did a study on what people actually do and found that people don't leave a site in frustration after three clicks. In fact, the number of clicks don't seem to have any relation to when a person leaves.

Obviously, people go to sites for various reasons so intentions may play a part in this. In addition, expectations may also affect how you perceive the experience.

But in the final analysis, the study says the most important thing is that you are successful in doing what you came to the site to do, regardless of how many clicks it takes. Even if true, it still makes sense to keep in mind what your customers want to do and make it as easy as possible for them to do it because if you don't someone one else will.

I saw something on TV recently that said the computer systems in new cars were getting so complicated that they were crashing on a regular basis. No, I don't mean the cars were running into windows (pun intended). Rather, the systems would shut the car down due to bugs in the software. So I guess I shouldn't be surprised that the company that wanted to put a Windows PC in every home now wants to put one in every garage.

This story from Yahoo News says Microsoft operating systems are already running in 23 different car models. This includes the BMW 7 series, Daimler, Volvo, and Toyota. It's too easy to make a snide remark about having to reboot your car to get it to run but there you go.

One of the early professional grade single lens reflex cameras was the Leica line of cameras. If you were a photo-journalist in the 1950s you were probably using a Leica, or wishing you could afford one. Comes now the Leica Digilux 2 that moves the venerable name into the 21st century. As one might expect, given its heritage, there are no automatic controls. That means focusing, aperture, shutter speed, and focal length are all done manually. By forcing you to use your brain to make these decisions, you are potentially rewarded with images that few other cameras can make. Obviously, this level of control is not necessarily for the Sunday afternoon photographer. But if you know what you are doing, there are very few cameras, digital or otherwise, that offer you more control over what the final image will look like. Oh, if you have to ask how much it costs you can't afford it (nor can you get it until February of next year - ed).

First it was your very own street light jammer. Now comes something that interferes with cell phone usage by jamming the frequencies it uses. I guess I'm behind the times, but I did not know there are such things as cell phone jammers. One model, the SH066PL2A/B, costs about $300USD and has a range of about 30 feet (~9m). There are others, including one that has a 100-ft (~30m) range. Now, before anyone calls their lawyer, I'm not advocating using one of these things because in the US they are apparently illegal. I'm just saying they exist. What you do with them are up to you. YMMV. Use at your own risk. Insert disclaimer here.

First it was your very own street light jammer. Now comes something that interferes with cell phone usage by jamming the frequencies it uses. I guess I'm behind the times, but I did not know there are such things as cell phone jammers. One model, the SH066PL2A/B, costs about $300USD and has a range of about 30 feet (~9m). There are others, including one that has a 100-ft (~30m) range. Now, before anyone calls their lawyer, I'm not advocating using one of these things because in the US they are apparently illegal. I'm just saying they exist. What you do with them are up to you. YMMV. Use at your own risk. Insert disclaimer here.

K-Meleon - "The Browser You Control" is trying its best to not be yet another Gecko-based browser by being letting you customize the toolbar, context menu, and keyboard shortcuts. They also say that load times are the lowest for any Gecko browser. Other than that, I'm not sure what distinguishes this from its competition but feel free to check it out.

Okay you browser junkies out there, MYIE2 is yet another browser but this one is based on the IE engine, rather than Gecko. At the same time, it tries to add features and fix the security vulnerabilities found in IE faster than Microsoft. If you need something IE compatible but has more features (tabbed browsing, mouse gestures, privacy protection, popup blocking, etc.) you may want to check them out. Or not, since it is still in beta and has its own set of bugs.

President Bush signed the "anti-spam" bill yesterday. I have it in quotes because it actually makes legal what would be illegal under tougher state law. For example, I understand that California has a new law that requires opt-in rather than, under the federal law, opt-out.

Not waiting for BigGovernment to "solve" the problem, I've been testing two different spam filters (in addition to SpamAssasin that my host uses). The two are POPFile and K9. Both run on Windows, although POPFile is Perl-based so it could run on any platform that executes Perl. By the way, on Windows even if you don't have Perl installed the PopFile installer will install what is needed so it's fairly easy to get up and running.

After running a little over 1,000 emails through both filters I've found that POPFile is clearly more accurate. Right now, POPFile is at 97 percent. That's 30 errors out of about 1,000 emails. Two of those 30 were real emails that ended up in the spam bucket while the others where spam that made it into the inbox. On the other hand, K9 is at a relatively low 85 percent (i.e., 150 errors) and very slowly rising.

Unless you get so many emails that a Perl-based filter would be too slow, I would recommend PopFile. But whichever you choose, I think relying on only one spam filter is not the way to go. Rather, having a layered approach using different methods to filter the spam seems to be the best that we can do for now. At least, until enough spammers are thrown in jail.

As always, this information is provided as is, without any warranty of any kind (inset disclaimer here). You use this at your own risk. YMMV.

If you are using Movable 2.64 and recently upgraded to 2.65, you may know that there is a new template available. The template is for the Atom syndication format feed. Note that if you did a clean install of 2.65, you can probably skip this entire post as I assume everything is configured for you. But, if like me, you did an upgrade install and want to enable the Atom feed, you may want to read on.

In general, there are two things you need to do to enable the Atom feed. The first is to get the template from MT. The second is to edit your Main Index to include an "auto discovery" link to the feed.

The Atom Template

1. Go to the MT site and look for and click on the the link to the Atom Index.

2. Highlight and copy all of the text, making sure to scroll down to the bottom of the window.

3. If you aren't already, login to your MT installation.

4. Click on Manage Weblog.

5. Under Manage, click on TEMPLATES.

6. Find and click on the link to Create new index template.

7. Under Template Name type in Atom Index (I'm not sure what the full installation official name is so if anyone knows what it is, feel free to leave a comment below. Although, you could just as well use Atom 0.3 Index instead.).

8. Under Output File type in atom.xml

9. Leave "Rebuild this template automatically when rebuilding index templates" checked.

10. Leave "Link this template to a file" blank.

11. In the Template Body input box, paste all of the text you copied from the MT site default Atom index in Step 2.

12. Click on the SAVE button but do not rebuild the files yet.

13. If you aren't there already, click on TEMPLATES to get the listing of your default templates.

14. Check to make sure Atom Index is now listed as one of your templates with atom.xml shown as the Output File.

Main Index Template

15. Go back to the MT site, default templates page, Main Index by clicking on the link here.

16. Look for the following line: <link rel="alternate" type="application/atom+xml" title="Atom" href="&@60;$MTBlogURL$>atom.xml" />

17. Highlight and copy that line. Note where this line is in relation to the other lines of the template because you will need to insert it into your own Main Index template in the same place.

18. Go back to your MT page that lists your templates (logging in again if you need to - see Steps 3, 4, and 5 above).

19. Click on your Main Index template.

20. Find the location in your template where you need to paste the line you copied in Step 17. When you find it, copy the line in.

21. Click on the SAVE button and Rebuild your indexes.

Validation

Now that you have everything installed, you may want to check to make sure it validates. Now, I have no idea if there are other feed validators out there nor if this one is the best. All I can say is it is the one I used.

In any case, you need to type in the full URL to your atom.xml page. For example, www.foo.com/mt/atom.xml That last part where you include the atom.xml page is important if you want to validate your Atom feed. Otherwise, the validator will probably, by default, check for your regular RSS feed instead even though it's supposed to automatically find the atom.xml file based on the line you copied into your Main Index.

In my case, it came up with one error: line 20, column 23:url must be full URL (15 occurrences)[help]

Clicking on the help link took me to a page that said I needed to have the http:// part on my URL. In order to do this, I had to do the following:

22. Login into my MT site.

23. Click on EDIT YOUR PROFILE.

24. Find the Website URL (optional) input box.

25. Type in http:// to the already there www.seto.org

26. I rebuilt all pages, although I'm not sure I needed to.

27. Done.

I don't know if adding the Atom feed is helpful to people since, as far as I know, it's not something that is generally supported by many, if any, aggregator programs. Indeed, many people don't even know what this is all about in the first place ( here is a short tutorial on RSS that also lists where to get some of the better known aggregators). But if you do, and are using MT, then you could be the first on your block to be Atom 0.3 compliant.

Aloha!

It was called the 5GHz Project. It required liquid nitrogen. Find it at Tom's Hardware.

No rest for the wicked, I have much to do before the end of the day so I gotta go.

Aloha!

Foo Bar. We'll probably never know for sure where the terms foo and bar came from, even though almost everyone has seen it used. But believe it or not, there is an RFC that tries to do exactly that. From World War II slang to comic strips to Chinese figurines, the authors (Eastlake, Maros, and Raymond (as in Eric S.)) do their best to find the answer to the question: How much foo can a man chew if a foo man could chew foo?

Work calls so I gotta go. In the mean time, MS deadlines for supporting its products:

• Internet Explorer 6 SP1 on Windows 98: 16-Jan-2004

• Internet Explorer 6 SP1 on Windows 2000 SP2/SP3:30-Jun-2004/26-Jun-2004

• Windows ME: Ended on 31-Dec-2003

• Windows 2000 Professional: 31-Mar-2005

Aloha!

According to the roadmap, Firebird, the Gecko-based browser is almost set to rev to 0.8 (rev 1.6 if you need the Mozilla combination browser, email, HTML editor, IRC chat, and partridge in the proverbial pear tree). So, check its site every once in awhile as it should be out Real Soon Now.

Aloha!

Speaking of updates, the Linux-based firewall software I use, CoyoteLinux, is now in version 2.05. You may want to check out the changes and see if you should install it. Note that they haven't uploaded the Windows-based installer version yet so, for now, you need a fully installed Linux distribution to create the floppy.

I believe it was sharp shooter and fellow Daynoter Dave Markowitz who mentioned a secure FTP program called CoreFTP. If memory serves me, he mentioned it in relation to a problem he was having with another program called WS_FTP (now in release 8) being too fast for what he was doing.

While most people say you can never be too rich, too thin, or have an application run too fast, I guess there are times when this is so. In any case, CoreFTP recently updated their offering to version 1.3, fixing several problems and adding features, so you may want to check it out (especially as it is free and offers secure connections).

On the other hand, if you need a fast transfer program, you may want to check out WS_FTP instead. For you students or faculty members out there, Ipswitch makes a "lite" version that is free for personal use. If you qualify, you can download the free version here.

The lucky folks over at DesignTechnia have a review up of what may be the thinest laptop in the world - the Sony X505. It weighs in at just under two pounds (~910g) and is made of either nickel carbon or carbon fiber (your choice). The mini-laptop measures 10.07 x 8.19 inches (~256 x 208mm), and slopes from .38in (~10mm) thick in the front to .86in (~22mm) in the back. Yes, you read that right, at its widest it's less than an inch thick. Wow.

As with any extreme design, there are tradeoffs. A trackpoint replaces the usual touchpad, and it doesn't have an integrated DVD/CD drive, wireless LAN, or memory card slot. You can get external dongles to remedy these potential problems so you aren't completely left in the lurch but it is less convenient to use because of it.

The price for the grey market import is about $3,500 for the nickel carbon and call it $4,000 for the carbon fiber. As with all grey market items, there is no manufacturer's US warranty or support. But if you must have the absolute thinnest laptop, this may be the one to have. YMMV.

While I'm sure MS would like you to think that Internet Explorer is the ultimate in browsing the web, there are competitors out there and Netcaptor is yet another one of them. This browser has tabs (allowing you to have multiple pages open at the same time and to easily switch between them), pop-up suppression, and URL blocking (perfect for blocking everything from *.doubleclick.com). Check out the site for its other features. Netcaptor comes in two version, one free and one you pay for. Note that the free version comes with ads and the pay version costs $29.95USD.

No sooner does Microsoft announce the end of support for, among other things, Windows 98/SE, that it turns around and extends it through 2006 (see the article here). Thanks, apparently, to customers complaints, MS reversed itself and will provide security updates after all. This is a Good Thing(tm) as the article indicates there may be as many as 58 million people still using Windows98.

1. If you ever unintentionally delete photos from your digital camera, all is not lost. Some, if not all, digital camera systems use FAT. If so, fire up your handy un-eraser (Norton, Fix-It, etc.) and un-erase the images.

2. If you've ever needed to rename a bunch of files, say those digital photos you just un-erased, you've probably used the DOS utility REName. But did you know Windows XP(tm) also provides a way to do something similar? In Windows Explorer, multi-select the files you want to rename. Press F2. The new name you type will be applied to all the files, plus an incremental number at the end.

   Windows XP adds (1), (2), (3) and so forth to the ends of the filenames you selected (preceding the dot and the extension). You can force Windows to start with a number of your choice by including it within parentheses in the name that you type. For example, if you enter Foo(10).txt, the additional files will be renamed Foo(11).txt, Foo(12).txt, and so on. Perhaps you'll want to use this to give your digital-camera photos meaningful titles, replacing filenames like DC0001.jpg with Lucy(10), Lucy(11), etc.

Have a Great Weekend Everyone - Aloha!

I don't think this story on Adobe inserting government code into Photoshop has been given the publicity it deserves.

First, I need to disclose that I don't use Adobe products (except for Acrobat which is required at work). I don't use them because of their corporate culture that views their customers as criminals.

So it is not out of character for them to add code from BigBrother(tm) to ensure that you vill obey der rules. Honest people, of course, are not worried about having a private company partner with TheGreatSatan(tm) to monitor what you are doing with the software you purchased. Honest people are not concerned that TheBlackHelicopters(tm) can insert other code into programs to ensure the safety of OurHomeland(tm).

It's only the bad guys who would get upset about having what amounts to spyware running on their computers monitoring what you do so that you won't do anything wrong.

As itemed earlier, Mozilla 1.6 has hit the wire. They haven't updated the change log yet so I don't know what new/improved/fixed features they have but it's probably worth a looksee.

As of this writing, they have not revised Firebird but I assume they will Real Soon Now(tm).

I am hardly an HTML guru so it is easy for me to learn new stuff almost every day. One of the things I learned recently is that you can use CSS to, assuming a compliant browser, display a different mouse pointer. For example, hovering over any of the acronyms on this page should cause your mouse pointer to change to whatever you are using for "help".

Thanks to the diveintomark site for the code.

acronym, abbr { cursor: help; }

I know this is starting to sound like a broken record but I need to get going so I can work on Salary Commission stuff so I gotta go.

Aloha!

Microsoft announces Smart Personal Objects Technology (SPOT) based wrist watches.

Aloha!

I don't know what to make of Co-Linux, but if it's for real, you may have a use for "running Linux on Microsoft Windows natively." I caution that I have not tried this (and most likely won't) but again, if you have a need to run Linux this way, it may be a solution. YMMV. Insert disclaimer here.

I have a Judicial Salary Commission meeting today so I gotta go.

Aloha!

Microsoft evangelist Robert Scoble has a post up of why you should buy anything else other than an Apple iPod(tm). You can read the article but, to me, it boils down to his saying, paraphrasing here, use our (i.e., Microsoft's) DRM rather than Apple's.

While I think he makes a good case about how you can find more MS compliant players out there, as compared to Apple, I say why use either of their proprietary, crippled software? Why lock yourself into a DRM jail that keeps you from using music you PAID for?

Why not use Ogg Vorbis or the almost universally accepted MP3? If you had music in these formats you could probably listen to them on even more players than either of the proprietary formats of Apple and MS combined.

However, as noted in an earlier post, you can convert from Apple's proprietary DRM format by burning an audio CD. This process creates CDA tracks which can then be ripped by your favorite software into whichever format you like and therefore playable on whatever you like. I don't know if you can do something similar with Microsoft's offering. If you you can, drop me a line using the email link over on the right column.

But the bottom line is, in my opinion, it is a false choice to say pick Microsoft's DRM over Apples' because you can find more players compliant with MS when you can find even more that are compliant with MP3. YMMV. Insert disclaimer here.

Aloha!

The battle against comment spammers seems to be never ending. The latest craze is to flood a MovableType based site with comments or trackback pings, similar in effect to a DDoS attack. MT responded with a change that attempts to throttle the number of comments received over a period of time. Ironically, installing MT-Blacklist, which is an attempt, albeit not the most robust, to stop comment spam, inactivates the throttling code. But I digress.

This site attempts to show how to get these two working together and offers links to other resources to help reduce, but not eliminate the problem. I guess this is the best that can be hoped for, short of turning off comments completely.

There are a lot of good things about using MovableType but comment spam is not one of them. So I've tried doing the usual stuff like installing MT-Blacklist and the latest MT updates. But to no avail. I've even deleted the comment templates but somehow the span still gets posted.

One of the ways to try to combat this is to close comments after a period of time. Unfortunately, in MT you have to do this manually, post by post. For me, with over 300 posts, this is not an option. So I looked around to see it there was an easier way of doing that. Eventually, I settled on trying to issuing the following SQL command (although there is a add-in module that purports to do this for you it didn't work for me):

update mt_entry set entry_allow_comments = 2 where TO_DAYS(NOW()) - TO_DAYS(entry_created_on) >= 10;(That's one long line of commands.)

The intent was to close all comments older than 10 days. In order to to issue this command, I needed to login to the MySQL command line interface. At pair.com, the host for my site, the instructions to do this is as follows:

username@server% mysql -hdb14.pair.com -uusername -p username_dbname

Enter password: [enter password here]

Note the part about entering a password. That's very important as you will see (he says with great foreboding in the CNN voice...of...doom).

In order to open the database, pair.com wants you do use a password. This seems logical enough because without one, anyone can enter anything they want (like spam). But, since the database did not have a password [see update below], I needed to add one. Pair.com has a handy web interface for doing so. So I did.

The problem is, by setting a password, no one else can read or write to the database. No one. That means when MovableType tries to access the database it can't because it doesn't have permission to do so. Since MT can't write to the database, I can't either (at least not through MT, I could use MySQL directly but that kind of defeats the purpose of having MT in the first place).

All together now...SIGH.

So, this explains why you are reading this in a plain page like I used to use. I emailed pair.com yesterday with an urgent request for help. But as of this morning (afternoon in Pittsburgh where pair is located) I have received no response. So much for their speedy service.

I'm way too busy right now to spend any time on this so this will have to do for now. Sorry.

UPDATE. During my 45-minute lunch break, I was able to re-read the installation instructions for MT. There, I found that a password was in fact used for the database when I installed it. Being that it's been over a year since that occurred, I had no recollection of that nor what the password was (not that it matters since I changed it yesterday when I typed in a new one).

So, the question was how to update MT with the new password. Reading farther into the installation instructions I found the file to edit. You can find it for yourself if you need to but I'm not going to make it easier for l33t hax0rs to change it so I'm not going to mention it here. Suffice to say I set the rights so that only I can read/write to it.

Once that was set, all was well. Although I'm still a little wary about having that file with the password in it...Sigh.

Aloha!

This story says a teenage hacker (Isn't it redundant to say 'teenage hacker'? - ed.) broke into the Fermi National Accelerator Lab in Illinois triggering a nuclear terrorism alert while the break in was traced to a U.K. youth. The youth used the computer to store downloaded films and music.

I can't believe that any computer exposed to the Internet would have critical security matters stored on it but who knows? As far as I know, if information needs to be secured, the system is not only not connected to the Internet, it's not connected to anything so no one from the outside can get in. In addition, the system is situated in a room surrounded by copper shielding so nothing can get out.

I'm currently working on writing the first draft of the Salary Commission report. This is complicated by the fact that they have not yet made a recommendation. Not wanting to let that hold them back, they gave me a week to write the first draft. So I gotta go.

Aloha!

Stories of Mac Fanatics are legion. So if you are stupid bold enough to take jab at them you should not be surprised when they live down to their reputation. This story from Wired gives the details of a perfect hoax: Take one brand new G5, gut it, and replace the internals with PC components. Then post it on Overclockers to rub the Mac Maniacs noses in it. Step back and watch the hilarity ensue. Only, that's not what the guy actually did but the damage, according to the Mac Mordors, was already done. How dare this guy deface a Mac?

The tea leaves indicate that the Gecko-based browser Firebird 0.8 will make it out the door on Monday. Don't ask me why it's taking so long for the bird to rise since Mozilla 1.6 went gold several weeks ago. In any case, check it out on Monday.

As this article says, if someone gave you $650USD would you (a) Buy food for three or four months, (b) pay the gas and electric bill for a year, (c) purchase a really nice digital camera, or (d) buy Adobe Photoshop?

For everyone who chose a, b, or c, go to the article and read about a few alternatives to Photoshop. For all those who chose (d), what are you doing here reading this blog?

Aloha!

Well, Mozilla released the update to their browser but have changed its name. Again. What was once Phoenix, then Firebird, is now Firefox. I hope they realize that Firefox is probably not available either but surely they know this? Maybe not. If not, maybe it's time for them to hire one of those fancy agencies that come up with product names for stuff by making up words like Altima, Acura, Accenture, or Pentium. Or go here and generate one for free. Like Optilogo, Rapidene, or Misc Deltaco...

In any case, the download page starts here. Be aware that the thundering herds are at the trough so downloading the 6MB install file may be slow until the dust settles. Of course, a 6MB file is just a bug patch to Microsoft's Internet Explorer browser so I guess I shouldn't complain...

Some people may be confused. Especially when it comes to Microsoft and security. As you may know, Microsoft recently changed how often it releases security patches to its products. Up to now, patches were released as they were ready. On average, this seemed about one a week.

Now, what they do is bunch the patches in one mega-patch and release that once a month. For example, there are four patches (three for PCs and one for Macs) in this month's submission.

So, what's the confusion? Well, it seems some people, seeing only one patch a month, appear to be saying that MS has finally learned how to secure their products. But I think this is at least very premature, and perhaps wrong. As far as I can see, there are about as many security patches are before (one a week), even though they only release them once a month.

In fact, there is a case to be made that by delaying the release of patches, as they are doing, MS is actually making cyberspace less secure then if they were to release patches as soon as they are ready since the vulnerabilities are left open, even though a patch is available.

In my opinion, this is all cosmetics. It's about appearing to be doing better when, in fact, you may not be. In any case, I think it's too early to say for sure, one way or the other. By the way, one of the patches is for something that some people are calling the most critical error that MS has ever had. You decide if MS is doing better. YMMV. Insert disclaimer her.

Okay, maybe not. But I think the reaction from MS pretty clearly shows you how they think in the Valley of Mordor Redmond. MS is getting all hysterical about how people will take the code and write viruses or steal their deep, ultra-secret way of creating icons. On the other hand, the Linux kernel code has been available for years and I don't see anyone using it to write viruses. Instead, people use it to find bugs and then provide the code to fix them.

This clearly points out the differences between the two philosophies. While I'm not saying there should be only one way of doing things, nor am I saying there shouldn't be any trade secrets, I am saying releasing the code for Windows 2000 isn't going to end the world as we know it.

See the story here.

What is 5.8" x 4" x 1" (148mm x 101mm x 26mm), weighs 1 lb. (450g), runs Windows XP Home or Pro, and has a 5.6-inch (14cm) screen? The FlipStart PC.

It's being pitched at people who need the portability of a handheld, but the ability to run all Windows applications without the weight of a laptop. No word yet on pricing or availability.

Speaking of substantial patches, StarOffice 7 has a 16MB patch that came out in December. If you are using StarOffice you may want to download the patch. To help you figure out if you need to, the ReadMe is here and the download itself starts here.

Aloha!

OpenOffice 1.1.1 is scheduled for release on March 8th ( see the timeline here). This is a substantial bug "issues" fix and will probably be worth the download. Check their site around that time just in case things slip a bit.

I see that Dan Bricklin has resigned from Interland and has returned to Software Garden. Bricklin is perhaps best known for his co-authorship of the seminal spreadsheet program VisiCalc.

Apparently, Mr. Bricklin is a hands-on kind of guy that would rather be creating something rather than managing it. So he left the relative security of a large company, where he was Chief Technology Officer, to become President of a software company with two products for programmers. Talk about leap of faith. But I have to admire the man for following a path that he finds mentally/spiritually rewarding, if not financially so. Best wishes to him in his new endeavor.

This very short article says flat panel monitor shipments will, for the first time, surpass those of CRTs this year. According to the post, abundant supplies of the LCD panels will drive prices down over the next few years.

I hope the prediction is true as I would like to replace my aging 17-inch monitor at home with a flat panel model. I've really gotten used to 17-inch panel I have at work from Dell. The colors are great, there is no smear and no defective pixels to be seen. The only thing I've been waiting for is the price to drop below $300 for a good one. Perhaps next year.

For those of you in the UK or the Netherlands who enjoy building electronic kits, here's one that's supposedly the digital equivalent of the famed Enigma coding machines used during World War II.

Aloha!

From: Jon Barrett
Subject: Foveon sensor
Date: Tue, 24 Feb 2004 14:29:18 -0500

The Foveon X3 is the sensor used in the Sigma SD9 and SD10 DSLRs. You can compare it with other cameras here: http://www.imaging-resource.com/IMCOMP/COMPS01.HTM. One problem - since no one uses exactly the same algorithms for compression, and no one uses the same sensor sizes, finding two cameras with comparable images (same nominal pixels, same compression ratio, same image multiplier/display size) is a bear. Closest camera I was able to find in terms of file size was the Canon PowerShot G5, a 5 MP camera, while Sigma claims a 10.5+ MP equivalent because of their technology. At that, there should be a LOT more difference between the two of them. In terms of "native" linear image size (finding two pictures which looked about the same size on-screen when the "full image" was brought up), it looked closer to the Canon 1D, a 4 MP camera.

My visual take on it is it's like Olympus' claims that lenses for digital cameras have *unique* needs (beyond the (usually) smaller sensor area) that normal SLR lenses can't cope with. A wonderful marketing ploy, but is it any more? I don't think so - by the time you get into this price and pixel range, there are just too many things affecting the outcome, and the sensor's only one of them.

Jon
Kensington, MD

From: Lawrence See
Subject: Tri-color imaging
Date: Tue, 24 Feb 2004 11:39:53 -0800

Good day, Dan

Re the Foveon imager, I guess that you knew that "broadcast" video cameras have always been Tri-color but through the means of three sensors and a complex optical color splitting system (some current "prosumer" cameras offer this as well). Doing most of the heavy electronic processing on the sensor chip is pretty impressive, though.

Best regards,

Larry See

Dr. Pournelle is fond of saying everything on Macs are either easy or impossible. Well, you could say everything on *nix is either impossible or done on the command line. Okay, so I exaggerate. A little. Personally, I think if Apple can tame the wild Unix beast, why can't the same be done for Linux? Yes, the desktop on Linux is getting easier to use but fonts and printing are still problematic.

For example, this guy has a long, well documented posting on the problems of using CUPS to output through a printer attached to another networked PC - something trivial to do in Windows and supposedly Macs. He also includes my pet peeve, "Help Screens" and "how-tos" that provide no help (or worse, actually give information that is wrong). But I digress.

Before you send all kinds of emails about how there are thousands of man pages on how to set-up printers, which any b00b should be able to understand, I'm talking about using a desktop, not dropping into a command line interface. The day Linux can give you the functionality, via the desktop GUI, to do what you need to do without editing configuration file may be the day that Apple OS ports to Linux. <g>

Aloha!

ZDNet has an article up about variations of the Bagel Worm released this past weekend. While shipping items may be a problem, sending worms across the Internet to Hawai'i is not. I've gotten two infected emails in the last few minutes. Both had return addresses of fellow Daynoters so I assume a bot has come along and scanned the addresses and is using them as fictitious return addresses.

The new variations also insert the domain name of the receiver into the body of the message as a way of trying to make the email look more trustworthy. They also try to get around virus scanners by archiving the payload as an encrypted .zip file. The use of encryption is interesting because it keeps virus scanners from automatically opening and scanning the file.

Nonetheless, SpamAssassin correctly flagged the mail as containing the Bagel virus, although it failed to also flag it as spam!

In any case, never open an attachment. I repeat, never open an attachment.

Aloha!

Microsoft's latest browser? Nope, just some guys attempt to make IE 5.5 and above compliant with Cascading Style Sheets. I haven't tried this so your mileage may vary, but at least there are people out there trying to bring IE into the 20th century. Wait. We're in the 21st century? Well, never mind, feel free to use a 21st century browser like Firefox or Opera instead.

Today's the day that the Salary Commission votes on the recommended salaries for state judges for the next eight years. This will be a busy day for me so I gotta go.

Aloha!

Burn a label after burning a CD? With HP's new LightScribe system and DVDs/CDs you can burn music on one side and then flip the disk over and burn a silk screen-like image on the other. The drive is reported to cost about $10 more than other drives and the blank DVDs/CDs could add about 10 cents more per disk. See the story from PCWorld here.

You know, sometimes when I read stuff on the Internet I have to wonder if it's just an elaborate hoax (the stuff, not necessarily the Internet - ed.). For example, ZDnet has a story that says a company is set to launch a service that would counter-attack anyone doing a DDos or hacker attack. Left unsaid is how the company would identify the source of the attack as many DDos attacks operate through so-called zombie machines hijacked earlier.

On the other hand, the story on the Internet about the 9th Circuit Court of Appeals striking down the new Iraqi constitution is a hoax.

Speaking of it being just a matter of time. I've posted before about how automobiles are becoming platforms for computers running various operating systems. So I shouldn't be surprised that the programmers for the BMW M3 sequential transmission would create an "Easter egg."

This article from Popular Science says if you press the right buttons in the right order the M3 will rev its engine to 5,000 RPM before launching you into hyperspace. Well, okay you aren't launched into hyperspace but you could end up in jail if you do this near a speed trap.

Oh, by the way, if you do this in the garage, please remember to be pointing outward with the garage door open. YMMV. Use at your own risk. The door is ajar.

However, as noted before, as we get closer to April 1st one must keep a certain detached attitude about the veracity of some of the reports above...

Remember to backup the Popfile spam filter before formatting the drive (although I may switch to using the one built-in to Mozilla's Thunderbird e-mail program). Also, remember to write down the iTunes login. And delete all default links in Opera before importing otherwise you will get duplicate folders and links (Opera should check for duplicates and delete them when importing).

Every once in awhile I seemingly loose my mind and decide I want to learn another computer programming language. This time around, just for laughs [kicking self in head], I chose Modula-2.

Excelsior is nice enough to offer something called Native XDS-x86 for Windows. It's advertised as a "complete development system that supports full cycle of software development for Microsoft(R) Windows(tm) platforms using Modula-2 and Oberon-2 programming languages."

Unfortunately, getting it installed has not worked out well. First, be aware you have to give them a working e-mail address to which they will send the download URL. I guess harvesting your e-mail address is considered the cost of giving you their software.

After downloading you run their install utility. Said utility defaults to installing in the root of your C: drive. I haven't seen a program try to install to root since Lotus Notes so I was surprised to see it here. Installing into the root directory is not a good thing because there is a limit to how many directories can be created there. In addition, it just clutters up the root directory. So I changed the location to C:\Program Files\Modula\. Everything appeared to install correctly but when I tried to execute the program via the Start Programs menu, Windows could not follow the link created by the install program. So I deleted the links and manually added them to the Start Programs menu.

Once over that hurdle I tried to write and compile a program. Actually, what I did was simply paste an example module that was part of an Internet tutorial into the Integrated Programming Environment (IPE) or Integrated Development Environment (IDE). But having done so, I found I could not run or compile the code as all of those types of options were grayed out.

So, to the help file I went. The first thing you apparently have to do is manually create a project directory. The help file says to issue a command line sequence that will run part of their program and create the required sub-directories after you've created a directory. Hmmmm. It sure would be nice if that was taken care of without having to drop into the command line to do it. Little did I know that apparently a lot of things would need to be run from the command line. But I digress.

So I create a directory for projects and then go to the command line and type in xcwork which creates the sub-directories. That appeared to work fine so I exited from the DOS box and tried to compile/run the code. Nope. Still grayed out. Sigh.

About then is when I ran out of time and patience. I'll get around to reading the help file some more to figure out just what I need to do to get this program to run in Windows (I know you can run the compiler from the command line but that defeats the purpose of having "a complete development system...for Microsoft Windows..." You may as well have a machine running DOS 5 or some such for all the help that this Windows IPE/IDE program gives.

From: Jon Barrett
To: Dan Seto
Subject: Installing into Root
Date: Tue, 23 Mar 2004 15:45:43 -0500

That changed, actually, with FAT32, when they allowed even the Root directory to be extensible. It's also not an issue with NTFS. It's not a terribly good idea from the standpoint of disk clutter, and an even worse one to not allow you the choice of installation points, but any system that's in danger of running out of root directory entries is probably going to run out of storage space first.

Jon

Jon Barrett
Kensington, MD

In addition to the information from Jon above, Microsoft FAT16 has a maximum of 512 root entries. For FAT32, entries are apparently limited only by the size of the drive/partition (or 32GB under FAT32 in Windows 2000 and 32 terabytes under NTFS).

So the moral of the story is if you are using FAT 16 under Windows 95 or Windows 98 you are limited to 512 entries in the root directory. Hence, it makes sense to keep the root directory below that number at all times or, if otherwise possible, switch to FAT32 or upgrade to NTFS.

By the way, for those of you out there who think no one would have that many files/directories in root it is obvious you have never been involved in PC support because I've seen it several times. I've seen users install programs directly into root and I've seen users saving their data files in root. And then, to top that off, when they needed more space, they simply deleted all of the files in root. The consequences of which are for another post.

Needless to say, there are probably millions of people out there still using Windows95 so this information is still relevant to a lot of people.

Thanks to Jon for reminding me of something I knew at the time but have since long forgotten.

Aloha!

My trial of Excelsior's Native XDS-x86 for Windows has come to an end (see Tuesday's post here). I found that even when I got the IDE to recognize a test module as something that could/should/had better be compiled/made/built, clicking on the menu choice to do so would result in an error message saying the program could not be found.

I can only guess this is an artifact of the install where even though it gives the impression that you can choose the directory to install the program, you REALLY should use the default of c:\xds. Installing ANYWHERE else will mean nothing works. This includes the uninstall due, I suppose, to hard coding the default directory.

I have a long standing rule that any program that can't install to anything other than the default will probably have other problems. Problems I don't need to deal with. So I manually deleted the directories and scoured the Registry for all instances of the program.

It's just a guess, but I wonder if this program wasn't written in another environment and they blindly ported to Windows without an extensive testing program (if there was any testing at all). In any case, should you decide to install this program, remember to use the default directory. YMMV/Don't blame me if it doesn't work.

From: Peter Thomas
To: Dan Seto
Subject: XDS
Date: Fri, 26 Mar 2004 01:16:47 -0500

Dan

I think you're being a bit hard on the XDS Modula system.

Having installed it, it has VERY much to me the look of an older, DOS based environment, and thus, it would not be happy with either a directory with spaces in it OR one that is longer than 8 characters....

Peter

Have a Great Weekend Everyone - Aloha!

If you use Spybot Search and Destroy to remove tracking cookies, hijacking programs, or other detritus left by businesses trying to get your attention on the Internet, you may also want to use Spyware Blaster from Javacool Software. The Spyware Blaster site says the program:

• Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.

• Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.

• Restricts the actions of potentially dangerous sites in Internet Explorer.

Spyware Blaster works with Spybot Search and Destroy although it can apparently run as a stand alone program. How ever you run it, it blocks some stuff that Spybot Search and Destroy doesn't. It also protects you if you use Mozilla, something Spybot can't do. Check it out, it could keep you from descending into the hell of hijacked browsers.

This link leads to a list of suggested rules for a corporate Blog or Wiki. The rules are common sense things that should be adhered to by all corporate bloggers. But what I found interesting was a reference to where the word "wiki" comes from. I always figured it was some Scandinavian word. But according to the article, it comes from the Hawaiian word for fast (actually, the word is wiki wiki).

This seems to be confirmed by what fellow Daynoter Bo Leuf says is the first wiki, the Portland Pattern Repository and developer Ward Cunningham.

Small world. There are other Hawaiian words that have crept into the vernacular. Three other examples are lanai (a porch or veranda), lei (a garland of flowers), and kahuna (a wise man or shaman). No doubt there are others so if you know of any, let me know and I'll start a list. Note all of the definitions are from the Oxford English Dictionary so I figure if it's there, it must be generally known.

I did my semi-annual reformat of my hard drive recently on my PC at home. As part of re-installing the latest versions of the programs I use I found that my CD-ripper, AudioGrabber has gone freeware! This was welcome news. While at their site I noticed the the FAQ said the fastest MP3 encoder was Xing's MP3encoder. Of course, it costs $19.95USD while many others are free but I do these things so you won't have to waste your money.

So I paid my money, downloaded the 1.8MB file, and ran the installation program. AudioGrabber uses the Xing encoder as an external program but has default parameters set for it so all you have to do is point AudioGrabber to where the encoder is installed and you're ready to rip.

I chose Diana Krall's rendition of "Let's Fall in Love" as a test file. This song is 4 minutes and 17 seconds long and creates a 43.8MB wav file when ripped in stereo at 128Kbits/sec. My test PC was a Dell OptiPlex GX260 with an Intel Pentium 4 running at 2.66GHz and 512MB of RAM. I ran three tests each for Xing, LameEnc 3.96, and Ogg Vorbis 1.0 and averaged the results in seconds and the resulting MP3 file size:

Xing 23 seconds 4,020kb
LAME 36 seconds 4,020kb
Ogg Vorbis 38 seconds 3,957kb

Clearly, Xing was indeed faster than the other two encoders and if you rip 60 minute long symphonic works perhaps the speed difference is worth it. But I will leave it up to you to decide whether the $19.95USD cost is equal to the 57 percent or 65 percent respective speed increase. YMMV.

Aloha!

Things have kind of slowed down here at the Seto Shack. But I have a couple of things on order that are "in transit" so I hope to be able to report on them when they come in. The first is a wireless network based on the Linksys WRT54GS 802.11g router with what they call "SpeedBooster" technology.

The second is something to work with the wireless network. Namely, a Dell Inspiron 1150 laptop computer. Up to now, I've avoided getting a laptop because the cost just didn't justify the benefits. I mean what one paid for a middle-of-the-road laptop would buy a desktop speedster that would run rings around any laptop. Well, the future is here and the cost of the cheapest laptops have finally fallen into the range where I've decided to get one.

The Inspiron 1150 is a cheap laptop. If you understand what that means, you know what the tradeoffs are. For example, there's the weight. This one starts at 7.2 lbs. (~3.3kg). This is by no means a lightweight. Lugging 7 pounds, plus A/C adapter and nylon case around an airport will not be fun.

Second, this is not a speed demon. The CPU is an Intel 2.4GHz Celeron. While having such a processor a few years ago would lead to envy, now a 2.4 Celeron won't get you into bed with a Baywatch Babe (or able to watch her pr0n video).

Third, the screen is a 14.1-inch display rather than one of those snazzy 17-inch wide-screen jobs that everyone seems to be falling over themselves trying to snag.

But the bottom line is I got one for about $750, which is about what a cheap desktop goes for. So now I will be able to take the laptop to meetings and run spreadsheets or write minutes, as things happen. When SWMBO goes to the neighbor islands she can take it with her.

And lastly, when not used at work, I can use it at home to surf the net from the comfort of the living room sofa while watching those bouncing babes on Baywatch [ducking and taking cover].

Aloha!

Yesterday was a Good_Day(tm) at the Seto Shack. The Dell Inspiron 1150 came in as well as the Linksys WRT54GS wireless 802.11g router. You better believe I was up late playing with these toys last night.

Even though the Inspiron 1150 is a "cheap" laptop, it looks like it will do just fine for what I need it for. Namely, running spreadsheets and doing memos/reports. As noted earlier, the trade-off for cheap is that the 1150 weighs so much my shoulder was sore from carrying it after walking only two blocks to the parking garage.

The Linksys was also fun to play with. I have to make sure I understand how to secure the wireless network but so far it's up and running and I can't tell any difference in web surfing speed between being wired and wireless. Web sites come up just as fast as when I have a CAT-5 cable plugged in as when I have the Linksys card plugged in the card slot.

Anyway, this will be a good weekend for me...

Have a Great Weekend Everyone - Aloha!

The AviationNow site has a story on someone by the name Dan O'Dowd who is saying Linux and all OpenSource applications are security threats to the U.S. Department of Defense. O'Dowd is quoted in the article saying:

If Linux is compromised, our defenses could be disabled, spied on or commandeered," O'Dowd said at an April 8 panel during the NetCentric Operations 2004 conference sponsored by the Association of Enterprise Integration and held in McLean, Va. "Every day, new code is added to Linux in Russia, China and elsewhere throughout the world. Every day, that code is incorporated into our command, control, communications and weapons system. This must stop.

It may not be a coincidence that O'Dowd works for a company that sells a proprietary operating systems supposedly designed for defense systems. But that is not to say people don't have to audit changes made to OpenSource initiatives for security concerns but, in my opinion, it's a long way to saying all OpenSource is less secure than his or any other proprietary offering.

You may have heard about security devices that do retinal scans to determine who you are. But have you heard of a laser-projection device that projects an image directly on to your retina? In this case, the image is the shop manual for Honda vehicle mechanics. The system leaves the mechanics hands free to work on the vehicle while they "see" the repair instructions seemingly floating in front of their face.

The Legislature is set to adjourn on Thursday so we are carefully monitoring the outcome of the Judicial Salary Commission recommended salary increases [link is to 1.4MB PDF report]. I am checking the status, on an hourly basis, of the concurrent resolution that would disapprove the recommendations.

Speaking of updates, Mozilla Thunderbird 0.6 is now available. The updated e-mail client is listed as having, among other things, improved junk mail handling [What? They strangle the spammers? - ed.]. The companion browser, Firefox, should also see an update soon so stay tuned.

Speaking of updated browsers, Opera 7.5, Beta 1 is out. I don't know how many betazoids there will be before going gold but it shouldn't be long now.

This article from MaximumPC is a how-to on securing your wirelessLAN. While I kind of agree that security and wireless LANs are oxymorons, you have to do what you can. So I've enabled WEP and MAC address filtering, but have not disabled SSID broadcasting.

As the article indicates:

Most access points, however, include an option to disable SSID broadcasting. It's generally a good setting to disable, but we have had some problems maintaining connectivity when using Windows built-in wireless configuration interface to connect to Wi-Fi LANs with SSID broadcasting disabled. And this problem is exacerbated if other people in your neighborhood have wireless LANs setup.

In my case, I'm not using Windows built-in wireless configuration interface but I'm still having intermittent problems with connections so I've left SSID enabled. I realize this makes things slightly less secure but what's a person to do? With SSID enabled I am always able to connect, with it disabled I get connected less than 50 percent of the time. Perhaps this is caused by other nearby wireless LANs, at least one of which my LAN can see.

But in any case, I've done all that I can do, including adding the wireless router downstream of the main LAN's router. Of course, there is one more thing I've done. I turn off the wireless router when I'm not using it. That gives me 100 percent security.[g]

Aloha!

To lighten things up a bit, here's a story about a Swedish company that encases PC peripherals in wood, rather than usual beige or black plastic. You can choose from ash, mahogany, or beech and get your monitor, keyboard, and/or mouse covered in the stuff. Although cases are not yet in the lineup, they are working with a company to come up with some samples. [Hey John D., yet another idea for you!]

Aloha!

Movable Type has released MT 3.0, Developer Edition. This is a version of the long awaited update to one of the more popular, if not the most popular, "content management systems (CMS)" (can't we come up with a better description than this? -ed.). The ThunderingHerds(tm) are hitting their site so I can't give you much information other than there appears to be two versions: the Developer Edition which costs money, and a version that will be free (but not yet released). Within the Developer Edition, there appear to be two types of licenses: a commercial one costing $299.95 ($199.95 introductory price) to $699.95 ($599.95 introductory price) and a personal one costing $99.95 to $189.95 (introductory pricing $69.95 to $149.95).

I think I'll wait for the free version but even as we speak, I am evaluating other CMS options.

UPDATE: Fellow Daynoter Phil Hough sent the link to the free version:

MT 3.0 Here

Thanks Phil!

As the old saying goes, beauty is in the eye of the beholder. And when it comes to user interfaces, beauty is not a word that usually comes up. Unfortunately for Opera Internet browser users, the interface of the latest version, in my eyes, is no beauty.

Opera 7.5 went gold yesterday. As usual, the ThunderingHerds(tm) were at the trough feeding so it took awhile before I could download the latest version. I was eventually able to get in and I'm underwhelmed. No, let me take that back. I think I'm astonished at this step backwards.

Opera has taken this point upgrade opportunity to change the user interface by moving many of the most used buttons to a panel on the left side of the screen. I don't know why they did this but the first thing I did was to change things back, as much as possible, to how I like it to look.

Also, be aware that the install goes into its own directory, leaving your present version in place. This surprised me as most programs install into directory being used by the current version. Doing it Opera's ways requires you to manual un-install the old version. Not very user friendly unless you are afraid that most people will want to keep the old version?

I don't know if you'll like the changes in 7.5 but feel free to take a look. As for me, I'm using Mozilla Firefox more and more so I guess it doesn't matter that much anymore.

Dive into Mark has a pretty good posting on MovableType 3.0. MT has never been OpenSource or free. But in Mark's opinion it was open and free enough for most people. But with the coming of version 3.0DE, MT has made a choice. If you want to use it, you have to pay. A lot.

Mark goes on to say, if I understand what he is saying, that commercial software like MT doesn't have a future and that only OpenSource efforts do. I have to disagree with this. If anything, the history of software indicates just the opposite. I mean, most programs OpenSource or not, aren't around very long. But I think people tend to do things that they get rewarded for and if a program is successful and the author gets money for it, he or she will probably continue development of the program. On the other hand, people working on OpenSource alternatives don't get money for their work. Sometimes that doesn't matter. But most times it does since most people aren't independently wealthy and need to earn some money to have a roof over their heads and food on the table. Hence, at best, they may spend some free time working on the program but they will spend the majority of their time on things that pay them money.

Note that I'm not making a value judgment here. It's simply the way things are.

But being that as it may, there are other content management systems. You have a choice. You can stay with MT and support its development or you can switch.

I'm in the process of testing MT 3.0 Developer's Edition. I've installed it but so far am disappointed. The comment registration system, designed to ban spam, works against various robots, but does nothing against armies of low paid people in India hired by spammers to send their drek far and wide.

As Mark notes, he's already received spam while running a beta of the new registration system. Hence, the main reason for going to MT 3.0 is probably void.

Even before MT 3.0 came out, I began taking a look at other solutions. Pair.com, the host to this site, supports two: Blosxom and Geeklog. Either would work, although, for my taste, Blosxom is too minimalist and Geeklog is too fussy.

But another program has gotten a lot of word-of-mouth and is called WordPress. I haven't had much time to work with it so I won't say anything about it yet but if you are looking for an alternative, you may want to check it out (although I'm a little concerned about the dynamic versus static-based page debate).

The bottom line is you have a choice. You don't have to use MT3.0DE. Hence, rather than demonizing Mena and Ben, who are just trying to make a living producing a product people want and are willing to pay for, find something else.

Leave it to those resourceful Kiwis to come up with a homegrown Wifi antenna using a Chinese wok stir-fry scoop. Check it out in pictures here.

Sorry about the late post but as a precaution I disconnected from the network and reformatted the C: drive yesterday. I did this because someone on the network may have been compromised by a Trojan Horse program.

If this is true, and the only indication we have is from the anti-virus software (an old version of Inoculate) running on their PC, the entire network may be at risk.

I am now back online and am putting my faith in the firewall software (Sygate) and anti-virus software (Computer Associates Int. - eTrust EZ AV) that we are using.

Have a Great Weekend Everyone - Aloha!

I've been using either Mozilla email or Thunderbird for some time now but have found an area they are lacking. Namely, exporting. If, for example, I want to export all of my email so I can store it while reformatting my hard drive I'm left up the creek without the proverbial paddle. Neither Mozilla email client can export email. So what are you supposed to do? I don't know. Copy the folders?

Drop me a line if you know of a way of exporting then importing back in. By they way, after using both for awhile, I think Thunderbird runs better. YMMV. FWIW.

Aloha!

My web host (pair.com) is having problems with email so if you sent me something in the past 24 hours I won't be able to respond until they get around to figuring out what is wrong. If there is an emergency need to get a hold of me, feel free to try dkseto at hotmail dotted commercial.

In addition, the specific server my site is on has gone down a couple of times in the past weeks due to "heavy load." So if you can't get to my site, you'll know why. Sort of. And for this I pay over $300 USD a year. Sigh.

If I had my own static IP address and a provider that would allow me to host my own site I would do so. Of course, I would carefully re-read everything fellow Daynoter Brian Bilbrey has on his site and then contact Daynoter Phil Hough since he also hosts his own site...

From: Gary M. Berg
Subject: Pair systems, Thunderbird
Date: Tue, 25 May 2004 15:10:39 -0400

Dan,

The Pair systems email problem should be over; one minute it was working and the next it wasn't. I emailed the support folks and they said they ended up undoing some changes they had done on a back-end server (presumably the one that handles authentication for POP/IMAP/Webmail for domain mailboxes). They also lost the ACC for a while, but it was back too as of about 12:45 PM EDT.

As for Thunderbird, the best bet is to indeed copy the folder that contains everything (your "profile" folder). Then on the new machine you will create a new profile and then drop everything back inside of that. I think this will even preserve all of your account information.

I've played with using Thunderbird for POP3 and IMAP access to my Pair-hosted domain, and it works fairly well. I think that Outlook 2003 is a better email client, especially since it can easily be set to not display embedded links inside of "untrusted" email correspondents. Yes, I know about all the potential security issues in Outlook, but the 2003 version does a fairly good job of reducing those problems to a minimum. It's not fair to compare Outlook 2000 (a 4 year old product) to Thunderbird (which is under very active development) as far as security.

I've been using SpamAssassin on the Pair server to flag my mail as to what looks like spam. With a good whitelist on Pair, and a similar whitelist in Outlook 2003, I probably see about 99% accurate filtering of spam with very few messages making it through the double filter of SA on my host and Outlook 2003.

Aloha!

I've updated my public key for mail at seto dotted organization. You should see a link on the right side of the screen at the bottom of the "Links" section. If you don't, you can download it here. If I should ever send an attachment, I will sign the email with my public key. Please delete all previous keys. Thanks.

First, the good news. I posted recently about the change to new network cabling which is part of our switch from IBM Token-Ring to Ethernet. What we had was old CAT-3 wires that can't operate at the higher speeds found on Fast Ethernet so out they went.

Now that we have switched over (no pun intended), you can see the results below:

That's a shot from Broadband Reports indicating I got about 6.8Mbps down and 3.0 up. Whoooo and Hooooo. Before the switch over I was getting about 1.5Mbps up and down. Well done to our IT guys!

Now the bad news. Many (all?) of our Windows servers were setup to be accessed via the NetBEUI protocol. Said protocol was pretty snazzy in 1985 for use with Windows for Workgroups. But in 2004, Windows XP doesn't even support it. If you have XP and you need NetBEUI, you can find it on your install CD (see MS KB Article 301041 for installation instructions) so all is not lost.

Or, it is? NetBEUI is non-routable (except in a token-ring environment) and will not cross subnets. The Ethernet side of our network is, I think, segmented and on a different subnet. So, as far as I know, I can't get there from here using NetBEUI.

That doesn't mean I can't get there at all but it does mean it's not as user friendly. With NetBEUI I could browse the list of Windows servers (and there are a lot of them here) and mouse click on the one I needed. Now, I have to use the keyboard and type in the specific server and share I need in the form of \\server\share.

Now the worse news. Even if I do that, what happens seems to be randomly assigned. Sometimes I get a login, which is what should happen. Sometimes I don't get a login but do reach the server. Unfortunately, since I'm not logged in, I don't have the rights to see or do anything on the server. And finally, sometimes I don't have to login but I do have access to all the files.

Fortunately, I don't need to get to that server, which is our Intraweb site, often since I only need it when I update the site. But if things get busy again as far as adding things to the site I'll be in a heap of hurt ("But boss! It's not by fault! It's Netbeeeuuuuiiii!"[insert sound effect of footsteps echoing down a long, dark hall and a scraping sound that can only come from a body being dragged away]).

Oh well, I do have to congratulate our IT people for getting the Ethernet side going and thank all four IT people who came by yesterday morning to try to fix things re: server access.

As Spock would say, sometimes, fixing a computer requires illogical solutions.

On Friday, our IT people were able to get me access to the Intraweb server again. They did it the old fashion way: by facing in the right direction and incanting the correct magic syllables.

Actually, they did what smart IT people do: they applied logic and began to eliminate possible sources of the problem. First, they attached a laptop to our network drop and determined that the problem was not specific to my PC. By doing this, they refrained from wasting hours trying various changes on my PC that probably would not have made a positive difference.

Once they determined the problem was not specific to my PC, they focused on the server's configuration. This is where the chanting came in because they couldn't find anything wrong. Yet every time anyone would try to login they would end up in the wrong directory. They tried deleting my login and creating a new one but no joy.

So, they copied everything in the directory I needed to get to and temporarily stored it in a new directory. They then deleted the old directory and re-created the directory again. After which they copied the files back in and all was well.

No one knows why that worked but it did and so far it still does.

For you X Window manager fiends out there comes the latest update to Waimea (Hawaiian, noun, pronounced why-may-uh and meaning reddish-brown river in English, referring to the famous surfing spot on the island of O'ahu). Waimea uses the cairo graphics library to render a spiffy desktop. Unfortunately, there's not a whole lot there at the website but I guess if you know what a X Windows manager is you can figure out how to use it. YMMV.

Aloha!

I've been using the Linksys WRT54GS wireless router/access point for a little over a month now and find that I can't get much use out it. I don't know why, but as more of my neighbors fire up their own access points (there are now at least two others within range of the Seto Shack), the Linksys signal strength goes down until the connection is lost.

At first, I thought I had configured things wrong but after trying everything I could think of or find on the Internet, I noticed that as the number of other access points went up, my signal strength went down. Note, some sites talk about RF interference from cordless phones or even microwave ovens. But I don't think that's the source of my problem.

Here's why. When no one else has their access point powered, I get what the Linksys software says is "good" to "excellent" signal strength. But when one neighbor goes online, signal strength immediately drops to "poor". When the second access point comes on, signal strength goes to zero and my connection is lost.

The big question is why is this happening. Some people said to change channels or to use specific channels like 1, 6, or 11. So I did, even though none of the access points were on the same channel. So, of course, changing that did nothing. Others have said to change various other settings but none made a difference.

There have been reports (here, and here) that, in fact, having more than one access point within range does cause interference. But they also say to change channels.

Surely, the 802.11 standards committee would have anticipated environments with more than one access point. Surely, they would not have created a standard that allows the presence of other access points to negatively affect the performance of others even when on different channels. This is such a basic problem that surely it would have been solved by now by using, for example, spread-spectrum technology, long in use in the cordless phone world. Right?

Perhaps. Maybe I should switch to another brand of access point? I've heard good things about the Microsoft offering but, of course, they've since stopped making them. What I need to know is if anyone lives in a similar environment to mine in which at least two other access points are nearby, all on different channels, and whereby they all get good access.

So, if you live in a such an environment and are getting good reception, let me know what brand of access point/laptop card you are using. Thanks.

Aloha!

Well, not exactly. But you may be hearing more about CableCard (see one article here that explains things better than the CableLabs site) in the near future.

Starting July 1st, if you have a CableCard ready TV (which you probably don't, but will be able to purchase in the near future), you can pop in one of these cards and get rid of your set-top decoder box. This means you can use your TV's tuner, rather than a separate box, to watch analog, digital, or HDTV (assuming your TV can display them). Of course, you must be a subscriber of these services but you would no longer need the extra box to watch them via cable.

Note that the CableCard is unidirectional, meaning that such services as Video-on-Demand or various bi-directional TV guides would no longer work. Further, while CableCard ready DVRs will have a slot, it appears you would need to have two CableCards to use them to watch one scrambled channel on your CableCard enabled TV (or using features such as picture-in-picture) while recording another on the CableCard ready DVR.

In addition, I'm not sure where you would get the cards other than from your cable provider. Said provider would probably have a monthly rental charge for the cards. What that cost will be I don't know but when its available, you will need to determine whether it's worth your while to switch or just stay with what you have (which would continue to operate as before).

Aloha!

SWMBO is getting tired of using the Sony Vaio 600MHz Celeron desktop that she's been using for the last couple of years. So I'm putting together a white box PC using an Intel 2.8GHz P4 Prescott, Intel D865GBF-L motherboard, Seagate 120GB SATA hard drive, and 512MB of Kingston RAM. It will be some time until I get all the parts in but once built, it should should be adequate (for awhile) for what she needs to use it for.

For whatever reason, I've had all kinds of problems trying to use GnuPg and have ended up generating a new set of keys. So, as before, delete any public keys from me that you may have and use the one linked to on the right. Sorry for any problems this may cause. Thanks.

Sometimes it's nice to know that even Linux computer gurus have problems that drive them nuts. Not that I enjoy their pain, but at least it shows that not everything is as easy as reading the How-To.

For instance, Jamie Zawinski (see the comments back and forth here) is trying to install something called Catweasel. This is a disk controller that apparently can read PC, Amiga, Atari, Mac, Commodore, and Nintendo (Nintendo?) diskettes.

But I guess the site correctly warns you that, at least for the ISA version, "The drivers are not designed to be easy-to-use. Instead, they are tools "for-freaks-only"."

Now, I don't know which version he is using but with that kind of there be dragons here warning, you shouldn't be surprised if you can't get it to work out-of-the-box. Still, if you've had any experience actually getting one of these things to work in Linux, give him a hand because he's a good guy and could use the help.

Microsoft may do a lot things right but getting software out the door on time is not one of them. So MS rightly takes a lot of heat when it delays releases multiple times. In the case of Windows updates, the delays can be measured in years.

But is the same standard applied to non-MS offerings? Not always. For example, Mozilla Firefox 0.9 has finally been released. If I remember correctly, it was due in March. Then it was delayed to April. Then May. So, on June 15, it finally went out the door.

But, it was supposed to be "feature complete." Only, it doesn't appear to be. For example, you can't do an upgrade update. You have to either uninstall your earlier installation and then install the new or install the new in a different directory. No, this is not hard to do but it confirms that 0.9 is not "feature complete." Or at least, in my opinion it's not if you consider in place upgrades a "feature".

So, while I am no MS evangelist, I think we need to remember that MS is not the only one to miss deadlines so maybe we should cut them some slack.

"I am learning," Yen Hui said.
"How?" the Master asked.
"I forgot the rules of Righteousness and the levels of Benevolence," he replied.
"Good, but could be better," the Master said.
A few days later, Yen Hui remarked, "I am making progress."
"How?" the Master asked.
"I forgot the Rituals and the Music," he answered.
"Better, but not perfect," the Master said.
Some time later, Yen Hui told the master, "Now I sit down and forgot everything."
The Master looked up, startled, "What do you mean, you forgot everything?" he quickly asked.
"I forgot my body and senses, and leave all appearance and information behind," answered Yen Hui. "In the middle of Nothing, I join the source of All Things."
The Master bowed. "You have transcended the limitations of time and knowledge. I am far behind you. You have found the Way!" [From a good tutorial on PERL debugging found here.]

With all the talk about how we have to do more with less, it is interesting that the Judiciary requested, and the Legislature approved a new position. They approved a "webmaster" for the Judiciary's intraweb site. Now, this is not a story about how politics works and how you almost never get what you want or need, but you do get what the politically connected want.

Rather, it's a story about being told to do something but not being given the access required to do it.
So sit right back and you'll hear a tale,
a tale of a fateful trip.
That started from this tropic port, aboard this tiny ship.

Part of our intraweb site runs on PERL. That is, the search engine and electronic voting booth runs via PERL scripts. I installed the scripts about two years ago and all was well.

Until our new webmaster came along, that is. Our new webmaster is good at creating fancy HTML. However, he doesn't seem to be as experienced in running and maintaining a web server. For example, he doesn't know what PERL/PYTHON is. He doesn't know about setting permissions. He doesn't know about a lot of things a webmaster needs to know to do his or her job.

So, all of sudden the scripts stopped running and I was told to fix them (perhaps not coincidentally after he deleted and re-created the directories the scripts are in). The problem is I no longer have read/write access to the PERL scripts. In fact, I can't even run PERL on the command line. These are BIG problems if I'm supposed to fix the scripts. I reckon these are also artifacts of his deleting the directories and then re-creating them that I talked about earlier.

Looking at the PERL error messages I'm now getting, I've narrowed it down to two possibilities: 1. The permissions are set wrong for the sub-directory and/or the files in the directory. 2. The path has changed and the PERL scripts need to be updated to point to the correct directory.

But since I can't copy, edit, read, write, fold or staple any of the scripts, I can't check to see if I'm correct. So, I emailed the webmaster asking for permissions to be set so I could do so (either through my login or by actually changing things on the files themselves).

Our webmaster replied saying the error message indicates PERL is running so he has nothing to do. It's up to me to fix things. [sound:fx sound of steam being released and someone slowly counting one...two...three...four...] Sigh. Don't get me wrong, he is a very nice guy and trying to do the best he can. But perhaps he needs some training in how to do the things he needs to do.

So, that's where we stand right now. Our webmaster thinks I can fix things without having to change permissions. So I'm going to clear my mind and forget this problem as life is too short to make a big deal out of this.

The question comes up periodically as to why I switched to a content management system (CMS). I'll lay out some of the problems and how they are solved by a CMS (without evangelizing too much about which CMS I think is best) but I'll also highlight some of the costs that are involved in using one.

I chose a CMS (I presently use MovableType) because I was tired of having to update my templates the beginning of each week and felt that computers were meant to help make me more productive, not be forced to manually slave away at boring tasks.

For example, each week I would have to edit the main index page to update the dates for each day, the "last week" and "next week" links, the redirector page, and the calendar page that had links organized by month. This was a lot of detail work with attendant mistakes cropping up. Hence, much of my time was spent updating the templates instead of writing these insightful posts [g].

I understood, however, that switching to something to automate these tasks would come at a price.

Since I don't have the expertise or the time to write my own system, I would need to rely on someone else. By doing so, I give up control, to a certain extent, over how my site looks and operates. This is because most (all?) CMSs are based on a set of pre-written templates. While it is true that the templates can be modified, there are bits that should not be altered. Hence, to a great extent, websites using a CMS tend to look very similar, if not exactly alike.

But these templates, and the underlying PERL/Python scripts, are required to automate the very processes I didn't want to do by hand anymore.

Further, once going down this road, deciding to go back may be very difficult and time consuming. Some CMSs dynamically create the page as it is requested. But once served, it disappears into the ether. Lose the database where the posts are stored, or access to it as users of Dave Winer's service have found, and everything you have written is gone (even with the help of Google's cache or The WayBackMachine).

On the other hand, other CMSs (such as MT) use a static structure whereby pages are created and permanently archived (or as permanent as things can be on the Web) to the server. Nonetheless, if you want to switch to something else, you may still end up having to do much hand coding. In either case, you are essentially locked into the system you choose. Hence, you have to decide if the cost of having to switch, should you need or want to, is worth the benefits of any CMS.

In summary, using a CMS automates tasks that you would otherwise spend time doing. The downside is you loose a certain amount of control. In the end, only you can decide what the costs and benefits are of any system. Use whichever tool works best for you. But for now, I'm sticking with Ben and Mena Trott's MT.

Aloha!

You IT professionals out there (you know who you are) probably already know this (because, you are like the mythical town of Lake Woebegon, Minnesota, where the women are strong, the men are good looking and all of the children above average intelligence(r)), but if you haven't started testing Microsoft's latest Service Pack 2 Release Candidate 2 (instructions for installation here or here), get it now. There are changes that will break applications. Many of these applications are network related and will fail because of the firewall that SP2 enables by default.

The Release Notes list some of the applications that will have to be updated or modified. Read the other information on the MS site to find others.

Also, be on the lookout for updates from your own PC manufacturers.

The bottom line, in a corporate environment anyway, is that SP2 may cause some problems. How many and what kind will depend on what you are running. Most of you should be okay, but not everyone will be so fortunate.

I'm here at work but I don't know if I'll make it through the day.

I had an interesting experience yesterday. It started with problems editing a PDF file and ended with hours of formatting a word processing document.

Many of you know that PDF files are not intended to be edited. That is, you create the original in another program such as a word processor and when done, and only when done, you convert the document into a PDF. Once in PDF form, you really don't want to be making substantial changes to the PDF. This is because, in essence, a PDF is a picture of a document just as a jpg file is a picture of something you photographed or created in a paint program. Hence, trying to edit a picture as if it were a word processing document is not going to get you very far.

Indeed, if you do need to make substantial changes, you go back to your original word processing document and make the changes there - then convert again to PDF.

A problem occurs when you have to make substantial changes but don't have the original word processing file but you do have the PDF file. If the PDF came from a word processing document and you saved the font into the PDF, you may be able to make substantial changes to the PDF. But if the PDF came from a scan of the hard copy, you're pretty much toast because all you can do is rescan the document and run it through your Optical Character Recognition (OCR) software.

This is where things get hairy. Said software is far from perfect even though it is getting better. You would think with systems available to recognize handwriting that software would be able to read printed documents. But you would be wrong because much of how we recognize written ideas is through the context.

For example, a numbered list gives order and is intended to be seen as a whole. To OCR software, the numbers are just characters and have no attachment to the words that follow. Hence, even if the OCR correctly reads the characters, your word processing software will not recognize the output as a numbered list. Hence, you spend much time formatting the document to create the context.

I don't know if anyone has done a study as to what point it becomes more efficient to type in a document versus trying to make corrections and format an OCR read document. But with the 33 page document (a memorandum of agreement) in question, all I can do is cut and paste parts of the OCR into a clean word processing document rather than waste time making corrections.

Tim O'Reilly has a longish essay on The Open Source Paradigm Shift. O'Reilly says the Open Source shift (assuming here that there is one) is a reflection of three long-term trends (see the list below) and uses the trends as lenses to examine the shift:

1. Software as Commodity (Software itself is no longer the primary locus of value in the computer industry. The commoditization of software drives value to services enabled by that software. New business models are required.)
2. Network-Enabled Collaboration (Open source is the "natural language" of a networked community. Given enough developers and a network to connect them, open-source-style development behavior inevitably emerges.)
3. Customizability: Software-as-a-Service (Software as a process.)

He concludes: "But a historical view tells us that the commoditization of older technologies and the crystallization of value in new technologies is part of a process that advances the industry and creates more value for all. What is essential is to find a balance, in which we as an industry create more value than we capture as individual participants, enriching the commons that allows for further development by others."

Aloha!

Speaking of not meeting the objectives. I've learned a few things about setting-up and using a wireless network. The first thing nobody tells you is if you are using 802.11b or 802.11g (by far, the two most popular and both operating in the 2.4 GHz band), you have a maximum of three channels to use (1, 6 or 11 in the US). These channels are not supposed interfere with each other so you should be able to get a good connection if any one of the three is available.

But if you live in an area with access points already using those channels, which I do (there are four, including my own), you will not be able to use your network at all or at the most, intermittently. I don't want to point fingers at anyone but this seems to fall on the lack of planning on the Institute of Electrical and Electronics Engineers (IEEE) who developed the standards.

Surely it was obvious that three channels would not be enough. Surely it was obvious that a way of working around this would be needed. Surely Hawaii is not the most connected places in the world so I'm not alone in having so many hotspots near me. Surely the press needs to report these problems because they are doing a great disservice to the growing number of people who buy this hardware, only to find it doesn't work.

Indeed, with the coming of non-compliant "turbo" modes that bind two channels to get more bandwidth, it's getting even harder to get an open channel to use. Further, it will only get worse as more and more people buy these systems (turbo or not).

The temporary solution is to move to 802.11a. Strangely, as the numbering systems works, 802.11a runs at a higher frequency, 5 GHz, and has 12 independent channels (rather than 802.11b or g which has only three) to work with. The problem is very few companies are producing 802.11a compliant hardware. And those that do aren't exactly spending a lot of money keeping their chipsets up-to-date (Atheros, one of the big players in chipsets, introduced their third-generation in May of 2003. To date, according to a search on the Atheros site, only Sony is using it in their access points).

So, in the short run, if you live where interference is keeping you from using your wireless LAN, switch to 802.11a. But unless something better comes along, even 802.11a will become crowded. At that point, I don't know what else can be done.

Aloha!

You may remember I was looking at different content management systems (CMS). One that I looked at is called Blosxom (pronounced like blossom, as in flower). Unfortunately, it did not meet my needs because it was very minimalist. That is, there were very few features that would make it worthwhile switching from MovableType. But as oftentimes happens on the Internet, I followed one link that led me to another and I ended up at Blojsom.

As you may be able to tell from the name, it is based on Blosxom but adds many of the features I was looking for: RSS/Atom, comments, trackback, web-based administration, etc.

I guess this CMS looked so good Apple decided to bundle it with the coming Mac OS X codename "Tiger". Congratulations to the Blojsom (and Blosxom) team.

Why is there so much e-mail spam? The short answer is because there is money to be made. The bottom line is, first, because it's cheaper than sending snail mail. Second, because, according to this article here, 20 percent of the recipients actually buy through them.

The number seems much higher than numbers I've seen before but even if orders of magnitude wrong, it still answers the question of why so much spam. If you send out 100,000 e-mails, a number not out of line with figures I've seen before, and you get a one percent response rate, that's still 1,000 sales (Don Armstrong please double check my arithmetic). Making 1,000 sales on a cost of, probably, pennies per sale is one excellent way of making money. Hence, as long as it is profitable, people will continue to clog your e-mail box with stuff you may not want, but 20 percent of other people do.

As for me, I've modified how my e-mail is filtered. Recently, I've been using two layers of defense. The first is SpamAssasin that my host provider, pair.com uses. The second is what Mozilla Thunderbird has built in. But even with these two filters, much too much was getting through. So I re-installed a filter I've used in the past. It's called POPFile.

While I've only used the three together since yesterday, I'm already near 97 percent accuracy in identifying spam. However, I've found two POPFile bugs that weren't in the previous version I used. The latest version of POPFile (version 0.21.1) has a really nasty bug relating to the system tray icon. If you have it on, and you go to the "Buckets" tab of the POPFile user interface (UI), WindowsXP Pro will lockup so hard you will have to press the reset button. The temporary workaround is to disable the tray icon by using the UI (Configuration->Windows->Show POPFile icon in Windows system tray?->No). The second bug is not as big a deal. If you access the UI by going to the Windows Start menu -> All Programs -> POPFile and start the UI there, you may get an error message saying Windows cannot find 127.0.0.1:8080 (which is where the proxy runs). You can ignore the error as your browser will find the address just fine. The workaround for this is to access the UI directly by first starting your browser and then typing in the 127.0.0.1:8080 address yourself.

Speaking of modern browsers, now is the time to switch from Microsoft's Internet Explorer (IE) to something else. Why? Regardless of what you may think about Microsoft, the types of attacks being launched against IE now make it likely that your personal banking/credit card information will be stolen. If not today, then tomorrow, or next week. It's become a matter of when it will happen, not if it will happen. Prior to now, most attacks were from teenage boys trying to prove their manhood to their friends by owning as many other PCs as possible.

Bad as that may have been, now, Russian/Pakistani/Indian organized crime syndicates have begun to exploit security holes in IE to steal your banking and/or credit card information so they can steal your money and identity. If you've ever been a victim of such crimes you know that it takes years to clear the problems caused by these attacks.

So, there is no time to waste. Right now, go to Mozilla or Opera and download one of their browsers. Use them instead of IE and remember to be careful out there...

There have been a few updates to two of the more popular modern (i.e., non-I.E.) browsers out there. Firefox is at 0.9.1. While you're there, you may want to update the Thunderbird e-mail client which is at 0.7.1. Over at Opera, they've updated their browser to 7.51.

Speaking of FederalExcrement, this guy has written an application that uses RSS to let you keep track of your shipped packages. YMMV, use at your own risk, I have not tested this myself.

These guys here have created a PowerPC emulation that runs on either Linux or Windows. That's right, you too could be running Mac OS X 10.3.4 on you very own Linux or Windows machine. Of course, running may be too strong a word to describe software emulation that turns a 3.0GHz blazer into the equivalent 77MHz Tiger wannabe. But hey, as the guys say, it's still cool that it runs at all.

While building your own white-box desktop PC has a long history, doing something similar for a laptop was a problem. Namely, the laptop manufacturers made sure you couldn't do it by keeping things proprietary to the extent possible.

The first kink in the armor, however, may be the line of white-box laptops by Asus. Legit Reviews has an article on their building a laptop based on this line (see the article here).

Subject: sve: whitebox
From: Jan Swijsen
Date: Thu, 8 Jul 2004 13:14:05 +0200

<quote>The first kink in the armor, however, may be the line of white-box laptops by Asus </quote>

Umm, I don't think they were first.

I bought my first notebook somewhere in 1996. A Mitac (AMD486/100) but there was no Mitac label (other than the serial-number sticker) on the box. There was no real manual either, just a stapled stack of leaves with the pictures each on a separate leave.

At the time Mitac produced lots of notebooks on order for relative[ly] small brands, lots of small desktop firms were branching out into notebooks. The notebook had a few cutouts in the plastic caseing where the companies could fix brand name labels to it.

The advantage was that I could easily and relative[ly] cheaply upgrade the standard memory (from the 1MB to 4MB) without using the single expansion slot (which took another 16MB later). I also upgraded the disk from a standard 120MB to a generous 800MB (now there is a 2GB disk installed).

I admit that those Mitacs were not directly available to the public, I got mine from a reseller (low price but no warranty).

-- Kind regards,
Sjon Svenson

---

Date: Thu, 08 Jul 2004 06:37:11 -1000
From: Dan Seto
To: Jan Swijsen

I guess what they are saying is you can buy the case without memory, hard drive, or CPU. This is not the same as being able to increase memory or switch the hard drive. Whether you save any money doing it this way I don't know, but at least you control what goes in - not the manufacturer.

Aloha!

Mozilla has confirmed a security vulnerability in Mozilla/Firefox/Thunderbird (see the announcement here). You download either a patch or new versions (Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.7.2). It affects only the versions running on Windows (why am I not surprised) so if you are using a Mac or *NIX this does not apply.

While no one wants to see security problems in their software, it is heartening to see Mozilla owning up to the problem and fixing it in one day. Compare this to Microsoft's typical behavior of first attacking the person who discovered and reports the problem, then denies it's a problem, then admits it a problem but insists it is not widespread, then admits it is widespread but fixing the problem will take time because their browser is integrated into the operating system, to releasing a fix that doesn't (fix that is), to releasing a fix that works but also breaks an earlier fix, to a fix that works but doesn't break anything else. You decide which company you trust. The one that fixes its mistakes immediately or that "den of scum and villainy."

Have a Great Weekend Everyone - Aloha!

Mozilla has confirmed a security vulnerability in Mozilla/Firefox/Thunderbird (see the announcement here). You download either a patch or new versions (Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.7.2). It affects only the versions running on Windows (why am I not surprised) so if you are using a Mac or *NIX this does not apply.

While no one wants to see security problems in their software, it is heartening to see Mozilla owning up to the problem and fixing it in one day. Compare this to Microsoft's typical behavior of first attacking the person who discovered and reports the problem, then denies it's a problem, then admits it a problem but insists it is not widespread, then admits it is widespread but fixing the problem will take time because their browser is integrated into the operating system, to releasing a fix that doesn't (fix that is), to releasing a fix that works but also breaks an earlier fix, to a fix that works but doesn't break anything else. You decide which company you trust. The one that fixes its mistakes immediately or that "den of scum and villainy."

Have a Great Weekend Everyone - Aloha!

This article from Microsoft simply confirms what many of the Daynoters have know for a long time. When it comes time to switch from one version of Windows to another, it's best to "wipe and load." That is, it's best to format the hard drive first and then install Windows rather than doing an "upgrade."

The downside of doing this is you have to reinstall all your applications and data (which takes time and requires that you have copies of your applications and data). Of course, if you partition your drive (or use more than one drive) you can place Windows and your applications on one partition and your data on other. Thus, it's possible to reformat the Windows partition but keep your data.

In addition, for many programs, you have to have a version that has a full install as opposed to an upgrade version. Even though many so called upgrade versions actually are the same as the full install, the installation program will check of an earlier version. If it doesn't find said earlier version, it won't install.

Further, in the age of Microsoft's efforts to prohibit software stealing, you have to have the product codes to unlock the installations. No code means no installation.

Hence, make sure you have all the program disks and their codes (and your data) before you reformat the drive!

The upside is you get rid of what Microsoft calls "performance problems that occur due to normal performance degradation." Some of those problems are listed below:

• Registry size and fragmentation.

• Master File Table size and increase.

• Page file fragmentation.

• Discretionary applications.

• No longer needed or outdated device drivers.

• No longer needed networking protocols.

For some time now, when I code these pages, I've been using the <acronym> tag to surround acronyms like NATO. If you point your mouse over the word NATO, you should see a text box with the words "North Atlantic Treaty Organization." This is helpful to people who are not familiar with a particular acronym. But I've also been using this tag to surround abbreviations. Now, as you English majors out there know, acronyms are words formed from the initial letters of other words (e.g. laser stands for light amplification by stimulated emission of radiation). On the other hand, an abbreviation also uses the first letters of other words but they, in English anyway, do not spell a word.

For example, VBR is the abbreviation of the words Variable Bit Rate. But if I use the tag for <abbr>, like this VBR, not all browsers will create (ahem, cough, Internet Explorer, cough) the text box. While modern browsers like Firefox and Opera do just fine, others do not. So, I am conflicted about what to do. If I use the correct tag, many of you (i.e., those using Microsoft's Internet Explorer) won't see the text box. But if I use the acronym tag, I am technically using the wrong markup. If this matters to any of you, one way or the other, feel free to email me using the link to the right. For now, I'll continue to use the acronym tag even if it is incorrect. Hopefully, most people will soon switch to a modern browser and at that point I can start using the correct tags.

By the way, enjoy the posting now as I will be very busy next week attending all day meetings. I think I will have enough time to put up some short posts, but that is as much as I will be able to do.

Aloha!

Every so often someone takes up the challenge of deciding which audio codec is the best. The latest is ExtremeTech and their review (see it here) of MP3, Ogg Vorbis, AAC, and WMA.

According to their results, which varies by bit-rate (they used 64, 128, and VBR set at 98 percent), the best is...now wait for it...dependent on several factors.

Those factors boil down to what hardware are you using. For example, if you are using a flash memory based product that has very little storage you may need to compress at 64K. On the other hand, if you are storing your music on a 5TB array you can encode pretty much at any rate you want (including no compression at all). On the other hand, should you choose the ubiquitous Apple iPod, you only have one choice, albeit a pretty good one based on the results.

The results in the table below are the geometric means of the ratings used. Each subject rated the sample from 1 through 5 with the higher number meaning better sounding. The numbers below are the overall aggrate of four different music samples:

So, if you are forced to encode at 64k, use Ogg Vorbis (assuming your hardware supports it, which many do not, otherwise, use WMA). If you can encode at 128k, use WMA9 or AAC. It is difficult to recommend VBR since the resulting file size is about twice that of 128k while the scores, albeit subjective as they are, are lower than 128k. YMMV.

This article here says WiFi chip makers are producing products that intentionally interfere with their competitors products. These so-called "Turbo" mode products promise speeds double the usual 54Mbs of 802.11a/g. But if a competitor's system is operating nearby, the interference caused by the systems will effectively slow or even block all transmissions (unless, of course, you switch to their brand of chip).

A pox on all their houses I say. I disconnected my Linksys access point and got a Microsoft one instead. Not only do I get higher throughput without "Turbo" mode, I also get greater range.

Using a cross site scripting exploit, this site here was able to display text of their choice on sites such as the MasterCard, Barclays, and others. By using these sites, rather than their own, they can present to you, even under SSL conditions, whatever they want to and you would not know the site was under the control of someone else.

Needless to say, this opens a new avenue for phishing attacks that could occur even if you go directly to, for example, your banking site. Or Amazon. Or eBay. Or PayPal. You don't need to respond to emails. You don't need to click on links. All you have to do is visit your bank, etc. The attackers could conceivably create such a realistic presentation on your own site that you would not know you have been taken over.

Unfortunately, the site does not indicate how to prevent such attacks (Another site says to check all user provided input in forms. However, they give no examples for what to look for.).

One of the features of Windows is the ability to share printers (and folders). But you know, most people aren't aware of this functionality and only find out about it when they accidently print something to someone else's printer or vice versa. So I was not surprised this morning when someone asked me how was it that a document they did not print ended up coming out of their printer (as if by magic).

I guess it was a good opportunity to explain networks and, in the instance of sharing folders, security and how it's possible for people to read what you have on your computer. But I really wish MS would not install the printer and sharing protocols by default.

Have a Great Weekend, Everyone - Aloha!

TheGuys over at MSDN Channel9 have a bunch of video interviews with various people at Microsoft. One of the coolest interviews is this great video (note, the link works in Internet Explorer and Mozilla Firefox but not Opera. Also, you need the Windows Media Player or compatible to view it) of something Microsoft's Research is working on called the Media Browser. It's kind of a visual look at a database of photos or videos which allows different views, including 3D stacking of images.

It's difficult to describe what it does, which is why they did a video of it. So if you have about eight minutes and a broadband connection, click on the link above and watch what may be the next generation of explorer/finder in Windows Longhorn.

From: Jan Swijsen
Subject: share
Mon, 26 Jul 2004 10:30:15 +0200

One of the less known problems with [file/printer] sharing is that the sharing Windows PC becomes a server. So it starts broadcasting the availability of shared resources on to the network.

For a typical small peer-to-peer network that is not a big problem. For a big server based network letting lots of workstations become -peer-like broadcasting- servers can put a serious strain on the network.

-- Kind regards,
Sjon Svenson

Aloha!

Using CSS to replace tables in web page design is not new. Some have been doing it for years. For those who haven't taken the plunge yet, this site here gives an overview, based on converting how Microsoft's home page would look if it were done in CSS, and how much faster and lighter the page would be. That's not to say all is goodness in CSS land because different browsers interpret CSS differently. Sometimes the differences are minor and sometimes they aren't. Of course, you minimize the problems by using a modern browser such as Mozilla or Opera.

The folks over at MovableType are announcing what will be in the next version of their popular content management system (see the announcement here). Version 3.1 will include a choice between static versus dynamic page displays on a per page basis, post scheduling (allows you to create posts ahead of time then have them posted at whatever interval you want), and a bunch of award winning plug ins. No word yet on a release date.

Well, that was interesting. Yesterday afternoon I got to see how to create a form in the new information management system that is being written for the Judiciary. Unfortunately, it didn't go very well. Things started going down hill when the speaker tried to copy a form (in PDF format) to WordPerfect for editing. He chose "Select Table" from the Adobe Acrobat menu and then drew a box around the entire one page form. He then opened WordPerfect but when he tried to paste in the what he had highlighted he realized that he had not copied the data to the clipboard so there was nothing to paste in.

Okay, no problem, I've done that myself a time or two. So he highlighted everything again and copied it to the clipboard and then tried to paste it into WP. Unfortunately, nothing was displayed. We waited. And waited. But nothing. When something did finally copy over, it was the text from a previous copy. Sigh.

Okay, rather than trying to copy from PDF, lets start from the original WP file. So he copied the WP file (form diskette, yikes!) to a network drive and opened it for editing through the information management system. Once open, you insert database variables (pre-defined fields in the Oracle database being used). But after doing that, he couldn't do a merge between the template and the data to output the final form.

I think I overheard that the servers running the applications and/or the database had gone down. I don't know why. But servers crashing do not engender trust in this new system. Whatever happened, we were sent back to our offices.

I've used one other large scale, state-wide, centralized online system before. This was about 15 years ago. To this day, there are still severe bugs in the system that bring it down on a regular basis. The project went over budget. So many of the planned modules never got implemented (and apparently never will) thus making the system less helpful to the users. In addition, system performance is a joke during regular periods each month when many people are using the system (but not more than the system was supposedly designed to handle).

I seem to remember somewhere that the majority of the efforts to create large scale centralized information systems fail. And by fail, they mean completely and utterly unusable and you have to start over again. If this is true, there are many reasons why this occurs. Sometimes what is being computerized doesn't lend itself to automation. Sometimes the contractor chosen to write the application is not qualified to do so. Sometimes the software tools chosen to create the applications are inappropriate to the task. Sometimes not enough money is realistically budgeted for the task. Sometimes the infrastructure (network and servers) is not up to the task.

And sometimes, a centralized database is not the best way to go. Sometimes, its better to decentralize and distribute things while still being networked and being able to query the other databases/servers.

Oh well, today is the last of the three days (I hope) so we will see what what we will see.

Aloha!

Okay, things went much better yesterday than the days before. But before I proceed I want to emphasize that these are my personal opinions and do not reflect those of my employer. Further, I have not yet received any formal training in the system nor seen the system as a whole. And finally, I do not wish to cast dispersion on anyone connected with this project, whether within the Judiciary or the vendor chosen to create the system. Everyone involved seems to be committed to doing as good a job as possible and the vendor appears to have qualified people here to lead the project.

With that said, the system worked and I got to see how things are configured. I will try to use an analogy to describe what the system does (fully acknowledging again that I've seen just one very small part of it).

At the level of use I saw yesterday, the system is similar to a content management system like MovableType. By that I mean you take something like HTML and then add your own tags that work only with your system. In this case, you use WordPerfect or Word as your form editor to create the look and feel of the form. You then insert their (a company called ACS) tag variables where ever you want information from the central database to be displayed. You then publish the form by doing a merge that populates the form with the data drawn from the Oracle database.

There are something like 400 predefined variables. These variables come with the system and are the same whether you using it here or anywhere else the vendor has sold their software. It is possible to custom design variables but, of course, you are on you own when it comes to supporting any changes you've made (which sounds fair to me).

In order to save money, the Judiciary is trying, to the extent possible, to keep customization of the base software to a minimum. As fellow Daynoter Sjon Svenson correctly states in his email below, one of the major reasons for the failure of large projects like this (centralized or not) is feature creep. That is, the scope of work, as originally designed, changes so much, as new features are added or existing features are substantially modified, that the project collapses in confusion, cost over runs, and cross charges of featherbedding or incompetence.

In my opinion, to the extent that the Judiciary and the vendor can avoid this is the extent to which this multi-million dollar multi-year project will succeed.

Given all the security problems associated with ActiveX/javascript/etc., I have to wonder about a couple of things (insert disclaimer here). First, isn't there a fiduciary responsibility to disable these technologies? That is, if you are a trustee and responsible for information technology and you choose not to mitigate or eliminate these technologies can't you be held personally responsible for any financial losses the company suffers as a result of your action/inaction? I'm no lawyer but I have to wonder.

Secondly, whether there is a responsibility or not, why would you want to use javascript when there are alternatives that work in all browsers but don't open security holes? For example, I got an invitation from Dell recently asking me to participate in a survey to help them redesign their support web site. OK, I'm willing to spend a few minutes to help improve their support site since I use it once in awhile.

So I fill out the online survey and hit the submit button. But nothing happens. I click on the button several times before I notice the submit button was written using javascript code. Hmmm. Since javascript is a common way to inject viruses/Trojan horses/etc. on to your computer, I've long since disabled it. In fact, most of what Microsoft considers to be features turn out to be security holes so I don't use their outdated browser anymore (see this article from Brian Livingston here on why). As an aside, I decided to complain to Dell about the use of javascript but their comments page also uses a javascript submit button. Sigh.

But even if I didn't use a different browser, why use javascript to submit a form when you could use post or get? Neither post nor get opens the user to any security threats (AFAIK). Nada. None. Zip. What advantage to the user is there to using javascript submit button? Again, nada, none, zip.

So why use it when that is the only javascript on the page? All you are doing is keeping all users who are security conscious from using your site. Is this a good thing? Is there a competitive advantage to barring people from using your site? If so, what advantage is that? Wouldn't a site written to the widest standards have an advantage over those written specifically to Microsoft's standards?

Aloha!

From: Sjon Svenson
Subject: daynote
Date: Tue, 03 Aug 2004 00:33:26 -0700 (PDT)

Script this

One advantage of JavaScript (or VBS or...) is that it runs on the local machine. That means it's fast (users running under-utilised multi-gigahertz boxes while your poor overtaxed server is overheating). If, for example, you make a form and want the user to enter a time and date you can check that on the page. Without browser-wide scripting the whole form has to make a round trip to the server. Without the script the page may be smaller but it has to pass back and forth. So what you gain in bandwidth with smaller code you loose on roundtrips (unless the user makes no errors...). So the gain/loss is not in bandwidth but in execution speed and connection latencies. The difference is negligible unless you hang on with and old PSTN modem to a flakey line.

-- Kind regards,
Sjon Svenson

---

From: Jon Barrett
Subject: Javascript vs. Post/Get
Date: Tue, 3 Aug 2004 08:24:48 -0400

"But even if I didn't use a different browser, why use javascript to submit a form when you could use post or get? Neither post nor get opens the user to any security threats (AFAIK). Nada. None. Zip. What advantage to the user is there to using javascript submit button? Again, nada, none, zip. "

OTOH, many website attacks rely on buffer overflow in POST or GET. Using javascript allows the website owner to perform post-processing and data validation on the local PC rather than on their own server. Thus it provides the site owner with improved security.

Jon

Jon Barrett
Kensington, MD

Aloha!

I thought my post on javascript might get a reaction out of some of my visitors. But I still stand by my statements: Javascript is being used when there are alternatives available. You don't need to use javascript to create a submit button, or a link to the next page, or link to an image. While there may be some advantage to the web site creator to use javascript, the security disadvantages to the user, in my opinion, outweigh the benefits.

Javascript is a security hole waiting to be exploited so why trade safety of the server against the safety of your customers? Why not secure the scripting engine on the server rather than trying to secure thousands of desktop PCs?

Does javascript serve a purpose? Yes. But then, so does ActiveX or .Net or .ASP. Does that mean I have any of these (mostly) client-side technologies enabled on my PC? Nope. I don't have any figures on how many people have secured their desktops but I would think it is a growing number as more and more people realize the security implications of these features. Each one of these security conscious people is a lost customer. Are things so regulated that you can dismiss these customers?

There are those who say we shouldn't throw the baby out with the bath water. That is, over time, these security exploits will be found and written around. Perhaps. You could say if you have server-side Perl or PHP running there are exploits possible but, over time, most have been closed. Which would be true. But these typically exist on the server, not the desktop and the duty to fix it is with the writer of the script, not the user.

Which brings me to my last point. I talked earlier about fiduciary responsibilities. While I am not a lawyer, I would think forcing someone to open themselves to security exploits, in order to use their service, opens the service provider to liability to ensure that doing so does not result in a loss (economic or otherwise). I can see the lawyers salivating at the lawsuits now...[Why do you think many sites have "warranties" that warrant nothing? These warranties are actually disclaimers saying the sites know nothing, see nothing, and do nothing. My reaction to these sites is to TURN THE DAMNED SCRIPTING OFF.].

Deciding what security exploits are important enough to disable client-side scripting is up to you. Only you can decide the costs and the benefits. But I've decided that just because someone wants to use javascript to create a submit button on a form doesn't mean I'm going to open my desktop to the exploit of the week. Enough is enough.

Date: Wed, 4 Aug 2004 13:11:42 +0100 (BST)
From: Phil Hough
Subject: Scripting

While it's true that scripting is inherently a problem. Both from the security standpoint and the compatibility standpoint I think you're overreacting a little.

While it's pretty straight forward to craft a website that uses only server-side code (heck... I've written a good few), and that site then is inherently more secure (and compatible), at the end of the day it's the users that want more.

From my experience I tend to find that Javascript is essential to add "usability" polish. There are some things you just can't do with server-side scripts, that users want, or in my case demand.

Let's take an example of a form. The customer wants the form to be checked on submission and if the user hasn't filled a certain part out, for the submission to be cancelled.

To do this in Javascript you catch the onsubmit event, popup an alert and return false. a couple of lines of code, and the user is able to quickly modify and resubmit.

To do this sever side. The submission must be made. Any data that passes validation saved, the user then returned to the previous page, with their data in place. You can't do a popup at this point, so you must display the message prominently. And to do this you've added lots and lots of extra code. You've also slowed and made less obvious the whole process.

A brilliant example though is date selection. On the sites I've worked with we've got two date widgets. One a small pop-up window with a current month calendar, click the day and the form field gets filled in with that date. The other is a date field with today's date in, which has an arrow either side. Click to increase or decrease the date.

You simply can't do that anywhere near as well with ASP. At the very least you'd end up keep submitting the page every single click. Not good for the user experience at all.

So I'd suggest that while Javascript isn't essential, it certainly leads to a much nicer user experience, and possibly a less complicated set of code as a result.

ATB.

Phil

Date: Wed, 04 Aug 2004 06:35:08 -1000
From: Dan Seto
To: Phil Hough
Subject: Re: Scripting

While all of that is true, I think the situation you describe is not what I had. Dell was asking for information from me as opposed from me wanting something from them. Hence, if they want my input, they should make it easy and safe for me to do so.

As far as checking the form, I don't particularly care if the survey is complete or not. If I wanted to, I could leave it all blank and it wouldn't make any difference to me. In fact, if they did checking and bounced me back into the survey to answer all the questions I would probably just shutdown the browser and move on.

So, I think the user experience depends on who wants what from whom. Since Dell wanted me to tell them what their business should be, they had better make it easy and safe for me to do so or I won't come out and play. [g]

Date: Wed, 4 Aug 2004 18:16:38 +0100 (BST)
From: Phil Hough
Subject: Re: Scripting

So what we're boiling down to is that the use of such tools is very much dependent on the task which is being carried out. Right tool for the job and all.

And to that, and your example, I don't disagree :)

ATB.

Phil

---

From: John P. Dominik Subject: Javascript, etc.
Date: Tue, 3 Aug 2004 13:28:24 -0500

Well, color me a box in the "here here" column. I've disabled all of that stuff, or required it to ask. I routinely check cookies, and reject those that don't expire until next year - or thirty years from now. Like I'll still be using the same computer/browser that long.

ActiveX and other technologies are cool - the problem is, as with any tool, the more powerful you make it, the more responsible the user needs to be. And a very powerful tool with skript kiddiez around is a bad idea. For a time I managed to secure at least my own work machine by using IE only for internal work, and Netscape for external sites - but that didn't last long.

Oh well. My $0.02 - in Hawai'ian currency. ;-)

---
John Dominik
http://john.clandominik.com/current.html

Aloha!

With the release to manufacturing yesterday (RTF) [update: now delayed again! No word on the release date.] of Microsoft's Service Pack 2 for Windows XP comes this good review of just what the fuss is all about. Of course, most of my 11 irregular readers have already downloaded the various release candidates and already know. But for those drive-by visitors who haven't, take a look. Note that the site has a sidebar that says you can start downloading the gold code today but as of this writing I have found no evidence to support this statement [update: the RTM has been delayed again due to problems identified at the last minute. When the problems are solved, you will be able to download it from the site below].

For those of you who develop or maintain web sites that use ActiveX components you may want to take a look at this Microsoft article on how to modify the site to work with the changes in SP2. You could also check out a site MS created that includes Resources for IT Professionals as it relates to SP2 [This is the site mentioned in the review above that says you can download the gold code today. This site used to have links to the various release candidates but as of this writing, does not have a link to the gold code. However, from what I understand, when the problems mentioned above are resolved, the site will have a link to the code].

By the way, there is also a SP1 for Office 2003 (Office update site here). It includes the regular bug fixes and security patches but also what is being described as substantial changes to Infopath and OneNote. I don't have either installed so I can't say but if you do, you may want to check it out.

Aloha!

There are a couple of point releases to Mozilla's Firefox browser and Thunderbird email programs. Both updates apparently address security concerns. Be aware that the first release of the Firefox update has/had an install bug (I guess depending on which direction you are facing, it says it's installing .2 when it's actually .3 and if you check the Add/Remove programs from Control Panel it will identify it as .3, unless of course, you actually get the .2 release, which will then say .2. If you really want to be sure which version you are getting you can follow this FTP link here). By the time you hit their site they will probably/hopefully have fixed it.

So, the IT professional version of Windows XP SP2 is finally out (see the page here). Microsoft says this version is for installing to multiple computers and that if you only have one PC to update you should wait for it to hit the Windows Update site (around August 25th according to the rumors) since there will be a more compact version available then.

Note that the network version of the download is over 266MBs!270MBs. That's right, over TwoHundredSixtySixMegaBytesTwo_Hundred_Seventy_MBs. Even with our VeryFatPipe at work it took a little over three minutes to download this file. Those with slower connections should really think about waiting until it's available through the Windows Update. You Have Been Warned.

Late Update

Installing SP2 took almost 20 minutes on my Dell 2.6GHz Pentium 4. At about the 15 minute mark things look like nothing much is happening but eventually it completed. Once you reboot and Windows comes up you _MUST_ choose either to enable the firewall now or enable it later (choose one of the radio buttons "Help protect my PC..." or "Not right now.").

Once Windows finished booting I noticed the Novell Netware login script failed to execute. Thus, none of my Novell network resources (shared drives and email via Lotus Notes) were available. Major Bother. I could live without the shared drives but I cannot get by without our internal email.

So I went to Microsoft to search in the Knowledge Base for anything but was not successful. From there I went over to the Novell site and searched. Eureka! I found a new Netware Client 4.9SP2. This is a 20MB download but was not a problem for our network. After installing and rebooting all is well. It would be nice if MS would acknowledge that Netware has a problem with SP2 (assuming here it hasn't).

In any case, I've also found that the MS firewall has failed to enable. Perhaps it's because I already have ZoneAlarm installed and running but I don't know for sure. All I know is I've tried enabling the MS firewall three times and each time I get no error message but I also don't see it enabled. I guess I'll have to check into this further but since I already have a firewall installed this is not a high priority.

Aloha!

I had an update to my post on Microsoft Windows XP SP2 yesterday so take a look if you didn't see it. As a follow-up to that I've now installed the update on three PCs. The first, as noted earlier was my Dell OptiPlex 260 at work. I followed that with my Dell Inspiron 1150 laptop, and then my main PC at home (which is a whitebox PC). All installed successfully except for the last one.

My main PC at home has an Intel 815-based motherboard, Intel Pentium III 933MHz CPU, Plextor CD burner, Maxtor hard drive, and 512MB of Kingston RAM. When I tried to install SP2, the install stopped at the point of installing MovieMaker 2 (don't ask me why it installs that since I don't use nor want it but you have little or no control over what gets installed). I let it sit there for two hours just in case it would start up again but no joy. So I ended up doing a hardware reset.

The PC rebooted Windows and came up with an error message saying the system was in an unstable state (no sh*t, Keemo Sahbee) and to remove SP2. So I went into Control Panel, Add/Remove Programs, and started the process to remove SP2. Note that you may get a couple of dire warnings saying removing SP2 will cause everything, including the NTKernel to stop working. Ignore the warnings and continue on. Once SP2 was removed and the system rebooted I tried installing SP2 again. This time it worked. I don't why it got hung up the first time but all seems well now.

Having now seen what gets installed I'm sorry to say I'm underwhelmed. I downloaded over 270MBs for what? I don't use Internet Explorer so it doesn't matter to me if it's allegedly a little safer to use. I don't use MovieMaker. I already have a firewall (ZoneAlarm at work and Sygate at home on the laptop). I don't use Outlook or Outlook Express so I don't care if it's less of a security hole than before. I dunno. Maybe recompiling everything with most buffer overruns cleared out is worth it. Assuming here that they got all of them (which time will tell).

Anyway, if you support PCs for a living, I assume you have already downloaded this and are evaluating the impact it will have on operations. If you are JoeAverage with a dialup connection, I would wait until Windows Update has the smaller 90MB update available (rumored to be around August 25th).

According to the road map, Mozilla Firefox version 1.0 Release Candidate 1 is supposed to be released soon (like today). Since the Moozes haven't been able to reach many if any of their goals on time, I would take the time line as a guide and start checking soon for the RC1.

Date: Wed, 11 Aug 2004 12:11:49 -0600
From: John Doucette
Subject: Novell client 4.9sp2

Hi Dan

I did not need to upgrade Novell clients when I installed WinXP SP2 but decided to try 4.9sp2 just for fun. I find so far that connecting to mapped drives to a Novell 4.11 server is now faster. Other than that I see no difference and the change log did not look like it would do anything for me.

I should note that fast access to Novell drive from XP is a known issue I see a lot. I have tried other Novell client versions to find initial access speed good then it goes away. I am hoping 4.9sp2 will be a winner and so far after 18 hours of use is still going strong which I think for me is a record.

John

Aloha!

This one was just too good to pass up. If you live in Thailand, Malaysia, or Singapore, Microsoft has an operating system for you. It's called Windows "Starter Edition" and costs about $36 (I assume this is a US equivalent). However, the edition reportedly will allow only three applications to run at once (assuming you have the hardware to run more than one application at a time).

The crippled edition, due out in October, is apparently Microsoft's response to inroads made by the Linux operating system. Unfortunately for MS, Linux is widely available for free (so are stolen copies of Windows in Asia - ed.) so even at $36, Windows will be more expensive than Linux.

While I think a lower price is a good idea, getting an even more crippled operating system, in my opinion, is not the answer. The answer is to sell Windows XP Pro for no more than $50, which is what it's worth. When Longhorn comes out, they could raise the price to $75. But otherwise, Windows just isn't worth the two or three hundred dollars they charge now.

See the story from TheRegister here.

As you may remember, I'm in the process of building a PC for SWMBO. So far I have the Intel 2.8E CPU (Prescott), Intel 865GBF-L motherboard, Sony 700A Dual Layer DVD burner, Antec 380TruePower supply, 1GB of Kingston RAM, Windows XP Pro (OEM version), and Windows Office 2003 (student version). I still have to get a hard drive (probably a Seagate SATA), and a case.

In looking for a case I found that Intel has thermal specifications for its processors that have been translated into a case guideline called Thermally Advantaged Chassis (there is a version 1.0 and 1.1). You can read what Intel has to say about it here and a little more here. The second link includes cases Intel has tested and says will keep the CPU temperature at or below the 38°C (~100°F) maximum of the specification.

While I am sure other cases can also keep the temp below 38°C, you may want to consider picking your case from one of the companies on the Intel approved list (and perhaps replace their power supply with one from Antec). Or not. It's up to you. YMMV.

The problem I'm having is finding someone locally who sells any of the tested cases. If I try to mail order one of these I end up having to pay almost as much for the shipping (and in one case more) than the case itself! Oh well, just another example of the price of paradise.

Have a Great Weekend, Everyone - Aloha!

Microsoft has created a page listing programs that "may behave differently" after you install Windows XP Service Pack 2. I assume this is a euphemism for everything from blowing Windows into a blue screen to corrupting data. The list includes, among about 200 others: Pagemaker, Photoshop Elements, Extra!, Autocad 2004, Citrix ICA Client, ArcServe, WordPerfect Office 11, Cute FTP 5, Quicken Deluxe 2001, Office XP, Outlook 2000/2002/2003 and ZoneAlarm 5.0.590.

In addition, MS has a list of programs that are blocked by their firewall.

Browser, I don't need no stinkeen' browser. I'm no expert on firewalls but it seems our Information Technology office is having problems with our firewall this morning. Anything through port 80 is being blocked but everything else is flowing. So I can do email, telnet, and ftp but no web access.

So, I can telnet to my account at pair.com and use Lynx to surf the net. Having done that, there isn't a whole lot interesting going on right now so I'll leave you with this that I found under a mossy rock:

A Tale of the Shire

Long ago, in the days when all disks flopped in the breeze and the writing of words was on a star, the Blue Giant dug for the people the Pea Sea. But he needed a creature who could sail the waters, and would need for support but few rams.

So the Gateskeeper, who was said to be both micro and soft, fashioned a Dosfish, who was small and spry, and could swim the narrow sixteen-bit channel. But the Dosfish was not bright, and could be taught few new tricks. His alphabet had no A's, B's, or Q's, but a mere 640 K's, and the size of his file cabinet was limited by his own fat.

At first the people loved the Dosfish, for he was the only one who could swim the Pea Sea. But the people soon grew tired of commanding his line, and complained that he could be neither dragged nor dropped. "Forsooth," they cried. "the Dosfish can only do one job at a time, and of names, he knows only eight and three." And many of them left the Pea Sea for good, and went off in search of the Magic Apple.

Although many went, far more stayed, because admittance to the Pea Sea was cheap. So the Gateskeeper studied the Magic Apple, and rested awhile in the Parc of Xer-Ox, and he made a Window that could ride on the Dosfish and do its thinking for it. But the Window was slow, and it would break when the Dosfish got confused. So most people contented themselves with the Dosfish.

Now it came to pass that the Blue Giant came upon the Gateskeeper, and spoke thus: "Come, let us make of ourselves something greater than the Dosfish." The Blue Giant seemed like a humbug, so they called the new creature OZ II.

Now Oz II was smarter than the Dosfish, as most things are. It could drag and drop, and could keep files without becoming fat. But the people cared for it not. So the Blue Giant and the Gateskeeper promised another OZ II, to be called Oz II Too, that could swim the fast new 32-bit wide Pea Sea.

Then lo, a strange miracle occurred. Although the Window that rode on the Dosfish was slow, it was pretty, and the third Window was the prettiest of all. And the people began to like the third Window, and to use it. So the Gateskeeper turned to the Blue Giant and said, "Fie on thee, for I need thee not. Keep thy OZ II Too, and I shall make of my Window an Entity that will not need the Dosfish, and will swim in the 32-bit Pea Sea."

Years passed, and the workshops of the Gateskeeper and the Blue Giant were overrun by insects. And the people went on using their Dosfish with a Window; even though the Dosfish would from time to time become confused and die, it could always be revived with three fingers.

Then there came a day when the Blue Giant let forth his OZ II Too onto the world. The Oz II Too was indeed mighty, and awesome, and required a great ram, and the world was changed not a whit. For the people said, "It is indeed great, but we see little application for it." And they were doubtful, because the Blue Giant had met with the Magic Apple, and together they were fashioning a Taligent, and the Taligent was made of objects, and was most pink.

Now the Gateskeeper had grown ambitious, and as he had been ambitious before he grew, he was now more ambitious still. So he protected his Window Entity with great security, and made its net work both in serving and with peers. And the Entity would swim, not only in the Pea Sea, but in the Oceans of Great Risk. "Yea," the Gateskeeper declared, "though my entity will require a greater ram than Oz II Too, it will be more powerful than a world of Eunuchs."

And so the Gateskeeper prepared to unleash his Entity to the world, in all but two cities. For he promised that a greater Window, a greater Entity, and even a greater Dosfish would appear one day in Chicago and Cairo, and it too would be built of objects.

Now the Eunuchs who lived in the Oceans of Great Risk, and who scorned the Pea Sea, began to look upon their world with fear. For the Pea Sea had grown, and great ships were sailing in it, the Entity was about to invade their oceans, and it was rumored that files would be named in letters greater than eight. And the Eunuchs looked upon the Pea Sea, and many of them thought to immigrate.

Within the Oceans of Great Risk were many Sun Worshippers, and they wanted to excel, and make their words perfect, and do their jobs as easy as one-two-three. And what's more, many of them no longer wanted to pay for the Risk. So the Sun Lord went to the Pea Sea, and got himself eighty-sixed.

And taking the next step was He of the NextStep, who had given up building his boxes of black. And he proclaimed loudly that he could help anyone make wondrous soft wares, then admitted meekly that only those who know him could use those wares, and he was made of objects, and required the biggest ram of all.

And the people looked out upon the Pea Sea, and they were sore amazed. And sore confused. And sore sore. And that is why, to this day, Ozes, Entities, and Eunuchs battle on the shores of the Pea Sea.

Aloha!

I'm currently working on using an Adobe Acrobat form as a front end to a Microsoft Access database. The form is used to request vacation or sick leave time off. The database would keep track of the used time and calculate how much time is left at the end of the year.

To try to automate the process, I'm using the Acrobat plugin that enables Acrobat JavaScript (AcroJS). AcroJS allows me to use SQL commands that access the database.

This means I get to learn AcroJS and SQL. Joy and rapture. Not. But I guess it keeps me off the streets and out of trouble. [g]

As Microsoft rolls out Service Pack 2 for Windows XP, there are now several ways to get the update. The first, as noted on these pages earlier, is to download the full 272MB file here. The second is for MSDN subscribers where you can download the 474MB ISO image for installing from CD (it includes utilities described as useful for corporate environments). A third way to install SP2 is to download this 1.6MB express installer that will then download only the files you need (which may or may not be less than 272MB). Of course, the fourth way to get SP2 will be to wait for Windows updates (automatic or otherwise) to go live on August 25th for Windows XP Pro users (XP Home should have gone live already). You choose which way is best for you.

Sometimes people can forget what their goals are or confuse the goals with the means to the goals. In the case of network security, it may manifest itself in people tending towards either security or usability. But I would say each is an objective towards a goal, but not the goal itself.

If neither is the goal, just what is? The goal, in my opinion, is to facilitate the operations of the business or government entity so that, in the case of business, it makes money and in the case of a government entity, the policies of the decision makers are carried out.

Notice that I am in no way saying the network should be configured solely to make it easier for IT people to maintain nor solely to make it easy users to access. In the first case, no one would have access and the data would remain in a pristine, if useless state. In the second, everyone would have access and the data might be suspect and therefore also useless.

In order to reach their respective goals, security must be balanced with usability. But this balance is based on criteria such as, but surely not limited to, how secure the data must be (based on context) and how computer savvy are the users.

Data that someone would want to access, without the proper authority to do so may need a higher level of security than something that is not valuable to anyone other than those already authorized to use it. For example, salary levels are considered highly proprietary information by businesses. On the other hand, public officials have their salaries, many times, set in statute and therefore are open to anyone. How much government spends and what its revenues are is also public information. Hence, the context of what is being stored may make a difference on the level, if any, of security.

Likewise, if people authorized to access salary data are not able to, due to security, because it is overly cumbersome then they can't help, for example, the business make money.

Now, you would think all of this is obvious and why am I wasting these electrons telling you this. Well, there is a saying that the customer is always right and perhaps there will come a day in which the competing values of network security and usability will not longer be a problem. But as many businesses learn, not all customers are right for their business. I mean, in a service business like, for example, computer customer support, a minority of your customers create a majority of your work. In most cases, a business model like this is workable because everyone pays for the service but only a minority actually use it. So a business can still make money under this model.

But get enough of the wrong kind of people, either as users or people wanting to inappropriately access your data and it is possible that the experience of providing support is higher than the money coming in.

In my case, I know of two people in our office that between them, generate more service calls than the rest of us combined. Why? Partly it's because network security is not as transparent as some would believe and partly it's because these users don't understand the concept of a computer, much less a network of computers.

One solution would be to open the network to anyone. In our office that might not be so bad of an idea. Being a court house, this building has pretty good physical security. I'm not going to list what this includes but suffice it to say no one gets in without being noticed. Further, the resources available are not so much different from what is available on our public facing Internet servers. So heretical as it may sound, a case could be made to eliminate network passwords or at least standardize on one password that gives access to all required data (as opposed to having one to login, one to get email, one each to access the mainframes and minis, etc.).

But you may work at a place where data positively must be kept only for those authorized. If so, you have to balance that with making it accessible to everyone that is authorized. To do that, you may have to spend money and get retinal or fingerprint scanners. This costs money, but so may losing proprietary information to a competitor.

The bottom line is to remember what your goal is and not to confuse it with the means to the goal.

The first known SP2/IE vulnerability was reported and verified last week Friday (five days before SP2 for XP Pro went live on Windows Update). Clicking on a web page image with a hidden program downloads an executable to your startup folder. Hence, the next time you reboot the program executes and your box would be 0wn3d by 133t h4x0rs.

Speaking of dates, I've decided to switch to ISO-8601 compliant notation. I think there is too much chance for mis-communications when using numbers to represent dates. For example, in the US, 05/12/04 represents May 12, 2004. But in most other countries, it would mean 5 December 2004. Under ISO-8601, I think both are wrong as it should be read as 4 December 2005.

This means when I use numbers (as opposed to spelling out the month which, as I understand it, ISO-8601 is silent on since there is no ambiguity when you spell out the month) to designate a date, it will be in the general form of YYYY-MM-DD. In addition, time will be expressed using the 24-hour clock with the offset to Universal Coordinated Time displayed after the local time. For example, 23:30-10:00 would be displayed instead of 11:30 p.m. Hawaiian Standard Time.

Since I very rarely, on this blog, type out dates using only numbers, there shouldn't be much of a change. On the other hand, I do refer to the time, from time to time. But I assume most people will understand what time it is.

As an interesting sidebar, those wacky ISO people apparently created two different designations for midnight. From what I understand, you can say 2004-08-31T24:00-10:00 or you can say 2004-09-01T00:00-10:00. Don't ask me why because it seems to create an ambiguity, something I thought they were trying to get rid of (in addition, no digital clock I know reads 24:00 at midnight). In any case, I'll just say midnight rather than use numbers.

Aloha!

It is probably still subject to change (as was the last...sigh) but the Mozilla Firefox browser road map says 1.0PR is due out today. 1.0PR will be followed by 2.0PR and then RC-1, 2, and so forth until 1.0 Gold comes out (scheduled for October 11th).

As noted, the schedule has already slipped at least once and will probably slip again but all we can do is watch as they move closer to going gold.

WinAmp has issued a security update to their popular music player. If you are using versions 3, 5, or 5 Pro, go read the article from WinAmp here and then update your player here.

I'm not qualified to say whether the fix is really a fix since it appears the exploit can still be executed, although it would require your explicit permission but it still makes sense to get the update. The bottom line is security must include the user and this is, I think, a good example of that.

Tired of UberGeeks kicking sand in your face when they whip out their twin Xeon processor PC? Well, just wait until you see the envy when you slide this Orion 96 node box from under your desk. That's right, 96 processors, 150 gigaflops sustained (300 peak), 192GB of RAM (192 gigabytes of RAM?!?!?), and up to 9.6 terabytes of disk storage. All in a box that's not much larger than your run-of-the-mill server tower (Okay, maybe a little larger than your standard full tower case. The point is it's in a case that you can plug into any wall outlet, flip one switch to turn it on and doesn't require a team of workers to keep it running).

It runs the Linux 2.6 kernel (you didn't think this would be running Windows XP Home now did you?) and includes the "standard parallel programming libraries, including MPI, PVM and SGE." [I think I got the links right but I'm not into cluster programming so I could be wrong on some of them.]

If the thought of selling your house to afford one of these ("priced at less than $100,000") is beyond what you want to do you can instead get the 12-node version ("priced at less than $10,000) that sits on your desktop. Note that neither is currently available for purchase although both are slated for release Real Soon Now.

MovableType 3.1 is out. The long awaited update to version 2.6x includes the choice between static or dynamic page functionality, sub-categories, post scheduling, and other new features. As usual, the thundering herds will probably be at the trough (although its a small 1.7MB file so it won't take long to get once you're there). Note, you have to be registered (free) but it will probably be worth it to do so. I know I will heading off to download it right after I finish uploading this post. Note also that the free version includes no support and is set-up for one author and no more than three weblogs. If you need more power (Scotty, we...need...more...power!) you have to pay $69.95 for the five author unlimited weblogs version.

I’ve found a site with many different WordPress themes. Alex King has done a great job of creating some of his own and gathering the best from others in one place. If you are using WordPress and are interested in changing the look of your site, by all means visit Mr. King’s site.

I’m starting with one called “Blue Fade” that I will, over time, edit to match my own taste.

I’ve tried fixing whatever is broken in MT 3.1 but have not been successful. So I decided to temporarily load something else so I could at least get a post out.

So, what I’ve installed is Wordpress. I could not believe it when they said their install would take only five minutes and I was right. It took less. Not only doesn’t it matter what directory you install the application, you don’t have to worry about permissions or paths. All you have to do is know your database configuration (username, database name, password, and if needed - hostname) and that’s it.

The install ran without problems and here we are.

Having said that, “here” is looking a little sparse and I still need to figure out how to display links but that will come. Of course, I’m still worried that it dynamically creates pages so if the database ever becomes corrupted, lost, or hit by aliens joy riding on a Saturday night all will be lost.

Oh well, I gotta go…

Aloha!

Microsoft has launched their iTunes-like music store (see it here). It’s not much to look at and certainly is not as user friendly as iTunes but I guess it’s a start.

Having said that, the same artists that aren’t available on iTunes (e.g., the Beatles and Led Zeppelin) aren’t on MSN either. In addition, MSN is charging the same as iTunes. So, other than downloading in a different format, MSN seems to be on the short side of the ledger.

It seems to me that if MSN wants to get a larger share of the business, in an environment in which they are not the leader, they have two choices: sell at a lower price or provide a better user experience (Did he just say “user experience"? -ed.). Since MSN has historically done everything except lower prices (removing functionality, yes. Prices, no.), they had better get going on re-doing the interface.

For example, they provide a short clip of a song so you can preview it before deciding to buy. Only, they don’t make it obvious how to hear it. Even when you click on the song, nothing appears to be happening even though the clip is in fact being downloaded. They need to give the customer some visual feedback that indeed, something is happening (especially on slow dial-up accounts).

Oh, by the way, depending on what browser you are using, you may in fact get no response when you click on a song. I tried using Firefox and Opera and couldn’t get either to work but using MS IE did (after I added the URL as a trusted site).

Another example: you shouldn’t have to scroll around the screen to find navigation links. They have some links at the bottom of the page that go to complete listings of, for example, the most popular songs and new albums. This means you have to scroll down to use them (unless you are running on a screen resolution higher than the 1280 X 1024 I’m running). This assumes, of course, you hang around long enough to discover the links. Many people won’t because they don’t have the time to waste.

In addition, upon clicking one the links, IE blew up. After restarting I tried to see how I was supposed to create an account. I figured I would try “My Account.” I clicked on it and was taken to page saying I had scripting disabled so I had to go through a different process by clicking on a button marked “Continue.” So I clicked on the button and was taken to what looked like a login screen. It asked for my email address and below it was a box for something. I assume it was for my password but there wasn’t anything saying one way or another. Since it looked like my Hotmail/.Net Passport would work (they had a small .Net/Passport graphic) I tried that. Nope, no joy. In fact, since all there was on page was the two boxes, plus a small check box I’m not sure how I’m supposed to setup an account. Trying to click on “Buy” just took me to the same place.

On the bottom of the home page was a link to Customer Service so I tried that. From there was a link to creating an account. Okay, but what I see there isn’t what I see when I try to create an account. I assume again it’s because I have IE running with no “features” enabled. I checked out the system requirements page and found I must enable cookies, ActiveX controls, navigation across domains, and accept the installation of something called MSN Music Assistant (requires that something called “Background Intelligent Transfer Service” is enabled). And, of course, you would need to be logged in with Administrative rights to allow the background installation of MSN Music Assistant.

From this, as far as I can tell, MSN wants you to run only IE and only with very little security enabled. I’m not going to go into a long rant about just how insecure IE is and how even CERT recently took the unprecedented step of recommending people think about using, as one of several possible steps towards higher security, another browser. But if MSN wants any money out of me, they better try creating a site that is standards compliant and doesn’t require me to use insecure procedures to access it.

I then tried downloading Microsoft’s new Media Player 10. It’s a 12MB download and took a little less than 20 seconds to download. After installing, it appears using the Media Player is a much better way of listening to music on the MSN site. But, when I tried to buy some music, I ended up at the same page with the two boxes that I saw before. And as before, I was not able to create an account. Sigh.

The only good thing I can say about the MSN site is that I heard a couple new songs that I wanted so I fired up iTunes and bought them there.

Have a Great Weekend Everyone - Aloha!

I use HTML-Kit as my HTML editor mostly because of a plug-in called Tidy (recently updated, fixing some bugs that have bothered me for years. The download is separate from HTML-Kit.). This plugin does an HTML syntax check and automatically brings, as much as possible, the HTML into compliance with the W3C standards.

While HTML-Kit is not designed to accommodate entire websites, it does a pretty good job of editing one page at a time and worked just fine with MovableType.

Now that I’m using WordPress, I see that it (WordPress) takes the output from HTML-Kit and inserts a <BR> tag at every line break. This does nasty things to the HTML. I found out how nasty when I imported my MT posts into WordPress. For now, you can take a look at some of the old posts that I imported from MT and see broken links and other strange artifacts caused by this behavior. If anyone has any ideas on how to do my editing in HTML-Kit and then copy the text into WordPress without having additional line breaks but in let me know.

I think the best thing to do is delete the MT posts and just link to the static files which MT created. As you may have noticed, I am a big fan of static files as they will always be there no matter what happens to the database itself (which is not the case with WordPress).

I’ve hand edited a few of the old pages but have decided that it’s not worth my time to go through the hundreds of old posts to correct these problems. If anyone knows of a good solution let me know. Otherwise, I’m going to eventually delete the imported posts and just link to the MT archives.

Marc Andreessen said it best when he said; “In a fight between a bear and an alligator, what determines the victor is the terrain.” So it will be interesting to see who wins this race between NASCAR champion Jeff Gordon and Formula One champion Michael Schumacher in the 2004 Race of Champions in France.

Aloha!

I’m in the process of re-installing MovableType 3.1. I think I know why the install didn’t work the first five times I did it. It wasn’t the permissions nor the paths. The 500 error I got was because the Perl scripts couldn’t find the files they were trying to execute. Why? Because I had set my FTP program (WS_FTP) to convert all file names to lower case letters. I do this because I standardize all file names that way to be consistent.

In a Unix based operating system like FreeBSD, case is important. I don’t want to jinx things so I’ll say no more until I have MT up and running.

Please remember to bookmark my current.html page as that will always point to the current post. Thanks for your understanding.

Aloha!

First up, version 3.11 of MovableType (hereinafter MT) is out. It fixes a bunch of installation bugs and other things found in version 3.1. Unfortunately, as of yesterday, the instructions don't say how to install the upgrade over a 3.1 installation.

Having now used both WordPress (hereinafter WP) and MT, I think I can do a short comparison. WP's install is much more robust and easier to do. This is not surprising given rival MT has a business designed to do the installations. Hence, MT has an economic incentive to make the install as difficult as possible so you will pay them to do it for you. WP has no such incentive so their install runs smoothly.

Once installed, WP appears to be less polished then MT. WP apparently assumes you will do all your writing in their GUI. Hence, as a feature, their interface automatically inserts line breaks. Unfortunately, if you use another editor to prepare your posts, and then copy the results into WP, it will insert line breaks where it chooses. Even if that is in the middle of a tag. Inserting a <br> tag within another tag disables the tag. This is not a Good Thing. MT has an option to disable this function but, as far as I can see, WP does not.

In addition, plugins written for WP are still in the early stages of development (as is WP itself). So, you should not be surprised if changes in WP break certain plugins or if the plugins themselves don't work. For example, a port of MT-Blacklist (an anti-comment spam plugin) for WP doesn't work. Another plugin, one to automatically close comments after a certain number of days, actually closes the database to all changes (making it impossible to login or out of WP nor to add any new comments at all).

I assume these kinds of problems will be corrected and that WP will become more polished and usable. Until then, I'll continue to use MT.

Aloha!

It looks like Firefox 1.0PR will be out sometime early next week

Speaking of browsers, Firefox Preview Release 1.0 is supposedly out. I say supposedly because, as of this writing, following the link they have to download the file ends in a 404. My guess is they released it then found a show stopper and pulled the file. I assume they will put the file back in due time but remember the PR is considered betaware so don't use it in a production environment without testing it first.

Or it could be something completely else. Whichever.

UPDATE: I was able to get in and download the file. All seems to be okay but if you wait a week or so the first Release Candidate will be out.

You may have noticed that comments have been re-enabled. I don't know how long it will be until the spam bots find this site (yes, I have MT-Blacklist installed) and start spamming it again but until then, your comments are welcome.

Note that when you click on the comments link what you see will vary depending on your browser. It appears the MovableType folks wrote code that is interpreted differently by the major browsers. For Opera and Firefox I see a link that says "If you have a TypeKey identity, you can sign in to use it here."

But if I follow that link, and use my TypeKey identity to try to login I get an error messaging saying "The site you're trying to comment on has not signed up for this feature. Please inform the site owner." Heck if I know how to sign up since I have already inputed my TypeKey Token but I guess I'm supposed to do something else? I dunno.

If you are using IE, you probably won't see the link so it doesn't matter. But if you are using Opera or Firefox (and you should), ignore that link and just fill out the comment form.

UPDATE: I seem to have it figured out. In TypeKey, where it asks for the address of your applications it seems to mean where do you have, for example, mt.cgi installed. For some reason, I thought they were asking where the index.html file was (which in my installation are two different places).

In any case, I'm still having problems but I will note them by browser below:

For IE, if your security settings are high, you may not see the link to TypeKey for logging in. I tried changing my seetings by adding www.seto.org to my trusted sites and got the login link. But when I tried to login all I got was a blank screen. I'm not sure what other settings I need to change but if you get logged in, let me know.

For Firefox, it works without problems. 'Nuff said.

For Opera, I get the link but when I get logged in I get a blank page. I assume, like IE, the security settings are blocking things but I can't say for sure. More later if I get it figured out.

As noted before, you don't need to use TypeKey to login but it's there if you want/are able to use it.

I suppose it was only a matter of time before the first Gmail phishing attempt went out. This post here has an example of what appears to be an attempt to harvest Gmail logins and passwords disguised as a way of getting additional Gmail invites.

No word yet on when the pundits will start matching fonts to MS Word and saying it came from the Kerry campaign.

Aloha!

For years, people have been trying to create emulators that don't suck. So far, as far as I know, no one has succeeded. Wired has an article saying someone has created an emulator that will run software developed for any platform to run on any other, without noticeable speed degradation.

If this is true, it would be a miracle. But. I'll believe it when I see it. Until then, I have some hot beach front property for sale. Cheap. No worries about neighbors. No need for a hot water heater or night lighting. Priced to move.

I don't know if blog comments will survive the onslaught of spam but there is this site here that has a few good ideas on how to reduce the chances you will be spammed.

Note, I said reduce but not eliminate comment spam. Right now, the only way to do that is to close comments. As such, one of things I'm doing is closing comments that are five days or older. So you have that many days to leave a comment on a particular post before it closes.

By the way, I just want to emphasize that you can leave comments here without using TypeKey. However, I have TypeKey enabled if you wish to use it but that is completely optional.

Other than that, I don't have any other comments today.

Aloha!

Whether you use Windows or Linux, each provides for the creation of users with different security privileges. That is, the ability to execute certain functions. In Windows, the highest level is Administrator and in Linux it's called root. For the purposes of this post, I'll concentrate on Windows for reasons I'll reveal in a moment (Oooh, the suspense. Can I possibly stand it? - ed).

However, these accounts are not intended to be used on a day-in-day-out basis. Rather, the accounts are used only to accomplish specific tasks (such as installing or configuring software) and very little else. This is to reduce the risk of causing inadvertent deterioration of system functions (who came up with that one? - ed.).

In other words, you reduce the probability of screwing up your PC. For instance, by not allowing a virus or Trojan horse program the ability to install themselves. Or by not deleting the database program that holds all the information for the share holders meeting in an hour.

If it's such a great idea, then why don't more people operate this way? Because, in Windows anyway, it's a pain in the okole. You have to logout and then log back in. This is not a trivial exercise and takes time.

But, there is another way. You could install a utility called MakeMeAdmin from Aaron Margosis.

When you run it, you get a Command Prompt running under your normal user account, but in a new logon session in which it is a member of the Administrators group. This Command Prompt and any programs started from it use your regular profile, authenticate as you on the network, but have full local admin privileges. All other programs continue to run with your regular, unprivileged account.

It's almost like using the GNU/Linux SU command to create a shell and then logging in as root. Now, I don't know if MakeMeAdmin is intended for your Aunt Minnie, but maybe some of the 11 people who regularly read this site may have a use for it. Or not. YMMV. Use at your own risk. Insert disclaimer here. Props to Aaron.

Have a Great Weekend, Everyone - Aloha!

Select * from SPRIDEN
where DOCKET_IND like 'C%'
order by OWNER;

I've tried to avoid using SQL because I'm lazy it's such an obtuse language. But I guess I just can't get away from it.

As noted yesterday, I'm in a week long training on how to access our new information system. The system is an Oracle database and consists of hundreds of tables. To query the database, you need to know how to use SQL, even if you are using a front end such as Crystal Reports, which we will be starting on today.

So, yesterday was spent going through the database tables and doing a few simple SQL queries. Today we will try using Crystal Reports to create queries similar to what we did yesterday and look at some of the features that will enable us to create the kind of reports we may need.

Aloha!

So we've started using Crystal Reports to do stuff we were using SQL the day before.

While I am no expert, after only one day of use, the major impression is you can do things faster from the command line using SQL but CR creates prettier looking reports and allows mathematical operators so you can do calculations, statistics, etc. With that deep insight, I gotta go.

Aloha!

Liking your customers will lead to their liking you. This translates into profits. Yes, I know, some people think profits are a bad thing. But it isn't. Not all the time anyway.

Here's one guy's open letter to the media industry and how the computer industry lied to them.

The Semantic Web. Is this the next big thing in cyberspace? According to this Tech Review interview with Sir Tim (Berners-Lee) it is.

Most of this stuff goes over my head as I find it hard enough to understand XML much less something that seeks to give context to data on the web. But what bothers me the most, being a lazy sort of person, is that it looks like more work for me.

As in all things, the question then becomes are the benefits worth the costs. I don't know if that question can be answered yet. But feel free to read the article and make up your own mind.

Lots of links today going back to last week. But I need to add one more that I forgot to add. This one is to fellow Daynoter Tom Syroid's mirrored site. Fellow Daynoter Brian Bilbrey has mirrored Tom's site so that the words of wisdom contained therein can still be accessed and found via Google.

The link to Tom's site is here.

All hard drive makers occasionally have a bad batch of drives. But this site is saying they are getting a 40 percent failure rate on Seagate Cheetah Ultra-SCSI drives. I have no idea if this has been confirmed by anyone else but I would be cautious about getting one of these drives until you've done some due diligence.

File this one under website tools. Website download optimization seeks to minimize the wait users have when visiting your site. You can go to this site here, enter a URL, and it will calculate how long your page takes to load, depending on the speed of connection. So, for example, you can see how long it takes for poor soul using 28.8K modem versus a T1. In addition, it gives some recommendations on how to speed up downloading (if needed).

For those interested, below are the results for this page:

*Note that these download times are based on the full connection rate for ISDN and T1 connections. Modem connections (56Kbps or less) are corrected by a packet loss factor of 0.7. All download times include delays due to round-trip latency with an average of 0.2 seconds per object. With 6 total objects for this page, that computes to a total lag time due to latency of 1.2 seconds. Note also that this download time calculation does not take into account delays due to XHTML parsing and rendering.

The SANS Institute has scanner for the MS GDI vulnerability here. They created one because the MS update site is pretty much useless on this one. MS scans your PC and then gives you advice that doesn't help you to identify exactly where the vulnerable files are. The SANS scanner does. Thanks for the great work, SANS.

For local viewers (all two of you), you may want to check out Bytemarks. It's a tech. blog from a guy by the name of Burt Lum. While it is focused on the local tech industry there may be some tid bits of interest to others.

There's a security update for the Firefox browser. Follow the link to read about it and then update your installation (you are using Firefox, right?).

In addition, be on the lookout for Release Candidate 1, soon.

Elise Bauer and Arvind Satyanarayan have a short tutorial on using CGIWrap or suEXEC on *NIX/Apache MovableType installations. If you are using MT as your content management system and aren't already using CGIWrap or suEXEC you should read this article. This, of course, assumes that your host has CGIWrap or suEXEC installed (MT installs a utility called mt-check.cgi that, inter alia, tests for this so you can check before proceeding).

The article also recommends, if you aren't doing dynamic publishing, to set permissions on mt.cfg and mt-db-pass.cgi to 600 (e.g., chmod 600 mt.cfg) to protect it from intrusion. In addition, they suggest setting a .htaccess file in the same directory as mt.cfg with parameters to restrict access (see the article for the specific code).

Given the problems I've had with comment spammers, these are good recommendations. One thing they don't mention, but I recommend, is to close comments on individual articles after a period of time. I don't know why, but spammers love to hit posts that a older than a couple of weeks. If you routinely close comments after, say eight to 10 days, you can stop them in their tracks.

But remember, you have to make these changes. If you think no one would try to hack your site, think about this. Before the authors of the tutorial actually did the things they recommended, a spammer was able to access their index template and modify it to show a pop-up add to everyone who viewed their site. So, not only can it happen, it already has. And according to a follow-up at their site, the exploit involves not only MT sites but also WordPress and perhaps others. The bottom line for the exploit seems to be set your permissions to 600 on mt.cfg and mt-db-pass.cfg.

Some lessons I've learned on the Internet (or how to read Scoble and learn to love Microsoft).

On the Internet, everything and everyone is interconnected. What this means, contrary to popular belief, is everyone knows you're a dog (if, that is, you are a dog). Hence, you can't do just a few things right, you have to do everything right. Unfortunately, this is impossible. But people will give you some slack if you've built a good relationship with them.

So, companies that call their best customers thieves, and treat them that way, won't have many best customers.

Or in other words, make sure your business is in alignment with your customers. If your customer's needs would be best met by buying "widget A", but you only sell "whizbang B", perhaps the answer is to advise them to buy "widget A", rather than give them five false reasons to switch to "whizbang B". Then, start making a better, cheaper, faster "widget A", which you can then sell to your customers.

Which leads me to this. Building a bridge of trust takes a long, long time. Bringing it down can be done in less than an Internet second. Earn your customer's trust and they will stick with you, even when you make an occasional honest mistake. Burn them by lying to them, even "just" once, and they are gone forever.

Which logically leads to: take the long view. If you focus only on the immediate sale, as if it was life or death and nothing else mattered (as was the Business 101 mantra during the "Greed is Good" 1980s), you probably won't make the sale nor survive into the future. Sales are about relationships. Sometimes the introductions are made by you and sometimes the customer introduces themselves. But the introduction is just the beginning of what should be a long relationship. Like the Zen masters say, searching for happiness is a search left unfound. But, helping others to find their own happiness will lead to you finding yours.

So remember, everything and everyone is interconnected. Align yourself with your customers. Build that bridge of trust. Take the long view. Now, snatch the pebble from my hand.

The Internet has fostered at least two revolutions in communications. Both revolutions created pathways for conversations that can lead to better understanding among people.

But first, some background. Although the Internet is very wide, it is not very tall (although it may be very deep). By that I mean you don't have to go through layers of stuff to get to the top.

A couple of examples: If I link to something interesting from Doc Searls, he may see the link and maybe link back. If I write something interesting and then link to Microsoft evangelist Robert Scoble, he may see it and maybe leaves a comment. Each, albeit small, conversation probably could never have occurred pre-Internet.

From a business perspective, compare this to many large organizations that have layer upon layer insulating and, perhaps, filtering what is going on outside their respective companies. It is seductively easy to believe only what your employees are telling you. But many times, what they are telling you and what your customers are saying are two very different things. We need to remember that what they are saying is but one lens into seeing the totality of reality.

Now, on to the revolution! The first revolution of the Internet was e-mail. E-mail not only allowed communication in all directions from all directions, it encouraged it. That is, it created a pipeline directly to the person you wanted to reach. For the first time, anyone could start a conversation with anyone else (at least until people started filtering e-mail). These conversations created opportunities for new ways of understanding our world.

The second revolution of the Internet is the web. The web takes conversations a step further in that it can be one-to-one and one-to-many. A different kind of conversation to be sure. But nonetheless a valuable one. For the first time, individuals had forums to reach wide audiences. With this greater reach came the opportunity for even more conversations and therefore more ways of understanding.

I don't know what the next Internet revolution will be, but I hope it will create new ways of starting conversations.

Aloha!

For those of you interested in reading what's the status of Windows XP Pro X64 Edition, follow this link to the WinSupersite for a preview of what's coming from Microsoft. Thurrott goes through the history of 64-bit Windows and brings you up-to-date as to where it stands. Included are a few screen shots of the latest beta build 1218. Other than the screen shots though, there isn't much as to what exactly is in X64, but at least you can get some background information until he posts an update.

Have a Great Weekend, Everyone - Aloha!

Columnist Brian Livingston has a post on unsubscribing yourself from spam e-mails. The common advice is to not click on "unsubscribe" links in spam messages because, it is said, you are only confirming your e-mail address as active (which, as the say, leads to more spam, not less).

But is this advice correct? According to Livingston, the answer, for the most part is yes and no. Sort of. Maybe. He quotes a report that indicates just under 2 percent of spam appears to harvest e-mail addresses this way and about 10 percent don't appear to do anything. Hence, the chances are things will be okay if you click on the link. Unless, of course, you happen to click on one of those 2 percent.

So how can one tell the difference? Livingston links to this site here that lists sites that have made their deal with the Devil. There are page after page of these guys. Having said that, I'm sure there are more that haven't made the list yet.

The point of this seems, when you receive spam, is to do what you've probably been doing, just delete it and move on.

I was offline over the weekend working on putting together the PC for SWMBO that I've mentioned before. I started gathering parts in June and finally bought the last two pieces (Seagate SATA 160GB hard drive and Sony floppy drive) this past weekend.

I had already installed the Intel 2.8GHz Pentium IV, Intel 865GBF-L motherboard, 1GB of Kingston RAM, Sony 700A Dual Layer DVD burner, and 380W Antec TruePower power supply into the Intel Thermally Advantaged Chassis compliant Antec 2650-BQE case.

In addition, I used an Antec Cobra round data cable for the floppy drive and Mad Dog ATA/IDE round data cable for the Sony DVD burner. Each cable makes things tidier in the case and allows better air flow than the standard flat ribbon cables.

When I first powered it up I got power to the motherboard, fans, and drives but it would not boot. After scratching my head and trying to flip around some of the front panel connectors (power and reset) I still couldn't get it going. So I went back to the manual and read the section on trouble shooting. The first item on the list was whether I had hooked up the 4 pin power to the motherboard. Hmmm. I had plugged in the 20-pin one but a four-pin? Doh! So I plugged in the four-pin power next to the CPU socket and all was well.

Since I like to partition the drive into two, so I can keep the operating system and applications separate from the data, I use an old Windows 98 boot disk to boot from. I them use fdisk to set the partitions and then boot off of the Windows CD to start the install. I don't know if the Windows install CD allows you to partition the disk so if you know of a way, please leave a comment below.

That's where I'm at right now because when I got to the point where I'm supposed to register with MS, the product key I was given when I ordered XP Pro from Sales International didn't work. By that I mean the error back from MS is that the key had already been used more than 25 times. Hmmm. If this was a legitimate copy of Windows XP that should not have occurred. While I can't say for sure whether they are selling pirate copies I would be very careful about buying anything from them. Not recommended.

Another strange thing that happened is that the Intel motherboard monitoring software detected an overheating of the CPU. Yet, when I put my hand on the CPU fan housing, it was actually cool to the touch. I'm not sure why the overheat condition occurred or whether I should be concerned about this. In any case (pun not intended), I may add a second fan (the Antec case comes with a single 120mm fan in addition to the two in the power supply) and see if that helps. More as I know more.

Aloha!

There's a new Windows XP PowerToy available ( here). It's called ClearType Tuner and it adjusts ClearType on LCD displays to optimize it to your preferences. This Control Panel applet appears to do the same thing a webpage Microsoft setup for this purpose (I don't have the URL handy) but I guess the applet is more convenient.

Feel free to give it a try if you have an LCD screen.

The Release Candidate 1 of Firefox is scheduled for next week Monday. You may want to check it out when it hits the wires.

This story about a MacOS emulator is beginning to break through to a wider audience, including the AfterNoon paper so I thought I'd link to it.

I'm the first to admit this is one strange story. What you supposedly have is an Albanian born guy, raised in Germany, living on Maui. And if you believe what he is saying, he, in his spare time, wrote software that allows the MacOS to run on Intel platforms with only a 20 percent speed hit.

If true, this would be a remarkable achievement because emulating in software what another platform does in hardware usually means you can go to the kitchen to grab yourself a cup of coffee between screen updates.

As of yet, all is vaporware so this is just so much speculation and guessing. But as the old saying goes: If it looks too good to be true...

Day 3, and still no reply from O'Reilly.

UPDATE: Within 10 minutes of posting this morning, I got this email from Valerie Dow of O'Reilly:

Date: Fri, 15 Oct 2004 11:05:48 -0700
To: Dan Seto
From: Valerie Dow
Subject: O'Reilly sweepstakes: Hawaii

Dear Dan,

Ye gads, thanks for writing in. Please, please enter the sweepstakes. http://www.oreilly.com/promos/perfectpc/index.csp "Continental" should not have appeared in item 7. under eligibility for the online sweepstakes and we're very grateful that you spotted it (horrified and chagrined at the error would also apply). I've just asked our online producer to delete that word in the rules document so the correction should appear later today. We work with an outside counsel who's a specialist in sweepstakes regulations because, as you noted, the details matter a lot in these things. This one was particularly thorny since there's an online, US retail, Canadian retail, and Quebec retail iteration of the rules. Anyway, that fellow confirmed today that he blew it by letting that word stay in the online rules document.

I'd love to send you a copy of Building the Perfect PC in thanks for helping us get this right. Please send me an address and I'll get one to Hawaii! (note in the email below the affection for Hawaii here).

All best,
Valerie

>I have no idea why my beloved Hawaiians were cut out of this promotion.
>(I'm rather fond of Alaska, too.) Guess I didn't read the fine print, either.
>

>Bill/Val, any idea what this is about?
>
>Mark
>

>At 09:12 PM 10/12/2004 -0700, Tim O'Reilly wrote:
>>Care to respond?
>>
>>Begin forwarded message:
>>

>>>From: Dan Seto
>>>Date: October 12, 2004 1:48:14 PM PDT
>>>To: oreilly.com
>>>Subject: "Building the Perfect PC"
>>>
>>>Mr O'Reilly:
>>>
>>>I was all set to enter the contest tied in to Robert Bruce Thompson's
>>>new book "Building the Perfect PC." But as is the case when I enter
>>>these things, I carefully read the contest rules. Imagine my dismay
>>>when I realized O'Reilly had decided to disenfranchise millions of US
>>>citizens by saying only people living in the "continental" US could
>>>enter.
>>>
>>>I realize the number of O'Reilly books sold in Alaska and Hawai'i may
>>>not count for much, but why go out of your way to create ill will?
>>>
>>>People like to say the Internet is about conversations. Well, one way
>>>of killing a conversation is to tell people they don't count. Indeed,
>>>tell them you don't even want to hear from them is a good way of
>>>ending things real quick.
>>>
>>>I hope, in the future, that your company will honor the fact that
>>>there are 50 states in the United States of America and that opening
>>>lines for conversations are better than saving a few bucks for
>>>shipping.
>>>
>>>Aloha,
>>>
>>>Dan
>>------------------------------------------------------------------------
>>-----------
>>Tim O'Reilly @ O'Reilly Media, Inc.
>>1005 Gravenstein Highway North, Sebastopol, CA 95472
>>http://www.oreilly.com (company), http://tim.oreilly.com (personal)
>
>
>--------------------------------------------------------------
>Mark Brokering
>O'Reilly Media, Inc.
>1005 Gravenstein Highway North
>Sebastopol CA 95472
>

Have a Great Weekend, Everyone - Aloha!

In reporting on my building of a new PC for SWMBO, I noted a problem with the Intel 2.80E "Prescott" setting off the overheating alarm (based on Intel's monitoring software).

For no particular reason, the temperature of the CPU would jump from about 59°C to 69°C in a matter of seconds. Sometimes, the temperature would then fall back to 59°C but a couple of times it just stayed there with the CPU fan spinning at high speed while making all kinds of noise.

As you may remember, the Antec case (model 2650-BQE) comes with a single 120mm fan with provisions for two more 80mm fans. Over the weekend, I went to CompUSA and bought a couple of Antec SmartCool fans. Each has built in temperature controls which regulate fan speed. Antec also makes something called a SmartCool Plus fan that has a temperature probe that can be placed where you want it. For now, I'll stick with the regular version because I'm trying to minimize the rat's nest of wires that infest the case.

When I got home I installed one of the fans in the side panel (the 2650 has a vent and "chassis air guide" (looks like an upside down funnel) built into the side panel) and found it helped keep the temperatures down. However, I still got an occasional spike where the alarm went off. So I added the second 80mm fan to the front of the case and so far, all is well.

I haven't exactly been running any processor intensive applications so I can't say for sure whether these fans have solved the overheating problem. If I do start to get overheating, I may order the SmartCool Plus fans and place the sensors along side the CPU or perhaps get a different brand of CPU cooler.

As you might guess, having three case fans, the CPU fan, and the power supply fans whirling away does create some noise. So I also installed the Antec Noise Killer Kit which consists of two 80mm fan gaskets, one power supply gasket, and a bunch of screws with washers. All of the gaskets and washers are made of silicone and are designed to reduce vibrations and therefore noise.

While I don't have a sound meter, they do seem to work. But even so, I think I'll need to place the case under the desk to try to muffle the sound (truth be told, it's not all that bad but if you are particularly sensitive to noise you might want to think about another solution like a fanless heat pipe or water cooling).

Overall, I am happy with the new PC and hope it will serve SWMBO for a couple of years before I have to build another one. <G>

Aloha!

Not that Mozilla has ever met any of their deadlines but, as of this writing, Firefox 1.0RC1 is three days late and counting. I'm not sure they will be able to meet any of their coming deadlines, including the official launch next month. But if you want to lend a hand, check out the campaign to get 2,500 people to donate $30 so that they can buy a full-page ad in the New York Times. Me? I'm number 2277. As of this morning, there are over 3,100 donations!

Act now, operators are standing by.

Maybe it's because I have only 11 regular readers (and untold irregular ones - ed.) but so far, I've not had any comment spam (since re-opening comments early last month). While I have no way of knowing for sure, I think it's because I run an MT utility that closes comments five days after something is posted.

Who knows. But if it is, and the spammers eventually figure it out, they will begin spamming as soon as I post (or as soon as their spam bots can find my posts).

Hmmm, maybe I should wait awhile longer before saying anything...

Are you the administrator of a network? Do you think part of your job description is to know the status of the network? If so, do you use network monitoring software? If not, why not?

It seems to me that if you don't monitor the network, you are being reactive and turning your customers into your monitors. It also means you're the last to know when something goes wrong.

Doing services this way is like a mechanic saying he or she will wait until the airplane crashes and they get a telephone call from the fire department before they'll check whether there is oil in the engines.

In my opinion, waiting to get a call from someone telling you the network has crashed and burned is not an intelligent way of doing business. Especially since the tools to monitor networks are available for free:

• System & Network Integrated Polling Software (Unix)

• Nagios (Linux)

• Big Brother (Unix/Linux/Windows)

• OpenNMS (Linux)

• dmoz search results for network monitoring

• Topology.org listing of network monitoring software

• Stanford listing of network monitoring software

The point is there are tons of software out there to monitor network status. Take a look and find one that meets your needs, install it, and know what is going on.

Aloha!

Not much going on in the Seto Shack this morning.

Over at Mozilla, Firefox is still missing in action and nowhere to be seen. The Mozites are working towards "Zarro Boogs" but, apparently, are not there yet. Of course, it is unlikely that a non-trivial program will ever reach zero bugs, but that hasn't stopped most folks from shipping product anyway. That said, when Firefox 1.0RC1 is ready, it will be released.

But, as I said last week, I have to wonder if they will make their 9 November official launch date. My guess is no. In fact, 9 December might be closer to the mark. But who cares? The point is, if you want a modern browser, choose Firefox.

Aloha!

Speaking of late anniversaries yesterday, OpenOffice turned four on 13 October 2004. OpenOffice is now in version 1.1.3 with work progressing towards version 2.0 (According to the roadmap v2 will be released RealSoonNow. Just like Firefox... - ed.).

I hope OpenOffice is successful in becoming the "free productivity suite compatible with all major office suites." The problem is OO is not not compatible with WordPerfect, which is still used by many offices in the legal profession. Over the years, people have become expert in and comfortable with WP.

Hence, even if I were to switch to OpenOffice (or StarOffice for that matter), I would have problems opening, editing, and saving documents in WP format.

Let me list some examples:

• OO can't open WP documents without the help of something called WriterPerfect.

• OO can't save in the WP format regardless of installing WriterPerfect.

• WP documents, opened in OO have at least the following problems:

  • Bullet lists are not imported.
  • Formatting of text directly after bullet lists is lost.
  • Parts of paragraphs after bullet lists disappear.
  • Numbered footnotes are shown twice and in different font sizes.
  • Indent formatting is lost.
  • Headings disappear.
  • Hard page returns before tables disappear.
  • Table formatting is lost.

These are not minor problems nor are these rarely used WP features. Particularly worrisome are the problems where text is not imported. If you didn't know what the original WP document looked like you would probably not know text was missing. To me, this is a show stopping incompatibility.

In any case, while OO has a long way to go if it wants to meet its goal of being compatible with all major office suites, I hope it gets there because I would love to switch to something else other than Word or WP.

Speaking of belated anniversaries, Happy Birthday to fellow Daynoter John Doucette!

Aloha!

As you may be able to see from the image, Google says:

In response to a complaint we received under the Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint for these removed results.

To confirm the message, go to Google and do a search on "Motorola razr v3". On or about the second page you will get the message.

I decided to Google "DMCA Google policy" and came up with this link to, now wait for it, Google's policy on DMCA. I have no opinion one way or another on this one but thought it was interesting to see how Google was responding to the problems generated by the DMCA.

By the way, I was doing a Google search on the Motorola Razr V3 phone because I understand it will be released in the US soon (perhaps within days, even). While I love how it looks, I hear the price will be set at around $600USD. At that price, I could get a Treo650. Or I could get neither because I don't have that much money to spend on a phone...

So Firefox 1.0RC1 is sorta, kinda, out (get it here). I say kind of because the main web pages for Firefox still point to the Preview Release. I don't know why. In any case, the RC1 fixes a couple of hundred bugs that were in the Preview Release but seems to have several regression errors (i.e., new fixes that break earlier fixes). Still, if you want the absolute latest version of Firefox, feel free to download the RC1.

Otherwise, if you can wait a month or so, the official gold code will be available. If you can wait even longer, you may want to wait for version 1.1, which will, hopefully, fix the worst of the bugs still left.

As usual, the thundering herds are at the trough so downloading may be slow, although, when I went in this morning, the file came down nice and fast.

Aloha!

Not all companies are evil. In fact, a case could be made that the majority aren't. Having said that, even good companies can act evil sometimes if they don't take care of the details.

I posted earlier about the contest rules for the O'Reilly give away linked to the recent publication of " Building the Perfect PC" (ISBN: 0596006632) authored by Daynoter Robert Bruce Thompson and his wife Barbara Fritchman Thompson.

My concern, at the time, with O'Reilly was how they were disenfranchising Alaska and Hawaii by specifically including only the continental US as being eligible to enter the contest.

Daynoters Brian Bilbrey and Sjon Svenson persuaded me to contact O'Reilly to ask them why they were doing this. As indicated in the email I received back, they decided to amend the rules to include all 50 states.

What I didn't mention at the time, and which perhaps affected a wider audience, the original contest rules included another not so nice clause.

Before I go on, I will say I should have copied the entire rule set at the time but I did not. So what I say here is based on my recollection. Be aware that my recollections are not always correct.

With that said, I seem to remember that the rules included an automatic and irrevocable opt-in to receiving commercial e-mails from O'Reilly. If this was true, and I think it was, O'Reilly has subsequently changed their minds on this also as they are now using a system where you have the choice as to whether you want to receive commercial emails from O'Reilly, such as their new magazine Make.

While I must applaud O'Reilly for amending their contest rules, one wonders how they got the original rules so wrong. Was it just following how all other contest rules are done? If so, didn't anyone from O'Reilly review the rules to determine if the draft rules were in line with the O'Reilly philosophy (assuming they had one)?

Speaking of philosophy, the Make site kinds of reminds me of the original Byte's Steve Ciarcia's "Circuit Cellar" (later spun off as its own publication - see the CircuitCeller site here). I realize that putting together a Micromint SB180 is not exactly the same thing as flying a kite with a digital camera attached, but I think the spirit is the same: Make your own rather than buying something off-the-shelf.

But I digress. Based on O'Reilly's willingness to amend the contest rules I don't think they can accurately be described as evil. But whoever came up with the original set of rules might...

I'm modifying our intraweb pages to reflect a new design that all of the offices are using. When these kinds of changes occur, it is always a pull between having a similar look and feel among all of the web pages (so users don't have to learn a new interface for every office) versus designing pages specifically for a particular function (which makes it easier for a user to access a particular function but having to learn a new interface).

Right now, the "let's make all the pages look the same" option is winning. But I'm thinking about trying something in-between. I know frames (and tables) are kind of looked down upon by the CSS fashionistas but I think I am justified in using this tool.

I say this because, in this instance, it provides for a consistent user interface and allows me to add my own customizations while being an efficient way of maintaining menus.

Below is the first draft of the HTML I'm thinking of using. As you can see, it uses three frameset tags. The first frameset splits the screen horizontally by creating two rows (see the light blue section for the top half in the screen shot below). The second frameset splits the bottom half of the screen into two columns (see the green section for the left column). And the last frameset splits the right column into two rows (see the yellow and red sections).

The light blue frame will be used for the department-wide banner and navigation code. This will be the same across all offices so that users will have a consistent interface to work with. In addition, the green section will have a department-wide status indicator that lets users know which computer systems are operating normally.

In the yellow frame, I'll have our own office's navigation links. These will help the user to get to the various pages that we maintain. The red frame will be where the pages that we maintain will be displayed.

As noted earlier, using frames is a very efficient way of maintaining menus across multiple pages. Rather than having to change the menu on each and every page in our sub-web (about 30 pages) when something changes, all I have to do is change one page in one of the framesets and it will be reflected on all the other pages.

So, I hope, our page will have the same navigation links across the top and left side that all other offices will have but, at the same time, have space for our own navigation menus so people can move around our own part of cyberspace.

<?xml
version="1.0"
encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">

<html
xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Planning Test Frameset</title>
</head>

<frameset
rows="15%,*">
<frame
src="./planning2004/hbanner.html" />

<frameset
cols="15%,*">
<frame
src="./planning2004/status.html" />

<frameset
rows="10%,*">
<frame
src="./planning2004/navigation.html" />

<noframes> <body>
<p>This document can be viewed only with a
frames-capable browser.</p>
</body>
</noframes>
</frameset>
</frameset>
</frameset>
</html>


Have a Great Weekend Everyone - Aloha!

Sometimes, well-intentioned policies make it impossible to do the things we need to do. We, like millions of other people, have to login in to our network to get access to the resources there (mostly the file servers and e-mail). In order to maintain security, our Information Technology office has set a policy of requiring password changes every so often (sorry about being a little vague here but I don't want to give out information that could be used to hack our network).

Well, this morning, when I logged in, I got the screen saying I need to change my password. OK, no problem, I've been doing that for at least 10 years so I know how to do this. So I fill in the change password form and press enter. But nothing happens. I try clicking on the enter button but I can't get the mouse pointer to display on the change password screen. It's as if the window does not exist. But it does because I can slide the mouse pointer behind the screen (where the mouse pointer disappears from view) and out the other side. But I can't get the focus to be on the password change screen. Even using alt-tab doesn't do any good.

So there was nothing I could think of other than rebooting. But when I tried to login I got hit by another policy decision. I can't log in more than once and somehow, the network software somehow believes that I logged in. Even though my password has not changed.

I can't log in because I'm already logged in and I can't change my password because I can't get logged in. You know, sometimes it's really hard to like using computers...

Sigh. Fortunately, I can still access my PC (but not the network) so I can do some work.

Aloha!

Firefox 1.0RC2 is out. As noted earlier, you may want to wait until the Gold code is released (optimistically still scheduled for 9 November). In addition, Thunderbird 0.9 is also out.

Some people really love widgets. This past weekend I was in line at the checkout stand of our local hardware store behind a gentleman that had a basket full of little plastic bags holding all sorts of nuts, bolts, screws, and other assorted fasteners. I have no idea what he planned to do with the stuff but he sure had a lot of them.

For those of you who like to have your computer screens papered over with neat widgets, you may want to check out the Konfabulator. While, I think, this started out as a Mac only program it has since spawned a Windows 2000/XP version so now everyone can have widgets showing the temperature and time of every city across the globe...

Aloha!

So Firefox 1.0 has been released (get the US release here. NB, link goes directly to the file so don't click on it unless you want the download to begin). As you might expect, the thundering herds are hitting their site but if you can get in, the download is about 4.8MB and took just a few seconds to come down (YMMV, I'm using a broadband connection).

The W3Schools site has a table of browser stats that confirms the slow decline in Internet Explorer usage while at the same time Mozilla usage is rapidly increasing.

It is certainly premature to say that Mozilla will soon rule the roost by deposing IE. But it may be accurate to say we have seen the end of the beginning that could lead to that result.

Aloha!

The WindowsIT Pro site says Sun will release an Open-Source version of Solaris 10. The software, not available until sometime in January, will be free but will not include any support.

For this week's unfortunate acronym award comes the beta test of Microsoft's Windows Update Service (WUS)(see the story from eWeek here). MS is big on WUS and expects the follow-on to the Software Update Service to ship sometime in mid-year 2005.

MS revealed its WUS at the IT Forum show in Copenhagen where, among other things, Bill Gates did a demo of various new technologies. Gates would like to spread WUS as widely as possible during this beta test to ensure as many programming holes as possible can be filled before shipping.

However, leaks regarding problems with WUS have circulated for some time, especially since its been behind schedule by 12 months. Nonetheless, MS is insisting WUS will mature into a robust solution to the problem of software updates.

Those of you who are old enough to have used Windows98, lo those many years ago, may remember a utility called 98 Lite. This utility did what Microsoft said couldn't be done. Namely, it split Internet Explorer and a bunch of other embedded programs from the underlying operating system.

There is now a version for Windows XP SP2 (also works with Win2K SP4) called XPLite/2000Lite. This utility can give you back the power to pick just what is installed on your Personal Computer or at least it gives you the choice to install about 120 different Windows components.

Obviously, if you want an operating system that can do a variety of work you might not want to remove very many of those components but at least it's up to you decide. In addition, there may be times that this could act as an aid in troubleshooting problems by systematically removing components until the problem disappears.

If you need such a program, you can give it a free, limited function, test drive and see it it fits your needs. If it does, it'll cost you $40 bucks to download a license for the full monty and $10 more if you want the shiny disk edition. YMMV. Use at your own risk. The door is a jar. Objects are closer then they a pear.

Have a Great Weekend, Everyone - Aloha!

I posted last week about some Lexmark printer drivers apparently phoning home. This week comes the revelation that at least some Xerox color printers, and perhaps Canon also, encode your printer's serial number on all printed pages. The coding is then used by entities such as the US government to track documents back to particular owners. Such tracking is aided by Xerox in that they (Xerox) voluntarily provides their customer database to government workers. Is this a GoodThing?

I've talked about various browsers based on the Internet Explorer engine. One of those was called MyIE2. It had tabbed windows, mouse gestures, and other stuff that should be in IE already (but isn't since MS stopped development awhile back).

I haven't been over to their site for awhile and wouldn't have had it not been for a link in an article on the Mozillazine site that says the MS Director of Windows Product Management uses something called Maxthon. It seems MyIE2 changed its name to Maxthon and has found a following, including the MS Director.

In reading the interview though, I found it interesting that the Director seems to be saying MS doesn't need to update IE because third-party developers are providing the innovations for them and in any case, mainstream end users don't see a need for advanced features like tabbed windows anyway:

[Question:] How does Microsoft feel about third party browsers such as Maxthon and Avant Browser, which integrate much-demanded features with an IE engine underneath. Does Microsoft feel this is pulling users away from IE, or adding more of an IE user base? Isn't there a risk by pushing third-party browsers and making users more comfortable with a non-IE interface?

[Answer:] There you're only look at one dimension, which is the dimension of features. You're saying, "If I can get tabs in Maxthon, well I can go get tabs in Firefox, therefore I am going to switch." But that does away with all of the security stuff that we've just talked about, all those processes, the maturity of IE itself and the IE rendering engine, the compatibility with Internet sites, the compatibility with corporate applications - many of which use custom ActiveX controls that wouldn't run in Firefox in the first place.

Within the enterprise you're probably not going to see enterprises shift over to a tabbed browser on behalf of their users. Individual end users might decide "Hey, I like this feature and I'm going to go for it." But on balance, I don't think you're going to see the mainstream end user jump to tabs or jump to any other more advanced feature in the browser. For those users the browser is the Web site that they visit.[emphasis added]

This BBC story says Lycos Europe (no, I don't know why there isn't a US version) has a screen saver that:

endlessly requests data from sites that sell the goods and services mentioned in spam e-mail.

Lycos hopes will it (sic) make the monthly bandwidth bills of spammers soar by keeping their servers running flat out.

The net firm estimates that if enough people sign up and download the tool, spammers could end up paying to send out terabytes of data.

Generally speaking, I've had very good DSL service from Verizon, as compared to (hawk, spit) Time/Warner Oceanic Cable (see my last post about Verizon here).

Recently, Verizon offered an increased speed to 3.0mbs down / 768kps up for $10 more than I've been paying per month. While it isn't the 15 mps that I've been hoping for via fiber, it is a doubling of speed so I decided to sign up.

This is where it gets difficult. Verizon is apparently divided up into at least three different divisions. They have one each for telephone, Internet, and wireless. While you would think, being one company, their sales people would be able to provide seamless service across all divisions (or at least be able to transfer me to the next division, as needed). But, you would be wrong.

Perhaps I assume too much, in this world of instant access, that communications across divisions shouldn't be an obstacle. But in my case, it seems to be.

I called the local Verizon sales office to sign-up for the higher speed DSL and to also enroll in a special "package" deal that includes long-distance. Said package would give me the speed increase but actually cost me $2 less, in total per month, than I am paying now.

After answering all kinds of questions about the package I was told I would need to call another number to sign-up for the DSL but that she could do the package sale. So we go through that process, which included my switching from another long-distance carrier to Verizon. Unfortunately, somewhere along the line the Verizon sales person got the wrong telephone number to switch over.

I didn't know about the wrong number until I tried to switch carriers (which required going through a third-party verification service) and they wanted to confirm the number I was changing service on. Of course, the number they gave me was wrong so I was told the transfer would not go through and I had to call Verizon back again.

So, I did. Of course, I didn't get the same sales representative that I talked to earlier so I had to re-explain what I wanted to do. The new sales person said he needed to let the original sales person know about the problem and that she would need to call me back in five minutes.

I waited an hour and then decided to call the Internet division so I could at least get the DSL speed increase set-up. That was done in less than five minutes so Verizon's Internet side seems to be running just fine.

As of four hours later, with no call back from the telephone division I decided to call them and explain, for a third time, what I wanted to do. This time, the person taking the call had no problem is setting up the long-distance transfer.

I hope, all is now well. I can see the speed increase already and tested it at dslreports.com (one of many places to test transfer speed). Although I'm only averaging a little over 2.0mbs it's still pretty fast. But I guess I'll have to wait until the bills come to check to make sure everything requested was done.

There's a letter to the editor (Sorry, the link to the letter dies at the end of the day. When will these people learn?), lamenting the loss of her laptop. There is a hard lesson here for her and others like her working on important projects.

Actually, what she's missing the most is the three-years worth of data she gathered for her PhD. From her request for the data, I assume she did not make a backup copy.

The lesson here, of course, is to make backup copies. I say copies because you need to have more than one copy and each copy should be in a distant geographic area - the more distant the better.

To begin with, if you have no copies, you place yourself in a single point of failure situation. As in this case, having her laptop stolen means everything is lost.

If you have at least one copy you have a chance of continuing on. But that chance is lowered if the copy is in the same location as the original. As an extreme example, if the copy was on the same laptop, having the copy wouldn't be of any use. Having the copy on a disk next to the laptop might not be much better if the thief takes the disk or if the problem is a fire that burns the laptop and the backup disk. If the copy is kept in the same house as the laptop, you should at least invest in a fire resistant safe.

But having a safe doesn't do you much good if the problem is a tornado, flood, or earthquake and everything is destroyed. Hence, my recommendation to keep copies in as distant a location as possible. For example, you can use Google's Gmail system with its 1GB storage as one place to backup a copy. Or if you have an ISP that allows a certain amount of network storage you might use that. You could even just snail mail a copy to a friend that lives at least several hundred (if not several thousand) miles away.

As a personal example, when I was working on my masters a couple of years ago, our work group had at least eight copies of our project at any point in time. One of the copies was stored on my host server in Pennsylvania. A second was stored on Hotmail as an email attachment. A third was on a CD at work. Four and five at my house (one on my PCs hard drive and the other on CD) and the other three with the other members of our group on their PCs.

The point is, as the data becomes more irreplaceable, the number of copies and locations should increase. I feel for this student but also wonder why her advisor didn't tell her to make backup copies (one of my undergraduate professors, bless his departed soul, told everyone to make backup copies of important projects. This was back in the late 1970s so this advice is not something new.), or why she didn't see the need to make them on her own. I can only hope she kept hard copies of the data somewhere or can otherwise replicate the missing information. If not, this will indeed be a hard lesson to have to learn.

Aloha!

The Mozilla team announced Wednesday that the Thunderbird RC1 is now available. You can read the announcement here and follow the link in the post to the download. From what I can see in the Mozilla support forums, the Thunderbird e-mail client is set to go gold sometime next week (barring unforeseen problems with the RC1).

With such a short time before then, I would say it's best to wait until next week before downloading unless, of course, you want to help the Moz Squad test the RC1.

Speaking of Moz, columnist Brian Livingston's latest newsletter has a couple of tips on tweaking Firefox to run faster. He also has a link to a guy who has created optimized builds of Firefox based on your CPU. YMMV. Professional driver on a closed course. Don't do this at home (go to a friend's house and try it there).

I see that OpenOffice 2.0 is slowly making its way towards a March release date. There are some daily builds for those who are fool hardy adventurous and would like to test the latest, greatest OOdom has to offer.

I am eagerly awaiting the day I no longer need to use MS Office. Once that barrier is gone, the only one left is getting access to our Lotus Notes mail server via IPX running on Novell. I haven't taken a look at connecting to a Novell server via Linux lately and I don't know if I want to (getting IPX under Linux used to mean re-compiling the kernel. While that isn't something that difficult to do, it isn't something, in my opinion, I should have to do).

But it might be interesting to see if I could do it (I've done it before years ago but that was when there was a Linux-based client from Novell) and then run the Notes client under CrossOver. Hmmm. Something to think about for the New Year. If that was successful, I could switch to Xandros 3.0 and be done with it.

In doing some research for this post, I noticed that Novell may be working on releasing a Novell Client for Linux. You can read a little about it here from NetworkWorldFusion. Apparently, the client will be released early next year. Unfortunately, it looks like both the client and server must have some software installed. Since this would take time, I don't think our IT people will be spending that much time doing this on every server we have. Hence, this might not be a solution for us.

But if we can get this software working, it would clear the final barrier keeping me from switching to Linux.

Aloha!

Firefox allows you to tune its performance in many ways. As time goes on, more and more peformance tuning tips are coming out. One of those is found here.

The tip enables multiple simultaneous HTML requests. This can reduce the time needed to display a webpage. Note, the change is intended for broadband users only. YMMV. Use at your own risk.

Aloha!

I finally got a comment spam yesterday. The first in months. So I've made some changes in my MovableType configuration (see this Six Apart Guide to Comment Spam). I don't know if any of the changes will be helpful but I've done what I can without making it even more difficult for people with disabilities to use the site. That said, if the bad guys get past these changes, I will try installing a CAPTCHA-based challenge and response technique. I really don't want to do that since it breaks accessibility, but it may come down to that or close all comments.

Yes, I could use TypeKey exclusively, but how many people would be willing to register through them just to leave a comment? For myself, I don't bother leaving comments on Blogger or MT sites that require registration so why should I assume others would do so here?

Anyway, I've done all I can do. If you notice anything broken, which is certainly possible (I've already gotten a 500 error when testing comments so I know something is causing intermittent problems), email me using the link on the right-hand side of the screen. Mahalo in advance.

P.S. I'm going to be offline for awhile. I'm installing Xandros Desktop 2.5 for Business. Testing may take some time so don't expect quick email responses (not that I did that anyway).

Have a Great Weekend, Everyone - Aloha!

There is an update to the free Adobe Reader. Version 7.0 seems to run faster than version 6.X so you may want to install it when you have the time. If you have the full professional version (as opposed to the free reader), you may want to upgrade to version 7.0 Professional (upgrade costs $159). If you decide to stay with version 6.X (either version), you should probably update to version 6.0.3 due to a security update. YMMV.

Before doing any of the following, understand that there is no warranty whatsoever (insert Disclaimer here). You follow these instructions at your own risk. While they worked for me, it might be because I was facing in the right direction and said the magic words just right. In addition, these instructions assume you are using IPX to access the Netware servers and not IP. While the instructions may be similar, they may or may not be the same (especially when you get to the point of mounting the server. I can't say for sure because we don't use IP to access the Netware servers). And finally, these instructions assume you have at least a minimal understanding of Linux and Netware. If this isn't true, stop now because if you make a mistake, it is possible to screw up not only your PC, but also your Netware network.

That said, backup your data/applications first. Don't come crying to me if something goes wrong and you loose the next_great_novel that you've been working on for the last 10 years.

So, enough with the warnings. In Xandros you need to use Xandros Network to install the NCPFS utilities (you will need to type in your root login or already be logged in as root). Assuming this went well, go to the next step.

Open a shell window and once at the command line, SU to root (if you aren't already).

Once there, type in:

ipx_configure --auto_interface --auto_primary=on

Assuming no errors occurred, type in slist and you should see a listing of the Netware servers available to you. If this worked, you should then create a mount point by changing directory to /mnt and making a directory (The Linux command is mkdir. I created a directory called netware but you can call it whatever you want).

Take a look at the command below but do not type it in until you've read and understood the notes that follow:

ncpmount -S SERVER_NAME /mnt/netware -U CN=USER_NAME.OU=ORGANIZATIONAL_UNIT.O=ORGANIZATION

Notes:

SERVER_NAME should be replaced with the name of the Netware server you wish to login to.
netware should be replaced with the name of the directory you created earlier.
USER_NAME should be replaced with your Netware login name for that server.
ORGANIZATIONAL_UNIT should be replaced with your, now wait for it, organizational unit. Note that if you have more than one OU, you start at the lowest unit and proceed upwards. For example, OU=OFFICE.OU=DEPARTMENT.OU=DIVISION.OU=COMPANY.OU=COUNTRY.
ORGANIZATION should be replaced with your organization.

An example of what the command might look like would be:

ncpmount -S DEWEY /mnt/cheetum -U CN=HOWE.OU=ROOM51.OU=FOGGY_BOTTOM.OU=VIRGINIA.O=USA

Now that you understand what needs to be substituted in, go ahead and type the command, changing what needs to be changed to reflect your particular network.

If all is going well, you should then be asked for a password. Go ahead and type it in and hit the enter key. If that worked you should now be logged in to the Netware server. If, however, you get a "No such entry (-601) in nds login" error, this is telling you that, probably, the context is wrong (all that CN, OU, and O parts above). If you get that error, check the spelling of everything in the command. If it's correct, then perhaps you need to reverse the order of the context. That is, type the command like this:

ncpmount -S DEWEY /mnt/cheetum -U O=USA.OU=VIRGINIA.OU=FOGGY_BOTTOM.OU=ROOM51.CN=HOWE

Hopefully, you will now be logged in and you can find the Netware directories starting at your mount point (change directory to /mnt/netware if you aren't there already).

A last note, all of this stuff seems to work only, if it does at all, if you are logged in as root. Whether this is a good thing is up to you to decide.

My next challenge is to get Lotus R5 Notes for Windows working in Linux (which is the point of getting access to the Netware servers.

UPDATE:

Before you shut down, you MUST use the ncpumount -a command to unmount your Netware connection(s). If you don't, and you then reboot and try to login via Windows, your Netware server may still see you as logged in and therefore refuse to let you login again. I know this runs counter to what one How-To says but it's wrong (at least in our environment). Linux does NOT cleanly unmount your connection when you shutdown. You must do that yourself before you shutdown. So use the above command to logout of all Netware connections before you shutdown.

Aloha!

These are my random experiences in installing Xandros 2.5 Business Edition on a Dell Optiplex GX260. Your experience may vary. Remember to backup you data. Use at your own risk. Insert disclaimer here.

First, why install Linux? For me, I've been wanting to switch for sometime. For awhile, its been clear that MS considers its customers as thieves that must be beaten into submission. For example, charging $300 for Windows XP Pro (an outrageous overcharge). Requiring activation on Office (to me, the first step towards renting software). All its so called DRM BS. Add to this the steady drumbeat of security vulnerabilities and it quickly becomes a chore rather than a pleasure to work with Windows. My bottom line is I need to use tools that help me do what I want to do rather than making it more difficult. Windows no longer does that.

So, to start, I decided to boot both Windows XP Pro (which was already installed) and Xandros. Before installing Xandros, I did a disk scan to check for hard disk problems that can cause data loss, then ran defrag to compact the files as much as possible so that when Xandros changed the partition size things would go as fast as possible, and finally backed up my data to ensure I had a way back just in case it all went down the tubes.

Once done, I rebooted with the Xandros CD in the drive and began the install. I took the default installation as I wanted to see how well that went. Along the way, the install asks if you want to create a boot/rescue disk. I highly recommend that you have one since it only takes one floppy disk, a few minutes, and allows you to boot-up should things go horribly wrong.

All went well until it came time to install the printer (HP 2200d LaserJet PCL6). The install identified the printer correctly but nothing would print. So I manually changed the driver to the 2200d PostScript and all was well.

Later in the install, the First Run Wizard allows you to change the default look/feel behavior of the desktop. I chose Windows to see how someone who knew how to use Windows, but not Xandros would do. Unfortunately, doing so crashed the Wizard (signal 11) dropping me back into KDE. You can restart the Wizard by going into Launch--> Applications--> System --> First Run Wizard so all is not lost. But the stability of Xandros/KDE/Linux comes into question.

Changing from the default 32K colors to TrueColor requires a KDE restart (which means you have to save all your work before doing this as all applications will close). One wonders when KDE will catchup with Windows, which allows you to change color depth on the fly.

In any case, in poking around, I found that Xandros defaults to the Reiserfs file system. Whether that is a good thing I will leave up to you to decide. But if the custom install allows you to pick the default file system, you might want to choose something else.

So far, I've been unable to get Xandros to recognize all the keys on my MS Natural Keyboard Pro. This keyboard includes keys such as mute, volume control, back, forward, prev track, next track, and others. None of these keys seem to work in Xandros.

When doing a Xandros Network install, there sometimes is displayed an input box with two buttons (enter and close). I don't know what the input box is for but ignoring it seems to work just fine.

While fonts have gotten a lot better, they still aren't as good as ClearType in Windows. Fonts just aren't as smooth and therefore aren't as readable.

I have yet to install our default email program - Lotus Notes R5 for Windows. In order to do this, I need to get access to our Novell Netware servers. I will detail below how to do this in Xandros. Otherwise, things are moving along and as I know more I detail my results.

As warned yesterday, before doing any of the following, understand that there is no warranty whatsoever (insert Disclaimer here). You follow these instructions at your own risk. While they worked for me, it might be because I was facing in the right direction and said the magic words just right. In addition, these instructions assume you are using IPX to access the Netware servers and not IP. While the instructions may be similar, they may or may not be the same. I can't say for sure because we don't use IP to access the Netware servers. And finally, these instructions assume you have at least a minimal understanding of Linux and Netware. If this isn't true, stop now because if you make a mistake, it is possible to screw up not only your PC, but also your Netware network.

That said, a version of CrossOver Office (based on WINE) is included and installed in Xandros Desktop 2.5 Business Edition. I don't know if that is true in the other versions of Xandros so if you aren't using the Business Edition you are on your own.

Inserting the install CD and clicking on the Lotus Notes R5 install file automatically executed CrossOver Office which created a fake Windows environment for Notes to install to. Note here, as I've emphasized several times yesterday, as far as I know, you MUST be running as root for the install to work. If you aren't, the install will run until it's time to copy files to the Netware server. At that point, you will get an error saying the directory is read only.

Otherwise, the Notes install runs and appears just like it does in Windows. However, since I'm using NCPFS to access the Netware servers, and Linux does not use the idea of letters of the alphabet to represent drives (or volumes in the case of Netware) getting to the Data directory of the Netware server is a little different than in Windows. Fortunately, CrossOver Office creates a pseudo "Z:\" drive that you can use to navigate to your mount point (mine is /mnt/netware). From there, you just drill down to wherever your Lotus/Notes/Data directory is found and install to there (assuming you are doing that type of install).

Once the Data directory is identified, the install program begins copying files to there and a fake c:\ directory. The copying across the network to the Netware server seems substantially slower than in Windows. In fact, it took more than five minutes but eventually finished. It's a good thing you only need to do this once!

Once the installation is completed, you access Notes by clicking on Launch --> Windows Applications --> Programs --> Lotus Applications --> Lotus Notes. The Notes client should then start-up and you will need to do an initial configuration, as you would in Windows (again remembering the fake Z: drive is where you start to navigate from).

Once configured, the Notes client operates as it would under Windows. Although, screen updates are slower, but not so slow that it's unbearable. I did see one strange thing, when I first sent a test message, I used the network address book to lookup a name. I found the name, but when it pasted in to the "To:" section of the email, all I got was %#$@W%$!. I'm not sure why that happened and when I tried it again I didn't have that problem.

Otherwise, I am very pleased that Lotus Notes is running under a version of Linux. The final barrier to switching from Windows, for me anyway, is getting a replacement for Office that can translate Word and WordPerfect files better than StarOffice 7 or OpenOffice currently does. I understand that OpenOffice 2 will be out in Q2 so perhaps the wait is not long.

One last note, before you shut down, you MUST use the ncpumount -A command to unmount your netware connection. If you don't, and you then reboot and try to login via Windows, your Netware server may still see you as logged in and therefore refuse to let you login again. I know this runs counter to what one How-To says but it's wrong (at least in our environment). Linux does NOT cleanly unmount your connection when you shutdown. You must do that yourself before you shutdown. So use the above command to logout of all Netware connections before you shutdown.

Aloha!

I guess it had to happen. A Lego case. In fact, more than one. See them here.

Also being updated is Opera's browser to version 7.54u1 (Aside: I've never seen a numbering system like that). It's a security update so if you are using Opera, you should probably take a look at getting the update. When there, I also noticed they may be close to releasing the next major version of Opera. When that might happen I can't say, but I would think it's going to be Real Soon Now. In the mean time, you can download the Opera 8.0 beta 1 if you want. YMMV. Use at your own risk. Toilet bowl brushes should not be used for personal hygiene.

Aloha!

In all the hoopla yesterday about Apple's new MiniMe, I mean Mac Mini, there was little notice that the iTunes music client has been updated to version 4.7.1. Note that updating to this version (and 4.7 before it) will make it more difficult for you to exercise your fair use rights as it pertains to listening to music you bought on any device of your choice. According to a posting on this site, using the new version of the client can lead to music you paid for becoming unplayable (if not actually deleted). As almost always, there are workarounds.

But I am getting tired of the constant gamemanship that seems to be going on over at Apple so I think I'm going take a look at alternative ways of buying the music that I want to hear rather than what entertainment conglomerates want to sell to 16-year-old girls.

A lot of people dream about finding that One_Big_Idea. You know the one, the one that will make them unbelievably rich. The one that will put them in the top tax bracket, and be so rich as to not care about it. That one idea that will make them as big as Bill Gates, Robert Scoble or Doc Searls (just kidding there guys). Some actually do (find that idea).

But if they do, the secret they probably won't tell you is that it took going through 100 or even 1,000 ideas that didn't work to find the one that did. When that one idea does hit, everyone slaps their forehead and says "Of course. Anyone could see that would be popular." But you know, the even bigger secret is that no one could have predicted which idea was going to be the one that millions of people, making individual decisions independent of others (more or less) would sell. Because if they could, they wouldn't need to sift through the 999 that wouldn't work.

This is what I call the chaos theory of business. Even if you do all the things that the business schools teach. Even if you excel at management and can motivate your employees to do great things. Even if you are the most innovative person on the planet. No one can predict that one idea that will move the world. And anyone who says they can is either lying or trying to get you to buy his or her new management book (or both).

If this theory is correct, then it follows that there is no shame in trying a lot of different things and seeing if they sell or not. It kind of reminds me of the stock market. "Stock market?" you ask, shaking your head in bewilderment.

Think of it this way. Buying stocks is a form of legalized gambling. All other things being equal, you have no guarantee that any stock you buy will make a profit. Hence, you have no better than a 50/50 chance of making money on any individual stock. If this is true, then the smart play is to buy many stocks in many different areas (or not play at all - ed.). This is called diversification. It works, over the long run if it works at all, because while most stocks won't make money, a few will. It's these few that may cover the loses of the others and hopefully, make you better off than you were before. But since no one, including that ace Wall Street stock picker, can predict which ones will make money and which won't, you have to diversify. Note, insert disclaimer here, I am not giving stock advice nor making any kind of recommendations to buy, or not buy, any stocks, bonds, or other instruments.

So what's my point? I was reminded of all of this when I saw Apple's new iPod Shuffle. A lot of people are making fun of it and saying you could just put a yellow sticky note over the display of your old iPod and you would have the same thing. Perhaps. But I don't think so. While many people who already have an iPod or iPod mini may decide to pass, many others who couldn't see paying three or four hundred dollars for one of these players may, without or perhaps in spite of the help of such pundits, decide to buy one.

I wouldn't be surprised if it does well. But even if it doesn't, so what? Apple will come up with something else that will catch the fancy of millions of people. And as long as Apple has the confidence (and money) to continue to innovate they will prosper (and I have to eat a lot of crow because I was one of those, several years ago, who predicted Apple was going down the tubes).

Programming Note: I will be taking tomorrow off so that I have a long weekend (including Monday's US holiday for Dr. Martin Luther King). As usual, there won't be a post tomorrow and possibly none for Monday (although I may get round2it).

Have a Great Weekend, EveryoneAloha!

There is an important anti-spam update to MovableType. It closes a hole in the mail sending program that presently allows spammers to send unlimited e-mails through your installation.

You can download the complete MT program or just a plug-in. I'm getting the plug-in as I'm getting real tired of having to do complete re-installs every time MT makes a change to one file. But I digress as this is not the time to talk about MT's user unfriendly installations.

Anyway, if you are using MT, please get the update as soon as possible.

I may have posted about this kind of thing before but as computers are integrated into more and more areas of our lives the opportunity for mischief increases. In this post here, the site is saying certain Lexus vehicles may be vulnerable to computer viruses via Bluetooth cell phone connectivity.

Obviously, the phone would have to be infected or, at least, the conduit for an infection and the Lexus navigation operating system must be vulnerable to infection. These are two big ifs. But I guess it's just a matter of time before a proof of concept is done (if it hasn't been done already).

As the article points out, as scary as that may seem, what about aircraft? Especially as airliners become connected to the Internet. Can you imagine, for example, an 800-passenger Airbus navigation computer being hacked and fed incorrect altimeter data? Or how about medical devices, some of which may be running operating systems vulnerable to attack. Is it just a coincidence that EULAs for such devices specifically say they are not to be used in such applications?

Aloha!

First, some background information. Installing an upgrade version of just about any application requires that you have a previous version already installed. In the case of MS Office 2000, when installed from a CD, you can point the install program to your floppy drive to check for that earlier version. In my case, I have a copy of MS Office 4.3 on diskettes. So when the Office 2000 install does the check of my c:\ drive and doesn't find anything it asks where to look. Usually, I then insert the floppy disk in drive a:\ and point the install at that. Thus satisfied, the install trundles on its way.

But there is a problem if you try this procedure while running under Xandros Business Desktop version 2.5 and the included CrossOver Office. The problem is Xandros/CrossOver will only show your fake c:\ drive, as opposed to a mount of your actual c:\ or a:\ drives when dual booting with Windows. Hence, you can't point the Office 2000 install at your floppy drive or anywhere else for that matter.

My quick and dirty work-around was to copy the contents of the floppy disk to the root of the fake c:\ drive. I copied the files to the root of the fake c:\ drive because the install (or CrossOver, I don't know which) would not allow pointing to any of the sub-directories, real or otherwise. Note that the fake c:\ drive is found in $HOME/.cxoffice/dotwine/fake_windows/ (or, I think, in /opt/.cxoffice/dotwine/fake_windows/ if you are installing as the root user. Since I didn't install as root I don't know for sure). Note that the Xandros file manager must be set to display hidden files and folders to see the .cxoffice folder.

The solution I have may not be the most elegant so if you have a better way, let me know. Otherwise, this is more information than I've found on the rather skimpy data found on the Xandros site, CrossOver Office site, and their respective forums.

Speaking of skimpy information, if anyone knows of a Xandros article that gives step-by-step procedures on removing Xandros and restoring your hard drive partition to what it was before installing I would like to know where it is. All I can find is information about deleting the partitions and restoring the Master Boot Record but nothing about changing the partition size without loosing the data already there (when dual booting with a pre-existing Windows installation).

On a related note, Xandros, like other current Linux distributions, can not write to an NTFS formatted partition. Hence, while Xandros can read from your Windows partitions, it can not write to them (even if the partition is mounted as read/write). While I don't know for sure, I would assume this is how things work (or don't work as the case may be) when you try to write to a Windows server or PC with shares formatted as NTFS. If this is true, then using Linux as a Windows client may not be a wise move unless you never need to copy to or edit files on such a Windows NTFS partition.

With that, I think I've paid forward for the year and can get back to my regularly scheduled programming. [g]

Sorry for the late posting. I had it ready to go but was sidetracked by some other things I had to do first.

Thank you to Jon Barrett who pointed out that yes, you can write to a server with a volume formated as NTFS from a Linux client. I should have checked first before guessing that it might not be possible. Especially since I could actually login into one of our NT servers and find out.

Logging in to a one of our NT servers is remarkably similar to that in Windows. In Xandros Desktop Business Edition version 2.5, click on the File Manager icon --> Tools --> Mount Network Share.

Type in the address (we use something like \\xx.xxx.xxx.xxx\fo) and, once past the username and password, I was able to read and write files to the NTFS partition mounted there. Now if only I could do that with my own hard drive. Sigh.

Thanks again Jon!

So what do you do when you have not one, not two, but four iPod Shuffles? You create the iPod Array of course.

Aloha!

Alert 1! Alert 1! Action Message Follows

There is a web-based spoof vulnerability that works on Opera 7.54u2 and Firefox 1.0, but not IE 6/SP2. The proof of concept comes from Shmoocon (advisory here and proof web page here). The vulnerability allows anyone to spoof *any* domain, including those with SSL certificates (you know, those with https:// addresses). While viewing the certificate would show the actual, rather than spoofed site, how many people actually view the certificates to check the URL?

The spoof also fools Spoofstick so using that utility will not help you. On SSL sites, too bad it doesn't read the certificate and display the site URL.

There are three workarounds (that I know of). Look at the underlying HTML to see the actual URL. Never click on links (either on web pages or emails). Instead, type the URL yourself into your browser. Or lastly, a poster in the Firefox support forum says to do the following if you are using Firefox:

The workaround for Firefox seems to be an edit to your compreg.dat.

For windows
c:\Documents and Settings\$USER\Application Data\Mozilla\Firefox\Profiles\default.random\compreg.dat

For UNIX
~/.mozilla/firefox/default.random/compreg.dat

Removing the line that references IDN makes the problem go away. Using Find, there was a single reference for the UNIX host and 2 for the Win32 host [I found only one in mine -ed]. Removing the lines and restarting the browser makes the attack fail regardless of the about:config/userprefs.js value.

Here's an example entry.

{4byteshex-2byteshex-2byteshex-2byteshex-6byteshex},@mozilla.org/network/idn-service;1,,nsIDNService,rel:libnecko.so

Cheers,
-BeesT

Quote:
It works. After making a backup of compreg.dat i placed

#

to remark out the line BeesTea See Profile mentioned. Exploit fails

Quote:
Confirmed on Linux, also.

I can confirm that implementing the above (and clearing your cache and then shutting down and restarting Firefox) will keep the browser from going to the spoofed URL but all you get is an error message saying the paypal.com site cannot be found. I guess that's better than nothing but it's hardly informative unless you remember this is telling you a site may be spoofed.

UPDATE: You also need to type in "about:config" in Firefox and find the reference to IDN (use the filter to find the instance of idn). Once found, change the default from "true" to false" (just double click on the line to bring up the choice).

Over at the Opera Forum on this problem, Opera is essentially saying it's not their problem to fix and even if they did, the solution would keep people from using, for example, Greek or Russian sites (sounds good to me - ed.).

I dunno what I'm going to do about Opera. I understand their point-of-view. But. If companies have learned nothing from Microsoft's stumbling examples, then learn this: IT'S THE SECURITY, STUPID.

It has long been my belief that Microsoft has seen its best days and is now on a long, slow slide downwards. Note I said long, slow slide. While anything is possible, I think the probable course is a slowly decaying orbit much like a once high flying satellite - not a sudden collapse.

In an ABC News commentary, Michael S. Malone seems to agree. Using what he calls his smell test, Malone says he detects the tell tale smell of decay coming from Redmond.

The author says he sees two characteristics that lead him to his conclusion. First, mind share seems to be united in fear and loathing of Microsoft (so what else is old? - ed). And second, major delays in core products, i.e., Longhorn being, so far, two years late and missing core features (see earlier comment - ed) are occurring with regularity.

While no one can accurately predict the future all the time, I think his perceptions are correct.

I see that MS has officially confirmed what has been known for sometime, there will be a new version of Internet Explorer. Ho hum. It doesn't matter to me because I don't use it except to access the Windows Update site. Otherwise, Firefox or Opera works just fine for me. While I think it's nice for the people still stuck on IE to get an update, all I can say is thanks, but no thanks.

To software companies everywhere:

If you want to do something that's going to change the world, build software that people want to use instead of software that managers want to buy.

From Jamie Zawinski. See the full text here. WARNING: there is some strong language in his remarks.

Aloha!

Every once in awhile Microsoft sends me user surveys. I received one yesterday. I guess I should clarify that MS contracts with various outside vendors that do surveys for MS. But I really have to wonder about a company that creates a survey web page that can only be answered by using Internet Explore (as is the case in the one I got).

More and more people are using browsers other than IE (see stats here, here, or here) so if you want to have the maximum probability of getting good results to a survey you need to code the survey pages so that it is browser independent. This is not hard to do given all you have to do is write it to a generally accepted W3C standard (e.g.,HTML 4.01, in effect and stable since 1999). Do that, and just about any browser should be able to do the job.

Write it to use "features" specific to IE, or uses security holes like javascript, and you lose a growing percentage of users. While I can understand a company using the latest whiz bang feature of MS and not caring about non-IE users or security, it seems to me they are essentially cutting off their nose to spite their face. In other words, the only entity being hurt by using IE specific features is the survey taker and so, what competitive advantage is that?

OpenOffice 2.0, Beta Candidate 1.9m79, went out on the wire on Wednesday. Note well that this is not even a beta release but rather a beta "candidate". But if you want to live on the bleeding edge, you can get it here. Personally, I think I'll wait until the gold code, sometime in April or May, comes out. I anxiously await its release because if it can replace MS Word and WordPerfect, the last barrier to Linux will have fallen. And a glorious day that will be. When, not if, it comes.

For you dinosaurs who love your screen savers (you know who you are), Jamie Zawinski has released XScreenSaver version 4.20 here. It includes classics like flying toasters and the Matrix. Needless to say, it runs only on Xserver systems.

Aloha!

Google is getting slammed for a new "feature" it is planning to add to their popular tool bar. The feature, called AutoLink, would alter web pages by inserting its own links onto the page (read an eWeek article here for more details).

I don't know about you, but this just creeps me out. Perhaps it shouldn't since it isn't that much farther down that road than if you use their search engine and the advertising on the right panel changes based on what you are searching on.

But, in fact, when Microsoft tried something similar with their so called smart tags, the resulting cries of outrage were heard around the world. As for me, I don't see how this feature is different from adware/spyware that hijacks your browser and inserts its own links onto Google web page searches (other than you are accepting it, knowingly or not).

It was bad enough when Google's Gmail scanned your emails and inserted their own links based on the contents of the, you know, the private email sent to you. But now they want to insert stuff into any web page?. Where does this stop? If you Google your hard drive, would they insert links to pages similar to files it found? Is this a good thing? I dunno. You decide.

As for me, I don't use their tool bar so it doesn't matter to me. But if you use it, does it matter to you?

You know, one of these days someone is going to go a step too far with making Flash-based drives just a little too cute. Until then, check out the Mauna Tiki Data drive. It will never be confused with cute.

As the Right Leaning Plutocrats in Washington sleep the day away while companies steal your identity and fraudulently charge untold millions of dollars each year comes yet another scam.

It seems fellow Daynoter Dave Markowitz has a post on something called the Pluto Data Scam (see also this thread here from Broadband reports). It seems a charge to Dave's credit card popped up last month from something called 888 323 8955 PLUTO D - Nicosia. Only, he hadn't purchased anything from said company. He did some searching and found others had been hit by the scam.

This really shows just how important it is to check your credit statements each month. If you find something wrong, immediately double check and then, if needed, call/write your credit card company and dispute the charge.

What with the ChoicePoint scandal affecting at least 145,000 (including 600 to 700 here in Hawaii'i) and others not yet made public, the only defense you have is to vigilantly guard your money. Because, Lord knows, no one else will.

Aloha!

There are ways of keeping blog comment spam from getting through but some of the solutions may be more trouble than they are worth. I've talked before about what I've done on this site but this guy has tried experimenting with various other anti-comment spam methods and reports his results.

Although he is using WordPress as his blog software what he has done should be applicable to the more popular MovableType (which is what I use here).

That said, since instituting the changes I've made, I haven't had much problems with comment spam. What I have had, however, is ping floods where companies will hit my site six or seven pings per minute for 10 minutes at a time. Mostly they've been gambling sites with a sprinkling of the expected ED-type sites. None, of course, have been successful but it's interesting to look at the logs and see their attempts. What is not so good is the load these pings put on server but I don't know what else I can do other than get rid of trackback pings (which I'm not sure would make a difference).

In any case, the best defense I've seen seems to be to close comments and trackback pings after a length of time. I use seven days, which is why if you try to enter a comment after that time period your comment won't get through (hi Sjon! - ed.). But feel free to take a look at his work and decide for yourself what works best for you.

Aloha!

The US Justice Department will be buying $13.2 million USD worth of Corel's WordPerfect word processing software over Microsoft's Word (see the story from ABC News here).

This may not be as much a slap against MS as it recognizes that WP is still king in the legal world. As I've said before, while we are slowly converting to Word, many employees here are more comfortable using WP than Word.

That said, diversity is usually good and I'm glad the very people who are suing MS don't use their word processor to write their briefs (although it would be pretty cool if they did - ed.). Insert disclaimer here.

Fellow Daynoter John Doucette, having recently moved over to a new job at a law firm, e-mailed me to note that Word seems to be very popular, if it isn't in the majority already.

He is probably right, MS Office/Word may have already displaced WP Office in private practice. My comments earlier were about government service. But even then, I guess I shouldn't have generalized. All I can say is what I've seen here in state government (specifically the Hawai'i Judiciary, insert disclaimer here).

In our office, about half the workers prefer WordPerfect because it's what they know best and they don't see any particular reason to change. By that I mean there aren't many, if any, features in Word that would make life so much easier than WP. In addition, WP Office is a lot cheaper than MS Office.

And you know, I can't fault anyone for staying with WP. Why would anyone want to learn a new application simply because it is most popular? Shouldn't such decisions be made on the basis of criteria such as price, features, ease of use, etc.?

That said, I use Word because that's what I've been using for the last 10 or 15 years. However, as soon as Star Office/OpenOffice is able to do what I need it to do I'll probably switch over to that based on, if nothing else, it's so much cheaper and there are versions for Linux.

Anyway, as I always say, use the tool that works best for you.

Aloha!

Speaking of Xandros, I've been looking around for anti-virus software for Linux-based systems. One of the other Daynoters (sorry, I don't remember which) talked about something called ClamAV so I decided to try that.

Before going further, some of you are probably wondering why have anti-virus software for Linux? While there may be only 3,000 virus identified in Linux, versus several times that for Windows, the built-in security of Linux usually mitigates the effects of viruses. That said, that doesn't mean one should be complacent. As the number of people using Linux increases, the virus writers will spend more and more time targeting Linux. Indeed, I think some of the the first root kits were developed for the Unix/Linux operating systems so all is not lightness.

So, after a few tries at getting ClamAV to install (the install instructions are written as if you are compiling your own. Compiling your own is usually not a good idea because of problems with dependencies but go for it if you are feeling lucky. In any case, the instructions ignore the various binaries so you are left on your own on how or what to configure). With all that, I think I have it running. But as of yet, I haven't found how to get it to work with KDE. By that I mean it runs as a command line program but if I access/open/run anything using KDE, it does nothing (as far as I can tell. I opened one of the test files and ClamAV didn't keep me from opening it nor did it alert me that it was infected). In fact, even when running it at the command line, all I can get it to do is scan some files and then print to the screen a summary (or a log file).

I assume there must be a way of getting it to work with KDE? I also assume there must be a way of getting it to pop-up a box saying "Danger! Virus Found!" rather than just a summary of the files scanned and the results?

In addition, I'm having problems figuring out how to use it scan incoming e-mail. I understand there may be some third-party packages that use ClamAV as a front-end so maybe that is the way to go. But it would be great if I could just use the Thunderbird e-mail client and have ClamAV automagically scan the incoming mail (as I can do with Windows-based AVG software).

I guess I am showing my ignorance here but I think anti-virus software for Linux must mature before Aunt Minnie can be expected to comfortably use it. Until then, the search continues for something that works well in KDE. Any suggestions are appreciated.

Aloha!

If you use Xandros Linux and decide to install Popfile, a well-know cross-platform Spam filter, know that when you set up your e-mail client to access your POP server you must set the incoming port to 7071. In addition, when you want to view the web-based set-up interface, you must type in 127.0.0.1:7070. Note the difference in port numbers: 7071 for your e-mail client and 7070 for your browser. I have these here because the current default Debian (which Xandros is based on) instructions are silent on this.

Enough with the "transparent screens" already. What? You can't get enough of the effect? Well, then go here or here.

Aloha!

Electronics, like most people, hate a lot of heat. Heat reduces, sometime substantially, the expected life of electronic components. In fact, given enough heat, almost any electronic component will immediately fail.

As you may remember, I've been searching for a new CPU fan/heatsink. This is because of the extremely high temperature readings I got from the very first time I booted SWMBO new PC (Pentium 4 2.8E Prescott Core) and the related incessant CPU fan noise.

It was not unusual for Intel's CPU monitor utility, which displays temperature and voltage levels of the motherboard (in addition to fan rpm), to be constantly going off because the CPU was exceeding the maximum default temperature of 68°C. I was getting peaks exceeding 72°C (about 162°F). Even at idle (the CPU, not me) the utility typically reported 59°C (about 138°F). Compare this to the previous generation of Intel CPUs running at about 30 to 40°C.

I first tried adding more fans to my Antec SLK-2650-BQE case, which came with a 120mm rear fan (not to mention the PSU fan). I installed an 80mm fan in the side panel duct, and an 80mm front fan. While the over temperature warnings ended, they were still in the mid-to-high 60° and the stock Intel CPU fan still made an awful racket because it was spinning as fast as its little blades could go.

Hence, rather than waiting for the CPU to expire in a puff of smoke, or my eardrums to burst from the fan whine, I decided to purchase a new CPU fan/heat sink.

I mentioned before that it came down to two different models: ThermalRight XP120 and Zalman CNPS7700-AlCu. In the end, I ordered a Zalman but the smaller brother of the 7700 - the Zalman CNPS7000B-AlCu. I got this one because it didn't exceed the weight limit of 450 grams for Intel motherboards and because I could get it from Amazon.com (which is a Better Business Bureau member in good standing).

In order to install the new fan I, of course, had to remove the old one. I would like to note here that sharp metal objects and delicate motherboards and CPUs do not a good match make. Not that I had any problems mind you ;). In any case, the old fan and heatsink eventually came off. I then used rubbing alcohol to remove the excess thermal grease from the CPU. Most sources warn that you should wear gloves when coming in contact with the grease so consider yourself notified.

While the new fan is much larger than the Intel OEM one, it doesn't have any problems fitting on the Intel D865GBF-L motherboard. But be aware that the outside edge of the heatsink comes awfully close to the bottom of the power supply and may be a problem in smaller cases. I'm glad I got the smaller fan because I'm not sure I would have been able to fit the larger and heavier Zalman 7700.

Fitting problems aside, getting the new fan screwed down onto the bracket was harder than it should have been. You have to tighten down two screws. Each is situated at the opposite and extreme ends of what can be imagined as a lever. As you try to tighten the first screw down, the other end rises. It rises so much it is impossible to get the opposite screw started unless you are pressing down on it. Hard. Simultaneously, the whole assembly slides around on the thin film of thermal grease. Eventually, I got both screws started (it helps to have three hands) and was able to tighten things down and closed the case up without causing injury to the motherboard, CPU, case, or myself.

Everything booted up fine so I guess nothing was damaged. I was, however, disappointed that under idle, there was no difference in CPU temperature as compared to the stock Intel fan. I had seen other reviews in which idle temps went down by five or more degrees. But I did not find any difference at all.

However, and this makes be happy, there was a big difference under load. As mentioned earlier, using the stock Intel fan, I would get constant over heating warnings when the CPU temp went over 68°C. This occurred when running simple, relatively low-intensity applications like Word.

Except for one alarm, when first booting, the temp has not risen above about 62°C (about 143°F), even when running multiple applications like displaying a DVD ("Animal House"), while listening to an AAC (Joss Stone), and editing a document in Word. I don't know why I got that first alarm but I hope I don't get any more.

Not that everything is perfect, though. The Zalman is running at about 2,700 RPM. This creates noise. Less noise than the little Intel fan spinning at the same or higher speeds, but noise nonetheless. Fortunately, this is not a MPC that needs to be silent because it's sitting in your living room. But the noise is still something you should think about if your environment requires silence or if you are particularly sensitive to noise.

If you are, you are on your own. Perhaps the larger Zalman will work/fit. Maybe not. If not, other than going to water cooling, I can't suggest an answer to how to keep your Intel Prescott core CPU running cool and fans quiet.

Aloha!

I've been reading Mark Cuban's blog, off and on, for maybe a year now. I got linked to his site, I think, via a mention in Doc Searls blog.

Mr. Cuban appears to be, like the professional basketball team he owns, a maverick. Being a maverick is not always a Good Thing. But in his case, it is. Mr. Cuban speaks forthrigthly and with conviction. Conviction based on common sense and the research he does before he writes about anything.

So I am pleased that he is writing on the issue before the US Supreme Court regarding Metro-Goldwyn-Mayer Studios Inc., et al. v. Grokster, Ltd., et al. No. 04-480 (see this link for his additional info on the RIAA claims). He makes the clear case for technological innovation versus fear of losing control over content distribution (yes, I know, Doc hates the term).

Clearly, digital technology and distribution of music/movies over the Internet can revolutionize how artistic works are offered to their customers. Previously, a few companies controlled everything. But with the coming of the Internet, broadband connections, and digital technology, artists can now cut out the middlemen and have conversations directly with their customers.

The powers that be are clearly frightened by this and are doing the best they can to muzzle these conversations. If they win, innovations such as the Xerox machine, VCR, cassette tapes, recordable CD-ROMs/DVDs, and Tivo-type DVRs would all have been illegal (and just about all of them were opposed by these very same companies/associations using the very same arguments saying the sky would fall if they became popular and that their primary, nay only, use was to illegally copy content. Thus, stealing money from the mouths of their children).

I am especially pleased that not only does Mr. Cuban oppose these attempts to stifle digital innovation, he is willing to fund the EFF's efforts against them. This folks, is walking the walk. This is declaring to all where he stands.

Thank you Mark Cuban. We need more people like him.

Please support the EFF by becoming a member. I just did (I'm getting the t-shirt). Membership starts at only $15 for students and $25 for everyone else.

Aloha!

I like to think I keep up-to-date with what's happening with Firefox but it seems a security update slipped out the door on the 24th without my noticing it. Version 1.0.2 fixes three vulnerabilities, including one that, as the saying goes, allows the execution of arbitrary code (geek speak for anyone can run anything on your PC). Note carefully that the install instructions say to remove your previous version of Firefox before installing this one.

There is also an update to the Thunderbird e-mail program so you may want to update that too. Release Notes are here.

Aloha!

InfoWorld's Ed Foster is working on what he calls the Fair End User License Agreement (FEULA), now in version 0.90.1. The FEULA goes a long way towards making companies accountable and responsive to their customers (something the current EULAs expressly don't do). I've railed about Microsoft's restrive EULAs before so I won't do again here. But if Microsoft were to use Mr. Foster's version they would go a long way towards building trust - something long missing in the conversations with MS.

My wife's PC is overheating. Again. Sigh. I've done everything except switch to water cooling but the CPU in her PC began overheating over this past weekend. Maybe because the weather is starting to warm up. Or maybe because the motherboard is controlling fan speed and it doesn't react fast enough to load changes. I dunno.

The only thing I can think of is to install the included fan controller ( Fan Mate2) and manually set the fan speed to stay at maximum, regardless of the load, while ignoring the increased noise that will result. Big Sigh.

Aloha!

While no security solution is perfect, we need something better than just passwords. First it was ChoicePoint. Now it's LexisNexis. PCWorld has a story saying that the identifying data of about 300,000 people may have been stolen from the data company. While LexisNexis is spinning the story by saying the first 2,800 people contacted have not yet noticed any illegal activity, it is just a matter of time. I can imagine someone burning copies of CDs with the stolen data on it and selling it to crime syndicates around the world.

Identity theft will now be, if it isn't already, the biggest growth industry in crime. Close to half a million people may have had their personal information stolen. And that's just from two companies that reluctantly admitted the break ins. How many other companies, big and small, have had their security breached and financial data stolen? How many millions of people are even now at risk?

Data brokers and financial institutions make it entirely too easy to create and access accounts. Most use only passwords to identify their customers. How insecure is that? Many European banks have long since switched to more secure ways by using things like digital signatures, two-factor authentication, or other means to identify their customers.

Why aren't US businesses more concerned about security?

There's yet another Mozilla Firefox security update. The security changes for version 1.0.3 include one of those dreaded arbitrary code execution things so please get the update as soon as possible. The install instructions vary by the version you have so read it first before installing.

MovableType (MT) announced version 3.16 yesterday. There are over 100 bug fixes, including several security patches. MT is recommending that you install this new version as soon as possible.

Even though it doesn't require it, I may do a clean install so that I can get rid of all the cruft that builds up over time. If I do, the default template may get over written and therefore things may look a bit different. If it does, you'll know why.

You may also be interested to know that I'm again looking for new blogger software. One reason to switch is that running MT, and most other solutions, require that I have access to to CGI/Perl. My current host, pair.com, charges extra for such access.

Hence, I've been fooling around with Blogger because the database runs entirely on their own server while the static output can be displayed either on their server or on seto.org. This bypasses the need to have CGI/Perl access on my host site and thus could save me $144 per year.

Even cheaper yet is if my ISP, Time Warner Verizon (not to be confused with my host), allowed hosting of servers from the home. If they allowed that, I could just setup my own web and mail servers and be done with it. But since they don't, I can't (legally, anyway).

If anyone has suggestions on software that can run on, for example, a free service or even my desktop PC (Windows or Linux) while publishing to my host server, I'd like to hear from them. Thanks in advance.

Aloha!

The Inquirer website is saying AMD will launch not only their new dual core Opterons (Is it just me, or does the name sound like something Captain Scarlet should be concerned about? -ed. /digress) tomorrow, but also dual core Athlons as well. The desktop chips (there are four of them), called the Athlon 64 X2 series, will supposedly fit existing Athlon 64 compatible motherboards. However, you will need a BIOS update to get them to work. No word yet on prices (or how they will keep these things from burning the paint off of your modded PC case).

Aloha!

As you can see, things look a little different around here. I'm not done changing the CSS but it won't look much different from what you see now so if you see something you really don't like, let me know.

There is a firestorm brewing over two tech reviewers who may have been on the payroll of the companies whose products they reviewed. The Washington Post has a story revealing the connections of Corey Greenberg and James Oppenheim to various companies such as Apple, Sony, Hewlett-Packard, Seiko Epson, Creative Technology, Energizer Holdings, Microsoft, Radio Shack, Atari, Mattel, LeapFrog Enterprises and Kodak. Each apparently charged the companies between $12,500 and $15,000 each to speak favorably about their products.

Public trust is a very fragile thing. It is difficult to create but very easy to lose. What's more, we need to be able to trust our institutions because if we can't trust anyone, society falls apart. That is, we literally become hermits hiding in our houses, fearful and untrustful of everyone and everything.

Hence, when that trust is broken, those responsible need to be held accountable.

Opera 8.0 went gold last week. There are two versions, the free ad-supported version or the pay version ($39US). Within these categories, there are versions for Windows, Mac, Linux (including Xandros), PDAs, and mobile devices.

I'm trying the Linux version and find it substantially faster than Firefox (YMMV). You may also be interested in this comparison between IE 6.0, Firefox 1.0, and Opera 8 that finds Opera is the most standards compliant. Thanks to 18-year old student David Hammond for his work on the comparison.

According to this article from ZDNet, the next version of Windows will include their own spyware. It seems the new version of the Watson error reporting tool will collect much more information than it currently does.

For example, when your systems crashes, while using Outlook to email that new job prospect you haven't told your boss about, the contents of said email would go not only to Redmond, but possibly also your boss. Or when that replay of Sunday's amazing putt by golfer Tiger Woods crashes MediaPlayer 10, the URL would make its way to your IT administrator.

But, you say, you shouldn't be doing such things anyway. Yes, you are right. You shouldn't. And only bad guys should fear the black helicopters, or the FBI breaking down your door in the middle of night, or the police beating you to a pulp because you are a minority. None of those abuses of power would occur. Right? This is all for our own good. Right?

Aloha!

As part of our home security system, I recently added a Hawking Tech HNC300 network camera. This camera, that costs about $100, has its own web server built in. This allows you, with the correct setup, to access your camera from anywhere on the Internet.

I'll talk a little about the camera itself then briefly describe what you need to do to setup viewing the camera outside of your home network.

The HNC300 is a 640 X 480 CMOS color video camera with its own built in CPU and web server. All you need to do to get an image out of it is to connect its Ethernet port to a network, plug in the power, and view the output via any Java/ActiveX enabled web browser on the network.

Unfortunately, the focal length of the camera (listed as 6 mm) is such that it has a very narrow field of view. This means that in a small room you won't be able to see much other than a very small portion of the wall opposite the camera. Since this is intended for indoor security surveillance, one has to wonder how big a house/office this camera is intended for. All I can say is it's almost useless in the small hovel known as the SetoShack(tm).

In addition, the image the camera transmit is not very good (click on the sample below to see the full, unretouched, 640 X 480 version). Notice how the image is full of digital noise, washed out, lacking in highlight and low light detail, and sharpness. I'm not entirely sure it is good enough for even its intended purpose of catching a burglar. I mean, if you did a video capture of the image and tried to use it to identify someone in a court of law the defense lawyer would have a field day.

If that wasn't bad enough, even though the camera specs says it can do 30fps, all I've ever gotten is, at the most, 1.5fps (within the home network). In fact, a typical frame rate for me, over the Internet, is less than one frame per second.

As to getting the image onto the Internet, you need to do two or three things. First, you need to assign a static address to the camera. If you are lucky enough to have a bunch of Class C addresses at your disposal your work is done. If you are like most people, you don't have any static addresses and you will be using something in the internal, non-routable IP address range of 192.168.0.XX.

For my network, where I use a Netgear FR318 8-port VPN router (similar to the newer FR328 here) using DHCP to assign IP addresses, I have to reserve an address and link it the MAC address of the camera. How you setup a static IP address on your network may be different but the process should be similar.

Also, I have to open a port in my firewall and forward it to the camera. The Netgear router has several ports pre-configured, including port 80 which is typically used for webservers, so all I had to do was enable the port and I was done on the internal network side.

Now comes the tedious part. Unless you have a static IP address, your Internet address is dynamically assigned and therefore, periodically changes. Hence, if you want reliable access from outside your home network to a particular resource, such as your web camera, without checking what your IP addrss happens to be at the moment, you have to use a service like DynDNS that creates a pseudo static address for you. There are other free services out there but this seems to be the most supported by consumer grade routers. Just sign up (follow the link to the Dynamic DNS(sm)) and choose a free domain, configure your router to use it, and every time you use your browser from outside your home to access the domain, DynDNS will point to your modem/router (and thence to your camera).

Most tech savvy people should be able to accomplish the above without too much trouble. For others, using the Hawking Tech camera, the Appendix of the CD-ROM based PDF manual tells you how to do most of the setup and the manual to your router hopefully tells you how to open the port and forward it to a specific resource. That said, this is not something for your Aunt Millie to be doing.

A note about security. I have no idea what operating system nor web server application the camera uses. Hence, I can't make any statements about how secure this setup is. By opening a port in your firewall you are not only making your presence known to the world (i.e, you are no longer "stealthed"), but you are inviting all of them in. This may not be a GoodThing. If you choose to follow what I did, you do so at your own risk. Don't come crying to me if some l33t hax0r 0wnzs your b0x. You have been warned.

While the Hawking Tech camera may not be the best, I don't know of too many other cams in the $100 range that have a server and CPU built in. If you know of any that are better, let me know.

Aloha!

This is yet another tweak guide for Mozilla Firefox. It seems everyone and their Aunt Minnie has a guide to tweaking Firefox. Maybe it's because Firefox provides so many user customizations? The trade-off is a browser perhaps more complex than it should be and not as streamlined or fast as it could be.

That said, I take Firefox over Internet Explorer everyday. But I also use Opera, which is faster and more standards compliant than either of them. The "problem" with Opera is that it refuses to implement extensions to HTML that Microsoft rammed through so as to screw the competition create a "better user experience." This means many websites are unusable as their HTML doesn't render correctly in Opera.

But you know what, I don't care about sites that are clueless about making money. If they don't know enough to know how to code standards compliant HTML so that all of their customers can spend their money why should I care about them?

Aloha!

ExtremeTech has a head-to-head review between the new dual core chips from AMD and Intel. According to them, the AMD blows the Intel offering away in almost all benchmarks. The downside is both these chips cost so dang much.

In any case, it'll be awhile before I have the money to purchase either of them so it is academic to me.

Aloha!

The description of this Firefox bug has been one of my personal bêtes noires. The problem involves using the Firefox "Forward" and "Back" buttons. Although using the buttons retrieves the already visited webpage from your cache, rather than the Internet, Firefox, for some reason, rebuilds the page again. This rebuilding process takes a looooong time. Sometimes I think it would be faster if it just went out to the Internet and got the page again. I've noticed this behavior especially in the Linux version but it affects all platforms.

This is one of the reasons I said earlier that Opera was much, much faster in rendering pages than Firefox. Fortunately, one of the nightly builds has finally, finally, tried to fix this. I guess the fix will be in a yet to be released version. I can't wait.

A programming note: for i= 1 to 14: n = 14 - 1: next i:

Actually, I'll be on vacation for the next two weeks. Posts will be done when I can and not necessarily each day.

Have a Great Weekend, Everyone - Aloha!

Many people realize that stopping e-mail spam at the source, while effective, is not easy. This TechWeb article on the state of Massachusetts' efforts to stop just one spam ring is illustrative of the problems.

For example, they are trying to catch a Russian, living in Boston, using domains registered in Monaco, Australia and France, and servers in China, Korea, Brazil and Taiwan.

All I can say is good luck.

In the mean time, use spam filters such as, but not limited to, SpamAssassin, PopFile, or Clam Anti-Virus and you should be able to catch 98 percent of the spam before it makes it to your in box.

Sorry, no post today.

The Microsoft spin meisters are at it again. Noted columnist Brian Livingston quotes a Microsoft IE product manager who said Firefox had had (at the time of the Windows Hardware Engineering Conference (WinHEC), held in Seattle April 25-27)

"three major releases," she said, while Internet Explorer 6.0 had had none. This statement was presented as though a lack of upgrades to IE was a benefit.

In fact, Microsoft has released at least 20 major security patches for Windows or Internet Explorer since November 2004. Most of these patches were rated "Critical," Microsoft's most severe security alert level.

The evidence I've seen so far indicates that Firefox remains much more secure than IE.

Read Livingston's full report here. The bottom line is the only way to be completely safe on the web is to not surf at all. But for many people, the benefits of web surfing outweigh the cost. If you want to surf the web, you can reduce, but no eliminate, your exposure by turning off Java and Javascript/ASP/.Net (for e-mail, don't open attachments!). Without these enhancements, most security breaches cannot infect your system. YMMV. Use at your own risk. Don't try this at home. The door is a jar. Insert disclaimer here.

Aloha!

I may be able to do a lot of things, but learning different languages is not one of them. The US version of English is about all I can mangle manage so it should not come as a surprise that learning computer programming languages is not something that comes naturally to me.

Yes, I can usually learn enough of a language to be dangerous get the job done, but it's a struggle I don't look forward to.

For those of you who are aces at programming, you may be interested to know that Free Pascal 2.0 is on the wire. After five years in development the new Pascal compiler:

has excellent compatibility with TP 7.0 as well as with most versions of Delphi (classes, rtti, exceptions, ansistrings, widestrings, interfaces). A Mac Pascal compatibility mode is also provided to assist Apple users. Furthermore Free Pascal supports function overloading, operator overloading, global properties and other such features.

I assume the above description has meaning to you. As for me, other than the reference to, I think, Turbo Pascal (which I learned a long time ago in a ga...never mind), it's all Greek to me. In any case, go Forth and be fruitful.

unit testman;
interface
type
  myobject = object
    constructor init;
    procedure mymethod;
  end;
  
implementation
  constructor myobject.init;
  begin
  end;
  
  procedure myobject.mymethod;
  begin
  end;
  
  function myfunc: pointer;
  begin
  end;
  
  procedure myprocedure(var x: integer; y: longint; z : pchar);
  begin
  end;
  
end.

Aloha!

NASA has an interesting application called World Wind 1.3 (not to be confused with Whirled Peas 3.1 - ed.). Using a 3D engine, the application utilizes high resolution satellite images to create maps that you can "fly" though.

The 180MB application's system requirements are: Windows 2000 and above, Pentium 3/AMD Athlon, 256MB RAM, 3D graphics card, broadband connection and 2GB of storage.

Not making it up is Apple's switch to Intel processors. The MacRumors site blogged the announcement live and confirmed the change will take place over the next year or two. According to the site, Mac OSX, for at least the last five years, has been cross-compiled on to the Intel platform and is easily done because it (OSX) was designed to work on both. That said, many applications will have problems being ported over.

The new Intel Macs will be available sometime next year. One wonders when a version of Windows will be sold on the Mac?

Over and above that, one wonders what will happen to hardware sales now that the coming Macs have been announced. The danger to Apple is that sales will fall through the floor while people wait for the next generation hardware to appear a year from now.

If Apple can weather the short-term storm, the future looks bright, especially in laptop sales.

I recently read somewhere that PC laptop sales, for the first time, surpassed desktop sales. If this is true, then I'm sure Apple wants to get in on some of that money. The problem, up to now, was that the IBM chips just couldn't do the job by way of speed and the resulting heat. Intel, on the other hand, has processors specifically designed for use in laptops.

No one can accurately predict the future all the time. But it seems Apple took a look at their own and decided it was change or die.

Aloha!

The Firefox vulnerability of the week appears to be a regression of something more than seven years old. According to the Register, Firefox 1.0.4 is vulnerable to a cross-site frame injection spoof that allows hackers to insert the contents of one window into another, while making it appear as if the content was from the original window.

So, for example, you could be on the password page to your online bank and hackers could insert HTML code that re-creates a screen that looks like the original but actually sends the information to Russia. Not a GoodThing(tm).

For now, the work around appears to be: "Do not browse untrusted web sites while browsing trusted sites." Not exactly specific advice but the bottom line seems to be don't open more than one site at a time.

Aloha!

I've talked before about ClamAV, the open source anti-virus software scanner. Being utterly and completely crazy an intrepid kind of guy, I decided to try the Windows version yesterday.

As you may remember, the Linux version appears to be a command line only utility. In porting to Windows, someone came up with a GUI version that allows you to run it as a Windows application.

Being a Windows application, the install went without problems. I then ran the program to scan my hard drive. What usually takes me no more than 20 minutes, using AVG anti-virus, took almost an hour using ClamAV. Once completed, it reported two worms in emails stored in the PopFile directory.

OK, no big deal because my spam filter, PopFile, makes a copy of emails to track common traits. AVG already has removed the virus itself but the copy PopFile makes appears as if it is infected.

Since it didn't matter to me if the copy was kept or not, I decided to have ClamAv put the file into quarantine and then I could delete the file there.

This was a bad decision in two ways. First, all the stored email in Thunderbird, my email client, which totaled several thousand emails, some several years old, was deleted. Secondly, the junk folder in Thunderbird was also deleted.

It is possible that the two events, running ClamAV and the deletion of the emails, were unrelated events. But I will say that you need to be careful if you decide to use ClamAV for Windows with Thunderbird.

Aloha!

If you like free schwag (come on, be honest, I know you've ouuuued and ahhhed at MS seminars so you can get the free t-shirt), then for the cost of a stamp and self-addressed envelope, you can get three buttons and two stickers from Flickr. Unless you've been living in another universe for the last few months, Flickr is, according to them, the "best online photo management and sharing application in the world." I don't know if that is true but it is certainly the most well known.

In any case, if you want the schwag, send them the self-addressed envelope. If you want to help them decorate their walls, you may also want to include a nice postcard.

The Pew Internet & American Life Project site has an interesting study on users reported changing Internet behavior in regards to spyware/adware.

The report indicates people responding to their survey say they no longer open attachments unless they know it is "safe", are more likely to read through the user agreement/disclaimer/privacy statement, have stopped going to questionable sites, and 18 percent said they've switched to a more secure web browser.

That said, it appears what users actually do is somewhat different from what they report. For example, while 50 percent say they may have spyware/adware on their PCs, when their PCs are scanned, more than 80 percent actually were infected. And while more may be reading the user agreements than before, a full 72 percent still don't. In one instance, where a company set up a fake user agreement that included a $1,000USD reward to the first person to claim it, 3,000 people clicked on through before someone actually read it and claimed the reward.

It appears that while people's awareness of spyware/adware may be increasing, the great majority are still unable or unwilling to do much about it. Clearly, a better job must be done in educating people about the problems associated with spyware/adware and solutions to mitigate the problem.

Aloha!

You can now download Novell's client for Linux (still in beta). I haven't tried it myself because it seems closely tied to their distribution (SuSe 9.3 and/or Novell Linux Desktop 9) and I'm, for now, using Xandros. You can read the install instructions and other information here.

But if you are using Linux as your desktop and need access to Netware servers, this is one way of doing it. Whether it is the best way depends on what version(s) of Netware you are trying to connect to and what Linux distribution you use. As, it seems, with many applications in Linux, if you aren't using the exact environment they specify, you probably won't be able to install, configure, or run the application. Thus, my warning that you be using SuSe 9.3 if you are going to try this software.

Aloha!

Firefox 1.0.5 hit the wires yesterday. The release notes list over 10 security fixes, including the proverbial execution of arbitrary code. Please review the notes and then decide whether to update. I strongly suggest you do, but only you can decide.

Judging by the number of blog anti-spam utilities; the problem of blog comment spam seems to be wide spread. Unfortunately, none of the utilities are perfect. All will have problems. My own solution was to close comments after about five days because, it appeared to me, the spammers had been targeting older posts. Perhaps in the hope that I wouldn't notice them.

But, as time went on, the spammers altered their tactics by targeting comments newer than five days. I even got some for posts made that day (they must either monitor the various blog aggregators or maybe they have bots that subscribe to RSS feeds). At that point, I started using a MovableType plug-in called SpamLookup. Among other things, it does the following:

Filters inbound comments for all installed weblogs.
Filters inbound TrackBack pings for all installed weblogs.
Checks IP address of sender against DNSBL services.
Checks mentioned domain names against SURBL services.
IP match test for TrackBack pings.
URL count limit.
Dynamic proxy checking.
Moderation word list.
Block word list.
Passphrase requirement for comments and/or TrackBack pings.

So far, it seems to be doing a good job of keeping the bad guys out while letting legitimate comments in.

I bring this up because yesterday, when trying to leave a comment on another site, I got blocked from doing so. The comment was to someone who had just purchased a new Motorola Razr V3 cell/mobile phone. The comment I tried to leave is below:

Whoooot! A black V3! They just recently began officially selling those here in the US. While I like my silver V3, there is something sexy about the color black...[/drooling]

The only problem I've had with my V3 is that the display screens are unusable when I'm outside and it's sunny.

Otherwise, it works great for me.

Comment Submission Error

Your comment submission failed for the following reasons:
Your comment was denied for questionable content.

But as you can see, I got an error saying my comment was "denied for questionable content." Oh well, I guess my content is sometimes questionable ;). But this is the first time a computer confirmed it!

To test if my version of SpamLookup would give a similar result, I copied my comment into my own weblog. Interestingly, SpamLookup didn't find anything wrong and let the comment through.

Be clear, I'm not complaining about anything. Comment spam is a very difficult problem to solve and no automated system will be correct 100 percent of the time, including SpamLookup. So, I guess, I shouldn't be surprised if different configurations give different results.

One of the core paradigms of the Internet is the idea that it is a public bazaar (see the Cluetrain Manifesto, by Levine, Locke, Searls & Weinberger, especially the chapter on "Markets are Bazaars") where not only conversations can occur, but are facilitated by its very structure. In reference to this, and yesterday's post on blog commenting, I often wonder why MovableType doesn't have threaded commenting with automatic email notification (with the text of the comment) going to the person who's comment is being replied to.

As it stands now (although I don't know if this is different in MT 3.2beta), if someone leaves a comment, MT automatically emails me the text of the comment. This lets me know that a conversation may have begun and also allows me to reply, via email to the comment (if the poster left their email address).

But this is where the public conversation ends. From that point forward, the conversation continues via (more or less) private email. This continues unless I copy and paste the conversation into my blog comments. Thus, a large and perhaps important part of the public conversation may be lost.

Further, if there are multiple people commenting on a post, it sometimes becomes confusing as to what is being commented on. That is, is the person commenting on the original post or someone else's earlier comment? Unless the author of the latter comment explicitly says so, it may be unclear and the conversation becomes muddled, if not completely confusing.

I suggest that threading would take care of the problem of what is being commented on and that automatic emailing of replies to comments could let people know that the conversation is continuing (or not, as the case may be).

I dunno, just my two cents on something that has bothered me about MT, and many other blog software systems, for a long time.

Some utilities try to do everything. Others do only one thing. All try to solve problems that have bothered someone enough that they wrote a solution for it.

For example, I don't know how many times I've moved the mouse pointer over a window and tried to scroll the page, only to realize I had not yet clicked on the window first to shift focus to it.

Comes now a free Windows utility called KatMouse that allows you to use your scroll wheel mouse where ever your pointer is. Even if you haven't first clicked on that window. While, I think, there are other utilities that mimic a Unix-like behavior of keeping the focus based on where the mouse pointer is, this utility adds other options -- such as being able to scroll sideways.

Be forewarned that this utility has been around for awhile and apparently hasn't been updated recently (and has some bugs). But if you think this could solve a problem you may not have realized you even had, feel free to download it.

The folks over at Mozillazine are saying there will be an update to Mozilla and Thunderbird just days after releasing version 1.0.5. The new version, numbered 1.0.6, to be released sometime this week fixes some things inadvertently broken when 1.0.5 was released (among other things, Enigmail PGP for Thunderbird stopped working).

The site reports that, based on the problems found in the English version of 1.0.5, all work on the localized versions were halted and will go directly to 1.0.6. The unfortunate fallout is that the most current non-English version of Mozilla/Thunderbird is still 1.0.4, which has at least 10 security vulnerabilities (including, as noted earlier, execution of arbitrary code). Hence, foreign users are up in arms that they have to use version 1.0.4 while English users already have 1.0.5 (albeit with its own problems).

While I guess it's fair to object to the way Mozilla did things by delaying the release, since it apparently made a management decision not to release the localized 1.0.5 versions, perhaps the angry hoards could be a little less personal about the attacks.

[Insert disclaimer here] Sometimes I hear about companies promising things that I wonder how they could possibly do what they promise and still stay in business. This is one of those times to take what they are saying with a grain of salt and know that I have not bought, used, or seen what they are selling.

But as a public service for those intrepid souls who like to live on the bleeding edge comes PhoneGnome. They say, as I understand it, you can make PhoneGnome to PhoneGnome calls for free, but if you call a non-PhoneGnome number, you may have to pay what they call "low Internet calling rates" from whichever one of three different services you choose to sign-up with.

Note, as I understand it, you don't pay a fee to PhoneGnome, only to the service you sign-up with. Whether this is cheaper than any of the other voice over IP options available I don't know. But from what I can see, the main advantage is that you use your "normal" (land line) phone to make the calls but have them routed via whichever is the cheapest way to get there.

Note also that although PhoneGnome may not have a direct monthly cost, you must buy their $119 USD hardware (I guess you would call it a modem although I'm not sure what they call it). YMMV.

Firefox and Thunderbird 1.0.6 hit the wires yesterday. If you are using either or both, please check out the mozilla site and determine whether to update. If you do, it is suggested you first uninstall your earlier versions and then install the latest.

Joel Spolsky, he of the "Joel on Software" site, has a longish article on quality versus quantity when it comes to programming and software companies.

The common belief is that when you're building a software company, the goal is to find a neat idea that solves some problem which hasn't been solved before, implement it, and make a fortune. We'll call this the build-a-better-mousetrap belief. But the real goal for software companies should be converting capital into software that works.

For the last five years I've been testing that theory in the real world. The formula for the company I started with Michael Pryor in September, 2000 can be summarized in four steps: Best Working Conditions --> Best Programmers --> Best Software --> Profit!

It's a pretty convenient formula, especially since our real goal in starting Fog Creek was to create a software company where we would want to work [Emphasis in the original]. I made the claim, in those days, that good working conditions (or, awkwardly, "building the company where the best software developers in the world would want to work") would lead to profits as naturally as chocolate leads to chubbiness...

What a concept: Having the best employees saves time and money while, at the same time, increasing profits through the creation of great products. In order to get and keep these employees, management must create and maintain an environment in which employees want to work. There are a lot of deep psychological underpinnings to all this but the bottom line is that it works - if, that is, what you want to produce is the best. It doesn't work if who you want to sell to are Wal*Mart-type customers. His software is not free (other than a free trial version) nor even cheap (but then, nothing from Apple is cheap either). But there's another old saying: You get what you pay for.

According to this article, starting yesterday, Microsoft will require you to register your copy of Windows 2000 or XP before you will be allowed to download

"updates, such as the updated versions of its media player or graphics program, glitch fixes and other features the company may issue 10 or more times a year...

Older systems don't require validation for updates.

Security updates are not part of the system. They can still be downloaded free without the validation process.

Needless to say, according to the article, the update registration system has already been hacked.

The article goes on to say, the registration system is part of a larger effort to add copy protection to more media and devices. When this expanded copy protection system is in place, Microsoft will control PC functions such as the ability to forward email.

In my opinion, Microsoft is driving its customers to Linux and Apple by treating them (it's customers) like thieves. As for me, I already dual boot into Linux on a daily basis. As applications for Linux slowly mature, it's just a matter of time until I won't need Windows at all.

Aloha!

The Electronic Frontier Foundation has a series of articles on Microsoft's so called "trusted computing" (MS speak for they don't trust you). There are four articles, all of which illustrate the movement towards a point where you no longer control your PC (link here).

Even when there is no law forcing MS to implement some of these DRM efforts, MS appears set to appease Hollywood by implementing them anyway. Go and read all the articles and think about what it means to you and then decide whether your best interests coincide with Microsoft and Hollywood.

The weather report for Hell is freezing rain with the possibility of snow. This, after Apple announced a two button mouse.

The new mouse includes a "Scroll Ball" so you can scroll up and down as well as side-to-side on large web pages. It also includes "capacitive sensors" that act as additional buttons so you can right or left tap the mouse.

Among other things, you can:

* Program the Scroll Ball button to launch Application Switcher, then move from one task to another with a scroll.
* Set any button to start a new Spotlight search and find what you're looking for, fast.
* Change the side buttons from displaying all windows in Exposé to displaying only the windows in the current application.
* Launch any application you choose from any button on Mighty Mouse: Just select "other" from the button drop-down menu and browse for applications in the Finder.
* Designate either top-shell button as your primary - the perfect solution for southpaws.

In other news, the band called the Eagles are touring again.

EWeek did a review of Novell's SuSE 9.3 Pro recently:

Nat Friedman, vice president of Linux desktop engineering at Novell, said, "We are getting ahead of Windows for the first time."

After kicking SLP 9.3's tires, I agree. This is one impressive desktop distribution. It has every Linux application that anyone is ever likely to want and it's all tied together with either a slick and up-to-date KDE or GNOME interface.

It is not, however, for everyone and it also has its fair share of teething problems in its most advanced programs.

Rather colorful prose to agree, on one hand, that this distribution is ahead of Windows but then say in the next paragraph that "it has its fair share of teething problems." While Windows may have lots of other problems, teething is not, in my opinion, one of them.

I've ordered a copy of SuSE 9.3 Pro from Novell so I'll let you folks know what I think once I receive and install it. But I get the feeling that this distribution, as with all the others I've tried over the years (from Caldera 2.x to Xandros 3.x) will fall somewhat short of Windows when it comes to application stability and upgrade ability.

Yes, there are thousands of utilities and a few applications for Linux but many, if not most, seem to be barely above alphaware [feverishly pulling on flame-proof overalls and Apple Reality Distortion Field(tm)]. By that I mean many Linux programs routinely crash or cause file corruption. In addition, many Linux programs seem to routinely lack the mature feature set that most Windows programs have by now.

Then we come to the fetid, dead horse called dependencies hell [talk about colorful prose -ed.] that makes updating many Linux applications, even in apt-get type systems, problematic. Sometimes, you just can't get there from here. Conversely, woe be unto the person who uninstalls a library and helplessly watches as apt-get merrily uninstalls every program that uses the library without so much as single confirmation. Then, to add insult to injury, taunts you when it lists the broken packages [Not that I've ever been in this situation...].

To use an automotive industry metaphor, cars became much more popular when, among other things, they became sophisticated and reliable enough that you no longer needed to understand how they ran to efficiently use one. That is, all you need to do is start the car and drive. You don't need to know how the automatic transmission operates nor how the engine translates up and down motion to forward movement. With a replacement interval of up to 100,000 miles, you don't even need to know how to change the spark plugs. It just runs.

When Linux get's to a point in which it just runs, without having to know arcane Unix-era commands to install, upgrade, or maintain, that will be the day that Linux finally gets ahead of Windows. I can't wait.

Some constructive comments came in regarding SuSE Pro 9.3. One of them is below. I am always pleased by such comments when I compare them to some of the really negative things others seem to get. I am hopeful that such good comments will continue. Thank you to David, Buddy, Sjon, and everyone else who has helped to move the conversation forward.

I think perhaps most of your dependency problems come from the distro you've chosen to use.

I've been a devoted Kanotix user for over a year now, and every package I've installed via apt-get / Synaptic has been successful. Even updates happen flawlessly for me, including KDE related updates.

This wasn't always the case (when I used distros like Mepis, Mandriva, Red Hat). The thing that makes Kanotix different is that it's pure Debian SID and strives to remain so. This seems to give it unequalled stability, at least from what I've experienced. However, I'm not a "hacker." I just use my PC for the "regular" every-day stuff. Learning how everything works is interesting, but much of it is beyond my understanding.

I used to have to worry about libraries with Mandriva... hence why I didn't keep it around for very long. It was something I just couldn't get my head around on how to manage that stuff.

I've even purchased boxed games for Linux and simply had to execute the install.sh script. Five minutes later, I'm playing my games.

I don't install anything from source. If there's an obscure application not in the Kanotix repository, or requires me to manually find libraries and such I avoid it. But, again, I consider myself a pretty run of the mill sort of computer user (as my wife) so it's rare for me not to find what I'm looking for in Synaptic.

Another nice thing about Kanotix is it's support of Klik (http://klik.atekon.de/). I'll admit, it's not a 100% bullet proof system yet, but it's getting there.

Basically, one click on an icon or application link and Kanotix installs the package directly to your desktop. This even works in LiveCD mode. Very innovative and will be something to watch.

I feel just like you about just making it work. I use MS-Windows XP at the office, and I really think that not even XP is there. But between working at home and at the office, I find my Linux box is just so much easier to use, maintain, and to make it do what I want it to do.

I've learnt so much. And not out of desperation to get the system to work. But learning what all I can do with it. I remember hours upon hours of troubleshooting with MS-Windows. It frustrated me when the only suggestion I could get to fix a problem was to do a re-install.

Anyway, it was great conversing with you. I hope your experiences with Linux turn out to be as liberating as mine.

Check out Kanotix, though. For a system that "just works", it's the closest I've found so far.

If you do try it, let me know, or post on your blog. I'd be glad to read about your findings.

Keep in mind, if you do decide to install it from the Live CD to your hard drive, you will have to type one command in the command line window. But, at least it's only one. We (the Kanotix user group) have been trying to get Kano (the developer) to make it a link on the desktop... maybe next release. :)

David.

Aloha!

It seems that we are hit by so many ads that most times we don't even notice them. But sometimes we do.

For example, I went to a news site recently to read a story about a judge who will rule on a case in which his or her recent pay raise is the issue in dispute. That's an interesting situation because it appears to be a conflict of interest.

But what caught my eye was an ad that the news site was serving. First, let me say that I realize that web pages can be created that are tailored, in one way or another, to the individual viewing the page. I think the best known examples are Google ads that appear based on the terms you are searching on.

So, I guess I shouldn't be surprised that at least one other site seems to be keying in on who you are by, I think, parsing your domain in the hope of selling you something. The ad below is the one that appeared on the site:

The ad is for a national chain of electronics super stores that recently opened in Hawaii. I have to give them credit for tailoring the ads such that it is at least geographically relevant. In fact, the ad is also relevant to me because of my interest in electronics (though, I assume, they have no direct way of knowing that). So full marks for that.

But I'm troubled by the ad for two reasons. The first is the phrase "Experience a luau of the latest technology." Perhaps I'm overly sensitive, but I don't appreciate mainland chains coming here and acting as if they are kama'aiana (literally, child of the land or island). In my opinion, it is rather presumptuous to assume you fit in just because you throw a Hawaiian word into your ad. I mean, if I went to parts of Los Angeles and tried throwing out Spanish phrases I might have my head handed to me in pretty quick order.

The second problem I have is I think it's a little creepy to tailor ads. I like to think the Internet is a vast anonymous sea. While I realize this isn't necessarily true, and becoming less so everyday, nonetheless my privacy is something I take seriously. So I don't appreciate sites trying to figure out who I am so that they can sell more goods or services.

Oh well, as I said, maybe I'm just overly sensitive about these things.

I realize modern CPUs are generating a lot of heat. But this guy went too far. He created a computer case made up of 70 fans. That's right. 70 fans.

No word yet when the utility company will build a wind farm in his room and start buying electricity created by all the wind from the fans...

Aloha!

I received the evaluation copy of SuSE 9.3 Pro a couple of days ago. Unfortunately, what Novell sent to me was the "Live" version. This version runs exclusively from a DVD, not from a hard drive.

Even with that limitation, I decided to take a look see. So I copied the supplied ISO image to my hard drive and then used EasyCD Creator to burn the DVD. However, the first try failed and I had try again. I don't know what went wrong but the second try created a bootable DVD.

After rebooting with the DVD, SuSE 9.3 Pro came up. I decided to try the browsers first. Firefox seems to run fine and since I regularly use it and don't need to see it again, I decided to take a look at Konqueror. I immediately noticed how much faster Konqueror loads and runs compared to Firefox. I don't know if this is because it is integrated into the operating system (if indeed it is) or some other reason. Still, Konqueror is a nice little browser and I could probably use it more.

Next up was the primary email application - Evolution. Unfortunately, Evolution failed to load. All I got was a message saying "The Application 'evolution' has quit unexpectedly. Restart. Close. Inform." Restarting failed to get it going and "inform" just tries to send a bug report. So I closed. I don't know if it even runs under KDE, which is what I was running or only under Gnome. If so, I wonder why SuSE includes an icon to it even when using KDE?

On the other hand, Kmail configured and worked just fine so there's always that.

Another non-starter was sound. I don't know what it is about the Dell Optiplex line but this is not the first distribution that I've had sound problems with. On the other hand, Xandros does a fine job so maybe the problem is with running Linux from a DVD or a configuration miscue.

For all that, the main reason I even considered looking at SuSE 9.3 Pro is that Novell's Netware Client for Linux (still in beta at this writing) is designed to run on it. But although I could download the 12MB Netware client, I could not expand it due to lack of "disk" space (which is understandable when you are running on a DVD-ROM). Thus, my experiment with SuSE 9.3 Pro comes to a quick and ignoble end.

This is a shame since the only thing holding me back from converting to Linux, any Linux, as my main operating system, is the lack of a Netware client. We have a load of Netware servers (as well as Windows, Sun, DEC, IBM mainframes, etc) that I need to access.

Yes, I know about and have tried various utilities that call themselves Netware clients. But. They aren't. Not really, anyway. I would guess that none have even 80 percent of the functionality of the Novell client for Windows. The show stopper, for me, was the lack of communication between the server and the various clients. Especially the notification that your password has expired and it is time to change it. Since, as far as I know, the various Linux-based utilities do not tell you this, you have no idea there is a problem until you no longer can log in. At that point, you have to contact the administrator to reset your password. Not a GoodThing(r).

Anyway, I wish I could report more but that's all I have. Perhaps, at some point, I'll download the six-month evaluation version of Novell's Desktop Linux 9, which is based on SuSE 9. At least that version appears to run from your hard drive (and is free, as in . . . free). But that won't happen until I have six blank CDs.

For now, I decided to install an older version of SuSE that I got last year. It's version 9.1 Pro and that installed to my hard drive without problems. Everything, including sound, seems to work. So I will try downloading the Novell Client and see if I can get it to install correctly. More when I know more.

This post continues the story from yesterday on my efforts to get a Linux desktop that I can use in place of Windows. The deal breaker has been and continues to be (read below) getting a Netware client that works as well as the one for Windows.

Okay, after installing the required packages (gcc, make, and the kernel source (all 180MB of it)), I ungzipped the Novell Netware Client for Linux, pointed the SuSE package installer - YaST at the directory where the client extracted to, and Bob's your cousin, it installed.

Too bad I can't get connected to my primary Netware server. As I feared, the client seems to only works with Netware versions 5.x and above. But most, if not all of our Netware servers are stuck at version 4.x with no plans, that I know of, to upgrade.

So, I guess, I really can't get there from here (which is not a reflection on the client except that it should be backwards compatible with older Netware versions). Otherwise, the client seems to work fine for betaware.

What's really amusing is that even if I got connected, the documentation says they haven't yet gotten the password changing part working. If you may remember, my problem with the other so called Netware clients is that they don't notify you when the password is about/has expired. Hence, you end up being locked out unless you mark on your calendar a date prior to expiration and change it manually.

While I could probably live with that lower level of functionality, I think I'll wait awhile until Novell gets to version 3.x of their client before switching full time to Linux. By then, we will either have upgraded to Netware version 5.x or will have converted all the servers to Windows [gasp] or Linux.

Even though I don't think any distribution of Linux is ready to provide me with the functionality, in our business environment at work (including access to Netware servers), that Windows has slowly developed over the years, that doesn't mean it can't already work for me at home.

As such, I've decided to switch all three of my desktop PCs at home to Xandros Linux (with Codeweavers). No, SWMBO will continue with Windows and no, I'm not switching my laptop, yet.

Why switch these three? In my opinion, the threat of spyware has gotten to a point where the available tools are inadequate to protect me from such programs. Yes, I already use Ad-Aware, Spybot S&D, Spyware Blaster, and Microsoft's AntiSpyware (beta).

But even using all four, tests have shown that spyware can still get through. So I've decided to spend most of my home computing time in Xandros/Codeweavers. Do I think that will stop all spyware? No, these people have an economic incentive to adapt and evade. Hence, they will probably find ways to attack Linux users. But at least it won't be so easy (I hope). YMMV.

Aloha!

There is an old saying about how the money is in the razor blade, not the razor. Transferring this to computers, I think, you could say the money is in the software, not the hardware used to execute it.

While that last statement can be debated (especially in regards to a hardware giant like Intel whose net revenue for 2004 was about $7.5 billion USD versus Microsoft's net revenue of about $5.4 billion (both numbers from their respective annual SEC Form 10-K filings and note they each have different fiscal years)), I still think the saying has some truth to it. YMMV. Insert disclaimer here.

To the extent that this is true, then I've often wondered why Apple doesn't put more emphasis on software instead of tying people to their hardware. I mean, what's the point of tying both together and, as a result, being relegated to a small niche segment of the huge technology market because your hardware is so expensive?

The latest example of where the market seems to want to go and, apparently, Apple doesn't is in its new flagship operating system OS X for PCs. This version is designed, as the name suggests, to run on the new Intel-based PCs that Apple is slated to start selling over the next few years.

However, the software is apparently locked to run only on Apple PCs with the so called "Trusted Platform Module" (TPM) chip installed. The software supposedly will not run unless the chip is present and said chips would come only with Apple approved hardware.

However, the inventive folks over at the OSX86Project are demonstrating that, yes Virginia, you can run Apple's operating system on $200 Intel systems without the TPM. Whether this is a GoodThing(r), or legal for that matter, is also debatable. But, I think this is the path the market seems to want to take.

In the final analysis, Jobs will do what Jobs will do. But, as another old saying goes: "Tell me which way the people want to go so that I may lead them there." is one way to sell a lot of razor blades (and software, too).

Aloha!

Wow! Talk about retro. The IMSAI 8080, or at least a version of it called the Series II USB, is apparently being manufactured. I say apparently because the site is kind of disorganized. But you can see the site here for yourself and decide whether you want to part with over $1,000 for something like this.

Note that you can use a regular ATX-style motherboard if you want to have a retro outside but a modern interior or buy one of their S-100. Your choice. There is also a Zilog eZ80, running at 50MHz, developers kit for those of you who are into Z-80 code (all two of you out there). The Series Two runs CP/M, although they say you have to download some of the code from other sites since they are unlicensed.

You must also remember that this is 1970s technology so when they say their system works best with hard drive partitions of no larger than 8MBs, they do in fact mean eight megabytes, not gigabytes. And when they talk about floppy drives, they are mostly referring to 5.25-inch or eight-inch drives, although you can also connect a 3.5-inch (assuming here that the diskettes can be formatted with the correct tracks, sectors, density, and side-select).

I never used, much less saw, one of the original IMSAIs back in the day. During my time in college, it was a DEC PDP-11/45 running RSTS/E, where I learned to program in Basic Plus and the Apple II, which supported, gasp, color!

Later on I purchased my own Atari 800XL, monochrome (yellow characters on black) monitor, and saved programs to cassette tapes until I got enough money to buy an external floppy drive. Hard drives? Those were those big glass platters spinning in floor standing cabinets that only the big boys had. Oh well, enough nostalgia.

Aloha!

You may not always agree with the man, as I did not regarding a contest they had that only let in 'Mericans living in the lower 48 states. But they corrected that when it was pointed out.

But the O'Reilly family of sites is being taken to task for some of the advertising therein. Mr. O'Reilly has a longish post and getting longer series of comments on the subject.

I think the conversation that has started on the subject is an important one because it affects how well Google searches perform (understanding that "well" is a relative term). What is the right way to advertise, given that advertising pays the bills for many sites, is a difficult question. But at least Mr. O'Reilly understands the questions to ask. If you have the time, go read his post and the comments to it.

Aloha!

Speaking of Wikipedia, the Wikimedia Foundation is doing a fund raiser. You can follow the link to the site to see why they're asking for money and then decide if it's worthwhile to donate. You decide. YMMV. Insert disclaimer here.

I've recently noticed that when I go to Google to search on something, I will sometimes get a cookie request from the first link that Google finds in the search.

I thought this was strange since I didn't click on the link to the first search response. In fact, I hadn't clicked on any link. Yet, I was being asked to accept a cookie from the site as if I had.

Well, now we know what is going on. The Mozilla family of browsers (which includes Firefox) implement an HTML tag that prefetchs content. The Mozilla FAQ says:

Link prefetching is a browser mechanism, which utilizes browser idle time to download or prefetch documents that the user might visit in the near future. A web page provides a set of prefetching hints to the browser, and after the browser is finished loading the page, it begins silently prefetching specified documents and stores them in its cache. When the user visits one of the prefetched documents, it can be served up quickly out of the browser's cache.

So, this is how, when using Google, Mozilla prefetches documents and stores it on your computer, without your knowledge or approval, even though you haven't clicked on any links found by your search.

In this day of super spammers, porno purveyors, and virus vermin, it doesn't take a genius to figure out that this is a vector for BigProblems(tm). Imagine the police taking you and your PC to jail because of illegal content downloaded and stored on your PC without your knowledge or consent. Imagine Trojan Horses or viruses being downloaded without your knowledge or consent.

While you can turn this "feature" off (and I urge you to do so by following the directions from Google here), I think it should be off by default. This is so obviously a problem, rather than a feature, that you have to hope that Mozilla hasn't begun to emulate Microsoft's evil ways.

I think there may be an Apple Ipod Nano with my name on it. So far, I've resisted buying an Ipod but this looks like the one for me. Of course, there is still the problem with batteries (I think you have to send your Ipod to Apple to have them change the batteries. As you know, all batteries fail, eventually, so you will have to part with your Ipod when that happens. But I digress).

The other problem is I've switched to Linux and there isn't, as far as I know, a version of iTunes for Linux. There may be a way of running the Windows version under CodeWeavers but I haven't test that, yet.

In any case, I will wait awhile to see how the reviews come in and then decide whether to get one.

Aloha!

Actually, this is a trick question. Almost no large corporation innovates. Although, perhaps, to become a large corporation one must be innovative. But once having achieved such status (i.e., large corporation), and usually a monopoly over a segment of the market, what large corporations typically do is crave the status quo (sometimes spun with the word "stability" or "predictability"). For, by definition, as long as the status quo exists, the large corporation is in monopolistic control.

Note that I am not making a value judgment here. Most businesses are in business to make money. One common way of doing so is becoming so large that you control the market. To do so, honestly, you have to produce a product or service that people want and are willing to pay for. Note also, that I'm not saying this is necessarily illegal.

But once you've either driven your competition out of business (or bought and closed all of them), you can control the price of your product without fear that someone else will under cut you and therefore take away your control. Again, this is not a value judgment. It's just business.

That said, it is a value judgment to say this is not usually a GoodThing(tm) for the buying public. First, the price of the product increases without any market-based counter balance. Second, the product stagnates. That is, no useful/innovative features are offered and existing problems are not fixed. Both, in my judgment, are not GoodThings.

This is one reason why many people ask government to step in when a monopoly exists. Leaving aside the question of whether government intervention makes the situation better, the realization that something must be done usually takes place.

However, this post is not about what should take place. It is, rather, about whether Microsoft, as a large monopolistic software corporation innovates. And as I said at the beginning, the answer, at least as it appears to me is -- not any longer.

For example, look at the price of the Windows XP Home edition operating system. At retail, it costs $199. Add to that MS Office Pro 2003 at $499. Add the two and you are paying at least as much if not more than the hardware cost of a new PC. Is this software cost worth what you pay? The answer for a growing number of people is no. There is very little that is innovate in either product and what there is, in my opinion,is very costly for what you get. Ask yourself this question: does either product help you to do what you want done better (and I don't mean faster or more of, that is more a function of the speed of the PC, not the software)? For many people, the answer is no.

So, what to do? For now, start exploring the alternatives. There are other operating systems. There's the Mac OS, Linux/Unix, and a bunch of lesser known platforms out there. Running on these platforms are some applications that are full of innovations. I urge you to take a look at them and examine whether they meet your needs. If not yet, stay with what you have. But I think you will find that these applications are improving by the day and if you come back and take a look in a year or two, you may be pleased with what you find. Or not. YMMV.

Aloha!

Soon after my problems with LANDesk, I decided to upgrade to MovableType 3.2 (yes, I know, just hit me on the head now and save me the trouble later). MT is the content management system that I use to run this part of my website. I used to just hand code everything but, over the years, I got tired of creating the links each week so I looked for something that would do that for me. At the time, and this was several years ago, MT looked like the best way to go even though it was akin to using a sledge hammer to swat a flea. But the worst part is that I still end up coding, although it's more CSS related then HTML. But I digress.

So I downloaded, configured, and installed the latest version and immediately got a 500 error when I tried to run it. Sigh.

A 500 error is a general error that can be caused by multiple things. Since I got rid of Windows at home, I was using Linux-based utilities to download, unpack, edit, and then upload the files to my host server. Somewhere along the line, I must of done something wrong. So I checked the configuration file but, as far as I could see, all looked well. My next guess was that I somehow uploaded the files in binary rather than ASCII format. Now, you Windows folks out there are probably wondering about what I'm talking about. First, let me say I'm not a Linux/Unix expert, but from what I understand, Linux/Unix does not use file name extensions to determine whether a file is a binary executable application or an ASCII text file. Hence, among other things, when you transfer a file, you have to tell your FTP program which it is. If you don't, or if you get it wrong, your application won't run. So I uploaded everything again, making sure to use binary for the binary files, in this case the binaries are image files, and ASCII for everything else. But I still got the 500 error. Sigh.

At this point, I deleted everything in the MT directory, downloaded the tar file again, unpacked, configured, and uploaded everything again. This time it worked.

But that wasn't the end of things. Having triumphed, hubris took over and I decided to upgrade the templates that create the look and feel of this part of my site. Big mistake.

I chose to use a plugin that is supposed to automagically change the templates and CSS for me. But it didn't work. It copied the base CSS file into the wrong directly so the right column of this page ended up at the bottom. Once I figured that out, and moved the file to where it was supposed to be, most of the page looked fine. Unfortunately, while the main index page is okay, some of the archive pages have text that extend outside of the column. After scanning the MT support forums, I find that some of the CSS files have bugs. This does not instill trust in my heart knowing that they released an application with obvious bugs like this.

If that wasn't bad enough, even though this is only a point update, MT decided to change the User Interface. Although others are generally okay with this, I'm not. At least some of the changes, like removing the link to viewing the site, really don't make sense to me.

Perhaps after I cool down I may see the logic to the changes but I right now, I'm thinking of going back to how I used to do things. I realize that this reduces my visibility because I would not be pinging the aggregaters (sp?) nor would I have an RSS/XML feed. But I have to wonder if it's worth the trouble to continue to work with MT. We'll see.

Sorry, no post today. It seems my troubles with LANDesk continue. Apparently, and this is a guess on my part, the system is setup to check whether you have LANDesk installed. If not, it will continue to force it down on to the PC until it is. Hence, my hard drive is corrupted again. Sigh.

I will be be spending my time today reformatting my drive and re-installing Windows. However, I may no longer be logging into our Novell Netware network since as I soon as I do, my hard drive will be corrupted again by the forced installation of LANDesk.

The only long-term solution I see is to use Linux and log in to the Network from there. That way, when LANDesk tries to install, it will die a deserved death since it doesn't run on Linux and even if it did, it would require root-level access to install.

Have a Great Weekend, Everyone - Aloha!

So, for now, I am operating using Xandros Linux at work so that my PC won't become corrupted by the forced installation of LANDesk. In order to check my office email, I have to rely on CodeWeavers/Wine to run Lotus Notes in an emulation mode.

But, in order to have Notes access the Domino server (where the email is stored), I have to login into the Netware network. Since doing that under Windows will result in LANDesk being installed, I have to instead use the Linux ncpfs utility to get logged in. That said, I still can't figure out how to, when the time comes, update my Netware login password. Changing to the Netware default /sys/pub directory doesn't show the setpass utility (nor if it did, how to run it under Linux).

I've tried installing the NovelClient from SourceForge from both the .rpm and the source but find it incompatible with Xanrdos. It appears it is designed to work with SuSE 9.x, but not Xandros. I've also tried, before, to use the Novell Client for Linux (beta) but that doesn't work with Netware version 4.x, which is what we have.

Hence, I will have to login in using Windows at some point to change passwords (which expire every so often). Hopefully, before I need to do that, I will find another way to change passwords. Sigh

As an aside, SuSE has announced version 10 will be out next month so I'm glad I didn't buy version 9.3. If Novell is willing to send me a review copy of version 10 I will take a look at it but if it doesn't include CodeWeavers I'm not sure how well it will fit my needs.

Aloha!

I have two problems to report in using Linux.

The first involved printing an Adobe Acrobat file. The file began as a WordPerfect file emailed to me from another worker. The file was then forwarded to another person who, I believe, inserted an image of their signature into the file, converted it into an Acrobat file and emailed that back to me.

Although the file displays fine, printing it results in a series of boxes, rather than text. I've tried various printer drivers but the problem may be in the Adobe Acrobat fonts. If so, as far as I know, there's not a whole lot I can do. So I booted into Windows and printed the file there. Otherwise, other Acrobat files seem to print fine.

As an aside, when installing the printer, Xandros indicated the "hpoj" driver would be a better fit than the HP 2200 that was the default for my HP LaserJet 2200d. However, nowhere did it say how to install this driver. In order to do so, you have to use Xandros Network to search for the hpoj driver. Once found, install it. Once installed, you have to run, at the command line, the following:

/etc/init.d/hpoj setup

The command line install will then ask you a bunch of questions, the answers of which depends on how your system is configured. Once done with the command line setup, you then have to go to Launch -> Control Center -> Peripheral Devices -> Printers -> Add -> Local Printer. The wizard continues but what you need to do is add the hpoj driver. Unfortunately, it didn't solve the problem with the Acrobat file but at least I have the hpoj loaded. But I digress.

The second problem is using my scanner. I have a Visioneer OneTouch 9120 USB scanner. However, there does not appear to be a Linux driver for this scanner. I checked out the SANE scanner site and found Visioneer is not supported. I checking other sites and it appears that it comes down to I am out of luck and should instead buy an Epson, almost any Epson. The moral of this story is check the SANE project site first before buying a scanner for Linux.

As another aside, I am using HTML-Kit, an HTML editor running under CodeWeavers/Wine. Unfortunately, HTML-Kit is not a supported application and routinely blows up. That said, it appears better suited for how I create my daily posts than any other HTML editor I've tried. All I need is something to create the post and then check for HTML syntax errors. That it does well. The spell checker also works, but that is a bonus because all I want is something to check my short posts, not something to create a multi-page site or something that gets in the way by creating crufty, non-standards compliant HTML.

In any case, I'm still here and still using Xandros Linux. But I have to switch over to Windows every once in awhile when I find problems like the two above.

Aloha!

In an announcement released on Tuesday, the Opera web browser is now banner and licensing fee free. Up to now, if you didn't purchase a license you could still use Opera but they would display banner ads along the upper portion of the browser. Version 8.5 no longer includes the banners nor requires payment for a license.

The press release is silent on what business model they will be using but one has to wonder how they will stay in business.

That aside, Opera is a very fast (much, much faster in Linux than Firefox), standards compliant browser available for many different operating systems. Some of it's features can be found here. Note to Xandros users, and perhaps others, you should install the Open Motif client (motif-clients) before installing Opera. Opera will still run without it, but apparently not everything will work.

Give it try some time and see if it meets your needs. YMMV. Insert disclaimer here.

Speaking of service, or lack thereof, this article says Microsoft is doubling its product development and support staff next year. Usually, that would be a GoodThing(tm). But in this case, the staff is going to be in Bangalore and Hyderabad, India. I am guessing that part of the increase is in anticipation of the release of Windows Vista and the increased requirement for support it will result in. But whatever the reason, MS must feel that the economics of using offshore staff outweighs the inability of most people to understand a thing these people are saying.

Don't get me wrong, India has some of the most intelligent people around. India regularly produces some of the best engineers, doctors, and other types of professionals, anywhere. But heck if I can understand what many of them are saying.

Aloha!

Back in August of last year, I talked about the sale of Verizon Hawaii telecommunications to the Carlyle Group. I predicted that services would probably deteriorate due to the economics of the sale (taking on all kinds of debt while promising not to increase prices).

Well, its been a little over 12 months, but it's beginning to happen. Over the last two months Internet access has not only slowed from the 2mbps I used to get down to 500kbps but, in addition, the connection is going dead several times a week. Prior to these problems, I had had only two outages over a two year period and was getting a steady 2mbps.

It should be noted that although the Carlyle Group bought out Verizon Hawaii, Carlyle then turned around and contracted with Verizon to continue to provide, among other things, Internet service. The problem is, Verizon has no monetary incentive nor, apparently, any contractual requirement to upgrade the system as more users are added. And add new users they have. Hence, the network is over capacity and thus the slowing speeds and network outages.

It is my understanding that Carlyle is working on creating its own network Real Soon Now. But once completed, I have to wonder how reliable and how fast it will be. I guess time will tell but I predicted this problem more than a year ago and I can predict that Carlyle will not be able to provide either speed or reliability because of the high debt that was part of the structuring of the deal to buy out Verizon. I hope I am wrong but I fear that the economics of the deal simply doesn't allow for good service.

As I've noted before, my remaining problem with using Linux in a Novell Netware 4.x environment was changing my Netware password. You may remember that I'm using the NCPFS utilities to login to our Netware server and mount the volumes I am authorized to access. This mini how-to assumes you have successfully been able to get logged in and have mounted said volumes.

The NCPFS utilities (as of this writing I am using version 2.2.6) include, among other things, something called nwpasswd that provides a way to change your Netware password. However, partly due to a sketchy MAN page/example and partly due to my lack of understanding of how Netware logins work I have not been able to get nwpasswd to run error free. The error I keep getting refers to an unknown server error (0x89F0). I tried Googling for reasons why I would get this error and found one site that said nwpasswd doesn't work if the server is on a different sub-net from the client that is trying to login. I believe this is the situation on our network so this may be why I can't use this utility. If you can get it to work, great. If not, you may want to read on.

In searching for another utility, I found that NCPFS also includes, but does not install by default, a program called chgpwd. It is located in the /contrib/tcl-utils directory of the default NCPFS 2.2.6 install. I don't know why there would be two NCPFS utilities to change passwords but there you go.

However, under the default Xandros distribution, I couldn't find this utility nor even the directory it's supposed to be in (perhaps because NCPFS was installed using Xandros Network). So I downloaded the full NCPFS 2.2.6 package, untared it, changed into the NCPFS-2.2.6 directory that was automatically created, did a ./configure, make, make install-dev, changed into the /ncpfs-2.2.6/contrib/tcl-utils directory and then did a make chgpwd. Two notes: I did not do a make install in the /ncpfs-2.2.6 directory because I did not want to run the chance of installing a new version of NCPFS over the one already installed by Xandros Network since this could break something that wasn't broken. The second note is I did try to make install chgpwd, but got an error saying the default install directory for chgpwd existed but was not a directory (!?!?!). So, I just left the newly created binary in the /ncpfs-2.2.6/contrib/tcl-utils directory where it was.

At that point, I tried using the chgpwd utility and ran into problems because, now wait for it, the sketchy documentation. All I can say is you have to try the various options (taking care to observe upper and lower case) to see what works for your network. For mine, I needed the -S server name, -c context_name, -o object name, and of course, -P old password and -n new password. Note: if you use the -S server option, do not also use the -T tree option. One or the other, but not both.

For the record, using chgpwd would look something like this for our network:

./chgpwd -S DOWNING -o BOND -c AREA51.MI6.UK -P james -n moneypenny

Where DOWNING is the server name, BOND is the user name used to login to the Netware server, AREA51.MI6.UK is the context on the NDS tree for the object BOND, james is the current password and moneypenny is the new one.

Be aware that this utility does not give you any feedback unless something goes wrong. YMMV. Insert disclaimer here.

I spoke too soon when I said I had solved the last problem I had in switching from Windows to Xandros Linux. There is a wee small problem involving UDF packet writing tools.

This is not the place or time to do a tutorial on UDF packet writing software so I won't. But In the Windows world, the Adaptec UDF packet writing driver is almost a standard. You can easily find and buy preformatted CDs with the driver already included. Using such disks, and the driver, you can easily copy, backup, and move data between PCs. It just works. Even if the disks don't come with the driver, you can download a version from any number of places and install the driver with no more trouble than clicking on the install file.

In Linux, things are a bit different. Or at least it is in the default Xandros 2.6.9-x1 kernel world it is. I have three choices. First, do nothing and therefore lose access to gigabytes of data I have stored on CDs and DVDs. Second, download over 30MBs of 2.6.9 kernel source and then patch and compile the kernel, hoping that nothing breaks as a result. Or lastly, download over 30MBs of 2.6.11 kernel source and compile, hoping that nothing breaks as a result.

There is an old phrase that says: damned if you do and damned if you don't. I need access to the data. I can't get the data unless I do either option two or three. After thinking it over, I've decided to use option four. That is, I'll access the data in Windows and copy to a partition, as needed, that can be accessed from within Linux. It's the best work around I can think of right now - which is a pretty sad state of affairs.

For those of you who want to recompile your kernels, and are using the Gentoo distribution, there is a How-To here. For other distributions, I guess you are on your own as I've not found an official How-To and most of the unofficial ones I've seen are written for their specific configuration, even though they don't usually specify what that configuration is. So, I guess, this is just one more thing that is not going to happen under Linux. At least, until Xandros updates the kernel to something above 2.6.9. If you have another way of accessing such data, drop me a line.

Aloha!

Usability guru Jakob Nielsen has updated his Top Ten Web Design Mistakes. But the current list looks much like earlier ones. On the list are the usual suspects such as: small font size/low contrast between text and background, JavaScript for links, and frozen layouts with fixed page widths.

The default MovableType CSS/templates have these problems so you may have noticed the first thing I did was change the font sizes and text/background colors. I haven't had the opportunity to change the frozen layout/fixed page width yet but plan to switch to a "liquid" design as soon as I can.

I am always amazed by the number of sites that use extremely small gray fonts on colored backgrounds. These people must use 640 X 480 black and white screens or something because if you're like me, using a 17-inch screen at 1280 X 1024 resolution their sites are almost unreadable. I am constantly having to increase the browser display font size and am getting tired of doing that. Folks, edit the CSS to remove fixed font sizes. It's not hard. You can do it. For example, if your CSS looks like this:

body
{
   margin: 0;
   /* setting border: 0 hoses ie5 win window inner well border */
   padding: 0;
   font-family: verdana, 'trebuchet ms', sans-serif;
   font-size: 12px;
}

All you need to do is change the font-size: 12px; to something like font-size: medium; and you are good to go. Now, that's not hard is it? By doing so, you could be solving the number one problem in bad web site design. Not only that, you make it easier for your readers to see your writing. I think that's a GoodThing(tm).

I'm working on finding a Linux friendly HTML editor. Although I have HTML-Kit running under Wine, I would like to find something native to Linux. Currently, I'm looking at BlueFish and N|vu.

Before I get to those two, a digression. I installed the W3C's Amaya editor but found the UI less than user friendly. In fact, the entire application looked like it had been designed by a committee (as in a camel is a horse designed by a committee). Even though its been around since 1996 (the Palaeozoc era in web years), it just doesn't work for me.

I then tried installing Quanta Plus. Unfortunately, Xandros Network said the packages were "broken." So, I tried installing it from the source. After unpacking the download file and running ./configure, I got the first of several errors. The first was libjpeg was missing. I used Xandros Network to install that. But when I ran ./configure again, it said I was now missing libxml. Okay, back to Xandros Network and I installed that and re-ran ./configure. But now it said I was missing Qt. This went through two more iterations: KDE headers and libslt. After installing those packages, the ./configure script ran to completion without errors. But when I ran "make", it ended with three Type 1 errors and one type 2 error. At that point, I decided it wasn't worth my time and deleted Quanta Plus.

Back to the two I did get installed. Both N|vu and BlueFish seem okay, but it will take awhile before I feel comfortable in either. In addition, there is a bug in BlueFish 1.0-0.1 whereby if I try to run the spell checker it will segfault every time. That said, BlueFish seems more polished then N|vu. However, this may be more a comment on the state of Linux applications and the reason why more people don't switch to Linux than a comment on this particular application.

In any case, if you have a favorite Linux-based HTML editor, leave a comment so I can take a look. Thanks in advance.

Have a Great Weekend, Everyone - Aloha!

InfoWorld has their Top 20 IT Mistakes to Avoid list. Number one on the list is "Botching your outsourcing strategy." On the upside, our IT did outsource the hosting and running of our Internet site. The downside is that it was done because they are apparently less than clued in on how to run a website. So the good news is that they recognized their weaknesses. However, as the article goes on to say, it is a mistake to "outsourc[e] important IT functions to avoid the hard work of understanding them. Relinquishing those functions can make it hard to get simple things done."

Ditto for number two on the list: Dismissing open source -- or bowing before it. "For better or worse, many IT shops are susceptible to religious behavior -- a blind, unyielding devotion to a particular technology or platform." We loved Wang, even as Wang disappeared. We loved IBM, even as IBM got out of the PC business it never understood nor fully supported. Now, our leadership is in love with Microsoft, even as it is clear that MS is, as a server platform and desktop, insecure by design.

The list goes on but I'm already too depressed to continue. The pitfalls of IT are easy to point out, avoiding the problems is the art of good management.

I forgot to mention yesterday that the Stanford University entrant into DARPA's Grand Challenge robotic vehicle contest won the $2 million USD prize this past weekend. The winning Volkswagen Touareg SUV completed the 131.6 mile off-road course in six hours and 53 minutes (averaging about 19 mph).

Not only did the Stanford entrant complete the course, but so did four others. This is an amazing result considering that the last time the Challenge was run no one made it more than 7.5 miles. This is an incredible leap forward in integrating the systems required to autonomously navigate difficult terrain.

The VW is controlled by seven Intel Pentium M class computers and "four laser range finders, a radar system, a stereo camera pair, and a monocular vision system."

Congratulations to the entire Stanford team in their brilliant achievement.

Aloha!

Earlier I talked about lusting after admiring the new Apple Ipod Nano. But I said I would wait awhile until I had seen some of the reviews. I'm glad I did because people are reporting a problem with the case and/or screen being a scratch magnet. I can't say whether the case scratches is a "real" problem or people are just noticing it more because black cases show more scratches than white ones.

In any case (pun intended-ed.), I'll probably still get a Nano at some point but when I do I'll get a case protector.

Aloha!

Speaking of Windows and PC Magazine, there is an article that traces the last Twenty Years of Windows. In it, the author says:

When Interface Manager [i.e. Windows] was first announced, Microsoft described it as an option that would work on top of all the company's operating systems, including DOS and Xenix, Microsoft's version of Unix.

Imagine what a different world this would be if Windows ran on Linux/Unix. MS could call it Windows Vista for Unix/Linux Edition and sell it for $50. Now, that I would buy.

Love him or leave him, PC Magazine's John Dvorak stirs things up. But sometimes, he accidently stumbles on to a valid point. Recently, his column bored into Microsoft and how there is a built in conflict of interest when MS decides to sell anti-virus or anti-spyware software. The conflict arises because there is no economic incentive to make Windows more secure when you can instead force people to buy additional software to do so. In fact, the more insecure you make Windows, the more money you can make selling add-ons to "fix" it.

He goes further to contend that Windows cannot ever be made secure because of its core architecture. That is, in order to secure Windows, the very way and the very services MS wants to offer would either have to change or be eliminated.

Since that's not likely to happen, Dvorak pulls our leg a bit and says Windows Vista should come out in the following versions:

• Vista - Won't Boot Edition - $29.95

• Vista - Preloaded with Viruses and Spyware Edition - $39.95

• Vista - Initially Clean but Use at Your Own Risk Edition - $49.95

• Vista - Clean with Firewall and Weekly Protection Update Edition - $200

Sometimes, the Internet is like a box of chocolates - you never know what you're gonna get (hmmm, sounds vaguely familiar). In following an old bookmark that I had, I came upon the new version of what used to be called Mandrake Linux, but under its new name - Mandriva (yes, I know, it sounds vaguely similar to this).

Mandriva 2006 was released last week Thursday and includes not only the old Mandrake, but also what used to be Conectiva and Lycoris. Whether three heads are better than one is not for me to say. But feel free to take a look. Be aware that there are commercial (as in pay)versions and one free version. Still, if you like Mandrake you may like Mandingo, errr, Monrovia, errr, Mariachi. Well, just follow the link.

Aloha!