Monday, 24 June 2002
10:31 - Well, the new edition of PC Hardware in a Nutshell was supposed to be hitting the bookstores today, but B&N is showing it as one to two week delivery and Amazon doesn't list it at all. Back when I was a newbie author, I'd get upset at stuff like this, but I've seen it happen so many times that I don't even think about it any more. If it's not actually in the stores yet, it probably will be in the next few days.
I've been working on a lot of stuff, including the TechnoMayhem.com site. It's still just in the process of being stubbed out, but I am making progress. I announced the TechnoMayhem Forums on one mailing list over the weekend, just to help get the ball rolling. I'll probably announce it on a couple of more mailing lists today or tomorrow. Starting up a messageboard is always a chicken/egg thing, of course. There has to be interesting content available before many people will join, and there has to be a fair number of members before the board has much interesting content. If you'd like to help us get the ball rolling, please visit the TechnoMayhem Forums, register, and post some questions (or answers).
I'm also working on the TechnoMayhem Newsletter, the first issue of which is scheduled to go out next week. It's a free newsletter intended for authors and readers of suspense, thriller, and mystery novels. Although it has little to do with computers per se, I suspect most of the people who read this page would find the TechnoMayhem Newsletter interesting. And of course the more copies we have circulating the better. So if you have any interest at all, please sign up for the newsletter and forward copies of it to any of your friends who might be interested. We're using a double opt-in method to ensure that no one receives the newsletter directly from us unless they've really requested it, but a bit of viral marketing certainly can't hurt. If you want to subscribe, click here for instructions.
More later, maybe.
Tuesday, 25 June 2002
9:23 - I emailed my editor yesterday to ask him what was going on with the new edition of PC Hardware in a Nutshell. He told me he'd received his copy late last week and it should be in the warehouses as of yesterday. So I called my local B&N, who said it hadn't arrived at their distributor yet but that they were expecting to get copies any day now. So if you've ordered a copy, it should be shipping any time. If you haven't, now would be a good time.
An important warning from Roland Dobbins:
And I'm still working away, which doesn't leave me much to write about here. "I researched, I wrote. I researched some more. I wrote some more." That gets old fast.
13:30 - One of the things I like about Outlook 2000 is that when I have it configured to use multiple accounts it's smart enough to reply from the account the message I'm replying to was sent to. For example, if someone sends me mail at ttgnet.com and I reply to that message, the reply comes from my ttgnet.com account, whereas if the original message was sent to my hardwareguys.com account, my reply automatically comes from my hardwareguys.com account.
That's a very nice feature, but I wish they'd taken it one step further. Outlook 2000 allows me to specify a default sig, but if there's a way to vary the default sig based on the account I'm using to send, I can't find it. Surely that's an obvious requirement? But Outlook apparently provides no way to handle it, short of manually changing the sig per-message or changing the default sig. It's a minor aggravation, but an aggravation nonetheless.
Wednesday, 26 June 2002
9:36 - Roland Dobbins points out that Evolution changes the sig to match the account from which one is sending. I actually knew that, but I'm waiting for Evolution to get a bit more stable before I start using it as my main mail client. The last time I used it intensively, Evolution was at release 1.0.3, and it crashed frequently. One one notable occasion, Evolution crashed and took all my desktop and taskbar icons along with it. I'm sure there was some easy fix for that, but as a Linux newbie I saw that one as a showstopper. I understand that the later releases have improved substantially, so I'll probably try Evolution again before long.
The Register posted an article by Thomas C. Greene yesterday about the effect of Palladium on the GPL in general and Linux in particular, entitled MS to eradicate GPL, hence Linux. I don't much care for Mr. Greene's politics, but he nailed this one. As I've been saying for years now, the answer has to be that we simply refuse to play on Microsoft's terms, and that we refuse to allow them to impose their terms on us. Make no mistake. Microsoft has declared a war of eradication against GPL in general and Linux in particular, and they'll do whatever is necessary to destroy them. The time for us to start fighting back is now.
11:22 - The RIAA/MPAA Copyright Nazis are at it again. Congressman Howard Berman (D - Disney) has proposed a bill that would permit music and movie companies to launch DoS attacks and similar exploits against peer-to-peer servers that they consider to be violating their copyrights. This bill would legalize actions that are currently illegal under federal law, and for good reason. Who decides which servers are attacked and shut down? Why, they do, of course.
I'm getting tired of writing about these outrages. Microsoft, the RIAA, and the MPAA regard us all as thieves, and are buying legislators and laws that treat us as such, but without even the protections accorded to a real thief. It's time and past time to start boycotting these sons of bitches. Please don't buy their products. Stop buying or renting DVDs and tapes. Stop buying CDs. Stop buying software from Microsoft. Vote with your wallet.
None of this is about piracy or copyright violations. That's a red herring. It's all about controlling us and eliminating Fair Use. Microsoft want you to pay them each and every time you boot up your computer or start your word processor. The RIAA and MPAA want you to pay them each and every time you listen to a CD or watch a movie. In the past, they've in effect sold you their products. Whatever the license agreement said, you paid them once were then able to use the product freely without additional payments.
That's no longer good enough for Microsoft, the RIAA, and the MPAA. They want you to pay and keep paying, and they'll do everything they can to force you to keep coughing up. They'll use activation schemes and copy-protection and Digital Rights Management. They'll insist that all new PCs include Son-of-Clipper-Chip. They'll pass laws that assume every one of us is a thief, despite the fact that all we're doing is exercising our Fair Use Rights. They won't be satisfied until they control your PC completely.
Screw them, I say. Stop buying their products. Vote with your dollars and put the sons of bitches out of business. Stop buying their products. I tell you three times. STOP BUYING THEIR PRODUCTS.
Thursday, 27 June 2002
9:36 - FedEx delivered a copy of the second edition of PC Hardware in a Nutshell yesterday afternoon. At nearly 800 pages, it's almost 60% larger than the first edition, and I think we used that additional page count well. I spent an hour or two last night reading it, and it looks superb if I do say so myself.
Now that the book is in print, I'll archive the PCN2 directory and start a PCN3 directory. My goal is to have the third edition in the bookstores a bit more than a year from now, say August 2003. Of course, we haven't signed a contract for the third edition. Given the extremely slow computer book market, O'Reilly naturally wants to see how the second edition sells before they commit to a third edition.
I've gotten quite a bit of feedback about my suggestion yesterday that we all boycott Microsoft, the RIAA, and the MPAA. None of these messages have expressed any sympathy for those organizations, but several have made the same point. If we boycott them, these people tell me, the RIAA and MPAA will simply use these reduced sales figures as evidence that their products are being pirated.
I'm sorry, but although I'm sure that will indeed happen, I can't agree that that's a good reason not to boycott them. Consider the alternative. We continue to put our cash in their pockets and thereby keep their sales high. How does that benefit us? They'll still be pushing for control of our PCs and our wallets, because (as I said) this has never really been about piracy anyway. This is about their campaign to remove our Fair Use rights and to convert the traditional one-time payments for their products into a continuous revenue stream for them.
So the answer is two-fold. Boycott Microsoft, the RIAA, and the MPAA on the one hand, and support alternatives on the other.
The next time you're bringing up a server, don't buy a Windows license. Buy a copy of Red Hat Linux instead. Don't sign on to Microsoft's Licensing 6. Keep using what you have for now, and start planning to deploy Linux on your desktop systems next year or the year after. When you need to buy PCs, shun companies that bundle Microsoft software. Instead, buy your systems from local white-box resellers, who will be happy to supply them without software, and generally build better systems than the large OEMs anyway. Install OpenOffice.org or StarOffice on your desktops, and standardize on their native formats. None of this has to happen right away. You have a window of a year or two before any kind of software upgrade will be necessary. By that time, you should be prepared to abandon Microsoft and go with OSS alternatives.
Stop buying CDs from RIAA companies. There's a whole world of music out there that the RIAA doesn't control. Many recording artists sell their CDs directly, and in what should come as no surprise, many of these artists produce better music than the packaged, polished, commercialized crap products that the music industry pushes. Stop going to movies and stop buying or renting DVDs. Nearly all movies are garbage anyway. Read a book instead. You'll be better off for doing that.
If as a result of a boycott Microsoft's sales start falling, they probably will claim that piracy is a major factor. We need to be able to present convincing figures to rebutt that. We need to be able to say, "The reason your sales are falling is that you produce overpriced, crappy, insecure, buggy products with intolerable licensing restrictions and as a result of that people are migrating to better alternatives like Linux and other OSS software." When the RIAA claims that widespread piracy has cut their sales in half, we need to be able to say, "People are still buying music, just not from you. They consider your CD prices an outrageous ripoff and your stable of artists to be producing slick, commercialized, unoriginal crap, so they're buying directly from artists who price their CDs at reasonable levels and provide value for money." If the MPAA complains about sales plummeting, we need to be able to say, "99% of the movies you produce are crap, so we all decided to start reading books instead."
But it has to start with you. Individually, none of us can do a thing about these problems. But if enough people get angry enough to opt out of Microsoft, the RIAA, and the MPAA, things will start to happen.
12:48 - I sent out the following warning to subscribers this morning:
Thanks to Roland Dobbins for notifying me of this one:
This is a critical vulnerability ("run code of attacker's choice") in recent versions of Windows Media Player, of all things. What's ironic is that the basis of the security hole is a flaw in how Microsoft implemented DRM (Digital Rights Management). If you have WMP on your system (and you almost certainly do if you're running a recent version of Windows), you really need to apply this patch.
As for me, the question isn't whether I'm going to transition to Linux and OSS applications, but when. Every one of these gaping security holes is another nail in Windows' coffin, and by now it's pretty well nailed shut.
Roland Dobbins sends this link, which is a pretty good summary of what Palladium is all about.
Paul Robichaux challenges some of my statements about Microsoft:
(a) for every gaping security hole in Linux, there are dozens of such holes in Windows. I also think it's interesting that ISS dropped the bomb without any warning to the Linux developers.
(b) when there's a gaping security hole in Linux it gets fixed quickly. It took Apache something like 12 hours to issue a fixed version, and not much more for SSH to get fixed.
As far as Microsoft fixing anything, I'll believe it when I see it. Allchin said flat out that Windows code was so bad it couldn't be fixed.
You may be right, but as I said I'll believe it when I see it. I'm cynical enough to believe that Microsoft is concerned with security only to the extent that improving security will improve sales. Judging empirically, Microsoft seems actually to benefit from security holes in their products, because security holes drive paid upgrades.
I've not written code in years, and I never did code at the OS level, but I've talked to enough people that are in a position to know who have told me that the whole Windows edifice is unfixable that I believe that's true. Microsoft is trying to add security to an existing OS that comprises something like 40 million lines of code. I don't think they'll be able to do it effectively. But we'll see.
In a couple of years it won't make any difference to me at all, because I'll not be running any Microsoft software at all by that time. Even if their software is perfect I'll refuse to use it simply because I don't care for their licensing terms or for their close co-operation with the Copyright Nazis and other scum of the world.
14:07 - This from Greg Lincoln:
An excellent point, and one I should have made. Of course, to use reductio ad absurdium, we could argue that Linux has seldom (never?) had a security hole, because Linux itself is in reality just the kernel. But your point is good. A typical Linux distribution installs hundreds or even thousands of separate programs, and to count problems with any of those many programs against Linux is in a sense unfair. For example, the recent security hole in Apache is the first I can remember. Perhaps there have been others, but I don't recall them. On the other hand, Microsoft's IIS seems to have a hideous security hole uncovered about once a week. It'd be interesting to total the number of serious security holes in those two products over, say, the last couple of years to get a rough idea of how good Microsoft software is compared to OSS.
And then, just after sending that, I found the following message from Jon Abbey over on the Daynotes messageboard:
14:10 - And, in an all time record, I follow my 14:07 post with a 14:10 post. This from Greg Lincoln:
Friday, 28 June 2002
9:36 - Hmmm. Two of my friends are engaged in a spirited debate about the relative security of Windows and Linux. First, I received the following message from Paul Robichaux:
And then whilst doing my normal morning round of website visits, I found the following article by Greg Lincoln on LinuxMuse.
These guys are both my friends, and both make some interesting points, but on balance I find Greg's position more convincing. Microsoft's software is largely monolithic. When I install Windows, I have no choice about many of the components that are installed as part of Windows. I get Internet Explorer and Windows Scripting Host and Windows Media Player whether I want them or not (and I don't). When I install Linux, I do get a choice about what I want to install. As it happens, the two major "Linux" security holes that have surfaced in the last couple weeks don't affect me. I don't have Apache installed, nor do I use SSH. With Windows, I don't have that choice, so any exploit against one of Windows' core components affects me, even if I don't use it and would not have installed it given the choice.
And those two announcements have made me wonder, as I'm sure they have many people. Who is ISS and why are they suddenly finding flaws in OSS and making high-profile announcements without giving the software companies or teams even short notice to allow them time to create a fix? Brian Bilbrey wrote an interesting article over on LinuxMuse about just that question. I confess that when the Apache hole was announced, I wondered whether ISS was a Microsoft pawn. When ISS then announced the SSH hole, I really started to wonder. Has Microsoft funded these people and tasked them with finding and announcing security flaws in Linux and OSS, with the goal of making OSS look bad?
If so, it's backfired. No one has ever claimed that OSS is bug-free, just that the openness of the source code makes it more likely that problems will be uncovered and quickly fixed. In both these cases, that proved to be true.
13:05 - Some comments from Roland Dobbins vis-à-vis ISS:
13:57 - CNN reports that this picture of a Palestinian baby dressed as a suicide bomber was described by family members as "a joke". Some joke, huh? These Palestinians' sense of humor really slays me.
17:01 - My apologies to Bob Walder, who informed me that his message was not intended for publication. I have accordingly removed his original message and the response made to it by Roland Dobbins.
Saturday, 29 June 2002
9:31 - Barbara is off to a Border Collie trial today, and won't be back until mid-afternoon. I'm planning to work all day today and tomorrow on some stuff that I have to get done by Monday, so there won't be much if anything posted here. We'll also be getting ready next week for Barbara to depart on an 18-day bus tour with her parents, so things may be a bit hectic around here. Updates are likely to be short and sporadic.
Sunday, 30 June 2002
10:00 - I sent the following message to my subscribers yesterday afternoon:
Since I sent that message, this latest Microsoft outrage has hit all the on-line news sources, including Slashdot, The Register, The Inquirer, and so on. Ironically, we all got it wrong. Oh, the substance is true enough. Where we were wrong is in stating that this modification to the EULA is recent. In fact, it appeared at least as early as last fall. If we ever needed any more evidence that no one reads EULAs, this is it. That little bomb has been in the EULA for months and of all the millions of people who've had a chance to see it, no one spotted it until just now.
So this morning I decided to see what I could do about removing Windows Media Player on my Windows 2000 desktop. My recollection was that it didn't have an uninstall procedure, but I looked in Control Panel -- Add/Remove Programs just to verify that. Sure enough, there was no option to remove WMP (despite the fact that I've gotten rid of all the "HIDE" commands to make everything visible in Add/Remove Programs). So I went off to Google in search of instructions. I found many hits, most of which said to fire up Control Panel and remove WMP in Add/Remove Programs. Perhaps in some cases there is an option in Add/Remove Programs to remove WMP, but I certainly didn't have it.
So I went off to Microsoft's web site and searched it for instructions. I did find one link that sounded like just what I was looking for, but when I clicked on that link I got a 404 error. So I did a bit more searching for instructions on how to remove WMP manually. I finally gave up and just tried deleting the Windows Media Player directory in Program Files. That didn't work. Windows told me I had a sharing violation. So I tried deleting the files in that directory manually. Each time I deleted one, it came back automatically. So I searched for each file by name and then deleted it first from the dllcache directory and then from the Windows Media Player directory. Each time I did that, of course, I got a horrifying warning about how deleting that file had made my system unstable. Tough luck.
I expected at least one of the files would refuse to delete because of the sharing violation, but I was in fact able to delete every file in the Windows Media Player directory. When I then attempted to delete the empty directory, though, I got the same sharing violation. Oh, well. Everything but the directory is gone, and clicking on an MP3 file popped up a warning that Windows couldn't find mplayer2.exe. With that done, I installed the plug-in pack for IrfanView, which gives me everything I care about that WMP provided.
So WMP is off my system. But that's only a temporary fix. The real fix is to get all Microsoft software off my systems. As Jerry Pournelle says on his page, "Mac and Linux look better all the time, simply in self defense."
I really have had it with Microsoft.
Copyright © 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Robert Bruce Thompson. All Rights Reserved.