 |
Week of 12/7/98 Friday, July 05, 2002 |
|
|
Monday, December 7, 1998 There wasn't much I felt like reading last night, so I started checking the TV section. The History Channel had some stuff that looked interesting, so I turned it on. The first was an episode of their history of the gun series, this one about the Thompson Gun. John Taliaferro Thompson, the gun's inventor, is a distant relative of mine, so I decided to check it out. They actually did a pretty good job on this episode, although they greatly overemphasized the extent to which gangsters adopted the gun. That was more Hollywood myth than reality. Certainly, some gangsters used the gun, but it was by no means as common as this episode and the gangster movies would have you believe. Most gangsters chose shotguns for serious work. When they wanted an automatic weapon, they tended to use the Browning Automatic Rifle (BAR). That was a known quantity from WWI, while the Thompson Gun was a new-fangled gadget. And rightly so. I've put quite a few rounds through a 1928-A1 model. The Thompson Gun is great fun to shoot, but it wouldn't be my first choice of weapon. Regardless of what the movies show, the Thompson is controllable only when firing short bursts, even when the Cutts compensator is installed to reduce muzzle climb. The buttstock is below the line of the barrel, which means that recoil wrenches the gun up and to right as you fire it. I was able to hold 3 or 4 round bursts on a standard FBI target at 50 yards, but bursts longer than that simply waste ammunition. The drum magazines were another weak point. No matter how careful you are to keep them clean and load them properly, they jam. The military recognized this, and the M1 and M1A1 models used during WWII used only 20- and 30-round stick magazines. Submachine guns generally are not a particularly effective class of weapon. Twenty years or so ago, I participated in an ad hoc experiment to test the effectiveness of an SMG against a riot gun. My friend used his SMG, a MAC10 in .45 ACP with the Sionics suppressor, and I used my Hi Standard 10B riot gun, with the Garth Choate magazine extension installed, giving it an eight round capacity. He started with a 30 round magazine of .45 ACP, loaded to its maximum reliable capacity of 28 rounds. I started with eight rounds of 12 ga. magnum #4 buckshot, roughly the equivalent amount of lead to 24 of his rounds. We each had eight targets to "kill" and started together on a signal. When the smoke cleared, he'd "killed" four of his eight targets, disabled two more, and left two standing. I'd shredded all eight of mine. If that'd been a real fight, he almost certainly would have been dead, whereas I'd have had a reasonable chance of surviving. The moral is, if you ever have to defend yourself, pick up a shotgun. As Jeff Cooper says, firepower means hitting what you're aiming at, not peppering the landscape with misses. * * * * * I'd better get back to work on the book. I want to have at two more chapters submitted before Christmas, and that's going to be pushing it. * * * * * I've decided to dispense with the separate book of the week page, and just embed my mini-reviews in my journal. I have too much to do already, and creating separate pages for each book is too much work. The book of the week this week is Dinosaur Cat: A "Big Mike" Mystery by Garrison Allen. Barbara brought me this one, and I'll admit I moved it to the bottom of the stack because it didn't look like something I'd like. I like mysteries, but the cover art on this one turned me off. Now I'm sorry I waited, and I've asked Barbara to bring me any others in the series that she has. Although this book has gotten mixed reviews, including a pretty bad one from Kirkus (whose reviews I normally respect), I enjoyed the book. If P.G. Wodehouse had written mysteries, this is the kind of mystery he'd have written. Allen populates this book with a diverse assortment of eccentric characters, but it's a serious mystery nonetheless. Check out the reviews on Amazon. I recommend this book. * * * * * And the following mail from David Davenport:
To the best of my knowledge, you can't do that, although I haven't tried lately. I remember trying to do that years ago, and I couldn't get NM to capture packets for anything other than a "real" network card. Craig, any ideas short of using sniffer hardware? I'll also post your question on the web site to see if anyone else has a workaround. If anyone else has encountered this problem and figured out a workaround, I'd appreciate hearing about it. Tuesday, December 8, 1998 It continues to be quite warm around here for December. We have an indoor/outdoor min/max thermometer in the kitchen, and yesterday it made it up to 81 degrees. It's expected to hit nearly 80 today as well. I got a fair amount done on my chapter yesterday, and also spent some time on the phone with vendors trying to sweet-talk them out of evaluation units. It takes more work to get hardware evals than software evals, and I don't understand why that should be. Certainly, the actual cost of hardware evals is higher, but if I ran a hardware company I'd be falling all over myself to send out eval units to authors. Companies pay thousands to put space ads for their products in computer magazines, and yet no one I know is seriously influenced by those ads. Certainly, ads are useful to announce new products, or whatever, but who's going to believe all the nice things that an ad says about its own product? A book, on the other hand, is an unbiased source of information. No author I know is going to recommend a video card or a hard drive simply because he got a free sample. Pournelle used to joke about the bribe of the month, but the truth is that nothing was ever recommended in his column unless it was worth recommending. We ask for eval units simply because we can't afford to buy examples of each product we want to look at. Like other authors, I often buy products that I can't get evals of, and I've frequently recommended the product that I had to pay for rather than the competing product that I got a free example of. Still, I can't buy everything, and I'd think that a hardware company would want to make sure that I at least had an opportunity to look at their product. * * * * * I get mail periodically from people who are looking for guidance about setting up their own web sites. I'm no expert on web sites, but I have learned quite a bit in the process of setting up my own and running it for the last 6 or 8 months. If you want to set up your own web site, here's my advice about how to get started:
Back to work on the book... Wednesday, December 9, 1998 And still one more thing you can do with that PalmPilot you get for Christmas. The following message was posted to the Computer Book Publishing mailing list, which is run by my agency, StudioB Productions:
I've been told that no U.S. model vehicle uses IR for remote keyless entry systems. They apparently all use RF, with a "code rotator" mechanism to prevent code grabbers from compromising them. Still, those articles seem a bit over the top. It's unlikely that you could grab the entire sequence from IR backscatter, and I can't believe many people would honor a stranger's request to point their IR remote at the stranger's PalmPilot. * * * * * And this email from Bill Costa in New Hampshire, in response to an article that I originally wrote about Windows NT Workstation Backup for Windows NT Magazine. They rejected it (the first and only time as an author that I've ever had anything rejected), so I posted it to my site and sent a copy to Pournelle:
Thanks for the kind words. That was the first (and only) magazine article I've ever done. I like doing books much better. I don't know why they rejected it either. It may have had something to do with the fact that the original editor left and another arrived while I was writing the article. New Hampshire. Now there's another place I'd like to live. I admire your state motto. * * * * * Another data point in the war against cookies. For those who are unfamiliar with them, cookies are one mechanism that can be used to overcome some of the problems associated with the fact that HTTP servers are stateless. Stateless means that every interaction between a client and server is completely independent of other interactions that have occurred between them. The server doesn't keep track of past interactions with the client, even though they may have occurred only a fraction of a second earlier. In other words, no session exists. For example, if you hit Amazon.com to look for a book, no persistent session is established. Instead, each page and other element you request is delivered to you independently of all other elements served to you during your browser session. The web server has no idea that subsequent requests are related to the original request. It simply delivers individual pages to you as you request them. That makes it hard for the server to do useful things like storing your account information, keeping track of the items in your shopping basket, etc. The kind of things you'd like it to do to improve your browsing experience.. One way the web server can get around this problem is to send your browser a cookie, which is simply a small data file that your browser stores on your local hard disk. In addition to sending you cookies, the web server can also read cookies that it sent to you earlier. For example, when you add a book to your shopping basket, that item is stored in a cookie on your hard drive, allowing the web server to keep an updated list of the current contents of your shopping basket. This is a good and valid use of cookies, as is the use of cookies to store your username and password for sites that require a login. There's a darker side to cookies, however. Many people think that cookies are no security threat because cookies can only be read by the domain that created them in the first place. That's true as far as it goes, but it doesn't go far enough. A web page can be designed to redirect incoming requests transparently to a different web page, which may reside on that site on on a remote site that uses a different domain name. For example, entering the URL http://www.altavista.com causes the browser to retrieve and display the main AltaVista page. However, that page redirects your browser to a site in the doubleclick.net domain, which records your unintentional visit. Although you never explicitly told your browser to connect to any site in the doubleclick.net domain, this redirection allows doubleclick.net to take control of your browser (unknown to you) and write its own doubleclick.net cookie to your hard disk. If you subsequently visit a different web site that also has an arrangement with doubleclick.net, the doubleclick.net server can read the cookie it wrote during your earlier session and use that information to keep track of where you've been. In theory--and often in practice--these unauthorized cookies are an aid to tracking ad delivery. But they open the door to abuses of your privacy. Because companies like DoubleClick, Imgis/AdForce, and MatchLogic keep track of which web sites you visit, the potential exists for them to build a profile of your browsing habits. I don't want some faceless company keeping track of what I do on the web, and you probably don't either. Unfortunately, they make it very hard to avoid. Until recently, both Internet Explorer and Netscape Navigator gave you only three choices about cookies. The default choice, Accept All Cookies, leaves you wide open to cookie abuse. Reject All Cookies keeps you safe from the invasive actions of DoubleClick and their like, but also prevents you from using "good" cookies for their original purpose. The third choice warns you each time a cookie is served to you and allows you to decide individually whether or not to accept each cookie. The problem with that one is that a single web page can deliver many cookies. I have IE setup with the Warn option, and one web page I hit delivered almost 30 cookies. Choosing that option makes the web browser unusable. There are third-party browser add-ons like CookieCrusher that take a rational approach by allowing you to allow or disallow cookies by domain. Using one of these products, for example, you could allow all cookies except those that originate from DoubleClick, Imgis/AdForce, or MatchLogic. This is the kind of functionality that should be built into IE and Navigator, but isn't, probably because Microsoft and Netscape are implicitly or explicitly in league with those companies. So when I installed Netscape Navigator 4.05 some time ago, I was pleased to see a new option for handling cookies. The check box is labeled, Accept only cookies that get sent back to the originating server, which sounded exactly what I was looking for. I don't mind accepting cookies from the sites I visit intentionally. It's those stealth cookies delivered by redirection that upset me. So I was heartened to see this new option in Navigator. The trouble is, it doesn't work the way it's supposed to. I don't know if that's because it was never intended to, because it has bugs, or because MatchLogic and other companies have come up with crafty ways to get around it. What I do know is that I kept a close eye on my cookie file for quite a while after I installed Navigator 4.05, and it appeared to be working as expected. That now turns out not to be the case. I hit my agent's web site last night, and was shocked to see that it's now delivering cookies, including "bad" cookies. I emailed my agent, who told me that he wasn't aware that was going on and that he'd put a stop to it. But getting those cookies from his site motivated me to go out and look at my Netscape cookie file. I wasn't pleased at what I found. Below are some excerpts from it: # Netscape HTTP
Cookie File I particularly like the gratuitous warning not to edit the file. It's a standard text file, and you can delete anything you please from it. Apparently, they want to dissuade people from deleting "bad" cookies. I greatly resent the way that Microsoft and Netscape appear to actively cooperate with these companies. In fact, I think what all of them are doing is probably illegal under existing law. When I visit a web site, it could be argued that I am implicitly giving that site permission to write its own cookie to my hard disk. But nothing I have done grants permission to these other companies--whose sites I have not voluntarily chosen to visit--to abuse my computer and my hard disk by storing information that is for their own benefit. They are in essence stealing resources from me, and I suspect they could be charged under existing anti-hacking laws if anyone cared to make a point of it. For their defective cookie management mechanisms, Microsoft and Netscape should be charged as accessories before and after the fact. Thursday, December 10, 1998 The following mail from Robert Morgan about cable modems and DHCP:
Yep, that's certainly better than the 2.5 to 3 KB/s I get via dialup. Congratulations. I'm envious.
I'm not sure whether you mean there's literally a DHCP server built into the cable modem, or DHCP was delivered via a server at the central office. If the former, and if the cable modem has NAT functionality, you may be able to reconfigure it to provide private addresses behind the cable modem. If the latter, they're probably restricting you to one IP address, although I'm surprised that the DHCP server would even assign addresses to your other machines. Are the addresses assigned to your other machines private or public IP addresses? If you have a WinNT or Win9x box, I'd suggest you download the WinGate proxy server and install it on the machine connected to the cable modem. You can then configure your other machines for proxy access.
Yes, the IP address and netmask that the service provider's DHCP server assigns to the Ethernet card in that one machine puts it on a different IP network from the rest of your physical network. Depending on what OS you're running on the connected machine, you could probably assign multiple IP addresses to one card, but with Ethernet cards at $15 to $35, it'd be cleaner just to install a second card to connect to the rest of your network. Assign that second card a 192.168.100.x address, create a static route, and install WinGate on that machine. That machine talks to the cable modem on the public IP network address and to the rest of your network on the private IP address. I've never tried WinGate other than LAN-> dialup, but it should also work fine LAN->LAN. I don't know why service providers go out of their way to make things harder. I guess they figure they can restrict the service to one PC nearly all of the time and so just don't worry about what'll happen when a customer knows what he's doing. I'll post this on the site and ask anyone who's actually done a workaround for this to respond. As it turns out, I got mail from Robert telling me that he now has things under control and plans to use Linux to implement IP Masquerading, which should solve the problem. * * * * * And here's a mouse cleaning tip. While I was reformatting my cookie rant to send to Pournelle, my mouse started acting jerky. I keep a bottle of isopropyl rubbing alcohol, some cotton balls, and some Q-Tips on my credenza. When I opened the mouse, I found that I was out of both cotton balls and Q-Tips. Rather than getting up and going into the bathroom to get more, I decided to try using a pipe cleaner. As it happens, I have some of those rough pipe cleaners. They're like a regular pipe cleaners, but have stiffer bristles interspersed with the regular ones--kind of like a regular pipe cleaner with nubs. I've always had a problem getting the mouse rollers completely clean. The junk in there tends to get wrapped around the rollers, forming a tight knot that's almost impossible to get off with a Q-Tip. Sometimes I actually have to resort to scraping the roller gently with the tip of my Swiss Army knife. The rough pipe cleaner takes care of that problem. The nubs actually grab the stuff wrapped around the rollers and pull it loose. They're not rough enough to abrade the rollers, either. You can get the rough pipe cleaners at most tobacco shops and some drugstores. * * * * * And this follow up from Robert Morgan:
Yep, it sounds like they're taking strong measures to prevent anyone from connecting more than one machine to the network. From what you've said, it's not clear to me exactly what they're doing. My guess is that it's based on MAC address rather than IP address, though. One easy way to check would be to determine the IP address on the machine that works properly, disconnect it, connect another machine, and use static addressing to give it the same IP address and other IP configuration information that works on the first machine. If that doesn't work, it's a pretty safe assumption that they've married your account to the MAC address on the first machine. You could verify that by removing the Ethernet card from the machine that works and installing it in your Linux box. If your Linux box then connects, you can probably assume that the problem is MAC based. Another possibility would be to kill your DHCP configuration. In Windows NT, you can use the command IPCONFIG /RELEASE to do that. I'm not sure what the equivalent is in Win98, but there should be one. If all of that fails, you could try calling their tech support and telling them that you've just upgraded your Ethernet card and now your link doesn't work any more. When they kill it on their end, just connect your Linux box to the cable modem and see what happens. As far as the tax on media, I'm sorry to hear that. If the computer industry spent as much on lobbyists as the music industry does, we wouldn't have that problem. Friday, December 11, 1998 The cable modem discussion has been generating quite a bit of mail. I've been replying to many of them privately, but posting some of the more interesting ones. Apparently, what you get when you install a cable modem varies quite a bit depending on your provider. The first message is from my friend John Mikol, who has a cable modem through King Cable/Online South. I mailed him Robert Morgan's message about DHCP weirdities, and asked if he'd had any similar problems. He had this to say:
King Cable issues a static IP address to each customer, and apparently allows you to buy additional ones. I'm not sure why anyone would do that for a home network, but it's nice that they offer the option. But then I got the following mail from Jerry Mah. It appears that his provider, Shaw Cable, goes to the other extreme. They don't provide a static IP address at all, and try to charge you a monthly fee for each additional computer you connect. I agree with Jerry that that sounds ridiculous
As far as the ATI drivers, I don't know any reason why they should return that message. If you're logged on as a user with administrative privileges but not as the actual account Administrator, you might try doing that. If you're logged on literally as "Administrator" already, the only thing I can think of (and this is truly unlikely) is that you're working in a domain environment and the account "Administrator" is a member of the Domain Admins group but not of the Administrators group on the local machine. Maybe someone else has other ideas about this. As far as the proxy server, WinProxy is indeed a good product. Another product you should look at is WinGate. It's what I use here. * * * * * And speaking of here, "here" needs a name. Chaos Manor, while appropriate, is already taken. So what I need is a short memorable name for this place, preferably one that won't be seen as too derivative of Pournelle's Chaos Manor. All nominations gratefully accepted. * * * * * My tirade on cookies is generating a fair amount of mail. Here's one from Nat Fairbanks:
Well, no, I didn't miss anything. I think I was pretty clear that it was the advertiser's web server that was actually sending the cookie. By definition, a cookie can only be accessed by the originating server, or by one in its domain. So, logically, Netscape phrased the description for that option button pretty poorly. If taken literally, it would describe exactly the same option as the "Accept all cookies" option button immediately above it. Any reasonable person would believe that selecting "Accept only cookies that get sent back to the originating server" would disable cookies that originated on a domain other than the one at which they had explicitly pointed their web browser. Otherwise there's no point to having that option button.
No, AltaVista has everything to do with sending me that cookie. They put the code on that page that causes that cookie to be retrieved from a foreign domain. And retrieving cookies from foreign domains is in no way required to keep the web working.
Making the cookie file unreadable works with Navigator as you describe, but IE uses individual cookie files and there is no way I've found to stop it from writing those cookies. Even making the directory itself read-only doesn't work. But all of this begs the question: why should I have to go to extra effort and disable some of the useful capabilities of my browser just to prevent some company from engaging in nefarious activities that are against my interests? Accessing my computer and writing a file to my hard disk without my knowledge or consent is already illegal. Why should they be allowed to get away with it?
Well, yes, there are numerous ways to get around cookies, but the point is that all of them require effort that I shouldn't have to make, and most of them reduce the capabilities of the browser. By taking actions to eliminate "bad" cookies, I also crimp the ability of my browser to work with "good" cookies. There's no excuse for allowing this to continue. * * * * * And still more on cookies, this from Paul S R Chisholm:
Good points. And in fact I used to keep images turned off in my browsers, not so much to avoid cookies as to make pages load faster. But that's no longer a viable choice. Many web sites today are unusable with images turned off. Nearly all web sites used to offer a text-only option, but that's becoming much less common. And why should we have to forego an important browsing capability just to help avoid cookies? As far as the Navigator "Accept only cookies.." option, my experience is the same as yours. Fewer "bad" cookies, but still some.
Yes. IE3 puts cookies in my \WINNT\Cookies folder. That folder is still present with IE4, but it now puts cookies in the \WINNT\Profiles\<username>\Cookies folder. They appear to be in the same format there, though. Microsoft's relationship with cookie vendors carries through even here. When you delete one, instead of getting the usual confirmation warning, you get words to the effect of "The file you are about to delete is a Cookie! ...". I guess they use the exclamation point as a way to convince novice users that there's something particularly dangerous about deleting a cookie.
The thing about "may not display correctly" is yet another red herring designed to convince novice users that Cookies are mandatory. Yet more evidence that they're in bed with the cookie producers. I think it's also significant that IE conceals the source of the cookie. You get the options Yes, No, and More Info. If you want to see where the cookie is from, you have to click More Info for each cookie. They obviously want you to accept cookies without knowing who's sending them. Otherwise, why not simply display the additional information by default, or at least allow you to make the expanded display the default rather than having to click More Info each time?
I don't think about it that way. I put LinkExchange in with the other "bad" cookie sources. I despise ads in any form, whether they be on TV or a web site. I'll pay for TV programs without ads, and I'd happily pay for web content I wanted. What we're sadly lacking at the moment is a micro-money mechanism. Pournelle's talked a lot about Digital's MilliCent, and that would be a good mechanism if it became widely implemented. I don't see that happening any time soon, however. It has the fatal flaw of being proprietary in a world where Internet standards rule. What we really need is for the IETF to do RFPs for micro-money. If an open micro-money standard existed, I think you'd see the use of micro-money explode overnight. That would also cause web content to flower. * * * * * FedEx just showed up with a copy of Red Hat Linux 5.2 and a copy of the Red Hat Linux Variety Pack. Red Hat Linux Powertools is backordered, but I expect to get it in the next week or two. These folks are fast. I emailed my contact at Red Hat at about 5:00 Wednesday afternoon to request a copy of 5.2 and here it is already. * * * * * And I'd better get back to work. Barbara is off today, and we have several errands to run. Not least among them is getting our cell phones reprogrammed for the new area code. That has to be done by 12/31 or they'll stop working. Then I have to install some software for her and do a bunch of other stuff in her office. And I need to do my network backup. This day will be consumed by locusts. * * * * * Friday Afternoon: We never did get out to run the errands. I had to climb up on the roof to blow out the gutters for the lats time this year. While I was up there, I put the plastic bag covers on the cyclone ventilators. Then the main drain started fountaining again. I thought (hoped) that the problem was temporary, but apparently not. Fortunately, I'd duct taped a trash bag over the drain pipe for the washing machine (where all the stuff fountains from) to prevent it from splashing all over the washing machine and dryer. The water still ran all over the floor, but at least it didn't spray all over the washer, dryer, tables, and so forth as it did the first time. So we moved everything out of the basement and called the rooter folks. They showed up a couple hours later and drilled out the main drain. After that, we washed down the basement and put everything back. Not a nice way to spend the day. And mail has been coming in fast and furious.... * * * * * More on cookies from Nat Fairbanks:
Yes, but see what Chris Fullerton of Netscape has to say. * * * * * And still more mail on the cookie issue, this one from Chris Fullerton of Netscape:
You're right on all points, of course. I was using the term file loosely. Netscape does indeed store cookie data within one file and IE as separate cookie files. As far as persistent versus non-persistent cookies, the non-persistent ones are useless to the tracking companies, as they could only track your visits within one browser session.
I was using the term "redirect" to mean that HTML code on the site that I explicitly visit causes my browser to retrieve data from another site entirely. I call that redirection. If that's not the correct term technically, I apologize. As far as taking control of my browser, I consider sending code that causes my browser without my knowledge or permission to write data to my hard drive to be taking control of it.
Well, no, that can't be the cause. I say that because I've seen this behavior occur on a computer that doesn't have a mail client installed. It sits behind a proxy server, and POP and SMTP aren't configured on that client. I've also watched it occur on another computer that does have an email client installed. In this case, the mailer wasn't opened, and my cookie file had no "bad" cookies on it. I visited many sites during that browser session, so I can't say for sure which site did it, but I ended up with a preferences.com cookie in my Netscape cookie file afterwards. I know that that couldn't have been caused by mail, either, because my POP server happened to be down all that afternoon. As I mentioned, Netscape's "Accept only cookies that get sent back to the originating server" seems to work most of the time, so I'm willing to concede that Netscape is at least attempting to address the situation. I've had several other people tell me basically the same thing--that this option keeps most but not all bad cookies off their hard drives. If I had to guess, I'd say that preferences.com and other similar companies have come up with a way around this restriction.
Yes, but again, the point is why should I have to do this? I have not given doubleclick.net, Imgis/AdForce, Preferences.com or any of those companies permission to write cookie data to my hard disk. They are doing this for their own benefit, without my permission, and against my wishes. What you are suggesting is equivalent to letting a burglar go free and blaming the homeowner for not installing better locks.
They're free to sell all the ads they want. I'll even look at one once in a great while. But what they aren't free to do is hijack my hard drive for their own nefarious purposes. What they perceive as their own need gives them no claim whatsoever on my resources. * * * * * And more from Paul S R Chisholm about micro money and advertising:
Well, I don't think we're in disagreement here at all. What you call "too many standards" I call a lack of a standard. When I think of standards, I tend to think of IETF first, because this is after all intimately related to the Internet. As far as looking to the financial community, I don't think that's likely to be workable. There are too many economic and regulatory disincentives. To the extent that they're looking at micro-money at all, each bank will attempt to establish its own "standard" for competitive reasons. At least until and if one proprietary standard becomes widely accepted, the incentive is for each bank to go its own way and grab as many users as possible. Microsoft could probably establish a real standard by sheer main force, but I don't think they'll be likely to attempt that, particularly given their current problems with the Justice Department. Perhaps they'll use their clout to establish a truly open standard. That'd be the best of both worlds, and it may happen. Although Microsoft bashers deny it, Microsoft has done many things for the benefit of the general user community without consideration for their own bottom line. Perhaps they'll do it again.
Well, I'm not sure we disagree here, either. But if there's anything that all of this technology is about, it's about increasing personal choice. You can see that now in many ways. Various companies provide "free" email to people willing to suffer through ads while reading their mail and have an ad attached to each of their outgoing messages. Instead of being limited to what your local bookstore stocks, you can get anything you want from Amazon.com or BarnesandNoble.com. You can shop in your pajamas when the stores are all closed. Ultimately, what all of this is doing is increasing the number of choices that people have available. I think that trend will continue and accelerate. VCRs were all about choice. People bought them so that they could watch what they wanted when they wanted. Once the datacom infrastructure grows to the necessary level and IPv6 gets deployed, we may see an end to broadcasting in the traditional sense. You'll order what you want when you want it and have it delivered on demand. The realities of distribution have introduced friction in various respects, and e-distribution is eliminating a lot of that friction. For example, albums and later CDs were created as a distribution "bundle." There was no convenient way using traditional distribution to sell songs individually. The technology is starting to change that. You can now buy individual songs rather than an entire CD. That's going to have a Darwinian effect that will be all to the good. Right now, the weak stuff is carried by the strong, because they're bundled. Once they're unbundled, everything will have to survive on its own merit. When you buy a magazine, you pay for the bad articles with the good. When you buy individual articles, bad articles don't get bought. But the flip side of that is that mass-market considerations become much less important. Good things can survive without having a huge potential base of buyers. Before the web, you wouldn't be reading this column, because no one would have published it and I wouldn't be writing it. The web gives anyone willing to devote the time it takes and a few dollars a month the equivalent of their own printing press. So niche efforts can survive with the web as they never could before.
That's a hard one to answer. I have an immensely complex mail environment, with multiple domains, POP servers, SMTP servers, Proxy servers, autoforwards, etc. The short answer is that I need a Reply-to: address to make sure I get all my mail where I want it. I hadn't thought about putting my full name in there with the address, though. I'll give that a shot, assuming I can figure out a format that Outlook and some of my other mail related software won't choke on. * * * * * And more from Robert Morgan on cable modems:
Well, you actually are going to use more bandwidth with more than one machine connected. The total bandwidth available to you remains the same, but the amount you actually consume is likely to increase as you add machines to your network. The cable modem company is taking the same approach that the phone company does when they charge more for a business line than a residential line. It's the same phone line, but (in theory, at least) the business line will be used more heavily. They charge more heavily still for trunk lines, which again are just ordinary phone lines. But the usage differs. If the average residential line is in use 5% of the time, the average 1FB business line may be in use 15% and the average trunk 85%. So they charge different amounts for the same physical pair of wires, depending on the use you put it to. In some respects, this is justified. At least to the extent that you're consuming additional resources. I wouldn't like it either, but they do have a point. I think that $10/month per additional machine is pretty outrageous though. Something like a buck or two--as many people have to pay for each additional cable TV outlet, for which they are not consuming additional resources--might be reasonable. I'd just put it behind a proxy server and be done with it. * * * * * And Chris Fullerton of Netscape responds to my response:
Okay. I'll withdraw the term "redirect" and replace it with the cumbersome but more accurate phrase "sneakily and without your permission retrieve from another site content that you did not ask for and do not want", or SAWYPRFASCTYDNAFADNW. No, come to think of it, I'll just keep saying redirect.
Now there's a real possibility. I've never much liked frames anyway, so that would give me a rational reason for disliking them.
Well, what you're not taking into account is that I'm functioning as a critic here, not as an author. As all authors know, authors create and critics criticize, usually unjustly. Heinlein reserves a special place in hell for critics, but I kind of enjoy turning the tables once in a while. But, yes, I would like the tools to be better. Persistent cookies delivered by foreign domains are a security/privacy threat. When such a threat is discovered, both Netscape and Microsoft usually fall all over themselves to plug the gap. Why haven't they done so in this case? I do admit that there's a big difference here between Microsoft and Netscape. Microsoft appears to do everything they can to force these nasty cookies on users. Netscape at least tries to address the problem. So, no, I'm not really saying this is Netscape's fault except to the extent that they with Microsoft were the company responsible for popularizing cookies in the first place. The last time I looked, Opera didn't support cookies at all. I'm not sure how they handle stuff like shopping baskets and automating logons to password-protected sites, but I may check out their browser. In the meantime, I've shifted to using Netscape Navigator as my primary browser. I prefer IE in many respects, but their cookie handling has driven me away from them. Nowadays, I use IE only for such things as checking my own web site to see how it looks in IE or visiting the Microsoft site. For everything else, I use Navigator.
Well, I may be in the minority in the sense that many users aren't aware that their privacy is being raped. But the issue is that companies like DoubleClick, Imgis/Adforce, and Preferences.com have no right to assume that they can put stuff on my hard drive without my permission. And you're right, I'd complain if they had a cookie-free method of tracking my web usage. What these people are doing amounts to virtual stalking, and something needs to be done to put a stop to it. Much as I hate spam, at least spammers are up-front about their obnoxious activities. What these people are doing is behind the scenes and all the worse for that. * * * * * And the following from Bret Musser regarding cable modems:
Yes, that all makes sense. However, I do know that some such devices do literally have DHCP servers built into them. For example, my friend Steve Tucker just installed a 3Com ISDN router, which has a DHCP Server built right in. You manage it with a web browser. I was assuming that cable modems might have the same functionality, but I'll take your word for it that they don't. Or at least I will until someone mails me and swears that his cable modem does have its own DHCP Server. Things change fast.
Right. That's exactly what I recommended that Robert Morgan do. He's running Linux, so he shouldn't have much problem getting along with just one IP address.
Thanks. That's a very useful piece of information. I'll forward your message to Robert Morgan in case he misses seeing it on my web site.
Yep. I do think that $10 a month is a bit much, though. What they're obviously trying to do is restrict bandwidth usage, and I can kind of see their point. Most of the people who read this are a lot more sophisticated than the average home user, so getting around these things isn't much of a problem. But I've got to think that cable companies who attempt to restrict home users are making a mistake. When it comes right down to it, what's the difference between having one PC connected to the cable modem and having two or three connected? There may be a slight increase in traffic, but probably not much. And there's really no way to say that one home that has only one PC connected will generate less traffic than another home that has two or three. Saturday, December 12, 1998 Yesterday I started playing around with MP3, which seems to be the coming thing in audio. I don't know a thing about it, so I decided it was time to learn. MP3 is a lossy compression technology that allows digital audio data to be compressed to a small fraction of its original size while still maintaining near-CD quality. A typical 600 MB audio CD turns into about 60 MB of MP3 data. With hard disk space rapidly approaching one cent per MB, that means I could store a complete audio CD on about a dollar's worth of hard disk space. I got started on this because of the main drain backing up. Taking care of that meant I never did get out to get our cell phones reprogrammed for our new area code. While doing that, I'd intended to stop at Computer and Software Outlet, which is near GTE Wireless, to pick up a CD audio cable, which Barbara's computer doesn't have. Right now she's using her portable CD player to feed the second input on her computer speakers. I figured that if I can get MP3 working I could just copy a dozen or two of her favorite CDs up to her hard drive and store them as MP3. I'll have more on this once I actually get things working and have a moment to jot down my notes about it. * * * * * My mailbox was loaded again this morning. I'm posting maybe 25% of the mail I'm getting, and even at that it's taking way too much time. I need to come up with a more streamlined way to do it. Perhaps I should go to separate mail page. I'm posting the first letter because it mentions something that's been concerning me: From Jim Stephens:
No, with a couple of exceptions, I don't even know the people whose messages are being posted here. I often get mail from half a dozen or more people on the same topic, often making pretty much the same point. When that happens, I usually end up posting the first one I receive. Sometimes, I'll check my mail in the morning and find a batch of messages all on one topic. When that happens, I post the one I think did the best job of covering the topic at hand. Also, some of these messages are ongoing exchanges. In those cases, I do try to post followup messages from the person who originally started the exchange. * * * * * And the following from Chuck Waggoner:
I don't know that I'm more optimistic, but I do think we should fight privacy abuses. And it's people like us who have to do it. The vast majority of Internet users don't even know that cookies exist, let alone what's being done with them. Most of them would be very upset to learn that their movements were being tracked without their knowledge or permission by faceless companies. But as long as browser vendors continue to make "Accept all cookies" the default, the average user is unlikely to realize what's going on, let alone do anything about it. Most browser users don't even change the default start page, let alone check advanced options.
Yep. I'm as outraged as you are. We don't have children, so we don't buy many video tapes. When friends of ours let us borrow a tape that my mother wanted to watch, I was shocked to see that this tape for which they'd paid $20 or more had eight minutes of commercials before the opening credits. That's foul. And I agree about public television. Barbara and I used to send them a check every year, but we've given up. The final straw was when Travellers' Insurance picked up Mystery and started running a commercial at the beginning of it. I've often wondered why books don't have ads. At some point, some clever marketing guy is going to come up with the idea of selling ad pages in the latest Tom Clancy or Anne Rice, and then we'll be lost...
Yes, but then there's the example of HBO, Showtime, etc. They've established that people are willing to pay for uninterrupted content. Certainly many people subscribed to these services because they ran recent movies before the networks did, but many also subscribed because the content was free of commercials. MilliCent or something similar is critical, because it allows people to access premium content without making an expensive or long-lasting committment to a site. Paying $10 for a year's access to Pournelle's site is one thing. A lot of people will pay that, sure, but a lot more won't. MilliCent would allow him to charge five cents a day instead, and a lot more people would risk that five cents than would risk the ten dollars. The other thing MilliCent gives us is the ability for small sites to compete with large ones. Right now, advertising is starting to concentrate in the larger sites, leaving smaller ones out in the cold. MilliCent would allow smaller, more specialized sites to compete on an equal footing with the behemoths.
That's truly strange. This is the first I've heard of that happening. I'm not even sure how it could happen.
You're probably right... * * * * * And this from Shawn Wallbridge:
Yep, the DHCP server is at Shaw. The one item I find particularly interesting in your list is the subnet mask. That 254 means that they're using nine bits for the host address (/23 in CIDR parlance), which means each subnet has 512 addresses. Apparently, they think each cable segment can support 500 users, which seems a bit much to me. * * * * * And this from the Boatright Family about Opera and cookies:
Thanks. It appears that Opera also supports cookies now. I guess there's no fighting it. I do think it's interesting that Opera allows you to disable Referrer Logging. As far as I know, neither IE nor Navigator even gives you this option. As far as Cookie Logging, given the good things I've heard about Opera, I'm kind of surprised that they don't have better cookie filtering built-in. Sunday, December 13, 1998 Barbara and I spent yesterday evening with our friends the Tuckers listening to it rain. It poured from dinner time through the night. My guess is that we probably had six inches or more of rain, although we don't know for sure because Barbara takes down her rain gauge when freezing weather is in prospect. At any rate, the drought should be over. Winston-Salem gets its domestic water supply from the Yadkin River and so never has to worry about drought. But our sister city, Greensboro, thirty miles to the east, depends on reservoirs, and was beginning to panic. They'll be very relieved to get this rain. Today is devoted to chores around the house, so I'd better get started on the laundry. * * * * * And more on the Opera web browser from Rick Boatright:
Yep. That's a good point, and I wasn't really criticizing Opera. As I mentioned, I've heard good things about Opera. In fact, I don't think I've ever heard anyone have anything bad to say about it. But then Bo Leuf has this to say:
Hmm. Well, if that's the case, I don't think I'll be using Opera. At the very least, I want the ability to delete bad cookies while keeping the good ones. I'll be interested in hearing what their tech support has to say. * * * * * And Robert Morgan has this advice about MP3:
Thanks for the advice. The WinAmp page was probably the first one I hit when I started looking for stuff. Several people have told me that it's the default standard MP3 player, and I'll probably check it out. I also found the XingTech page early on, and its products looked impressive. However, since I'm just playing around, at least for now, I decided to see what kind of freeware was out there. For ripping (which you know but some may not is the process by which audio data is extracted from the source audio CD), I'm using a product called CDCopy. It's shareware, but not crippled. For MP3 encoding, I'm using BladeEnc, a freeware product. Although it's a Win32 program, it uses a text-mode interface that looks like DOS. There are any number of graphical front ends available for it, though. You're certainly right that the CD drive has a major effect on ripping, although I've not had any problems with the two IDE drives I've tried. On my main Pentium II workstation, I used a Teac 24x IDE CD drive. It ripped an hour's worth of CD music in about 15 minutes, yielding about 4x performance. Just to see how much hardware affected speed, I tried ripping the same CD on my Dell 200 MHz Pentium system. The IDE CD drive in it is at least 8X, and I think perhaps more. It ripped an hour's worth of CD music in about an hour, yielding 1x performance. I suspect anything slower would have caused problems. * * * * * And Roger G. Smith has been checking out how my latest book is doing on Amazon.com:
Yes, as you know, the Amazon.com rankings are an ongoing source of debate on the Computer Book Publishing mailing list. No one can figure out exactly how they're arrived at, what period they cover, etc. Windows NT TCP/IP Network Administration first appeared on the Amazon.com rankings a month or so before it actually hit the bookstores. I check its ranking frequently, and I've seen it as high as 159 and as low as 8,xxx, although it seems to spend most of its time between about 500 and 1,500. That's actually pretty good, and should translate into reasonable sales. At least I think it should. As I said, no one can figure out exactly what the numbers mean, except that it's better to have a relatively low ranking number than a high one. O'Reilly sends out royalty statements quarterly, about 45 days after the end of the quarter, so I won't have any real sales numbers until about mid-February.
Coming Soon (I hope) |