Monday, 13 September 2004
[Last Week]
[Monday] [Tuesday] [Wednesday] [Thursday]
[Friday] [Saturday] [Sunday]
[Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
08:40 -
Frustrating day yesterday. When Barbara got back from playing golf, we
attempted to install the new CD receiver and speakers in her truck. The
speakers went in without a problem, but when I removed the dashboard
and started to install the CD receiver, I found that Crutchfield's
"easy-install" kit required soldering a dozen pairs of wires together.
I only had enough slack for the truck end of the wires to extend an
inch or so out of the dash opening, so I didn't want to attempt to
solder them there. We were heading over to Barbara's sister's house for
dinner and to work on their PC, so we decided to stop by Lowes on the
way and pick up some butt-splice crimp connectors. I thought I had some
of those around, but couldn't find them.
We got the crimp-on connectors and got to Frances' house by about
3:00 p.m. I backed up their data, mostly mail and bookmarks, and pulled
the current hard drive from their system. I replaced the original 5,400
RPM Western Digital drive with a 7,200 RPM 160 GB Maxtor and installed
Xandros. That went smoothly, until Xandros prompted me to create an
Internet connection. Huh? I'd never seen that particular wizard, but I
figured maybe it was because I use a router at home whereas their
system is connected directly to the cable modem, using ZoneAlarm to
protect it.
I followed the wizard until it blew up, telling me there was no
connection. I finally looked at the cable modem, only to find that the
Cable light was out. Frances called Time-Warner to tell them their
Internet connection was down, and they scheduled a visit from a
repairman for this morning. That pretty much meant an end to what I
could do with their system. I set up their mail accounts for them
blind, telling them that they'd have to enter their passwords the first
time they checked mail, after the cable modem was back up.
We had a nice dinner, and then headed home. As soon as we arrived,
we went to work on Barbara's truck. As I tugged gently on the wiring
harness, trying to get another inch or two of slack, it suddenly slid
out a good six inches. As it turned out, there was an in-line connector
that'd been caught on the back edge of the mounting tray. Once that was
free, I had several extra inches to work with. In fact, I was able to
disconnect the in-line connector, meaning I could take it into the
downstairs guest suite and work comfortably with a lamp. So, I crimped
the dozen wires from the adapter Crutchfield had provided onto the
wires on the short cable segment I'd pulled from the truck.
I should have realized what I was doing wrong when I noticed that
the two cable segments I was holding were identical. The same adapter
on one end, and the same dozen wires with the same colors. After I
finished crimping the two together, I belatedly opened the CD receiver
box, only to find yet another cable segment with bare wires on one end
and a plastic connector on the other. That connector mated to the CD
receiver, and was completely different than the identical connectors on
the cable segments I'd just crimped together. Oops.
To make a long story short, the two cable segments I'd crimped
together looked identical because they were identical. The one I'd
pulled from the truck was the older equivalent of the adapter
Crutchfield had provided the last time I'd installed a radio for
Barbara. Duh.
No harm done, except that the little container of butt-splice
connectors I'd bought had 22 splices. I'd used thirteen, twelve to
connect the wires, and one I'd wasted. That left me with nine, three
short of what I needed. Then I realized that I really needed only
eight, because Barbara didn't want her rear speakers connected. I was
about to start over, but I was mentally and physically whacked, so I
decided to wait until I was rested. I put Barbara's dashboard back on,
and she drove to work this morning with a hole in her dash.
Heads-down writing all week, so updates will be sporadic. We also
supposedly have Ivan the Terrible headed our way later in the week.
09:30 -
Someone asked me what I thought about the forged Bush memos. I'm not a
forensic document examiner, but it was clear to me at first glance that
these memos had been forged, and incompetently so. No question about
it. About the only thing they got right to conceal the forgery was
using generational degradation by photocopying photocopies.
Those forged memos were done on a computer, and anyone who says
otherwise is either ignorant or disingenuous. I picked up instantly on
the superscripted "th" and the kerning. There were proportional
typefaces available back then, but they weren't kerned, and the
technology to do that didn't arrive for many years after those memos
were supposedly typed. Also, these documents were clearly printed
originally on 8.5" wide paper, and I seem to remember that the military
at that time used smaller sheets, something like 7.9" X 10.4".
There are numerous other minor points, such as the suspicious space
before the "th", which are a pretty good indication that these
forgeries were done with a modern version of Microsoft Word. Try typing
"111th" followed by a space in Word and you'll see what I mean. As soon
as you press the spacebar, the "th" is superscripted automatically if
Word is using default settings. But if you insert a space between "111"
and "th", the "th" is not superscripted. It's likely that the person
who typed these forgeries wasn't an expert in Word and didn't realize
he could turn off the superscripting in the autocorrect dialog.
But the real question is who forged the memos and what knowledge the
Kerry campaign had of the attempt. I suppose it's remotely possible
that this crime was committed without the knowledge of the Kerry
campaign, but I think it unlikely. (I am assuming that forging official
government documents is in fact a crime, although IANAL). It seems to
me that the next step should be for the FBI to get involved. They need
to have a heart-to-heart chat with the person who handed over these
forgeries to CBS News and work their way back the trail to find the
person or people who were responsible. My guess is that the trail would
lead deep into the Kerry campaign, although it's likely that Mr. Kerry
himself was unaware of the crime, if only for plausible deniability.
Mr. Kerry is plainly terrified that the Swift Boat Veterans' campaign
has succeeded and that he'll lose the election because of it. These
forgeries are a pretty transparent attempt to put the ball back in Mr.
Bush's court. If my assumption is correct, that forging and uttering
official government documents is a federal offense, the FBI should be
all over this one, not just because of the forgeries, but because they
represent a criminal attempt to influence the outcome of an election.
[Top]
Tuesday, 14 September 2004
[Last Week]
[Monday] [Tuesday] [Wednesday]
[Thursday] [Friday] [Saturday]
[Sunday] [Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
08:47 -
Linux terrifies Microsoft. Linux is eating Microsoft's lunch in server
space, and beginning to make serious inroads on the desktop. But Linux
isn't the only OSS software that keeps Microsoft awake at night.
Windows is only half of Microsoft's cash cow. The other half is MS
Office, and that's threatened by OpenOffice.org.
Here's an interesting article from Groklaw
that lists the provisions in their recent play-nice agreement that
relate to OOo. Basically, Sun and Microsoft agree not to sue each other
or either's authorized licensees for any patent infringements that
occurred prior to their agreement, except
that Microsoft reserves the right to sue anyone other than Sun who
distributes OpenOffice.org. Hmmm. I wonder what Microsoft is thinking.
They can't be planning to shut down OOo with patent suits, can they?
This is one more example of why the idea of software patents is fatally
flawed. Formerly, software was protected by copyright, which is as it
should be. The expression was protected, but not the idea. With
software patents, we end up with absurdities like Amazon's one-click
patent or Microsoft's attempt to patent the idea of using the tab key
to move between fields. The real effect of software patents is to allow
well-funded corporations like Microsoft to eliminate competition and
keep software prices artificially high.
Jack Messman, CEO of Novell, said yesterday that Microsoft has "sucked $60 billion" out of the industry
by using various methods to keep the price of their software
artificially high. Software patents had little to do with that in the
past. Most of it was a result of bundling, differential pricing,
Licensing 6, and so on. But Microsoft has recently started going after
software patents in a big way, so the reasonable assumption is that
Microsoft plans to use these software patents to kill OSS as one means
to sustain their artificially inflated software prices. This needs to
be stopped.
[Top]
Wednesday, 15 September 2004
[Last Week]
[Monday] [Tuesday]
[Wednesday] [Thursday] [Friday] [Saturday]
[Sunday] [Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five
Years Ago Today]
08:17 -
I was ill yesterday and didn't get much done. That leaves me with a
backlog of stuff to get done today, so I'd better get to work on it.
This from Jim Cooley:
-------- Original Message --------
Subject: Taxation and representation
Date: Tue, 14 Sep 2004 21:17:00 -0400
From: James Cooley
To: Robert Bruce Thompson
Bob,
I think you've mentioned your
views on who should vote before, but I've forgotten them. I rarely make
comments on a blog, but when I saw the question below I responded off
the top of my hat and remembered you'd said something similar.
I'm curious how closely our views correspond.
http://www.janegalt.net/blog/archives/004899.html/
As I've said
before, if we must have voting, I think it's a good idea to restrict
the franchise as tightly as possible. I'm in favor of literacy tests,
poll taxes, means tests, and other measures that are designed to weed
out casual, ignorant, and stupid would-be voters. I also think the
qualifications should differ according to the type of election.
For example, for a
local election, for which local property taxes always support the
decisions made by those being elected, I think only those who own the
property to be taxed should be permitted to vote. I'd make that a
simple test. Only those who own or co-own with a spouse the property
where they reside and will consequently be paying property taxes
directly should be entitled to vote in that election. As to
free-and-clear ownership, that's a matter for discussion. I'd certainly
consider someone who was in the first year of paying off a mortgage on
his home to be better qualified to vote for candidates who set local
property taxes than someone who lives in an apartment.
A better method
might be to weight each vote according to the property taxes paid. For
example, if I'd paid $3,500 last year in local property taxes, my vote
is weighted at 3,500 units. Someone who paid twice as much has his
voted weighted twice as heavily, and someone who paid half as much has
his vote weighted half as heavily. Someone who paid no direct property
taxes, including apartment dwellers, has his vote weighted at zero. The
old saw says that responsibility and authority should be commensurate,
and this would accomplish exactly that.
For statewide
offices, the weight of a particular vote should be proportional to
taxes collected at the state level, including state income taxes, sales
taxes, and so on. Taxes like sales taxes that are not paid in one chunk
could be fixed statutorially by income level. The same thing could be
done at the federal level, based on federal income taxes paid.
Or, if all of that
is too complicated, we could simplify by using a means test that
requires a specified level of net assets as a requirement to vote. For
example, we could set the bar at some reasonable level, say, $50,000
net assets, and allow only those who could prove they had at least
$50,000 in net assets to vote in any election.
11:28 - I just got email from someone who says that Linspire
(formerly known as Lindows) is now offering a free download of Linspire
4.5. To get the free copy, select the Digital Download Only version of
Linspire for $49.95 and then apply the coupon code "deviant9" on the
following page. I haven't tried this, but I figured I'd pass it along
for anyone who's interested.
[Top]
Thursday, 16 September 2004
[Last Week]
[Monday] [Tuesday]
[Wednesday] [Thursday] [Friday] [Saturday]
[Sunday] [Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
11:33 -
Three critical vulnerabilities in Mozilla, Firefox, and Thunderbird
were announced yesterday, along with seven other less important flaws.
All of those flaws are fixed by the most recent releases of the Mozilla
programs, which were available for download at the same time the flaws were announced.
Interestingly, all of these flaws were uncovered as a result of
Mozilla's new bounty program, which pays a nominal $500 bounty to
anyone who uncovers and reports a security hole. As is usually true for
Open Source Software, the fix followed quickly on the heels of the
vulnerability report.
If you're running Mozilla, Firefox, or Thunderbird, download and
install the latest versions now. No known exploits of these flaws
exist, but now that they've been made public it probably won't be long
before someone attempts to exploit them. If you're running Mozilla
under Windows, you can just download the installer .exe and install it
per the directions provided. If you're running Mozilla under Xandros,
you can download the tarball and install it per the directions that Ron Morse posted on the messageboard.
Speaking of Mozilla, it appears to be making huge gains at the expense
of Internet Explorer. John Dvorak said the other day that more than 50%
of the visitors to his blog were using some form of Mozilla. That
motivated me to check my own server logs, which tell me that about 40%
of my visitors are running some form of Mozilla. I also checked
Pournelle's logs, and found that 2/3 of his visitors were using IE. The
remaining third, with the exception of a few Mac users, were using some
form of Mozilla.
This really bodes ill for Internet Explorer. Certainly, the people who
read Dvorak, Pournelle, and me are much more technically inclined than
the average user, but if our logs show 33%, 40%, even 50%+ Mozilla
usage, that is also predictive of a huge uptake of Mozilla among
general users. It seems to me that IE has already lost the battle for
mind share among knowledgeable users, and those knowledgeable users are
also opinion leaders.
Until recently, IE had a 95%+ market share. Its decline is already
apparent in server logs everywhere, and that decline is accelerating. I
expect to see IE market share drop into the 85% to 90% range by year
end and into the sub-70% range by year end 2005. All of that is
assuming just the usual ongoing plague of viruses/Trojans/worms and IE
exploits. If another major epidemic hits, that decline will be
accelerated further. And don't forget that Microsoft has left users of
pre-XP Windows versions high and dry. There are tens of millions of
Windows systems out there for which no patches are available for known
vulnerabilities. Those myriad systems are ripe for trouble.
Microsoft supporters will doubtlessly point to yesterday's announcement
of Mozilla flaws as evidence that IE is no worse than Mozilla in terms
of security. But they miss the point entirely. Mozilla actively hunts
down bugs and eradicates them quickly. Microsoft allows known bugs to
exist unpatched, sometimes literally for months.
If I'm running Mozilla on Windows 2000, all I need do is download and
install the latest Mozilla version and I'm protected against all known
security holes. If I'm running IE on Windows 2000 or earlier, I'm out
of luck. Microsoft hasn't seen fit to patch known severe flaws in IE
running on Windows 2000 and has no plans to do so, ever.
The only solution Microsoft offers is for you to upgrade to Windows XP,
which of course you have to pay for. That's simply unacceptable.
Microsoft should fix the security holes that exist in IE running on
Windows 2000 and provide that fix free of charge. If they can't fix the
security holes in Windows 2000, they should provide free upgrades to
Windows XP for all licensed Windows 2000 users. Knowing that a severe
security hole exists and refusing to fix it without charging for the
fix is simply unconscionable.
My advice, regardless of whether you're running an older version of
Mozilla or IE, is to upgrade to the latest version of Mozilla.
15:01 - The RIAA is evil, certainly, but I can't believe even they would be stupid enough to swallow this bait.
If this supposed leaked document is for real, Microsoft has proposed
including their own proprietary CD lock-down standard in Shorthorn, but
requires the music industry to sign on to this proposal on almost no
notice. As much as the RIAA would love to have a reliable CD lock-down
standard, they must realize they'd be handing the keys to the kingdom
to Microsoft if they accept this proposal.
Even if all of the RIAA members were favorably inclined to the
proposal, I can't imagine that a consensus could be reached by next
Monday, which is the supposed Microsoft deadline. And I can't imagine
that all (or any) RIAA members will be favorably inclined. In effect,
Microsoft is saying "trust us", and I have to think that the RIAA will
not be inclined to take something on trust that is so important to them.
[Top]
Friday, 17 September 2004
[Last Week]
[Monday] [Tuesday]
[Wednesday] [Thursday] [Friday]
[Saturday] [Sunday] [Next
Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
08:35 - Someone sent me this...
Amongst all the other items on my to-do list is building a Linux
server. Or perhaps I should say installing Linux on a server that I've
already built. For the time being, we're using messier, my former primary desktop system, as an ad hoc
server. Messier runs Windows 2000 Professional, and would be a quite
capable Linux server. It has only a P4/1.7 processor, but it does have
512 MB of RAM and a SCSI tape drive. Perhaps I'll simply pull the hard
drive, install a couple of ATA drives that I can mirror, and have done
with it.
I seem to be doing a lot of that lately, pulling hard drives, that is.
I pulled Barbara's Windows 2000 drive before I installed Xandros for
her. I pulled Barbara's sister's Windows XP hard drive before I
installed Xandros for them. And now this one. I'm ending up with quite
a collection of hard drives on the shelf.
At any rate, I've been thinking about which Linux distro to install on
a server box. My first inclination was to install SuSE, but the more I
think about it the more I think I'll install Xandros on the server.
That may seem an odd choice, but bear with me.
First, this will be a simple file/print server, so Xandros in its
default configuration could do the job quite well. I don't need to run
DNS, DHCP, a web server, a mail server, or any many other servers I
might have thought about running on this box.
Second, Xandros is as good at connecting with Windows clients as is
Windows itself. Sometimes better. My first thought was that I didn't
care about connecting Windows clients, because there wouldn't be any.
Then I realized that wasn't true. I'll certainly want our Windows 2000
notebook to be able to connect to the network, and I'll always have
several Windows test-bed systems running. So Windows connectivity is
important, and I don't know of another Linux distribution that makes
Windows connectivity transparent as Xandros does.
Furthermore, if I ever do want to run a web or mail server or any of
those other services that Xandros doesn't supply in its default
configuration, it's no big deal. Xandros is, after all, based on
Debian, so there won't be any problem adding services if I decide to do
that later.
So, on balance, I think Xandros is the right choice of Linux distro for
our small server. The one fly in the ointment is that Xandros isn't set
up to support RAID, but that may be fixable. We'll have to see.
[Top]
Saturday, 18 September 2004
[Last Week]
[Monday] [Tuesday]
[Wednesday] [Thursday] [Friday]
[Saturday] [Sunday] [Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
11:50 - So now it's been revealed that one can open a Kryptonite bicycle lock
with the plastic tube from a Bic pen. According to the news reports,
this is a major revelation. I confess that it was a surprise to me that
cylindrical locks were still vulnerable to such an exploit.
I never tried to open a Kryptonite lock, but about 35 years an old
retired locksmith taught me how to pick locks. One of the tricks he
taught me was that some cylindrical locks, like those using in vending
machines, could be opened with a stiff piece of plastic tubing of the
proper diameter and thickness. He used clear thick-wall laboratory
tubing, of which he had a selection of sizes, but the concept is the
same. I have to believe he wasn't the only one who knew that trick, so
I was very surprised that such locks hadn't been improved in the last
35 years.
Now that this information is public, Kryptonite and other bicycle locks
that use the vulnerable mechanism are clearly worthless for securing a
bicycle. The company's response is interesting. They posted a notice on
their website that they'd have full details of a mitigation program
posted next Wednesday, but it seems that the essentials of that program
are that they'll supply upgrade fixes to anyone who purchased one of
the affected locks within the last two years and offer significant
rebates to those who have a model older than two years.
Obviously, that's not ideal. They should replace any affected lock
regardless of its age, because the design itself was defective. I
suspect that they're treading a fine line between making things right
for customers and driving their own company into bankruptcy. At least
one smaller company also supplied defective locks, and they announced
that they're not sure yet what action they'll take. The only real fix
in many cases will be to replace the lock entirely, but doing that
would drive companies into bankruptcy.
But at least they're trying to make it right for customers, even at the
expense of beggaring the company. Contrast this with the behavior of
Microsoft regarding the known hideous vulnerabilities in IE under
Windows 2000. Microsoft has announced that they can't and won't fix the
IE security flaws under Windows 2000, and the only alternative they
offer is for Windows 2000 users to pay for an upgrade to Windows XP. It
seems to me that the least Microsoft could do is offer a free XP
upgrade to Windows 2000 users, which would cost them a lot less
proportionately than these lock companies are willing to pay to fix
their screw-ups. But Microsoft never has cared about their customers,
as their actions have repeatedly shown.
(And, no, I never took advantage of what I'd been taught to raid
vending machines or commit other criminal acts. Well, I do admit that
in high school my best friend David Silvis and I did sometimes remove
the combination padlocks from lockers and sell them back to the owners.
I'll bet it'd still take me less than 30 seconds to open a typical
combination padlock.)
[Top]
Sunday, 19 September 2004
[Last Week]
[Monday] [Tuesday]
[Wednesday] [Thursday] [Friday]
[Saturday] [Sunday] [Next Week]
[Daynotes Journal Forums] [HardwareGuys.com
Forums] [TechnoMayhem.com Forums]
{Five Years
Ago Today]
[Top]
Copyright © 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Robert Bruce Thompson. All Rights Reserved.