|
Ted's Radio Weblog
 |
Monday, May 31, 2004 |
Worm Lays Waste To IT's Defenses.
"With preventive initiatives slowed by corporate bureaucracy, the IT
infrastructure becomes easy prey for the Sasser worm." from Computerworld News.
This is a good tale of how it really works down in the trenches, with
communication issues, bureaucracy and uncooperative groups making
security a difficult challenge.
8:39:22 PM 
|
|
A rare day off at Ted Roche & Associates, LLC. Still, spent an hour
this morning posting some solutions to MySQL queries to the ProFox
list, and a few hours working on a chapter about connecting to MySQL
from Visual FoxPro. But also got some time in with Laura working on
roman shades in the office. And, lest we forget, more than a few
minutes remembering those who sacrificed so we could enjoy the freedom
of the holiday. Have a good Memorial Day.
5:15:19 PM
|
|
|
Sunday, May 30, 2004 |
The Harvard Business Review published an article last year entitled
"Why I.T. Doesn't Matter," a very popular article followed up by a book
of the same name. Bob Metcalfe, inventor of Ethernet and former
industry publisher, responds here.
10:43:30 AM
|
|
|
Saturday, May 29, 2004 |
Subversion: The new-generation CVS. Software development is an iterative process that ... [OSNews]
Subversion is hot stuff, a clean re-implementation built on the ideas
of CVS but with the added features to support better multi-file
versioning, remote access and improved security. I've got clients
running on Windows, Linux and OS X, and plan to move my main repository
there soon.
7:26:33 PM
|
|
A new letter of protest, asking Microsoft to give the Visual FoxPro
product its due, is making this rounds. Started in Brazil, it's picked
up 500 signatures in the first few days worldwide.
VFPRevolutions-NewOpenLettertoMicrosoft.
"For all Visual FoxPro Developers community Although sometimes
happenings small jobs offering waves for the VFP developers, we feel
that in the last years had a big job offering or projects reduction
having like base the VFP, this in the world..." Link via the FoxForum Wiki
8:27:41 AM
|
|
|
Friday, May 28, 2004 |
Five years of Cluetrain.
"Giles Turnbull writes in The Guardian on how that Cluetrain stuff
worked out now that it's been five years since the site went up. Good
article. I'm always a bit awkward talking about Cluetrain. I think it
was basically right about the value of the Net at a time when the media
and most businesses were (IMO) insistently wrong. But, for example, the
other day at a conference someone very sweetly thanked me, crediting
Cluetrain as the inspiration for the company he'd founded. That's great
to hear, but it also invokes my Flight or Polite instinct. Cluetrain
tried to articulate..." from Joho the Blog
6:08:40 PM
|
|
|
Thursday, May 27, 2004 |
OSNews links to this great article on SAX processing in Python on DevChannel by Derek Fountain:
An
application developer can choose any one of a number of strategies to read and use an XML
document. In some very simple examples a script containing a
number of regular expressions might do the job, but normally
a more rigorous technique is required. The Simple API for XML
(SAX) is one of the two key techniques for analysing and processing
XML documents (the other is the more complicated Document Object Model (DOM)).
The article is very timely, as I've just
been working to convert some XML processing into Python.
12:05:20 PM
|
|
Dan Bricklin announces
a new product from Software Garden: "Finally, I've released the first
new product from Software Garden since returning full-time. The product
itself is very simple -- less than 400 lines of Perl plus
documentation. The goal was not to make a major product. Rather, the
goal was to do a complete release of a simple product, web site and
all, to run on Windows, Mac, and Linux."
11:24:55 AM
|
|
|
Wednesday, May 26, 2004 |
|
Tuesday, May 25, 2004 |
The Doc Searls Weblog blogs: Panning for gold in the bitstream. Brian Dear says Michael Moore's "Fahrenheit 9/11," which won the Palme D'Or at Cannes, will be distributed via BitTorrent: In
a stunning move, controversial documentary filmmaker Michael Moore
announced today that his latest film, "Fahrenheit 9/11", will be
released by BitTorrent, the popular peer-to-peer file-sharing network.
From Brian's Denounce.com.
Warning: It always pays to read the whole article, and the disclaimer, which in this case says in part: "Denounce is a satire website specializing in false press releases that
are meant to neither inform nor educate. If it makes you smile and
think, we've done our job"
3:11:57 PM
|
|
An associate has a client that upgraded their file server to Windows
Server 2003 and broke my associate's application. He has a DOS machine
at the client site that handles their faxing and EDI functionality, and
the client can't get the DOS box to authenticate to the Windows Server
2003. Based on this KnowledgeBase article,
it looks to me like Windows 95 and DOS systems are out of luck if they
need to attach to Windows 2003 shares, as they lack the ability to
encrypt their authentication information. I wonder if Microsoft had
some legitimate reason to break backward compatibility, or if they did
it just to force obsolescence of older clients...
2:47:33 PM
|
|
|
Monday, May 24, 2004 |
Wardriving a Zip Code and Looking at Demographics.
"A writer becomes curious about his California Zip code's Wi-Fi
penetration, and creates a map: Lee Gomes of The Wall Street Journal
drives around for hours, picks up 3,000 hotspots in a population of
70,000 households, and then maps the results against income. His
conclusion: Wi-Fi has become so ubiquitous in urban areas that even
though it's not linked together, we have practically a seamless network
already. (Tie that idea in with community mesh, and you've got
ubiquitous access.)" [link via Brian Chin]... [Wi-Fi Networking News]
3:33:36 PM
|
|
Information Week has this sidebar to a story on Linux going mainstream:
'Suppose I upgrade to Windows 2003 and Windows XP.
What would I be able to do then that I can't do with my current boxes?
Nothing. I don't need all of the collaborative features,' Hentzen says.
Watch for more and more of these stories in the coming months.
10:12:37 AM
|
|
|
Sunday, May 23, 2004 |
Here's the WordPress web site that Mark Pilgrim uses for his blog. From the website:
WordPress was born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL.
11:31:19 AM
|
|
|
Saturday, May 22, 2004 |
|
Thursday, May 20, 2004 |
|
Wednesday, May 19, 2004 |
While troubleshooting my recent problems with Radio Userland, I happened across the Python Desktop Server and the matching Python Community Server.
It looks like the PCS is a drop-in replacement for a Manila hosting
site for Radio, so I could continue using the product I've bought.
Alternatively, I could also deploy the PDS to Linux or Mac and be able
to post to my blog that way. Cool!
9:25:50 PM
|
|
|
Tuesday, May 18, 2004 |
Fresh rivals take on Microsoft Office Goliath.
"China's Evermore Software and Oregon's Gobe Software have launched
products that take novel approaches to the productivity software
market, hoping to chip away at Microsoft's dominance." [CNET News.com]
Looks like the Office market may be heating up again. That's good. Competition is a rising tide that lifts all boats.
9:22:33 PM
|
|
Red Hat releases new hobbyist Linux.
"The company rolls out its newest Linux product, Fedora Core 2, a free
version designed for enthusiasts and developers who want to try out
newer features." from [CNET News.com]
Hmmm, I think "hobbyist" is a bit of a put-down. There are many other
freely-distributable distributions that are not just for "hobbyists"
but for DIYers. Red Hat is offering a fairly easy-to-maintain and
well-supported distribution - provided that you're willing to hang out
on the forums and learn to do the maintenance yourself. So far, I've
had a lot of success using Fedora Core 1 on our company's intranet and
on two of our notebooks.
7:35:14 PM
|
|
|
Monday, May 17, 2004 |
Groklaw reports: MS-Funded Alexis de Toqueville Institution Attacks Linus, Probably Making Itself a Laughingstock
"Just when you thought it was safe to go back in the water. . . more FUD attacks."
"This is so stupid I think we need a parody done by Scott Lazar. But
I'll do my best to tell you the news with a straight face. The Alexis
de Toqueville Institution, who as you may recall admitted it gets funding from Microsoft,
has put out a press release on a "study" they have done that suggests
that Linus isn't the father of Linux after all. Another "independent"
study with Microsoft peeking out from behind the curtain."
"It's
good when you are opposed by Larry and Moe. How dumb do you need to be
to attack Linus Torvalds? As I've said before, it's like kicking
Dorothy's little dog, Toto. All you get for your trouble is a lot of
really offended folks who seriously dislike you and all your
supporters."
9:55:29 AM
|
|
|
Friday, May 14, 2004 |
"If the reaction at PC Forum is any indication, there's a new whipping boy in the tech industry, and it's called Plaxo." From News.Com. The key quote:
Koogle's somewhat evasive answers further stoked criticism. When asked
how Plaxo planned to generate revenue, he paused for a few seconds,
emitted sort of a vacant "uhhh" sound, and then stated that the company
is working on "experiments" on how to generate revenue.
Hmmm. Dot-com fever all over again. I wonder what their burn rate is. I hope Sequoia Capital has deep pockets...
11:36:10 AM
|
|
|
Wednesday, May 12, 2004 |
What a bass-ackwards article title! ComputerWorld reports that open
source development projects are very successful, but commercial
companies are having a hard time adapting their techniques because the
commercial developers... don't use the software they develop! Hmmm....
Open source development models fall flat. Study finds that commercial software developed at disparate locations takes twice as long to complete. [Computerworld News]
7:33:25 PM
|
|
The sad thing is the people who don't code web pages seem to thing that
there is some cool and powerful way to generate web pages. The sad
thing is that it is just as funky and idiosyncratic and maddening as
any do-it-yourself project involving duct tape.
Bug fix.
IE5/Mac users, rejoice. How a single carriage return fixed 47 display
errors on this site. It might help your CSS layout work better in
IE5/Mac, too. [Jeffrey Zeldman Presents: The Daily Report]
7:24:40 PM
|
|
|
Tuesday, May 11, 2004 |
Ed Leafe and Paul McNett tooks the covers off of Dabo 0.1, a project
they've been working on for some time: an n-tier, cross-platform,
data-aware application development framework written in Python. I've
been toying with the framework for some time, and I think this could be
a great framework for deploying apps on Windows, Mac and Linux. See
more details at http://dabodev.com/
9:48:24 PM
|
|
Just had the little Microsoft Update critter in the tray pop up to tell
me that there was a new update. The text was incredibly generic:
A security issue has been identified that could allow
an attacker to compromise a computer running Windows and gain complete
control over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have to
restart your computer. Well, we certainly wouldn't
want that, now would we? With caution from the Sasser worm patch that
rendered machines unbootable, I thought I'd investigate a bit more. A
visit to the Microsoft KnowledgeBase did not show the article mentioned - 840374. A visit to the Microsoft Security site didn't show anything about this article, either, but the Microsoft Technet Security site
does - a link on the right to "MS04-015: Vulnerability in Help and
Support Center Could Allow Remote Code Execution (840374)," which leads
to the wrong article - MS04-014 instead of -015. Changing the address
in the address bar leads, finally, to the correct article: "MS04-015: Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)"
This vulnerability affects WinXP and 2003 only. While Microsoft only rates this update as "Important" they do indicate
that a malicious web site using the flaw in Microsoft's HCP protocol
means that "An attacker could take any action on the system, including
installing programs, viewing data, changing data, deleting data, or
creating new accounts that have full privileges." I wonder what they
save the "Critical" rating for! Mitigating factors are many, and
suggested ways to minimize the dangers include not using Outlook, or
using Outlook in text-only mode, and unregistering the HCP protocol,
which might break local help links as well. Details are in the article
linked above.
It's the 20th week of 2004, and this is Microsoft's 15th security bulletin.
1:58:41 PM
|
|
Nicholas G. Carr, author of the controversion Harvard Business Review
article "IT Doesn't Matter" last year, follows up in Wired magazine
with some intriguing examples: Intel's Centrino, Sun's OpenOffice.org
and Microsoft's IE.
Nicholas Carr:
"In public, industry CEOs may continue to exercise their Peter Pan
complexes, pretending that the IT business will never grow up. But
behind the scenes they're dismantling Neverland piece by piece." [Scripting News]
9:18:32 AM
|
|
Microsoft drops its Wi-Fi offerings.
Microsoft Corp. has decided to stop producing wireless networking
products and will discontinue its range of gear using the 802.11b
wireless networking standard, also known by the Wi-Fi marketing name,
the company announced Tuesday. [InfoWorld: Top News]
9:11:32 AM
|
|
|
Sunday, May 9, 2004 |
Steve Black sent me a link to Brian Livingston's column on new and clever phishing techniques,
"phishing" being the slang for tricking people into revealing
information, like credit card numbers and SSNs. The article shows how
Internet Explorer's address bar and the SSL lock icon can be faked. A
few guidelines might make your online experience safer:
1. Don't accept HTML emails that can hide the real links you're being sent.
2. Don't ever enter personal information unless you're really, really
sure. Banks aren't going to ask for your CC number and expiration. If
someone wants your SSN, they better be with the Social Security
Administration.
3. Consider a safer browser. These tricks were all done with IE.
I wonder if they can be reproduced using XUL on Mozilla or in Safari or
Opera or Netscape or...
7:27:17 PM
|
|
|
Saturday, May 8, 2004 |
Rick Schummer announces his new business. Good luck, Rick!
White Light Computing - Open for business!.
Announcing White Light Computing, Inc., a new company in the Fox
Community led by Rick Schummer. White Light Computing is offering a
number of services to developers and IT departments including
mentoring, software testing, consulting, and is selling the popular VFP
developer tools HackCX and ViewEditor (with more tools to come). Give
us a call or send an e-mail if you think we can help your organization
in any way. More information is available on our Web site. By White
Light Computing, Inc.. [FoxCentral News]
9:03:14 AM
|
|
|
Friday, May 7, 2004 |
Dave Winer blogs "Sponsors, speakers, panels, audience."
"Supernova and the recently announced Web 2.0
conference are throwbacks to the priorities of old conferences, of the
eighties and nineties: sponsors, speakers, panels, audience."
"Execs
from high tech companies, paying sponsorship fees, not disclosed,
guarantee that most of the content is paid advertising and that nothing
real is said on stage. If you don't pay the sponsorship fee, you don't
get a speaking slot. If you offend a sponsor, you don't get invited
back...These conferences are all spin, and empty bluster."
Read more at
[Scripting News]
5:31:58 PM
|
|
|
Wednesday, May 5, 2004 |
Sean Gallagher tells a tale of Open Source to the Rescue:
when Ziff-Davis's eWeek staff lost connectivity to their main site, he
improvised a wiki on his $7 a month personal web site to get them
through the day.
8:35:08 AM
|
|
|
Tuesday, May 4, 2004 |
There's a rare occurrence. Steve Ballmer and I agree on something.
5:26:33 PM
|
|
|
Monday, May 3, 2004 |
|
Sunday, May 2, 2004 |
|
Saturday, May 1, 2004 |
E-Voting Challenge in California. Mercury News: State curbs use of e-vote. California
Secretary of State Kevin Shelley on Friday banned the use of
touch-screen voting machines in the November election unless they meet
stringent security measures. He barred outright the use of a new
Diebold electronic voting system in Kern, San Diego, San Joaquin and
Solano counties. Ten other counties -- including Santa Clara and
Alameda -- will only be permitted to use touch-screen voting if they
provide a paper receipt for digital ballots cast or meet 23 security
conditions, including disconnecting the machines from phone lines and
the Internet. Dan Gillmor says: "This is
amazingly good news, and shows that Shelley has been, in effect,
radicalized by the outrageous behavior of the voting-machine industry.
The companies selling their balloting snake oil went too far, and now
they're going to have to do the right thing.
Most notably in Shelley's announcement yesterday, he said he'd referred
the case of the notorious Diebold Election Systems to the attorney
general for possible criminal, not just civil, prosecution. The record
is already clear that Diebold has -- at absolute best -- been
irresponsible and has dissembled about what it's been doing in
California (and who knows how many other states).
Had Diebold not been so over the top, Shelley might have allowed the
2004 election to proceed as planned even in counties using non-Diebold
machines. The requirement for a voter-verifiable paper trail had not
been scheduled to take effect for two more years.
Now, faced with an industry that insists on pretending all is well when
all is blatantly not well, he's doing the right thing early. The paper
trail will now have to work this year, or the machines won't be
allowed.
Predictably, local voting officials -- the same people who've been so
negligent in adopting an unproven, maybe dangerous technology -- are
screaming about the unfairness of it all. They're partly responsible
for this fiasco. They should stop complaining and get to work. We're
only talking about the core of our republic here." [Dan Gillmor's eJournal]
4:24:17 PM
|
|
|
