|
Ted's Radio Weblog
 |
Thursday, August 31, 2006 |
Slashdot post: Radio Shack E-Fires 400 workers. KingSkippus writes "You've got mail! ...and no job! The Atlanta Journal-Constitution is reporting that RadioShack has notified 400 workers by e-mail that they are being laid off. The e-mails state, "The work force reduction notification is currently in progress. Unfortunately your position is one that has been eliminated." Nothing says thank you for your years of service to our company quite like an e-boot out the door."
Ow. I got laid off from US DataCenters via cellphone, as I was working from home the day they let everyone go, and I thought that was bad. (One of the best things that ever happened to me, though.) But email! That's incredibly insensitive.
4:41:40 PM 
|
|
|
Wednesday, August 30, 2006 |
|
Monday, August 28, 2006 |
Thom Holward posts this article on OSNews, linking to the this ZDNet blog post where Richard MacManus interviews Microsoft's Chris Wilson. I've read the article and I can't see where Thom's conclusion comes from. Chris says...
"...IE7 is going to be an important update in the automatic updates feature. This means it'll actually show up for everyone's [Windows] computer. It won't automatically install behind the scenes or anything, because it is going to change your user experience of the Internet quite a bit."
I really can't see that anything has changed.
9:17:07 AM
|
|
|
Thursday, August 24, 2006 |
Slashdot post: No Full HD Playback for 32-bit Vista. snafu109 writes "Pity the Vista user with a 32-bit CPU. Senior Program Manager Steve Riley announced today at Tech.Ed Australia that full HD content shall only be played at the full resolution where only signed drivers are used — only in the 64-bit version of Vista." And you thought that there were no features left to remove!
UPDATE: Today, OSNews reports Microsoft: 32Bit Vista Will Play Protected HD Video. The web exploded yesterday with the news that Microsoft would cripple 32bit versions of Vista so they would not play protected high-definition content. However, Microsoft was quick to respond, stating: "The community is buzzing with reactions to APC Magazine's article regarding playback of protected High Definition content in 32-bit versions of Windows Vista. However, the information shared was incorrect and the reactions pervading the community are thus (understandably) ill-informed. The real deal is that no version of Windows Vista will make a determination as to whether any given piece of content should play back or not." Well, that certainly clears things up!
2:10:58 PM
|
|
|
Wednesday, August 23, 2006 |
Declarations of a One True Way to Python Web Frameworks has lead to lots of kickback. A few samples from Daily Python-URL! (from the Secret Labs):
The consensus seems to be that not much has really changed following the "pronouncement." No one is in charge, and choice is a good thing. The TurboGears folks will keep trying a little harder, now that they're officially #2, everyone else will try a little harder to unseat them.
What will be good to see implemented would be a comparison chart of the many products. The FoxPro Wiki does a great job of this for VFP Frameworks, and CMS Matrix does a good job on content management systems. This would be a great service to the community.
8:36:13 AM
|
|
|
Tuesday, August 22, 2006 |
OSNews reports "Novell is still working on improving the VBA support of its OpenOffice submission, and is therefore open to all sumbmissions of VBA macros which are not working on the OOo version of SLED 10. In the meantime the question is when - or even if - Sun will accept the patches for OpenOffice to get VBA support."
Hmm. I'm surprised. VBA is one of Microsoft's Achille's Heels, the weak spot where lots of security flaws can be exploited, via Automation, AutoOpen macros and so forth. I'll be interested in learning how OOo can implement these.
7:58:11 AM
|
|
|
Monday, August 21, 2006 |
Over at Blue Sky On Mars: Kevin Dangoor, one of the lead developers for the TurboGears Python web framework posts, "There can't be only one."
"I guess I'd better give up now. Guido announced at SciPy that Django is the standard web framework for Python. How's that for a first two sentences of a blog post? "
"Always there are two, a master and an apprentice." Master Yoda says.
Neo claims, "It's about choice. Free will is the one thing that can't be factored out of the system." Free will mustn't be factored out of the system. The Joy of Branching is that someone else will go off and try something else, take a different direction, chose the Road Less Taken. And that will make all the difference.
No one size fits all. Sometimes you just need a little snippet, a tweak, of inline python code like you can do with Myghty. Other times, you need a big, honking uber-reliable message-passing system with scalability, redundancy, failover, point-in-time recovery and full BuzzTerm 2.0 compliance. Sometimes you just want to toss together a quick-and-dirty web site for a friend and the first app you come across with a README small enough to take in in one glance is the choice.
There's always room for more than one. Fight for choice.
link via Daily Python-URL! (from the Secret Labs)
10:19:41 PM
|
|
|
Sunday, August 20, 2006 |
David Berlind's recent blog post pointing to Tim Bray's trials and tribulations on switching from a Powerbook to a Sun Ultra 20 running Ubuntu (!) has some interesting reflections on how hard all desktop switching is. David says,
[Tim] "used two words — "wrangling" and "gyrations" — in his last post that leap off the page as having long been (in my mind) desktop Linux's key stumbling blocks."
I've got a half-dozen machines in the office I work at regularly: Dells, HPs, ThinkPads, Macs, running Win98 through XP, OS X, CentOS, Ubuntu, Fedora, Xubuntu and probably a couple of others. I am constantly wrestling with getting a PDF file just right on this one, or wrangling an icon to do what I want on the desktop of that one. They are all hard!
I got tired of using the supplied Apple keyboard with my iMac and thought I'd try a Microsoft Natural Keyboard I had spare around the office. It worked well, just plug it in and It Worked ™. However, the key labels and assignments had me stumped. On Windows and Linux, the control key is the lower, outer left key and I spend all day issuing ^X, ^V, ^F, ^T to cut, paste, fine and create a new FireFox tab. On the Mac, it's not the outer key, it's the option key, the middle of the three keys outboard the spacebar. Except when it's not. Subconsciously, I had gotten myself into the groove of using the different keyboard layout on the (different) Apple keyboard. When I swapped out the keyboard for the one I use on another machine, I lost the ability to touch type those characters on both keyboards.
In the above-cited blog post, Tim was annoyed when Ubuntu didn't follow the hand-patterns he had memorized on the PowerBook; I feel the same way when I use the Mac.
3:23:14 PM
|
|
Garrett followed up on my recent post about creating a root shell by point to Aaron Margosis' post with a "MakeMeAdmin.cmd" batch file. My one-liner solution created a shell as an admin user. Aaron's is more extensive and adds the current user temporarily to the administrators group (requiring the admin password), then requires the current logged-in user to log in again for the shell session.
I'm not sure of the security implications of each, or whether one is better than the other. In a sense, my script is similar to "su" where the shell is in the context of another administrator, where Aaron's is closer to "sudo" in the sense that the current user can temporarily execute super user commands. It sure would be nice if the script could go one step further and persist a list of users with sudo capabilities, so you only had to do one login. In either case, it seems that the security context doesn't "leak" outside of the shell in which it is executed.
2:11:05 PM
|
|
OSNews reports Apple Leads Industry in Customer Satisfaction. "Newly published data from the American Customer Satisfaction Index show that Apple leads other personal computer manufacturers, beating out Dell, HP and others. On a 100 point scale, Apple merited a score of 83, according to the ACSI, a 2.5 percent year-over-year increase and a 7.8 percent increase from 1995, the first year the ACSI measured the PC industry. The annual ACSI is sponsored by the American Society for Quality and University of Michigan's M. Ross School of Business. It's derived from phone interviews with customers contacted by using digital-dial telephone samples. More than 70000 consumers are identified and interviewed annually."
No surprise there.
9:36:37 AM
|
|
|
Thursday, August 17, 2006 |
When running Windows, you should always run as the "Least Priviledged User" to do the tasks you need. If your user context doesn't have the rights to mess with most of the system settings, some evildoing script in the compromised javascript, jpeg, word doc, html page, worm, virus, trojan or other Windows nastie won't have those rights either.
However, sometimes you need to run a simple command that requires system priviledges. Logging in and out or switching users is too much hassle. For this, I created a shortcut on the desktop and labeled it "RootShell." (Bear in mind when you run commands from this shell that you have nearly complete control of the machine. With great power comes great responsibility.) The shortcut links to a batch file with the command:
runas /noprofile /env /user:MyMachine\MyAdmin cmd
UPDATE: There ought to be a backslash between MyMachine and MyAdmin. My blogging software helpfully deleted it. Grrr.
This batch file runs the command interpreter (cmd) as user "MyAdmin." (Supply your own settings for 'MyMachine' and 'MyAdmin'. In domain- and ActiveDirectory-controlled networks, the syntax will be slightly different for specifying the user. Type HELP RUNAS at a command shell for guidance.)
Double-clicking the icon opens a command shell and prompts for the administrator's password. Get it correct, and the shell runs yet another shell in which you can type the commands you need to run. Get it wrong and it closes.
Handy and quick.
10:12:42 AM
|
|
|
Wednesday, August 16, 2006 |
Over at NewsForge, Joe 'Zonker' Brockmeier blogs A slow start at LinuxWorld during the seminar day before the main trade show opens. It sounds like the conference had many of the classic faux-pas, hard to avoid but difficult to overcome. I'm not picking on LinuxWorld for these, they happen at every show (and I've been guilty of more than one), but to remind us all what conference attendees expect:
- Schedule changes: "I'd hoped to attend Greg Kroah-Hartman's "Write a Real Working Linux Driver" session, but it had been cancelled."
- Not delivering what was promised: "Unfortunately, the presentation was not a "hands-on" affair at all."
- Losing control of the session: "Kirkland turned out to be something of a disappointment. Kirkland spent too much time at the beginning of the session discussing the types of RAID and taking questions from a particularly inquisitive attendee at the back of the room. I enjoy sessions where the presenter takes questions during the presentation, but a good speaker knows how to control the audience and will shut down questions when they start to derail a presentation."
1:57:59 PM
|
|
|
Tuesday, August 15, 2006 |
Lenovo debuts Linux ThinkPads. (InfoWorld) - "Lenovo Group announced on Tuesday the availability of the ThinkPad T60p, its first laptop computer preloaded with the Linux operating system... The new laptop is primarily aimed at engineers, the company said... Linux users will welcome Lenovo's decision to preload the open-source operating system on its new ThinkPad."
Well, the left hand forgot to tell the right hand. The links on the Lenovo site lead to http://www.pc.ibm.com/us/notebooks/thinkpad/t-series/workstation.html?re=home_Innov_us where it says, "The ThinkPad T60p Mobile Workstation does not come preloaded with SUSE Linux. Users must obtain SUSE Linux licenses from Novell. The ThinkPad T60p comes with DOS entitlement only and ships with a blank hard disk drive. SUSE Linux OS will be supported by Novell, while Lenovo will support Hardware," Hopefully, they will get the story together over the next couple of days.
The whole point of buying such a machine is to get a pre-installed image that supports all the oddball features of Bluetooth, hibernate, ACPI, power management, the funky specialized buttons, the pointer, the touchpad and so forth. If you have to go out and buy and install SuSE yourself, what's the point? Buy the T60p with Windows, snapshot the image, shrink the partition and set up the machine to dual-boot.
2:40:58 PM
|
|
Major news networks are carrying the story this morning, but in case you missed it, Jeremy Reimer of Ars Technica reports Dell recalls four million laptop batteries. "Dell has announced that it is issuing a worldwide recall of over four million batteries in laptops that the company sold between 2004 and 2006. If you have such a laptop, get your replacement battery now!"
10:31:18 AM
|
|
In attempting to set up XAMPP on a Windows XP Pro workstation, I couldn't get Apache to start. Attempting a command-line start gave me an error message that port 80 was in use. The netstat command showed nothing listening on that port. As a work-around, I edited the config file for Apache to work on http port 8888 and https port 8443 and confirmed that Apache was installed correctly and working fine. Finally, digging around in the Services applet showed that the IISAdmin was running. Dredging around on Google yielded this blog entry that recommends disabling the service and rebooting to detect which app is launching IISAdmin. That cured the problem; Apache's up and running. XAMPP rocks.
9:29:00 AM
|
|
|
Monday, August 14, 2006 |
HP announces support for Debian Linux. (InfoWorld) - "Hewlett-Packard is throwing its support behind the Debian Linux distribution, the first major hardware maker to align itself with the noncommercial community-based Linux offering... HP also announced Monday that unit sales of 1.5 million Linux servers generated revenue of close to $6.2 billion for the 12 months ending in May, 50 percent more revenue than its nearest competitor."
I think we'll continue to see some interesting alignments between vendors and Linux distributions: Lenovo's announced SuSE support, HP aligns with Debian. The Dell Linux site makes it clear they're not going to lose a sale over the choice of OS: you can pick your own, but RedHat and Novell SuSE are their top picks.
We don't want to go back to the one hardware vendor - one OS model: Ultrix, Solaris, HPUX, and the rest created a Balkanization of UNIX that lead to its downfall. However, vendors supporting Linux, especially multiple flavors, is a good sign.
6:23:39 PM
|
|
|
Sunday, August 13, 2006 |
Slashdot post: Botnet Herders Attack MS06-040 Worm Hole. "Laljeetji writes "eweek reports that the first wave of malicious attacks against the MS06-040 vulnerability is underway, using malware that hijacks unpatched Windows machines for use in IRC-controlled botnets. The attacks, which started late Aug. 12, use a variant of a backdoor Trojan that installs itself on a system, modifies security settings, connects to a remote IRC (Internet Relay Chat) server and starts listening for commands from a remote hacker. On the MSRC blog, Microsoft is calling it a very small, targeted attack that does not (yet?) have an auto-spreading mechanism. LURHQ has a detailed analysis of the backdoor."
Sounds nasty. An auto-spreading mechanism will turn this one into an epidemic. Patch now, if you haven't already.
8:17:51 PM
|
|
Joho the Blog points out Authorial authoritative provenance. "Jon Udell blogs about Lorcan Dempsey's blogging of the OCLC's fuzzy matching service that searches the Library of Congress Name Authority File, finding misspelled authors' names, etc. Jon discovered that his own name was misspelled in the Authority File, and he explains the process for getting it corrected. And, Jon says, we should be making provenance and ways to correct provenance more explicit."
8:52:26 AM
|
|
|
Saturday, August 12, 2006 |
Robert McMillan of InfoWorld: Top News reports OpenOffice.org security 'insufficient'. "With Microsoft Corp.'s Office suite now being targeted by hackers, researchers at the French Ministry of Defense say users of the OpenOffice.org software may be at even greater risk from computer viruses... "The general security of OpenOffice is insufficient," the researchers wrote in a paper entitled "In-depth analysis of the viral threats with OpenOffice.org documents." ... "This suite is up to now still vulnerable to many potential malware attacks," they wrote."
Despite the negative tone of the beginning of this article, it's more good news for OO.o than bad. First, the one major flaw that was found has been patched - yeah, Open Source! - and you'll want to ensure you're running the latest OpenOffice.org. The second positive spin of the article is the tone: governments and companies are seriously evaluating OpenOffice.org as a replacement for their current office products. I wonder if this change in the tone has to do with the acceptance of the Office Document Format as a recognized international standard.
9:25:54 AM
|
|
|
Thursday, August 10, 2006 |
I received the "Microsoft Security Bulletin Summary for August, 2006" in my inbox this morning. You'll want to sign up on the Microsoft site if you don't get this email and have responsibility for supporting and protecting Windows machines. You can find the bulletin here.
Nearly all the 12 items were rated critical and resulted in "Remote Code Execution" - in other words, someone else taking over your machine. Every version of Windows - those still supported - Windows 2000 SP4 through Windows Server 2003 - are affected. Individual applications getting patched include all the Office products, VBA-enabled products, and nearly anything with HTML: Internet Explorer, HTML Help, Microsoft Management Console. Get patching!
MS06-040 - Vulnerability in Server Service Could Allow Remote Code Execution (921883)
MS06-041 - Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
MS06-042 - Cumulative Security Update for Internet Explorer (918899)
MS06-043 - Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
MS06-044 - Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)
MS06-046 - Vulnerability in HTML Help Could Allow Remote Code Execution (922616)
MS06-047 - Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
MS06-048 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)
MS06-051 - Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)
MS06-045 - Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
MS06-049 - Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
MS06-050 - Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
We're up to 51 patches on the 32nd week of the year. It's pretty apparent that whatever Trustworthy Computing brings us, it won't be a static thing.
9:14:59 AM
|
|
|
Wednesday, August 9, 2006 |
Here is a clever solution to the problem of trying to remember all of your passwords, settings, configurations and so forth when converting your current OS into a VM: backup your old installation and restore it into a clean VM. There may be problems with drivers and such, since the VM "hardware" may not work with all the drivers you have installed, but it sure looks like it could be a timesave.
9:52:10 PM
|
|
Reinstalling one of my development workstations with Kubuntu as the primary operating system, and thought I'd take a shot at using VMWare and guest OSes for the other work I might have to do. I found a great HOWTO here on the Ubuntu site: HowTo: Windows (XP) on Ubuntu with VMWare Server
6:21:53 PM
|
|
Andy Ihnatko writes a guest column for InfoWorld that's a great insight into the mind of Mac users and interesting speculation on what we saw, or didn't see, at the recent WWDC keynote.
Leopard's top-secret secrets. (InfoWorld) - When you watch a Steve Jobs keynote from home, you only get about two-thirds of the value. For one, there's usually complimentary orange juice and danish on the way into the hall. For another, you get to go hyper-nerd obsessive on every observable detail.
4:07:01 PM
|
|
|
Tuesday, August 8, 2006 |
From Guy Pardoe's announcement:
The next meeting of the Monadnock Linux User Group (MonadLUG) will be this Thursday, August 10th, 7:00pm, at the SAU 1 Superintendent's Office behind South Meadow School in Peterborough.
For directions and other information, visit
http://wiki.gnhlug.org/twiki2/bin/view/Www/MonadLUG
Mark Witham discusses SugarCRM: SugarCRM is a complete CRM and groupware system for businesses of all sizes. Functionality includes sales force automation, marketing campaigns, support cases, project mgmt, calendaring, documents and more. Built on PHP and MySQL.
2:29:37 PM
|
|
OSNews points to a ZDNet article, Microsoft: 'Open Source Is Too Complex'. "Although open-source software can be customized to meet a company's specific needs, its inherent complexity could dent the profitability of independent software vendors, says Microsoft. "One of the beauties of the open-source model is that you get a lot of flexibility and componentization. The big downside is complexity," Ryan Gavin, Microsoft's director of platform strategy, said."
An ISV has to know what they are getting into, and have sufficient support to deal with the challenges of many platforms. The same is true if you choose to support Windows XP, XP Home, XP Media Center, XP Tablet, Windows 2000, Windows Server 2003 on standalone, networked, workgroup, domain and Active Directory models. The claim that supporting Linux because there's more than one vendor (all of the majors adhereing to the Linux Standards Base) is FUD. If you have to support home users with Windows 95 or do-it-yourselfers with a hand-built Linux kernel, the challenges are the same. Their claim to ISVs that Windows is easier to work with may be easy to claim, but I'd like to see Microsoft prove it. Truth Happens. Unbend the Truth.
Microsoft claims that computer technology is complex, and they are smarter about making those decisions than their customers. If they are not careful, they'll prove that. The smart customers will leave.
2:14:57 PM
|
|
|
Monday, August 7, 2006 |
Steve Job's keynote (CORRECTION: from the Spring 2006 MacWorld. Oops!) is available for viewing on the web here. And for those with WAY too much time on their hands, play WWDC Keynote Bingo while you watch:
http://arstechnica.com/staff/fatbits.ars/2006/7/23/4730
Yet another UPDATE: Here's the WWDC keynote. Sorry for the confusion.
11:12:57 AM
|
|
|
Sunday, August 6, 2006 |
|
Thursday, August 3, 2006 |
In Fun with User Access Control in Vista... Argh!!!, Microsoft MVP and Developer Extrodinaire Rick Strahl bemoans:
Vista Security is tight and I can understand the need to lock down the system to some degree. But UAC is nothing short of annoying, so much so that it becomes a totally worthless feature. After using UAC for a few minutes you won't be reading any prompts and blindly prompting every link spawned. This is not security - this is making things worse by giving people a false sense of security... It's relatively straight forward to turn off UAC, but as it turns out this doesn't quite get you all the way where you might expect.
He documents a situation in which the Administrator of the machine is unable to delete a directory. Is this a feature? When a skilled and experienced operator can't find a way to work through a system to repair a problem, there's something deeply wrong. Read Rick's entire post here.
4:11:13 PM
|
|
|
Wednesday, August 2, 2006 |
On the DDJ portal, Jon Erikson points out the latest Javascript exploit, a fearsome beast if it's not vaporware. I run with NoScript running as a FireFox plug-in and only enable scripting when I need to. Travelocity does a graceful job of pointing out that they require JavaScript enabled. PG.com does a miserable job, recommending I upgrade my browser to IE4 or Netscape.
Get a clue, web developers. If the client comes to your site without JavaScript enabled, it might not be because he lacks a clue. Don't show them that you lack one.
3:39:22 PM
|
|
ZDNet Asia reports "Intel officially closed the books on the Pentium era on Thursday with the Core 2 Duo, its most important product launch in 13 years." The Core 2 Duo chips will have the special instructions to better support virtualization at near-native speeds, from what I understand. If you're thinking about buying a new machine, the new chips are attractive, though you might want to wait a few months to ensure they actually work in the field.
Is "Core 2 Duo" the best name the marketeers could come up with? Obviously, the Pentium line won't go one to Sextium, Septium, Octium and Nonium, and "Itanium" was about as popular as green kryptonite. AMD isn't doing much better with their Turion, Sempron and Athlon 64 X2 series - which is the good one?
Some analysts are claiming that Intel has cleaned AMD's clock with this latest release of processors. I think it's good to see it's a horse race - all the competitors will try all the harder.
1:28:18 PM
|
|
|
Tuesday, August 1, 2006 |
Rasmus Lerdorf presented Getting Rich with PHP5 and included some great sample code in the presentation.
12:52:21 PM
|
|
Ed Foster's Gripelog spends the week with a series of articles on software ownership, copyright, licensing, and the chilling decisions being made in US Courts. It's stunning how few rights consumers have against software companies, compared to their rights (and the companies' responsibilities) in other industries like automobiles, food or consumer goods. Do Software Customers Own a Copy?. "When we a buy a book, we all pretty much understand what rights our ownership of that copy gives us. But what about software? Do we even own the copy, or does the inevitable "the software is licensed, not sold" assertion in the license agreement actually deprive us of rights we would otherwise have under copyright law? It's a question that Congress and the courts have failed to clear up, often with gruesome results...."
12:49:01 PM
|
|
From the DLSLUG announcement list:
The next regular monthly meeting of the DLSLUG will be held Thursday, August 3rd, 7-9PM at Dartmouth College, Carson Hall, Room L02. All are welcome, free of charge.
Agenda
7:00 Sign-in, networking
7:15 Introductory remarks
7:20 "Taking Open Source, Enterprise-Class applications off the desktop and into the Field" presented by Thomas Hall, Technical Account Manager, Wind River Systems
"There are many compelling reasons to adopt Open Source applications for the desktop; one asks... Why stop there? Well, turns out there are significant technical hurdles to overcome minimal resources - successfully scaling powerful Open Source applications like Apache and MySQL into a handheld device requires Linux development and testing
tools well beyond printf."
"However, while the groundswell of interest in the Linux OS has resulted in highly stable, mature kernels, this interest has not yet translated into commercial-quality Public Domain development tools. While it is comforting to have a ubiquitous technology like GDB available, one wants to further draw on best-in-class tools and paradigms that have been developed in the commercial software development space."
"Wind River Systems will present on this topic and demonstrate the Eclipse-based Workbench IDE and Platform for Consumer Device, Linux Edition. As time permits, several commercially available products will be demonstrated running Wind River Linux."
8:30 Roundtable Exchange - where the attendees can make announcements or ask a linux question of the group.
10:58:07 AM
|
|
|
