The previous month is:
The next month is:
1 June 2004
Now with even more data: my email stats. See how much spam I’ve gotten this month!
In case anyone is wondering, the breakdown for May is:
- Spam: 76%
- News: 11%
- Inbox: 7%
- Tech Lists: 6%
- Accounts: 0%
Fortunatey, I see almost none of that spam — spamassassin lets maybe a dozen through a month, if that.
I know that I don’t. Ick.
I came across this oddly poignant post today by Bruce Perens in the /. discussion on Playing Games While Not Ruining Your Relationship. Perhaps it’s only poignant to me — I spent too much of my college years playing computer games, so it hits home.
I think about all the games I played with other people, and how some really wonderful things came out of them. And then I think about all those computer games, and how I’d spend that time differently now.
A frog in water
doesn’t feel it boil in time.
Dude, we are that frog.
2 June 2004
Danish professors of statistics aren’t known for lighting fires under anyone. But there was Bjørn Lomborg sparking an inferno in 2001 with his book The Skeptical Environmentalist, in which he methodically demolished widely held ideas that the earth was, well, going to hell. Since then, Lomborg has fought a running battle with the eco establishment, which calls him a 21st-century Dr. Pangloss. But Lomborg doesn’t deny the existence of global scourges; he just wants to face them honestly. Which brings us to the Copenhagen Consensus, his ambitious effort to set priorities for the top 10 issues facing the world: climate change, disease, war, education, financial instability, corruption, hunger, population, water, and trade. The project has tapped nine respected economists - four of them Nobelists - to create a hot list for spending limited resources.
Merrystar’s new computer (“Tsiolkovsky,” what a great name!) arrived today, so:
3 June 2004
4 June 2004
- A film adaptation may not, through omission or direct action, undermine or reverse the meanings and morals of the source material.
- A film adaptation must adequately capture what made the source material compelling, as long as it does not conflict with the first rule.
- An adaptation can make the changes necessary to work as a product of its medium, as long as these changes do not conflict with the first or second rules.
Helpful advice for young geeks: do not succumb to the temptation of the Gerber Recoil multi-tool. The Leatherman Wave remains the One True Way.
5 June 2004
7 June 2004
How to get various proprietary and restricted multimedia Damned Things (Flash, MP3, Java, MPEG, AVI, RealMedia, Windows Media, Adobe Acrobat) working under Fedora Core using your normal package-management tools. Includes Mozilla-plugin instructions.
8 June 2004
This project was created by Intel to enable support for the Intel PRO/Wireless 2200BG Network Connection miniPCI adapter. This project (IPW2200) is intended to be a community effort as much as is possible given some working constraints (mainly, no HW documentation is available).
9 June 2004
Wanna bet? Wired News: Website Analysis Isn’t a Game
Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone’s hard disk without their knowledge, through a single click.
Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer. …
In simple terms, the link uses an unknown vulnerability to open up a local Explorer help file - ms-its:C:\WINDOWS\Help\iexplore.chm::/iegetsrt.htm. It delays executing anything immediately but instead uses another unknown vulnerability to run another file which in turn runs some script. This script is then used to run more script. And finally that script is used to run an exploit that Microsoft has been aware of since August 2003 but hasn’t patched.
That exploit - Adodb.stream - has not been viewed as particularly dangerous, since it only works when the file containing the code is present on the user’s hard disk. The problem comes in the fact that the Help file initially opened is assumed to be safe since it is a local file and so has minimal security restrictions.
By using the unknown exploits, code is installed within the help file window, all security efforts are bypassed, and the Adodb.stream exploit is then used to download files on the Internet direct to the hard disk.
…if you click on a malicious link in an email or on the Internet, a malicious user can very quickly have complete control of your PC. And there is no patch available.
Bruce Sterling — Wired 12.06: Suicide by Pseudoscience :
The Union of Concerned Scientists in a February report pointed out something the science press has known for years: The Bush administration has no respect for science. Ideologues prefer to make up the laws of nature as they go.
When politicians dictate science, government becomes entangled in its own deceptions, and eventually the social order decays in a compost of lies. Society, having abandoned the scientific method, loses its empirical referent, and truth becomes relative. This is a serious affliction known as Lysenkoism.
Trofim Lysenko was Joseph Stalin’s top stooge in Soviet agricultural science, a field that was mercilessly politicized by fanatics. His specialty was inventing nutty schemes - things like stimulating the evolution of trees by overcrowding them to get them to cooperate, as though they were communist minions. This totalitarian huckster spent his whole career promising exciting results and bringing about only disaster. But the party never judged itself on results, so he always got a free pass.
Trofim Lysenko was a funny case. He had the authority to reduce a major scientific-research power to a dismal Burkina Faso with rockets; he left behind practically no scientific achievement or discovery. As a scientist, he was a nonentity, but his menace is universal. Wherever moral panic, hasty judgment, arrogance, fear, brutal partisan ignorance, slovenly standards of research, overcentralization of authority, conspiratorial policymaking, jingoism and xenophobia, and spin-centric travesties of disinformation can flourish, Lysenko’s spirit will never die.
Mozilla 1.7 RC3 is out.
Firefox 0.9 RC1 is out. Try to break it before Monday.
11 June 2004
Perhaps the president’s lawyers have no interest in the global impact of their policies — but they should be concerned about the treatment of American servicemen and civilians in foreign countries. Before the Bush administration took office, the Army’s interrogation procedures — which were unclassified — established this simple and sensible test: No technique should be used that, if used by an enemy on an American, would be regarded as a violation of U.S. or international law. Now, imagine that a hostile government were to force an American to take drugs or endure severe mental stress that fell just short of producing irreversible damage; or pain a little milder than that of “organ failure, impairment of bodily function, or even death.” What if the foreign interrogator of an American “knows that severe pain will result from his actions” but proceeds because causing such pain is not his main objective? What if a foreign leader were to decide that the torture of an American was needed to protect his country’s security? Would Americans regard that as legal, or morally acceptable? According to the Bush administration, they should
“Clearly the concept of something that is part webcam, part PDA, part intercom and part lightsaber practice droid has many applications in an environment where so many things are going on simultaneously,” NASA Watch editor Keith Cowing wrote in an e-mail.
12 June 2004
New Flotsam: more gardening pictures.
14 June 2004
Also, some specialists think months of painkiller use by migraine sufferers can transform their pain, until the rebound-prone experience a chronic tension-type headache. (Overusing any painkiller can trigger rebound headache, but over-the-counter drugs are the most widely used and thus most blamed.)
Lest anyone doubt rebound headache is real, Pina-Garza points to typical cases in his office: Youths whose parents have migraines but have never suffered a serious headache themselves â€” until a week of high-dose painkillers after knee surgery or a sports sprain spurs headaches that they continue to medicate.
15 June 2004
Via Boing Boing — Shag Phones:
As with all societal change, it tends to happen imperceptibly. And then you look back and remember how life was different.
I heard someone (honest) talking about their “shag phone” the other day. He was a married man having an affair with a lady who was also married. It seems that one of the first heady rituals of the affair was to purchase a “his and her” pair of Pre-pay shag phones.
Only they knew each other’s number, so when the phone rang, they could answer in an appropriately passionate way. While much the same effect could be achieved with caller recognition (assuming they were mobile literate), there was more than just a romantic gesture involved with this behaviour.
Technology still can’t hide your phone bill from a suspicious spouse. And it can’t hide your amour’s frequently dialed number from prying eyes. Better to get a pair pre-pay phones with no incriminating phone bills or records. A small example of how the mobile is impacting on 21st century life.
In a disclaimer evocative of advisories from more mainstream software vendors, Sleaze pointed out in his posting that the backdoor password in circulation only works on an older, unsupported versions of the Trojan horse, and that the latest version of Optix Pro uses stronger encryption to protect a different master password. “So make sure you update!,” he wrote.
At least one security expert says there’s a lesson to be learned from the whole affair. “It obviously says you should always use open-source Trojans,” says Mark Loveless, a senior security analyst with Bindview Corporation. “That’s the moral. You can’t even trust Windows malware.”
The last time we looked at Mozilla Firefox , it was still called Mozilla Firebird and then only in version 0.6. Times have changed. Oh how they’ve changed. Today, The browser with the identity crisis has a sleek new interface, modern features, and is blowing the doors off its competition… and this is putting it mildly.
When compared to browsers such as Internet Explorer, Firefox is light years ahead. Microsoft will need to do some serious footwork to catch up to the usability and functionality of this browser. Seriously. The only browsers that come close are Mozilla (of course), Opera , and Konqueror . Safari is also coming along nicely on OS X . The beauty of this browser is not only its functionality… it also lies in its portability. Firefox is currently supported under Linux (GTK+-Xft), Mac OSX, Sun Solaris SPARC/x86, Sun JDS 2003, Microsoft Windows (all versions), and IBM OS/2 , so you can drop it onto almost anything with a modern CPU.
16 June 2004
Merrystar’s grandmother died this morning. My thoughts are with my father-in-law; he and I talked about his mother during our weekend projects.
No date has been set for the memorial service yet.
The Raymond Chen Camp believes in making things easy for developers by making it easy to write once and run anywhere (well, on any Windows box). The MSDN Magazine Camp believes in making things easy for developers by giving them really powerful chunks of code which they can leverage, if they are willing to pay the price of incredibly complicated deployment and installation headaches, not to mention the huge learning curve. The Raymond Chen camp is all about consolidation. Please, don’t make things any worse, let’s just keep making what we already have still work. The MSDN Magazine Camp needs to keep churning out new gigantic pieces of technology that nobody can keep up with.
…Inside Microsoft, the MSDN Magazine Camp has won the battle.
17 June 2004
In any business switching to Linux, there’s at least one person who’s stuck. These people need to use files from some Windows-only program, and usually have to do so by dual booting to and from Windows. Dual booting is very slow when all you really want to do is cut and paste a few screenfuls of data. Worse, because it is so slow, there is a real temptation to remain in Windows and use programs such as Outlook and Exchange, this year’s favorite virus targets.
There is a better alternative: run just the necessary Windows programs under Linux. This solves the same problem we saw when DOS started to replace CP/M. There was always something that only the older operating systems’ programs did, so you ran the older programs with an emulator.
Actually, the balloon battle may have less to do with us today than it does with citizens, soldiers, reverends, and children 60 years from now. Because as compelling a case as the balloon story may be for the virtues of wartime censorship, what’s troubling is not that Americans in 1945 didn’t know about these balloons; it’s that most Americans today don’t. The balloon bombs were erased not only from our national awareness, but from our collective history. We believe it never happened, just as our children might have been led to believe Abu Ghraib never happened.
The administration needs to do a better job of providing us with the kind of information that will truly help usâ€”not just this summer, but in decades to come, when we look back and try to learn what happened in this war and how we can prevent it from happening again. Torture memos, torture photos, and chatter in the system must not be erased. Otherwise, we may never understand what we were fighting for. It’s true, the truth hurts. But gaps in our history hurt more, and the hurt lasts longer.
Mozilla 1.7 is out.
19 June 2004
Note to self: when upgrading and the sound suddenly stops working, check to see that the volume hasn’t been turned down to zero.
21 June 2004
22 June 2004
In the coming year, you’ll see cell phones that are cleverly disguised in watches, bracelets, jacket lapels, backpacks — any imaginable place that will make gabbing a fashion statement (see accompanying Photo Essay for examples of several wearable devices discussed here). In the past year, European and Asian consumers have had a taste of wrist watches, pendants, and powder cases — all doubling as cell phones. Such wearable devices already account for between 1% and 5% of all cell phones sold worldwide, says analyst Michael King of consultancy Gartner. U.S. consumers, always behind the Old World in most things wireless, have been left out.
Now that’s changing. Wearable cell phones will start making their way into the U.S. over the next 12 months — and by 2007, 20% of U.S. cell-phone users will likely be donning haute couture phones, says King.
As the summer approaches, we crawl out of our protective wired covered lairs to sometimes partake in outdoor activity. Last weekend, we went kayaking around Lake Union in Seattle, WA and of course, we couldn’t help but bring along a lot of equipment and decided we’d hunt for open wireless spots, this friends- was “War Kayaking.” We found a ton, charted it with GPS, Wifi finders and we’ll show you how we did it for this week’s HOW-TO Tuesday.
23 June 2004
This is the third time in the past nine month that knowledge of the scope of secret information disclosures by airlines has expanded, and now six of the 10 largest airlines are known to have given data to the government secretly. Stone’s disclosure also raises questions about whether TSA officials intentionally withheld information from previous inquiries by the Government Accounting Office, members of Congress and the Department of Homeland Security’s chief privacy officer, Nuala O’Connor Kelly.
24 June 2004
The fuckers at Yahoo did it again! I’m trying to work here!
Oh yeah - if you actually use Yahoo Messenger, you better upgrade your client soon, or you’ll find yourself in my boat as well.
…Yahoo is once again blocking connections from Trillian (the alternative multi-protocol client). Yahoo tried this a few times last year and it looks like they’re trying again. … A quick fix discovered late this evening: Change your Y!IM host from scs.msg.yahoo.com to scs.yahoo.com, port 5050, and it should work. This is on Trillian 0.74H, not Pro.
Looks like Trillian has a patch out for Pro 2.0. Nothing for 1.0 yet.
25 June 2004
New Flotsam: fed up wth Fedora.
Wow. Read down to the end of this article to see a hysterical overreaction to a security threat — stay off the Internet, indeed! Um, perhaps you could just not use Internet Explorer and download Mozilla or Opera instead? Oh, because concrete advice on how to avoid a problem won’t generate as many page hits as much as fear, uncertainty and doubt.
Sheesh. I think I need a new category for articles like this one.
Meanwhile, the average Internet surfer is left with few options. Windows users could download an alternate browser, such as Mozilla or Opera, and Mac users are not in danger.
NetSec’s Houlahan advocated drastic action.
“I told my wife, unless it is absolutely necessary and unless you are going to a site like our banking site, stay off the Internet right now,” he said.
The latest version of IE is 6, and it has certainly accumulated an impressive record of holes: 153 since 18 April 2001, according to the SecurityFocus Vulnerabilities Archive. There have been some real doozies in there. For instance, last August, Microsoft issued a patch that fixed a hole that the company described this way: “It could be possible for an attacker who exploited this vulnerability to run arbitrary code on a user’s system. If a user visited an attacker’s Web site, it would be possible for the attacker to exploit this vulnerability without any other user action.” Oh, is that all? Well, that’s super - simply visit a Web page, and you’re 0\/\/N3d, d00d!
I could go on and on. Look, let’s be honest with each other. We all know this is true: IE is a buggy, insecure, dangerous piece of software, and the source of many of the headaches that security pros have to endure (I’m not even going to go into its poor support for Web standards; let that be a rant for another day). Yes, I know Microsoft patches holes as they are found. Great. But far too many are found. And yes, I know that Microsoft has promised that it has changed its ways, and that it will now focus on “Trustworthy Computing.” But I’ve heard too many of Microsoft’s promises and seen the results too many times. You know, fool me once, shame on you; fool me twice, shame on me. Who’s shamed when it’s “fool me the 432nd time”? Who’s the fool?
We’re security pros, and we know the score. It’s time. It’s time to tell our users, our clients, our associates, our families, and our friends to abandon Internet Explorer.
The new album by HATEBEAK — the world’s only deathmetal band with an avian vocalist — promises music so terrifying it will “make you vacate your bowels.” Song titles inlcude Beak of Putrefaction and God of Empty Nest. “Hatebeak pecks your eyes out and assaults your ears in a flurry of pummeling riffs and grey feathers that leaves you lying in a pool of blood begging for more.”
Rocketeers up and down the skill-level range are feeling the pinch of post-9/11 regulations promulgated by the federal Bureau of Alcohol, Tobacco, Firearms and Explosives. Today, thousands of people fly model rockets that range in size from about 12 inches to more than 30 feet tall. But since the ATF imposed new rules, some hobbyists have abandoned their pastime, and the next generation of engineers and scientists, some fear, is being driven away.
“If we’re in an environment where the government says you’ve got to get fingerprinted and background checked, and spend three to four months to do it, (adults are) not going to participate in my hobby,” said Mark Bundick, president of the National Association of Rocketry. “We need more kids. It helps them learn technology. It’s the technological base here in the country that we need to protect, and this hobby is a good introduction for kids that are interested in technology. If I lose those adults, then I will not be able to train those kids.”
29 June 2004
The Mozilla Foundation has just made available interim releases of Firefox 0.9.1 and Thunderbird 0.7.1. Apparently: ‘These releases are designed to address early issues found in the new extension manager and automatic upgrade system as well as making changes to the new Firefox theme based on initial feedback.’
30 June 2004
Pat Campanella, left, and Affordable Towing and Recovery owner Devin Statts discuss how to get Campanella’s SUV out of Katherine Peacock’s pool in Hawai’i Kai. Campanella was giving his wife a driving lesson when she overcompensated and drove into the pool.