Recently in Geek Stuff Category

So, this week, I did something I'd been reluctantly avoiding for a while: I bought a Kindle.

I'm still somewhat "anti-Kindle", even after its purchase. Is it a cool device? Absolutely. At a purely "geek/technical" level, it's a great little device.

My beef with the Kindle has always been that my grandfather bestowed his genetic makeup on me when it comes to a love of the printed word. I remember thumbing throw walls of books that he had taken great care of his entire life... borrowing books that clearly had been in "The Library of John F. Balling" (as the embossed title page would tell you) for decades. There was a shared bond, that my hands were turning those pages just as my father's might have, and my grandfather's before that.

And a Kindle is completely incapable of that sort of history.

D told me, when we discussed it, that we could always buy (again) the dead-trees version of a book if it was "worthy of permanence", but by the same token, there were books in my grandfather's collection that I remember reading that weren't, necessarily, "life-changing permanent-collection" books, but were just common paperbacks.

But, I try to keep an open mind (no, really, I do, I'm just not always successful!), and recently had a couple bucks to spare and decided to take a chance, and see if I liked it. Easing my mind was the realization that I could treat the Kindle like a USB drive on my Mac and rip the DRM'ed books off of the unit, and stash them somewhere else (in case Amazon decides to delete them from peoples' units, or in case the technology sucks, etc., etc. By having copies of them at least, I can always break the DRM later (using the DMCA's interoperability exception as the legal basis), so there's more of a feeling of "ownership" than of being some crummy "licensee" (even if the Kindle terms and conditions are clear that it's the latter... at the end of the day, the reality is much more important than the legalities on something like that).

So, ... any suggestions of good books to download to my Kindle? :-)

Yes, that's right, kids, if "how to type meaningless crap in under 140 characters" is something you're having trouble figuring out, O'Reilly is running a Twitter Boot Camp. For the low-low price of $399, you too can be "trained" on things that are essentially covered in the help pages of what has to be the simplest and yet most inane product ever devised on the web (and let's be honest, that's saying a LOT).

What's more, there's the option of UPGRADING to the boot camp plus a "talk twitter dinner" with Tim O'Reilly, for $1500. Now, meaning no disrespect to Tim, because he's a fine human being and he keeps robo-signing my quarterly royalty checks, but .... SERIOUSLY!?! $1100 extra to "talk about Twitter" with Tim over dinner? For fucks sake, that dinner better be cooked personally by Mario Batali at that price, and include full-GFE with someone cute, because that's just insane.

You can go to the O'Reilly Open Source conference (or, frankly, almost any conference O'Reilly runs) and sit down at the same table as Tim at lunch and eat a meal with him, and I'm sure he'd happily discuss Twitter, or Perl, or web 2.0, or whatever other topic you brought up, because that's the kind of guy he is. He loves to chat about tech issues. There's nobody so hard up to talk to Tim that they need to pay $1100 to do it, when Tim does it for free all the time. :-)

It truly is a world gone mad, I tell you.....

I'll post something "in full" in the morning, but just figured I'd share what me and the "finale crew" had for snacks....

More when I wake up...

Dear Lazyweb....

I have a huge iTunes music library (about 65GB worth). Right now, that all sits on my laptop, gets backed up when I back up my library, etc., etc. At any given time, I'm really probably only "immediately interested" in, maybe, 10% of that.

I've got a NAS in my basement. In my perfect world, there would be some software I could run which would keep my NAS as my "main repository" but give me the option of dragging stuff from my NAS into my "currently deployed" iTunes library. This would free up space on my laptop, make my backups faster, and just be overall easier to deal with.

If I had a "spare" Mac running, with space available, I could use SuperSync to shuffle tunes (and their meta-data) between the two systems, but I don't see any easy way to do that just with some spare NAS-space.

Anyone done this before and have some pointers?

A couple years ago, I built the Lego Star Destroyer, and took some pictures along the way. While that was interesting and all, it was nowhere near as creative as this guy who decided to make a movie out of the construction of his big-ass Millennium Falcon Lego creation. He took the opportunity to make a 10-minute stop-motion film completely with construction workers, stormtrooper attacks, cleaning crews, you name it. The level of detail in this little flick is amazing, and I sat mesmerized watching it....

Building the LEGO Millennium Falcon from Gizmodo on Vimeo.

I'm pleased to say that the Second Edition of High Performance MySQL is now available for purchase from Amazon.com.

Baron, Peter, Vadim and Arjen did an excellent job updating the first edition, bringing it current to support 5.0 and 5.1 flavors of MySQL, expanding the content of the previous edition by more than doubling its size (from a first edition page-count of 275, to a second edition page-count of 708). There's a lot of good stuff in there, and if MySQL administration is your daily grind, picking up a copy would be well-advised.

This will be meaningless to a good chunk of you. Just ignore me, if that's the case.

Don't ever buy 0U PDUs. If you're thinking about it, don't. If you're still thinking about it now, slit your own throat before you can verbally agree to the purchase. If you've already verbally agreed, chop off your hand so you can't sign. If you've already signed, then the phrase "down not across" should become your new mantra.

Seriously, there isn't a single fscking vendor out there that does them right. And heaven forbid you're stuck with a cabinet configuration that's not the Official Sanctioned and Blessed Configuration Manufactured By The PDU Manufacturer, because then you'll be lucky if you can get the PDU anywhere near the right location, even if you use arc-welders, chewing gum, and duct-tape.

Don't do it. Self-performed Lasik surgery would be a more productive use of your time, and far less painful.

Yahoo!!!!! You got some 'splainin' to doooooo!!!!

Dear Lazyweb,

After this past summer's "desktop replacement" cycle, I acquired one of our older/retired iMac computers. When it was wiped for public use, it had the "campus desktop image" installed on it. The problem is that the desktop image is a "managed" image -- e.g., it somehow phones home every time you log in and grabs some managed preferences from the "mother ship", including telling it to use the campus update server.

Obviously, this is "my" computer now (well, rather, my wife's), and not the college's, so I'd like to know how to "untether" it from the update server. Some pages had suggested holding down "option" while logging in as her, however it says that account "D" is not part of any workgroups... and then proceeds to set up a bunch of managed-preferences anyway.

I'm sure this is freakin' trivial to do, but nobody on the Apple Support discussion forums has answered this question after like a month, so I'm turning to you, the great wide lazyweb. Help me lazyweb, you're my only hope!

We have been fighting for a couple weeks now with a strange issue where some people randomly wouldn't be found in Active Directory when our password change utility would try to change their AD password (along with their other passwords). We finally found a good "test-case" user and started really trying to hack out "why they couldn't reset their password". After figuring out that AD has the username stored in two places (cn, which is case-sensitive for searches, and name which isn't), we thought we had it licked.

But, it turns out we were still bombing on trying to fix this user's password-sync issue. What could it be? So we craft the LDAP query manually against the AD server and find, lo and behold, two records for her in Active Directory. How can that possibly be? I mean, we do the check for (objectClass=person) to ensure that we're only looking at people, and you can't have the same username assigned twice in the tree, so what the heck is going on?

Oh.... the annoyance... from one of the entries...

objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user

Yup, that looks about right, from the other, though....

objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer

WTF?!!? How the hell is it both "a computer" and "a person"?? I was pleased to learn that the code I'd written had Done The Right Thing to sanity-check the number of results was exactly "1", because this was friggin crazy.

So now, I've had to add another clause to the LDAP search criteria specifically excluding persons who are also computers. If positronic lifeforms ever start working or attending Vassar, I'm going to be a little screwed, but somehow I think that's a safe bet for now.

I hate Microsoft. I hope they're the first against the wall when the revolution comes.

You may have noticed some wonkiness on the site. I tried to upgrade to MT4 and while it worked fine in my test-install on the privateblog, there's something hinky going on with the main site. You'll notice that the permalinks which are listed on the main page go nowhere. It seems to be that the "the format the index page is using" for permalinks doesn't seem to match "the format which the entries themselves are using".

For now, you can simply slice off the ".php" from the end, and replace it with a "/" and it'll work, but if anyone knows why this is the case, I would be greatly appreciative. :)

UPDATE: Fixed. Damned bugs. :-)

So Google is going to award $30M to the first private robotic Moon rover. As I read this I had a really cool idea.

Add to the list of tasks the rover must do to succeed: "Carry a small case approximately 6in. x 4in. x 1.5in in size, weighing a pound or so."

And then have another X-Prize ... with the prize going to a different private organization, who shall retrieve the case by whatever means they see fit, which contains a check for another $20M.

Simply put... go up there with some means capable of fetching the case from the device that's there, and returning that to yourself on Earth safely. If you can accomplish it, you can cash the check you bring back.

Backing up your system can always be a pain in the butt. We've all known it, at some point in time, the hard way. I have to say, though, that the new backup stuff built into Leopard is pretty sweet.

Yesterday, at work, it appears that the plist file containing my Apple Mail preferences got horribly borked. When I got home (and had access to the firewire drive my laptop's backup data is stored on), fixing the problem was simple... I went and found the plist file, clicked on Time Machine, and restored my plist file from a week ago. Lo and behold, Apple Mail was fixed.

No muss, no fuss, .... it just worked.

Terry Semel is finally out as Yahoo's CEO. I can only imagine the dancing in the aisles over at Big Y. The list of people who have engendered "less love" than Terry is amazingly short. I think Stalin may be on it, but that was a given.

But in Jerry Yang's blog posting about the change in leadership he writes:

Since coming on board in 2001, Terry has given Yahoo! six of its best years.

Dude, what planet are you on that you say that, other than "PR World"? When the long history of Yahoo is written, Semel's reign will be compared to Scully or Amelio at Apple -- that long dark tea-time of the soul as it were.

But let's look at the numbers (derived from these)... Terry has been there since 2001...

Was 2001 one of the best years? I dunno, a massive drop in stock price leads me to think, "not so much."

Was 2002 one of the best years? Not quite so massive a decline but still at the end of the year, the stock was down off its 1/1/2002 price.

Was 2003 one of the best years? 2003 actually saw some growth. 12/30/2003 closed at 250% the price of 1/1/2003... but come on 1998 saw the rise to 400% of its Jan 1 value... 1999 it rose to another 400% increase.... so yeah, maybe 2003 was "one of the best", but let's continue on.

Was 2004 one of the best years? Dec. 2004 was about 150% of Jan, so maybe "slight growth".

Was 2005 one of the best years? The stock rose at years end by like 4%. Not quite "stellar".

Was 2006 one of the best years? With a 45% drop in price? Hardly.

Was 2007 one of the best years? Well, it's only half-way over, but the six-month chart really hasn't moved all that much over the course of the last six months ... unless of course you count today as all the traders were celebrating Terry's removal from power.

Score:

• 4 declining years


• 1 neutral years


• 1 decent year


• 1 good year

As a Yahoo shareholder, I say this: If you continue to say that Terry's years were "six of the best", then you're delusional and shouldn't be in control either. If you want to spin his departure, that's one thing, but outright lying and handing containers of Kool-Aid to shareholders isn't the way to go. Cut him loose completely and get back to the roots of what made Yahoo work in the first place.

One of the things that was a common joke when I worked at Yahoo was a derisive "We're number three in that market! Woot!", mocking our corporate inability to set our sights on "#1" in anything. It was true of Auctions (so much so that finally Yahoo just recently gave up the ghost on that and put it out of its misery... all four of its users are distraught), and is true of so much of the rest of Yahoo.

They're content with #3 and #4 market positions, and it's kind of sad.

Which makes this story that they're chasing after the "#3 social networking site" for acquisition that much funnier.

Like many folks, I have my e-mail protected by various anti-spam features. However, there's also companies I deal with that I want to always receive their mail, and I don't want it tagged or blocked as spam. So for those companies, I create custom addresses, and set them up in my mail server so that they are never ever spam-protected.

I came home from Easter dinner last night to find that I had 50 or so spam messages in my inbox. This was highly unusual, one or two is about average. Turns out, the super-secret e-mail address which has only ever been given to Intuit/Quicken ... is the recipient address.

In other words, Intuit's quicken billpay contact list has been compromised, near as I can tell. I won't claim that it has, but short of random attacks on my mail server to find a working e-mail address that isn't exactly "common" (no evidence of which, by the way, is in my mail server logs), I'm hard-pressed to offer up any alternative hypothesis. Their No-Sharing Practice page seems to indicate there's no significant reason this leakage should have occurred.

I've looked over my transactions online and see no evidence of wrong-doing, so it doesn't appear as if they compromised my financial data (but then again, who knows?). I've filed a ticket with Intuit and asked them to call me today to discuss the matter.

So, if you use Quicken Bill Pay service, you may want to take a hard look at your transactions and make sure that nothing crazy is going on.

I hope this woman gets every penny Yahoo has and then some.

I can remember all too well a conversation I had, sitting in a cubicle with Filo and Zod, wherein I told them what a horrible thing it was to be doing business in China, and how we needed to intentionally stay out to encourage them to change their ways if they wanted to join the rest of the world.... let them create their own little fiefdom if they wanted to, but if they wanted to continue to treat their citizens like shit, then we didn't have to be a part of it -- and oh how I predicted that "we" (now they, thankfully) would be a part of it. Heck, it almost sounds like the story they tell is the hypothetical I proposed in that cubicle meeting.

That meeting, as I look back on it, was really one of the defining moments for me in my Yahoo career, wherein I realized I didn't want to be there any longer. I came to the point where I felt... dirty, for lack of a better word... every day when I came home from the office.

My impassioned speech about considering the potential consequences, and the position Yahoo would be in when they were served with the Chinese equivalent of a subpoena, so that the government could identify and abscond with one of its own dissidents who wanted nothing more than the rights we hold near and dear to be his own as well... that speech was disregarded with a comment from Zod that just made we recoil: "How can we turn away from that many eyeballs?"

The answer: By maintaining your dignity. Something Yahoo hasn't had in a while.

I've been using Thunderbird lately for my e-mail, but am starting to get really annoyed with something. I'm sure this is just a setting of some sort that I can't find, but if someone knows how to do it, that would be sweet.

I find that Thunderbird doesn't update the "unread messages" count on folders in the sidebar unless I actually open the folder. This doesn't help me too much as I often have mail server-side filtered into, say, a deep subfolder where a particular friend's e-mail address is "pre-sorted".

Ideally, I'd like it to boldface and put an unread count on any folder automatically (or at least, every so often double-check such things... right now if I wanted to see if any of my server-side filters worked, I have to individually open each folder and see "what's new" so it will reprocess that subfolder).

Any thoughts? What am I missing. I'm sure this is just "Derek being blind as a bat," but any help is appreciated.

Zawodny's Law

"Don't Fuck With Simple"

- Jeremy Zawodny, (from his blog)

Damion and I took the train down to DC last night (for LISA).

Now, I've owned Battle Royale for months. I've loaned it to people (including Damion). But I've yet to watch it myself. Mostly this stems from 'how' I usually watch movies -- I'm doing something else in parallel, they're on the TV and I look up at them when things seem interesting but I'm listening to the dialogue and keeping pace with the story that way.

Except that Battle Royale is subtitled, which means I really need to be a captive audience watching the screen for two hours.

As I was prepping for the trip, I was ripping a bunch of DVDs to MP4s to store on my hard drive for the trip down. I decided to add Battle Royale to the list. After all, I had a three and a half hour leg from Penn Station to Union Station.

So I start watching this movie, and seriously, it's just as cool as it sounded, and just as interesting as people had told me it would be. And then, at 1:25:52 into the 122-minute movie, it just "ends"... right in the middle of a fairly dramatic scene, too.

Near as I can tell, Handbrake got confused on a layer-change maybe? or I aborted it by accident in the middle of ripping? All I know is that the climactic 37 minutes of the movie are nowhere I can easily get at them!!

I'm half-tempted to ask D to FedEx me down the DVD so I can stop the suffering.

Has anyone ever seen a plugin for MovableType that will allow a blog owner to moderate entries? e.g., I could give people access to compose blog entries, but only I could make them go live? The sort of thing you might use in a shared-blog type of situation where someone wants to be sanity-checking the things that people are making live to the world?

Alternatively, are there any decent pieces of blogging software that handle this nicely with similar feature sets to MT?

We're in the middle of installing a dozen or so APC cabinets in our server room, a complete replacement of all existing cabinets and racks. APC cabinets (like many others) have what they call "0U" slots on the sides of the rear of the cabinet, for hanging things like vertical power strips, or cable-management trays. There are two on each side, an "inner" and an "outer", with the outer being closest to the rear doors of the cabinet, and the inner being closest to the vertical rails of the cabinet itself.

Our initial design called for the inner slots to be vertical cable-management, and the outer slots to be vertical Power Distribution Units (PDUs). The thinking at the time was that the power cable would come in from the server horizontally, go directly into the vertical cablemanagement, and come out to the outer-mounted PDU where it needed to. It seemed like a great idea on paper.

However, for those of you who some day go to design these things, don't do it. It simply doesn't work (it so doesn't work, that as I type this I have our two student interns correcting every one of our cabinets to fix the problem). The reason it doesn't work is because the prongs from the vertical cable-management (which hold the cables) extend too far horizontally. Initially, we thought the limit of the effect of this was that they sometimes can interfere with the horizontal cable-management rows, but that was something we could work around easily enough. Worse, though, is that we found out this morning that they also interfere with the servers' rails, if those rails extend at all past the rear vertical rail (which often happens).

So, learn from my experience -- PDUs on the inside, cable management on the outside. Your life will be a lot easier, even if does mean that your power cables cross the PDUs to get to the cable-management.

UPDATE: Ignore all this for reasons to be disclosed later.

UPDATE 2: OK, so here's the deal. If we swap those around, then the rail extensions block the power outlets that are in the PDUs. Also, the circuit breakers at the top of the power strip completely block access to the vertical rail mounting squares. That last part is fine if all I ever mount are quick-connect devices, but if I should ever need to put in capture nuts, I'm screwed.

We've contacted the manufacturer of the gear to find out "what is it that other people do, because surely this has come up before?"

I recently installed the MySQL module for our backup software at work. Noticing that the new version has PIT restore capability I gleefully clicked to enable that, aimed the backup software at the master database, and away it went.

The way this software implements PIT is to do a level 0 backup of the database, send the database a RESET MASTER command so as to remove any existing binlogs, and then (later) just backup all the bin logs since they'll be replayable from the level 0 it created, etc., etc.

Except that sending a RESET MASTER command completely hoses any slaves that are replicating off the master you're backing up.

So I opened a trouble ticket with the vendor, asking them, "How do you think I'm supposed to do this, given how this interacts with my slaves?"

Their response, in a sentence:

"It shouldn't cause any issues with the replicas themselves."

Yeah, no shit, pal. That's what I'm trying to tell you. Backing up the master shouldn't break the replicas. But it does.

Sometimes we get really really smart support engineers with this vendor, and sometimes, you wonder if they've read the ticket.

Yesterday, after a long month of waiting impatiently, my 17" Intel Mac Book Pro finally arrived. I tore open the packaging and started the process of migrating my settings over from my 15" G4 Powerbook. About 20 minutes into the migration, the Mac Book Pro rebooted itself spontaneously. "That's odd...." I thought, but after a second (three hour long) migration attempt, it worked like a champ, so I didn't think too much of it.

That was, until later, when it started rebooting itself every 30-60 minutes. Sometimes even more frequently. Doesn't matter what I'm doing, either (I'd set it down on my desk before I went to bed last night with nothing running... woke up to a login prompt).

Since "random reboots" is often a sign of bad memory in AppleLand, I had one of our Apple gurus swap out my 2GB of factory RAM for 1.5GB of RAM that was "known good". It lasted a whopping 45 minutes. Willing to overlook one transgression, it happened again 20 minutes later.

So now I'm wiping it... it's going back to "virgin" so that none of my data is on it when it goes back to Apple as a "DOA". It took a month for the first unit to arrive, $DEITY only knows how long it'll take for the replacement to get here.

So apparently, Yahoo has completely redesigned the front page of their homepage. It's supposed to be all neat and cool, so I go to the URL mentioned in the Yahoo Search Blog entry to see how cool it is.

When I get there, using the "default" browser for any Macintosh computer, Safari, what do I read?

Thank you for your interest in the sneak preview of the new Yahoo! home page.
Unfortunately, you're using a browser we don't support today.

Check back again in the coming weeks - we plan to support additional browsers soon.

It makes the Baby Jesus cry for a number of reasons. First, this can only mean that the home page is becoming bloated. I can remember clearly the days when someone with an extremely low employee number (hint: employee # "1" or "2", I have no idea which one he got when they founded the company) told us how many dollars per day an additional single byte cost on the front page. It was like a shitload, though, that much I remember.

Now, it's completely bloated and full of useless crap.

Second, there's the whole concept -- long since thrown to the wind -- that the home page should be viewable on anything, because it should be using very simple basic standards-based HTML. That concept is now, apparently, tossed to the wind. The new homepage will be one that if you are not using one of the "blessed" browsers, you're screwed.

Also, I'm not really holding my breath for any kind of real Mac support. After all, the last official update for Yahoo Messenger was over two and a half years ago. I'm told, of course, that there is a crack team of Mac developers making a new version even as we speak. But, well, I've heard that a couple times. I heard it in 2001, when there were two developers assigned to work on the Mac version. Then one got pulled off the project. The other got laid off. Then in 2003, someone managed to dig up the code out of CVS (which, BTW, is still written against all the ancient libraries, which is why it still looked like an OS9 app), and push out a new version, probably to fix a security bug, not to actually give it features or anything.

(I should point out though, that it doesn't really bother me the whole YMsgr thing... mostly because the instant I sign onto YMsgr, on those rare occasions I do, I am flooded with IM spammers trying to pimp out chinese sneaker knockoffs, other "forbidden" Yahoo IDs, you name it... pretty much the only time I sign into YMsgr is when I absolutely have to speak to someone who works at Yahoo still, because they've got to eat their own dog-food. And even then, I'll use Adium, not the "official" client. )

But anyhow, suffice to say that it saddens me to see things like this, and makes me value my Google stock all that much more.

Spotted this on Kotaku, via a reference on Gizmodo. I have to agree with the Kotaku commentary though... only Bungie could give you a two minute preview which has no gameplay at all in it and still leave you at the end eager for Master Chief to bring the whoopass.

UPDATED: If you want a really nice resolution version of this trailer, go here instead.

So George Lucas apparently lied when he said that "the original material simply didn't exist" to create unaltered versions of the original trilogy.

.. Because this September, Lucas has decided to milk that cash cow one last time, and make available DVD versions of the really-and-truly original version (with "Star Wars" even having the '77 crawl that simply says "STAR WARS", and not "EPISODE IV: A NEW HOPE").

How cool is that? Then, when those are released into the wild, Lucas finally becomes irrelevant and there's no longer anything we need him for.

I say that because I have a hard time believing the "oh, we heard your cries," and all that crap. I don't think I'm alone in my belief that this was the plan all along. Tell all the fans, "You'll never get the original trilogy, so you'll have to make do with the Special Edition," at which point they pony up the money for movies they don't really even want. Then, a year or so later, you can milk them again (just in time for Christmas, and only for the limited time only thing, a la Disney's Vault) for more cash.

Pretty much everything I've ever said about Lucas has just been proven true.

At work, I just got a Treo 650. Given that the form-factor of the Treo is not at all ideal for telephone use, a headset is a necessity. The standard (rather, sub-standard) "bud" headset that comes with the unit is every bit as crappy as one might expect it to be.

On the other hand, the Plantronics Voyager 510 that Vassar got me to go with it positively rules. I don't know exactly what its weight is, but I know that I wore it to work this morning, and then started messing around rewiring in the crawl-space behind three racks. Two hours later, I was done cabling, and only then did I remember I'd been wearing the headset the entire time. It's light enough that I'd simply forgotten it was even there, which (in my opinion) is an ideal situation.

I've always been a fan of Plantronics, ever since my days working in a GTE call center, when I had a choice between a Plantronics unit and (ack!) a Hello-Direct model. Plantronics has never done me wrong, and near as I can tell, this Bluetooth model is no exception.

Dear Lazyweb,

I remember reading an article a couple years ago about this guy who got a complaint from his users that "they couldn't reach any site greater than some number of miles away," and he mocked them because "networks just don't work that way", and after a couple days of poking and prodding he discovered that, lo and behold, the users were right, they couldn't reach sites greater than some number of miles away. Much investigation ensued, with some really wonky error being at fault but having exactly the described effect.

In the spirit of April Fools, (because this is not an April Fools gag, and see my post two posts down about that disclaimer) ... does anyone have a link to this story?

UPDATED: Here we go. Link to the story.

I'm in the midst of preparing my GenCon '06 event, and Friday night is our live playtest of it. I'm potentially going to have a few slots open. If you are local to the Poughkeepsie area, and are a regular reader of my blog, and want to spend an evening playing D&D on a fun (at least I hope it'll be as fun as the previous two years) event, drop me an e-mail (or comment on this entry) ASAP.

We're installing a massive wireless LAN on campus. As part of this, we're installing a bunch of Cisco Wireless LAN controller gear, including Cisco 4400 controllers.

One of the network contractors came into my office this morning and asked me to "Add a DNS hostname for hostname pointing to 1.1.1.1" ... I told him no goddamned way, that's a real IP address, even if it is presently reserved by ARIN, and that they would have to make do with RFC-1918 space like everyone else.

Unfortunately, the configuration documention from Cisco says to use

Step 8 Enter the Virtual Gateway IP address; one fictitious, unassigned IP address (such as 1.1.1.1) to be used by all Controller Layer 3 Security and Mobility managers.

Now, you might think you could just use some RFC-1918 "reserved for private use" space there. Except that there's no netmask applied to the network it uses. So who knows how well it will "behave" along-side existing 10-net or 192.168-net usage. Further, when the contractor contacted Cisco about the issue, Cisco gave them the whole "this is the way it's supported, you should use 1.1.1.1" argument, this despite the contractor making the case that 1.1.1.1 isn't reserved, and could some day be a real honest-to-goodness conflict.

So, despite my better judgement, there's now a DNS hostname pointing to address space we don't own, and Cisco has earned my "retard of the day" award. Bastards.

My employer will probably be getting me a Mac Book Pro here in the next few weeks (yay!). However, today I've got a Lind Travel Adapter which plugs into the cigarette-lighter-outlets on an airplane and my existing PowerBook G4.

However, I cannot find any functional equivalent that has the new MagSafe connector that the Mac Book Pro ships with. Has anyone seen a travel adapter designed for the newest laptop?

Had a bit of a hardware issue, but we've gotten through it, it looks like relatively unscathed. Sorry for vanishing like that.

But remember kids, Google's supposed to be the not-evil alternative to the Yahoos of the world.

But, don't kid yourself, Yahoo is just as evil.

Kinda makes me sad to think I'd ever considered working at one, or that I ever did work at the other.

I had read an article that talked about how the iTunes Music Store was going to have the pilot episode of NBC's new show, "Conviction", as a free download.

Imagine my surprise as I saw that the description:

The newest legal drama from D**k Wolf

I understand iTMS tries to be "family friendly" at the 10,000 ft. level, but it still shouldn't be bleeping a guys' first name, especially since it's not like "Dick" is an uncommon first name.

ArsTechnica reports that HBO plans to use the much-reviled "broadcast flag" to tell DVRs that they are not permitted to record any HBO content on them.

First, is HBO really that stupid? DVRs are the trend in home television watching. What could they possibly be thinking trying to swim upstream like this?

It's not like HBO has a revenue stream that is threatened by commercial-skipping. NBC, CBS, etc., I could almost see feeling threatened. After all, if you watch their shows on your DVR, you're likely to skip the commercials. The less commercials watched, the less valuable they are, the less NBC, et al, can charge for them, and that's a theoretical path to lost revenue. I don't think it's as bad as all that, but at least I could see "some semblance of logic" to that.

But with HBO, I pay them a monthly fee. It doesn't matter if I watch Sopranos, don't watch it, or record it on Sunday and watch it two weeks later. They still got paid just as much as they ever could have.

HBO wants to slave you to their timeslot, force you to sit down on Sunday evenings and watch what they put in front of you.

Well, I tell you this right now: I will have none of it.

If HBO decides to do this, I will happily discontinue our HBO subscription, because the only thing we use it for is to watch Sopranos or Entourage episodes. If I have to "sit down when HBO says to sit down", I'll simply refuse, save myself $15 a month, and, here's the kicker, I'll just download them off of BitTorrent, and push that HD stream out from the computer to the TV screen (and anyone who thinks that the broadcast flag will really prevent hackers from getting HD streams to share, please lay off the pipe).

I want a device that acts as an SMS/GSM node, sending messages directly to my users' cell-phones. It should either be something that I can talk to via ethernet and TCP/IP (using something like SNPP preferably, but any protocol I can decipher will do), or alternatively be something I connect to my Linux box with some software and it transmits whatever the USB/Serial/Parallel/whatever connection tells it to.

Solutions which include the phrase "... and it connects to our web server ...", "... and it will e-mail through your GSM provider's mail server..." or "... it connects to the provider via the Internet and delivers..." are not acceptable. *grin* The whole point of the exercise is "how do I alert the staff that the mail server, internet router, etc., etc., are down?"

Last night, I did something that I had actually had some significant doubts as to whether or not it was even possible, let alone whether or not I could do it.

I reached level 60 in World of Warcraft. That's not the amazing part. The servers are full of level 60 characters. The difference is that I did it by solo'ing almost the entire way. On a PvP server, to boot.

I think I may have grouped with one of my fellow guild members (Nagista, my party member in the screenshot, who was intentionally not doing much but wanted to be around for when I hit 60) like two or three times, that's it, and then he really only provided backup while I was taking on the monster itself. No groups, no instances, nothing. I may be the only 60 without a single piece of blue on him because of it, but it's true.

Now I just wish I hadn't accidentally fat-fingered F12 before I hit F13 for the screenshot, so everyone can see how freakin far away from having enough money for my epic mount I am. LOL.

I have neither the patience nor the time to download this from Usenet, nor can I find a set of torrent files that actually continue to work. What is it I'm looking for?

A complete set of MAME ROMs and such, specifically that would work with MacMame 0.97u1.

If you are a collector, and have got your personal repository, or you've got an ISO of a DVD with the ROMs and those hard-drive images, and all that jazz, please let me know. Your anonymity is assured.

I had a set a long time ago, but it is many many many versions out of date, and when I tried to audit my ROMs, like ... 4 ... passed muster with the new version. I used to love MacMAME as perfect "airplane flight fodder", passing the time playing games.

Any assistance you can provide, dear Interweb, will be appreciated.

So yesterday, Apple made two announcements, the total impact of which I don't think will really be seen for a while yet.

• A "video iPod" capable of viewing MPEG4 video on a compact screen.
• iTunes 6, which includes support for downloading MPEG4 videos from the iTunes Music Store, including but not limited to music videos and -- much more importantly -- first-run television programming 24 hours after it airs.

For years, the defense of the "TV episode bittorrent downloaders" was "They broadcast it for free over the air, and if I miss it, I have to wait til they randomly re-run it, or until it comes out on DVD." This was usually followed by some plaintive cry about "If only they'd offer a download service, where I could download the shows I want."

If ABC sticks to this, and expands their lineup, this could be a huge shift in the way people deal with television programming.

Let's go to this hypothetical future, where television programs available as for-pay downloads are ubiquitous. Let's assume you spend about $100 a month on the "get every cable channel" package, because there's some network stuff you want to watch, some extended cable stuff, and you want to get your episodes of Rome. Who knows.

What if you didn't have to pay $1200 a year for cable? What if you could subscribe to the TV show itself as a video podcast? Every Wednesday, your computer happily downloads (legitimately) that week's episode of Lost. Every Sunday, it's grabbing Rome. Every Thursday, it's getting you your fix of The Donald.

The "full-season" price that iTMS is charging for Season 1 of Lost right now is $34.99. Let's double that. Let's say that they decide to be greedy in exchange for offering you this automated television download service. Let's call it $75.00. And maybe HBO, with its superior programming, charges $100.

At that rate, you can get your favorite programming for ($100 + $75 + $75) = $250 a year.

Now, take it one step further. What if the BBC is part of this venture? Now you can add "new episodes of Dr. Who to the list, or Spooks, or Eastenders, or whatever particular BritShow sparks your fancy.

The mating of legitimate television downloads, combined with automated tools for getting that data onto the living room television, make for a huge win for both consumers and content providers, and could mean a huge warning for cable television providers, if done properly.

What are the obstacles?

One obstacle is HDTV. The versions you can presently download from iTMS are SDTV-grade videos, if that. Right now, if you're an HDTV nut, you'd still much prefer to see "what's inside the hatch" on your big-screen in HiDef than you would to download the lo-def video. But the ability to download HiDef content is only a matter of time. Services like Verizon's FIOS service, bringing up to 30Mbps downloads to consumers, are only going to make it easier to distribute HD content going forward.

Another is the cable companies... right now, I'd be very surprised if they started rolling out FIOS-like bandwidth to their users. It's far too easy for consumers at that point to be like "uhhh, no, just give me bandwidth, I'll get my content from somewhere else." A program like this could completely marginalize cable providers, turning them into "just another broadband bandwidth provider".

Where's the win, though?

Consumers have wanted "a la carte" cable programming for a while. Instead of being forced to buy bundles of 120 channels to get the 6 they want, they've wanted the ability to buy just those channels and (more importantly) pay for just those channels.

This has the potential for changing this dynamic even further, allowing people to buy their shows a la carte, and to eliminate many middlemen in the process.

Let's assume I'm paying $100 a year for Rome and let's assume that Apple keeps 25% of that. So the rest goes to HBO, who now sees $75 a year from me. That's probably more than they're seeing now, right up front. But if I also decide (and, please shoot me if this happens) that I want to watch Curb Your Enthusiasm, they'll see an additional $75 a year from me.

There's a direct relationship between "programs people want" and "profits content-owners make". There's no worries about "sponsors", because when you multiply those numbers onto the larger scale, they don't need commercials any more. People are paying directly for the content they wish to see.

Take it one step further. Who needs an "HBO"? What does "HBO" become in that new future except a television studio that creates content?

What if this model had been around while JMS had been fighting for editorial control on Crusade or Jeremiah? Instead of fighting with a network to pitch an idea and get them to air it, to get them to choose when to air it so it does well, etc., etc., you could simply get investors who believe in the value of your content, produce it yourself, and push it out to iTMS and let people view it whenever they want. The small-studio television producer sees huge return here, because it makes them a lot more money than they probably would have gotten from a TV Network that was buying a show they didn't really believe in, and get a lot less hassle in the process.

All this potential from a 5 oz hunk of metal, plastic and silicon, and some software to drive it.

Seriously, I think there's a non-trivial chance that we will look back on this point in time right now and say "this is where television changed completely."

UPDATED: Apparently, Mark Cuban, former broadcast.com CEO, and owner of the Dallas Mavericks, seems to have reached much the same conclusions and has the numbers to back them up.

The blogs have been abuzz about the latest not-yet-announced interoperability agreement between Yahoo Messenger and MSN Messenger.

But, interestingly enough, this announcement comes at a point in time when I've been seriously considering shitcanning Yahoo Messenger entirely. Granted, I've talked about this before but something always drew me back... former Yahoo co-workers I wanted to chat with that didn't have AIM, you name it.

But, over the last 60 days, something has changed. I have been getting a metric fuckload of instant-messenger spam, all of it from Yahoo. I'm signed in with Adium (not the three year old, neglected, steaming pile of rancid filth that Yahoo passes off as a Mac client), and while I have yet to get a single AIM spam, I must deal -- at least ten to fifteen times a day -- with Yahoo Messenger spam, including but not limited to:

• Twelve lines of what is either gibberish or something not at all resembling a western language, with a link buried in the middle of it all.
• Some person in some backwater third-world country who "wants to be friends".
• Occasionally, some backwater third-world resident who is convinced I already am their friend.
• This posse of Nike/Adidas sneaker salesman who appear to be skimming sneakers off the top of their production run in their sweatshop and are trying to hawk them to me... consistently, every couple days.

Why is it Yahoo Messenger has these problems and AOL Instant Messenger doesn't? What is AOL doing right that Yahoo absolutely cannot seem to manage to make happen?

What I do know is that this time, it's going to take more than "wanting to talk to some person" to bring me back to the Yahoo Messenger fold, and this Yahoo/MSN thing isn't it... from my perspective this can only make it worse, as there are now even more people who could start spamming me.

I've long maintained, even when I worked at Yahoo, that Yahoo did not even pretend to have a handle on their spam issues. Clearly, not much has changed in four years.

If you want to reach me via instant message, and you're on that Yahoo Messenger service, you can try dballing13 on AIM, or dballing@gmail.com on Google's Jabber server.

Once upon a time, I was impressed with myself, because I had built what was, until then, the largest ever Lego product, #10030, the Imperial Star Destroyer.

Now, apparently, that has been superceded. According to the latest mail-order catalog I got, #10143, Death Star Mk.II is the new leader on that front.

They say it's bigger than the ISD model, but the dimensions don't seem to bear that out. Maybe it's just in terms of "raw volume" though, since the spherical Death Star, Mk. II would obviously use a bunch more pieces.

Any way you look at it, it's scary-ass in its size. I'm glad I'd have nowhere to put it in D's house, or I might be tempted. Heck, I'm already trying to figure out where I'm going to put the ISD when I move in.

All I have to say is that I'm glad I'm not a Windows administrator.

Patching three machines to "Current" security-patch levels without the use of the network cables (which are now dangling from behind them in the rack) has to be a pain in the arse.

Glad I'm a Linux guy, and not a Windows guy.

I'm spec'ing out a new backup solution at work, and the current frontrunner is Computer Associates' ARCserve product. We needed to get a couple agents for Solaris added to the quote, to back up a few legacy servers that haven't been migrated to Linux yet.

When the VAR sent us the quote, she said "This is the only SKU I could find, it must be what you want". Whereas the other per-client costs were around $200 or so, this was about $2600 per client. I asked her "Are you sure you're quoting me the agent, not the server itself?" She assured me that she is, and that she spoke to Computer Associates as well. Even when I pointed out "But that product description doesn't say 'ARCserve Client Agent for (fill-in-the-blank)' like the others do, it simply says 'ARCserve for Solaris', which makes it seem a whole lot like the server and not the agent." She assured me again that CA had told her which SKU to use, etc., etc.

I was a little dubious, so I contacted CA directly. I asked them "What SKU should I be getting a quote on for this line item, because this pricing seems dorked?" They told me that a product specialist would call me back.

While waiting for the callback, I did some Googling and found that any number of places would happily sell me the exact product I'm looking for, with a SKU of BABWBR1100S19.

A little later, the CA person calls me back, and asks again what I'm looking for. I'm really clear this time, I spell it out exactly, I even say "Can I just give you the SKU that it looks like is exactly what I'm looking for, so you can bring that up in the system?"

He looks it up. He can't find it. There's umpteen-gajillion vendors selling this product, and CA can't find it in their database.

I totally have renewed faith in the VAR, though, because if CA can't find the product I want when I give them the freakin' exact SKU, how could a VAR be expected to find it?

Anyhow, CA is now tracking down what they need to do to confirm that the SKU I gave them is in fact the SKU I need, but I have to admit the whole situation is comical.

OK, it's no secret I've always abhorred qmail. Now, it appears to have reached an all-time peak.

While trying to diagnose a "what's happening to our mail, it's not getting through" condition, I found lots of this error on the server that was apparently the culprit:

2005-08-11 13:12:31.061306500 starting delivery 2753: msg 34103 to local XXXXXXXXX-deballing@XXXXXXXX
2005-08-11 13:12:31.122103500 delivery 2753: success: lseek_error_29/lseek_errno=29/did_0+0+1/

Yup, you read that right... qmail SAW the error, knew enough to log it, and yet still called it a "success", so it pulled it out of its queue.

I'm looking for two things:

1. Can a qmail-savvy person please tell me that my worst fears are true: That any message which meets that criteria is, in fact, visiting Dave Null and won't be back for a while?
2. What the hell causes that lseek_error thing in the first place, and how does one correct it? It seems to be fairly rare, near as I can tell, given that the only real mentions of it I can find on Google are two people seemingly asking questions about it, and neither of them seems to be seeing the "I got an error, but I'll treat it as a success anyway, and put the queued-item in the bit-bucket." situation we were seeing.

So now I'm officially in a position where I think all the existing sender authentication schemes suck. Previously, I had done all the research and decided that SPF was the way to go. Lightweight, didn't require sifting through the DATA segment to do its work, didn't require potentially lots of private-signing-keys for large organizations, the works. Sure, it had some problems with mail forwarding, but the fact of the matter was that "people who forward mail" are such a small percentage of the world, that the sites that do it, could very easily update their mail-forwarding code to solve the problem that SPF creates, if they wanted to continue to forward mail.

Then, yesterday, I discovered it had such a glaring error in the SPF logic that I was forced to disable it from my server, and start wondering "who was going to do something useful on this front" again. SPF considers "mutual trust" to be a bug. What do I mean by that? Let's say you've got two companies, A and B. They're probably ISPs. They've worked up a mutual agreement between the two of them so that they can roam on each others' networks, and use each others' infrastructure. So A does something like:

a.com TXT "v=spf1 192.168.0.0/24 include:b.com ~all"

... and b.com, trusting a.com's infrastructure, does:

b.com TXT "v=spf1 10.123.0.0/16 include:a.com ~all"

Now, that creates an include loop of sorts, yes, but nothing you can't keep track of simply by tallying "where I've looked before" and not re-visiting lookups you've already done. Instead, though, after discussion with a couple of the folks behind SPF, this is considered "an error in the SPF records" and something that should be corrected. But there's no actual "correction" for it, really. The records describe the trust relationship exactly as they should, and in the only way that they can.

To his credit, when I beat him up about it via Instant Messenger this morning, Meng seemed to become extremely pensive over it, and maybe backed away slightly from his "yeah, that's a bug" of the beginning of the IM conversation, and maybe is going to correct the problem.

But as of right now, any way, SPF is useless to me, because (while I haven't put them in my SPF records yet), I've got those sorts of mutual trust relationships. I've got people who I allow to use my server to send their mail and vice-versa, for in case of emergencies, etc., and according to the spec at the moment, I am a "bug" that needs to change my architecture.

OK, I keep finding lots of references to things which will parse X12 files, but I have yet to find any cool Perl modules to generate X12 files that you might send to a healthcare organization.

Any readers know of code that already does this? I bet if I'd been a dick and kept a copy of the source-tree at Byram, that I might have actually found that code lying around somewhere. Damn my integrity all to hell....

I've been trying to figure out what to do with my massive collection of DVDs. The size of my collection is ginormous, and since I've been pondering where I might be moving to at some point, I've been considering ways to get rid of the DVDs themselves, somehow.

I thought that someone might make a DVD jukebox, the same way Sony, et al, all used to make those CD jukeboxes that held like 100 or 200 CDs. That would be kinda spiffy, and would almost be worth picking up a couple to hold all the discs. But they don't.

Then I found Kaleidescape, which makes a cool product that rips the DVDs to a disc-array, and then makes them all available via a video interface. Also quite cool, but with a 4.4TB version chiming in at $22,000, it occurred to me that maybe there might be somewhat more economical solutions.

I mean, in reality, it doesn't take much.... you need a linux box, a nice DVI and/or HDMI capable video card, a nice audio card with digital output, a DVD drive (you could try to do the DVD-R thing, but I think that's a lot of work and definitely something "Version 2.0" like), and a shitload of disc, preferably in a RAID-5 or similar situation.

You could control it via web interface (ugly) or you would need some sort of IR control which could get piped into the DVD playback software.

How hard would this be? Has anyone seen anything like this in the open source world? It completely pisses on the CSS thing, but it's totally something that major consumers of DVDs would find extremely useful.

I realized the other day that I could pretty much get away with selling my TiVo if I wanted to. I'm a huge fan of time-shifting, playing back live television and all that good stuff, don't get me wrong. But, the fact of the matter is, I've left my TiVo behind, and TiVo seems to have no desire to keep up with me.

First, I switched to HDTV. I have cable, which means that TiVo won't be of *any* use to me for my Hi-Def programming until they support the CableCard standard, and even then I'll have to buy a new unit, and a new subscription to TiVo, etc., etc. Meanwhile, though, my DVR built into my cable box -- while certainly not as pretty and full-featured as a TiVo is -- has one unique feature that TiVo doesn't have: it works, here, now, today.

Second, I haven't had a Windows machine in years. Something about chasing after the virus/worm/trojan/exploit of the week that made me give it up. However, as cool as TiVoToGo might be for me (to sling TV shows over to my laptop to watch at work, on the road, etc.), it won't happen because TiVo has basically said TiVoToGo ain't comin' to the Mac. Likewise, the TiVo Desktop software, which would theoretically let you play iTunes playlists through your TiVo (and presumably through your kickin' home theater) has always been buggy as shit on the Mac (it's playlist generation logic, well, it sucks, let's just say that... if it finds a track with the same Artist/Album/TrackName in two different places in a playlist it positively freaks out, which can be problematic if you have classical music in your playlist where you have something like "Promenade" a couple times throughout a long piece or two copies of the same song remixed differently, etc., etc.)

Basically, TiVo was really really cool, and if you've only got SDTV, it's still pretty much the shit. But for me, it's simply not keeping pace with the way I'm living, and that's a real shame.

Right now, my TiVo basically fills the role of "Third Tuner Bitch". My Cable DVR will record two shows at any time. If there's a third show at the same time I want to record, the TiVo becomes "the bitch" and records the least important of the three in SD. It's got a bunch of season passes for shows I barely watch any more, all of which are SD-only (everything that I could move to an HD subscription on the cable DVR I did).

I feel sorry for the little guy. Reduced to a mere boat-anchor in usefulness far before his time.

Google likes to say that one of the tenets of their philosophy as a business is "Do No Evil" (Item 6).

Why is it, then, that they are suing the owner of Froogles.com for trademark infringement?

Here's the executive summary:

• froogles.com predates froogle.com by two years
• Google.com tried and failed to convince ICANN (who is notoriously friendly to large corporations) to force the domain-holder of froogles.com to give it up to them. ICANN told Google to stick it up their ass
• Google claims they are the "senior user of marks that incorporate the formative ' -- OOGLE' for Internet search services" ... Despite the fact that I can think of only two such uses, Google and Froogle. The latter of these is the one in dispute (which came later). Every other "oogle" use they use seems simply to be an add-on to their name (Google Groups, Google News, Google Maps, etc.) Take caution, gentle campers, for as much as they use "words that begin with G", they map try to tell the Gap they need to change their name next)

After losing via their attempt to steal -- and let's call it what it is, theft -- the domain name from the current holder, they decided to use something they have copious quantities of: lawyers and money. They have now buried the owner in a trademark dispute he can't hope to be able to spend enough money on in order to reach his eventual victory.

Google spokesman Steve Langdon said, "Protecting the Google brand is a top priority for us," and claimed Froogles.com and its services were "likely to cause confusion or diminish the value" of Google's brand.

Hey, Steve, here's a fucking clue for you: If you thought there was that much chance of confusion you shouldn't have used the fucking name in the first place since you came in after froogles.com did.

It's too bad Wolfe (the domain-holder of Froogles.com) doesn't have Bit Fat IPO Money like Google does. It'd be interesting to see him put the reverse-polish-smackdown on Google using their own tactic against them, to make them stop using the Froogle.com trademark since it has stolen value from his existing mark, blah blah blah.

I've ranted in the past about MySQL A.B.'s licensing practices. They are either completely clueless about how the GPL actually works, or they are intentionally trying to deceive potential users of their product into believing they have a legal obligation to purchase a commercial license for the product. I have friends who work at companies who have been bullied by MySQL A.B. attempting to collect a commercial license fee for clearly GPL-compatible use of their product, and it was only the fact that, in both cases, the companies in question dwarf MySQL in terms of size and money, and they were able to say things like "we have more lawyers than you have employees, and we know how the GPL works, you're not getting a license fee from us."

Given all that, it's hard to believe it's all just an innocent mistake, especially given how many times, and how many people, have brought these issues to their attention. Yet their commercial licensing page still has misleading copy like:

If you distribute MySQL Software within your organization, you should purchase a commercial license.

Which, of course, is total crap.

But, the point of this post is that I predicted that their competitors would use this license uncertainty to their advantage, and so they have begun to. Pervasive Postgres, a commercial Postgres distribution, points out the various ways that MySQL A.B. claims you cannot distribute derivative code using MySQL, "even internally".

In other words, because MySQL A.B.'s misleading or fraudulent claims on their web site indicate that you need a license (when you don't) other database vendors are using that misinformation as a data-point about "why you should use $THEIR_PRODUCT instead of MySQL".

At some point, MySQL A.B. is going to need to wake up and realize that their marketing materials and the legal reality are not actually in alignment with each other. They can't plead ignorance of this, because I've sat in BOFs, looked the upper echelon of MySQL A.B. people in the eye and told them explicitly what the problem is. They had employees internally whose job it was to be the voice of the community, and to act as a liasion between the open source world at large and the MySQL A.B. corporate structure. Those people railed against the licensing issues internally, until they finally gave up and left the company for greener pastures.

How long does this practice need to continue as a community before someone with a voice that cannot be denied calls them out? I recognize they're a huge sponsor of many/most open source conferences and events, but where's the obligation to tell our friends when they've gone astray? Where's the obligation to say "you're straying too far off the road and if you continue that way, we will not follow you any further"?

I disagree with Richard Stallman on a lot of things, but I still believe in Open Source software (even if RMS insists on using the "Free Software" moniker that seems to not have any chance of gaining traction in the business world).

I found out that RMS has a blog... I thought to myself, "OK, while I disagree with him on many things, he is smart, so I'll see what's in his blog."

Except that, even though the software the FSF is using for its blogs supports RSS, RMS has deliberately disabled an RSS feed of his blog (lame!).

Seriously, I wasn't that interested in what he had to say that I'd go through all sorts of hoops to make it happen.

And -- on a completely separate note -- I found it .... well, frankly disturbing, to hear that RMS has a girlfriend. I mean, he's not the ... cleanest ... of folks. If the geek "doesn't bathe, smells funkadelic bad" stereotype came from anywhere, it could have originated with Stallman.

Maybe she's corrected that aspect of him. For her sake, I hope so. Or that she's had her olfactory system surgically altered.

We have, like many online sites, something like this in our VirtualHost config:

RewriteRule ^/$ /cgi-bin/home.pl [R]

Which basically says "If your URL that you're requesting is / and nothing but /, then you're looking for the home page, so to this other place instead".

We're starting to have people who link to us pass in useful into (like foreign shopping cart IDs, ad-campaign numbers, partner information, etc.) So theoretically, a partner might link to us as http://example.com/?partner=them, and we would redirect that to http://example.com/cgi-bin/home.pl?partner=them. So I went to go fix the RewriteRule to account for that.

Except, it turns out, I don't have to. Even though the URL as requested, /?partner=them does NOT match the regular expression ^/$, Apache's mod_rewrite module is only applying the regular expression to the file-path portion of the URL, and not to the entirety of the URL.

This behavior IS documented by the mod_rewrite docs, but as an O'Reilly guy, I live and breathe by my copy of Apache: The Definitive Guide, which completely fails to mention this behavior in its discussion of mod_rewrite.

Personally, I think it breaks the principle of least surprise, but apparently, I don't get a say in the matter.

There are three facts about my TV lifestyle that are relevant:

- I have HDTV from my cable company, because I can't easily get a dish in an apartment
- I love my TiVo, but it doesn't do HDTV
- Time Warner is now offering the HD DVRs

I have mentioned it before in the past (although I guess not on my own blog because I can't find it) that my loyalty is to myself, and nobody else, when it comes to products like TiVo and DVRs. So I'll be getting myself a Time-Warner HD DVR, only because TiVo can't be bothered to actually provide me with a product that supports a fairly standard Hi-Def Cable TV configuration.

I want to give you money, TiVo, but you don't apparently want it. You're content to try and create DirecTV HD TiVo units, even though DTV is about to kick you to the curb, or to try and cater to that minority of people who want over-the-air HDTV only, ... because there's such a large number of people who spend thousands of dollars on home-theater kit, and then grab their signals from the air and forsake all manner of Hi-Def cable networks like HBOD, ESPNHD, etc., etc. ... riiiiiiiight....

Is it any wonder there's questions about their financial solvency long-term?

Well, not really, but that'll come later....

What do I mean by that? Well, first off, if you have a small company, you should probably consider getting a new sysadmin after about two years. If you have a "team" of sysadmins, then it means that (aside from cross-training for vacation and sick coverage) you should keep them focused on certain aspects of the work, and try to steer them away from other aspects.

I've seen this sort of situation time and again: SysAdmin is overworked. He picks and chooses which things in the infrastructure he can "fix". It's normally hot "hard" to fix any of the things he needs to fix, but he can only get to certain things, so some things he fixes, and other things he grudgingly learns to live with in their slightly misshapen state.

New sysadmins, though, never put up with that. A new sysadmin comes in and, again, from my experience, spends the first 30-60 days "cleaning up" what his predecessor had learned to live with. They're given the slack, time-wise, from their superiors, because that cleaning up process is often an excellent way to get to know the systems, etc.

In other words, lots of really good nitty-gritty work gets done in the first couple months of an SA's employment... after about six months or so, if the problem was pre-existing to their start date, and there's a workaround in place, it's pretty unlikely that they'll actually get the time to fix it.

Take my experience at $JOB->prev()... in the first couple months I was there, I kicked serious ass changing all sorts of shit. I pointed out bunches of things that also needed to get changed, but then as time wore on, the likelihood of those getting changed slowly diminished. I had a "wish list" of "stuff I wish I had time to get to"... when my replacement started, after I left, it seemed like everything on my wish list got done in short order, probably for the reasons I outlined above.

Obviously, it's not really in my best interest to suggest firing sysadmins every couple years, and in reality, that's not really the best answer. I think it's probably a good idea for SAs and their employers to consider the reality of this, though, because I've seen it in companies relatively small and relatively large.

One answer might be for the employer to commit to a schedule that includes "[NN] days a month are not about current-projects at all, but about handling wish-list items" ... days when "current projects" no matter how important are set aside to handle the equally important infrastructure issues which need to be taken care of. If you schedule them on a set schedule (say, "the 10th through the 15th of the month, each month") then the ongoing current projects would know that they don't have any SysAdmin resources during that time period and can project their timelines accordingly.

This is important stuff, because it doesn't matter how spiffy the current project is, if it's built on a house of cards that's not getting the attention it needs, then it's not going to be all that stable, and you're not going to be happy with it anyway.

I wanted to comment on something over at Mark's Blog, and was confronted with a "you must log in if you want to leave a comment".

Now, ok, I can almost forgive the Blogger/Google Consortium for saying "we want to put that up there to get in the way, so that we can minimize spam"... I mean, MovableType does it with their TypeKey program, so why not.

First mistake:

Why the fuck do I need to set up a blog in order to have an account to post comments from?

There's no way to create a simple "I want an account I can post from but I've got a blog elsewhere and have no need for your crummy Blogger[TM] tools". You have to decide on a title for your blog, and a URL (I'm now the proud owner of http://aslkdjaskljdlasjdklas.blogspot.com/), and a style-sheet and all that useless shite that I'm never, ever going to use.

Even now that I've got my crappy blogspot account set up, I can't leave a fucking comment.

I click to leave a comment. It prompts me for my username and password, claiming that I'm not logged in. I give it my username and password. It brings me to my "dashboard". OK, I think to myself, this is a crappy UI design, but now that I'm logged in, and I'd checked "remember me", I'll go back to the post, re-click the "comment" link, and leave my comment.

Except that it, once again, asks me for my username and password. And, once again, redirects me to my "dashboard".

I thought to myself "maybe this is a Firefox thing"... nope, fails with Safari too. And IE, as well. Maybe it's a "Mac versus Windows" thing. Who knows, but 3 out of 3 browsers on the Mac can't seem to login and leave a comment.

So Mark, I wanted to leave a comment on your blog, but I couldn't. I hope you'll forgive me if I don't expend a lot of effort in the future trying to figure out how to make it work in the future, unless the Bloogle Consortium changes their UI drastically.

And if there's someone out there who wants "http://aslkdjaskljdlasjdklas.blogspot.com/" for their own purposes, feel free to ask, and it shall be yours.

mysql> GRANT SELECT,UPDATE,INSERT,DELETE ON mydb.`report*` TO 'user'@'host';
ERROR 1146: Table 'mydb.report*' doesn't exist.
mysql> GRANT ALL ON mydb.`report*` TO 'user'@'host';
Query OK, 0 rows affected (0.00 sec)

Ummm, WTF? What do the permissions I'm granting have to do with whether or not the table exists?! I guess I'm glad that in this particular case, I don't care if 'user' is able to anally rape the 'report*' tables in question, because they're just temporary holding places for data anyway, but still. That makes no sense.

Is there anyone using all three of ('mod_perl','ActivePerl','Linux') at the same time?

I know a couple places running ActivePerl on Linux, but they're not using mod_perl.

I know many places use mod_perl and ActivePerl, but they're on Win32 platforms.

And, obviously, a metric assload of places use Linux and mod_perl, but no ActivePerl.

Why I would want to use all three is not relevant. I don't, but due to decisions made above my pay-grade, I may have it shoved down my gagging throat, and I'd like to be able to at least find one sole solitary person doing it. So far I can't, and perl.apache.org doesn't make any references to anyone doing it either.

Because, you know, I haven't actually been mentioning since I started here that using ActivePerl on Linux was dumb. That must have been someone else, right?

I wasn't going to get it. I sat here and told myself for months on end, "No, Derek, you're not going to get World of Warcraft, it'll be a worse black hole of time and productivity than anything you've done before. It's here to out-do Everquest, and that's a product already known colloquially as EverCrack, so that's not something you want to end up doing."

Yeah, because "self-control" and "Derek" are two things always thought of in the same paragraph, let alone the same sentence.

I like the fact that I get to play "the bad guys" (I'm currently leveling up an undead warrior) instead of being forced to be nice and cool. I also like the fact that since the "good guys" and the "bad guys" are separated by an ocean, there's plenty of opportunity for them to later have some massive conflict between the two continents.

I share Gavin's frustration with having to go chase down my corpse every time I die. Although I have already taken advantage of their "death" system to explore places I couldn't go while living (e.g., to find the person I was supposed to kill and see what their defenses were like), even going so far as to get killed outside their building and get resurrected inside the building, on the top floor, in the inner sanctum, so as to avoid their defenses completely.

So needless to say, while frustrating, it does have its advantages.

I think this may be proof positive I'm never going to get a chick, considering how easily I get sucked into things that keep me indoors. :-P

This is the firefox plugin I want:

I have a bunch of scripts and stuff I've written to scrape the Amazon Sales Rank off our book page there, so I can chart it and all sorts of geeky stuff like that.

Except, that if I query Amazon three different times, I'll get three different answers. For example:

• Sometimes, I get told "Sales Rank In Books # 115"
• Sometimes, I get told "Sales Rank: 46"
• If I query via their Amazon Web Services API, I'm told that our SalesRank is 9,127 (there doesn't appear to be an API-based way to differentiate between "category rank" like the first entry, and "total rank" like the second)

The first two items are, literally, random. Sometimes the web server returns one format, sometimes the other (I've hacked up two scripts to fetch the page over and over til each script finds the format they're looking for to store the data in their table). Never mind that it makes no sense that if there are "only 45 higher ranked items, TOTAL, than our book" that there can't possibly be "114 higher ranked books". Never mind that there's a huge disparity between the API-based return value and what they display on their web site.

Ugh. Why can't people make things that just freakin' work?

I just wished I had been graphing the "Book Rank" and the Barnes and Noble book-rank before Slashdot reviewed the book yesterday so I could have seen those spikes in the graphs then as well.

*drool*

*TWELVE* MPx. I'm so in love. Too bad it'd cost me my first born female child I suspect.

Let's say I have a document at:

http://www.example.com/foo/bar.html

... as I read HTML & XHTML : The Definitive Guide, the following should be legitimate:

<a href="https:../cgi-bin/cart.pl">

or simply

<a href="https:/cgi-bin/cart.pl">

which would utilize the same server-part of the URL, but would switch to using HTTPS as the scheme and a different path.

This looks... just somehow wrong to me, but I can see a lot of use for it in some templates I'm writing (and re-using between sites). Is this valid HTML? Anyone know for certain?

I know it doesn't actually work in either Firefox or IE, I tried, but I'm just curious if there's something wrong in the way those browsers are handling the absolute URLs, or if there's a significant bug in the ORA book (because it actually goes into detail showing how you can transmogrify an HTTP URL into an FTP URL using relative/non-absolute URLs.

Seems like a lot of work to go through if the authors weren't sure that actually was valid HTML.

I made some changes to the rfc-ignorant.org site the other day, which included me adding some:

<br/>

tags. In case you're not familiar with the syntax, the revised HTML spec makes "single-element" tags include an XML-style closing "/" before the closing >. The theory is that when HTML documents become valid XML documents, then the parsing engine for them becomes infinitely easier (because the parser doesn't need to understand tag semantics, only the rendering engine does).

Well, apparently, many older browsers are confused by this. Allegedly, you can work around these antiques by doing instead:

<br />

Somehow, the added space makes Netscape 2.0 figure it all out on its own.

But, I honestly can't be bothered. A certain amount of backwards compatibility is good, but this spec has been in place for a number of years now, it's time to join the Third Millennium and get with the program.

Once upon a time, I was extremely active in the anti-spam community. Partly this came about because I was working at a huge company known for spamming and harboring spammers, but partly because I found it fascinating in a certain way.

As time wore on, though, I became less and less enthusiastic. I realized that the "anti-spam community" was doomed to failure, because -- by and large -- they can't even agree on what it is they consider "spam", let alone how to make it stop.

During the "Great Mailing List Purge of '02", when I unsubscribed myself from nearly fifty mailing lists, I dropped off of all but one anti-spam list. The one I stayed on had a slightly higher signal-to-noise ratio than the rest, was invitation only, private, confidential, etc. In other words, there were some people on it who were incredibly bright.

Over the last few months, I saw the usefulness even of that list being reduced to zero and, after receiving yet-another-snarky-email from one of the listmembers, decided it was time to bid my adieu to the anti-spam community permanently.

I say this in all sincerity: the way the anti-spam folks "treat their own" is enough to seriously make me start looking for zombie networks and orphaned CIDR-blocks to become a spammer myself just to piss them off.

(insert image here of me throwing up my arms in disgust and walking away)

At the colo, we've got a color-coding system for our cables, and we obey it more or less strictly (there are some inbound cables that originate outside our cage, but we can't control those). In our color coding scheme, orange is for a crossover cable.

But now we're in the process of installing a SAN, using fibre-channel, and all the cables I seem to find seem to be orange. I could have sworn I've seen yellow cables (a color that's not presently in use in our scheme), but I can't seem to find anyone that sells 5M LC/LC optical cables.

Anyone know good sources for such?

All of my colocated servers are all basically second/third-hand scrap-built boxes (with the exception of a really old Penguin Computing box I bought back when I worked for Yahoo and had cash).

I was getting ready to move the RFC-Ignorant site from one colo facility to another, and began installing all the PHP code, etc., on the new server. I was amazed at the crappy performance I was getting on the "new" box.

After doing all sorts of tinkering, I finally dug in and looked at the drive specs. I could have sworn they were both 7200 RPM drives, but lo and behold, the one in the new box was a 5400 RPM drive.

I would have expected degraded performance but I guess in my gut, I wouldn't have expected a three-fold performance decrease from that.

Now, I have to sort out what to do, since that box is now sitting in a rack in freakin California. Oops. :-)

UPDATED: Jeremy rules. Can you believe I'd never see or used hdparm before? Super-sweet.

It's funny, it turns out I *had* had it on a 7200 RPM drive the first time. Then I moved it to the "newer" drive (which turned out to be 5400). So I hdparmed both drives, moved the database back over to the 7200 RPM drive, et voila, life is good.

At work, we recently switched our "default" Linux installation from Debian Woody to Red Hat Enterprise Server 3.0. The main reason for doing this was third-party support. The NetBackup client support for Debian is going away, you can't run the server on it at all, the Anti-Virus solution we wanted demanded Red Hat, etc., etc.

So as I'm configuring a new mail server today, and start locking it down, I decide to go disable portmap the old fashioned way - by uninstalling it. Oh, it's depended on by these other things. So I add them to the uninstall line. And that's when I realize that there's a dependency cascade such that damned near half the system is dependent on stuff that is eventually dependent on portmap.

Except of course, that there's absolutely no reason for that. Obviously, since we're not using portmap elsewhere.

Ugh.

I was reading the sentence from yesterday's post:

If I had to choose between "living in the Loop" or "living in Manhattan", I'd almost certainly choose the Loop.

and it occurred to me that any English major reading that would have a conniption fit. There's no grammatical reason why those two phrases should be in quotation marks, since they're not actual quotations.

I see my friends doing this sort of thing all the time, too, and it occurred to me that the reason we do it is because we now think the same way our computers do, to a certain extent. Quotation marks, in many computer contexts, atomicise a collection of words into a single atomic object. The computer parses foo bar maz differently than it does "foo bar maz". The former is three words, the latter is a single object which happens to contain spaces.

With that in mind, the sentence makes a lot more sense grammatically:

If I had to choose between OBJECT or THING, I'd almost certainly choose OBJECT.

I wonder how many other "computer language grammar quirks" have found their way into the lexicon of usage (and I don't just mean stuff like cya or I OWN3D J00!)

So I got a virus spam today:

From: "Dballing" <dballing@yahoo-inc.com>
Date: July 6, 2004 1:27:54 PM EDT
To: "Dredd" <dredd@megacity.org>
Subject: Hidden message

It was from my old Yahoo-inc.com address to my present address. Except here's where it gets funny, my megacity.org address is set up to auto-forward a copy to my GMail address. Except that gmail didn't like it, and bounced it.

451 4.4.1 reply: read error from gsmtp171.google.com.
... while talking to gsmtp57.google.com.:
>>> DATA
<<< 552 Illegal Attachment
554 5.0.0 Service unavailable

So my mail server dutifully tried to tell the sender "Well, I couldn't forward it to where it was supposed to..." except I haven't worked there a while:

... while talking to mrin2.yahoo.com.:
>>> DATA
<<< 550 5.1.1 <dballing@yahoo-inc.com>... User unknown
550 5.1.1 <dballing@yahoo-inc.com>... User unknown
<<< 503 5.0.0 Need RCPT (recipient)

which then caused the double? triple? bounce to end up in my inbox since my mail server officially now had no idea what to do.

I just think it's funny that this message literally bounced off of every major address I've had in the last four years. :)

OK, now I'm not a huge Microsoft fan, as anyone knows, but I must give kudos where appropriate for X-Box Live.

The integration -- whether it's the online gaming itself, the voice chat via the headset, or the easy-to-use content download -- all has the benefit of following the age-old adage, "It just works." I don't have to futz about with anything to make it do what I want to do.

Very cool.

I just need to give mad props and a rousing "Hell, Yeah!" to Nat's Assessment of the Perl Community.

Nat, look me up in Portland, there's a beverage-of-your-choice at the hotel bar with your name on it, with my compliments.

Jeremy mentioned last week how nifty the new anti-spyware features in Yahoo!Companion were, etc., etc., and did a fairly good job of berating Microsoft for not taking the lead in that area (also, well-placed)

But, in the interests of fairness, it should be noted that lots of stuff you probably want it to get rid of, it won't, by design. Why? Because the stuff you probably want it to get rid of, Yahoo (and/or it's subsidiaries and partners) have a vested interest in leaving on your computer.

I've been grumpy with my general industry for the last six months to a year (which, in truth, is part of the reason for going back to college in the first place is to open up the possibility of maybe some day doing something else).

What's got me grumpy? Here's some examples...

Mena asked the folks who were complaining about MT licensing schemes to document "how" they use MT, and to do in a non-inflammatory nature, etc.

So, here goes.

I have a number of blogs ... I have this blog (with one author), a "newsblog" for writing stories about the Yankees (with three authors), and host blogs for several of my friends (most of which are one author each, and there's four or five of those). I also host a blog for a friend of mine's "geek posse" where they write about various geek-things of interest to them (although at the moment they haven't used it lately, but they keep telling me that's going to change)... that's eight authors. I also maintain a separate, 'private' blog, that is .htaccess protected so that only trusted individuals can see it. That's just one author on that.

I have no problem paying for MT (I paid my $20.00 for my license key for my 2.x installation), but the pricing scheme (as presently described) is just way too far outside my budget for something I do "for fun" and "to help my friends communicate with the world". Most of these people only have blogs because it was both easy and free to get it set up for them (since I'd incurred the cost up-front). If they were to have to pay to keep the blog going, they'd probably just shut it down.

If the licensing stands as-is, I'd probably keep all the group blogs on 2.x, and migrate each of the "individual" blogs to separate installations of 3.x. I might pay for my installation, but that would have to depend on what value was actually provided for that money (since I don't need any of the things like support and such).

Cheers,
D

Here's the docs for the movabletype tool I want. Anyone want to write it?

split_blogs - Will crawl the database, find out how many blogs there are, and create a number of databases equal to the number of blogs, and will create a separate stand-alone database for each blog containing only entries, authors, etc., relevant to that blog.

Because then, I could just install a half-dozen copies of MT3.0. :-) The one or two blogs that have more than 1 author could then just stay at MT2.x, pointing at the "shared" DB, and all the single-author entities could just point at the install that meets the licensing requirements. :)

It's actually probably not as hard as it sounds, especially if you can just dump the entire database to a copy and then call the MT "delete a blog" functionality for all but one blog on that copy... then do it again and delete all but a different blog, etc, etc.

So I decided to draw myself a chart of the various features I needed for an engine to be in consideration. If I've got something wrong here, or I missed your favorite replacement engine, let me know, and i'll get it updated and corrected.

... or at the very least, sticking with the current version 2.5 for quite some time.

SixApart announced their pricing scheme for version 3.0 today, and it's just completely outside the realm of useful for me.

For information purposes, I have 9 blogs and 17 authors on my site. By and large, I have this large number because it was incredibly simple for friends of mine to say "Hey, can you set me up a blog on your site", and after a couple clicks, they had a blog. I am not, in any way shape or form, commerical.

The minimum "single installation" license I would need, for 3.0, to use MovableType, would be the "Commercial License, 20 Authors", with a retail price of $699.99!!

The "free" license, supports 1 author, and only 3 blogs. I'd have to install that free version like 10 times in order to support the number of blogs I have, and then tell people to use "group" author-accounts (since many of the blogs have more than one author).

While they claim there's a commitment to a free version, this is not at all what I would consider to be a "commitment"...

(I'll also be curious to see if the trackback ping for this entry gets deleted from the MT URL above... or will only the people who fawn over SixApart stay linked)

So now, barring a radical change in SixApart's pricing scheme, I'll be on the lookout for a new weblog suite... my minimum requirements are:

• No brain-dead pricing that locks out casual users and their friends
• The ability to import or migrate from MT so I don't lose years of blog entries

Any suggestions?

There is nothing more mind-numbingly dull than watching 6GB of data be transferred from a DVD in your laptop to a hard drive in your server across the LAN.

It's proceeding along, slowly but surely... but I'm sitting here in the data-center waiting impatiently for it to finish.

I'm half-tempted to just lock my laptop in the cage and login to it from home after it's done. But then I'd have to come back over tomorrow and get the laptop (since it's got all my work stuff on it). The thought is appealing though....

After reading Jeremy's rant on TMDA yesterday, it was ironic when I got a message myself. The kicker? It was a TMDA caused by some worm.

In other words, some worm forged my address, sent a message to some_user, and some_user decided to cost-shift the burden of figuring out "is this legit" to ME instead of bearing it himself.

So, this was the first time I clicked/replied to a TMDA request. I feel confident that "my" message which contains the Bagel worm will be in his mailbox in short order.

This is my open message to anyone: If you're using TMDA, and I get a message from you about some message I didn't send, I'm going to click and let you get the junk mail, spam, etc... you wasted my time, now you get to have yours wasted. If I get a TMDA message on something I did send then you're lame, and I won't jump through the hoop to get the mail through.

Cheers!

About, well, I guess about a year ago now, after Jeremy highly recommended one, I picked up a Canon PowerShot S400 ELPH as my "snapshot camera"... my normal digital camera is a Nikon D1 (for those unfamiliar, it's the photojournalist quality F5 body with a digital backplane). The D1 is great, and an excellent camera that I bought during much "nicer times", but it's bulky. You can't put it in your pocket and carry it with you to an amusement park or, say, a concert.

Last night, a friend of mine and I went to see Queensrÿche down in the city. I took about 40 photos between soundcheck and the concert itself. Of all of those, I got one photo that was in any way presentable. In concert-style conditions (where the subject is very well lit, but the camera itself is not within that area of lighting) the Canon just freakin' sucks. I even tried, along the way, to "cheat" and tinker with manual settings hoping to come across some combination of ISO-settings, etc., that would yield consistent results. In every case it insisted on holding the exposure open longer than was usable (especially for moving targets like rock performers).

Meanwhile, the friend I was with brought their Sony camera and got dozens of great shots. Downside, of course, is that the Sony camera in question was much larger than my own and couldn't easily be just tossed into my pocket.

I'm not dissing the Canon, because for most other purposes it's been a great camera. It's just one of those things where I have to know for future reference, "this is not worth bringing the camera to, because you won't get a good shot."

Jeremy turned me onto Ecto, a tool for posting to MovableType... I'm not usually a "use software in the presence of a perfectly good web-based tool" guy, but this was interesting enough to warrant me taking a look at it.

This is more just a test to see if the software is working...

I wanted to report a bug with SquirrelMail. I wasn't about to go through the hassle of subscribing to a mailing list and all that, just to report a bug. There's no "bug reporting interface" to speak of.

So I drop a note to the lead developer, saying "here's a bug you should fix, but i'm not going to jump through a bunch of hoops to report a bug in your code."

Instead I get offered a whole different set of hoops as I get one of those:

This message was created automatically by mail delivery software (TMDA).

Your message attached below is being held because the address
{my_address} has not been verified.

To release your message for delivery, please send an empty message
to the following address, or use your mailer's "Reply" feature.

rick-confirm-blahblah@blahblah.example.com

This confirmation verifies that your message is legitimate and not
junk-mail. You should only have to confirm your address once.

And, since I have a moral aversion to jumping through hoops to send anyone mail, there's yet-another avenue for reporting the bug that I won't be using.

I guess I'll do it the "long way around" and report it through the Debian reportbug tool, and see if it gets fixed that way.

I was reading the MySQL Licensing Policy, and realized that for an Open Source company, MySQL really doesn't understand the GPL.

They say on their site:

The Commercial License, which allows you to provide commercial software licenses to your customers or distribute MySQL-based applications within your organization. This is for organizations that do not want to release the source code for their applications as open source / free software; in other words they do not want to comply with the GNU General Public License (GPL). For more detail on the Commercial non-GPL License, click here. Or, if you want more information on pricing, click here.

Ummmm, guys? You don't need to "release the source" to distribute within your organization. You'd only need to "release the source" if you distributed a MySQL-based application outside your organization.

For instance, let's say I'm $BIG_SITE, and I run a multi-billion-dollar travel agency backended by MySQL. And I distribute this code internally to employees, etc., within $BIG_SITE. To read MySQL A.B.'s interpretation of the GPL, I'd have to go buy a "Commercial non-GPL license" for that purpose, which is completely wrong. (In fact, that's so wrong, that "fixing that" is one of the things Stallman keeps claiming is on the agenda for GPLv3, a move I think would be very stupid, but that's a different story altogether). It's even covered by two (1) (2) different FAQ items at GNU.ORG.

At first I thought that was just a typographical error, or a translation error or something, but I've heard from other folks, who work at sites like $BIG_SITE above, who have had the meetings with MySQL A.B. where MySQL A.B. tried to convince them to pay the "required" license fee.

In my not-so-humble opinion, that would be a huge mistake. MySQL has (in my opinion) a superior product to things like PostgreSQL, etc. (and no, I don't want to get into the religious debate between the two, thanks), but if MySQL becomes extremely unfriendly to people who are obeying the Open Source License MySQL has chosen to use, then that's just going to push people to other products, which is bad for MySQL obviously, and could be bad for Open Source in general (as they claim to be Open Source, but really don't want to behave like an Open Source product, which will possibly paint other open source products in the same bad light).

Hopefully someone over there will wake up and realize they've made a mistake.

Yesterday I set up Apache so that any requests for the Atom/RSS feeds, from a couple known third-party aggregators, would get a nice RDF file telling their readers that the site they were using were content thieves and they could no longer access my content through them until that site negotiated a contract allowing them to do so.

The next step was to contact LiveJournal, and explain to them in no uncertain terms that they certainly didn't have the right to charge people for the privilege of accessing my content.

That's where the fun began...

I spent last night fighting with the stylesheet for What Happens In Vegas, Stays In Vegas, and most of this evening messing around with the stylesheet on this blog.

I find it frustrating that the level of CSS support is so haphazard among the various browsers. Every time it looks fine on my browser, IE is boning it. If it looks good on IE, it looks dorked on Firefox. You name it.

So, I gave up. It looks "great" on Mozilla, and "OK" on IE. Folks will just have to deal.

I got a new server this morning that will be a document-server for all sorts of documents out company gets from customers (prescriptions, etc.) We scan them in, and make them easily available without having to keep the meatspace copies around (except for some documents which require it, like prescriptions, but those can then go into deep storage, a la that warehouse at the end of Raiders)

So I pull out my Debian/Woody CD, and go to do the install. Bummer. The SCSI controller is too new for Woody to know anything about it.

Hmmm, well, we're moving away from Debian at work, because Veritas is no longer going to support Debian even for clients. The plan is to move to Red Hat Enterprise Linux v2.1, because 2.1 is what the documentation says it supports. RHEL 3.0 is not mentioned in the release notes.

RHEL 2.1 is no longer sold, but 3.0 is, and a 3.0 license is "downgradeable". So, burn the 2.1 discs. Install 2.1. 2.1 sees the SCSI drives just great. Software installs, life is good.

Hmmm, why don't I have network connectivity. Oh, of course, because the version of Linux included in RHEL 2.1 predates the Ethernet hardware by six months. Sheiße!

No amount of juxtapositioning of "included Linux Driver discs" and "RHEL 2.1 installation" seem to work.

Desperate for answers, I look to Veritas, wondering and hoping to see "what problems will be encountered by 3.0 users," wondering if I can stomach those problems.

The updated release notes on the web say 3.0 is supported.

Ah, sweet bliss. Now just waiting for it to prompt me to change discs. Oops, gotta go.

Wade wrote some cool code for allowing you to e-mail a blog entry into your server and having it appear. (Which would be great for roadtrips, etc.)

I made a couple modifications to the code but otherwise, it was quite spiffy.

Thanks, Wade!

iTunes Music Store needs one more feature to make it the penultimate in coolness:

Give me the ability to tell my friends "Dude, this song rocks, go get it" and earn credits in my account if they buy it. Then iTMS could become a truly viral method for getting new music out to the masses.

I would have thought this sort of thing would be a problem:

1.) Preorder book from Amazon that is to be released in August'04
2.) Tell Amazon to charge book to credit card that expires, say, June'04

Now, the program logic there should know they can't honor their merchant agreement and use that credit card in August when the product is ready to ship. You would think they'd throw some sort of exception, like "That credit card won't be valid in August, please try another," or something.

Weird.

Something Gavin said reminded me I'd been meaning to blog about this.

I recently tried to install ClamAV at work. ClamAV is an antivirus solution for mail servers that is completely open source and community supported. This, to me, sounded like a great plan. People are finding viruses and inserting the signatures into the database in real time (with vetting, obviously), which should be all well and good.

Except that the product doesn't seem, at all, to be stable, nor does it seem to actually be catching stuff in real time like one might expect.

In fact, the latter seems to be standard fare. From my perusing of the clamav-users mailing list, it seems almost as though everyone was posting things like "This got by ClamAV and was caught by some_other_AV_product" ... If you don't trust the AV solution enough to have it be "your main AV solution", why are you using it in the first place? so you can double and triple the processing required for every message?

Meanwhile, there seem to be certain payloads and/or messages which would just send the scanning daemon into a tailspin. Eventually enough scanning daemons would be in a tailspin that the engine would be like "I'm not opening up another child process until one of those exits," a very sane strategy under normal operations, but if all 40 or 50 of those children are wedged, it basically means your mail server starts tempfailing every message it sees. Highly un-cool, especially in a production environment.

TheBossMan pointed out a company called Finjan Software who apparently have a fairly cool algorithm that checks against virus signatures (for ease) but then also looks at the code to see if "what it does", and marks it as suspect if it does things you wouldn't expect an e-mail attachment to do (opens files or network sockets, etc.) Sounds extremely cool. Probably costs a fortune, but I'd rather pay a fortune and be protected, than use the open source solution that doesn't work and only have an illusion of safety.

CNN is running a story about how a kid "hacked" the Pepsi/iTunes giveaway.

His "hack"? Hold the bottle up at an odd angle and look under the cap to see if you can see that it says "SORRY TRY AGAIN" on it.

Are they kidding me? This is a newsworthy article? When I worked at a convenience store in the early 90's, Pepsi was doing something similar (every 8th bottle would earn you a free bottle later or something)... the convenience store staff went through all the singles in the cooler and set aside the winners. The staff didn't pay for a cold Pepsi product for the duration of the contest. We knew they were all winners, we'd just take the product from the cooler and throw the cap in the "coupon redemption bucket".

The point is, this sort of "hack" has been going on for years, I'm not quite sure why it's suddenly so newsworthy.

Random blogging thoughts for the evening:

... if you're going to ping, say, one of my blog entries because you think it's relevant, you darn well ought to be referencing my blog entry in your own. The whole point is to interconnect related blog entries, not just drive traffic to your site
... if you're going to say something that is largely identical to what I said, you've sort of got a moral obligation to say something like "I was reading [Derek's Entry] and got to thinking..." or something. At least give some credit that what you're writing about isn't necessarily completely 100% spawned out of your own head.

Unless it's just a complete total happenstance that this other person happened to blog about largely the same topic, very shortly after I did, and wanted one-way trackback from my entry to his but not back.

That, to me, seems wrong on many levels. It even seems, at face value, like someone's trying to make something appear to be their own idea or something. I'm not saying that's always the case, or even the way it is in the most recent event which brought this to mind, but simply stating "one could easily reach that conclusion given only that evidence to work with". I don't believe at all in this present situation that's what was intended at all, but much more likely was simply a lack of understanding of the nuances that go with trackback entries.

Trackback pings like that I just delete. Just a public service announcement.

According to an article on StarWars.com, this September will be the long-awaited release of Episodes 4-6 of the Star Wars Saga.

Note that I didn't say "the original trilogy". The original trilogy, which myself and many of my readers saw in the theaters between 1977 and 1983 will not be released on DVD. As far as George Lucas is concerned, Greedo was always meant to shoot first, and Han Solo was always meant to walk over Jabba the Hutt's tail and have his eyes bulge out like a deleted scene from Who Framed Roger Rabbit?.

Well, George, count me as one of the people who could give a shit about your "new fangled special edition"... I happily plunked down $12.00 a couple years ago to some guy in Indochina who sent me bootleg DVDs of the real original trilogy, and while the quality may not be as good as what you're coming out with in September, what's important is the story and the memories, and the crap you're putting out at the end of the year just can't compete with that.

I know this won't make a damned bit of difference to the money-machine that is LucasFilm, because there's legions of suckers people out there who'll be happy just to have "some" version of those movies available, but maybe, just maybe, you'll be able to buy one less Chalupa without the royalties you would have gotten from me.

I now have negative friends... guess either that monthly check my mom was sending out bounced, or someone at Orkut did a really bad job of picking signed/unsigned for their integer values...

The latest meme everyone seems to be talking about is Orkut, the Google-affiliated (whatever that means) social-network site.

Like Ask, I'm left sort of wondering "what the point is". I don't mind establishing the interconnections that dictate "who knows who", but once the network is established, I've got the same questions as many others, "what are you going to DO with that network?"

Social-networks are obviously, in a general sense, a big thing, but just like "push technology" and the Pointcasts of the last decade, it doesn't matter how big a thing it is if you can't figure out how to make it work and how to make there actually be value to the members.

I feel very weird inviting people to join a network, when I can't even tell them really "what's in it for them", other than for them to try and figure out how many degrees of separation there is between them and Wil Wheaton or something.

It's neat, but I'm skeptical as to what exactly they'll do with the network once it's there....

Are you using the new content syndicator product that Jeremy mentioned to read my blog?

If so, can you please send a screenshot of how the content from my blog is presented there to my e-mail address?

I plan to see if I can have some fun...

I got an e-mail today that basically said "Non-IT-VP is dictating that he wants an Exchange server".

Note that this was not "Non-IT-VP has said he wants feature_list", but that a non-IT person is basically dictating to IT what software they should be running.

A lot of organizations fall into this trap, that is someone dictating the solution who has no business doing so, instead of asking the IT department to find a solution that delivers his needs and meets the demands of the IT staff as well.

For example, in this particular case the two biggest demands seem to be calendaring and scheduling, and better ability to sync their Blackberry units.

Now, for the first part, it's easy -- MeetingMaker firmly trounces Exchange's feature-set on that front, and does so on our server platform of choice (Linux or other UNIX platforms as necessary).

As for Blackberry sync'ing, it's true that the "off-the-shelf" Blackberry sync'ing sucks fetid dingos' kidneys, and there don't appear to be, after a couple Google attempts, any third-party IMAP clients for Blackberry devices that "just work" over the PDA's net connection.

But, there's a couple gotchas involved... first, we're not terribly happy with our present cellular provider, and it's entirely possible we might even have Blackberry units in the next few months if we end up with a carrier that has instead embraced the Palm and/or PocketPC solutions. Second, even if we did lock ourselves in to Blackberry-based PDAs, there are other solutions besides Exchange. I'm not a huge Lotus Notes fan, but if I had to choose between "Notes on a stable server platform" and "Exchange on the Platform-that-has-gone-to-monthly-security-updates", I know which one I'd choose.

Again, both products will solve the problem that Non-IT-VP really is asking for, but one of them also meets the needs of the IT staff, in terms of stability, maintainability, etc.

I've worked at companies on both extremes of this... where the IT decision making process was totally and completely separate from the "needs" decision making process, (e.g., no other department could buy software, only specify feature requests, at which point the IT department would make a firm decision and hand it down as law) and where the IT department was pretty much a lapdog doing buying whatever it was told to buy, and basically taking the role of Corporate Bitch.

The problem, of course, is that too many IT departments fall into the "Corporate Bitch" category, because they're too eager to garner allies by doling out favors. IT budgets are quite frequently hard to explain to suit-and-tie executives, and backscratching sometimes seems to make the IT-Budget-Pill go down easier each year. But that doesn't make it right.

The real answer needs to sit in the middle, where folks request features, and IT departments come back with "this is what we came up with", and if something "doesn't work for the requestor", getting a full run-down of why it doesn't work for them, going back and tweaking the solution to meet the needs or finding something else.

The requestor needs to feel like they're being listened to, not dictated at, but at the same time, the IT department has to make sure that what gets deployed is something they can live with the maintenance and support of. When both sides are content, there's a lot better working relationship, and those political alliances that get budgets approved are infinitely stronger.

My wife's attorney sent me paperwork in "Word For Window" format. I opened it in Word for Mac which quickly parsed the file and made it readable for me. I sent it to my attorney, who converted it to WordPerfect, because seemingly many lawyers still use WordPerfect for all their day to day stuff.

They sent it back to me, with changes (which I can't read, since I can't open WordPerfect docs, Word for Mac has no converter for them). She also included a Word document that was the "converted" WordPerfect file she'd been working on.

Needless to say that after 3 or 4 conversions, that .doc file she sent me is fairly useless. Although Word for Mac was able to "repair" it, it's actually every revision that the document has ever had and you have to sort through to find the relevant paragraphs and then copy and paste them over into a version of the document that isn't completely screwed.

At some point, can't we just standardize on a document format? I mean, seriously, is this something that is really that complicated?

My home theater has a metric assload of remotes... two DVD players, TiVo, the TV, the receiver, and a cable box. So one of those big honkin programmable remote controls with the buttons has been looking like a good investment. I then only have to keep track of one remote instead of like seven.

Except that I can't seem to find one that will work nicely with a Mac. Almost all of them seem to depend upon some Windows application to keep them configured. I suppose it might work in VirtualPC, but who knows...

Anyone had any experience in this area? I'd love to know what other folks are using and doing...

I won't get into the holy war that is the usual "Bind vs. tinydns" or "sendmail vs. qmail" diatribes. That's a whole different topic of discussion.

I was trying to figure out how to help one of the RFC-Ignorant mirrors who uses his software (because heaven forbid it use the documented zonefile format that is predominant on the net, NOooooo... err, sorry) ... I came across this page, which has the following:

For concreteness, these instructions assume that you have two BIND DNS servers:dns1.panic.mil on IP address 1.8.7.200, and dns2.panic.mil on IP address 1.8.7.201. You use these servers to publish panic.mil information.

Daniel, you stupid ignorant fuck. Is it so so hard to use TEST-NET for your examples? You know, the network that was specifically set aside by IANA for use in examples and documentation?

RFC3330. Read it. Know it. Live it.

Ya know, I have simple requirements in life... if you have a software package or class, you should include some fucking sample code on how to do a basic function with it.

For example, if you've ported Perl's Net::DNS package over to PHP, you should document somewhere what a sample simple query might look like.

I tried plowing through the API documentation, which was a maze of twisty passages, all alike. Googling for things like "Net_DNS sample code" yielded jack-shit.

When it is easier to fork out a child process to issue UNIX commands and parse the results than it is to figure out a "helper package", one has to wonder precisely how much "help" it really is.

As a kid, on my Commodore 64, I loved playing Choplifter. I was an addict.

I am now addicted again, as someone has turned the Choplifter of old into Chopper, an OpenGL game for OS X. Same basic interface, significantly greater graphics and sound, same great levels of fun.

Thank goodness I don't have any significant book-work to get done while it's in tech review...

I downloaded the latest-greatest version of a piece of shareware the other day. It didn't work right. I asked vendor what was up? The first version didn't even work through a proxy (I use an ad-blocking proxy), the second version appeared to be trying and failing to get image data.

The author sends me a debug version that creates a log of all the socket data it's dealing with. I notice both that the image is being sent with Content-type: text/plain and that there seems to be some & entities in the middle of the binary JPEG data.

So this, to me, says "Ah, the ad-proxy is seeing that it's type text/plain and trying to fix things that are broken."

We're on the fourth "debug version" and every time I include a polite request to "please please please fix the Content-type on the image data and I bet this problem will completely go away since the proxy won't think it's content it can fix".

There's nothing worse than pointing at the bug, waving like mad, jumping up and down, while the software vendor wanders off looking in a completely difference direction.

How can OS X not include vmstat?!?!

Here I am, in a situation where it looks like I'm swapping, so I decided "Hey, let's take a look at the output of vmstat and see if I'm paging in and out!"

Except there's no vmstat.

That's gay as hell.

Today, Yahoo announced "Domain Keys", which they claim is the answer to forged e-mail.

Their solution is thus: You send mail from foo@domain.com through the domain.com mail server. Your mail server adds a cryptographic 'signature' header to the message when it goes through. Now when someone receives the e-mail they can look at the header, compare it to a public key shared via DNS zonefiles and verify "yup, it's a real message".

Which all sounds good in theory, but in practice, just doesn't hold up.

The anti-spam community has, for years, been convincing ISPs around the world to block tcp/25 and tcp/587 (the mail ports) from their dial-up and cable customers, forcing those customers to send mail through their ISP's mail servers.

Except that such filtering is completely at odds with that filtering process. If I was on a dial-up line that was so filtered, and wanted to use my domain, megacity.org, I'd have to send it through my ISP's servers.... except that my ISP has no way of crypto-signing mail for megacity.org.

What if I wanted to send my mail using my acm.org forwarding address? ACM doesn't even have a mail server I can send my mail through, they're strictly a forwarding service. Nope, in a DK world, that gets completely broken, with no solution offered.

Both of these types of problems are solved in the SPF solution that's been the front-runner in the open community (you know, where standards get debated by your peers, not just dictated by 800# gorillas).

In that respect, I say it thus: As soon as the headers, etc., that this "Domain Keys" system uses are announced, I will be pushing for blocking mail that uses it, as punishment for breaking legitimate use of the net in the of blocking spam. It's one thing to do "what must be done", but when there are solutions to the same problem which don't require breaking legitimate mail, then there's no excuse for doing so.

I hate it when software vendors do stuff like this:

"This fix is already included in all versions of MT 2.64 downloaded from today on."

Is it so goddamned hard for a vendor to increment the version number by one and release it with a new version number? So that someone can look at their installation a year from now (maybe when someone else is maintaining it) and know definitively "yes, it has the bug-fix", or "no, it doesn't have the bug-fix", without having to do some esoteric checking on "what specific date that version was downloaded and installed"?.

It's not just the Trotts who I'm upset about on this topic, I've seen plenty of projects, mostly open source projects, do the same damn thing, and every one of them pisses me off when they do it. I just figured Ben and Mena to having more brains than that. :-/

I got a coupon in the mail today from Franklin Covey (the time-management planner type stuff company).

The coupon came in the form of this chinese-puzzle-like thing that unfolded to reveal other parts of the coupon, offers, etc., and it occurred to me how utterly poor a marketing ploy that coupon was. Why?

Because if you have enough time to fucking figure that thing out, you obviously don't need Franklin Covey products!

Anyone got Earthlink Cable Modem service? I keep getting a pimp-out message from them every other month or so... It's a couple bucks cheaper than Road Runner a month, and would let me eliminate my Earthlink dial-up account that I maintain for "on the road" use.

Has anyone used Earthlink's cable-modem offering? It almost sounds like, from what I've talked, it basically uses the exact some IP network as RR does as well (and might even be just rebranded Road Runner service).

I'd love to cut some costs there, but I'm not going to take on a crappy service to do it... anyone with input?

Well, maybe not a geek, but maybe a workaholic.

I've been dealing with Esker tech support on that faxing issue. (of course, their tech support e-mail reps only seem to actually answer mail for about two hours every day between 5pm and 7pm, although tonight it went as late as 8pm)

The last thing that was suggested was "turn off local echo on the hardware"... well, that requires throwing a DIP switch on the modem and power-cycling it.

So, bored out of my skull, I spent my evening driving down to the new colo, flipping the DIP switch on a modem, watching it fail in a new and exciting way, and sending the logs to Esker for them to stare at dumbfoundedly some more.

I'm in the process of deploying a fax-server at work. We're using VSI-FAX from Esker on an old RS/6000 G30 machine (named before I got there, imaginatively "g30").

For simplicity's sake (and since we've got a license) I'm replacing it with a Linux box running VSI-FAX. So I racked the box in the new colo. Ordered up a pair of USRobotics Courier modems (which, I can say from experience, are some of the best goddamn modems on the face of the planet), and try to get VSI-FAX talking to them.

Now, once upon a time, I had this same install of VSI-FAX talking to a pair of USR Sportster modems (that I later fried in the 110/220 fiasco, turns out we were pushing 220 volts through some 110 stuff by accident... nobody noticed for nearly a year because nearly everything was autosensing, and it was only one power strip, but that's a long story).

So I'm fighting with these modems, because VSI-FAX doesn't seem to want to talk to them. Esker tells me "oh, you need different hardware, those USR modems are problematic," and it completely baffles me, because I've used them for years (I still have the previous model to the modems I've deployed sitting in a box... if push came to shove and I needed a modem, that's the one I'd use).

I'm going to be really annoyed and frustrated if I have to put some consumer-grade junk on the fax-server because some software company is too boneheaded to figure out how to make it work with quality gear.

Ugh.

One of the coolest things in the old Judge Dredd comics was the Lawmaster. It was the most ballsed-out motorcycle ever.

Dodge, apparently, has built one. It's called the Tomahawk. It's what happens when you get a couple engineers drunk one night and leave them with spare parts. Take the V-10 engine out of a Dodge Viper, throw a set of handlebars on it, and pairs of narrow cycle tires on the front and back, and bam, you've got 8277 cc of engine that will do 0-60 in 2.5 seconds and top out at well over 300 mph.

Fucking sick, I tell you.

Let me tell you a little about Dave.

Once upon a time, there were dial-up BBSes. True geeks will know what I mean. You dialed into one system, left messages for other people, maybe the BBS had a "network" with other BBSes and the BBSes would exchange messages in the wee hours of the morning via dial-up long-distance, etc.

Dave has been running a BBS across the river from where I live for ... well, nigh on twenty years now, maybe a little less.

Dave is a curmudgeon. He's a fairly competent UNIX sysadmin (he's even smart enough to know to go to LISA to learn what he doesn't know)

What he hasn't figured out yet is that dial-up BBSes are deader than corduroy. He opines that corduroy is coming back, but much to his chagrin, FIDOnet and the BBS scene isn't.

He uses his BBS to get mail to his personal domain (yes, literally, this UNIX sysadmin, who is quite competent with UNIX MTAs and such, butchers his SMTP mail and wedges it into his BBS system so he can read it with a BBS mail reader that hasn't been supported in about eight to ten years, and was written a good five years prior).

He says he has people that still use the system, so why should he take it down? I tell him they still use the system because they've got some unattended process running that fetches their mail via BlueWave and that they probably died years ago and nobody knows that they need to shut off the automated process.

He says it doesn't cost him anything, because he's got it configured to work via the Internet. I tell him it's tying up electricity and machines that could be doing other things, like being a Linux mail server for his mail, in some normal format that is somewhat modern.

But, alas, no amount of my mocking of Dave will actually make him take the BBS down, even though he mumbles about doing it every couple months. I know that this too shall pass, and he'll be defending its continued existence long past its shelf-life for years to come.

I'm so glad Panther has finally hit the streets, so now I can rant about this like I've been wanting to for months.

Why, you may ask? Simple. I use PPTP to create a VPN-like tunnel between my laptop and other servers.

And, if you're not using MPPE encryption (which is pretty weak encryption, read there "useless waste of cycles"), the Apple VPN tool will no longer create the tunnel for you. There is absolutely no way (at least via the provided interface) to tell Panther "Don't require MPPE for this session".

Now, don't get me wrong, I think it's great that they added MPPE functionality (something that was missing in Jaguar), but to require it, breaking compatibility with existing users, is just nuts.

So, until I find a work-around for it, I guess the PowerBook will be stuck on 10.2.x for a while. I'd upgrade in a heartbeat, I love Panther, but I can't give up the tunneling which I've grown to use all the time.

As previously noted, I just did a major mail upgrade this weekend (and I even found the "thing I missed", and luckily it only affected four people on Sunday morning from 1am til around 9am or so).

But now comes the anticipation... the hoping that the performance problem you're trying to eliminate isn't some subtle 'under-the-hood' thing that you can't make go away by pushing more CPU and Memory at it.

I'm confident, don't get me wrong, but I've borne witness to upgrades like this, where the upgrade didn't solve the problem at all, because there was some nuance that was causing the problem that was not at all easy to detect, and it didn't matter how much CPU/Disk/etc. got thrown at it, it'd still be a problem.

If you see me today, I'll obviously be having my fingers crossed. :)

Just performed a major mail server migration (to a nicer box).

I feel like I'm on the Millennium Falcon, escaping from the Death Star.... "That was far too easy."

There's something broken, somewhere. It'll be subtle. I've been watching the logs stream by now for a half hour, and can't see anything wrong, but I know it's there, lurking somewhere beneath the surface where I can't see it.

And as soon as I go to bed, it'll rear its ugly head, and start rejecting legitimate mail, or whatever it's particular curse is.

At least I know it's waiting for me to go to bed, so there's absolutely no point in staying up further. It'll just wait for me no matter how long I stay up.

Time for bed.

I am not a network engineer. I know enough Cisco IOS to be dangerous, the basics of network management, and I can figure out CIDR notation, but by and large, a "router-jockey" is never a term you'd see applied to me.

But I cannot for the life of me figure out why a vendor of ours (who is large enough for us that we share a frame-relay network with them, and they get to dictate terms to us) needs to have IP addresses in no less than 5 different /16's.

We've got about 9 /24's (one per city) in a single /16. Near as I can tell, they've got about a dozen /24's in a half-dozen /16's.

And you might think they're contiguous /16's? Oh, no, you'd be mistaken... 10.3, 10.200, 10.0, you name it, they're all over the chart.

Meanwhile, we're in 10.15. Can you say "routing nightmare"?

I do not say this lightly, but if I had a network engineer who laid out my network the way theirs is laid out, he'd be fired, shot, drawn, quartered, burned, the ashes buried, the ground above salted, in that order.

It seems that Tim O'Reilly spent the better part of Monday surfing the blogsphere, including here, trying to sort out what was going through the FOO Camp naysayers minds.

This led indirectly to a series of back-and-forth e-mails between Tim and myself, wherein he tried to understand what the heck I was thinking, and I tried to explain why I had bad feelings about the event.

Overall, one of the key points that we came back to time and again was perception. There were many perceptions of "what it was envisioned as", which were not necessarily what Tim had envisioned or even conceived as possible. There was, perhaps, a hint of naïvety to the effect of "how could this NOT be viewed as just a private party?" It was only in the age of instant communications, where you might have a poorly worded invitation shared among non-invitees that such a thing could have happened. Then there were the cumulative effects of various other "random data points" that I'm not going to go into in public, which combined with the invitation, led to a completely different impression of the event than what Tim was hoping for.

At the end of the day, what matters is that the lines of communication did not break down, a civil conversation was had, apologies were (and are) made in both directions, and lessons were learned by everyone involved, I think.

Jeremy and Dan Gillmor both mention the s00p3r-s3kr1t "Foo Camp" being thrown by O'Reilly this weekend.

Foo Camp is, basically, a bunch of people ORA considers to be "visionaries" camping out inside the ORA headquarters in Sebastopol for the weekend. To the best of my knowledge, there doesn't seem to really be any agenda other than "see what happens".

Jeremy linked to a Wiki that had the attendee list, because he thought people might be interested in seeing "who all's getting together". Of course, a couple hours later (well, minutes, actually) the wiki that had the attendee list became a private "members only" thing. Apparently, when smart people get together, you're not supposed to know about it.

I was telling Jeremy that the more I hear about this event, the more it sounds like the type of "self-congratulatory nonsense" I always got pissed off at National Honor Society folks for. It's basically a bunch of smart people getting together, and basically inflating their own egos via an elitist "you weren't invited, so you're unworthy" type of situation.

The world needs fewer of those types of things, not more, and I'm ashamed that ORA is supporting that sort of thing.

... the geeks.

Why? Because geeks were smart enough to figure out that the highly-touted brand-new multi-million-dollar CD copy-protection scheme introduced by the record labels was overcome, at great cost and effort, by the shift key. It's also completely overcome by having a Mac or a Linux based system.

At some point, don't you think the record industry should admit they're completely clueless on technology issues?

Tonight I started working on an appendix for the MySQL book, which deals with PHPMyAdmin. So, to start with, obviously, I had to install it.

After installation, I realized that phpmyadmin was now wide open and available, and people could (in theory) start beating up on the web interface to try and guess passwords to the DB. Obviously that would be bad, so I decided to protect it behind some HTTP Authentication stuff.

So I go into a different virtual host, copy out the relevant sections to the clipboard, paste them into the PHPMyAdmin virtual host. I'm smart enough to remember to change the password file. I'm smart enough to remember to change the AuthName to something else. I'm even smart enough to remember to do an /etc/init.d/apache reload afterwards.

What I'm not, apparently, smart enough to do is notice that I copied and pasted the config from a WebDAV host, which didn't have limits on GET requests.

I spent far more time than should be permissible trying to figure out what I was doing wrong that the requests were not generating "enter your password here" dialogs.

Ugh. There's two hours of my life I won't get back.

As anyone who has ever built a PC from scratch can tell you, there's an adage about how "the PC isn't done until the case has drawn blood" ... it's a maxim I learned to accept in the many years I was building PCs for myself or work from spare parts. Without fail, at some point in the equation, I'd slice a finger open and bleed all over the case.

Apparently, there's a similar rule for colocation facilities.

I was in our new cage, racking some PDUs in preparation for the first server installs next week. I'd been uncomfortable, but that was understandable. Crawling around on hands and knees on colo tile (the kind with all the holes for air venting) can be uncomfortable, even painful, so I paid it no mind.

Until I saw a big 3" x 2" smear of bright red blood on the floor. I touched it, it was fresh. I looked down at my shin... yup, nice thin 1" slice from .. well, something on the floor, who knows what.

Like I've always done with PC-case-bloodletting, I let it dry in place. It's a testament to my (literal) blood, sweat and tears from the installation.

Tabbed chat-windows. There's no need for me to have three or four different 200x200 windows open, most of which are sitting idle waiting for a reply. Let me have one 200x200 window with tabs across the top for everyone I'm chatting with online.

I had an odd desire to listen to Don McLean's American Pie this evening, so I was the perfect candidate for an iTunes Music Store impulse buy.

Lo and behold, the American Pie single will cost me $10.00. Oh, yeah, and it'll include a shitload of other Don McLean songs I couldn't give a wet slap about, because I can buy every other song on the album as a single, but if I want the one that is actually popular I have to take a load of cruft with it.

Guess what, Don? I'm pirating your music, because you (or your label I suppose) are a greedy fuck trying to milk folks into paying for a whole album just to get a single.

A couple weeks ago, I mentioned about how cool my Danger Sidekick is. It is, in fact, quite cool.

However, the main reason for me getting it was after watching a friend of mine at OSCON using it to SSH into his home server. I was sold. I sold management on them.

I got them. No SSH client. "Oo!" says I, the next morning, "an automated software update over the air! Yayyy, my SSH client." ... nope, no SSH client.

So I ask my original guy, "What's the deal?"

"Oh," he says, "I know someone at Danger, it's not part of the general release, you have to join the developer team."

So I join the developer team. Except the only access level of developer you can get is "Joe Fucktard" which basically lets you run an emulator on your desktop, and not really put any code on the phone. So if I want to SSH via the emulated Sidekick on my desktop, I'm in great shape, but if I'm in a restaurant somewhere and need emergency access, I'm boned.

So I sent an e-mail to the "developer team" e-mail address, begging for the higher level I need to push code onto my own phone. Still not even a reply, that was a couple weeks ago.

Another friend of mine the other day was asking me about what Palm to get. I told him to get a Sidekick, but not to count on SSH, but that I had heard it was coming "real soon now".

He IM's me this evening to tell me how much he loves his Sidekick, "and tomorrow, I'm going to try out the SSH".

Uhhh, how? says I.

"Oh, I know someone at Danger"

What the fuck!? People who actually have uses for the SSH client basically get ignored, and Danger practically gives the access away to every retard they know who really has no legitimate "need" for it?

I'm the proverbial "this close" to just sending the fucking thing back to T-Mobile, and switching back to my Ericsson. Why? Because all I use it for is a phone... the mail doesn't support IMAP (hello, it's a mobile device, let it stay in sync with the mail server using a protocol that's designed precisely for that purpose), so the mail client sits unused. The web browser is nice, but how often do you really need to do that?

Without the SSH client, it's the same use as my Ericsson, except three times as big and four times as heavy, with a keyboard so it's damn near impossible to thumb-dial a phone number one-handed.

Late last week, The Pit signed the paperwork with our new colocation facility, Cervalis. Having been to their Poughkeepsie facility (a converted IBM Mainframe manufacturing facility) it's amusing to note that while it's advertised as "N+1", quite a bit of it is actually "N+2" or even "N+3", because of the ludicrously high levels of redundancy IBM demanded when it had a production facility that could lose a couple tens of millions of dollars in hardware (mid-production stuff) if the power or HVAC or whatnot shat itself.

For me, though, aside from the infinitely better customer service, and the fact that it's about 1/3 as far from my residence as The All Time Suckiest Hosting Corporation Ever was, is the fact that I get to design the colo the way I want it to be.

No more 15" IBM CRT. Replacing it with a 1U flip-out keyboard/mouse/LCD-monitor tray.

No more bulky-and-inflexible Belkin KVM cables running all over the place. Replacing the KVM with Dell's 2161DS, which uses CAT-5 to go between the KVM and a little "pod" that breaks that out into the usual PS/2 and HD15 connectors.

No more hodge-podge of ad hoc cabling. Cables will have color codes for what type of cable they are (external ethernet, internal ethernet, serial, KVM, crossover, telco, etc.) and might even be labelled.

Plus, it's the simple things like having a cordless screwdriver that belongs "there", and a label-maker whose home is "there".

I plan to feel all warm and fuzzy real soon now.

I had been using SpamAssassin and spamass-milter to process mail for megacity.org.

One of the things that annoyed me about using spamass-milter, though, is that because of the way it runs, it doesn't know the local user to use (it tries to imply it from the To:/CC: headers, but that's not very effective for mailing lists, aliases, etc.)

So I decided, "OK, I'll put the basic spamassassin processing in /etc/procmailrc, and let people filter however they want locally".

Except that many people, including myself, use the much more user-friendly Mail::Audit package to process their mail, via .forwards, and if there's a dot-forward file, /etc/procmailrc isn't called.

OK, so I start investigating the Mail::SpamAssassin package, which allegedly adds Mail::Audit programs the ability to do spamassassin checks, add the headers, etc. etc.

Except, if it adds the headers, it doesn't do so intelligently at all, throwing it smack dab in the middle of a multi-line Received header:

From MYSENDERADDRESS Sun Aug 31 19:27:08 2003
Received: from narn.megacity.org (localhost [127.0.0.1])
        by narn.megacity.org (8.12.9/8.12.9/Debian-5) with ESMTP id h7VNR7DK0040
X-Spam-Status: No, hits=-0.6 required=5.0
        tests=BAYES_20,DATE_MISSING,FROM_NO_LOWER
        version=2.55
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
        for <MYTESTRECIPIENT>; Sun, 31 Aug 2003 19:27:07 -0400
Received: (from root@localhost)
        by narn.megacity.org (8.12.9/8.12.9/Debian-5) id h7VNR7cb004031
        for xyzzy; Sun, 31 Aug 2003 19:27:07 -0400
Date: Sun, 31 Aug 2003 19:27:07 -0400
From: root <MYSENDERADDRESS>
Message-Id: <200308312327.h7VNR7cb004031@myhost>
To: MYTESTRECIPIENT
Subject: foo

That is so highly annoying. I'm now back to using spamass-milter, wondering why this is all so difficult.

I noticed this line in my access.log tonight:

pis2.my.dcn.yahoo.com - - [10/Aug/2003:12:41:52 -0400] "GET /blog/index.rdf? HTTP/1.0" 200 8388 "-" "-"

So it would appear that My!Yahoo is going to start including data from my RDF feed into its site for its users.

I had a chat with a couple people tonight and realized how blissfully ignorant I was that sites, such as LiveJournal, Technorati, etc., had been doing this for a while. They will happily download my content, and either sell access to it to their users, charge advertisers for ad-banners on pages with my content, etc.

The argument these sites seem to use is "Your data is there for us to redistribute, and you don't have any license protecting it."

Except that I don't need a license to protect it. It's content. It's copyrighted by default upon creation, which means I as the copyright holder can send it to you via my web-server with no problem, but once you the downloader try to redistribute that data without my explicit consent, you find yourself in a very actionable position.

The content-thieves' argument then seems to go along the lines of "why else would you have that XML/RDF feed there if not for us to steal it and make money off of it?"

The answer to that, of course, is for personal use. It's there so that users can download it for themselves. Not "for themselves and whoever they want to charge money to".

Their response to that seems to boil down to "everyone else is doing it."

For all its flaws, the DMCA has one redeeming feature for even the casual copyright holder. It is positively fucking brutal on the penalties. At the redistribution scale of a site like Yahoo, those repeated violations can add up to Donald Trump Lotto pretty darn quick, and you can bet your sweet bippy I'll be cashing in on that when the time comes.

At OSCON, someone showed me their DVD library software. They had asked me what I use, and I'd indicated that I use DVD Shelf for my Mac, but that I wasn't terribly impressed with it one way or the other, other than that it created very nifty PDF reports on my collection.

They had pointed me to what they used, a web-based app that installed on their Apache server, that let them enter the title, it searched IMDb, asked them "which movie they meant?", etc. It was quite nifty, and I want to say it was named something like "avfilter" or "avlibrary" or something like that. Except that I can't seem to find it now that I'm looking for it.

Anyone know what it is I'm talking about who can provide a helpful URL?

So SCO today announced how badly they want to try and rape Linux users for (allegedly) using their intellectual property. You can stave off SCO's lawyer-wolves for the cool price of $699 per CPU.

Given that SCO only has a market cap of US$163M, one has to wonder, just one simple question:

How many companies put together would it take to instead of buying SCO licenses, buy SCO stock and hostile-takeover their ass into oblivion?

Seriously, at $81.5M (the cost for 50.1% of the voting stock) that's probably less money than IBM and Red Hat together are going to pay their lawyers to come up with creative legalese variations on a theme of "Stick that license up your fetid dark ass".

And then, they can have the pleasure of firing the SCO Senior Management team. Heck, if there was a "Buy SCO, Fire All The Management" fund, I'd donate to it right now in a heartbeat.

Once upon a time, a couple Yahoo employees used to joke that Dave and Jerry should buy Excite.com out of their personal fortunes just to have the ability to walk in and shout at the top of their lungs, "you're all fucking fired, go home," and close the doors on a competitor the easy way (although, as it turned out, they did it to themselves).

Why couldn't IBM just do that to SCO. Grab a controlling interest, tell the senior management to sod off, tell the employees to clear out their cubicles, and clear up any hint of IP confusion by selling to IBM for $1 all intellectual property, and then dissolve the corporation entirely with their 50.1% voting share.

IBM has to be careful not to actually buy the company, but strictly be a majority shareholder, making decisions that are in the majority of the shareholders' interests, even if the other 49.9% of the shareholders vehemently oppose them. :-)

Golden parachutes for senior execs? Good luck getting them from that non-existent corporation, and since IBM never actually 'bought' the corporation, it's not liable for any contracts/debts/etc. SCO may have incurred. It gets all the benefit of running SCO and none of the downside.

While I was in Indy attending GenCon, the Pit's mobile carrier, T-Mobile, Fedexed me my new cel-phone, a Danger Color Sidekick.

It's one part cel-phone, one part PDA, and is just damned spiffy.

It suffers from a couple issues, but some of them are outside of the control of the device. It's only available (in this area at least) from T-Mobile. In this part of the country, T-Mobile has sub-standard coverage, and this causes frequent signal loss. You think that's annoying when you're on the phone, wait til you've decided to surf a web page "to get that info you needed", and the crappy coverage decides to drop your net connection. That's not a fault of the unit, though, that's just demonstrating a need for other carriers to offer the unit.

It's also quite large and heavy. That's a function of being among the first generation units offering the various services the unit offers (full keyboard, cel-phone, full-PDA-size screen, etc.).

With the screen "flipped out" (as it is in the picture, ordinarily it covers the keyboard), it is very easy to hold and balances nicely, with the thumbs naturally resting on the keyboard to enter whatever you need.

It includes, out of the box, the "phone" application (obviously), a web browser (full browser, not WAP), AOL Instant Messenger, a Calendar app, a notepad, an Address Book, e-mail (including the ability to add your own personal POP3 accounts, no IMAP unfortunately), a little game (asteroids, essentially) and an application for driving the (optional) camera-attachment.

If you're in an area with good T-Mobile coverage, I highly recommend one. :-)

Well, since Jeremy said something, I guess I can now say something as well. :)

Jeremy asked me to help him work on his (now our) book, High Performance MySQL, for O'Reilly.

Jeremy's the brains (and the blame) behind the whole plan, though, although I think if I remember correctly, I can take credit for the banner at the top of the cover.

At some point, when ORA starts taking pre-orders for it, there'll be a gratuitous link here, so that I can try to guilt trip visitors into buying it. If you visit both my site and Jeremy's site, I feel it's only fair that you buy a copy from each of them. ;-)

If you're my mother, or something like that, feel free to skip this entry, because it'll be complete gibberish to you.

I'm having trouble with my Samba install at work, and need some help...

There are open source projects in the world that have world class responsiveness. If you have a perl question, you can post to comp.lang.perl.moderated and have an answer (several, after all, because there's more than one way to do it), within a couple hours. For Linux issues, you can post to any of a number of mailing lists or newsgroups, depending on what type of issue it is, and get an answer back lickity-split.

But the folks on the Samba mailing lists have got to be the least responsive people on the face of the planet.

I've asked, over the last several months, a number of "this isn't working, I need help" type questions on the mailing list (samba@lists.samba.org). To date, about the only time I ever get a reply is when I fat-fingered something and it's someone pointing out how dumb I am.

One of the benefits of open source, that we advocates tend to tout, is our responsiveness. We tell people "go out on the net when you have a problem, you'll have an answer in no time"...

... unless, it appears, it's with Samba.

So, given that I asked the Debian package maintainer a question yesterday, and posted that same question to the mailing list this morning, and have yet to see even a peep about it from either, I'm forced to ask myself the question I dread asking:

Is it more efficient to drop a Win2K Server box in there where the Samba server presently sits, and call it a day?

Now, don't get me wrong, I'm not implying that somehow the Debian guy is "a bad person" for not replying to me, or that the Samba community owes me some obligation to help me out. I'm simply saying that the perceived benefit - a global network of people to help with support, bugfixes, etc. - is not nearly so beneficial in this particular open source project.

As mentioned on FuckedCompany, this memo from eBay to its employees is pretty harsh:

Sent: Thursday, June 19, 2003 10:30 AM
To: DL-eBaySJC-all-R
Subject: eBay internal communication - Talking at desks- Please read

It has come to my attention that several employees are talking at their desks during scheduled work hours. I must convey the importance of NOT talking at your desk, or to your desk partner. Talking greatly decreases work productivity, and company morale.

If you need to talk to someone, please schedule a meeting room where you can talk, or use the break rooms. If you are caught talking at your desk, you will be escorted into a meeting room and questioned as to why you are talking, and if it is relevant to your job. If not, you may be subjected to disciplinary actions.

We want you to work hard at eBay, and enjoy your work. Please contact management if you have any questions.

Let me get this straight, they put people at the same desk (hence "desk partner") and expect that they're going to stare at each other for eight hours and not be friendly with each other? What the hell, man, I have a vision of Winston Smith's workplace now, with everyone wearing drab clothes and nobody speaking to each other.

Mark down one place you'll never see me work, no matter how good the pay there might be.

SCO has a market cap of about $145M. For many companies, that's not terribly hard to come by in their warchest, especially a company like, say, IBM, or such.

A hostile takeover for that could look a lot like "Hi, we're big-corp, we plan to buy every share of SCOX we can get our hands on and the instant we have something resembling 51%, we plan to cease operations of the corporation entirely, leaving any remaining shareholders with worthless stock. Thus, it's in your interest to sell to us as early as possible, lest you be left holding worthless pieces of paper."

"We won't be on the board of directors, we won't be officers of the corporation, we'll simply propose the resolution, act upon it, and shut the company down in one fell swoop. We're doing this because the existing management is a menace to the industry in general, and it's a public service to put SCO out of business."

I have to believe that would work, if you could find someone willing to do it. That and the stock price for SCO would probably plummett as shareholders became more desperate to be "in the portion of the shareholders who saw some return instead of being left holding their dicks in their hands"

We use OpenLDAP at The Pit for user authentication, etc., just as many companies do.

A couple weeks ago or so, there was an advisory about security issues with the (older, 2.0.x) version we were running. So, seeing as how the OpenLDAP folks considered the latest 2.1.x code to be "stable", and the Debian folks had pushed that code into the testing repository. Now, since Debian is notoriously anal about moving something to "stable", I took the OpenLDAP folks at their word.

Yeah, that won't happen again.

After three impromptu trips to our colocation facility to un-wedge machines that had torqued themselves nicely, the proverbial straw was sitting on top of the now-lame camel, and I set off for NJ once more.. to get the machines back up and running, and then downgrade to the older version (albeit the patched older version)

I'm not really sure how to fill out the OpenLDAP bug report. "making an update to the LDAP database locks up slapd and destroys the contents of the backend database in one fell swoop, but doesn't do it in any predictable manner"?

Actually, that sounds like a pretty good way of describing it...

I've been tasked with looking into content-filtering solutions, etc., to monitor our employees' use of the net, filter out 'bad' stuff, etc.

My "gut" tells me that there aren't any such solutions in the Open Source, mainly because I haven't heard of them before, and because content-filtering/blocking/etc. sorta goes contrary to what a lot of Open Source folks think of as The Right Thing To Do.

Without getting into a huge philosophical debate over the topic, though, are there any open source solutions in that space, or do I have to resign myself to "If I want to protect my employer from sexual harassment lawsuits from co-workers using porn sites, etc., I have to plunk down coin to some company who won't even tell me the list of sites they're blocking" like the libraries do. :-/

Ya know, with all the other people blogging about this, I swore to myself that I wouldn't join the flurry of posts raving about how great the Apple Music Store is that's built into iTunes.

But, after a couple weeks of getting a tune in my head, buying it, and repeating that cycle a couple days later, I have to say it. This thing kicks ass.

Despite my beliefs that the music industry is lost in the digital age, I never got into the P2P downloading game. I'm a firm believer in giving the artist the money they deserve. But, at the same time, I'm not about to plunk down $15-20 for a CD that has "that one track I like". That's just retarded.

Enter Apple. I've become quite the little download-monkey, plunking down $0.99 a track for lots of songs that I've been itching to hear for a while.

And the beauty of it is that even after downloading an assload of songs I like (including some guilty-pleasures that I won't mention lest I get ridiculed for them (grin)) I still have only paid Apple about as much as I might have paid the local CD retailer had I decided to buy two full-price CDs.

Kick ass.

I was reading Brian's missive about NASA's version of "Yet Another Useless Mission To Mars", wondering when we're going to actually put a human on Mars, etc.

And I was reminded of this article (which I got from some other blog but can't remember where, now, sorry), written by a former astronaut, pulling no punches on why exactly it is that we can't seem to put a human into anything other than Low Earth Orbit.

Makes for great reading and is highly recommended.

Once upon a time, when DotCom Lotto was in full effect, I bought the ultimate geek car stereo. It was the Empeg car stereo (whose best support and pictures can be found here since the product got discontinued after a long line of acquisitions and bankrupcties).

It was, for the time, quite cool. 20GB of disk (it might be 40GB actually, been a while since I looked, which will be more obvious in a moment), integrated into the dashboard, ethernet jack in the back to sling MP3's to it via the home LAN, etc.

Two problems:

[via Radwin]:

Disney plans to sell, via any retailer, DVDs that self-destruct after two days. It's a chemical process that begins immediately after exposure to oxygen, and after two days they start to degrade and become useless.

So let's see... raise the cost of manufacturing... lower the price-point, and have it be for something of lower consumer value.

Yeah. That's a winner.

Maybe if this kind of silly idea bankrupts Disney, they can stop buying off the Copyright Congress, and we can have some copyright sanity again.

Weird Al has this habit, which has finally bit him in the ass. He actually asks artists if he can parody their work (he doesn't need to, because parody is protected speech).

However, once he makes a deal with an artist, the artist can put stipulations on it, like Eminem just did saying he couldn't do a video of the song parody.

I understand that Weird Al is just trying to avoid "ugliness", but the reality is this: Don't ask permission, because you don't need to. Asking permission only gives someone else the ability to tell you how to express your art, at which point it ceases to be "art".

So I'm looking at the newer iPods. They're pretty neat. I've considered "selling the old one to partly fund the purchase of a newer model".

Except, most of the people I might think of selling my iPod to have a PC. Has anyone had any experience using a Mac iPod on a Windows PC? Or do I have to just try to either sell it on eBay or sell it to one of my Mac-owning friends?

I know it's all because it's winding up to a nice finish, but I just have to say... I'm glad Firefly was cancelled, because it enabled the very talented Nathan Fillion to team up again with Whedon, playing the very nicely evil Caleb.

I like that the Überevil isn't some bad-ass vamp or demon, but appears to all outside appearances to be a good ol' southern preacher type. Calm... reasoned.. precise... evil.

Nice way to wind the series up, I would say.

I'm trying to implement a very simple function at work. I want this rule:

Any mail going to *@DOMAIN, or coming from *@DOMAIN, must be using encryption

There are rules for denying connections to connecting clients using less than a certain bitlength encryption, just as there are rules for "when connecting to this host" to require certain bitlengths, but those require you to know which hosts might be sending or receiving mail, and that's a variable.

Now, I began to panic. Certainly those rulesets had value, but they weren't what I needed. I needed something that was based on either the MAIL FROM argument (when sendmail was in server mode, accepting an inbound message), or the RCPT TO argument (when sendmail was in client mode, attempting to deliver mail).

Sounds simple, right? Well, I found that sendmail even has a rule to handle outbound mail, specifically for this purpose, all I do is put, in /etc/mail/access:

TLS_Rcpt:recipientdomain.com    ENCR:128

and voila, any mail I send that is trying to go to *@recipientdomain.com will refuse to go if the encryption bit level is less than 128 bits. This works regardless of what MX the mail is going to, etc.

Now, being intuitive, you might think that there'd be a counterpart argument for inbound mail, especially since there's absolutely no way of knowing where the mail might be coming from for a given domain (there's no MX records you can query).

Well, you'd be wrong.

Further, when this was pointed out to the sendmail folks, the logic of whether this was necessary was questioned (e.g., whether it made sense at all to check for encryption on inbound connections based on the envelope sender), but after handily tossing those arguments aside (since they apply equally to how the TLS_Rcpt ruleset), I was told simply:

TLS_Rcpt is necessary as explained in 5.1.4.13. tls_rcpt You can't implement this via check_rcpt because it's outgoing.

Your requirement can be implemented via check_mail, hence there is no special ruleset for it.

Right. So instead of designing the rulesets in an intuitive manner, I'm expected to wade through an 800-page manual to learn the arcane syntax of the .cf file and create that manually? Fuck that.

There is exactly one developer for sendmail. Which of the several hundreds entries on the wishlist should I do first? Should I port sendmail to AIX 5.2 or write a ruleset for one person?

Apparently, I'm the first person in the world to notice that this set of TLS_* rules is incomplete. Now, this means one of two things:

1.) This rule isn't all that useful, something I don't personally believe
2.) This is a symptom of the fact that people are moving their MTAs to platforms other than sendmail, so the number of people who would notice such things is dwindling

Given that the only thing keeping me using sendmail right now is the libmilter interface (more info here), I'm going to put good money on the second category.

Of course, I got the standard "patches welcome" response of any open source project, which is fine, but when I'm looking at a job in which there are four conditions and only three are implemented, that doesn't say (to me anyway) anything less than "incomplete workmanship".

Someone... anyone... please add libmilter support, or something functionally equivalent, to your MTA, so I can switch. I beg of you.

I've bought two songs. I want to hear them. But I constantly get the message:

There was an error downloading your purchased music.
Use the Check For Purchased Music command in the Advanced menu to try again later.

Been trying for several hours, and I'm starting to get annoyed. Apple's "customer service" page for Apple Music Store simply says "try again in a few minutes" with regard to errors downloading. Completely useless.

I was reading Adam Curry's Slashdot RSS rant, and it rang true for me. It's something which has happened to me from time to time.

Slashdot says "don't fetch our RSS feed more than once every 30 minutes, if you keep doing it, we'll ban you." ... but Slashdot has more than one RSS feed, with varying contents, so if you want to read, say all the "main" headlines, all the Apple headlines, and all the "Your Rights Online" headlines, you're going to fetch three different RSS feeds.

Take a guess whether you think the brain-trust at Slashdork can intelligently figure out that you're not just banging on the server but are in fact getting three different files.

Nope. This morning, I got the "you're a dork, go away, we've banned you again" message in my aggregator. So, screw em. The signal-to-noise ratio on Slashdot has been so poor of late, I'm better off letting the net act as a slashdot filter. Anything really useful Slashdot has to say someone else will say as well, and I won't have to subject myself to the output of retarded programmer-chimps who have no idea the way their code works.

They're making a sequel to the very popular (with me anyway) movie Free Enterprise.

Mark Altman hints at the details in an interview earlier this year.

Kickass.

Now, I'm not a big fan of AOL, but their latest commercial, for AOL Broadband, is just hysterical. I wish I could find a link to it. It's a parody of the opening credits for the Six Million Dollar Man. When you would finally start seeing a picture of Steve Austin running on the treadmill, it's the little AOL-Guy running like mad.

It's just funny as hell, enough that I stop fast-forwarding through commercials on Tivo if I see it. :)

TiVo recently released their Home Media Option for newer Series2 units (which means, no mom, this won't work for you, that's why yours was so cheap! *grin*).

HMO offers a couple nifty new features, the two most important of which (to me) are the ability to use broadband for your scheduling downloads (although that may just be a feature of version 4.0 of the TiVo software, which came out at the same time), and the ability to set up your Mac/PC to share its MP3 collection to your TiVo. This is especially useful if you've got a decent home theater but really crappy computer speakers.

There's other stuff that appeals to other folks (you can share programs between TiVo's that are on the same network and on the same subscriber account, e.g., between bedroom and living room), and the ability to do remote scheduling (so if you forget to set it up to get West Wing, you just need to find a browser more than an hour before showtime).

But for me, it's nice to have some of my MP3s streaming out of the home theater, since I'd always been too lazy to lay down audio cables between my work area and the receiver.

My mom has a web site. It's not too bad for someone who did it herself and has zero experience building web sites. I bought her one of those "Build a web site for dummies" books, or something like it, which came with a CD in the back, and used the software on that CD throughout the book to demonstrate concepts.

My mom, however, has never opened that book. She instead, downloaded, then paid for, some crappy WYSIWYG thing from the web that doesn't even suck fetid dingos' kidneys, it's that bad. It works on this principle of having a "project" name (e.g., "dianas_web_page") and then, every single file looks like that. You'll have dianas_web_page_000001.htm, dianas_web_page_000001.jpg, etc., with each new image or HTML page just incrementing a serial number by one.

Now, the first time I saw her use this, I begged her to open the book, pull out that CD, I'm sure there's got to be something better than this on there. She wouldn't, but I was able to make it clear that I wasn't supporting that POS, and she was completely on her own.

Q: "How do I make thumbnails?"
A: "Dunno, I'm sure that's covered in the book, and probably even has cool software on the CD, have you checked there?"

... things like that.

Today, my mom IM'ed me because she deleted some images off her web site and one of her friends wanted them. Now, I say "deleted", but in reality, her POS program has no concept what it's doing really. Near as I can tell, it has absolutely no way of saying "that's not in use any more let's get rid of it", or (if it used real names) for the web page author to look over the list and say "Oh, that's the page for the picnic, I don't need that" and blow them away on their own...

Every one of those images is there, I'll guarantee it. There's 164 different images up there supporting my mom's three-page web site, all with various names ("dianas_page_XXXXXX", "test_doc_XXXXXXXX", etc.) dating back to the middle of 2002.

164 images all named essentially the same thing.

And every time we have this discussion about "Why don't you stop using that POS and use something else?" it always comes back to, "But I paid for this..."

Ugh.

I was in Worst Buy tonight (twice in one week, a new low for me, but I have an excuse, I was shopping for a birthday present). I saw, and had to pick up, a copy of the House of 1000 Corpses Soundtrack, because it's chock full of Rob Zombie Goodness.

So, I follow my standard routine:

For a company that - for years - took pride in not owing anything to anyone, it strikes me as odd that they're now grubbing for quarters at the bus stop, $750M worth.

This might be a good time for Yahoo employees to update their resumes. :)

Just as a follow-up to my previous Better Off Dead bit... I am not usually a big "Listen to the DVD Commentary" guy, except for commentaries that really are innovative (like the MST3K style Ghostbusters commentary).

But, the Better Off Dead commentary absolutely floored me. It was too funny... It has Savage Steve Holland (the brains behind the flick), Bobcat Goldthwait, and Curtis Armstrong (Ack-Ack, but you probably think of him as "Booger" from Revenge of the Nerds)

It was just funny listening to them rank on their own work, mocking themselves. Maybe I'm weird but I dig on self-deprecation.

And it makes me feel a little better for completely spacing on the Nerf Herder concert I wanted to go to tonight at The Chance.

So this morning, my macally IceKey keyboard arrived from Zones.

Now, I've always loved the feel of the keys on my Powerbook. The short-throw scissor-keys were second only in my heart to the feel of an old IBM Model M keyboard with it's nice sharp CLACK after each keystroke.

I've decided that I'm the kind of guy who requires either feedback that my keystroke has registered (via the nice sharp retort of a Model M) or a short-enough key-throw that I know "if I touched it, went", that a PowerBook style scissor-key keyboard gives.

So picture if you will a full-size 105-key keyboard, but using Powerbook style keys. This takes coolness to a whole new level. No more "mushy" keys (I'd been using the standard Apple Pro Keyboard that came with my G4/450 a couple years ago).

I highly recommend this keyboard! I can picture my wrists aching less at the end of the day already. :)

As many people know, I have REALLY anal-retentive mail-filtering software in place, protecting my mail server. I don't go in for the usual band of SPEWS/ORDB/ORBL/whatever blacklists, but try to instead focus on things that are "wrong" with messages, that usually valid servers don't screw up (e.g., your average mail client can craft a Message-Id header pretty accurately)

After a year or so of having this collection of Perl scripts floating around that people would download, I finally decided to start packaging it up, assigning version numbers, etc., and having something people could actually attempt to use in an enterprise environment maybe.

Mostly, this was spurred on my my starting to use it at my employer, when I decided I wanted a consistent set of files to work with. :-)

Anyhow, you can find it's official release announcement here, or download it from my software page.

Some specs on the LRSPC2661T Internet Refrigerator:

• 15.1" Digital LCD Display
• TV Tuner
• Hi-Fi Speakers with MP3 Playback
• Full internet functionality for surfing or e-mail
• Digital Photo Album
• Messaging system, via text or electronic pen, for notes and messages
• Calendar
• Recipe system
• Keeps track of stored food and expire dates

According to the appliance store I called, it goes for around $8000, give or take, so if anyone wants to buy me a housewarming gift when I finally get myself a real house, this would make an excellent addition. :)

From my virus-scanner logs today:

The infected file was saved to quarantine with name: 1048604323-RAVh2PEwesc009909.
The file (part0000:)->(IFRAME0000) attached to mail (with subject:Yahoo! Astrology - Taurus) sent by yahoo-dev-null@yahoo-inc.com to someone@myworkplace is infected with virus: HTML/IFrame_Remote_Exploit*.
Cannot clean this file.
The file was successfully deleted by RAV AntiVirus.

And yes, I checked, it really did come from Yahoo, from their bulk-mail servers, just where you'd expect a Horoscope e-mail to come from.

Classic.

OK, here's today's Safari gripe:

I know it seems like a really nice idea to have Safari, after some "timeout" period of waiting for a page to return, errors out with a message, but this HAS to be made optional. There are a lot of web-based administration interfaces that simply take more than 60 seconds to come back with results (e.g., credit-card processing, processing a bunch of images with Gallery, etc., and bailing out in the middle of those processes completely hoses them.

It's been a long time since we saw a new Safari beta.

There's a lot of sites I still can't visit properly with b60. (the citibank online banking facility comes to mind immediately, since I have to keep firing up IE to transfer money into my savings or onto my credit card).

We know it's there, there's been tons of screenshots showing 62, 64, you name it, with tabs and all sorts of new features.

Give it to us, dammit!

I feel better now, thank you.

We have two internet circuits at work, one from AT&T, and one (in our White Plains office) from Epana.

I've frequently gotten a complaint or two about routing issues on the Epana circuit: sites that were unreachable by Epana, but were perfectly reachable via the AT&T circuit, and consistently so. But, since the complaints always centered around "non-work-related sites", I never dedicated any time to tracking it down.

This morning, while tinkering with the new version of Subversion, I realized that the site I needed to reach, for work stuff, was in that "partly unreachable" state.

So I decided to report it as a problem. Went through, created a wonderful report, showing the various routes being used, sent it off to the support e-mail address, and then waited. Something inside me said "there's routing problems, dude, make sure they actually got the mail". Nope. It was queued.

Turns out, after thinking I had a firewall issue or something hokey, I noticed that NS1.EPANA.COM and NS2.EPANA.COM were listed in the root-servers as authoritative. If I queried ns1.epana.com for an NS-set, I got a very respectable looking:

epana.com. 3H IN NS ns2.access.net.
epana.com. 3H IN NS ns1.epana.net.
epana.com. 3H IN NS ns1.access.net.
epana.com. 3H IN NS ns2.epana.net.

but if I queried ns2.epana.com, I got

epana.com. 3H IN NS ns1-int.epana.com.
epana.com. 3H IN NS ns2-int.epana.com.
;; ADDITIONAL SECTION:
ns1-int.epana.com. 3H IN A 172.16.32.4
ns2-int.epana.com. 3H IN A 172.16.32.5

and, of course, the -int hosts aren't reachable. They're actually in RFC1918 space. So, the resolver library had latched on to those -int ones (randomly I guess) and wouldn't do shit until it could talk to them. Basically it queried the roots, got ns[12], randomly queried ns2, was told authoritatively that it it was ns[12]-int, and then forgot all about ns1.epana.com ... so once it had the two bogus nameservers in cache, it was stuck there.

I ended up having to bogus the ns2.epana.com server, but it amazes me how many things I found wrong in my upstream provider, in the scope of 30 minutes. The SOA on ns2.epana.com has a serial number of 2003020451 ... so it's been like that for over a month. You might think, if you had clueful network admins on-hand, that something that heinous might have been noticed somewhat sooner.

Ugh.

Well, at least Optimus Prime is part of the 5694th National Guard Unit, on deployment to the Middle East.

He even got a letter from a General at the Pentagon, saying "it was great to have the employ of the commander of the Autobots in the National Guard".

It's a legal name change so it's on his drivers license, his military id, even the name tag on his uniform.

Too funny.

Courtesy of SteveO...

And as a follow-up to a previous story talking about how "it was tough, but we couldn't find a spot for your talks"....

Man, I'm amazed they couldn't fit me into that tightly-packed Friday schedule... Only one talk the entire afternoon and it's a simple 45 minute talk (e.g., it's not like it's the Perl Town Hall Meeting or something, that's expected to have everyone there)

And it's funny, too, because with spam-fighting being one of the top topics for Internet-based companies these days (and that means just about every corporation in the world), there is not a single session - not one - that concentrates on using Open Source tools in fighting spam. Sure it looks like it might get a "passing mention" in a half-day tutorial on deploying open source throughout a corporation, but that's not the same kind of focus the topic deserves.

Also, a tip for ORA folks: Before you open up registration, have the schedule ready, so that those of us who actually have budgets (read there: nearly everyone) can plot out our schedule, hand it in to whoever approves expenses, so as to demonstrate the value the payor will be getting for their funds. If that's really how barren Friday is going to be, it's going to be tough to justify the expense for a lot of people. I know myself, this is the first year I couldn't immediately pick four tutorials to go to. It was the first year I wasn't able to immediately select something from every time slot.

I'll reiterate a catch-phrase from my last post that I have to credit to Z, the session selection for the Open Source Conference needs to be more Open.

I've got to agree with Jack. This (mirrored) is way too creepy. I'm sure there's some mathematical excuse someone can tell me how it works, but it seems remarkably good at predicting numbers, even from people who aren't even in the same building as me.

I imagine it's got something to do with the way the figures on the right change from iteration to iteration, but I'm not quite sure yet.

UPDATE: OK, Brian's a genius. num-(first_digit+second_digit) always yields a number divisible nine, and notice that the symbol is the same on all divisible by nine numbers... except 99 and 90, but that's ok because you can't subtract to reach them anyway. Very slick. But at least I was right about the changing symbols... that's how it avoids being the same symbol over and over again, which might be a dead giveaway.

The Original David Lynch Dune had a cast of babes, Virginia Madsen in the role of Irulan, gorgeous Sean Young as Chani, and (although nobody knew it at the time), Alicia Witt, who played Alia turned into a full-on robo-babe when she grew up (Sopranos fans will remember her as the hollywood "D-Girl" who Chrissy tries to pimp his script on).

But then, as I watch Children of Dune, and it's more of the same. Julie Cox is absolutely gorgeous as Irulan, and I'd sacrifice a limb for some quality time with Daniela Amavia who plays Alia.

Arrakis may be a desert planet, but if you're looking for hot women, it's a freakin oasis, no matter whose vision is being put on celluloid.

That's the only conclusion I can draw. Submitted proposals last year for OSCON. No dice. Submitted two different proposals this year (one for practical applictations of sendmail's libmilter library, a la milter.org, and the other was the quite-topical discussion of typical "spamsign" (concentrating on things other than SpamAssassin style stuff, DNSBLs, etc., but more on "things spammers do in common that you probably aren't thinking to look for").

And, neither was accepted.

I was chatting with Jeremy, trying to figure out if I should be (a) pissed, (b) disappointed, or (c) apathetic. He says I should be all three. He suggested "someone at ORA must not like you, you should bug Nat about that," until I pointed out that maybe it was Nat who didn't like me. :-)

So then he said "You should just post a blog rant about it, and hope that someone from ORA notices."

So I did. :)

Maybe the planning for the Open Source Conference should be a little more open. Once upon a time, (last year as a matter of fact), I had the idea that all the submissions should be voted on by the people who would attend. Maybe it's time to bring that up again.... so it can be ignored again.

Jeremy brings up some great points about being an employee of a company and mentioning your company in your blog.

It's no secret that I blog all work-related stuff in my blog in the category "Pit of Despair", and I know that my boss at least has read my blog (as have prospective CIO candidates, apparently). Personally, I think I'm pretty safe because I can guarantee that just about nobody else above my boss in the chain of command could ever figure out how to find my blog, let alone read it, let alone find the stories about them unless they happened to be on the front page at the time.

But if I did think my employer had clue, would it change the way I write? Well, if my employer had clue on IT things, I probably wouldn't feel the need to call the category Pit Of Despair in the first place. But, even if I did feel such a need at the same time as suspecting they had the ability to read the blog, anyone who knows me knows I'd end up saying the same thing that I say now. (As the many Yahoos who read my blog will attest, my working there never hindered my ability to play berate-my-employer when I thought they were doing something dumb)

But I do know other folks who blog who have very interesting (errrr, read there "sordid") stuff going on at work (in terms of both "folks you could tell the most interesting stories about", as well as "the craziest shit going on at work") but for various reasons choose not to.

I guess it depends a lot on the personality of the blogger as to how likely they are to cave "before the fact" and not talk about work at all.

Once upon a time (March 2001), I kicked around this embryonic idea for something I called "OX", outbound exchangers. The idea was frought with brokenness, though, and I put the idea down like the dog that it was (resurfacing it here, only for historical and contextual purposes, in the very poor save-as-text outputting format of microsoft word... it looks much more RFClike on-screen, I swear).

Gordon, though, has done it. It's a proposal for how to allow large, often-forged, domains to designate address space or IP addresses that they are willing to designate, or vouch for, saying "if it's coming from here, it should be legitimate," or even to say, "This domain should NEVER have mail coming from it."

His proposal was submitted to the IETF Anti-Spam Research Group (ASRG) this evening (after much goading from folks who were looking at the OX-style "RMX" proposal being batted around, saying please please don't let that continue, we have to put forward something better).

This is an idea which has been a long time coming. Now, hopefully, it'll get some momentum going towards acceptance.

For those who haven't seen it yet, this is without a doubt the funniest Apple Mac Switcher Parody yet.

Call me sick. I've recently found the joy and humor of Stephen Hawking's night job.

MC Hawking, the gangsta rapper.

It's official, I will not be able to get any work done the rest of the day, laughing so hard am I.

I'm confused. I google for myself, and my web site doesn't even show up in the first five pages. There's folks who can google for their FIRST name, all by itself, and show up as the number one result, but ME, searching my for my WHOLE NAME, and I don't even show up in the top 50 pages about myself.

But, even funnier, is that if you google for just my first name, I show up on page 2.

Some things I just don't get... A more specific search yields less specific results.

DRE? Why the Playstation2 Disc Read Error, of course, a phenomenon so common (despite what Sony would have folks believe) that it's got its own FAQ.

I managed (using the Diagnosis Mode solution) to get my unit working again, but it's only a matter of time before it dies for good.

I'm just glad it didn't screw up my save-game in The Getaway, which is the coolest game since Vice City. (I love driving by places in London, going "Hey, I've been here before!")

Time to start saving money for a replacement PS2 when it finally dies....

Microsoft acquired Connectix's Virtual PC group.

How much you want to bet that product is deep-sixed? That way, Microsoft can assure itself that Mac users who need to run "that one windows app" *have* to buy an Intel machine running windows?

So, as a followup to yesterday's post, it appears that minbar's hard-drive has shit itself quite nicely, and will have it's next appearance as part of der Schutenfest at some point where it'll be introduced to a 12 ga. slug.

In the meantime, though, I'm left with the fact that I had no meaningful backup of the machine. Veritas NetBackup works great for me at work, but it's a bit of overkill for my personal machine, and not a lot of people go out and buy fancy tape drives and such for regular unattended backups of their personal servers.

Short of a task that nightly tars up and SCPs a file between narn and minbar (with each side basically backing itself up to the other), are there any other "slick" solutions people are using on their colo'ed kit?

I got a semi-frantic e-mail from "Dave" for whom I host his DNS:

Dave: "Is my DNS down?"
Me: "Checking... narn is answering ... minbar ... hmmm... is not."
Dave: "Odd."
Me: "Ah, and you don't list narn in your root NS set, so it's not being queried. While I track this down you should fix that."

... and then I call Ray, whose rackspace I occupy and bandwidth I steal

Me: "Hey, you got anybody at 50 Washington?"
Ray: "Why?"
Me: "minbar took a shit."
Ray: "Errr, that's not good."
Me: "Yeah, any chance of someone kicking it?"
Ray: "I might be going out looking to see if something is open for dinner. If I do, I can try to swing by."
Me: "ETA?"
Ray: "Hours at least. I can't see the office [50 washington is the tallest building in that part of Norwalk], and it's only a mile away, so visibility is sucking right now."
Me: "Just an FYI, Dave's domain is completely dorked because of him missing narn in his NS set"
Ray: "He updated that now, I take it?"
Me: "Yeah, but that won't 'take' til the roots update."
Ray: "You got any services still sitting on minbar?"
Me: "minbar is solely secondary DNS and serves as www.milter.org, so other than milter.org and Dave, there should be negligible impact."
Ray: "OK, we'll see what happens..."

The downsides of combining "free hosting" and "crappy weather". You don't rate the guy being contractually required to go kick your box when it needs it.

Gizmodo.com recently pointed to an article about region-free DVD players. The article describes the "region issue" very well, but then points to the rising demand for such players.

In the US, the market for such players falls into two basic categories: players that have some "hack" to turn on region-free playing, or a grey-market in "chipped" players that have been altered, post-manufacture, to disable the region-checking features.

As folks in the US start wanting to watch things that are only available elsewhere, I can only predict that the grey-market will start to get more and more popular, as folks want "Quality DVD kit" but want to be able to watch stuff that they can't buy in Best Buy.

What do I mean? Well, until a few weeks ago, you couldn't buy complete seasons of Friends on DVD in the US. Sitting on my shelf, though, are seasons one through seven, released quite some time ago in the UK (Region 2). Want to get the "unedited" version of Eyes Wide Shut? Gotta go to Region 2. How about a better selection of Doctor Who episodes? Want to buy DVDs of early seasons of ER? Gotta get 'em from Japan (Region 4).

But it's not just obscure TV shows, there's plenty of movies. For the longest time, one of the greatest movies of all time, Citizen Kane, was not available in the US - and had no expected release date - but was available in the UK as a region 2 disc.

And, in today's economy, it's easy to work around this problem. I'm a frequent shopper at blackstar.co.uk, a great Region 2 shop located in the UK, and folks I've talked to recommend cdjapan.co.jp for Japanese discs. I've got my trusty old Apex AD-600A, which was probably one of the first "easily hackable" DVD players to catch the eye of average folks. Later models had the loophole removed, but others have sprung up to take its place. And if they don't, one can always shop at places like CodeFreeDVD to buy one of the chipped grey market units.

At some point, the chipped/hacked DVD market will reach critical mass, and studios will give up on region-encoding. There's no point in mastering/pressing five different versions of the disc, when you can simply master one disc, and have it available worldwide.

So the next time you buy a DVD player, think about it, and pick up one of the ones that puts freedom of choice in your hands, not the studios'.

Saw a promo for the first time for Children Of Dune on Sci-Fi.

If this is half as good as the original, it's gonna kick serious ass.

Apparently, yesterday morning and this morning, Howard was talking about the AC130 footage, and how cathartic it was to watch it for him.

Thus yielding spikes in traffic for those of us who had mirrors. :)

Thank goodness for apache's mod_throttle package.

It seems that the AC130 Combat Footage I mirrored here have suddenly become... err... immensely popular:

Seems if look for "AC130 video" on Google, I'm on the first page. Dunno if this is going to be a short-term (e.g., "today") thing, but if not, I suspect that footage will stop being mirrored fairly quickly, lest my ISP have a conniption.

And Ray, if you're reading this, that means "Yes, I am the source of your network woes today"....

So Ask finally went for the Bluetooth. Even cooler, though, is that he found the elusive instructions I'd been wanting, for "how to get GSM working over Bluetooth".

Now, the only thing that's left is how to use the "native" internet access in the phone, and do it via Bluetooth, since the internal access is higher speed than the 9600bps you get from GSM (yuck)...

It seems folks who paid for the iLife CD's are getting them in the mail. So why can't I yet download the apps from the Apple site like Steve promised?

From the latest bit of wisdom out of our Human Resources department:

When an employee is terminated it is critical that IT deletes the user from our system ASAP. The Human Resources department needs to notify IT by 12:00 pm on the same day the termination/resignation occurs.

Note the potential gap there. What happens if an employee is fired as soon as they walk in the door at 8am? So I send a reply back to the HR Director (cc'ing her boss and my boss, since the three of them had a meeting today to draft this retarded policy), pointing out that "obviously, if an employee is going to be fired in the morning, we need to know by noon the previous day, otherwise, we might not find out for 3-4 hours after they've been termed, which is quite a big security hole".

Executive summary of HR's reply: Too bad, so sad. Your boss agreed to this, so to hell with your security concerns, you don't know how tough it is for us Human Resources people to do this stuff.

Never mind that in my review last week, the overriding theme was "Wow, you came in and kicked our ass on the various security things we've been doing wrong, and it's saved our ass in large_number ways! You're awesome!" Why would I think, based on that, that anyone would listen to me on security issues?!

I give up. I hope we get hacked by a morning termination so I can lay this at the feet of the HR department and offer a pike for whichever HR person's head is to be ceremonially mounted on it.

a/k/a "The World's Worst Abuse of an Existing Domain"

So it's that time of the year, when all those cool commercials air, interrupted from time to time (and annoyingly) by that SportingEventICannotMentionByNameLegally.

So, like I did in previous years, I decided to go to AdCritic to check out the spots. Yes, that's right, I am a consumer, and I want to have high-bandwidth ads streamed to me pimping myself out as a consumer whore.

Now in years past, AdCritic was just a repository of Quicktime and RealMedia files for every great commercial there ever was pretty much. Then, they failed in the dotcom death, and they were acquired by AdAge, who proved that "advertising agencies, and those who support them, may know about marketing but they don't know dick about business."

To view commercials on AdCritic, I have to subscribe. Not only must I subscribe, but it's a hefty $70.00 subscription, which includes a subscription to "Creativity Magazine" (whatever the hell that rag is).

I'm not in the ad industry, and from the looks of their business acumen, I don't want to be in the ad industry.

I don't understand why this is so hard a business model.

- Define the cost to send a single 30 second quicktime video to a customer (in terms of bandwidth, overhead, etc.)
- Offer Budweiser, et al, "hey, you don't pay us a dime except when people download your ad. They're highly targeted and motivated consumers -- they WANT to see your ad. They clicked on it specifically.", and charge them "cost+markup". Make markup fairly low. You're going to make it up on volume, because especially around times when there are really good ads out, there'll be a bajillion downloads
- Sit back and watch fat cash roll in.

For the millions of dollars that Budweiser, Nike, Coke, Pepsi, etc. spend on making commercials, I have to believe when someone says "I'll charge you a buck to hand that commercial in its entirety to a consumer who will probably watch it over and over again", that they would say "no".

Yes, online-ad-dollars went into the toilet, but I think consistently we've seen that the ad-dollars that went into the toilet were the exact opposite of this -- ad banners, pop-up-crap, etc.

I refuse to believe that this would not work, and I think AdAge are a bunch of retarded chimps on crack for taking a site which could easily have been made into such a place, given its consumer draw, and turning it into some exclusive club for ad execs who probably can just have their lackey fetch a VHS copy of any ad they want to see anyway.

So I reinstalled Quicken 2003 on a different machine. The disk comes with R1 obviously. My laptop is running R3, so I know there's a higher version. So I do "Check For Updates", which points me at http://www.intuit.com/support/quicken/updates/qkn_updates_mac2003r3.html, which says, in its nice way:

Thank you for your continued support of Quicken for Macintosh!

Release 4 (R4) will be available soon.

and denies you any way of actually downloading the R3 download itself.

GOSH! Thanks for denying me at least the CURRENT freaking version you morons. So while they're jerkin their gerkin getting R4 ready I still have to suffer with all the bugs they fixed in R2 and R3.

Well, thanks to some tutoring by Ask I can at least get my T68m working using 9.6k GSM via IRDA.

But, I'm still not satisfied really. This is great as "Access of last resort", but I still can't seem to get it to work via Bluetooth, it requires the use of a regular ISP, and I'm led to believe there are faster, "use the telco as the ISP" alternatives that are supposed to work, but which I cannot convince my phone/computer combo to do.

At least if I'm stranded in the Badlands or some place suitably deserted (like, say, Indiana) I'll be able to get online.

So I was among those who said "why would you pay for .mac? What is the value-add?"

So, here it is. I did it. Why? Simple.

iSync between computers of the calendar and address book. That feature alone is worth the money to me (although, admittedly, I wish it were cheaper or that I could a la carte it and only get what I needed/wanted).

Well, it was a good thing I was attempting to make my G4 workstation at home "just as capable of working as my TiBook" because my AC adapter took a big shite. It's interesting that it died in the same way that my G3 Powerbook AC adapter died. Right in the webbed area around the back of the plug to the computer.

I don't really abuse it all that badly, and it's two completely different adapter designs that have died like that. HIGHLY annoying. Especially because nobody I've tried seems to have one in stock, and I don't have an Apple retailer local. Everyone I tried to call and order one "FedEx First Delivery" tomorrow morning, they're out of stock on them.

Which means I have to trek into the office tomorrow (hadn't been planning to) because I've got one at work that I will now have to shuttle back and forth until my purchasing guy @ work can get one for me. Yuck.

Update: Thank god for AppleCare. While AppleStore might not be able to deliver a unit for 3-4 days, AppleCare is overnighting a unit, cross-shipped, and it should arrive tomorrow or Wed. (depending on whether they made the truck today, since it's going on 6pm in Cupertino, possibly later depending on where they actually ship from). I still have to trek in tomorrow since I can't guarantee delivery, but it's a lot less painful than I was fearing

So I read that Ask got his T68i working with his Mac for internet access.

I wish I could say I've had even a little luck. It seems that every tutorial I read which says "how to do it" doesn't seem to match what my phone shows at all, and all the "script tools" I download which claim to "do it all for you" don't work. Then, if I try to contact T-Mobile for help, it's about as helpful as the first chapter of The Silmarillion would be - that is to say "not at all helpful". They're completely clueless.

So the tools don't help, the howtos don't help, and the people who are supposed to help, don't help. I'm ready to just put out a bounty -- make my phone work with my laptop for internet access and I'll pay you $50.00.

I'm tired of beating my head against a wall like this. The mobile-phone companies have got to make this easier, and I don't understand why it's not .. whether it's paying "per megabyte" or paying for connection time, people using their cel-phones for connectivity is just a shoo-in for "sources of long-duration calls that will rack up nice airtime charges for the company", so why is it such a pain in the arse to make it work?!!

I finally did it. Y!Messenger is no longer in the dock, the app isn't even installed any more. If you have Yahoo!Messenger and you want to IM me, you're just SOL (or you can go use AOL Instant Messenger dballing13 and call it a day).

The only people I still had in my Y!Msgr buddy list were all Yahoo employees who I was unable to convince of the merits of using something more stable. So be it. ;-)

No, nothing like you're probably thinking. Every time I've ever tried to read The Silmarillion, I've bailed out about five pages into it, I just couldn't get into it.

This time, I'm actually one-quarter way through it, and it's actually making sense (well, as much sense as it can make anyway). I might actually make it all the way through this time.

So after a week or two of using Safari, here's my thoughts on it, after the fact:

- Still a bit buggy on some sites (go figure, that's a no-brainer)
- Gotta have tabbed browsing
- Cool feature I want -- shared bookmarks. Let my laptop and my G4 desktop share bookmarks, via .Mac/WebDAV/Rendezvous/whatever
- Where's the long button in the top-right corner to make the toolbars vanish... Doesn't the current "design interface spec" say that's supposed to be there? :-)
- Some of my bookmarklets (e.g., the MT "Trackback" bookmarklet) still don't work
- More search options in the search tool, specifically "Google Groups", since that's what I end up searching more than Google itself.
- The title bar for empty windows uses some brain-dead numbering scheme. I can have no windows open, hit Apple-N, and the window that forms might be "Untitled 148", because it's the 148th window that was created called "Untitled". Instead of "counting upward from 0 until it finds a number that's not in active use" it just counts how many untitled windows it's EVER opened, since the app started. Dumb.

So I've had an AOL account forever. When my mother-in-law was alive, we paid for her account, and then when I was on the road, or whatever, it gave me an "emergency dial-up" to use. It was a pretty decent strategy. I didn't give a pair of fetid dingo's kidneys about "AOL Keywords" or cool AOL features, I used it to give me a functioning IP stack in the middle of nowhere, because I can be in a town so small the DQ is a landmark, and it's still local to an AOL dial-up.

When I went up to Vancouver, though, the AOL dialups up there charge a per-minute fee. This is not good, says I, and I find out that Earthlink does not charge a per-minute fee. Guess who changed "last ditch dialup" providers?

Ugh. If there was any doubt as to my geekiness. In 48 hours I have managed to watch twenty-two forty-minute episodes.

My brain hurts. Next dose, June 2003.

My copy of Buffy Season 3 showed up this afternoon, waiting impatiently on my doorstep for me to come home and throw it in the DVD player.

The TiVo can capture tonight's prime-time fare, tonight is dedicated to the Slayer. :)

(man, I'm just a blogging fool tonight)

Free to a good home, you pick it up or pay shipping. One NeXT '030 Cube. "Booted fine last time I booted it, but the install was hosed, and it needed a new install". The optical drive is trashed in it (as they usually are, because of that boneheaded fan-design that sucked dirty air across the sensitive bits DOH!) Includes Mexapixel monitor, keyboard, mouse, etc. No guarantee of current usability as it's been moved by movers twice since I last powered it up (actually, maybe three times come to think of it). Hence the good price you're getting on it of "free".

If you're reading my blog and want an interesting piece of computing history, now's your chance. Otherwise, it's bound for eBay when I get ambitious enough to do it.

My initial thoughts on Safari, Apple's new web browser.

Pros:

Fast as hell, both for startup and for page rendering
Nice look and feel, although an option to have the favicon image on the Toolbar bookmarks would be nice (but probably would be a bitch to do and have it look good, considering the favicon itself isn't something they have any control over)
"Snap-Back" works fairly well
"Bug Report" button, to send Apple pages that don't work right, including screenshots, etc.
Seems to render pages fairly well (haven't found any yet that choke it)
Allows Apple to not be so dependent on anyone (e.g., MSFT) for their users' default ability to do anything on the net

Cons:

No "Home" Button
Toolbar not customizeable (to add, say, a "Print" button)
No support for Tabbed browsing
No support for saving/retrieving login/password information from the keychain (although interestingly, it keeps ASKING me to access the keychain, but then it never does anything with the information I give it permission to access, so this may just be a bug)

I'm sure I'll come up with more in both categories as time goes on.

This is what I want for my Post-Giftmas gift... anyone willing to pony up the coin to make Derek a very happy person?

Yeah, well, didn't think so.

It amazes me, to look at HP's calculator line, that it is now impossible to get an RPN scientific calculator from them. They only have two scientific calculators, both using algebraic input. The only RPN calculator they sell is the 12C, a financial calculator.

So I'm torn between "pick up an 11C or a 15C on eBay", and "find another comparable calculator from a different vendor".

Anyone got any particular favorites in terms of RPN calculators (please don't suggest software, please don't suggest "this really nice algebraic calc", I really want RPN, and I really want my calculator to just be a calculator and have it be something I can throw in a pocket and not worry about it).

I'm now officially pissed that my 11C was stolen when I was back in high school. :(

Tendered as proof that the web encompasses every type of site you could think of: KNEEL Before Zod!.

I need to get myself one of those "KNEEL BEFORE ZOD!" stickers they sell.

Gift the gift that lasts forever: an entire town, available on eBay.

Scary thing is, it seems on the up-and-up.

So I made my reservations for OSCON 2003, to be held at the Portland Marriott. When I gave them my information I explicitly checked the "don't ever send me junk mail you ingrates" checkbox.

What do I receive today?

Dear Derek Balling:

Because you recently provided your email address to
Marriott when making a hotel reservation at the
Marriott Portland Downtown,
you can now receive these valuable communications
which feature:
....[snip]

Bleeding hell, now they want me to opt-out of their mailing list that I explicitly told them I wasn't opting into in the first place.

And this is the organization that's going to attract a conference of geeks? Sigh....

OK, via my boss, this is way-cool footage of an attack run on a site (allegedly) in Afghanistan. Usually when stuff like this leaks to the world, I'm skeptical, but this is fairly long and fairly accurate looking. Complete with voice traffic from the gunner, the tower and someone who sounds like a spotter. Great stuff there, if you can get past the fact that you're watching people die.

From a /. Story:

Some PhD candidate with way too much time on his hands did a paper using Sunnydale as a case study in the "human/vampire ecological equilibrium".

The executive summary is that at a human population of 36,346 (which is about the size town Sunnydale appears to be), and a vampire population of around 18 (which is about what we see as an expected normal value on TV), the ecological system becomes stable, with the vampires feeding at the proper rate, and both populations are kept in check.

In other words, by pure dumb luck, Sunnydale actually describes a viable vampiric ecosystem.

Scary.

Decide to set up a Medal Of Honor server on your linux box.

Start scp'ing the necessary files from your home machine to your server.

Realize midway through that there's a shitload of files, and you have a really crappy upstream.

Hope that your cable company doesn't decide you're some sort of pirate and cut you off in the middle of the transfer.

It's now been running nearly 24 hours, looks like it's about 3/4 of the way through. Hopefully by the time I wake up tomorrow my ping times to "everywhere" won't be measured in the 2000+ ms range. :-)

Apparently, Apple have taken to self-parody, by having Will Farrell play "S. Claus", a "switcher" who talks about why he says Happy Holidays now instead of Merry Christmas. Yes, it really is hosted by Apple (their link to it is here, but it didn't want to work for me for some reason, gave me a broken Quicktime thing).

You know you're cool when you can join in the parody fun and lampoon your own ads. ;-)

As seen in Ask Bjørn Hansen's blog entry.

That's the name of Penn and Teller's new show, set to debut Jan 24, on Showtime. Read all about it here. Apparently they're going to go around debunking different "fakers"... should be a hoot.

Jeremy didn't even give me a chance to post my own entry about the very cool new Firewire hub that looks like a certain bipodal fire-breathing lizard from Toho, complete with glowing eyes and mouth.

I'm told that we sent off the first of many orders for G4 iMac's for our customer service reps. I don't even think any of them other than the guinea-pig rep know what's in store for them.

The first 30 or so should probably be here within a week. There will be a learning curve as we ramp up the Help Desk folks first, getting them used to it, because while it was fine for me to be the guy who helped out the guinea pig, I'm not about to go back to being Help Desk Monkey for a bunch of CSRs who barely know anything about computers at all... at least the guinea-pig was computer literate. :-)

IE - Sucks.

Opera - Crashes six or seven times a day.

Omniweb - Half the sites in the world don't work.

Mozilla - Has eaten my bookmarks twice.

Netscape - who can trust it if Mozilla is broken, and Netscape is just Mozilla++?

iCab - tons of incompatibility issues like Omniweb

Chimera - a bit feature-lacking

I'm about ready to start running IE in freaking Virtual PC.

That's nothing compared to this rant about Yahoo! Hotjobs :-)

"Sara" was the lucky winner of the "be the guinea pig" contest. Overall, the vibe is good. It's just as we expected. Her cover story is "her PC was having problems, and needed repair, so she's borrowing this for now" (that way, if it's a failure, we don' have to explain to 30 customer-service-reps why they're NOT going to get the cool sexy iMacs).

Her sole complaint so far, and it's a pretty good one but not a show-stopper, IMHO, is "how do I reprogram my function keys in Terminal.app" (although she would not have worded it so precisely *grin*)

Seems she's reprogrammed F12, say, to be "FAXED CUSTOMER AUTHORIZATION FORM", so that for status fields, she can quick-enter commonly used text (makes sense).

Anyone know how to do something like this (keyboard only, no menu-based stuff, the speed with which these CSRs do data-entry would be adversely affected by having to putz with the menus)?

There's nothing like paying a consultant a day's wages... to do effectively nothing.

Yep, we had a linux server misconfigured, and spent the entire day thinking it was a Veritas error and it was a "we're dumb" error.

Sigh.

A non-geek called it sexy. That was when I knew the iMac was going to be accepted by the users that have to warm up to it.

Sitting on my desk is a brand new low-end iMac.

Why is that cause for excitement, you ask?

Because it's a prototype. No, I'm not privy to Apple goodness, it's a prototype for our company. The goal: do everything the present day customer-service-rep does on his desktop, but do it without Windows, and try to keep it within a couple hundred dollars per workstation of the Windows machine. If successful, we could cease purchasing Intel hardware completely (or at least, drastically limit it to "executive folks who refuse to convert like everyone else has")

Today will be a fun day indeed.

I woke up at 4:30am this morning. Couldn't get back to sleep. Figured, what the heck, my new Quantum SuperLoaders arrived on Friday while I was out, I can start working on installing them.

So I get in early (no traffic, the only advantage to being to work at O-Dark-30) and start powering up the first tape drive (which someone on Friday had opened and racked, but not hooked up).

But diagnostics doesn't report the barcode-reader. So I start playing with it a bit, turns out, nope there's no barcode reader showing up. So I wander back to my cubicle, start looking at the documentation, looking for ways to "enable" the barcode reader. Nope. I notice, then, that the part number on the side of the box is not what I ordered.

This is, of course, when it starts to all slide downhill...

So the judge in the Microsoft anti-trust case rejected many of the proposed penalties, saying:

"Microsoft's competitors appear to be those who most desire these provisions and, concomitantly, are the likely beneficiaries of these provisions, while other competitors in the relevant market would not necessarily benefit. In bringing these types of proposals before the court, (the states) again misunderstand the task presently before the court,"

I'm sorry, maybe I missed it, but in an anti-trust case, who did she think would be the beneficiary of recourse against the monopolist? Yes, it's artificial strengthening of Microsoft's competitors, but that's an attempt to undo the damage that the now-twice-handslapped monopolist organization did.

Who says the court system is screwed up? ... oh wait, that's me.

... it's 30 hours since Daylight Savings Time ended, and you still haven't encountered a clock you need to actually set.

Computers ... automatic.
TiVo ... automatic.
Digital Cable Boxes ... automatic.

I suppose when I finally put my watch on to go to work in a bit, that'll be the first one (the clock in the Jeep will be the other), but more and more, the clocks I refer to on a regular basis are smart. :)

I mean, I didn't even think about the DST conversion yesterday... The only reason I even remembered this morning was they were talking on "Today In New York" about "kids getting to go to school with the sun again", and that's when it hit me.

"Didn't anybody ever tell you to make sure your optics are clean?"

Well, I could rephrase that as

"Didn't anybody ever tell you to make sure your tab-completion really gave you the file you thought it would?"

... he says as - meaning to blow away the mailspool for a user who hasn't logged on in six months - I deleted a mailspool belonging to someone who had a nice collection of stored mail, etc.

I feel the complete schmuck now. sigh

So before I left NY, ten years ago (wow, was it that long ago?) a group of us used to play Dungeons and Dragons every week... well, we were all single geeks, so it was usually like two or three nights a week, for like six hours at a shot. It was "sleep, crappy convenience store job, D&D, repeat cycle".

So as I move back to NY, I find myself a single geek again... and I find that everyone who had been a part of that D&D group who had moved away, have all moved back. As we mused on that fact, we decided it was a mild form of fate, and that we should try to play again, certainly not nearly as often as we did when we had no lives (all of us are married now, even if I am in the middle of rectifying that bit), but maybe like twice a month or something, sorta a "poker night for geeks".

So that's great news, right, getting to do something you enjoy with people you enjoy doing it with ... so what's the part that annoys me?

You ever move a dozen times? You see some object every time you pack/unpack and think "I wonder if I'll ever get to use that again?" and then go on to doing things with things you do use?

And then you get to the point where that thing's time has finally come, after all those moves and all those fruitless packing/unpackings ... and you haven't the faintest idea where it ended up?

That's where I'm at with my Big-Ass Bag Of D&D Dice. That big red sumbitch is somewhere in this apartment, but I'll be damned if I know where. Sure, I could just go buy new dice, but that's the bag with "The d20 that always rolls 19 no matter what", and "the d6's that always seem to generate great ability scores". They're familiar, they're steeped in history, since in that bag are the original dice I got with my first D&D set back in like 1982 or 1983.

I don't want new ones, I want them. And I have no idea where they are.

*sigh*

OK, I'll admit it. I was a member of the 4% of the population that had never watched Buffy before. But after about 95% of my friends had recommended it, I told the TiVo to pick it up "when it had the chance" (lowest-priority season pass), and proceeded to delete it every time it picked it up because I had better things to watch.

Then this morning, after burning through a marathon of "Monarch Of The Glen" reruns it had snagged, I was left with two things on the TiVo: Buffy, and a really old episode of The History Channel's "Mail Call".

So, not being in the mood for R. Lee Ermey screaming at me, I chose Buffy.

OK, I'm officially hooked. 'Nuff said.

So my parents managed to have both their PC's die in the scope of fifteen minutes from the latest Microsoft Virus Of The Week candidate.

Which is interesting because the USUAL delivery method (Outlook) is not used on either machine. But they both use Yahoo throwaway accounts, so it looks like someone send them an HTML-bootstrapped worm or something. I dunno.

All I know is that they kept asking me for info about the worm, did you get any advisories about this, etc. etc., and it was wonderful to be able to say "I dunno, I have a Mac running OS X, so I can't remember the last time I worried about silly-ass windows virii, maybe you should pick up a Mac like I keep suggesting?"

Not that I think they'll switch tomorrow ... but it's refreshing to be able to push that whole mess off as "not my problem".

Via Jeremy, if you've ever been a Star Trek fan, this is too funny.

So I started reading an article on the Pope not wanting to resign (localmirror). Go ahead. Read it. Skip to the paragraph that starts "The pontiff", and how it notes

"The pontiff, who is very devoted to the rosary and the Madonna (news - web sites)"

Hmmm, I don't think that's the Madonna he's very devoted to. In fact, I think he's probably quite opposed to her.

Humans should handle that task, because (although it's obvious in this case) an article can take a completely different slant if the difference is more subtle.

So I was reading Simon's blog entry and it occurred to me to wonder what other folks use for naming conventions of their servers.

My personal machines are all Babylon 5 related (Narn, Minbar, Drakh, Shadow, etc.) At work, we used to have a very dull boring naming scheme ("fs01", "ns01", "mail01", blah blah blah), which I absolutely abhorred, but a combination of things (the termination of he-who-championed said naming scheme, as well as an auditor saying "you should have less obvious hostnames") led to me being charged with renaming the machines. (I should note that the auditor was on crack, and the hostnames have little to do with security, but I specifically didn't call to strike that out of the audit because I liked that it allowed me to change the names)

So like any good sysadmin does when faced with this challenge, I had to think about it for a while. Naming schemes really are the only place a sysadmin gets to show any creativity at all. You want something interesting, if not quirky, but also something that can handle lots of growth (so you don't end up running out of names like we did at a former employer who used the names of the planets in the Solar System).

In the end, I settled for Tube stops on the London Underground. Even accounting for some that will never end up on a machine hostname (e.g. "Heathrow Terminals 1,2,3"), there's still a shitload of available names.

Plus it's fun to think that every web site our White Plains office folks visit will get the NAT box's "cockfosters" hostname showing up in the logs. I can't say that name without snickering. :-)

OK, so I decided to try the new "default" stylesheet for MT 2.5.

On IE, it looks just fine, but on Omniweb, the "content" DIV ends up overwriting the right-hand side of the banner DIV.

Anyone see something obviously wrong, or is the rendering in Omniweb just broken?

Tell me again how it is AOL keeps saying "they're #1"?

305 packets transmitted, 274 packets received, 10% packet loss
round-trip min/avg/max = 183.979/3317.28/6044.54 ms

I upgraded to MT 2.5, so if anyone notices any wonkiness, please drop me a line and let me know.

Someone on NANAE pointed out to me that Yahoo's new Paydirect ad-banner shows the similarity between between Sleazy and Y!PayDirect

http://us.a1.yimg.com/us.yimg.com/a/hs/hsbc/pd_new_north2.gif:

Classic. Ya just can't make shit like that up.

I read (via NetNewsWire) about 40 or 50 different news sources. Some of them I skim, some of them I read religiously.

I also have about 6-8 blogs I read that belong to people (usually on blogspot.com) who are too lazy to set up an RSS/RDF feed (admittedly, blogspot doesn't make that easy, for reasons unknown to me).

So, this is my announcement: If you're one of those sites that I can't aggregate, you've lost me as a visitor, because my time is too valuable to "manually check your page" every day or two. Join the rest of the world, set up an XML/RSS/RDF feed for your freakin' site, so that interested parties can know when its updated without having to visit it twice a day to find out, cuz that's just dumb.

Gosh, I've been really bad about making blog entries. Probably partly because since a maintenance reboot of our production server a week-ago-this-past-sunday (after 290 days of uptime), we've had to reboot the production box (AIX RS/6000 box) just about every 20 hours.

Seems that at random times of the day, it'll start accumulating "defunct" or "zombie" processes. Thousands of them. And not that it starts accumulating them slowly and then builds up, but it's like someone throws a magic switch which says "ok, system, time for you to die.", and then all of a sudden ksh decides "ahhhh, I'm not going to reap children any more," and then dies, leaving the processes around to fill up the process table.

Meanwhile, we needed AIX support so infrequently that we always did "per incident" support, which IBM graciously killed, without really telling anyone near as I can tell (bastards), so we had to sign a support contract, wait 48 hours from that signing before we could call, etc. etc.

Heinous.

That, and the soon-to-be-ex brought back my Jeep on Thursday, but that's a whole different story I'll post up soon.

So work just got me an Ericsson T68M. Knowing it was bluetooth-ready, I picked up the $50 D-Link Bluetooth adapter for my Mac.

Let me say the integration rocks.

While the phone and laptop are paired up, if the phone gets an SMS message, a pop-up appears on the laptop with the message in its entirety, and an opportunity to reply using the keyboard instead of the keypad on the phone.

Go to address book, click on phone number, click "Dial". It's just that simple.

Color me impressed. Now I just need to get the internet-access-via-the-phone working, and I'll be golden. (well, that an Apple getting off their butts and releasing iSync, so I can shunt my address book over to the phone automagically)

Privoxy rocks. Web-based GUI for updating stuff, OSX binaries happily available, auto-starts on startup... perfect.

So I installed the latest rev of Mac OS X, codenamed Jaguar, today. I have almost nothing negative to say about it -- graphics are smoother, the system seems to run faster than before, the new features in Mail.app are nice (although there are still a couple things I miss -- accounts that don't have inboxes associated with them cuz they're just aliases, and a "refresh all folders" feature -- but overall, the entire product is quite impressive. The only real downsides is that I expected iCal and iSync to be in the box, not "available in September", the install process takes forfreakinever, the "logging in" screen seems to stick around longer than before, and I never used to have to type my username in at the login prompt (it always remembered it from the last login). But I can live with all of those.

... Continue reading For A Credit Card Flaunting Their Web Presence....

At Jeremy Zawodny's blog, Jeremy links to a CNET article detailing how HP is now wielding the DMCA stick against a group of security researchers for publicizing a vulnerability in HP's Tru64 operating system.

It doesn't require a degree in quantum mechanics to realize that for all the HP guy's posturing before Bruce's "non-event", the real reason for HP's swatting down of Bruce had nothing to do with "making sure it didn't hurt HP Linux development" and everything to do with "making sure there's no way folks can point to HP employees as being openly defiant of the law we're about to use as a very large stick against some small underfunded security group within the next week".

I've yet to see a peep out of Bruce on this latest development, specifically I wonder if he feels like he got completely hosed by his employer who torched his demonstration on false pretenses.

OSCON is almost over. Alex and I are hanging in the ballroom scoping out power-outlet-equipped seats while they're still available.

Milton Ngan's talk on WETA's use of Open Source software in the creation of the digital effects for Lord of the Rings was completely overwhelming. Like Nat said though in the introductions, there was a certain amount of "*mumble*open-source*mumble* blah blah blah LordOfTheRings! blah blah blah" to it as well.

But Milton, if you need any Perl programmers or an SA, uh, can you drop me a line? ;-)

I went to the Samba talk, didn't really learn all that much, but I think its because I don't have Samba servers integrated "alongside NT servers" but just use them as simple SMB file repositories.

I then went to the SpamAssassin talk, and it was very weird to hear someone talking about rfc-ignorant.org in a talk, even if it was a recommendation that "this may be a little too hardcore for you".

I then went to Bruce Perens' talk. Bruce earned some publicity in his announcement that he intended to violate the DMCA by using a modified DVD player (given his description of it during the talk, it sounds like an Apex unit) to play an out-of-region DVD disc. Instead we got a 10 minute talk from his boss @ HP espousing the why's and wherefores that Bruce wasn't going to challenge the law. The summation of Bruce's talk was something that comes as no surprise to any geek -- digital "rights" laws these days are skewed against you and you need to fight them. I think Bruce is wrong, insofar as I believe this battle is lost. He believes that the key is winning the hearts-and-minds of your neighbors to convince them to vote against politicians who support DRM, that they should make their politicians know their opinion, etc. I'm pragmatic enough to realize that the average USian today is a sheep, and so as they can turn on Seinfeld and watch reruns of the show-about-nothing, you could anally gang-raping them in DC, and they'd never care. This is a battle where the money flows from near-limitless coffers in Hollywood, the folks you need to enlist to the cause of "caring" don't care at all, and even if you could convince them to care, they'd be given a choice of two candidates, both of whom have been bought and paid for complete with receipts for tax purposes by Hollywood lobbyists.

We've lost. The only thing left to do is "...go bandit, Reynolds-style."

Yesterday was the "day of poor room choices"... every small session I was in was in a ballroom, every popular session I was in was in a 12 person meeting room.

I started out with the Intro to Moveable Type session. I left because it seemed a little too "basic" for what I was looking for.

Actually, I started out @ the 10:30 SuperSnail photo shoot for iBook/TiBook owners. So we're trying to get this done, and the guy who has the room at 10:45 (Daniel Veillard) is trying to heckle the people participating because they're not running an open source operating system, getting all uppity and basically making an asshole out of himself. He even seemed to get Nat pissed off enough that Nat yelled at him to shut up. If you can piss off Nat, you've far exceeded the standard person's asshole-quotient (AQ).

I went to lunch with Jeremy and Jan, and then went to the rescheduled Writing Maintainable Perl Code talk, which was quite good, I thought. Then I went to the far-more-crowded-than-fire-codes-could-possibly-have-permitted Allison Randal talk on tagmemes. I won't pretend that I understood more than half of it, but it was really intriguing, and I wish I had more time to learn more about linguistics in general.

I went to Brett Glass's Apache intrustion detection. It was, to me, a typical Brett talk, and that's not a bad thing. There are things that he suggests that I look at and say "my god, I would shoot any SA that worked for me who did that", and there's other stuff that I look at in wonder at its elegance and simplicity. In reality, though, it's all about seeing different ways of doing things, and figuring out which works best for you, so in that respect it was a very good talk.

Then I sat in the back of Jeffrey Friedl's "regex guru" session. It was great to see Jeff speak, even if by and large it wasn't really a "learning experience". Jeff's a great speaker who's a maniac on a whiteboard.

In the evening, the Milter BOF was nearly a dismal failure, until about 3/4 of the way in when a few people showed up. I think Sendmail needs to really get the word out about the Milter API and what it can do. It's one of those things that most people know nothing about, but once they do they get very excited. The problem is getting them to know about it.

Randal's party, held in the hotel bar this year, was - as usual - over the top. The beer flowed, the Quake machines were kicking ass, and it was just a great way to relax on the eve of the last day of the conference. Alex, Jan, Jeffrey and I spent most of the evening sitting in very-comfy chairs with Jeffrey and Jan debating human sexuality and gender roles.

So now it's 9 am, I'm in the Friday keynote, which just started, so more later....

... ate my goddamned bookmarks file. Just what I need when I want to "hit a few sites before I go to bed at an ungodly late hour" is to find that the many many URLs I don't remember are no longer at my fingertips.

He seems to keep taking my picture, but not putting it online. I must be ugly or something. ;-)

In his blog (Ask Bjørn Hansen: OSCon, Day 2, Tuesday), Ask makes a comment that touches on something I had been chatting with a couple about earlier today:

Afterwards was the quiz show. Derek Balling and the rest of the usual team won as usual.

Something Jeremy and I had talked about (Alex too, although Alex screwed up his flight and didn't make it in time to participate) was that if we won this year, that'd make three in a row, and in the tradition of Damian winning three years in a row, it'd be time to retire. It is time for someone else to win, so it isn't just "the same old folks winning every year". And I am not saying this to sound conceited or to the effect of "nobody can beat us, we're unstoppable!" It's just that, to the audience, the Quiz Show is where Jeremy, myself, Brett and (a varying cast of fourth-persons) go to pick up our prizes.

So, after a chat with Jon Orwant over beers this evening, ... and I can speak for only myself, for certain, but I think Jeremy will back me up on this, "The Still Undefeated Returning Champions" are retiring. Jon had some ideas on how doing this could actually give him some interesting things to play with in the next year's show which I found intriguing.

I think, though, if we're gonna retire, ORA should just comp our Safari subscriptions (that we keep winning) for life. ;-)

First morning was the Perl Optimization talk. It was quite good, except that I was very tired and couldn't concentrate too much. Convention speakers need to be energetic, especially for morning sessions, and it's tough to keep awake when they're not.

Afternoon session was on Migration to Apache 2.0, and that was very cool. There's a lot of cool stuff coming up that I can't wait to get my hands on... as soon as the PHP library works well on it and there's a Debian package for it. :-)

And then, finally, we kicked Chris DiBona's ass (and others) just as I told him we would, at Jon Orwant's Internet Quiz Show. Three years in a row, baby. We're now celebrating in the lounge outside the hotel bar. If you're in the hotel, feel free to stop by.

Went to Rasmus' morning tutorial "Introduction to PHP". It's a nice primer, the first half is basically "here's the rough syntax of how it works", the second half touches on "the wide range of stuff you can do" without getting really detailed or bogged down by any particular "cool thing". Definitely a good talk for someone new to PHP.

Note to Nat, if you're reading -- it's nice to have real food at lunch, and not those sandwiches. Whoever made that decision should get a raise.

In the afternoon, I went to the PHP: Frequently Solved Problems tutorial. I think the "meat" of the talk was good, but I found it hard to concentrate because it was this pair of people giving the talk, and they'd sorta help each other out, finish each other's thoughts, etc., and it was just easy (for me) to lose concentration. I ended up half-listening, half doing a rewrite in PHP of the RFC-Ignorant site. Enough people complained about the site not being HTML compliant, etc. etc., and at the same time I wanted to get some practical tinker-time with PHP.

In the evening Joe Rollinson (a Yahoo!Domains employee from San Diego) took a bunch of us (Jeffrey Friedl, Jeremy Zawodny, Andy Oram, Brett Glass, and myself), out on a sailboat ride. It wasn't a long ride (couple hours) but it was definitely fun and relaxing. There was just some gorgeous views of the skyline, both right before sunset, and after the sun set, with the city lights and such. (Course, we almost got busted for not having lights on at night... apparently there was a problem with the electrical system on the boat that Joe was unable to fix, so Jeremy and I took turns holding this flashlight through the ride back to the dock).

Being on East Coast time while sitting on the West Coast sucks. Certainly not as much as "being on West Coast time while sitting in Greenwich Mean Time", but it's still uncomfortable. Being dog-ass tired at 9pm, waking up at 3am, forcing yourself to go back to sleep, waking up at 4, forcing yourself to go back to sleep, waking up at 5... blecch.

And, of course, it'll repeat itself in the opposite direction in a week. Luckily, I'm always tired after travelling, so I'll be able to immediately crash after the eastbound leg.

I have a desire to get out of the hotel and do something, but I don't have the ambition to do so. Add to that the fact that nobody else has gotten here yet (most of the people I'll be meeting are all West Coast folks so they're taking like 45 minute flights here, instead of spending the better part of a day getting here like I did yesterday).

So for now, I'm catching up on a couple things that have been bugging me for a while on the server, watching movies on the hotel TV (not pay-per-view, I'm too cheap, and can't easily expense them *grin*).

Maybe by the time Jeremy or Ask shows up, I'll have claimed some ambition. Go see a movie or something else that similarly requires little "planning".

Tomorrow I leave for San Diego to attend the O'Reilly Open Source Conference. I know that Jeremy is going, as are a number of other folks.

Click below for my "planned schedule" if you want to try and find me while I'm there....

So I went to Mac World New York today. Like everyone there, there were two things I wanted to see... Jaguar (OS X 10.2), and El Gato's EyeTV DVR for the Mac.

Jaguar will be well-discussed elsewhere, so let me offer my impressions of my brand new spiffy DVR peripheral.

Pros:

So Pud (of FC fame) created a new site, called Yahotties, wherein he linked to (not copied) Yahoo!News photos of .. well, hotties.

Apparently, in the new Yahoo!Hollywood regime, the days of being able to actually parody Yahoo are over, because they're threatening to sue him. Gone are the days when Yahoo respected free speech and even included links to anti-Yahoo sites in the directory. No more. The official spot where Yahoo exists in its own directory no longer contains the links to "Consumer Opinion" sites... perhaps because consumer opinion was starting to lean heavily towards the anti- rather than the pro-Yahoo sites?

All I can say is I'm glad I'm not there any more.... The price of my soul is higher than they could pay me at this stage of the game.

To Pud, if you see this ... from a Yahoo who got paroled ... you have my best wishes in the battle to fight the nonsense spewing from Sunnyvale!

...who's next?

Ya know, it amazes me the wonderful bubble that dot-com's enjoyed (and, admittedly, which I reaped the benefits of as well at the time). How much of that was "internet optimism", and how much of that was underhanded accounting?

I don't want to start a rumor here, but it wouldn't surprise me if some of the current "big boy" dot-com players that have, so far, survived started to get outted for bad accounting practices. Especially as the numbers started to dip, they had every possible motive to find ... creative ... ways of keeping the bottom line above-water for investors' benefits.

And if that does happen, what would that mean for the tenuous confidence that remains in the dot-com world?

I'll say up-front that I'm a born-again package lover. When I first started using Debian, the layout of "Where it put stuff" bugged me and turned me off to package management solutions in general, but after I used it to maintain other stuff, I really came to appreciate letting dselect/apt-get take care of my packages for me. Those things which I had "broken from the package" on, I set out to go BACK to the packaged version, so as to reduce my sysadmin workload.

There are two fundamental problems with packages, though, both of which have bitten me in the ass in the last 48 hours:

(1) when a package maintainer is NOT the author of the package, or similarly motivated, the package can end up quite out of date with "current" codebase.

(2) when a complicated piece of software is made up of many different modular chunks, you can find it annoying when the package-maintainer only made SOME of those modules available as packages

I'm certain the problem is simply that software developers can't be bothered (rightfully so) to make packages for every different package management system. Even if they DID narrow it down to 3 or 4 package managers, those would probably not handle different platforms well, which means they'd end up with packages in format X for platforms A, B, C, packages in format Y for platforms A, C, and D, etc. Nightmarish.

There's no easy solution, but it just bugs me.