The ChaosZone! Blog chaos is a state of mind
This Weblog has Moved
This weblog has moved to chaoszone.org. Please update your bookmarks. Old posts continue to be archived here.
search-explorer.net is now running ads which pop when you mouse over the ad in a page, neatly bypassing my Mozilla popup blocks. Edge of acceptability. I'd expect to see more of such tactics as Mozilla-based browsers gain traction.
BlogToaster: cool. Compelling example of a real-world web service.
Cringely on Palladium:
Palladium will give Bill Gates a piece of every transaction of any type while at the same time marginalizing the work of any competitor who doesn't choose to be Palladium-compliant. So much for Linux and Open Source, but it goes even further than that. So much for Apple and the Macintosh. It's a militarized network architecture only Dick Cheney could love.I don't buy into this doomsday scenario for a couple of reasons: One: The PC market is large, and has enormous inertia. It's not as easy to get people to upgrade as it was, say, in 1996. Two: especially after the Hailstorm fiasco, MS knows its ability to push through even a de-facto standard is at an all-time low. Essentially, industry trust (amusing since there's a great deal of talk on their part about Trustworthy Computing(tm) these days) in Microsoft is at such an all-time low that it'll be a wonder if it can cooperate and work with partners outside its own walled garden (Dell+Intel+NVidia...) in a couple of years. Sure, we have Allchin talking about Microsoft's new `transparency' policy, but the doesn't-play-well-with-others image will have to go before grand, ship-100-million-to-start schemes like Palladium take off. And this is something that Microsoft will have to realize: they can't do it alone anymore. Sure, they shipped millions of copies of DOS and Windows. But that was at a time when no one else would look at the PC market. It isn't clear to me that they can pull it off again -- with Intel/AMD or without.
Couple of words about the OpenSSH mess: in my mind, this has brought home the necessity of full disclosure more than ever. It doesn't matter if the software is Windows XP or an obscure daemon -- full disclosure helps everyone evaluate the risks involved for themselves, and not leave them to trust others who have their own agendas to push. I have a potato box that was particularly hard-hit by this (yes, I know I should probably not be running potato, but this is a machine where I need stability more than I need the latest and greatest, dammit). Debian normally backports all patches, and doesn't introduce new features unless strictly necessary. Because of the ubiquity of OpenSSH and the (ahem!) unique characteristics of Theo de Raadt, they blinked and backported v3.3p1 as recommended, only to find when the advisory was released that they were not vulnerable all along! Personally, I think the best course of action for them now would be to go back to the original potato sshd. Could any of this have been handled any better? After all, apart from scaring the shit out of everybody, the OpenSSH team -- even Theo -- did the correct thing. They released just enough information about the problem, and suggested a workaround (in classic Theo style, not the simplest one available), until they could release a patch (3.4) which mitigated the problem. Maybe, just maybe, in future, teams maintaining software as ubiquitous as OpenSSH should probably interact a little more with vendors -- especially ones like Debian, which try to be highly responsive to security threats. That would make things much smoother for users and the reputation of the people concerned.
Uh oh, bad news. The message seems to be: upgrade to OpenSSH 3.3. Downside: 3.3 has problems with compression and PAM, in particular keyboard-interactive authentication. Folks running Debian can read DSA 134 (which, incidentally, leaves potato users in a bind). Note that upgrading will not fix the problem, only prevent a root exploit.
Yes, Mozilla lets me block popup ads, but I also hate violent, epilepsy-indcuing blinkenlights, aka animated gif ads. Here IE shines: press Esc and the pain stops. Not so in Moz (although Moz has quite a few other options that are useful for this), or Opera for that matter. :(
This /. post neatly captures my own feelings on the subject:
Microsoft had some good standards but they constantly ignore them these days. I saw a quote that thanks to Web application, which forces people to use really crappy UI, and the preponderance of high-resolution with lots of colors and everyone trying to take advantage of it (skinning is just another word for "angry fruit salad"), UI has been set back to about 1984. And this tendency to make regular Windows apps look like Web pages is just ludicrous. There were so many violations of common sense in just the installation of Visual Studio .NET, I could write a book about it. The app itself isn't too bad, but in some ways Microsoft has become the worst UI innovator because they are making lots of stylistic changes that have a negative effect on usability.You can read the other side of the story (about Inductive User-interfaces) on MSDN. Frankly, IUI works well for certain classes of problems. Good examples include Money, Management Console, Office XP's Task Panes. But IUI can be carried too far-- look at Windows XP's horrendous (default) Control Panel interface, for example. There, trying to find any given applet is by and large a trial-and-error affair.
A tale of arrogant software: Say you have Windows 98 or later with Active Desktop disabled. While browsing down the listbox of wallerpaper in the Display Applet in the Control Panel, you choose a JPEG image. Windows will then helpfully tell you: this image can be used as wallpaper `only if Active Desktop is enabled'. Well, that's a lie. Even Internet Explorer can turn JPEGs into desktop wallpaper -- it converts them into BMPs first. So do most users like myself -- use an image editor like (a recent version of) Paint, or Photo Editor, and convert the bothersome JPEG into a BMP and lo! instant wallpaper gratification. Here, the most charitable explanation is that the applet programmer never had a look at the (similar) feature in IE. The less charitable explanation would be that the programmer had orders to get the word Active Desktop in front of users' eyes as often as possible, whether it made sense or not. Anyway, all the Control Panel applet makes us do is jump through a few hoops. Software which behaves this way -- an I know better attitude -- gets an arrogant mark from me. Update: The old wucrtupd.exe had a similar problem -- bustling with self-importance, it scanned for updates every five minutes, with no (good) way of changing the interval. Thankfully, the new Windows 2000 Automatic Update is much better to use. I guess someone at msft listens to all that feedback after all :-).
The comely seven of nine has disappeared from netcrucible, replaced by a red-and-yellow aleph-nought (what's that supposed to stand for? Infinite Microsoft?) Shucks. The borg joke was one of the reasons I thought netcrucible was cool in the first place.
TKL: The real story here is that the Indians have managed to set the US up to fail. Any intelligence the US may have on militant activity is overly reliant on satellite photography. In the twisted terrain along the LoC, nothing short of a massive ground operation by the US military will even come close to simply monitoring, effectively and safely, the integrity of the border.
I usually scowl at political news. Today was an exception: Abdul Kalam to be the next Prez? Neat. This guy is a smart man, a good human being, great scientist, and a good speaker. Somebody the average Indian can look up to.
Easiest way to remove garbage left behind by warez folk (such as on a writable anonymous FTP server) or on a rooted Windows server:
RD \\?\D:\full\path\to\folder. You may get some `file in use by another process' error -- relogin and you should see the junk removed. mskb 120716 says that should be \\.\D:\some\folder, but I had problems with that. Good links on this at incidents.org and anetforums.
Scoble: I see wave after wave of layoffs (even at Oracle) while the boss makes obscene amounts of money. [...] No one "earns" $700 million dollars. You can't tell me that Ellison did 7000 times more than I did last year for society. Maybe he did 7 times more. Maybe 70 times more. But 7000? Give me a freaking break.
Good post on Google as a shared memory (via jrobb). I have lousy short term memory, especially for things I am not very interested in. And ever since I found google.stanford.edu in 1998, I think of it more and more as an extension of my memory. These days I increasingly find myself not storing an interesting factoid, but a pointer to the factoid, a sort of informal version of Phelp and Wilensky's Robust Hyperlinks. I'll probably be among the first to line up for a Google Cybernetic Interface to be wired to my skull :-). Postscript. Visiting the TBTF Archive is always a rewarding experience -- it's an account of the rise and rise of the Internet, of a more optimistic (euphoric?) era, written by one man long before blogs were even a gleam in anyone's eye (TBTF started using blogger way before the weblog craze, actually). If there's a site on the 'Net I'd say I miss, it would be TBTF. Oh well.
There are times when referer logs can be positively amusing. Example: What's the first result you get when you search for all of these together on Google: cnet slashdot newsforge register yahoo? Well, (at least as of posting time) The ChaosZone Blog! :-)
Did anyone within the Office teams even try to use their `Internet Integration' features? If yes, could they please explain why right-clicking a hyperlink in a Word document (and, I'm pretty sure, in the rest of Office) when you're viewing it in a IE frame doesn't have a `open link in new window' option? It's irritating, because I lose the doc I was currently reading. So much for encouraging the use of Office formats on the web. Charitable explanation: they are holding this off so they have something to add in the next release :-).
Cool. On the same day that uncle Jaswant soothes some nerves, uncle Advani is sure to raise hackles in Islamabad with his little talk about Indo-Pak reunification (as (mis)reported by on the Times Of India's front page -- Advani was only talking about a possible confederation). Those familiar with the BJP's Jana Sangh/RSS roots may suspiciously remember that BJP hardliners -- Advani included -- have classically believed in a Greater India (`akhand Bharat') -- this includes Afghanistan, Pakistan, Bangladesh, Nepal and even Burma(!), and may look for echoes of that in this pronouncement. While there is little doubt, I think, that `akhand Bharat' is a concept close to Advani's heart, the BJP would be far too selfish to push such a measure with any seriousness -- forget about international opprobrium, the resulting unification could only drive the BJP's already stagnant nationwide percentage vote share down (assuming universal suffrage).
Art & Commerce in the Digital Decade: Protecting intellectual property will take cooperation and innovation. No, it's not an EFF essay, it's a Microsoft position paper. (via the Reg)
John Robb: [music labels are] exactly the kind of business that will continue to face consumer backlash in the new economy. They are inefficient and have erected artificial barriers to competition in order to charge excessive prices. Until albums arrive on my hard-drive at $2-3 a pop, they won't get any of my business. Nothing in between works. This may take ten years, but in the meantime I will continue to use Kazaa.
From the chris-carter-are-you-taking-notes dept: NYTimes: Last fall, something peculiar began to happen at more than two dozen elementary and middle schools scattered across the country. Suddenly, groups of children started breaking out with itchy red rashes that seemed to fade away when the children went home -- and to pop up again when they returned to school.
Over the way (while on browsers), if Mozilla and Opera are such hotshot browsers (definitely, Mozilla's popup busting is sweet), how come neither of them see it fit to provide a shortcut key for the address bar, which poor ole' IE has provided since version 4? And what about an overridden edit control for the address bar (again, like the one in IE) that understands slashes, periods, question marks and semicolons as word breaks so that I can Shift+Control+LeftArrow through a URL easily to edit it? Ah, usability, usability...
Mozilla 1.0 is out! Truly a red letter day!