the lasting legacy of Bush and his boss, Cheney...
the lasting legacy of Bush and his boss, Cheney...
My dad sent me this:
Very nice, especially the Tamil and the Punjabi ones. The Telugu and Malayalam versions were not that great.
By the way I wonder who the pretty girl in pink is -- I'd love to know (and some of you know what pink does to me!)
She looked very sweet, plus she can certainly act -- I mean this must have been rehearsed, yet her expressions, reacting to the main actor, were absolutely spot-on.
A "little girl" I know, whom I have a lot of affection for, sent me an invite to join "yaari.com".
Now, I probably receive about a dozen of these in a month, for all sorts of sites, from all sorts of people, and so far I have just shift-deleted them. (The only one I am a member of is LinkedIn, which is quite different in intent and target membership).
However, this friend is special enough that I wanted to at least consider joining, just for her sake. So I clicked on the link and came to the signup page. The signup page lists, on the right side, the "Top 5 Reasons to join Yaari", which are:
- It´s India´s safest social network
- Meet cool people
- Girl gossip
- Play fun games
- Watch Bollywood
My first thought was, if these are their "top" reasons, I wonder what the bottom ones are!
I'm particularly worried about the first reason -- I question the "safety" of anything that registers members without asking their age, leave alone ensuring their parents are informed!
In contrast, the Mattel site (I think) does this: they ask the child to provide a parent's email address and then they send a confirmation email to the parent. This doesn't prevent the child from **knowingly** doing something stupid, but for most normal kids this is quite sufficient.
[ And don't tell me yaari isn't targeted at young girls; look at reason #3 :-) ]
I was ranting about how unproductive Lotus Notes is, and why I refuse to switch from Mozilla Thunderbird, on an internal mail. On that list was a guy who used to be fairly techie but has long ago given up on technology to become a "manager" (which happens so often in India), and he said:
"I use thunderbird at home - and am quite at a loss to understand what is the big deal in a mail client - as long as I can send and receive mails and retrieve them when I want, I don't care one way or the other."
I think this is excellent logic, implying that email clients are fungible. Applying this logic to the most fungible entities I know in the corporate world:
"I deal with managers at work - and am quite at a loss to understand what is the big deal in a manager - as long as he can read and send mails and forward them when I want, I don't care one way or the other".
Cool huh? Of course, I didn't send it to him, for 2 reasons:
- he might get the joke
- he might not get the joke
PS: Just for completeness, here're some serious answers to that silly argument. Please add more in comments if I missed something.
(1) if it's no big deal which you use, why use an expensive, bloated, closed source client instead of an open source one? 500MB versus 8 MB, as someone reminded me...!
(2) by the same logic, why not standardise on Word for all source code editing -- if it can insert and delete characters, and do Ctrl-F to find stuff, why would you "care one way or the other"?
(3) why Word -- why not Notepad? :-)
(4) Lotus Notes acquired the "sort by subject line" feature in 2005 (see http://www.ibm.com/developerworks/lotus/library/notes-designer7-features/#N10093 last paragraph of the "Mail" section). Do you really want to discuss **my** interpretation of "retrieve them when I want" if this is your baseline?
Anyway, I offered him a demo. Let's see him try something like typing "f:manager t:sitaram s:some-topic" and watch the display rapidly subset itself down to just the right email(s) **as I type those characters**!
http://isc.sans.org/diary.html?storyid=5530&rss (which links to http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123898 )
Quote: Turns out that this bug is now being exploited through Word documents. While this is basically a simple evolution of the exploit method, I imagine that this is only the first or second evolution. There are more to come I am sure.
Quote from the linked article: "Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that's hosting the malware," said David Marcus, director of security research and communications for McAfee Inc.'s Avert Labs. "This is a pretty insidious way to attack people, because it's invisible to the eye, the communication with the site."
Embedding malicious ActiveX controls in Word documents isn't new -- Marcus said he had seen it "a time or two" -- but using an ActiveX control to ping a hacker's server for attack code is "definitely an innovation," he added. "They're stepping it up."
I've been trying to tell my non-technical friends (and some technical ones who seem to be too lazy to wake up) about why IE flaws actually affect the rest of the system, because they're all using the same code base.
In genetics, this is called a "lack of [genetic] diversity", a sure fire way of killing off an entire population with one well-placed virus. The only difference is that with people, you can't "reformat and reinstall", so this "species" (Windows OS) survives far longer than the lack of diversity suggests it should.
People, listen to me: please do NOT use IE for casual web surfing. If some site does not work with Firefox, and you MUST go to that site, then open only that site in IE. No problem. But all casual surfing must be done using Firefox. And use the No Script extension if you can, to get even more protection: https://addons.mozilla.org/en-US/firefox/addon/722
what an awesome article -- this is the kind of stuff that we Indians should be proud of.
Pure brains. And honesty and integrity and taking your job seriously...
You ask: Wordpad?
You're speechless: But it's just a fancy text editor...how...[you trail off...]
My sentiments exactly...
For $DEITY's sake it's just a FRICKING FANCY TEXT EDITOR! How in heck do you manage to make a text editor something a hacker can use to get into your machine? And what's next? Notepad? Solitaire?
Here's a very eloquent comment about it from El Reg:
...are us. Every single one of us. As long as we depend on petrol,
we're all supporting these terrorists. I know we don't have a choice,
but let us at least recognise it.
All the attention is on Pakistan, but the ones who are REALLY behind
all this, the ones who are too bloodthirsty even to indulge in the
human emotion of gloating, the ones who are **financing** all this,
are the wahabi's of Saudi Arabia.
Sufi and Sunni Islam are largely peaceful, I think -- it's hard for
anyone who saw even the highly fictionalised "Jodha Akbar" and fell in
love with the "Khwaja Mere Khwaja" song to think otherwise, however
stupid and hopelessly romantic (and previously unaware of sufi music)
that might make me sound! It's the wahabis who believe that the
entire world MUST be brought to heel and will not stop until that
happens. Or they are exterminated or lose their power.
But as long as the entire world runs on petrol, they win. Pakistan is
a convenient whipping boy for everyone (India, EU, US, and anyone
else), but no one, not a single world leader, will point the finger at
the real terrorists. They can't afford to.
An extract from
http://www.nytimes.com/2008/12/08/opinion/08french.html is below. As
you can see, Mr French just barely mentions where the money comes from
and stops there.
But move on from that line and read the description of this "Hafiz
Saeed" [a most inappropriate name for someone like this, by the way].
The ideology is chilling, the sense of purpose scary. But tell me
this: who would finance him if they did not believe the same things,
And every time I take my car instead of walking, I am supporting them.
Anyone who buys an SUV and drives it ALONE, is supporting them.
And even we all stop doing those little, oh-so-avoidable, things, it
wouldn't make a difference -- rising population has ensured that
demand far outstrips supply forever.
Suddenly I'm feeling good about all those dire predictions that world
fossil fuel supplies will only last another 20 years or whatever. So
by the time my son is coming close to my age, terrorism will cease!
[extracted from http://www.nytimes.com/2008/12/08/opinion/08french.html]
These misdeeds are real, as are India's other social and political
failings (I recently met a Kashmiri man whose father and sister had
died at the hands of the Indian security forces). But there is no sane
reason to think Lashkar-e-Taiba would shut down if the situation in
Kashmir improved. Its literature is much concerned with establishing a
caliphate in Central Asia, and murdering those who insult the Prophet.
Its leader, Hafiz Saeed, who lives on a large estate outside Lahore
bought with Saudi Money, goes about his business with minimal
interference from the Pakistani government.
Lashkar-e-Taiba is part of the International Islamic Front for Jihad
Against Jews and Crusaders (the Qaeda franchise). Mr. Saeed's hatreds
are catholic -- his bugbears include Hindus, Shiites and women who
wear bikinis. He regards democracy as "a Jewish and Christian import
from Europe," and considers suicide attacks to be in accordance with
Islam. He has a wider strategy: "At this time our contest is Kashmir.
Let's see when the time comes. Our struggle with the Jews is always
there." As he told his followers in Karachi at a rally in 2000: "There
can't be any peace while India remains intact. Cut them, cut them --
cut them so much that they kneel before you and ask for mercy." In
short, he has an explicit political desire to create a state of war
between the religious communities in India and beyond, and bring on
Like other exponents of Islamist extremism, he has a view of the world
that does not tolerate doubt or ambiguity: his opponents are guilty,
and must be killed. I have met other radicals like Mr. Saeed, men who
live in a dimension of absolute certainty and have contempt for the
moral relativism of those who seek to excuse them. To achieve their
ends, it is necessary to indoctrinate boys in the hatred of Hindus,
Americans and Jews, and dispatch them on suicide missions. It is
unlikely that any of the militants who were sent from Karachi to
Mumbai -- young men from poor rural backgrounds whose families were
paid for their sacrifice -- had ever met a Jew before they tortured
and killed Rabbi Gavriel Holtzberg and his wife, Rivka, who was
several months pregnant, at the Mumbai Jewish center.
... they can't be as bad as this:
Around 8:30 this morning I went out looking for a place that will let me photocopy some documents I needed later in the day; I need not tell you that our government bureaucracy is solely responsible for the profit margins of most copier makers ;-)
Anyway I found a little internet cafe + photocopy shop in which a young boy was vigorously dusting the various bits of hardware lying around. Very hopefully, fearing the usual "abhi dus minit mein ho jayega", I approached him.
[Aside for people unfamiliar with Hyderabad: "dus minit" is measured on the Brahma scale (refer to Hindu mythology for that one...)]
To my intense surprise, he actually took my documents immediately, hit some buttons on the machine, and started the copy. Great -- I don't have to wait around.
While he was doing that, a young man of about perhaps 20-25 years walked in, and said "internet chal raha hai?"
Having seen more than my share of blank looks in the past, I resisted the urge to explain to him that multi-billion dollar corporations like Cisco and Sprint and BBN and God knows who else are hard at work trying to make sure of precisely that, and so, in all probability, the internet was not just "chal raha hai" but "doud raha hai".
Anyway the 13-year old lad running my photocopy said "hanh -- woh teesra cubicle mein jao. Aur internet explorer mat kholna; Mozilla firefox use karna".
[Don't forget -- this was a guy I mistook to be a cleaning boy, and worried if he'd be upto switching on the photocopy machine and doing the duplex copies I wanted...]
Middle-aged men with gray hair are not expected to suddenly break out in a joyous jig, so once again, I restrained myself and, with as much disinterest as I could feign, asked him "kyon"?
And he said "virus aa jaate saab". With one hand still operating the copy machine, he demonstrated what were clearly meant to be a series of nasty popups with the other hand -- I can't describe it in writing, you'll just have to imagine it.
This is it guys. When kids who look like cleaning boys in internet cafe+xerox+STD/ISD shops start telling people to use Firefox instead of IE, MS is done for.
World domination can't be that far away... YEEEHAAAW!
Never underestimate the stupidity of people in large groups, a wise
man once said. I'd add, never underestimate the stupidity of lawyers
in large corporations.
So you are one of the most successful car companies in the world.
Your products have many proud owners, who are so proud of the cars
they bought from you that many of them make really cool desktop
wallpapers of their photographs, presumably to show off. And then
they post these wallpapers on to a site dedicated to desktop
wallpapers, presumably to help others (less artistic than themselves)
also show off their cars.
What should the car maker do? Treat this as a bunch of free
advertising and nod benevolently? Maybe even pass on the occasional
high-res shot for people with the twin passions of photographs and
Toyota cars to drool and ooh and aah over?
That's what *you* think. No wonder you never got a job as a lawyer at
Toyota! Toyota lawyers know better.
Toyota is demanding that a website dedicated to desktop wallpapers
remove all wallpapers featuring Toyota cars, **even if the photograph
is copyright someone else*** (like perhaps one of the users of the
website). They cite this as a DMCA violation, of all things. The
DMCA, as some of my readers will now, is the law that supposedly
attempts to protect music and videos from being put on the internet.
Despite the fact that the DMCA has been misused and abused far more
often than used, I can understand a music company losing revenue if I
post an MP3, but a car company losing revenue due to wallpapers
created by proud owners?
said it much better than I could have; might sound dramatic for people who don't grok the intricacies of the current security scenario, but then, did you predict the way the market would turn out like this today? I haven't heard any important decision-maker type person say "oh yeah I knew that, I saw that coming"!
from http://www.theregister.co.uk/2008/10/28/cloud_computing_means_storage_consolidation/comments/#c_351569 :
I think all that £1.8 trillion (and counting) lost by the World's financial institutions lived in the monetary equivalent of a cloud. The whole thing proved to be incredibly vulnerable to a "common mode" failure. That is there weren't lots of single, independent, resilient financial systems. There was one massive one connected by means that nobody understood.
The whole "cloud computing" and SOA idea has the same uncomfortable feeling. Which little common flaw, what single component might fail that trashes the whole thing. There's going to be a complx system of interdepencies, on security, on networks, on naming, on service, on versioning. What failure, benign or malicious, technical or commercial could bring the whole thing crashing down. What undetected security breach will mean that all our details end up in some gangster's hands. I don't think I want my personal or financial data held in this piece of doubly figuratively "vapourware", for what else is a cloud made of. The finance industry made a mess out of opaque and abstract services. This could be a way for the IT industry to go the same way.
So yes - for nice for consumer toys, for the little software luxuries and gadgets of computing, for stuff not emeshed in the working of the real economy than mash these things together. Just don't bet your life, or your finances on it. If you want guaranteed security, performance, robustness, accountability and reliability. Well that's a lot of trust to have - a systemic failure could bring down a country, not just a company.
quote: And, as I talked with him, once more I was reminded about the difference between a used car salesman and a computer salesman: the used car salesman knows when he's lying.
A few months ago a young security researcher called Dan Kaminsky found a serious problem in the way most DNS servers handle requests. [DNS is analogous to the "telephone" directory of the internet, and a DNS server is your interface to this global "telephone" directory]. Dan Kaminsky showed how a bad guy could fool any DNS server into giving out wrong numbers to your queries, so that when you thought you were logging onto citibank.com you were actually going to some Russian hacker site that mimicked citibank well enough to fool you.
The interesting thing about Dan's discovery was that a medium-term fix was easy -- all it needed was for most major DNS server software to be updated. However, they all had to be updated simultaneously, otherwise, by looking at how the first one was patched, hackers might figure out how to attack the others which were not yet patched.
The wonderful and amazing thing is that he actually managed this feat of co-ordination: all the major vendors of DNS software went into a huddle for six months, fixed their software, and all of them simultaneously released a patch on July 8th, 2008.
Sadly, July 8th is old history in internet time scales.
Guys and gals, ladies and gentlemen, if you ever do anything on your browser that requires a password, please do the following:
(1) install Firefox -- http://www.mozilla.com/en-US/firefox/
(2) install NoScript (this is a Firefox "addon") -- https://addons.mozilla.org/en-US/firefox/addon/722
NoScript has been keeping me immune from many smaller attacks and security holes for years now. This hole is merely the latest and the most frightening, judging by the secrecy and the dire warnings, but even this does not worry me. And it should not worry you too, if you do this.
Yes, I know it's not meant to be insulting, but it's too funny to ignore the coincidence of "General Abstract Nonsense" being used to describe concepts in Category Theory, which is where monads come from. And yes, I know that the real explanation is that I'm too stupid (in math at least) to ever be able to manage the level of abstraction required to get it. But hey, I'm smart enough to know how stupid I am -- that's gotta count for something right?
[PS: On a related note, did you know there is something called Pointless Topology? I wonder if they get paid extra for coming up with this sort of stuff ;-)]
You may need to read the whole article at http://thedailywtf.com/Articles/Office-Supply-Amnesty.aspx in order to understand the humour in the following comment that was posted in response, at http://thedailywtf.com/Comments/Office-Supply-Amnesty.aspx#217428
----- start quote -----
We spend a lot of money each year on managers - a lot of this is
unnecessary expenditure as they spend their time micromanaging
employees to no measurable savings.
Please check the office for any unused managers and dispose of them in
some appropriate way. This exercise should also help to tidy up the
offices which are starting to look trashy in some areas.
Hoping I will get you co-operation in this
----- end quote -----
Quote: "To a Reg reader, Accenture will be associated in the context of technology with the words “screw up”, “late”, and “over budget”."
I need to find this reporter and take him to lunch. Or at least buy him a beer. The sad part is, no other mag will dare to make such a blunt statement :-)
two examples coming so close to each other... what's going on?
Quote: "Some people," the patent application observes, "have taken it upon themselves to remove the sensor from the special pocket of the [iPod-linked] Nike+ shoe and place it at inappropriate locations (shoelaces, for example) or place it on non-Nike+ model shoes." Oh my God: Geeks are ripping the sensors out of their sneakers and sticking them on their shoelaces! Unleash the shoe nazis!
This is the kind of guy they're targeting with this monumental stupidity: http://podophile.com/2006/07/14/shoe-hacker-nikeipod-sport-kit-shoe-mod/
I like the last line of this blog post, just before the comments: "It used to be cool to be an Apple fanboy. Now it's starting to be embarrassing."
On the slashdot thread about this (at http://apple.slashdot.org/article.pl?sid=08/09/13/2114214 ), I particularly liked these two comments:
(2) For those of you who like the iPhone, here's an example of how much of a stranglehold Apple has on what you can do with it (apart from all the things you cannot do, as in http://www.michaelrobertson.com/archive.php?minute_id=242 and elsewhere):
The slashdot summary is pretty brief:
DaveyJJ sends news of yet another rejection of an iPhone app by Apple, with perhaps a chilling twist for potential developers of productivity or utility apps. John Gruber of Daring Fireball writes: "Let's be clear: forbidding 'duplication of functionality' is forbidding competition. The point of competition is to do the same thing, but better." Paul Kafasis (co-founder of Rogue Amoeba Software) makes the point that this action by Apple will scare talented developers away from the iPhone platform. And Dave Weiner argues that the iPhone isn't a "platform" at all: "The idea that it's a platform should mean no individual or company has the power to turn you off."
My personal boycott of the Bacchan family for rejecting the beautiful Rani Mukherjee (and marrying the one actress I totally totally can't stand) might have to go on a short vacation. If reports are to be believed I may have to watch The Last Lear.
So let's see... I bought a Sony product in December 2006, despite the rootkit boycott (there's an account of it somewhere on this blog; use the search box), I don't check if it's a Sony movie before going (and anyway my wife decides what movies we watch!) so I probably watch Sony movies all the time, I have already seen 3 movies in a Reliance-owned (motto: we don't even treat our own brother right; who the fsck are YOU?) theater and since it's the closest to where I live, I'm sure there'll be more.
And now this.
Damn it, I'm not very good at this boycott stuff... :-(
Completely lifted from http://developers.slashdot.org/comments.pl?sid=962865&cid=24989951 (it's short enough, and funny enough, and I hope the author won't mind if he finds out!)
---- quote ----
When MS uses the word Beta, they really mean pre-alpha. Release is Beta. If you want a release quality MS product you need to look for the discontinued tag.
Google is simpler, they got beta, beta and beta. One works, one doesn't, the other works for everyone except you and just when you became totally dependent on it, they kill the project.
Linux has Beta and RC. RC is solid but out of date so nvidia doesn't have drivers for it anymore, beta is solid but nvidia doesn't have drivers for it yet.
Solaris has only one version, more solid and sensible then a rock, it is labelled "Giving your accountant a heart attack".
I am half inclined to watch it again; if I manage to find the time I probably will. The movie shows you things which you wish would happen, although deep in your heart you know this is pretty difficult.
Some comparatively mundane comments:
- absolutely no songs, hero/heroine junk -- very nice
- Anupam Kher shines
- Naseeruddin Shar outshines :-)
And for anyone who thinks Amitabh has the best voice, listen to Naseeruddin Shah in this movie. The timbre of his voice, the diction/accent -- just terrific. Don't get me wrong, Amitabh is pretty good, but this guy has him beat.
"Honestly, if you proposed the film work-flow today, you'd be taken to the city square and hung. Imagine I told you we're going to shoot on superexpensive cameras, using rolls of celluloid made in China that are a one-time use product susceptible to scratches and that can't be exposed to light. And you can't even be sure you got the image until they're developed. And you have to dip them in a special fluid that can ruin them if it's mixed wrong. People would think I was crazy."and
...imagine I told you "Someone is going to create a software product, spend as much selling it to you as you pay the first year, refuse to let you try it enough to determine whether it will really work in your environment, keep the internal code secret and not let you examine it, forbid you from publishing benchmarks so that its performance can be compared to other products, charge 20% of the initial price each year for maintenance whether you need it or not, and potentially pull it from the market due to internal business reasons with no possibility for you to do anything about it. Oh, and by the way, if they do keep in the market, they may come up with mandatory upgrades requiring additional fees." People would think I was crazy.
So there was this event we took our daughter to today, and while there
we saw a small boy (maybe 7 years old), crying for his father. I
asked him if he knew his dad's mobile number, and he did, and so I
He said he was outside somewhere so I told him to come back and pick
up his kid. After about 10 minutes I got tired and called him again;
this time the guy sounded positively put off that I was bugging him,
so I told him look your kid is crying so please hurry up.
He came in a minute or two later, a short, fat, fellow, scowling at me
(or his kid?) He walked up to his kid, took his arm, and walked off.
I started to say something, and he said "meere na call chesindi?" (are
you the person who called?), I said yes, and he just walked off.
Never mind a word of thanks, I got the feeling that he was pissed off
that I had disturbed him.
For some reason, he seems to have mistaken this event for a free
"creche" for the day, the miserable jerk. I pity the poor kid; God
knows how often he gets left alone like this. Why bring him at all if
you don't want to spend the time?
And now for something personal...
(what you don't think I have a personal life?)
My wife and I took our daughter to the Chandamama kids day that
happened today. They had probably a couple of thousand kids (wild
guess) and 4 events -- English debate, painting, story-telling, and
clay modelling. My daughter took part in the last 2 and got a
consolation prize for story-telling.
But the real point is, this thing was organised so well, it defies
description. They made ample arrangements for chairs for parents to
sit. The competitors were separated from their parents just
sufficiently to ensure that the parents don't try to "encourage" their
kids in any way, but you could see them all the time. They did not
expect the kids to bring **anything** -- they supplied every single
item that you could need. You basically walked in, that's it. And it
was all free.
They must have passed out thousands and thousands of cups of drinking
water, free of course, to everyone who attended (I estimate a few
thousand easily). The food, though not free, was very decent and not
at all expensive. And as befits what is (now) essentially a Chennai
company, the curd-rice was perfect :-)
I guess I need to buy some Chandamama issues for the next few months,
or maybe even subscribe. It's not a bad mag for kids that age, and I
know I grew up with the Telugu one (the only way we could keep up with
Telugu while living in Bihar!), so I'm not sure why we don't,
currently, buy it regularly.
Tracking the Password Thieves is an article by Washington Post columnist Brian Krebs
The victims ranged from Myspace-browsing youngsters to credentialed "security experts" who claimed to be doing everything they should to keep a Windows PC healthy and virus-free.
What's worse are these two:
Further analysis of the data showed that it contained a large batch of medical patient information, including date of birth, SSNs, credit card numbers, and so on. The data was stolen from the computer of Biram Chapman, founder of Vidalia, Ga.-based Chapman Healthcare Services. The company had Symantec's Norton Anti-virus software installed, but the virus that infected his machine disabled the program's ability to download updates.
My analysis also turned up login information for Accurint.com, a consumer database company used by many police departments and investigators to track down individuals. Imagine the damage an identity thief could do from looking up the Social Security numbers and other sensitive data on as many Americans as he wants. Fortunately, I was able to get in touch with the gentleman who owned the Accurint credentials, an investigator with an Alabama district attorney's office, who changed his password before the thieves had a chance to use the account.
Some of the victims I spoke with acknowledged they were slacking in some measure needed to keep their Windows computer safe online, but others insisted their machines got infected even though they were doing all the things experts recommend, such as using a firewall and up-to-date anti-virus software, and applying security updates from Microsoft when they are released.
And finally, here's a sampler of the types of people whose machines have been compromised (all are quotes from the article, but you really need to read the whole thing to understand how deep this goes and how it works):
- an engineer for the Architect of the Capitol
- someone who works in computer security for IBM
- someone fresh out of college who'd just earned a degree in information security (!)
- a man in the D.C. area who works for the Federal Energy Regulatory Commission, which is part of the Department of Energy
- a woman working in the new accounts department at Bank of America (this wasn't her home computer; this was her PC at work.)
- two [at] biotech giant Amgen
- two [at] pharmaceutical maker Merck
- another [at] the Massachusetts District Attorneys Association
Want to start using Linux? Call me -- I'll help you any way I can! Free, no strings attached, of course, in the spirit of evangelism. It's a lot easier if you're in my city but even otherwise we can work things out somehow.
very amusing review; pretends that Vista came first, and talks about XP as the newer one, describing all the "improvements" that XP has over its "predecessor" :-)
Funny article on the Fedora mystery...
Jon Corbet -- you are my hero. If I could be half as funny as you, I'd
go on a drinking binge!
The worst kind of interviewer is the blowhard. That's the kind who
blabs the whole time and barely leaves the candidate time to say,
"yes, that's so true, I couldn't agree with you more." Blowhards hire
everyone; they think that the candidate must be smart because "he
thinks so much like me!"
Nice article. Apparently a legend of some sort; got turned into a
book too! I'm not sure I agree 100% with everything he says but
there's no question he writes well, so give it a shot.
As we in India prepare to sryyngr the US to gain a questionable amount of nuclear energy for an unquestionably large cost, there's a bit (only a bit, mind) of schedenfraude in reading the following:
This week the law lords had a wonderful opportunity to assert our independence from the US and to make a point about the abandonment of legal principles there since September 11. They have failed to do so. We must now hope that the European court of human rights will step in to prevent a great injustice to a man whose real offence was to tell the Pentagon a blunt truth.
And here's the bare truth behind Gary McKinnon's misfortune: he made the mistake of telling the emperor he was naked :-(
Gary McKinnon started his hacking long before the events of September 11 and his offence has nothing to do with terrorism. In fact, much of his exploration was in pursuit of information about UFOs. But, because of the embarrassment he has caused the Pentagon, he is being pursued as if his offence was in some way connected to US national security.
IBM, Canonical/Ubuntu, Novell, Red Hat to Deliver Microsoft-Free Desktops Worldwide
Here's the first para. See if you can spot the good news and the bad news :-)
For the first time, IBM and leading Linux distributors Canonical/Ubuntu, Novell and Red Hat will join forces globally with their hardware partners to deliver Microsoft-free personal computing choices with Lotus Notes and Lotus Symphony in the one billion-unit desktop market worldwide by 2009.
...yet another reason why that is bad.
Quote: There is one catch, however. The victim would have to be logged into the Web site that is hosting the image for the attack to work. "The attack is going to work best wherever you leave yourself logged in for long periods of time," Heasman said.
Very, very, crude language, but I'm excited that something I learned about on the side while learning Haskell (or trying to, because I couldn't figure out Monads well enough) is probably coming to hardware!
STM (Software Transactional Memory) was a really nice concept that essentially does to threading and concurrency what commit buffers and ACID properties do to database programming. You know the database engine will take care of concurrency in database transactions, right? STM systems will do the same for threading, except Sun is now talking about HTM (Hardware TM) and HyTM( Hybrid TM). Cool!
STM is based on the premise that you mark out sections that are supposed to be atomic -- that's the "A" in ACID, in case you forgot -- and the back-end system will ensure that either *all* of that will happen or none of that will happen (it'll be rolled back). What the system does is keep track of every variable you *read* and log every write you make inside the atomic block.
When you exit the atomic block, it double checks every variable you *read* to make sure it is still the same. If they are all exactly the same, it means that none of the other threads did anything that would have conflicted with your data, so your "transaction" is committed.
However, if any of the variables you read inside the block have changed, it has to roll-back your "transaction" and maybe re-try.
In other words, optimistic concurrency control. (Curiously, most modern Version Control Systems are also based on the same idea... go figure!) Maybe it's time to re-start my aborted attempt at learning Haskell...
PS: And this bit is absolutely priceless:
What I would have learned had I been more dedicated to my education were the two fundamental facts about multi-threading with locks:
- 1. You're going to fsck it up.
- 2. If you think that you haven't fscked it up, you have. You just don't know it yet.
(small one, so I quote the whole thing; apologies):
----- start quote from http://apache.slashdot.org/comments.pl?sid=626521&cid=24344659 -----
main story: Microsoft Blesses LGPL, Joins Apache Foundation
Bruce Perens says there's much reason for caution: http://apache.slashdot.org/comments.pl?sid=626521&cid=24342531
Microsoft's 2002 plan to sue Apache: http://apache.slashdot.org/comments.pl?sid=626521&threshold=5&commentsort=3&mode=thread&cid=24346261
There's a new virus out that "searches for MP3s, transcodes them to WMA format, wraps them in an ASF container, and adds links to further copies of the malware, all without modifying the .MP3 extension": http://it.slashdot.org/article.pl?sid=08/07/18/145223&from=rss
The real insight here is at http://it.slashdot.org/comments.pl?sid=618545&cid=24242285 , which explains why ASF is like the ActiveX of multimedia! It's a very short comment, so I'll take the liberty of reproducing it here:
...from a company which is pretty famous for such behavior anyway.
I did not realise that the borg had stooped to vilifying IIT Mumbai and similar organisations and their employees/representatives in their mala-fide efforts to get OOXML ratified as an ISO standard. The fact that they tried to paint it as being in India's best interests is fine, but they seem to have well and truly crossed the line into saying that anyone who opposes it is therefore anti-India !!!!
The opening para of his open letter is itself pretty damning, and this long, (albeit sometimes a little dramatic), letter deserves wide dissemination among our peer groups.
With reference to the recent happenings in connection with the ISO standardization process of OOXML, actions by or on behalf of Microsoft have caused me deep pain and hurt. Apart from the personal anguish, these actions have tarnished the name of my Institute along with that of several other organizations represented on our committee. In my opinion, these actions go well beyond the behavioral boundaries for a commercial entity. some of these amount to interference with the governance process of a sovereign country. Luckily, wiser and experienced people are in-charge of governance of the nation. However, as a humble teacher and a proud Indian, I wish to register a strong and visible protest.
Hired gun blamed for business outage ( http://www.securityfocus.com/news/11521 )
First it was MediaSentry in the news for illegal investigations into piracy, now it's MediaDefender running a Denial of Service attack against a legitimate website that was hosting their own torrents.
Too bad it looks as if no one will get arrested for this due to some technicality of "knowingly" done or not. Anyone who thinks they did not "knowingly" do it probably also believes in the tooth fairy, but it's hard to prove it, so they get off scot-free.
A recent gallery article on TechRepublic called the 10 most annoying programs on the Internet, talked about how annoying most software is. It's a very funny article (some excerpts below), but surprisingly, except Flash, none of those annoyances affect me at all, because I use free alternatives!
Read it for the funny comments (especially the one on Java)...!
Very lucid and readable article, as usual, from Jon Corbet, LWN editor.
Lots of food for thought in there...
Their actual GPL violation was, to my mind, quite small and not worth all this fight -- it would have been far cheaper for them to do that one extra thing that the GPL demanded, since they were doing most of it already.
But for some unknown reason they decided to dig their heels in! The moron who was arguing for them even tried to say that the GPL violates anti-trust laws!
There is a saying I often use: never ascribe to malice what can be explained by stupidity.
So, how stupid do you have to be to accuse the GPL of the kind of stuff that only entities like AT&T and IBM (in the old days) and Microsoft (recently) have been convicted of?
Or is it perhaps malice this time, not stupidity?
Some of you may know that Hans Reiser, creator and lead developer of the
ReiserFS file system, has recently been convicted of murdering his
estranged wife. Publications like Wired went into CNN mode, treating it
as a scandal and playing on the human interest angle, and I believe
there are others playing up FUD-dy angles and demeaning open source itself.
Here then, is the absolute best article on the subject, for anyone who
cares about the **technical** impact of this conviction.
but I stopped using it after a couple of problems I blamed on my ignorance and didn't bother investigating. Looks like those may not have been my fault :-)
...from http://hardware.slashdot.org/comments.pl?sid=538036&cid=23241212 :
ReiserFS isn't even a has-been file system, it's an almost-was, and was never a real contender for a top filesystem, no matter how much some users loved it.
Why wasn't it taken seriously by everyone?
- When it encountered problems, it crashed spectacularly. You didn't just lose a file or a block of a file, you lost entire trees and could get metadata instead of file data and vice versa.
- It lacked basic tools, like "dump"/"restore" or "freeze".
- The fsck rebuild process was a security nightmare. A user could craft a file with data that would appear to the fsck process to be metadata, and take over the system after a reboot. In typical arrogance, the solution was "don't reboot, then".
- It didn't support streams or compatible metadata, thus no Mac sharing or SELinux. SELinux in particular is a requirement for many big corporations right now, and not supporting it means no buy.
And, yes, the arrogance of the maintainer played a part too. But even with a much nicer guy running the show, it would not have been a serious contender for the throne.
If you've ever had to ask firefox to open a file from a directory with lots of files, and find that it takes forever, go to
about:config and then set
ui.allow_platform_file_picker to false!
Some of the other comments flowing off of http://lwn.net/SubscriberLink/278995/ae9fdab7c07b90d6/ are worth reading, from the point of view of a guy like me, who doesn't like Gnome. Here are a few choice extracts, with URLs:
http://lwn.net/Articles/279398/ - My prolonged exposure to GNOME has resulted in apathy: I don't care about the desktop settings anymore. I guess it's inevitable. To caricaturize: if I like a setting, it's almost certainly gone in the next release, so there's no point to set oneself for disappointment
http://lwn.net/Articles/279345/ - From the brief and unpleasant interactions I've had with GNOME developers, I would conclude that they do not like their users. Well, I voted with my feet. XFCE for me, and my kids independently chose KDE after trying GNOME and KDE.
http://lwn.net/Articles/279449/ - [...]if you're not part of the GNOME Universe, you may as well not exist, which is the most objectionable aspect of GNOME anyway!
http://lwn.net/Articles/279420/ - I think they mostly like Microsoft's users, which is where a lot of the discontent comes from. It's a lot easier to keep make-believe users that you don't really have happy than it is to please the ones that are actually using the software. As a result, features are added (and removed) that no-one actually requested.
And finally, an *excellent* analysis of why Nautilus is such a bad idea (or at least seems to have been done from the developers' point of view rather than the users'): http://lwn.net/Articles/279344/ (though this sort of stuff probably happens in KDE also, maybe to a lesser degree)
Disgusting story of how one bureaucrat changed Norway's OOXML vote to yes.
Nice article demonstrating the need to keep private keys on a device rather than on your hard disk! But apart from that, it also demonstrates a non-targeted attack can start focusing into a targeted attack. Without manual intervention.
I also like this quote: "When we use strong encryption, attackers will not try to "break" that encryption. They will move to the endpoints to steal the keys that are used to encrypt it. Ensure sufficient security is implemented on key storage."
"How Fast it is Going, Who is Doing It, What They are Doing, and Who is Sponsoring It"
Good article. Seems long, but has nice graphs that are actually understandable; makes for easy reading.
People who advocate using biometrics for all sorts of stuff usually say there is no privacy risk. In retaliation, a German computer club published the fingerprints of the German "Interior Minister" (sort of like the Home Minister in India I guess).
So now he plans to sue the club. If there are no privacy implications with using fingerprints, what is he suing for?
"The article says a ministry spokesman alluded to possible legal action against the club. ", says the article, at http://hardware.slashdot.org/article.pl?sid=08/03/29/1941206&from=rss
And even more important: you can sue these people because they are doing it openly. The real criminals will do it secretly.
not sure if it makes sense in all contexts but I found this quote really funny:
"Saying you should use systems that don't scale well when your project is tiny is like saying you should use Roman numerals for calculations involving small numbers."
from http://reviews.zdnet.co.uk/hardware/notebooks/0,1000000333,39359143,00.htm warning: one photo per page, too many mouse clicks needed, and JS needed
Just from the size aspect, which is after all the whole point here, the EEE wins hands down over the other two. But here're some more details:
- EEE is the smallest of the lot
- EEE is the only one with a VGA connector (yeay!!!)
- EEE comes with 512 MB RAM (as opposed to 256 on the other 2)
- EEE has the largest keyboard, even though it is the smallest of the 3.
- God is actually talking to me here and telling me which to buy :-)
- OLPC has the largest and best screen (as if this was news!)
- OLPC doesn't have a fan (hopefully the EEE will follow suit soon)
- my wife would love the OLPC keyboard (feels like popping bubble wrap, apparently!)
- Classmate looks like the pregnant mother of the other two!
- and the EEE is soooo slim – always loved the slim ones :-)
- see comment at the start!
- Classmate is very hard to get into (motherboard)
[Update: just heard that Asus has announced a version with a larger screen (9 inches, 1024x600 instead of 800x480 – the horizontal size is what really matters by the way) in almost the same size body (only a 0.1 inch increase in the size of the body!) So that's the one to go for. The trouble is, by the time that comes to India, there'll be an even better one announced. WHEN DO I BUY THE DAMN THING???????]
If there's one thing that used to worry me about these "low power" machines I've been drooling about, it was that mainstream distributions might take too much tweaking to work on them. So it's great to see this sort of support, and from my favourite distribution too!
Now all I need is that Eee PC!
I've been saying this for a long time: Microsoft is responsible for making the unwashed masses think this is as good as it gets. The only people who know things can, and should, be a lot better are a few oldies like me.
This is a comment to this article about why people seem to accept reduced reliability from our computers.
quote from this comment in this thread on slashdot, describing how law students from the University of San Francisco are helping outside lawyers defend their clients against the RIAA, pro bono!
Even the article summary has a good amount of detail, but here's the line I liked best:
"Thousands of honor students throughout United States law schools, most of them digital natives who actually understand the legal fallacies and technological missteps the RIAA is taking, and who can't wait to expose them, make a pretty good resource for the poor and middle class people trying to defend these cases."
more reasons to like the Eee I suppose... :-)
Update -- one of the comments said:
"Please don't let the average joe realise we've got a great scam going selling them expensive hardware that they don't actually need to check their e-mails and write word docs"
"The chief of the malaria program at the World Health Organization has complained that the growing dominance of malaria research by the Bill and Melinda Gates Foundation risks stifling a diversity of views among scientists and wiping out the health agency's policy-making function."
I've heard rumblings before... see http://sitaramc.blogspot.com/2005/01/truly-sickening.html . But this is probably worse.
Do read the second page too.
This is a nice, very brief, exposition of why IT is not the answer to all of life's problems, and why, as long as you have a decent number of smaller enterprises (really small ones), IT penetration will never get anywhere close to 100%.
And -- even though it's my industry -- this may be a good thing in the long run.
the lengths to which these guys will go to try and get back customers!
Buy I guess it's the right thing to do if you're trying to escape
Even though the title says "laptop", the article explicitly mentions that this applies to any electronic device (cell phone, USB stick, camera, etc). This is especially important in light of point #3 below.
Please read the article for more details, some of which are quite chilling if you were naive enough to expect anything better. Oh and this applies to US citizens also. And it applies even when you are leaving the US :-)
If it's information you don't want to share, don't carry it. That includes data such as personal banking information, photos, correspondence, health and password information. If the device is a company-owned computer, don't carry proprietary business information or personnel records on it, the ACTE advised.
Some other quotes:
"But we think people should know that they basically are leaving their right to privacy at the door when they cross the U.S. border. There is no assumption of privacy," at a port of entry, she said. Here are five factors Gurley says travelers should know about:
1. No evidence needed to take your laptop
2. Anything can be searched
3. Your PC might not be returned right away
4. Don't take anything you don't want to share
5. Be cooperative
"Our primary concern is to alert travelers that their laptops and other electronic devices can be seized at a border without explanation, provocation or even likely cause," she said
Journalists walk into mortal danger on our behalf, so we don't have to
-- God bless them!
Normally I'd have felt tempted, even perhaps compelled, to read the
linked PDF. But thanks to Reg hack Lester Haines, I can have a good
laugh without all the puking that he no doubt went through.
A few weeks ago when I went to Amaravati restaurant, the service was
very slow. So of course I gave them hell.
Yesterday we went again. Things have changed quite a bit...
Service is so fast now, they tried to take my plate away before I'd
I have had occasion, in the past, to talk about El Reg, the IT mag that does not pull any punches. Irreverential to the core, funny as hell, excellent insights, and lots of in jokes. As wikipedia says: "It does not aim to be popular with the powerful corporations -- its tag line is: Biting the hand that feeds IT."
If you aren't a regular reader of El Reg, and if you have a decent RSS reader, you really ought to subscribe to a feed. Meanwhile, here's the most absolutely laugh-out-loud funny item I have seen in ... oh ... at least a few months!
Oh and by the way: NSFW means "Not Safe For Work". If you're looking at this at your workplace, don't click here!
Be sure to read some of the comments also, although none of them are as funny as the article itself!
We had a most entertaining lecture at work a few months ago, although I didn't have time to blog about it till now.
Of course, the speaker did not intend it to be entertaining :-)
In order to protect his privacy (although he himself did not seem to care about it too much, as you will see), I will not reveal the topic of his speech, or anything else that might be used to infer who this person was. I will also say that the presentation itself was quite informative, from the point of view of a layman learning about this technology. No complaints there.
Now let's get to the fun parts. It's a bit long, but if you don't have the time, just read the first paragraphs in each bullet and ignore my preaching :-) And point #9 is the best!
We learned these facts about him during the course of this lecture:
(1) He has a Ph.D, a _ _, a _ _ _ _, a _ - _ _ _ _, and another _ - _ _ _ _. All this is on the cover slide of the presentation.
Those are all degrees, and really there's no need for me to actually list them to make my point, which is: the only place to list all your degrees is your resume, not a presentation you make. Your job title is relevant here, your degrees are not!
(2) The readout of his achievements, honours, awards, and other recognition went well into the 10-minute range. Or seemed to.
Again, do not give the poor MC a copy of your resume. Are you giving us a lecture or looking for a job? By all means highlight the top 2-3 awards and the highest of your academic achievements and the best 2-3 organisational affiliations, but anything beyond a total of 2 minutes sounds tacky.
(3) He travels extensively and has travelled to _ _ countries.
It's irrelevant how many countries you travelled to unless your area of expertise is cross-cultural sensitivity or travel photography or some such thing. Techies can travel all over the world without leaving their cubicle, and if you're talking about a technical topic then boasts like this are merely useless window dressing.
(4) He is a professor in _ universities.
Believe it or not: this, like the previous fact, was stated in a matter of fact way with no perceptible need or reason to think it was relevant.
Again, if you're applying for your N+1th professorship, then the fact that you are a professor in N universities already is relevant. For a speaking engagement, there's no call for this sort of vanity once you're past the readout of your achievements. Let your knowledge speak for itself from there on.
(5) He does yoga _ times a week, walking for _ hours _ times a week, and plays _______ for _ hours 2 days a week, and _ hours on Saturday. As a result he is incredibly fit even at this age.
This was said in the context of his having recently purchased an accessory to his favourite sport (_______) for an enormous sum of money because the accessory in question was an example of the technology being discussed. So I agree that mentioning the accessory and how it has helped him is relevant.
But the details of your weekly exercise regimen, and whether you're fit or not, and how often you do yoga, are irrelevant. No need to boast. You just look silly.
(6) There are _ bedrooms in his house.
This was also stated as an example of how the technology in questions helps, but really, you could use any medium-to-large building as an example to illustrate this. Why bring in your bedrooms for God's sake?
Especially when you combine it with the previous point, you wonder what it all means!
(7) He has "top level" friends at "_ _" (a very large and very famous ________ company).
This one was relevant actually. He was telling us what that company said in the context of the technology being discussed, and it is relevant to know that "top people" said it.
And if this was the only comment in my list, there wouldn't even be a list. But by now you know what this guy is all about, so you don't feel like giving him even this little bit of credit :-) Sorry I'm human!
(8) "The culture in the USA is that if someone says they will do something, they will do it".
Never mind what context it was said in. Never mind the fact that if this were true, there wouldn't be so many lawsuits or so many consumer disputes in the US.
Being a scientist/technologist and making generalisations like this do NOT go together. You're not in a political debate here, you're a technologist talking about your technology. Please stick to technical facts and don't screw up your credibility with thinly veiled insults to your hosts or to their country.
(9) And finally: "I make _ _ _, 000 dollars a year, what's _ _ _ dollars for a ______ (sports) ________ (accessory) to me?"
What can I say to this? I give up...
By this point the main lecture was over and he was taking questions, so I got up and left before he gave us his cell phone, credit card, and social security numbers!
Seriously, what an insufferable, patronising, jerk!
Just reading about the technology makes me drool. Don't miss the other 3 pages -- there's some really cool stuff in there, some real innovations (*) here. Just what they have done for power consumption alone is worth a Nobel or something, in my book!
(*) I hate this word because it's been so overused by all the millions of clueless managers in this industry, but I'm sure God will forgive me for using it because I am using it correctly here. I really mean it in this case!
...as gleaned from a quick skim of http://www.reghardware.co.uk/2008/01/17/review_xo_laptop_hands_on/
Also has some comparisons with Eee. [I wonder how the HCL mileap will stack up compared to the Eee...]
- no ethernet, only wifi
++ outdoor b/w mode screen at 1200x900 -- WOW!
+ monitor pivots for e-book mode
+ totally silent -- no fan, disk; rubberised keys
+ runs cool; screen gets slightly warm, base stays at room temp
- takes 1:42 to boot (cf. 0:22 on the Eee)
++ screen only slightly larger but shows almost double the info than Eee
+/- radical UI (but will take time to grok)
-- disdain for file system hierarchies!
-- cumbersome for experts (even a simple thing like a music playlist is not possible)
-- built-in browser is crap for even normal people (no tabs!)
(but opera can be installed, thank God)
-- one core dump per child? (playing music -- see page 6 of the review!)
After my disillusionment with the Motorola A780, I had switched to a very basic phone, the complete opposite of the then state-of-the-art A780. I had also realised that when you are buying a fancy phone you are mixing two devices with different service level expectations: the phone and SMS part are much more critical than the rest of the features (camera, web browser, music player, etc).
So I used a lowly Nokia 1112 for about 15 months. A fine phone it is, and I heartily recommend it.
And then a cousin of mine, visiting from the US, brought me a bluetooth handset as a gift so I had to buy a phone with bluetooth!
I am now looking forward to walking around town with my new Nokia 3110 in my pocket, talking on the ThinkGeek Bluetooth Retro Handset, and watching people's reactions to it :-)
The NY Times has all the gory details at http://www.nytimes.com/2008/01/05/technology/05laptop.html?em&ex=1199854800&en=a7aaaf2c3e2c9dbb&ei=5087%0A
From http://hardware.slashdot.org/comments.pl?sid=407434&cid=21931684 :
And here is an absolute doozy from that official response from OLPC:
Intel was acting competitively before they joined the OLPC foundation in July of last year. After that time they continued to do so, only now they had access to a lot more information about XO potential buyers. Their behavior was despicable and only further enforces my decision long ago to buy AMD processors exclusively.
Adding insult to injury, Intel holds a press conference call announcing the decision to split, without informing the OLPC board. Read through the stories from last Thursday. The olpc foundation had no response because they were shocked.They recovered nicely in my view with this official response.
"As we said in the past, we view the children as a mission; Intel views them as a market"Awesome.