2008-12-28

(sweet,funny) twinkle twinkle little star... and a pretty girl in pink

My dad sent me this:

http://in.youtube.com/watch?v=fmdAF4ihedM

Very nice, especially the Tamil and the Punjabi ones. The Telugu and Malayalam versions were not that great.

By the way I wonder who the pretty girl in pink is -- I'd love to know (and some of you know what pink does to me!)

She looked very sweet, plus she can certainly act -- I mean this must have been rehearsed, yet her expressions, reacting to the main actor, were absolutely spot-on.

2008-12-26

(social malware) yaari.com

A "little girl" I know, whom I have a lot of affection for, sent me an invite to join "yaari.com".

Now, I probably receive about a dozen of these in a month, for all sorts of sites, from all sorts of people, and so far I have just shift-deleted them. (The only one I am a member of is LinkedIn, which is quite different in intent and target membership).

However, this friend is special enough that I wanted to at least consider joining, just for her sake. So I clicked on the link and came to the signup page. The signup page lists, on the right side, the "Top 5 Reasons to join Yaari", which are:

- It´s India´s safest social network
- Meet cool people
- Girl gossip
- Play fun games
- Watch Bollywood

My first thought was, if these are their "top" reasons, I wonder what the bottom ones are!

I'm particularly worried about the first reason -- I question the "safety" of anything that registers members without asking their age, leave alone ensuring their parents are informed!

In contrast, the Mattel site (I think) does this: they ask the child to provide a parent's email address and then they send a confirmation email to the parent. This doesn't prevent the child from **knowingly** doing something stupid, but for most normal kids this is quite sufficient.

[ And don't tell me yaari isn't targeted at young girls; look at reason #3 :-) ]

2008-12-23

(PHB,MBA) fungible entities

I was ranting about how unproductive Lotus Notes is, and why I refuse to switch from Mozilla Thunderbird, on an internal mail. On that list was a guy who used to be fairly techie but has long ago given up on technology to become a "manager" (which happens so often in India), and he said:

"I use thunderbird at home - and am quite at a loss to understand what is the big deal in a mail client - as long as I can send and receive mails and retrieve them when I want, I don't care one way or the other."

I think this is excellent logic, implying that email clients are fungible. Applying this logic to the most fungible entities I know in the corporate world:

"I deal with managers at work - and am quite at a loss to understand what is the big deal in a manager - as long as he can read and send mails and forward them when I want, I don't care one way or the other".

Cool huh? Of course, I didn't send it to him, for 2 reasons:

- he might get the joke
- he might not get the joke

:-)

PS: Just for completeness, here're some serious answers to that silly argument. Please add more in comments if I missed something.

(1) if it's no big deal which you use, why use an expensive, bloated, closed source client instead of an open source one? 500MB versus 8 MB, as someone reminded me...!

(2) by the same logic, why not standardise on Word for all source code editing -- if it can insert and delete characters, and do Ctrl-F to find stuff, why would you "care one way or the other"?

(3) why Word -- why not Notepad? :-)

(4) Lotus Notes acquired the "sort by subject line" feature in 2005 (see http://www.ibm.com/developerworks/lotus/library/notes-designer7-features/#N10093 last paragraph of the "Mail" section). Do you really want to discuss **my** interpretation of "retrieve them when I want" if this is your baseline?

----------------

Anyway, I offered him a demo. Let's see him try something like typing "f:manager t:sitaram s:some-topic" and watch the display rapidly subset itself down to just the right email(s) **as I type those characters**!

2008-12-22

(malware) for those who ask "what's the big deal about IE being insecure"

http://isc.sans.org/diary.html?storyid=5530&rss (which links to http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123898 )

Quote: Turns out that this bug is now being exploited through Word documents. While this is basically a simple evolution of the exploit method, I imagine that this is only the first or second evolution. There are more to come I am sure.

<end quote>

Quote from the linked article: "Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that's hosting the malware," said David Marcus, director of security research and communications for McAfee Inc.'s Avert Labs. "This is a pretty insidious way to attack people, because it's invisible to the eye, the communication with the site."

Embedding malicious ActiveX controls in Word documents isn't new -- Marcus said he had seen it "a time or two" -- but using an ActiveX control to ping a hacker's server for attack code is "definitely an innovation," he added. "They're stepping it up."


<end quote>

I've been trying to tell my non-technical friends (and some technical ones who seem to be too lazy to wake up) about why IE flaws actually affect the rest of the system, because they're all using the same code base.

In genetics, this is called a "lack of [genetic] diversity", a sure fire way of killing off an entire population with one well-placed virus. The only difference is that with people, you can't "reformat and reinstall", so this "species" (Windows OS) survives far longer than the lack of diversity suggests it should.

People, listen to me: please do NOT use IE for casual web surfing. If some site does not work with Firefox, and you MUST go to that site, then open only that site in IE. No problem. But all casual surfing must be done using Firefox. And use the No Script extension if you can, to get even more protection: https://addons.mozilla.org/en-US/firefox/addon/722

(India,economics) Y V Reddy

http://www.nytimes.com/2008/12/20/business/20nocera.html?_r=1&pagewanted=all

what an awesome article -- this is the kind of stuff that we Indians should be proud of.

Pure brains. And honesty and integrity and taking your job seriously...

2008-12-14

(malware,funny) serious security hole in Wordpad

You ask: Wordpad?

Yes, Wordpad!

You're speechless: But it's just a fancy text editor...how...[you trail off...]

My sentiments exactly...

For $DEITY's sake it's just a FRICKING FANCY TEXT EDITOR! How in heck do you manage to make a text editor something a hacker can use to get into your machine? And what's next? Notepad? Solitaire?

Here's a very eloquent comment about it from El Reg:

http://www.theregister.co.uk/2008/12/11/wordpad_zero_day/comments/#c_384915

2008-12-10

(politics) the real terrorist supporters...

...are us. Every single one of us. As long as we depend on petrol,
we're all supporting these terrorists. I know we don't have a choice,
but let us at least recognise it.

All the attention is on Pakistan, but the ones who are REALLY behind
all this, the ones who are too bloodthirsty even to indulge in the
human emotion of gloating, the ones who are **financing** all this,
are the wahabi's of Saudi Arabia.

Sufi and Sunni Islam are largely peaceful, I think -- it's hard for
anyone who saw even the highly fictionalised "Jodha Akbar" and fell in
love with the "Khwaja Mere Khwaja" song to think otherwise, however
stupid and hopelessly romantic (and previously unaware of sufi music)
that might make me sound! It's the wahabis who believe that the
entire world MUST be brought to heel and will not stop until that
happens. Or they are exterminated or lose their power.

But as long as the entire world runs on petrol, they win. Pakistan is
a convenient whipping boy for everyone (India, EU, US, and anyone
else), but no one, not a single world leader, will point the finger at
the real terrorists. They can't afford to.

An extract from
http://www.nytimes.com/2008/12/08/opinion/08french.html is below. As
you can see, Mr French just barely mentions where the money comes from
and stops there.

But move on from that line and read the description of this "Hafiz
Saeed" [a most inappropriate name for someone like this, by the way].
The ideology is chilling, the sense of purpose scary. But tell me
this: who would finance him if they did not believe the same things,
or worse?

And every time I take my car instead of walking, I am supporting them.
Anyone who buys an SUV and drives it ALONE, is supporting them.

And even we all stop doing those little, oh-so-avoidable, things, it
wouldn't make a difference -- rising population has ensured that
demand far outstrips supply forever.

Suddenly I'm feeling good about all those dire predictions that world
fossil fuel supplies will only last another 20 years or whatever. So
by the time my son is coming close to my age, terrorism will cease!
Hurrah!

----------

[extracted from http://www.nytimes.com/2008/12/08/opinion/08french.html]

These misdeeds are real, as are India's other social and political
failings (I recently met a Kashmiri man whose father and sister had
died at the hands of the Indian security forces). But there is no sane
reason to think Lashkar-e-Taiba would shut down if the situation in
Kashmir improved. Its literature is much concerned with establishing a
caliphate in Central Asia, and murdering those who insult the Prophet.
Its leader, Hafiz Saeed, who lives on a large estate outside Lahore
bought with Saudi Money, goes about his business with minimal
interference from the Pakistani government.

Lashkar-e-Taiba is part of the International Islamic Front for Jihad
Against Jews and Crusaders (the Qaeda franchise). Mr. Saeed's hatreds
are catholic -- his bugbears include Hindus, Shiites and women who
wear bikinis. He regards democracy as "a Jewish and Christian import
from Europe," and considers suicide attacks to be in accordance with
Islam. He has a wider strategy: "At this time our contest is Kashmir.
Let's see when the time comes. Our struggle with the Jews is always
there." As he told his followers in Karachi at a rally in 2000: "There
can't be any peace while India remains intact. Cut them, cut them --
cut them so much that they kneel before you and ask for mercy." In
short, he has an explicit political desire to create a state of war
between the religious communities in India and beyond, and bring on
the endgame.

Like other exponents of Islamist extremism, he has a view of the world
that does not tolerate doubt or ambiguity: his opponents are guilty,
and must be killed. I have met other radicals like Mr. Saeed, men who
live in a dimension of absolute certainty and have contempt for the
moral relativism of those who seek to excuse them. To achieve their
ends, it is necessary to indoctrinate boys in the hatred of Hindus,
Americans and Jews, and dispatch them on suicide missions. It is
unlikely that any of the militants who were sent from Karachi to
Mumbai -- young men from poor rural backgrounds whose families were
paid for their sacrifice -- had ever met a Jew before they tortured
and killed Rabbi Gavriel Holtzberg and his wife, Rivka, who was
several months pregnant, at the Mumbai Jewish center.

(funny,rube-goldberg,excel) no matter how bad things seem...

... they can't be as bad as this:

http://thedailywtf.com/Articles/Waiting-to-Excel-.aspx

(wow) some really cool 404 pages

http://huml.org/404.shtml
http://www.acme.com/missing.html
http://www.acorncreative.com/404
http://www.ddz.net/404/index.htm

2008-12-05

what sort of praise feels nicer?

praise from non-geeks who think you did something great when you fixed up whatever for them?

or praise from fellow geeks for the stuff that you are **really** proud of?

http://lwn.net/Articles/309682/