the madness of corporate disclaimers on emails

So I was researching some security product, and I came upon this:


This is amazing.  Most corporate emails are infested with this crap anyway, but I've never seen one this bad.

I count 18 words of "actual message", 29 words of the guys signature, including all sorts of details that should never be seen on a public site, and -- get this -- 167 words of "legal disclaimer".



plain text to PDF via Markdown and Beamer...

...and a little perl in between

My problem is that office software sucks, and presentation software sucks even more.  Too much mousing around needed (and it doesn't matter whether it is OpenOffice or MS Office; I hate them both equally)

All these years, my presentations have consisted of plain text on plain white backgrounds, with hardly any pictures.  I start sweating if I have to make a picture or a chart.  My preferred editor for everything and anything under the sun is vim.  Even my firefox browser is controlled by something called vimperator that lets me use vi keystrokes.

Anyway to cut a long story short, having to make one more presentation sort of broke me.  I'd tried various solutions in the past, but none of them seemed to work, so I finally bit the bullet, learned enough about LaTeX and Beamer to be able to generate input for Beamer, and I had a pretty decent PDF generator that takes HTML.  The HTMLcomes from plain text via Markdown, which is a wiki-like language that I really like.

[If you've never seen a wiki language, it's basically a simplified markup, like using **bold** and *italic* instead of <em>italic</em>, and so on -- the resulting document looks and feels pretty much like plain text when you're editing it, but when you pass it through the Wiki engine (in this case, Markdown), it gets converted to nice HTML].

So, I type in plain text using Markdown's minimalist syntax, Markdown converts it to HTML, I write a little perl program that converts the HTML to LaTeX, and then pass that to Beamer, which produces a really snazzy PDF, with nice colors, slide navigation, etc etc.


Well not quite.  I was using something similar for images (a package called graphviz).  Graphviz takes text like this:

        digraph {
            a -> b -> c -> d
            b -> p -> q -> x
            p -> y

and produces a neat little picture that I can't really show you in a blog post that doesn't seem to like images (well I pasted it at http://imagebin.ca/view/IWKbKYdH.html but that might not last forever).

Anyway now I got really greedy.  Since a lot of the "pictures" I had to make could be done using graphviz, and I was starting to use it more and more, I wanted to have it all in one file.  Text, images, the whole thing in one easy to edit text file :-)

So I did that next.  Made up a nice easy syntax that tells my HTML->LaTeX processor this is inline graphviz code, so it picks it out, runs graphviz on it, and puts the file in /tmp where Beamer picks it up.

[Along the way something amusing happened.  I'd hardly ever used LaTeX before, so everything was new, and at one point I went on to #latex to ask a question.  The helpful folks there (one of them was also a #git guru by the way) bombarded me with information such as TikZ, which contained far too much LaTeX for my taste.  I don't really like LaTeX syntax, though in its own way it's very beautiful and you can write it nicely and all.  [eh?  what's that?  Yes my favourite language is still perl.  Why do you ask?]

I did not have the heart to tell them that I would never directly code LaTeX to save a dying grandmother -- they were so nice and helpful it would seem like trolling.  But I bookmarked the URLs offered anyway, in case I ever change my mind.]

So that's my adventures in PDF making.  If you want to see sample input and output to get a feel for it, email me.


the world as we know it is ending...

via LWN.net by corbet on 7/20/09

Microsoft has joined the community of Linux kernel contributors with the addition of its Hyper-V drivers, soon to appear in linux-next. "These drivers are to enable Linux to work better when running as a guest on top of the Hyper-V system. There is still a lot of work to do in getting this into "proper" mergable state, and moving it out of the staging directory..."


the Qualcomm conspiracy...

or: why are CDMA phones so much more expensive and still look like crap?

My company, in its infinite wisdom, has decided that we should all switch to a CDMA platform. Now, for some reason I could never explain till now, I've always hated CDMA. Enough that I almost refused the company cell phone, though practical necessity finally won and I toed the line. [I mean, I already have a rep for saying "sorry, your stupid software doesn't work on Linux so I can't use it/join the conf call/whatever"; it would look terrible if I said "sorry, I can't call you at 9pm because I refused a company cell phone" :-)]

Anyway, getting back to my rant for the day/week, I spent a couple days looking at CDMA phones. Invariably, they look like crap compared to a similarly priced Nokia, and their UIs suck golf balls through chem lab pipettes, but meh, I'll manage.

Then I find a Nokia phone that does CDMA; something called the 6275. This has exactly the same features as my 3310 Classic GSM phone, except the camera is 2MP (versus 1.3MP on mine). Cool, I'm in heaven!

The cost? Just about double that of the GSM model, give or take a bit.

Now, some of you know about the long legal battle between Nokia and Qualcomm, and Qualcomm owns CDMA, so you're thinking, well duh! Why would they make it cheap for Nokia?

So fine, back to plan A -- I'll buy a Samsung. I just want MIDP because I got used to being on IRC whenever I'm forced to sit around at a boring place (ahem!).

Well guess what? the cheapest Samsung CDMA phone that has MIDP is more than 3X the cost of the cheapest GSM phone from Samsung.

Now if that is not because of Qualcomm taking their pound of flesh for CDMA technology itself, I don't know what it is.

Damn Qualcomm. And double-damn "Brew", their horrible, proprietary, expensive, apology of an excuse for Java competition. Including their "we have to control what runs on your phone" attitude too. I hope they all burn in hell. So much for market forces, what a load of crap...

Anyway, I have made a decision: I will only buy extremely low end CDMA phones, which do just the bare minimum (voice and SMS only), because I have to believe the profit margin on these can't be much. They'll never get a penny more from me than is absolutely, minimally, necessary.


and now, my "some reason I could never explain" seems vindicated! Dare I think myself so intuitive about these things that even my unreasoned prejudices end up having a rational explanation when you look deeper? Wow... :-)


why basic infrastructure components should never be closed source...

...or at least, when they are not open source, you should treat them as hostile and malicious.



An update pushed out to BlackBerry users on the Etisalat network in the United Arab Emirates appears to contain remotely-triggered spyware that allows the interception of messages and emails, as well as crippling battery life.

Interestingly, it seems it was the battery life that drew attention and investigation. This was a minor design error, easily fixed, and then no one would have noticed this application!


Pinching myself and checking what year it is...

So I got an invite to join some call from a vendor trying to sell us something (I can't name names, and in this case they're irrelevant). They chose to send us an invite which included this:


So I go there, and I see:

To join the Meeting, please use one of the following supported operating systems:
• Windows® 2000, XP Pro, XP Home, 2003 Server, Vista
• Mac OS® X, Panther® 10.3.9, Tiger™ 10.4.5 or higher

OK, I've seen this sort of crap before, and can often get around it using UA switcher or something, so I try that next.

Guess what? They want you to download and install an actual EXE!

So now this is like a flashback to at least 4 years ago. I hope webex, which now works pretty damn well inside FF on Linux, is eating their lunch!

Anyway, after a bit of searching I found a "support" url with a feedback form of some sort, so I sent them this:

I was supposed to join a call starting shortly, and find I cannot, because you don't support Linux. How quaint...

Well it's 8:30pm in India, where I am, so thanks for letting me off the hook on that call and really enjoying dinner with my family.



EVMs again, in a real democracy...


Not sure how terribly accurate that virtually unknown newpaper is, but a shorter version is at http://timesofindia.indiatimes.com/India/EVMs-can-be-easily-tweaked-Expert/articleshow/4739375.cms -- presumably an NYTimes style pay site or the dead-tree version would have the extra details that the greatandhra site shows.

The summary: some of the other political parties have been complaining that the EVMs can indeed be tampered with, and the EC (Election Commission) is looking into it very seriously, calling for meetings with officials of the two "public sector" companies (that's a phrase that basically means "majority owned by the government", although they do also trade on the stock markets like any other company), etc.

Even with no details of the "exploit", I feel very good about this.  Look at how they're handling it, compared to the Diebold situation in the US.  What I said in http://www.schneier.com/crypto-gram-0412.html#11 still stands -- the entities are public sector companies, and the EC is quite independent.  (Hopefully even with the current Election Commissioner, Naveen Chawla, being a corrupt Sonia Gandhi/Congress party lackey)

In the US, as far as I recall, things had to go to court before anyone could see how the damn things worked.

And even then, it wasn't the political parties who went to court (again, as far as I remember, please correct me in comments if I'm wrong) it was the EFF or something like that.  Another sign that an essentially 2-party system is not quite democratic enough.

Yes, a true multi-party system is much more chaotic, but as a friend of mine said, maybe it is easier to "fix" things when the number of players is small.

And oh by the way, a "true multi party system" is a common enough state of affairs in the open source world too.  Coincidence?  I think not!

(criminal) get paid for screwing up

wow... I must have been asleep under a rock these last few days.  I did not know this till today:


Apparently an attack by the Conficker worm has cost the Manchester Council in England around £1.5 million - and Microsoft experts were among the consultants called in and paid some of that swag.

Nice job, guys.  Great business model.

Oh and for people who think this is not MS's fault, follow at least this link in the article... (ignore the comments, they're mostly crap.  Even in the article, there are only facts or questions, so you can certainly draw your own conclusions, don't go by his).

And what really, really, REALLY, pisses me off is that no mainstream news media reporting this will use the words "Microsoft" or "Windows" when describing the problem, leaving ordinary (non-IT) folks with the impression that this happens to all "computers".  Other people far more qualified than I have also noticed and ranted about this, but it makes no difference.  Damn...