I know it’s a slow news week and all but Wired is really stinking it up today. Apparently security is only an issue after you’re owned and recovering. Like we need someone else (with a shred or two of credibility left) telling people not to worry so much about security. Stringent code review is one of the reasons that few open source operating systems have security holes that are actually exploited. Of course Windows code isn’t open for review (unless you count the wolf in sheep’s clothing of The Shared Source Initiative as an opportunity for code review as opposed to a license to bilk the surrender of rights out of a few naive folks) so we can expect all of the really choice stuff to remain wide open and exploitable on that platform.

“The average user wouldn’t know a hack if it walked up and bit them,” Sweeney said. “And many of the so-called security holes require a very specific event to occur and the odds are very slim that it will occur.

“But, since it’s theoretically possible someone might use this flaw as an attack method, it’s reported as a ‘security hole.’ It’s like saying there is a chance your car will roll over in a crash, therefore we will report the car as defective and a risk to you. Duh!”

Don’t worry. The company will protect you instead of, you know, invoking threats of DMCA lawsuits to squelch reports or simply lying. Like improving a base of code is somehow a bad thing…

Nice summary of the differences between the *BSDs over at Unix Review. I hate to have people missing out on the infighting and throwing of feces but this is, um, objective.

We’re in a war here. Now is not the time for stirring up the people. It’s for the good of the economy. Um, we didn’t do that.

My new favorite chew toy abandoning any pretense of accuracy to feather all the right nests. I can’t wait to hear his views on global warming.

Ooh. Ooh. r@d@r (who runs another non-techy weblog that I’m reading daily which expands the list to like 10) pointed out this antidote to our new least favorite technologist turned right-wingy bile spewer. Hope that new circle jerk works out for ya, pal. I’m glad that someone has bothered to directly address ESR. I wrote his sorry ass off a long time ago. I even blew fetchmail out of my machine. I guess there’s only so much reminiscing you can do about lisp before the inevitable fall into the pit of whatever is currently getting the nod happens. The final descent into pointless propagandizing is probably brewing as we sleep. Guess I’ll write that IP banning script about now since the flood of indignant warbloggers is probably a matter of hours away. At some point I need to write a lameness filter for MT something like the one that Slash uses. Of course, the “you-criticize -the-US-so-obviously -your-loyalties-belong -to-the-enemy” stance is pretty boldly stated these days. Go check out Campus Watch if you aren’t worried enough already.

American scholars of the Middle East, to varying degrees, reject the views of most Americans and the enduring policies of the U.S. government about the Middle East.

Loyalty oaths will be taken at the registrar office. Thank you for your cooperation.

Some interesting smack talking about that big annoying site that most geeks have strong opinions about. I haven’t logged in a very long time (in fact when I visit it’s usually a linked headline from FreshNews and not because I directly loaded the index. This thread is a beautiful example of why not to bother. 266 comments modded down below the anonymous user threshold default. It’s difficult to believe that people still care that much about the crappy old Dot.I found this wildly unsuccessful Slash based site along the way.

Speaking of paranoia and doomsaying, here are some photos of some gnarly fireworks/homemade explosives accidents. They range from not-so-graphic photos of burns to blowing yourself into little pieces. I will not be cradling any pipe bombs in the near future at least not until I be tattoed with clear labels so my body parts can be reassembled accurately.

Someone bought Bridgeville. Part of me really hopes that it’s a bogus bid(although there have been other offers after the close of the auction for more than the winning bid) but what makes this interesting to me is that this is the only way the sellers found to get anywhere near their asking price. This isn’t a new phenomenon — can find people paying more than the cost of new items on Ebay all the time for things like laptops and whatnot. It seems like this is the only way to win auctions for more marketable consumer electronics because most the auctions are won by dealers using bid watchers a couple of seconds before the auctions closes.

Ebay reminds me a lot of the bulk Salvation Army store in San Francisco. Everything is just tossed into enormous cardboard cannisters completely unsorted. Sounds cool? It isn’t. The minute the doors open every morning an aggressive mob bursts in through the front door. Who are they? People from “vintage clothing” stores looking to fill their shelves for a handful of change. You can lecture me all you want to about how I live under a capitalist market driven economy (although I’d also argue that most decisions are based on markets: war being the primary one) but I don’t donate to the Salvation Army any more. Why the fuck would I if my stuff is going to be snapped up by some assmaster in cat eye glasses to sell in their vintage boutique and marked up 1000-3000%?

Anway, digression aside, this might just be the future of Ebay for people who aren’t rag picking to resell immediately. Unfortunately the only line I see here is the dollar value since I bought laptopned(42) is going to cough up a million dollars for anything any time soon. Yes, my invisible capitalist critic, this has happened to all of the auction oriented endeavors but I doubt any of them were as massive and continual as Ebay. Anymore it makes more sense to just shop at Half.com where you know you’re probably paying too much but at least some Sanford and Son motherfucker isn’t going to out bid you 1.6667 seconds before the auctions ends. Take away the fun (or the feeling that donating something somehow, somewhere might make a difference) and I’d really rather go play somewhere else. I’m taking my ball with me.

Alarmingly, this warrants submission into the Apple Knowledge Base. I thought Mandrake folks were easily agitated into hysteria until I saw this. Vaguely embarassing since people still associate me with that anemic operating system at work. Yup. I used to professionally throw away preferences and restart applications. Of course, now I just reimage about 10 W2K machines a week but…

Shoot. Gimpy is apparently crackable. The good news is that the successful results are around 80% (for the single word EZ-Gimpy which incidentally what Yahoo uses for protecting free email accounts) and a nice low 30% for the more sophisticated version that uses multiple words that overlap in places and require the user to pick out x of the group correctly. Luckily this is a crack by another group of students so they can work together to make Gimpy more secure. It’s a great idea but I think a phonetic implementation (enter the correct spelling of the word spelled phonetically and distorted) might work a little bit better since that requires some degree of cognition to decipher. I actually just emailed one of the project leaders so we’ll see what happens or if that’s something that’s sane in the scope of the project. Maybe I’m just tired.

So I’ve got this sleeping at night thing refined into a weak beta version. I’m hoping to roll out something usable by the beginning of the work week. I guess the making coffee at 11pm thing probably doesn’t help matters.

Wow. I spent most of the day away from the box today. Well, that’s mostly due to going to a wedding which seems to happen with such regularity that I’m beginning to wonder if the list would be shorter if sorted by “not married.” It was a nice wedding though with a traditional Western type of ceremony led by a judge and a traditional Korean ceremony. The Korean ceremony was the more interesting of the two. It consists largely of bowing to parents and grandparents who toss nuts and dates that the bride is supposed to catch in her dress. These are predictions for children — nuts for boys and dates for girls. Since Sung actually caught about thirty of either I really hope (for her sake) that this method is not accurate. Yoon actually wore the traditional Korean dress (which I only know the name of phonetically so I’m not going to venture an inaccurate spelling) which was pretty damn cute. They’re very puffy and in her case, pink. It also reminded me of how much I like the bride and groom who moved to Los Angeles six months or so back. It seems like I’ve been in that situation several times in the past couple of years where people I haven’t seen in ages are getting married and it’s really impossible to hang out with them or even have a real conversation. Instead you’re left with a lot of regretful arm squeezes and whatnot.

Damn. I was all happy because I thought the gigabit was back up on the web server but it’s back to being slow as hell. I’m really really wishing for synchronousDSL right now. The page loads aren’t terrible but trying to accomplish anything on the server is miserable. I don’t even wanna talk about how much I hate SPAM right now. Dial up users: I sympathize with and partially feel your pain. I mean that in the sense that everything else but my site is loading up just fine :). I’m totally serious about the sDSL though.

Is Internet Explorer just a fictionally functional invention to drive us crazy with frustration? I don’t use it but I’ve been trying to build a stylesheet for bzero that doesn’t break when resized. Never mind the fact that it doesn’t work at all in IE. I realize that I’ve sworn off supporting IE in any manner here but this isn’t for me. This site breaks like crazy in IE but I’m aware of it and perfectly fine with it. I’m thinking browser detection paired with a snotty message about IE being the worst piece of shit on the planet for people who need to design without resorting to Front Page or whatever that shit is called. Research, horrible, horrible, research so MS can continue blazing a path of simultaneous market dominance and complete disregard for standards straight down the shitslide to hell. I’d love it for Dr. Asshat to pronounce that obfuscating markup like idiots was no longer necessary for gently massaging users to repetitive orgasm but I fear that IE is here to stay like cell phones, little yippy dogs, and, well, Dr. Asshat. How unfortunate.

An ex-Libertarian sagely says:

The libertarian philosophy often serves as an excuse for the selfish and a support to the exploitative: speaking highly of freedom while undermining the ability to exercise it. When I see a libertarian pundit from a well funded think-tank attacking some liberal program, I often agree with much of what he is saying. However, I also think, “at least the liberals give a damn” and I ask why don’t I see these folks criticizing the drug war, corporate welfare, or the military-industrial complex? Beware of beautiful philosophies of principle that are selectively cited in practice.

The amount of insulation necessary to be a Libertarian these days is incredible. Maybe their herd will dwindle with the crashing economy convincing the rich white folks not to churn out quite so many spoiled little shits.

I spent the entire morning (yesterday since it’s long after midnight) working on little nitpicky things. I think the most successful (at least I hope) was fixing the buggy CSS in bzero which was actually pretty simple once I got over my phobia of messing with someone else’s complicated HTML. I really hope it works because that’s the only obvious/visible problem I could really find with it on the whole. It’s pretty damn good for a 0.12 release. I just tested that stylesheet hack in Konqueror and it fucks up massively. Anyone else feels like looking and testing for border overlap in whatever funky non-standards compliant browser youhave sitting around I’d appreciate it. Go break little Team Murder in the name of science!

I’ve also noticed a fair amount of incoming Amiga users. The question here is what sort of horrors those people see when attempting to load my site. What is the Amiga browser these days? I’m willing to bet that it handles CSS a lot like NN 4.7 which is not at all. If you’re one of those lucky customers I’d love love love to see a screenshot of this mess.

Yeah, that sleeping stuff, I’m going to try that out.

That downed gigabit line is ready to inspire a nervous breakdown. I can log on to the server and look at what has got to be lowest load ever and then watch my site load at the speed of ass. This is incredibly frustrating and I’d be more upset if it wasn’t the fault of some nameless upstream backbone. I’m actually considering taking the whole site down until things are working again.

You know things aren’t looking bright when the NSA releases a Guide To Securing XP Professtional (that’s a link to a downloadable .zip file). I’m skimming the PDF right now but I can’t say that I’m comfortable with the fact that there’s an .inf file packed in the same directory. It looks pretty pedestrian for the most part with straight forward things that any administrator should be on top of already. The first “tip” is how to put administrative tools in your start menu. Yup. Don’t forget to disable guest accounts or refrain from giving them administrative priveleges. I’m sort of hoping this is a hoax.

People highlight, ‘OK guys–where’s the source code?’ I think most people don’t want their employees using the source code everyday. Really, they don’t. That’s a distraction from real work.

A quote from Monkey Boy in another lame attempt to justify the expense and limitations of Microsoft product. He also blathers on about Linux being little but a clone and offering no innovative technology. Just because you can look into the camera with a straight face doesn’t make it the truth tubby.

Guess we’ll probably need to stop bombing now. Yeesh. Good thing that this whole mess with Iraq came up otherwise this would be seen as quite the cynical move.

I almost hate to admit it but I really like food journalism. When I lived in the bay area the first thing I flipped to in the Guardian was Dan Leone’s Cheap Eats column and not just because he often talked about eating with my friends (under protective pseudonyms, of course) but because I like reading about food. Even when I was a very strict vegan his flow about burgers and steaks made me want to eat. The same think kind of applies to drinking. I generally head for the malt liquor/cheap whiskey block of skid row but this article/interview/expose about absinthe got me all interested. Well, until I read about their absinthe selling for $100/bottle. The history aspect of it is especially interesting given its continued prohibition despite the fact that we know better now. I’m also really into the idea of reverse engineering anything so that aspect piqued my curiosity as well. Clock punching: link via Looka which is solidly centered on eating and drinking. Crap. Another day, another bookmark.

Ugh. My bad tooth started hurting again tonight so I’ve been periodically rinsing with the overly minty antiseptic mouth wash. The combination of the ‘wash and coffee is doing wonders for my palate. Next I will devour a pile of dung. It’s actually stopped hurting now but I’m leery lest I start feeling the pulsing, unstoppable juggernaut of pain that I sleeplessly hallucinated through at the beginning of last semester. I still have industrial strength pain killers from that tiptoe through the daisies but I’m hoping that I can leave them in the bottle.

I also found out that my host lost a gigabit line which explains the tremendous slowdown. I knew something weird was up because I SSH’d in and the load looked pretty normal. The index is loading a lot slower than I’d like it to but at least it doesn’t time out every other time. Using MT is an exercise in painful finger drumming but I’m hopeful that this will be resolved by the time I drag my carcass out of bed tomorrow, uh, later today. Off to figure out why this printf is not doing anything but no spitting out an error either.

Thanks for the emails. I do know the site is running slow as shit. My hosting company is in MD and I’m in CO so I’m not sure that anything will happen to improve the situation today. I do appreciate people letting me know though. I really hope those folks are off doing something fun and not waiting for my email. It just doesn’t matter that much.

I kinda figured as much but someone has finally investigated the Recent Referrers script that so many people are using and found bogosity in the results. I’m going to grab a copy of it and have a look see for myself. To give credit where it is due I’m nearly incapable of doing this kinda scripting without something catching on fire or the baby jesus bursting into tears. Stephen is just plain swell for getting it very close to right and commenting his code very thoroughly. Speaking of Perl, the Perl Advent Calendar is seriously cool. While you’re at it, go grab this issue of the The Perl Review to read Andy Lester‘s really funny and enlightening article Extreme Mowing and begin to wonder who is winning the funnier writer in the family contest since Amy has firmly implanted the term “asshat” in my head forever. Quinn is certainly winning the funny facial expression contest, though.

You couldn’t ask for a better summary than this:

There are days when I feel like I’m just sitting up in a bamboo tower, with half a coconut over each ear and a reed in front of my face, chanting the magic words “Rah-Jur-Will-Co” all day. I can only hope that the Sky Gods will see my devotion and return; then the pale ghosts will crawl from their bellies bearing the precious Cargo, and the villagers will all drink of the gods’ own Ko-Kah-Ko-Lah.

Because I swear that’s about the degree of control that Windows administration and troubleshooting tools give you when something goes wrong.

from Weblogging Considered Harmful. No that’s quite alright, coffee is supposed to come out of my nose when I’m amused. Yet another thank you is gratefully given.

I’ve been spending a little time rebuilding the mess of bookmarks that I demolished a couple of months back. They’re the one thing that I never think of backing up. In a sense that’s a reason that this weblog even exists. I perpetually lose notebooks (which was my old default method of preserving some sense of coherence when continually moving from public machine to public machine — write everything down) and I have a limited memory for convoluted URLs. I’d entirely forgotten about Librenix and I’m glad that semi-random wandering led me back there. As tired as I’m sure most folks are of the GNU/Linux versus Linux argument, an article over there reminded me precisely why being a pain in the ass about the details is so important. His rant is pretty cohesive and he brings up a number of good points but the entire point of strapping the GNU on (god, that sounds really nasty) is lost in the discussion of technical points. Most of us who code or make things involving the Linux kernel know how important gcc is to the creation and development of it. This is a big contributing factor to everyone being so weary with Stallman’s awkward naming of our dear operating system. Being engaged by the technical innards of the beast is the sort of familiarity that breeds contempt or at least impatience. The thing is that there are a lot of people who download an ISO, burn a CD, and are off doing end user tasks. What this ignores is that there is some significant history behind the motivations for developing the kernel and all of the things that float on top of it.

Linus didn’t develop the kernel alone (which oddly enough is asserted in the aforementioned article) and he didn’t begin the project just because he had nothing better to do. Linux was started because Unix was locked away behind prohibitively expensive licensing at least in part. I don’t think that his choice to GPL the whole thing was coincidental no matter how much backpedalling goes on in interviews. I’ll grant that part of this is probably due to the fact that the effort is indeed a collaborative one and you don’t get people sending you thousands of lines of code when you’re going to nail that code into a binary only coffin and pimp it out. But, as I said earlier, we already (or at least should know already know) know all of this.

gcc is usually pretty transparent to most end users even if they’re compiling software they’ve downloaded. In most situations the user runs a configure script, an install script, and forgets all about the process. In the absolute worst case, distributions forgo even the Linux tag and simply name their operating systems whatever which ignores not only the work of the GNU folks but the kernel hackers as well. Lindows is a worst case example as it derives from the work of so many other people but is presented as an independent entity. In this case, you’re also ignoring the incredible work of thousands of people involved with Debian. I’d feel like an alarmist of sorts if I didn’t witness the weird resentment that end users display towards free software developers. If you followed their logic the most important development ever done on any Linux related product was providing an easy installation. Follow that train of thought back a few steps and you’ll start to see a gulf emerging between the spirit of free software development and the spoiled children whining of end users who don’t want to hear about it. Substitute all the helpful and productive bug reports you’ve ever received with a bunch of nasty email complaints telling you how shitty your software is and you might get a glimpse into the future of agnostic open source software. Again, like the GPL, I consider this a measure of self preservation. Do you want a community or do you want a lot of grief?

(An operating system) != (a distribution). Linux is an operating system. By my definition, an operating system is that software which provides and limits access to hardware resources on a computer. That definition applies whereever you see Linux in use. However, Linux is usually distributed with a collection of utilities and applications to make it easily configurable as a desktop system, a server, a development box, or a graphics workstation, or whatever the user needs. In such a configuration, we have a Linux (based) distribution. Therein lies your strongest argument for the unwieldy title ‘GNU/Linux’ (when said bundled software is largely from the FSF). Go bug the distribution makers on that one. Take your beef to Red Hat, Mandrake, and Slackware. At least there you have an argument. Linux alone is an operating system that can be used in various applications without any GNU software whatsoever. Embedded applications come to mind as an obvious example.

That sounds like a wonderful argument but the sad part is that a majority of the reported GPL violations come from embedded projects which points either to total ignorace of what the GPL is all about, willful concealment in hopes that the violation won’t be discovered, or thinking that a couple of dirty hippies with a goat for a logo don’t have the resources to do anything about it. In the first issue of the dead tree FSF newsletter Free Software Foundation Bulletin there’s a really informative article about this by the GPL Compliance Engineer David Turner. He writes that

A plurality of GPL violations on FSF-copyrighted Free Software are in the embedded market. Companies often port GCC to new chips or boards and distribute the binaries without releasing the source code.[ ...] Corporate lawyers often like to wrap a whole distribution with an End User Licensing Agreement (EULA). Most of the time, such EULAs are incompatible with the GPL, as they attempt to trump the rights that the GPL protects.

I guess the point here is that while the awareness of Linux continues to grow the understanding of or respect for where it comes from seems to decrease. I don’t think I’m too far off base by pointing to a correlation here. Unfortunately, a lot of the burden of dealing with explaining how the GPL works falls on the FSF and sometimes they even have to explain how it can coexist with non-free software (again quoted from David Turner)

Sometimes, we have to explain the intricacies of how GPL’d code can be distributed alongside proprietary code (and how it can’t).

Sucky isn’t it?

I didn’t set out to point by point refute the article at Librenix. Hopefully this doesn’t come off that way. I just think that people need to step away from the console for a few seconds when considering the validity of Stallman’s argument. I don’t think fame was ever the motivation for any of his creations and I don’t think that it’s his motivation for badgering us with the request to use “GNU/Linux.” It’s just something to give a little consideration to before writing some spleen venting about RMS’ stubbornness even though lines seem to be already drawn in the sand for most people at this point even for those who don’t know the details of the work he did/does and how important that work is for what we’re doing now.

I’m guessing that Zebulun is no longer with us judging by their index these days. Seems like a lot of people who had second generation vanity sites (of the news site — /. jr. variety) are biting the dust. I wonder how many will resurface in the next few months as weblogs or the like. Once you start shooting off your mouth about all matters geeky it’s pretty hard to stop.

One of the funnier emergency case mods I’ve seen. The innovative closure device beats thumb screws for easy access and adding extra ports seems like it would be a snap or maybe a poke. On the other end of the spectrum if you were seduced into shelling out the scratch for one of those fancy ass iPods and would like to use (the Windows version at least) under a real operating system (thank you Aaron for this snide but very effective term) you’re in luck. Here’s a very detailed article full of helpful links to help you use that overpriced little widget for good instead of evil. The GNUPod site even has a method of switching HFS iPods over to FAT32 if you really fucked up. Unfortunately you need a working Macintosh for this to work but I imagine if you spent that much money for a fucking MP3 player you probably have at least an iLamp sitting on your desk so go to… I also found a way to host from more than one Mac while nosing around. That way if you want to listen to something on your lilac iLamp instead of your Paisley Spangled Chocolate iBook… Fucking hippies.

I noticed this a little on the late side but ex-lion tamer has the best suggestions for how not to be a total asshole during the holidays that I’ve seen yet. Thank you.

I’m fighting the need to sleep after eating to an excessive degree. Coffee only seems to help by gallon increments and despite the fact that I have like six pounds of it in the house right now I just don’t feel up to the battle. Yoon and I ate xmas dinner with her parents and brother which is sort of the default activity for December 25 but this one was a little different. I won’t explicate every detail of it because this just isn’t that kind of weblog with the occasional mention of the kitten excepted.

Yoon’s dad doesn’t exactly dislike me but there’s always been a tense heaviness in the room when we’re in the same room. The reasons are exactly what you’d expect and I really don’t harbor any grudges about it. I respect the fact that he’s a bit suspicious of me. I’m a scruffy white kid who doesn’t speak the language he’s most fluent in and he holds strong religious beliefs that I don’t share. Like I said, it’s very understandable. This Christmas was different, though, and I’m not sure exactly why but the lack of tension was palpable. We all hung out and watched a movie. Everything just seemed as normal as it possibly could be until dinner.

Although I don’t have any religious beliefs to speak of I do honor others when they say grace by bowing my head or whatever. It’s a matter of politeness and a matter of respect. Anyway, grace was said entirely in Korean so Ididn’t really catch a word of it. The Korean words I know are all food related which is something that needs to change in the future but didn’t help me in understanding what Yoon’s father was saying. When the prayer was over I looked over at Yoon only to see tears rolling down her face and her dad exiting for the deck. Awkward hardly describes how I felt because I have no idea what the hell is going on and none of the other people in the room who all speak Korean in varying fluency are helping me out. So, I just fucking sit there and wait for something to happen. What I didn’t understand was that Yoon’s dad was praying for me and my future presumably with his daughter. I don’t know how to properly express the sweetness of that in comprehensible terms either here. Believer or non-believer it’s nice to have someone saying nice things about you in the most reverent application they’re capable of. I have a terrible case of the warm and fuzzies. I’m probably not explaining this well but the full significance of it didn’t really sink in until I was on the way home. I hugged her dad for the first time today and even though it was an awkward man hug I really meant it. Christmas presents become more elaborate and emotionally charged all the time.

Speaking of which, Yoon made a annonotated photo album for my gift. It has pictures from when we first started seeing (ugh for lack of a better term) each other. I am a very content kid right now. I hope I deserve all of this.