It’s up to 356 bucks. What a great idea.

There’s an interesting article about false positives in spam filtering over at TechNewsWorld taking into account people in business and whatnot. I work on a college campus so we pretty much don’t filter anything and most of the mail accounts that don’t use some kind filtering on their own get pummeled. It doesn’t help that our LDAP is world readable either but I won’t dwell on that particular piece of clueless policy. That is exactly the problem, though, administrators who take the path of least resistance route when dealing with policy. On one hand, our admins want iron fisted control of all network resources (which I think is a good idea) but on the other hand to approximate that kind of control they’ll slap whatever commercial product into the mix that seems like it’s going to be less work (in both installation and upkeep) for them and offer the user less “confusing” choices. From what I’ve been able to observe from very limited experience with individual user spam woes most of them become savvy very quickly when burdened with enough of it. They’ll learn through pain and suffering or simply grow numb.

It becomes an entirely different question when considering ISPs though. How much do I trust my ISP to decide what is and isn’t what I want? Not a whole lot but many ISPs are implementing spam filtering that doesn’t pay very much attention to the needs of its users. I thought the argument about potential lawsuits between ISPs and subscribers over important mail (meaning essentially lost business) lost in the seething tides of spam. Blackhole lists are probably the worst about his because they give the end user absolutely zero control over their mail.The last worm outbreak landed me on a couple of blackhole lists simply because my address was in an infected user’s address book. I don’t use Outlook or even an operating system that it would run on so I know it’s not my fault. With a blackhole list the burden of proving my innocence rests entirely with me assuming of course that I can even reach a human to evaluate my claim. It’s only going to get stickier as time goes on since spam filtering has blossomed into a full on buzzword uttered at meeting by PHBs and other bottom feeders. With an increasing number of poorly implemented filters and dependence on things like blackhole lists and commercially managed filtering software white listing is almost inevitable.

I’m much more likely to advocate a mail client that has filtering capabilities (I thought Apple’s mail.app was a pretty good implementation of that idea) so the ability to spam filter is there without putting the responsibility elsewhere especially when that responsibility is handled by a non-human facility. I don’t think that it’s too much to ask for people to handle their own filtering but again the laziness principle prevails with the ubiquitousness of Outlook on the business desktop. Maybe if we feed the admins cookies laced with clue…

ps. When I say “admin” I don’t in any sense mean that as a pejorative against people who do actual technical work and keep systems running. I mean it in the sense of people who attend meetings, take long lunches, and call vendors when they have trouble. We are bursting at the seams with the latter so you’ll have to forgive me if I sound a little more cranky and hostile than usual.

So for reasons that I’m not going to go into (although you can probably guess) I ended up with a copy of Lindows last night along with a year’s worth of access to their often vaunted Click-N-Run warehouse. I just wanted to do a basic install and upgrade the machine to the point where I thought it was usable. I think there’s a lingering “linux, especially Debian company” guilt attached to Lindows that makes me want to at least go through the motions of installing and configuring it before I denounce it completely. I did.

The first download of the OEM .iso passed its checksum with flying colors but wouldn’t boot after I burned the CD. Fine. I should probably mention that you can’t (at least as far as I could find) just see a checksum but have to use their automated checksum checker. This is only the beginning of my frustrations with the opacity of the system. Things are hidden. So, second download of an .iso was the full install version which failed to checksum. The third download also failed but I was a little frustrated at this point after downloading 1800 megs of useless ISO so I just burned the damn thing. Bingo. It boots fine. Apparently Lindows has instituted a backwards checksum functionality; if it passes then don’t use it.

The install is very fast. The whole thing from boot to reboot probably took 15 minutes on my PII 366. You’re automatically logged in as root which is suck. People have said that you’re given more flexibility about setting up accounts during installation but there were no offers to set up regular user accounts just the “optional” security password. I don’t care how “difficult” it is to deal with the idea of multiple accounts on a single user machine. Making a box insecure by default on installation is unacceptable. I created a user account using the user manager which is just the standard KDE affair renamed. This brings me to another very annoying part about the default Lindows install. Things are randomly renamed (although I’m sure the folks at Lindows would prefer that I said ‘rebranded’) so if you’re at all familiar with the usual available software in your average Linux distribution then you’re going to be launching applications just to figure out what they actually are. I guess that’s where I fail to be part of the Lindows business plan — I sort of know what I’m doing already.

Next step is setting up Click-N-Run after a brief configuration of a DSL connection. Actually I wasn’t happy about the way that was set up either. Normally the network connection type wizards give you an option to start the connection at boot or to manually start it. Since this is a laptop and does occasionally leave the coffee table in front of our couch this feature was more of a bug than anything. Click-N-Run is actually pretty quick and easy to set up. It suffers from the ‘rebranding’ obfuscation as well with cutesy renamings prominently featuring the Lindows name. What is also surprising is how little software is available and how many of the categories are just plain empty. I got emacs21 up and running and then went hunting for a Mozilla Firebird substitute. Galeon was the answer as it often is but it failed to install. Then I tried a different version listed with Nautilus support that also failed to install. Well, at least the installer was honest or so I though until I started installing FTP clients and watching them fail when attempting to launch them. I took advantage of my ‘advanced’ status and ran gFTP from an xterm to find a whole sea of permissions errors. It was a simple bad configuration. Two trial downloads later I’m beginning to realize that none of the FTP clients will launch. Not good. Not good at all. This is exacerbated by the fact that Lindows is intended for a very end user audience that is presumably hooked by the advertised ease of installation and will be rewarded with segfaults and errors that they’ll never even see.

The whole ordeal only lasted for slightly over an hour but I was happy to get the rickety contraption off my machine. I’m not exactly sure what it is that the proponents of Lindows see in this package that makes it so superior to the other distributions in their minds. I got my copy for free and I feel ripped off.

Saw a heads up on the Politech list about this lovely bit of pretzel logic about the advocacy of free speech by librarian. OK, yeah, so it is indeed Town Hall that we’re talking about and rises like stink from the National Review but this is surprising even from the backwoods of the hereditary meritocracy. I’m not going to quote anything because it’s all flamebait at very best but it’s an interesting angle that usually is used by the right to argue the validity of the NRA even when the organization is spending all of its time lobbying for the legality of Saturday Night Specials.

Sure, kill the librarians because the columnists and editors who want to have some latitude over what they publish and how are next. Oh, wait, I nearly forgot that their team is temporarily on top. It won’t be that way forever, chump, and then you can go back to bemoaning the moral decrepitude of the administration and never, ever think about a library again.

It’s the end of another weekend and there is an abandoned keg on the porch. Yoon’s birthday is this Tuesday so we took the graceful weekend solution. She was actually drunk for the first time ever last night. Woo hoo. I overslept by many hours and awoke not knowing what day it was and assuming that it was a weekday and that I’d slept right through my classes. Fantastic.

We had some folks over very late last night (which probably explains the warm stale keg of domestic pisswater that occupies our porch right now) and I had a couple of very interesting conversations. One of them was with the one scientist in our group of friends who I’ve had great conversations with in the past about Linux in relation to scientific work and the like. Mike is a swell guy. The usual dorking around with the laptop ensued and he showed me some pictures from Isabel. What makes them interesting are the distinct star shapes that formed at the eye of the hurricane. Go look at the photos and gasp in horror as you realize that one of them is indeed a perfect pentagram. Scary.

Also noticed a posting on /. that points to a great article called “The cult of the NDA” which is worth a read especially if you’ve ever been stuck working under one of them.

I’ve been just as annoyed as anyone with Verisign’s massive breakage of the internet as anyone else but one thing that never occurred to me was disagreeing with their terms of service. In fact I didn’t realize that they’d even bothered with something like a TOS for something that no one willingly uses. Within they inform you that their services are “free of charge” and “may be terminated at any time without notice.” I’m hoping that the entire thing will simply disappear before it becomes the huge embarrassment that it rightfully should be.

Liferea is a cool little aggregator that looks and works a lot like Feed Reader which I know a number of folks are totally in love with and really wish that it could be directly ported to a Linux environment. This is basically what you’re looking for although it’s not exactly stable yet. I grabbed the .deb from the downloads page and it did indeed install flawlessly but I used my own RDF feed to test it out. It crashed the first time that I pasted the entire URL into the “add feed” dialog and then simply didn’t work when I used the address minus the ‘http://’ tacked onto the beginning. Once I edited the entry and put back the beginning of the whole URL lifefrea took off like a scalded cat. It’s fast and very configurable so I can deal with the alpha/beta crashiness for the moment.

One thing that I always find interesting about standalone .deb packages is that they almost never add a menu entry when installed. This seems odd because Debian has a unified menu system that gets rid of a lot of the KDE/Gnome-centricity that other distros fall into. It would be nice to have a menu entry for even beta software because to be perfectly honest I’m going to forget all about it in a couple of days. Bug squishing isn’t helped when people forget that they even have the software installed. I know it’s nitpicky but I think that extra step would be beneficial for both developers and users. I’m pretty sure that there are more than a few OS/free software developers that would be happy to never see a bug report from me again. I tend to stumble on really craptacular bugs and I have sort of a guilt complex about it. Some days I feel like the guy from the military that has to pay visits to announce the death of a family member. OK, hyperbole but you get the point.

Go grab a copy of Liferea, though. It’s not ready for production (like feed reading is production work) but I think it’s an open ended enough application to give the fussbudgets something to play around with for 45 minutes or so. This is also very high up on my “check back in on this project in a couple of months” list. That list is freakishly long these days which I think really says something about the quality of software that people have been working on over the past year or so. I’m not saying that things weren’t amazingly good in the past but the momentum seems to have been bumped up a notch in the last year. That’s good news for everybody.

Oh, and it’s also very nice that Liferea has its help files built in as channels. That is a fine idea that keeps documentation matched with its version.

You’ve really got to wonder what is going on editorially over at @stake. You’ve got to be nearly insane to fire someone for having a dissenting opinion when you absolutely need credibility when reporting on security issues. How spineless is:

“Participation in and release of the report was not sanctioned by @Stake,” the security and consulting company said. “The values and opinions of the report are not in line with @Stake’s views.”

anyway? Of course, MS denies having anything to do with this and everyone sadly shakes their heads. After you take that big chunk of venture capital it’s probably best to write a script to write press releases and then get the hell out of there. l0pht used to crank out security info worth reading before the bad penny came rolling in and ruined their credibility.

Huh. ActiveState was acquired as “anti-spam experts” by Sophos. According to the letter to customers, everything is supposed to stay the same. Usually when promises like that are trotted out it means that both companies will crash in burn within 3 months. I hope that isn’t the case for ActiveState since they actually do some really good work on the perl front and a lot of developers who insist on the Win32 platform would be SOL. There are probably other options that I don’t know about but I can’t remember the last time I’ve coded anything more complex than a sign that says “Don’t Shut Off!!” under Windows.

So Lindows is marketing preloaded hard drives now. They announced it like it wasn’t a huge scam or anything. I’m a little amazed that they haven’t started giving the OS away (a la AOL CDs) and just selling the associated services. OK, so I admit that I’m glad they aren’t sending 3-8 CDs a week that I’m going to toss mere seconds after recieving but this is pretty damn close. The first one is always free kids and it installs in 10 minutes…

Ugh. If you wanna see something meme-rific before it’s overwhelmed by one of the huge sites I suggest you head to Could This Be Real and watch the short film. Of course it’s probably a hoax but it’s pretty difficult to watch either way. The transcript offered in the comment section is 404 already which is unfortunate. The comments are pretty chuckle-licious with wonderful examples like this:

give me a break . since all or most of the so called creative talent in hollyweird are left leaning pinheads,you would think they would have done a better job.they are so protected that the fact that there is real evil in the world goes over thier heads

I’m amused and numerous wedgies are delivered so mission accomplished. Go take a look while you can. I have to say that I’m curious what the folks at Snopes will have to say.

I may be incredibly cynical (albiet for damn good reasons) but Hewlett-Packard’s decision to indemnify Linux customers smacks of opportunism. Obviously no non-commercial Linux user is going to get dragged into court because there is simply no money to be made there and it seems pretty obvious that you are not liable for the things that you buy. It looks a lot like an attempt to take advantage of corporate IT’s inability to do anything without having a 1-800 number to call or a lawyer to sic on someone. HP has made some stick dumb decisions in the past regarding Linux and free software in general so I’m very reluctant to trust them inasmuch as I trust any company.