Sunday, April 01, 2007
Emergency Posting System
This is a test of the Emergency Posting System.
This is a test of the Emergency Posting System. The bloggers of your area in voluntary cooperation with federal, state and local authorities have developed this system to keep you informed in the event of a lack of posts. If this had been an actual post, the Attention Signal you just saw would have been followed by official information, news or instructions.
This concludes this test of the Emergency Posting System.
Monday, April 02, 2007
Notes on the Emergency Posting System
It's nice to see that the Emergency Posting System worked as intended, but there did seem to be some problems with the color yesterday. No idea why …
Tuesday, April 03, 2007
A few thoughts for the day
In theory, there is no difference between theory and reality. In reality, there is.
No plan survives first contact with the enemy.
Never ask a technician how long it will take to fix something. Someone else has already asked, you'll blow the technician's concentration, and it'll then take twice as long to fix.
Wednesday, April 04, 2007
Just a little thought about digital video recorders and advertising
Bunny's had a DVR for a couple of months now, and it's gotten to the point where watching live TV is annoying, especially because of the “30-second fast-forward” button (press it, it goes fast-forward through 30 seconds worth of video). It's not an immedate jump—no, it actually fast forwards.
Now, I'm amazed that advertisers haven't attempted to make a commercial that's watchable when fast-forwarding. I timed the “30-second fast-forward” button, and it takes 3 seconds to skip forward 30 seconds of video. 10-to-1 compression. Okay, what can one do in just three seconds?
What can one do in ten seconds? (for the record, I heard about that contest over a year ago) I came up with a few ideas that had an actual narrative structure, and just a few days ago, I realized I could probably do an entire Ernest Hemingway short story in 10 seconds. Three seconds is more than enough for brand building.
It's just a matter of time before some advertiser tries this.
Thursday, April 05, 2007
Entry Interrupted
Still without Internet access at Casa New Jersey (although that may be resolved in the next day or two). In the mean time, work has been keeping me busy.
Fir—
Update on Friday, April 6th, 2007
Wouldn't you know it—a power outtage when writing this entry. I have no idea where I was going with this entry.
Sigh.
Friday, April 06, 2007
And you thought you owned your computer
The Vista Content Protection specification could very well constitute the longest suicide note in history.
A Cost Analysis of Windows Vista Content Protection
And it only gets better from there. Some choice quotes:
Since the S/PDIF link to your amplifier/speakers is regarded as insecure for playing the SA content, Vista would disable it, and you'd end up hearing a performance by Marcel Marceau instead of Pink Floyd.
A Cost Analysis of Windows Vista Content Protection
Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.
A Cost Analysis of Windows Vista Content Protection
The Microsoft specs say that only display devices with more than 520K pixels will have their images degraded (there's even a special status code for this,
STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH
), but conveniently omit to mention that this resolution, roughly 800×600, covers pretty much every output device that will ever be used with Vista.
A Cost Analysis of Windows Vista Content Protection
(A lot of this OPM stuff seems to come straight from the twilight zone. It's normal to have error codes indicating that there was a disk error or that a network packet got garbled, but I'm sure Windows Vista must be the first OS in history to have error codes for things like “display quality too high”).
A Cost Analysis of Windows Vista Content Protection
If you're not versed in DRM doublethink this concept gets quite tricky to explain, but in terms of quantum mechanics the content enters a superposition of simultaneously copied and uncopied states until a user collapses its wave function by observing the content (in physics this is called quantum indeterminacy or the observer's paradox). Depending on whether you follow the Copenhagen or many-worlds interpretation of quantum mechanics, things then either get weird or very weird. So in order for Windows Vista's content protection to work, it has to be able to violate the laws of physics and create numerous copies that are simultaneously not copies.
A Cost Analysis of Windows Vista Content Protection
So, go read the whole thing before I quote it in its entirety here. I will also point out that those who do not study history are doomed to repeat it (in the 10th grade). The computer games industry spent the better part of the 80s trying various copy protection schemes and not one suceeded! It's just sad that Hollywood is spending so much money to learn the same lesson.
Saturday, April 07, 2007
Growing rocks and all that
Spring and I went to the Morikami Museum nd Japanese Gardens in Delray Beach, Florida. Quite the calm and peaceful place, much like Bok Tower, only without Saruman and his throngs of Uruk-hai running around the place.
Significantly afterwards, in keeping up with our international hopping in South Florida, Spring and I hit a Irish pub for dinner, where I had a traditinal Irish Fish-n-chips, and Spring had a spinage dip with potatoes, which prompted us to ask if the Irish settled Idaho.
Sunday, April 08, 2007
Leeches
A couple of days ago, I was most surpriesed to find a cellphone bill of $450 for the past month. Spring was livid and went about ripping the head and entrails out of our cell phone provider until everything was kosher and our bill had been cut significantly.
So while our cell phone is straightened out, the DSL situation isn't. Hopefully, later this week …
Street music
Leonard Slatkin, music director of the National Symphony Orchestra, was asked the same question. What did he think would occur, hypothetically, if one of the world's great violinists had performed incognito before a traveling rush-hour audience of 1,000-odd people?
“Let's assume,” Slatkin said, “that he is not recognized and just taken for granted as a street musician … Still, I don't think that if he's really good, he's going to go unnoticed. He'd get a larger audience in Europe … but, okay, out of 1,000 people, my guess is there might be 35 or 40 who will recognize the quality for what it is. Maybe 75 to 100 will stop and spend some time listening.”
So, a crowd would gather?
“Oh, yes.”
And how much will he make?
“About $150.”
Thanks, Maestro. As it happens, this is not hypothetical. It really happened.
“How'd I do?”
We'll tell you in a minute.
“Well, who was the musician?”
Joshua Bell.
Via Steven Talcott Smith, Pearls before Breakfast
Joshua Bell. Playing a $3.6M Stradivarius no less.
But you'll have to read the article to find out the results.
Monday, April 09, 2007
See Gregory! I was right!
What I forgot to mention in yesterday's entry was that Spring and I were over at Gregory's house leeching his Internet connection. We both brought our Mac mini's, and Gregory was particularly amused when I brought along my monitor. “But Sean,” he said, “I have plenty of monitors you can use.”
“But,” I said, “I know this one works and is set to my liking. And I get very irate when stuff that should work, doesn't.”
Besides, my monitor is a flat screen, which makes it easier to transport.
So today, I'm at Smirk's house, seeing how Casa New Jersey is still without Internet access. While I did bring my Mac mini here, this time, I didn't bring my monitor, figuring hey, this is Smirk. Like Gregory, he'll have plenty of monitors I can use.
I should have brought my monitor. The one I'm using is way too small for my liking.
Sigh.
Tuesday, April 10, 2007
Killing spammers “for the kids!”
(Again, at Smirk's house, as Casa New Jersey is still without Internet)
I just had this idea, both wonderful and terrifying while wading through the throngs of spam infesting my inbox promising to increase my mortgage by three inches.
The perception I get (and I'm feeling too lazy to do any real research on this) is that a lot of recent legislation has been passed “for the children” or to “protect our kids” from various nefarious minions out there wanting to harm them. And above all, we must protect our kids from S-E-X. To keep them innocent, you know.
So here I am, looking at the umpteenth “Guarantee 15 mins Longer with V1@gRa” spam, and the idea suddenly hits me—go after spammers “for the kids!” Who in their right minds would want precious Isabella and Christopher to sully their innocent eyes with email that has a subject line of “Raise ejaculation volume” or “Boost up your erection!” or even “H0t Teen L3sbi@n S3X!!!!!!!”? Go after these villainous scofflaws for violating the sanctity of our children's eyes (not to mention their tabula rasaesque minds) and maybe we can reclaim our email as well.
And that's why it's so scary—because this might very well work and embolden even more draconian laws “for the children.” Or worse, spammers will adapt and starting shilling DVDs of Barney and the Teletubbies.
Shudder.
Wednesday, April 11, 2007
Exploding light
Since I've been schlepping my Mac mini around to Internet enabled sites, I thought it might make things easier if I cleaned and arranged my work area at Casa New Jersey. While doing this, I found that one of my flashlights has exploded:
For whatever reason, the bottom just simply flew off, thus rendering it useless.
Ah well. I think I paid like 99¢ for it years ago, so it's not like it's a big loss.
Thursday, April 12, 2007
“The traffic is going where?”
Ah, nothing like dynamically generated sub-optimal routing.
Smirk had me install a new router for our T1 customers, and the resulting changes in network topology were rather amusing. The expected path for traffic to customer R was “Internet → Core → Edge-02 (the new router) → R” but instead it went “Internet → Core → Core-02 → Customer S → Edge-02 (over Customer S' T1 no less!) → R.”
Ah, it's the multiple paths between the two cores that lower the “cost” for traffic. The fix was easy enough—bump up the “cost” of Customer S' T1 such that traffic will prefer a “cheaper” path and not go over Customer S' T1.
“Khaaaaaaaaaaaaaannnnnnnoooooooooo!”
Bunny was so intrigued with Incubus, the William Shatner vehicle filmed in Esperanto that I mentioned that she rented it.
Boy, talk about bad. At 76 minutes, it felt like a three hour film. Don't let the trailer fool you, it's not all that suspenseful, and about three times slower than you might expect. Except for the nice camera work (but then again, even Plan 9 from Outer Space had decent camera work, technically speaking) and an overwrought performance by William Shatner in Esperanto, there isn't much else to the film to make it worth the time.
Friday, April 13, 2007
Paraskevidekatriaphobia
But it's just a silly superstition, right?
Ri—
Saturday, April 14, 2007
Burt Rutan. Burt Munro. Burt Reynolds. Guys named “Burt” like to go fast.
I just saw The World's Fastest Indian (the motocycle, not a Native American or one who lives on the India sub-continent). A nice sweet story about New Zealand's Burt Munro (Anthony Hopkins) and his quest to run his 1920 Indian across Utah's Bonneville Salt Flats.
Also on the DVD was director Roger Donaldson's documentary Burt Munro: Offerings to the God of Speed, which was nice to see how close Anthony Hopkins got to the character of Burt Munro—very darn close.
Sunday, April 15, 2007
William Shakespeare through interpretive dance
Spring, Wlofie, Bunny and I went to the Bankatlantic Center Frank Sinatra Theatre to see the Russian National Ballet perform “Romeo and Juliet” (thanks to complementary tickets Spring obtained from a fellow cow-orker).
We arrived at the theatre well in time for the performance, and we used the time to avoid paying $20 to park at the Bankatlantic Center Frank Sinatra Theatre and instead parked across the street at the Sawgrass Mills Mall. It was amazing that parking cost so much, considering that every flat surface of the Bankatlantic Center Frank Sinatra Theatre was covered with advertising and sponsor logos (even the urinals were covered!).
They had curtained off one third of the arena and set up a stage area. Our seats were halfway up the nosebleed section, almost opposite the stage, so we had a nice view of the orchestra pit and the stage.
The dancing was good. It's not hard to be impressed with how effortlessly the dancers leapt and pirouetted across the stage. The lighting—for the most part, the lighting was okay but the people working the spot lights could have been much better. Late cues, not spotting random parts above the stage, overshooting the dancers and generally very poor workmanship with the spot lights. And the music? Let's just say that it wasn't much better than a high school orchestra (say, a C-). Very disappointing.
But more annoying (maybe) were the kids just behind us—the oldest might have been five years old. Constantly asking questions and kicking the back of my seat (and Bunny's, and Spring's). They definitely distracted me from my enjoyment of the dancers, and only slightly from the inept spotlights. And it turns out, they were in the wrong seats anyway and after intermission had moved on to annoy some other section of the audience.
Overall, I'm glad we didn't pay for these tickets (retail value: $56 per ticket). I think I had more fun watching Incubus (at least at home, we could heckle the movie).
Monday, April 16, 2007
Wits End at Casa New Jersey
The lack of Internet here at Casa New Jersey is really taking its toll on us. Part of the problem is the Monopolistic Phone Company, who, if they could, would wipe the Internet off the face of the earth. Another problem is the company we're getting DSL through, which seems to constantly drop the ball. Odd, given that when I've had them in the past, they've been nothing but wonderful.
So why don't we drop this company and go with someone else, or even cable?
Because we're not paying for DSL—The Company is. It's a perk and frankly, I'd rather not pay if I don't have to.
Sigh.
The latest news: maybe Wednesday, possibly by Friday.
Wok with Wlofie
Wlofie came across this carbon steel wok while at Wal★Mart that was perfect for the stovetop. He has another wok, but it has a completely round bottom and thus can only cook with it over an actual fire.
Although, as is, isn't quite ready for cooking.
It needed seasoning.
And seasoning a wok requires two things—heat, and peanut oil. Wlofie set the burner to “high” and dumped in a few table spoons of peanut oil (which has a highest smoke point of all the cooking oils). As the carbon steel changed to a dark brown to black, Wlofie would rotate the wok over the burner, and add oil as needed. The high heat would burn the oil into the carbon steel, “seasoning” it—basically, coating it with a molecule thick layer that resists sticking better than Teflon.
Sure, it doesn't look all that great, but as a cooking surface, it's great. And heck, if something does stick, just apply more heat; whatever sticks will soon turn to ash which can then be dumped out (it's the principle behind a self-cleaning oven, which carbonizes any residue).
Tuesday, April 17, 2007
WOOT!
WE HAVE THE INTARWEBS!!!!!
Now, if you'll excuse me, I shall spend the next few hours in an orgy of Internet browsing …
Wednesday, April 18, 2007
Intarwebs!
… okay, make that a few days.
“It was a good run while it lasted … ”
Okay, one neat thing I've come across:
Kongo Gumi also boasted some internal positives that enabled it to survive for centuries. Its last president, Masakazu Kongo, was the 40th member of the family to lead the company. He has cited the company's flexibility in selecting leaders as a key factor in its longevity. Specifically, rather than always handing reins to the oldest son, Kongo Gumi chose the son who best exhibited the health, responsibility, and talent for the job. Furthermore, it wasn't always a son. The 38th Kongo to lead the company was Masakazu's grandmother.
Via kisrael.com, The End of a 1,400-Year-Old Business
And to think, this company has been around as long as some religions …
Thursday, April 19, 2007
“One ring to rule them all.”
I found this in my blogging notes—I'm not quite sure when I made the note, but it might have been when we were Internetless here at Casa New Jersey. Anyway:
From now on, whenever somebody dials your new uninumber, all of your phones ring simultaneously, like something out of “The Lawnmower Man.”
No longer will anyone have to track you down by dialing each of your numbers in turn. No longer does it matter if you're home, at work or on the road. Your new GrandCentral phone number will find you.
Via Instapundit, One Number That Will Ring All Your Phones
I can see that being handy. Not for me, mind you, but for Smirk, so I no longer have to dial first his cell phone, then his office phone, then his home number when I'm trying to reach the man. Me? I'd hate to have this. Then again, I only have a cell phone number (the phone at Casa New Jersey? Only exists for DSL because the Monopolistic Phone Company demands we have it for DSL).
Now, riffing off this, cell phones used to be a status symbol. “Look at me, I'm so important and I make so much money, I can carry a phone with me at all times.” Now that everyone, even kids, have cell phones? And everyone (especially with this service) can be reached 24/7? Look for the powerful and rich to hire people to answer their phones. “Look at me. I'm so important and I make so much money, I can carry a person with me all the time to answer my phone.”
I'm surprised it hasn't happened already.
Friday, April 20, 2007
“Make Millions on the Intarweb!” or “There is no such thing as a free lunch.”
Sean, here's a complimentary
Conference invitation for you and a guest!Sean, discover how ordinary people and small business owners are creating incomes using the Internet. Also, learn how you can make money using
[Logo for eBay] [Logo for Yahoo!] [Logo for Google] [Logo for msn]
and other online resources!
I first saw this piece of snailmail on my desk on Tuesday. My curiosity was piqued, and hey, it was free. And as long as I called by Monday, April 16th, I could reserve—
Oops. Missed the deadline by one day.
Oh well.
But hey, nothing ventured, nothing gained. Who knows? I could call and still reserve my spot for the Friday noon session in Boca Raton.
Raise your hand if you think they refused my reservation because I missed the deadline? If your hand is up, I have this bridge I want to sell …
Since I could invite a guest with me, and knowing that Bunny had nothing else planned for Friday, she became my guest for this valuable Internet Income Training Seminar provided by a Leading Internet Solutions Provider for Small Businesses and Entrepreneurs—Since 1995! Including a Free Gift! And a dining package for two. A $120 value!
Free lunch? A Free Gift?
How could I not take them up on this offer. One of the most
important things I learned in college was never turn down free food (yes,
there is no such thing as a Free Lunch™—in this case, we had to
suffer listen to a sales pitch for ninety minutes).
So half an hour prior to the seminar, Bunny and I headed over to the Embassy Suites Hotel in Boca Raton.
Going in, I promised myself that I would not spend a dime on anything. And I managed (along with Bunny) to refrain from spending anything while there. The seminar itself was pretty much what I expected it to be—ninety minutes of shilling for their other, all day seminar where you will discover how ordinary people and small business owners are creating incomes using the Internet, all for the low, low price of $20 (which can include a guest). This seminar? A rah-rah meeting with lots of testimonials, but as it says in the small print:
All testimonials are not earnings claims and are not typical. Your results will vary.
And in case you can't read the small print:
All testimonials are not earnings claims and are not typical. Your results will vary (emphasis added).
But the woman sitting next to me was certainly buying into this (at one point, Bunny passed me a note asking if I thought she was a ringer; I wrote back saying no way as she was making way too many notes to be a ringer for this seminar), as the lecturer kept telling us, over and over, how much we would learn if we sign up for the workshop, a nine hour marathon pitch about Internet Marketing.
Now, I signed up for this “seminar” for blog material but there's a limit to what I'll endure. And I doubt there will be much that I'll learn from such a workshop. In fact, there's a curious bit on the back of the “Customer Activation Form” required to attend the workshop:
… I verify that I am not an Internet Service Provider, do not provide website hosting, and that I will not solicit other workshop attendees for any product or service. …
How odd. I wonder what's up with that? So even if I wanted to attend the workshop, I can't (well, I could but I would be misrepresenting myself to StoresOnline and I can't do that).
At least the lunch was decent.
Monday, April 23, 2007
Much to do about nothing
My plan over the weekend was to write several in-depth programming entries, but alas, my “get up and go” got up and went and before I knew it, it was Monday afternoon and I had written nothing.
And instead of trying to backdate a few hastily written entries, I decided not to bother—I'm never satisfied when I try to backdate hastily written entries and besides, what I wanted to write would take several hours per entry anyway, so … one skipped weekend.
Ah well. These mini-Lego models of Star Wars vehicles (link via kisrael.com) should keep some of my readers occupied for a few hours.
Resistance
And while I had read many articles on this shooting for an article I wrote about school bullying not a single one mentioned the role that a firearm played in stopping it. Until today I didn't know the full story.
Luke Woodham was a troubled teen. He felt no one really liked him. In 1997 he murdered his mother and put on a trench coat. He filled the pockets with ammunition and took a handgun to the Pearl High School in Pearl, Mississippi. In rapid succession killed two students and wounded seven others.
He had the incident planned out. He would start shooting students and continue until he heard police sirens in the distance. That would allow him time to get in his car and leave campus. From there he intended to go to the nearby Pearl Junior High School and start shooting again. How it would end was not clear. Perhaps he would kill himself or perhaps the police would finally catch up with him and kill him. Either way a lot more people were going to get shot and die.
What Woodham hadn't planned for was the actions of Assistant Principal Joel Myrick. Myrick heard the gun shots. He couldn't have a handgun in the school. But he did keep one locked in his vehicle in the parking lot. He ran outside and retrieved the gun.
As Myrick headed back toward the school Woodham was in his vehicle headed for his next intended target. Myrick aimed his gun at the shooter. The teen crashed his car when he saw the gun. Myrick approached the car and held a gun to the killer who surrendered immediately. There would be no further victims that day, thanks to armed resistance.
Via Instapundit, When mass killers meet armed resistance.
The above article has more examples of armed civilians stopping mass murderers at schools that are rarely, if ever, mentioned in the mass media.
I have to wonder why? Is there perhaps some bias against guns in the mass media? You'd think that an armed citizenry is anathema to the mass media.
But given our (and I'm talking about the United States here) history and gun culture, trying to remove all guns is pointless. And we have plenty of laws stating who can carry, who can't, and waiting periods. I see no problem with gun carrying citizens. Might make for a more polite society. And what better way to curb crime than to have a criminal ask, “Who might be packing?”
Also, Zach has the right idea—let us remember Emily Jane Hilscher, Ryan Christopher “Stack” Clark, Ross Abdallah Alameddine, Brian Bluhm, Austin Cloyd, Matthew Gregory Gwaltney, Caitlin Hammaren, Jeremy Herbstritt, Rachael Elizabeth Hill, Matthew Joseph La Porte, Jarrett Lane, Henry J. Lee, Partahi Mamora Halomoan Lumbantoruan (died protecting a fellow student), Lauren Ashley McCain, Daniel Patrick O'Neil, Juan Ramón Ortiz, Minal Hiralal Panchal, Daniel Pérez Cueva, Erin Peterson, Michael Steven Pohle, Jr., Julia Pryde, Mary Karen Read, Reema Joseph Samaha, Waleed Mohamed Shaalan (died protecting a fellow student), Leslie Geraldine Sherman, Maxine Shelly Turner, Nicole Regina White, Christopher James Bishop, Jocelyne Couture-Nowak (died while saving the students in her class), Kevin Granata, G. V. Loganathan and Liviu Librescu (died while saving students in his class).
Tuesday, April 24, 2007
Polyglut
In particular, it seems that I often want a program to do 6 different things, and the best way to do 1 and 2 seems to be Lisp, 3 and 4 is in C, 5 is in Prolog, and 6 seems to be assembly language. I've given up on the QuestForThePerfect Language—why can't I just PickTheRightToolFor TheJob for each part, then glom together all the pieces?
I touched briefly on this topic a few months ago but went off into a different direction. It wasn't until a few days ago when reading The New UCI Lisp Manual (I enjoy reading old software manuals) which had a section on calling PDP-10 assembly langauge from Lisp (and vice-versa) that I recalled the above snippet and found myself once again with the thought of Where did we go wrong? Why can't we do this?
As I wrote then:
The module header contains a value specifying the language type, with values defined for data only, 6809 machine code, BASIC09-I-code, Pascal I- code and COBOL I-code. In theory then, you can construct, say, a pay roll system using a Fortran compiler to generate the math routines into 6809 code, COBOL to generate the business rules, and allow extentions to be written in BASIC. The language type is probably there for two reasons; 1) to know how to run the module, and 2) to figure out what parameter passing conventions to use (if there are any differences between the languages).
An even longer entry to scare away the new readers
It really just comes down to calling conventions and making small enough pieces to link together.
Okay, so maybe it's not that simple. I'm having a hard time seeing how one would mix, say, Perl (with wealth of modules), Ruby (for easy integration with the World Wide Web) and Lisp (hey, if it's good enough for Yahoo Stores, then why not—it certainly beats using COBOL for business logic) into a single coherent program.
But even just thinking about that I can see why it might not be such a good idea after all—the three languages I mentioned are interpreted (even if it's “compiled” into an internal representation, it's just “compiled” into a form that's easier to interpret) with their own internal structure, and each are garbage collected (which means, memory is reclaimed automatically) but it's a safe bet that memory allocated by a Ruby routine can't be freed by a Perl routine (or Bad Things™ may happen), which is why it's not that simple.
Wednesday, April 25, 2007
Polyglut redux
- From
- "Jeff Cuscutis" <XXXXXXXXXXXXXXXXXXXXXXX>
- To
- "Sean Conner" <sean@conman.org>
- Subject
- Re: Polyglut
- Date
- Wed, 25 Apr 2007 11:42:21 -0400
.net
does what you're looking for. You use the language you want or implement your own, (Ruby, Python, managed C++, C#, VB (just kidding!), etc …)—it compiles to an intermediate language, then is run as x86 machine instructions. All.net
classes/objects are understood by any net language. Yes, there is garbage collection, I myself an not entirely comfortable with that, but their implementation is supposed to pretty good. It is cross platform (Mono) at least for web stuff, winforms support is in progress.Write in what language you want, and know that any other language will be able to call your object with no problems.
Pretty cool, even if it is from Microsoft. :)
Jeff
Well … when you modify scripting languages to target a common internal
representation (IronPython Python
for .net
and Ruby for
.net
for example) then it comes back to calling conventions
and piecing it all together (heck, you can even get Lisp for .net
and COBOL
for .net
so you could probably do a mixed language
application under .net
).
And yes, pretty cool, even if it is from Microsoft.
Thursday, April 26, 2007
Rethinking computer security
I came across this Google Tech Talk about computer security given by Rik Farrow wherein his thesis is that we need to rethink what we're trying to accomplish.
One thought struck me during the discussion on buffer overflow attacks—the Motorola 6809 had two stack pointers, one used by the CPU itself to store return addresses, but another one that I always assumed was supposed to be used solely for parameter passing. So instead of passing parameters on the default stack like, say, the 8086:
MSG.1 DB '%s',0 MSG.2 DB 'Hello world',13,10,0 ... MOV AX,OFFSET MSG.1 PUSH AX ; save on SP MOV AX,OFFSET MSG.2 PUSH AX ; save on SP CALL _printf ; return address also on SP
where everything gets pushed onto one stack and you run the risk of overwriting the return address, on the 6809, use the other stack for parameters:
MSG.1 FCS '%s',0 MSG.2 FCS 'Hello world',13,10,0 ... LDX #MSG.2 PSHU X * push onto the User stack LDX #MSG.1 PSHU X * push onto the User stack JSR _printf * return address on System stack
Using a separate stack means you only overwrite program data, not
critical system information (especially important when arrays are defined on
the stack). But, in reading about some of the ways that buffer overwrites
can be exploited, this may not foil every attack. But it's a
start, and modern CPUs
certainly have enough registers to have a separate parameter stack (although
in reading interviews with the 6809 designers, it seems the
user stack register was meant to construct stack frames on a single stack,
much like the x86's use of the SP
and BP
registers).
That also reminded me of the Intel 432, which treated everything as an object with set memory limits, so gaining a buffer overwrite exploit on a 432-based system would be exceedingly difficult indeed (too bad it died—it's an interesting chip).
But the basic thrust of the talk was that our computer security models
are severely outdated and come from a time when a single computer was shared
among several people, whereas today, we have a single user shared among
computers (or at the very least, a single user per system, and in this talk,
he considered something like Apache as a user) using software (say,
certain email clients) that accepts code from Lord knows where (say, evil
spammers) and simply executes it (because it goes out of its way to
press execute the oh so shiny button code). We need
to rethink what we want from computer security.
Friday, April 27, 2007
A journalistic call
- From
- "Malernee, Jamie" <XXXXXXXXXXXXXXXXXXXXXXXXXX>
- To
- <sean@conman.org>
- Subject
- vintage computer collecting
- Date
- Fri, 27 Apr 2007 10:35:25 -0500
Hi,
I'm a writer from the South Florida Sun-Sentinel working on an article about people who collect “vintage” computers as a hobby/passion. I contacted Jay West with Classiccmp.org and asked if he knew any collectors in my area. Your name came up. I would be interested in interviewing you. If you are interested, could you please forward me a phone number and a good time to call. I usually work Mon-Fri, from 9/10 a.m. to 6/7 p.m. Please include your name, age and the city you live in.
Thanks,
Jamie Malernee
Staff Writer
South Florida Sun-Sentinel
(954) XXXXXXXX
200 E. Las Olas Blvd.
Fort Lauderdale, FL 33301
I gave her my phone number, and earlier this evening she called and we spoke for about an hour about collecting old computers, but the odd thing is—I don't really collect old computers any more, as I lack the space and the funds for running the darned things (Lake Worthless Utilties charges a premium in reselling FPL). I still like old computers, but nowadays I prefer the history of computers, and looking through old software (computer languages and operating systems especially) but that isn't really collecting computers.
She asked if I knew anyone else who collected old computers and if so, could I pass them along to her so she could interview more than one person who lives in the area and collects computers (the sad thing is—on the Classic Computer Mailing List, I'm one of only three Floridians, and the only one in South Florida), so if there's anyone else who collects older computers and lives in South Florida, let me know, and I can pass on Jamie's contact information.
Saturday, April 28, 2007
This Film Is Not Yet Rated
Who is Arleen Bates, and why should you care?
Because she has more influence over what you see and don't see at the films than just about everyone else in Hollywood (with the exception of Anthony Hey, Scott Young, Joann Yatabe, Matt Ioakimedes, Barry Freeman, Joan Worden, Howard Fridkin and Kori Jones).
Why?
Because she's a member of the Motion Picture Association of America Film Rating System, which, until the documentary This Film Is Not Yet Rated, had anonymous members, and (again, until the documentary) whose appeals board were also anonymous.
It's an interesting documentary. The MPAA Film Ratings Board, started in 1968, has always had guidelines for each rating, but no hard, fast rules in place for what is and isn't allowed. Normally, this isn't bad—it allows the guidelines to breath and change with the times, but when the decisions are arbitrary, and feedback to the filmmakers non-existant and appeals cannot use other films' ratings in the appeal, and the members of both boards are anonymous, then it's little more than a Star Chamber.
Basically, the MPAA Film Ratings Board is not transparent.
And because it's not transparent, a filmmaker is at the mercy of the board (which, according to the documentary, whose members don't even fit the profile of the Film Ratings Board) who give no usable feedback to the film maker. The whole process seems reminiscent of the following bit from Amadeus:
- Emperor Joseph II
- Too many notes.
- Mozart
- I don't understand. There are just as many notes, Majesty, as I require. Neither more nor less.
- Emperor Joseph II
- My dear fellow, there are only so many notes the ear can hear in the course of an evening. I think I'm right in saying that, aren't I, Court Composer?
- Salieri
- Yes. Yes, on the whole, yes, Your Majesty.
- Mozart
- This is absurd.
- Emperor Joseph II
- My dear young man, don't take it too hard. Your work is ingenious. It's quality work. And there are simply too many notes, that's all. Just cut a few and it will be perfect.
- Mozart
- Which few did you have in mind, Majesty?
So, the documentary's directory, Kirby Dick, hired a private detective to penetrate the secrecy of the Film Ratings Board, and then submitted the documentary to the Films Ratings Board—it earned an NC-17 for “some graphic sexual content” but did not elaborate further. The appeal was overturned in a unanimous 10-0 vote (or maybe it was a 12-0 vote, it's not clear if two members of the appeal board are voting members). The MPAA was also caught making an illegal copy of the documentary (although that bit is in the deleted scenes section of the DVD and not in the film proper).
The ratings though, are purely voluntary, but in the same way that Microsoft Windows is voluntary—the entire industry is built around using it, and if you buck the trend, you severely limit the audience you have.
It's scary to think just how capricious the Film Ratings Board really is.
This documentary? If you like films in general, this film is a real eye opener in how films are rated.
Sunday, April 29, 2007
“Party all the time!”
Nothing much happened today, except that Spring, Wlofie and I went to Spring's cow-orker's girlfriend's birthday party (which is not quite as bad as when my Mom's aunt went to her (the aunt's) son's ex-wife's husband's birthday party … in another state!).
It was a typical party—much alcohol, grilling, and grilling with alcohol with flames 10′ high followed by much cheering and more “do it again, this time use more!” No one was hurt (as far as my knowledge goes, but I'm sure there was much hurt the following morning) and a good time was had by all (sorry, no pictures—they were either too dark, too blurry, or too good as blackmail material).
Monday, April 30, 2007
Damned if you do, damned if you don't
I came across this article about CFLs perhaps being worse for the environment than the traditional incandescent bulbs:
It's quite odd that environmentalists have embraced the CFL, which cannot now and will not in the foreseeable future be made without mercury. Given that there are about five billion light bulb sockets in North American households, we're looking at the possibility of creating billions of hazardous waste sites such as the Bridges' bedroom.
Usually, environmentalists want hazardous materials out of, not in, our homes. These are the same people who go berserk at the thought of mercury being emitted from power plants and the presence of mercury in seafood. Environmentalists have whipped up so much fear of mercury among the public that many local governments have even launched mercury thermometer exchange programs.
Via Flutterby, The CFL mercury nightmare
and was greatly amused at the unintended consequences of attempting to be enviromentally sound.
Then I came across some additional information about mercury filled CFLs at Instapundit and maybe, just maybe, things aren't quite as bad as they seem.
Personally, I almost wish it were true, just to see the environmental greenies get their panties in a wad and try to spin this (and yes, I'm bad that way).
“Stop all this violence or I shall be forced to kill you!”
- From
- Rob XXXXXXXXXXXXXXXXXXX
- To
- sean@conman.org
- Subject
- need something to blog about?
- Date
- Mon, 30 Apr 2007 14:36:46 -0400
In case you need something to blog about, check out this new bill being proposed for congress:
http://thomas.loc.gov/cgi-bin/query/z?c110:H.R.808:
Have fun with this one. Department of Peace and Nonviolence indeed.
Of course it's author is the same guy who just proposed a new bill to ban all handguns.
I actually came across this a few weeks ago and thought about blogging it then, but then came to my senses and realized that this has no way of ever passing both Houses and the President's desk.
Well, until the Democrats have a super majority over both Houses anyway (or both Houses and the Presidency).
Then again … given President Bush's lack of vetos …
Naahhhhh. This won't pass. This is too silly, even for us.