Friday, December 30, 2011

Resisting the Monopolies, Unsuccessfully

I've had occasion to be unhappy with both Google and Amazon lately, and one difference is that Amazon has employees that work in customer service, though it seems they become dysfunctional as soon as one says 'Linux.' Google, though they have no customer service personnel, does understand Linux well.

It is unfair, of course, to say that Google lacks customer service. The fact of the matter is that, though I send them a little money every year to store more stuff on their servers, Google does not view me as a customer. The advertisers and marketeers are Google's customers.

But first, Amazon, since that's a quicker issue. Overall I love Amazon. If I can buy it at Amazon (or Zappos, or LL Bean), I tend not to shop. I love my Kindle. The last time I moved the price was a fixed price plus something like $0.50 per pound. Kindle books weigh much less and fit well into carry-on.

I also used to like local bookstores. I still like Barnes & Noble, but their locations are inconvenient, and indeed have been inconvenient to every place I've ever lived. By and large, local bookstores are gone. There are none that I'm aware of in or near Catonsville. I blame Amazon. I blame myself and people like me. I blame the states for not collecting sales tax on online purchases.

I've just started another round of Amazon doesn't care about Linux-based customers, or doesn't care enough to provide a working MP3 downloader. First, why make us use a downloader? Why not just use open web protocols? Users have perfectly usable web browsers. Second, why not let us use clamz. I can sometimes download an MP3 album using clamz, and sometimes not. Sometimes it works without a hitch, and sometimes the Amazon web page holds me hostage until I either cancel the order or download a non-functional Amazon-provided downloader, one that would have been perfectly appropriate a few years ago on a Linux of the era.

Of course, the Linux community shares some of the blame for that, by not providing backward compatibility. As Henry Spencer reputedly said, those that don't understand Unix (e.g., the Ubuntu folks) are doomed to re-implement it, poorly. Why exactly can I not install a program on a current Linux that worked fine a couple releases ago? I know I can play games and force it to install, but there's nothing interesting about that and it's not a constructive use of time.

So, now I've taken a step away from the monopoly and downloaded an album from cduniverse.com, a completely satisfactory experience. However, their descriptions are less complete than Amazon's, and their prices seem higher. In other markets, the monopolist, e.g., Microsoft, produces low-quality products at high prices. In this market, Amazon doesn't care about fringe customers.

Google has made me reconsider my reliance upon them by screwing up their user interfaces across the board. Okay, Google Translate, formerly Google Language Tools, has improved, and maybe other things have as well in ways I have not noticed. How reliant upon Google am I?

  • Gmail
  • Chrome
  • Blogger.com
  • Picasa
  • search
  • reader
  • calendar
  • documents
  • maps
  • YouTube
  • alerts
I would certainly miss them if they were gone. To avoid Gmail's terrible interface, once Google stops nagging me about switching to the the new interface and tries to ram it down my throat, I may go back to an e-mail client, like Thunderbird.


For search I have been using DuckDuckGo fairly regularly, and mostly like it. What I don't like it that it seems Wikipedia is almost always the first result. Why start with something that's unlikely to be very good?

I could abandon Blogger and go back to LiveJournal or some such.

I could go back to a mix of Firefox and Opera rather than my current mix of Firefox and Chrome, but I find that Chrome works better at the financial and e-commerce web sites than any other browser, though it's been a few releases since I've tried using Firefox to pay a bill.

If Picasa's UI doesn't degrade much from it's current state, I prefer to stay there since I don't know of any other similarly-useful photo site. Maybe I could adjust to photo streams, but for most of what I do, albums are a better fit. Yahoo? Who else?

Reader is very convenient, but I could start using RSS more directly. That's inconvenient, though, which I guess is Google's point.

Not Bothering to Write a Letter to the Editor

This month's Communications of the ACM (12/2011) has a one-page article dedicated to Dennis Ritchie, and almost 7 pages to Steve Jobs, even though Ritchie was much more influential within CS, which is the CACM readership, than was Jobs. Over the entire computing industry, I would say that Ritchie had more impact as well: C, Unix, Turing Award, Hamming Medal, etc. Jobs, in comparison, was a marketing dweeb.

Thursday, December 29, 2011

Zeitgeist, Linux Spyware, the Last Word (for now)

To disable zeitgeist since it's hard to remove without damaging other system components, follow these steps (I've done these things but will take a few days to convince myself the monitoring has stopped and nothing else broke):

First kill any zeitgeist process that's running (ps -ef | grep zeitg should display any instances).

Then, from SilverWav:

# Delete previous logging.
rm ~/.local/share/zeitgeist/activity.sqlite

# Render Zeitgeist illiterate - cannot read or write
chmod -rw ~/.local/share/zeitgeist/activity.sqlite*

SilverWav also recommends running zeitgeist-daemon --replace, but I do not, since I just killed the damned thing. Note that SilverWav is talking about neutering zeitgeist on Ubuntu 11.10, so this hasn't infected Mint alone. One thing I did differently than SilverWav was to just delete the contents of activity.sqlite rather than deleting the file itself. 

The second order of business is to take zeitgeist out of the startup list. The startup seems messed up in Lint 12, since the startup list is pretty much empty (this is probably so neophytes won't disable things they need). Look at "Startup Applications" on the "Other" menu, which is a weird place to put it IMHO. To make the automatically started applications visible on the startup list, follow this suggestion from the Mint 12 Tips & Tricks Guide at linuxmint.com:

sudo sed -i 's/NoDisplay=true/NoDisplay=false/g' /etc/xdg/autostart/*.desktop

It might be worth having a look in that directory periodically for new applications or updates that surreptitiously add themselves to startup. Now the startup list should be fully-populated and you can get an idea of exactly how bloated Linux Mint 12 is. On my startup list, the last application was Zeitgeist Datahub. Uncheck the box next to it.

Package rhythmbox-plugins

It turns out that after removing rhythmbox-plugins, I lost keyboard control of play/pause. This is an inconvenience, so I looked into it a bit more. It appears the package contains:


- Cover art
 - Audio CD Player
 - Last.fm
 - Context Panel
 - DAAP Music Sharing
 - FM Radio
 - Portable Players
 - IM Status
 - Portable Players - iPod
 - Internet Radio
 - Jamendo
 - Song Lyrics
 - Magnatune Store
 - Media Player Keys
 - Portable Players - MTP
 - Power Manager
 - Python Console
 - LIRC
 - Status Icon
 - Visualization
 - Browser plugin to integrate Rhythmbox with itunes

In other words, it contains nothing important except "Media Player Keys". I attempted to re-install, and got this:

29:/home/bup> sudo apt-get install rhythmbox-plugins
[sudo] password for jdm: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  gir1.2-rb-3.0 libdmapsharing-3.0-2 python-mako python-markupsafe
  zeitgeist-core
Suggested packages:
  python-beaker python-mako-doc zeitgeist-datahub
The following NEW packages will be installed:
  gir1.2-rb-3.0 libdmapsharing-3.0-2 python-mako python-markupsafe
  rhythmbox-plugins zeitgeist-core
0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
Need to get 264 kB/725 kB of archives.
After this operation, 4051 kB of additional disk space will be used.
Do you want to continue [Y/n]? n
Abort.

Why do I need zeitgeist to use the keyboard to control my audio player?

Zeitgeist: Spyware Delivered with Linux Mint12?

This afternoon I noticed something called zeitgeist in my top display, and was curious about what it is. I fired up the software manager, did a search for zeitgeist, and found this:

Zeitgeist is a service which logs the user's activities and events
(files opened, websites visited, conversations held with other people,
etc.) and makes the relevant information available to other
applications.


It serves as a comprehensive activity log and also makes it possible to
determine relationships between items based on usage patterns.


This metapackage depends on the Zeitgeist engine and a set of packages
(such as data providers) commonly used together with it.


http://zeitgeist-project.com/

In other words, spyware, or at least a framework to make life
comfortable for spyware. I visited the web site, and nothing there
seemed to suggest the contrary. So,

apt-get remove zeitgeist libzeitgeist-1.0.1 zeitgeist-extension-fts zeitgeist-core zeitgeist-datahub

Apt also wanted to remove rhythmbox-plugins and a couple other bogus
things. I decided to go ahead and try life without rhythmbox-plugins,
assuming I can reinstall later if need be. It's a little creepy to think
someone, or even just something in my system, was tracking the music I
play and the podcasts I download.

Anonymous Strikes Again!

The New York Times is reporting this morning that Anonymous has attacked Special Forces, having taken, reportedly, "7,277 unique credit card numbers, 40,854 e-mail addresses and released 36,368 usernames and passwords."

I expect a strong, futile reaction calling for legal action, but ideally commercial web sites would begin to take security seriously. In a sense, these organizations are providing an attractive nuisance: leave the gate open, and kids will jump in the pool. Just close the frigging gate.

People want the simplest solution, and often the simplest solution doesn't work. Going after hackers perhaps has an effect, but hackers are a renewable resource. Prosecuting hackers doesn't have a measurable effect. Prohibition similarly perhaps had an effect on the amount of alcohol consumed, but it also served to fund organized crime. We are repeating the prohibition mistake with other drugs now. If we were to legalize, treat, and tax, we could mitigate multiple national problems while at the same time destroying less of Latin America. Going after the dealers rather than dealing with the problem is essentially supply-side thinking. And it works no better than supply-side economics.

Monday, December 12, 2011

Learned Something Tonight

I had just downloaded a statement from my bank, and it had the useless extension .asp on it, which I changed to .pdf since the bank said it was a PDF. Wanting a quicker way to verify that it was indeed a PDF than loading it into a document viewer, I pointed emacs at it. Instead of displaying a screen that starts with something like

%PDF-1,4

which is what the file indeed did start with, it complained that it couldn't render the file and asked if I wanted to view text extracted from it. The extracted text didn't include the first line, so I was at square zero. It only took a moment to get around this new emacs "feature," now a default in emacs23 which is the Mint 12/Ubuntu 11.10 default emacs version, but, in the interest of saving time in the future, I decided to disable the feature, docview-mode.

But that's not what this entry is about. While searching for a solution, Duck Duck Go led me to The Universe of Discourse, which is apparently not where I live, and the following description of my life:
Yesterday I upgraded Emacs, and since it was an upgrade, something that had been working for me for fifteen years stopped working, because that's what "upgrade" means.

I've been in this field for over 3 decades, and even though I am fully aware that backward compatibility is often not a consideration, I have not yet internalized the fact that upgrades necessarily lead to broken systems. However, this is consistent with my recent experiences, especially with Ubuntu and Gnome.

Friday, December 9, 2011

Google Chrome on Linux Mint 12

<Addition of December 23>
The below assumes the reader has just downloaded the .deb from Google. This is the file referred to below.
<End December 23 addition>


With my fresh Linux Mint 12 install, I was unable to simply click on the file, type my password, and see it install (yes, I can be lazy). The workaround is well-explained here: http://www.noobslab.com/2011/07/install-google-chrome-on-ubuntu-or.html

For 32b Mint, the drill was:

sudo dpkg -i google-chrome-stable_current_i386.deb
sudo apt-get -f install


For 64b Mint, replace 'i386' above with 'amd64'. Of course, either way, use the actual name of the file you downloaded.

Alan Grayson Gets My Vote

Adiós Ubuntu, Hola Linux Mint 12

Today I got rid of my penultimate Ubuntu installation--Ubuntu completely abandoned usability and customization in favor of perceived glitz. I do, however, still have an old Dell laptop (bought at the end of 2005) running Ubuntu 10.4. Support for that drops in April, so some time around then I will likely do a fresh Mint install (and maybe insert a larger hard drive). For now I'm leaving well enough alone. I've thought about replacing this machine, but don't really need to, and so now I'm going to nurse as many years out of it as my primary portable as I can.

I have a Samsung netbook with 1MB RAM; it was running XP, but now it's Mint 12/Mate dual boot with XP. I plan to use it to play around with OpenBox. Also, it's getting a little old, was never expensive to begin with, and has  no files to speak of, so I feel comfortable travelling internationally with it and occasionally leaving it momentarily unattended in a classroom.

My main desktop at home is running Mint 11. This was because the machine would not automatically hibernate with Ubuntu 11.04, so I "upgraded" to Ubuntu 11.10, had a terrible experience--Ubuntu offers a number of user interfaces with 11.10, all of them bad. So, in time I performed what turned out to be an actual an upgrade, to Mint 11. This was amazingly trouble-free and very easy to configure--Mint made a great first impression on me. I'll probably upgrade this to Mint 12 sometime after finals.

My desktop at work would not wake up from hibernate with Ubuntu 11.04 (sense a familiar theme?), so I "upgraded" that to Ubuntu 11.10, hated Unity, hated Gnome 3, and lived with XFCE for a few weeks. XFCE is really clunky and, with Ubuntu 11.10, even with XFCE and as much junk as possible disabled and uninstalled, was very, very slow. This may have been an Ubuntu issue, or an XFCE issue. No matter; as of this afternoon the machine is running Mint 12 with Mate, and seems to be performing fine. The university gave me this machine in '06, and it has just 2GB RAM and is dual core, which seemed sweet then, but pedestrian now. Still, it should be plenty for software development and document typesetting. Anyhow, with Mate and Mint 12, things seem okay.

I'm in the process of removing a bunch of garbage as both Mint and Ubuntu seem to have this philosophy that bloat is good. I'll detail that later. Of course I have to install a lot of stuff as well, which I have started with tcsh, emacs, LaTeX, and GHC being first. Then Google Chrome, which wasn't as easy as I'd hoped. Details soon.

Monday, December 5, 2011

Gmail's New Interface: Stupider than I Originally Thought

As bad as I originally thought Gmail's new interface is, it's worse. They have hidden the 'choose font' button behind a T. Sure, T stands for font. I get it. This is what it looks like:

The T between the underline and the font size selector is for choosing font. Blogger, and every other GUI I use, uses a stylized F for font. Perhaps Google thinks it's powerful enough to change the word from 'font' to 'tont.'

This is just more evidence that Google's new interfaces for Docs, Gmail, etc., are not well thought-out and are simply change for the sake of change. Overall, replacing words with obscure pictographs and then using letters that have no apparent relation to their function are slaps in the faces the user community.

Saturday, December 3, 2011

Art is to Truth as Mathematics is to Beauty

Art is to Truth as Mathematics is to Beauty
I don't think that statement is original to me, but googling it provided no source. But it should be out here, whatever its origin.

Sunday, November 27, 2011

Firefox Add-Ons in Mint 11

I had two add-ons in Firefox 8 that I was able to disable, but not to remove. There was no remove button next to either add-on in the add-on manager. These were Stylish 1.0.2 and the Unity global menubar extension. I have neither run nor installed Unity since my latest fresh install, and so that was puzzling. Actually, both were puzzling, since I never installed either. Someone's been messing with Firefox. Anyhow, this will fix both:

sudo apt-get remove mint-stylish-addon firefox-globalmenu

Tuesday, November 22, 2011

New Gmail Interface Sucks

Have a gander at what Google is about to inflict upon its user community:



  • At the left center is a left arrow. That, from within a message, indicates return to the containing folder. This isn't new, and is fairly intuitive.
  • Next is a box with a plus sign in the middle. We're supposed  to magically intuit that this means archive. Yup, much clearer than using the word "Archive.".
  • Then we have a circle (very close inspection makes it out to be an octagon) with an exclamation in it. I don't know about you, but I don't find spam exciting, so never in a million years would I have guessed that this button marks the message as spam. Certainly is clearer and more intuitive than the current button labeled "Spam."
  • Next over is a trash can. Fine.
  • This is followed by a shape vaguely similar to a manilla file folder. Much clearer than the current button labeled "Move To."
  • This is followed by, maybe, a luggage tag, which is supposed to represent "Labels."
  • Not shown in the above screenshot the right and left arrow buttons, retained from the prior interface, which move to the previous and next message. Which goes to previous and which to next? Hell if I know--I always guess wrong the first time. Yes, a bad interface feature from the prior Gmail version retained for the next Gmail version.
So Google is screwing up Gmail just like they screwed up docs, though maybe not as bad as they are screwing up the Blogger interface. There's an airhead in a video explaining why they are doing this, but it all comes down to "some illiterate moron thinks pictures are cooler than words."

Sunday, November 20, 2011

Assault at UC-Davis

So, when a police office assaults a group of students, who do you call? The police? The campus police, maybe? I am very impressed with the students in this video. They stayed peaceful in the face of intense provocation and the chant at the end, "You can go" was excellent.



[ Note added at 19:05: at least some of those policemen were campus police. From the NPR story:

Still, what happened Friday on the campus of the University of California Davis has struck a chord. In a demonstration of support for the Occupy movement, a small group of protesters was sitting, arms linked together. Campus police told them to move. The students didn't. And that's when an officer walked down the line of seated men and women, pepper-spraying them. Some took it straight in their faces. Many of the several hundred others who were there screamed in terror and frustration.
]

Saturday, November 19, 2011

Linux Mint 11

This is a new experience for me: I've been using Linux Mint 11 for a week now, and I can't think of any bugs I've noticed. Every new version of Ubuntu brings new bugs as they attempt to make Ubuntu more like Windows, though now they seem to want to make Ubuntu more like a smart phone. Dumb. I'm sure there have been some bugs with Mint11, but so insubstantial as to be ignorable. Unlike Ubuntu, everything works out of the box.

Okay, here's a bug, but it's something Ubuntu long-ago conditioned me to ignore. Here's an instance:
Gtk-WARNING **: Locale not supported by C library.
Using the fallback 'C' locale.
This with a fresh install. I guess this is what Mint gets for basing itself upon Ubuntu.

I abandoned Ubuntu due to the Ubuntu Unity garbage and the almost equally unusable Gnome 3. I tried XFCE for awhile, but so many things just didn't quite work that it was not worth my while. Importantly, it appears Linux Mint will put a shell over Gnome 3 in an attempt to keep it usable; see http://lxnews.org/2011/11/07/the-future-of-linux-mint/ . I'm counting on this; otherwise it might soon be time to abandon Linux.

Okay, photo transfer from my digital camera is exceedingly slow with Mint, but it didn't work at all with Ubuntu 11.10, so I can live with this (by using a Windows 7 laptop).

It's amusing that I dump Ubuntu when they, for the first time, pick a distribution name worth remembering, "Onerous Ocelot."

Wednesday, November 2, 2011

Enough Already

I have been trying to decide which professional membership to drop, ACM or IEEE-CS. CACM and Computer are, IMHO, of roughly equivalent high quality. It looks as though there are two deciding factors. One is the terrible job IEEE has done placing Spectrum online; they are using qmags.com, who are not content with PDFs, but feel the need to litter the PDFs with navigation controls and other garbage. Why put navigational controls in a document that is viewed in a viewer with fine navigational controls? QMags' garbage is impossible to transfer to a Kindle, making it useless to me as an electronic format. The other is that ACM Computing Surveys remains excellent, and IEEE has nothing comparable.

Further, today I read "Living in a Digital World" by Samuel Greengard, 10/2011 CACM (http://cacm.acm.org/magazines/2011/10/131393-living-in-a-digital-world/fulltext). It reminded me of the excellent idea of the digital sabbath and of the nice work done by Nicholas Carr in The Shallows: What the Internet Is Doing to Our Brains (Norton, 2010). The technology surrounding us is dehumanizing and reducing our ability to function, and we need the scientific and engineering communities to continue to remind themselves of this.

ACM 2, IEEE-CS, -1

Google Hates Us

First Google Docs. Now Gmail. Google is trying to push us to unattractive interfaces with the idea that we are basically illiterate, unable to deal with words on the screen, and hoping to switch to obscure pictographs. Gmail's new interface is ugly, with little contrast between the foreground letters and the backgrounds, it spaces things out so that screen real estate is used poorly, it forces us into greater use of frames meaning that the arrow and page up/down keys are less useful, and, other than that, I don't like it.

Friday, October 28, 2011

Google Language Tools Improved

I like a couple of the new features of Google Language tools:


So what does 'Canada' mean?

First note the Spanish keyboard. Nice--this makes it much easier to type Spanish.
Now notice the tabs at the tops of the text areas, allowing one to quickly change the translate from and translate to languages. And the languages are easily changed. Nice.

Also worth noting is that they now support Latin, which was not the case not too long ago. Google is about search, and to a large degree search is about language, so the work'they're putting into this shouldn't be a surprise.

Wednesday, October 26, 2011

Names, Damned Names, and Ubuntu

I recently upgraded(?) to Ubuntu 11.10 and I know that, like every version of Ubuntu, it's named after an animal (oneiric ocelot in this case). Why? Version numbers are natural and easy to use. I never bother to learn the dumb critter names.

Xfce Main Menu

For whatever reason the Xfce 4.8 folks have decided to bundle a mail reader and web browser with their environment. It is not possible so far as I can tell to remove the mail reader via apt (this is Ubuntu 11.10) since it is part of a larger package including useful stuff like the xterm substitute and Thunar, and the regular menu editing stuff didn't seem to see the top few things on the main menu, so I needed a kludgier way. Pointing emacs at /etc/xdg/menus/xfce-applications.menu and within the Layout tag, deleting the lines for exo-terminal-emulator.desktop, exo-mail-reader.desktop, and exo-web-browser.desktop cleaned up the main menu nicely.

Also to clean things up I removed the run widget. Why do I need a special widget to run a program? I almost always have multiple command lines open.

The crucial hints were at http://wiki.xfce.org/howto/customize-menu

Friday, October 21, 2011

2011 CCSC-E Marymount University

Last week I attended CCSC-E 2011 at Marymount University in Alexandria, VA. The location was great, and the venue was very good. The conference was also very good.

One of the highlights was proximity to the Ballston Metro stop. Admittedly the DC Metro System isn't what it used to be, a darker, dingier, smellier, noisier shadow of its past self. Maybe a sense of community will return to this country someday and people will realize that Oliver Wendell Holmes, Jr., was right when he said taxes are the price of civilization. Anyhow, the first day I drove just a few miles to the Halethorpe MARC station and caught a train to DC. Saturday I drove down to the Greenbelt Metro Station.

But at the conference itself, there were three highlights:
  1. "Going Green with Computing" with panelists Tom Camerlinck, CIO, Greenpeace; Dave Deal, CEO, Community IT Innovations, Inc.; and Jeff Porter, IT Infrastructure Director, Fairfax County, VA. This is an area of growing importance with quite a few organizations, including Google, taking it seriously. For many organizations, the point is to save money and saving energy and materials will effectively do just that.
  2. A tutorial, "Introduction to Cryptography" from Seth Bergmann, Rowan University. I went to a similarly-title tutorial at CCSC Central Plains a few years ago, and both were good. I don''t know that I learned anything new about crypto here, but it's always good to attend these things to see material I sometimes teach well-presented by someone else.
  3. Finally, a workshop entitle "How To Deliver a Gentle Introduction to LR Parsing" by David Middleton from Arkansas Tech. Obviously in an IS department I won't be teaching compilers any time soon, but it is an interesting topic and was well-presented. Middleton and Larry Morell presented a workshop entitled "Applying compiling concepts throughout the computing curriculum" at CCSC Midsouth in 2003, which was very good (admission: Larry Morell was a CS prof at W&M when I was an M.S. student there). I think those of us who stayed till the end came away with a better appreciation for LR parsing and a solid introduction to teaching LR. It was long for a late Saturday afternoon, but worth the time.
I enjoyed CCSC 2011 much more than the 2010 instantiation. In 2010 there was an interesting robotics and vision presentation by Grant Braught of Dickinson, but otherwise a fairly bare cupboard leaving me to wonder if CCSC was moving away from CS. Kudos to the 2011 committee and to Marymount University.

Maryland Charity Campaign

It appears that, except for the fact that they require Internet Explorer, the Maryland Charity Campaign is happy for anyone to sign anyone else up for deductions in any amount to any charity:


The restriction to Internet Explorer suggests that either Andar/360 Fundraising Software is done by a bunch amateur hacks, or they don't want donations from non-Windows users. Okay, I can contact the charities myself.

Saturday, October 15, 2011

Google Docs' New Look: What's the Point?

If Google Docs' new look added useful new functionality, such as allowing the user to see the size or modification time of a file, and not just the modification date, I would switch to it. But all it does is replace words with ideograms, which is a step backwards. Rather than just clicking on what one wants, the apparent mindset is that we would rather hover over controls seeing what the heck each is.

Sure, learning the obscure symbols will not take long, but why bother? There are very likely simple words for each of these controls in any language Google Docs supports, and most people using Google Docs can likely read simple words.

This is just a pointless step backwards.

Wednesday, October 12, 2011

"Free" Online Storage

A couple months ago I related my experiences with Google Documents and Windows Live Skydrive for online storage. Mostly my online storage is .tar.gz.cpt files (gzipped tar files fed through ccrypt); everything I put on the cloud with no intention of sharing is encrypted. The brief discussion is at http://martesmartes.blogspot.com/2011/08/skydrivewindows-live-or-google.html

Since then, I have used Amazon's Cloud Drive for this, and it works fine. Since I almost always have Gmail open, though, Google is a tad more convenient. Also, I think Google's commitment to cross-platform interoperability is stronger than Amazon's, so I feel slightly more confident that I'll always be able to access the Google cloud.

So the score is Google Great, Amazon Good, Microsoft Bad. Today I finally successfully logged into my Verizon account; it only took 13 months to get in. I use FiOS at home, but don't use Windows much, and in the past Verizon has required installation of software on the home client to use a supposedly-web account. So I've been s.o.l. But today I got a notice from Verizon on changes to its privacy policy, and I was actually able to log in through a link in that e-mail. It was not smooth, as at one point I received an error message saying my phone number was invalid (I have no Verizon phone), but a shrug got me past that.

Verizon provides users with 2GB of space, but I cannot see that since some script at mylibrary/members/logincheck.aspx goes into an infinite loop, repeatedly reloading the same useless-looking page. So, as bad as Skydrive is, I have to rate Verizon's service as worse.

Tuesday, October 11, 2011

The Powerpoint Manifesto

I highly recommend Richard Forno's The PowerPoint Manifesto to anyone who makes or attends presentations.

Saturday, October 8, 2011

IMDB Partly Fixes Missing "Favorite Theaters" Feature

With IMDB's new look, they got rid of the "My Theaters" page, replacing it with "Theaters Near You." My theatres has returned, but in an almost unusable format. They have a thumbnail movie poster with each film, which spreads things out enough that it is no longer possible to view multiple theatres at a time. Each theatre takes more than a screen page. Previously the display was multi-column with no graphics--a much more efficient use of space. Also, the theatre name font size is little different from the font used for the film name, which itself is smaller than the font used for the showtimes. So they make us scroll continuously to compare showings and show times, but make it difficult to scroll quickly because the font sizes give us no clue regarding what we're seeing.  Very bad--Google's page is much better:   http://www.google.com/movies

{Added 15 minutes after the above] Also, when clicking on a particular film, the link no longer leads to the movie page but rather to a brain-dead showtimes page, which, for movies not playing in the immediate Catonsville area says no showtimes found. So I click on a showtime only to be told there are no showtimes. It's then an extra click to get to the actual page for that movie.

This is what you get when web page design is done by bonobos.

Friday, October 7, 2011

Generating Portable PDF

Yes, that's right, the subject, expanded, says "generating portable portable document format."  I got a shock this week when a PDF I had generated on a Linux system using LibreOffice 3.3.4 would not display on either of two XP systems I tried to show it on. The first time was in class, when I thought I was going to display an example. The issue is that LibreOffice used a font that the Windows systems didn't have. I googled it and installed a font with almost the same name, but it made no difference. It turns out one can force PDF to live up to its name in LibreOffice by specifying PDF/A-1a in the PDF options. Thanks to someone at a blog I can't find right now [ Jean at http://www.taming-openoffice-org.com/newsite/?page_id=77 ] for pointing out to me that the settings are persistent, so when chosen once it is unnecessary to deal with it later.

The persistence seems like an inconsistency in LibreOffice: how are we to know there isn't a configuration option buried in the myriad of randomly-organized menus? How are to know the setting is persistent? It seems most are not.

To date I have encountered no portability problems with PDFs generated from LaTeX, dvips, and ps2pdf.

I Keep Leaving Truecrypt for Ccrypt

I recently bought a pair of Western Digital 1TB Passport USB drives. They seemed an ideal solution for backing up my personal system. The idea is to keep one in one location, the other in another location, and every couple of weeks do a complete backup to whichever one is least fresh. For me a complete backup, once gzipped, is about 170GB, and I thought it would be a good idea to place a 900GB Truecrypt container on each, and each container could contain several backups.

The WD drives were formatted ntfs, and so a 900GB file wasn't a problem. What was a problem was that, on both drives, with Ubuntu 11.4, the latest version of Truecrypt, Gnome instead of that Unity crap, I could not consistently copy a 170GB file to the Truecrypt container--it kept hanging.

The simple and reliable solution was to format the WD drives ext2, trashing the WD software that I couldn't imagine ever using, and then to do my backups to /tmp as .tgz.cpt, i.e., as gzipped tar encrypted using ccrypt. Then I could reliably copy the file to the WD drive.

BTW, with NTFS on Ubuntu, even with ntfstools installed, I never could change the label of an NTFS volume. But it was a three second job on a Windows 7 machine.

So I temporarily went back to Truecrypt, but returned to ccrypt begging forgiveness. A zombie process told me "It's too late to say you're sorry. How would I know? Why would I care?"

Tuesday, October 4, 2011

4-d Cables

There's an obviously true statement at the bottom of this image:

Cables have length, width, and height, and clearly can be rotated, implying that they must exist in time, a fourth dimension.Often the issue alluded to above can be alleviated by noticing the USB logo on the top of the male plug. However, almost as often, the female jack is mounted vertically, so all bets are off.

Genius, Absolute Genius

The line "if a tree fell in the forest and she didn't hear it, would I still be wrong?" is an excellent summary of why I'm divorced.

Probably the reason this song was around 7 years before I heard it is that it's now the one Vince Gill song I can name.

Gutless South African Government

http://www.nytimes.com/2011/10/05/world/asia/dalai-lama-cancels-south-africa-visit.html

Of course living in the can't do country, I have little room to talk.

Tuesday, September 27, 2011

Spamming, Phishing, Authentication, and Privacy: it's not 2004 Anymore

I was just reading the Inside Risks column in the December 2004 CACM, and was struck by the opening statement: "It isn't news to most readers that email is becoming almost unusable." This was largely because of spam and phishing.

Kids these days have no idea how good they have it [ insert emoticon ]. Spam and phishing are almost non-problems for me now that both my personal and work e-mail accounts are hosted by Google. Gmail's spam filtering is excellent and even on the off chance that I have a look at a spam message, Google is good about flagging e-mail as possible forgeries, possible phishing, etc. Just a year and a half ago thing were not so good, but that was largely because UMBC was hosting its own e-mail, and occasionally e-mail from legitimate UMBC users would be shuffled off to my spam folder by UMBC's spam filters.

There are two minor annoyances I still have with spam.
  1. One is that there are a number of putative conferences that apparently send to mailing lists harvested from academic web sites. These tend to be in south or east Asia, and fall into two categories: outside my interests, or not prominent enough that I've ever heard of them. It's not that they are necessarily bad conferences, but if they were any good, why not get the word out through legitimate channels?
  2. A former co-worker apparently shared his e-mail address book with a social networking site cum spammer [ yourfanbox.com ] that repeatedly reminds me that Tom U. wants to connect through that site. Or maybe someone broke into his account. Or possibly they are complete forgeries. Gmail categorizes them as spam, but still the first few times I saw the name of this former coworker, I looked at the e-mail. Of course, Gmail doesn't open remote images, so there should be no way for the spammer to know I looked.
Added 2011-10-13: the spam claims to be from yourfanbox.com, which claims to have offices at FanBox  113 West G St, STE 510, San Diego. There is a link to control future e-mails, but no way I'm visiting a spammer's web site. Not from my machine.

Tesla!

As a testament to the sorry state of science education in the US, a woman called in to the Diane Rehm Show Today, talked briefly to Jeremy Rifkin and Diane, and brought up the free energy source discovered by Tesla. No one pointed out to her that it doesn't work. She said she had recently read a book about it, which shouldn't be surprising since there are still creationists and people who believe global warming is a hoax, also in disappointingly large numbers in this country.

Suppose you do believe that Tesla discovered a source of free energy. Then explain this one thing:
Why isn't anyone getting rich selling energy from the device? Obviously there are scammers advertising generators in the hope that the naive and ignorant will buy them, but no one is attempting to sell electricity from one of these devices. Why not? Hint: it doesn't have anything to do with a big energy/government cover-up.

Saturday, September 24, 2011

Biodiesel From Wendy's

I visited the drive-through at the Wendy's on West Nursery last week, and there were sizable tanks labeled RTI visible through the window. These were most likely part of the biodiesel fuel stream from Restaurant Technology Incorporated: http://biodieselmagazine.com/articles/4414/waste-oil%27s--new-world
Way cool. And I thought there was nothing good about Wendy's All-Salt Fries.

Thursday, September 22, 2011

Ubuntu Unity: a Guide for the Perplexed

After a little time with Unity, I've decided it really is simple to work with. If you can figure out how to get to the command line (I had to Google it), start with the following two commands:

sudo apt-get install gnome  // kde is fine too
sudo apt-get remove unity

Log out, and then back in, and you should find a much more usable system.

Saturday, September 17, 2011

LinkedIn Privacy Issue

Look in your LinkedIn account settings. Under Groups, Companies, and Applications there are two data sharing options, Turn on/off data sharing with 3rd party applications and Manage settings for LinkedIn plugins on third-party sites. These were enabled in my configuration, so very likely LinkedIn has decided to treat all users, by default, with little respect. This is an opt-out intrusion. I suggest people opt out.

Wait, I'm on LinkedIn and I'm talking about privacy?

Thursday, September 15, 2011

Slash, Backslash, Whatever

Occasionally someone in the media will read a URL and say "backslash" for the path separator, which is obviously wrong. Tonight I was on the phone with a Discover Card operator, and she invited me to visit www.discovercard.com\giveaway. I told her she meant slash, not backslash. She assured me it was a backslash. So now we get to the whatever part of this posting. Discover.com is smart enough to replace backslashes in the path with slashes, so even if the operator gets it backwards, the customer gets to see the marketing materials.

Saturday, September 10, 2011

OpenOffice: Disabling Useless Annoying Popups

OpenOffice has this annoying feature that when the mouse pointer is over a table or a list a popup pops up to obscure what you're working on. Today I had two documents open in side-by-side windows and the table popup obscured the other window. Popups are easy to disable in web browsers, so why not in office tools?

How to: whenever one of these popups appears, look at View|Toolbars and uncheck the offending tool bar.

Thursday, September 8, 2011

USB Thumb Drive Energy Use

This morning, just before removing an old Imation 64MB thumb drive (the expendable one I take with me to class) I checked the run time left on my netbook's battery: 5:57. Then after removing the flash drive, on a whim, I checked the charge remaining: 6 hours even. So apparently the power taken by the device is small but nonzero. Off and on I've been a little curious about this because sometimes when I remove a thumb drive, the drive is very warm.

So, how much energy do thumb drives use? The Kingston web site and Amazon offer no help, but there is a paper that is very informative, "Power and Performance Characteristics of USB Flash Drives," Kyle O’Brien, David C. Salyers, Aaron D. Striegel, Christian Poellabauer, Department of Computer Science and Engineering, Notre Dame, IN 46556 USA. this apparently appeared in the 2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks, which is an IEEE venue. The paper is available from CiteSeer.

It makes sense that wireless folks would be interested in power consumption since so many wireless devices are battery-powered.

They looked at USB 1.1 and 2.0 devices from a variety of manufacturers and of a variety of sizes up to 4 GB. 4 GB is small now, but this was a few years ago.

USB 2.0 energy consumption was very interesting, with the idle consumption being over twice that of the USB 1.1 device (for a Patriot 4 GB device). If thumb drives are idle most of the time, then one can suppose that the USB 2.0 devices take twice as much power overall as compared to USB 1.1. The differences were approximately 22.4 mA for an idle USB 1.1 device as opposed to approximately 50.9 mA for a USB 2.0 device. The disparity between current required while writing was larger, almost 3:1, at 34 mA vs. 105 mA. Presumably the USB 2.0 device is writing faster so it may spend less time writing.

For a USB 1.1 Kingston 4 GB idle power was around 23 mA and power writing or reading was around 34 mA.

One can multiply all the mA numbers above by 5V to get mW, so even idle a thumb drive consumes a significant fraction of a watt. As a fraction of the power used by a typical PC, this is small, as one would expect.

A group in Vasser's Physics Department also studied this issue, with interesting results. They are not very specific about what hardware they are testing, though do note that they see little difference between different flash memories. Rather than measuring the amperage used by the flash drive itself, they measure the wattage used by the laptop to which the flash drive is attached.

It appears their laptop consumes about 11.7 W solo, or 13.4 W with a 4 GB flash drive plugged in, which seems low. I wonder if they were measuring the current from the wall socket or the current coming out of the power brick, which would be lower, or something else, like maybe power from the battery. I believe this is what they referred to as "the laptop at rest."

Though the power requirements for their laptop seem low, the extra power required by the thumb drive seems high. An extra 1.7 W? Are we to believe that the thumb drive tested burned 340 mW, which is much higher than the measurements provided by O'Brien, et al. One possible difference is the USB interface within the laptop. Perhaps the internal USB hub is in a low power state when nothing is plugged in.

Interestingly, as the thumb drive is unmounted, the power usage rises to around 20 W. The thumb drive will require additional power when write buffers are being flushed to it. Also, this would require the UI to be active (probably no screen dimming) and might bring the CPU briefly to full speed. I would be interested in the difference seen when ejecting a thumb drive if the CPU is already performing a compute-bound task.

Unsurprisingly, it took an extra fraction of a watt to play a file from hard drive as opposed to from their 4 GB flash drive. The flash drive has no moving parts. However, it's not clear whether the flash drive is plugged in when playing from disk.

Something else to look into: power consumption by SDHC cards as used in digital cameras. Battery life is important for digital cameras.

One caution: the numbers above all appear to be from a small sample of USB drives, which may or may not be representative.

I Applaud UPS

Here's a tracking summary from UPS:



My respect for UPS is increased, not because of the Incorrect routing at UPS facility, but because they openly admit it.

Tuesday, September 6, 2011

Gnome 2.32.1 Missing Scrollbars

Gnome 2.32.1, as delivered in Ubuntu 11.04, is missing full scrollbar functionality in some applications.  Instead of a scrollbar, on the right edge of the window is a small target that, when the mouse is over it, creates a dragging tool for scrolling up and down. This is okay so far as it goes, and does save some screen real estate, which is great. However, the ability to click within the scrollbar to move up or down a screenfull is gone.

I see nothing in the options to return full scrollbar functionality, and it is vexing that many applications do have regular scrollbars, and some, or at least Nautilus 2.32.2.1, do not. So how do we fix it. There was a brief discussion at superuser.com in which one person totally missed the point regarding why this is a problem and a couple suggestions were given, neither of which seemed complete. This is how I restored scrollbar functionality, based on the guidance at superuser:


        sudo apt-get remove overlay-scrollbar
        sudo apt-get autoremove --purge liboverlay-scrollbar-*
        sudo su
        echo "export LIBOVERLAY_SCROLLBAR=0" > /etc/X11/Xsession.d/80overlayscrollbars

People trying to do this will likely want to escape the asterisk in the second line. It is not clear to me whether one really needs the first line given the second, but this worked.

My remaining question is why would the Gnome team reduce the scrollbar functionality without providing users with a clear-cut way to revert to full scrollbar functionality? If some prefer this behavior, which seems reasonable, then there should be an option somewhere within Gnome or within individual applications.

Monday, August 29, 2011

I've Found Religion: Google Voice!

I take Spanish and occasionally other stuff at the local community college and have signed up for their alert system. I get the alerts in e-mail and to  my cell phone, which turns out to be inconvenient since, for example, this morning they called at 5:45 (this is voice, not text). By changing the number they have for me from my cell to my Google Voice number I am easily able to tell GVoice to send anything from their number directly to voice mail.  It worked this afternoon:


Ain't technology grand? As usual the audio is easier to decipher than the text, but they don't do that bad with the text: "done dot" is Dundalk, "s 6" is Essex, and "K this bill" is Catonsville.















Friday, August 26, 2011

Pointy-Headed Boss Loses Again!

I just saw a LinkedIn update where a boss and a worker disagreed on the utility of LinkedIn. The boss said he would give the employee $1 for each "like" he received. Here's the current tally:


So the boss owes over $16k and counting. I'm not sure what the number of "likes" has to do with the utility of LinkedIn, but it was amusing enough to click "like." I wonder how much Ben Lugavere will end up collecting.

Saturday, August 13, 2011

Mild Surprise: Deleted Picasa Photos Show up in Google Docs Trash

I was looking at my Google Docs trash and noticed a number of images. They appear to be images deleted from Picasa. Picasa's delete dialog still uses the term 'delete' rather than 'trash', but it no longer warns that the action is irreversible.

Chrome: Blocking HTML Referer [sic]

It's easy to block HTML referrers in  Firefox: visit about:config and set network.http.sendRefererHeader to zero.

It's easy to block referrers in Opera: Make sure "Send Referrer Information" is unchecked at Opera | Settings | Quick Preferences

So how about Chrome? The man page is incomplete, not saying how to do this.

Googling sent me to a a Chrome extension. I have no reason to trust the author of that extension, so I looked a little more.

The answer is, surprise, in the Chrome help forum,  http://www.google.com/support/forum/p/Chrome/thread?tid=63a866565ba8664f&hl=en

The thing is, I don't usually start Chrome from the command line, and I don't recommend doing so. If Chrome (or Firefox, or Evince, etc.) are given a command shell, they dump gobs of junk to, probably, stderr. So it's necessary to change the shortcut from which Chrome starts. Gnome instructions follow; Windows instructions, untested, are here. [ Note added 2012-09-10: I think the following is incorrect and that Firefox does require an extension to block referers. Bad Firefox, bad. Original text: I do not endorse their method of blocking referrers in Firefox, as it is simply not necessary to install an extension to do this. ]

In System | Preferences | Main Menu | Internet (your system may vary) right-click on Google Chrome. Add --no-referrers to the end of the command line. Kill Chrome. Restart Chrome through the updated shortcut.

On referrers: this is from a time when the Internet was a less dangerous place. I have trouble seeing how this was ever a good idea, but now it is simply an invasion of privacy. It isn't likely that any subsequent version of HTML will drop this, but it would be nice if browsers would default to not sending referrer information.

A note on the misspelling 'referer': the word was misspelled in RFC 1945 (!996 Berners-Lee, Fielding, Frystyk), which is a bit odd since they spelled 'referred' correctly. Wikipedia says the misspelling originated in a different document, by a different author. Fielding says that neither 'referer' nor 'referrer' were in the UNIX spell program at the time. I thought by 1990 everyone was using ispell or aspell; okay I never actually thought that. Paper dictionaries weren't available at the time? I'm just happy to not have my name as prominently associated with a dumb little mistake like this. Of course, it is just a dumb little mistake.

Saturday, August 6, 2011

Considering Dropping My ACM Membership

Over the past few weeks I have occasionally pondered whether I should let my ACM membership expire this fall. I would continue my IEEE-CS and CCSC memberships. I really like ACM Computing Surveys, but IEEE Computer is consistently more interesting than CACM, and by a wide margin. I was reminded of this today walking through the CS department and stumbling across the 3/1976 issue of the CACM on a table. Here is the beginning of the table of contents from that issue:


Yes, kiddies, once upon a time CACM published real research. Now it's mostly fluff, mostly not from CS departments. This change occurred around 1990 or thereabouts. At the time I had a brief dialog with Stu Zweben about this, and he said the change in focus from CS was in order to appeal to a wider audience. Stu was faculty at Ohio State, where I was a grad student, and soon thereafter he became ACM president. Around the same time a letter to the CACM forum  referred to the CACM as having become P.A.M., pabulum for all members. IMHO pabulum is a reasonable description, and a sticking point is that CACM is still required for ACM membership.

With the decline of the CACM, the ACM gradually ceased to provide a general overview of computing research. Fortunately, IEEE Computer continues to fill that niche. So I maintain my ACM membership to receive Computing Reviews and out of a likely outdated notion that a computer scientist should belong to the ACM. UMBC does not reimburse me for the membership, but it is tax deductible, and there is a sister-society discount for belonging to both the ACM and the IEEE-CS. Still I do not get much for my membership dollar from the ACM.

I will have to verify that it is still not possible to belong to the ACM and yet not receive CACM, and also to see if I can get Computing Surveys at a reasonable price (or electronically gratis as UMBC faculty) before making my final decision.

Quality of Research Publications

In the '90s when I was active in parallel computing (compilers, algorithms, architectures) I had the perception that the number of parallel computing publications was multiplying to fill the market, and the growth had little to do with the number of quality papers produced in the field. Maybe this was necessary for the increasing numbers of researchers seeking tenure, but I think it hurt the quality of research in the field.

It was hard to tell which tail was wagging what, but researchers "needed" more publication venues, and libraries and researchers "needed" to subscribe to more journals.

August 5 NPR's Science Friday, there was a pair of guests talking about retractions in science journals. An interesting comment one of them made was that with more publication venues, especially with the growth of online publications, the number of items to be reviewed is growing faster than the number of reviewers. This must impact quality in a negative fashion.

Friday, August 5, 2011

Skydrive/Windows Live or Google?

For the past month or so I've been using Microsoft's Skydrive to save files online for transfer among systems and off-site backup. I have a free gigabyte there. I've also been occasionally using Google Documents for this purpose. In each case, what I transfer is an encrypted compressed tarball, and I saw little difference in terms of performance or convenience.

Today I've decided to stop using Skydrive--it's too unreliable. Two of the last three times I've tried an upload (using Chrome from an Ubuntu box) the transfer to Skydrive has stalled. Each time, when giving it extra time, I've opened a tab and Windows Live informs me that if I leave the page the upload will be canceled. WTF? I was leaving that tab open and going somewhere else.

Until yesterday I would have said I like Skydrive, and that it's nowhere near as clunky as Outlook Live, which is very retro, and very limited in what it allows one to do. Now, I think I can say Microsoft online services are to be avoided.

Do these work better with IE on a Windows machine? Probably, but that defeats the purpose of a web-based service. Why might they work better with IE/Windows? Possibly ActiveX, and intrusive access to the PC.

Stupid Chrome Tricks

I'm using Chrome 14.0.835.15 dev on Ubuntu 10.04 LTS and I viewed a web page today, the bottom left of which looked like this:


Chrome wasn't rendering the ñ in enseñar correctly. However, I took this screen shot with the mouse pointer hovering over the link to enseñar.jpg, and at the bottom, it was rendering the word correctly. So Chrome halfway knew what encoding was in use. I went to Wrench|Tools|Encoding, and it claimed a UTF-8 encoding. Odd, this word should be rendered correctly with that encoding. I changed the encoding to ISO 8859-15, which was no better. Then I changed it back to UTF-8 since as default encodings go, that seems a good choice. Voila! The page was rendered correctly.

Apparently Chrome only said it was using UTF-8 initially, but after changing away from UTF-8 and then back, it suddenly really was using UTF-8.

Firefox 3.6.18 on the same system worked fine.

Another amusing thing is that Chrome on a Windows 7 system I occasionally use, when rendering the same page, says the original is in Afrikaans, and offers to translate it to English. Does Spanish look that much like Afrikaans?

Wednesday, July 27, 2011

Any Pluses for Plus? Minuses?

I've been on Google Plus for a few weeks now, and I don't see it as ever being worthwhile. Of course, I still don't see any reason to be on Facebook or Twitter. They all primarily waste time.

I'm not on the verge of deleting my Plus account, but I don't see any good reason not to.

Wednesday, July 20, 2011

Zombies, Firefox, Chrome, and all That

I've been noticing a lot of defunct or zombie evince processes lately and decided to take a couple minutes figuring out what's going on. In the Linux world, evince is a good PDF reader, certainly better than the one freely-available from Adobe. The problem isn't with evince: zombies cannot be held accountable.

All the zombies I had on my system this morning had one of two parent process IDs, that of Firefox (3.6.18) or that of Chrome (13.0.782.56 beta). When a process forks a child, it is supposed to wait() for the child. This can be done asynchronously, so it's little inconvenience for the parent process, and not much for the programmer of the parent process, if said programmer knows what he is doing. The child process, evince in my case, hangs around the process table as a zombie until the parent issues a wait(). This allows a parent process to keep track of the status of its children. Once the parent checks on the child, the child can go away.

Firefox and Chrome are apparently not checking on their children.

Saturday, July 16, 2011

State Farm Encourages Living Dangerously

State Farm is another company that is trying to get customers to ignore TLS (or SSL for my fellow old-timers) by encouraging customers to log in from an apparently insecure page:











The form action for password submission is https://online.statefarm.com/apps/sessionmgmt/LoginService.asp? and that very well may be secure, but the fact remains that they are training their users to submit insecurely.

Cell Phone Risks

Last month I posted a pointer to Michael Blastland's recent column on statistics regarding cell phone usage and cancer. Yesterday, XKCD also had a thoughtful treatment of cell phone risks:


Really, it doesn't seem so surprising to think that cancer may cause cell phones.

OCR in Linux: First Impression

Tonight I was cleaning up and found a couple C programs from 1987. These were on paper, and I've been scanning and then recycling paper lately, and considered doing that here. I didn't want to take the time to type the code, though the programs were short. They were interesting enough that I might want to play with them in the future--one logs a Unix user out, killing all his processes, and the other returns the file name part of a path (dropping the path string before and the file extension). Okay, I'm not sure why that's interesting.

Besides, how many sheets of paper do you have laying around with 1987 dates marked "**** HONEYWELL FEDERAL SYSTEMS INC. CONFIDENTIAL and PROPRIETARY ****"? This dates to when I was on the SCOMP team, though has nothing SCOMP-related or even remotely confidential or proprietary. What was SCOMP? See http://en.wikipedia.org/wiki/Multilevel_security

So I scanned the code with xsane and noticed, as I had before, the option to save as text. As before, it didn't work, but this time I paid attention to the error message, gocr not found. So I googled and then install gocr (see http://jocr.sourceforge.net/) .

gocr does a respectable job, but not great. However, it's better than typing from scratch. Here are some  lines from the scanned text:


-    l2   jnclude stdio.h>
l3   include <signal.h>
l4
15   #define ALL_USEn_PROCS  -l
l6
l7   void main()
18
l9      int     kill();
20      jnt     process_id;
21      int     signal;
22
23      process  id = ALL USR PROCS;
24      signa! =- SIGKTL ;    -
25       void   rintf(''\nkil1ing all  rocesses...\n'');
26       void   ill(prOcess_id,  signa );

So it's missing underscores, curly brackets, and various other things. It looks like it added line numbers, but that's from the paper listing. Not great, but it beats typing that code from scratch, I guess.  There may be some options that help it do a better job, so if this becomes important I'll have a look.

Thursday, June 30, 2011

How Many Things can Credo Do Wrong in One Billing Cycle Without Actually Phishing?

My latest cell phone bill is here. Yippee. But these folks did so many things wrong that I think I just have to say something. If I call them, they won't listen (actually, Credo might), so I'll write it up here where they almost certainly won't listen.

First, this is from the e-mail informing me that my bill is ready:

Nothing strange here, except when I click on the "sign in" link (something to be done only with care), it didn't take me to Credo Mobile:


Note the URL. Who the heck is credobilling.com? I know who it sounds like, and I strongly suspect it's really Credo, but they think it's a good idea for me to click on a link that takes me to a web site I have never before seen, and then provide my login credentials? Credo is training users to fall for phishing attacks.

Not comfortable with that, I type the correct address into my browser, credomobile.com. This is the page I get:

Note the Member Sign-In box at the lower right, and also note that there is no indication in the address bar of HTTPS in use. This amateur behavior is not new to Credo. At least one other outfit that I do online transactions with does this same thing; I'll post on that later. Sites that try to get users to submit passwords seemingly in the clear often have a more secure failure-mode. For example, if I provide my cell number but omit the password, I get here:


That's not really my phone number. Every month I get to see the same error message, but it's worth it to see the green https:// in the address bar before proceeding.

Wednesday, June 29, 2011

Printing to PDF, Firefox, Ubuntu

Off and on I've been irritated that Firefox print-to-file functionality defaults to postscript with the filename before the .ps extension blank. What's up with that? This is more of an issue now that I have a Kindle, and thus print to PDF much more often than to paper, so tonight I poked through about:config, shrugged, and turned to Google. I found one useful page, http://ubuntuforums.org/showpost.php?p=7890849&postcount=7, but prefer "my" way to his, simply because my filter places exactly the right configuration lines on the screen, leaving nothing to manual hunting.

1) Enter about:config.
2) Type print_to_filename in the filter bar.
3) Place exactly the same path, file name, and extension in each setting.

This is what mine now looks like:


Needless (I hope) to say, different folks will have different printers, and so my entry for an HL-2040 will be atypical and most other people will have printers not shown here.

There is no generally-useful file name, so indicating the application that generated the PDF seems a reasonable choice. IMHO, /tmp is the only reasonable directory to use so that the user's home directory isn't littered. Littering $HOME is an unfortunate tendency of Linux developers.

Friday, June 24, 2011

Mobile Phone Use May Not Cause Cancer!

Yet another good article by numerically-sensible BBC reporter Michael Blastland: http://www.bbc.co.uk/news/magazine-13886254

Monday, June 20, 2011

Sound Juicer on Ubuntu Broken

Sound Juicer now has trouble interacting with MusicBrainz to download CD names, track listings, etc. Googling led to J.P. Stacey's blog: http://www.jpstacey.info/blog/2011/06/13/sound-juicer-no-longer-retrieves-track-names-when-you-extract-audio-cds
Apparently CD Juicer has been using a deprecated feature at MusicBrainz and, as could be expected, MusicBrainz dropped support for the feature. Fortunately they still offer such a service, but CD Juicer has to be fixed to do it right.

My experience fixing this (Ubuntu 10.04) was to issue the add-apt-repository that Stacey suggests, but that gave me a 404 not found. I thought about editing config files, but decided to instead follow a link at Stacey's page to launchpad.net, or, specifically, to Philipp Wolfer: https://launchpad.net/~phw/+archive/musicbrainz
Wolfer has it right.

Wednesday, June 15, 2011

They'll be Sorry

CCBC is switching from WebCT to Blackboard 9.1. I know nothing about WebCT, but it is nearly inconceivable that it's worse than Blackboard 9.

Analogy: I've chosen an integer, 1. Then we generate a uniform discrete random integer in the range 0 to 32767.  What is the probability the random integer is less than one? Approximately the same probability that an unknown course management tool is worse than Blackboard?

Friday, June 3, 2011

Impressive Fireball at UMBC

Yesterday I was close enough to an explosion to feel the heat on
my face, 40m or so away. It was at the electrical substation just north
of the campus police station.  Not very loud, but an impressive
fireball. I have to start carrying a camera.

As a result, UMBC is closed today for lack of electricity. New media reports:
  • Transformer Explosion Knocks Out UMBC Power, http://columbia.patch.com/articles/transformer-explosion-knocks-umbc-power
  • Baltimore Sun apparently has no idea of or maybe no interest in what actually happened:   http://www.baltimoresun.com/news/education/bal-umbc-power-outage-0603,0,573995.story

Google Search for MyLife.com

A sampling:

  • Complaintsboard.com has many people complaining that MyLife is a scam, uses false advertising, etc. I concur.
  • Just say 'no' to mylife.com, http://techpaul.wordpress.com/2009/03/06/just-say-no-to-mylifecom/ . It appears that the author gave MyLife access to his e-mail accounts, and regretted it.
  • Wikipedia has an article. Highlights: lawsuits against the company for e-mail spoofing. Parent reunion.com rated F by the LA BBB.
  • "Mylife.com: A new tool for bargain-seeking stalkers" at http://www.socialmeteor.com/2009/02/28/mylifecom-a-new-tool-for-bargain-seeking-stalkers/ . This article goes into some detail about how MyLife is gathering and abusing PII. Recommended.
  • "MyLife.com Accused of Running 'Spam-and-Scam' Scheme" http://www.walletpop.com/2011/03/02/mylife-com-accused-of-running-spam-and-scam-scheme/ discusses a lawsuit against these slimeballs (and I'm being completely objective here) in US District Court in Oakland, CA. Links are provided.
  • TechCrunch talks about the birth of MyLife as a merger of reunion.com and wink.com. This corroborates much of what's in the Wikipedia article.

People Search, Phishing, MyLife, and All That

I recently wrote about getting information from the naive, though I phrased more harshly. This was at  http://martesmartes.blogspot.com/2011/04/how-to-get-personal-information-from.html. Then last week I saw a TV ad for mylife.com, offering to show a person who is searching for him or her.

First, I don't know how they can do this without the cooperation of Google or some of the alternative search engines. MyLife seems to be the same as the previously-discussed phishing sites. It asks for personal information, shows a picture of the user's neighborhood from Google Streetview, and then offers to to take a credit card number for outrageous ($13 per month and up) fees to provide results.

There is, however, an inconspicuous little link in the upper right to continue with free, limited access. I clicked. First, it took me to my profile--my fault, I entered personal info. How do I delete it? However, the page was surprising, with links to a couple family members and my ex-wife. I seriously dislike this site.

There was a link to my profile, but no option to delete. However, I was able to edit my profile, but the only meaningful field worth changing was my birthdate, which I changed to a wildly inaccurate value.

This site goes into my hosts file mapped to 127.0.0.1.

My best guess is that it the for-pay tell me who is searching for me feature, is simply internal: a record of people who have searched for me from within mylife.com. So, ultimately, it's a phishing site that thinks it's yet another redundant social media site.

Friday, May 27, 2011

Personal Data in Amazon MP3s

In December I discussed the buyer ID data that Amazon is placing in MP3 files, noted that the standard tools seem to not notice these IDs, and expressed a desire to write a script to display these IDs. See http://martesmartes.blogspot.com/2010/12/need-to-write-my-own.html and http://martesmartes.blogspot.com/2010/12/personal-information-in-amazon-mp3.html.

First, the script:
// Time-stamp: <2011-05-27 22:23:37 jdm>

// JFlex script to look for UID tags in an MP3 received from Amazon. If
// such a tag is encountered, it is displayed. Otherwise, there is no
// output.

// Compiling (assuming JFlex is installed)
//
// jflex findUID.lex
// javac Yylex.java

// Running:
//
// java Yylex <MP3 file name>

// Bugs:
//
// A left angle bracket, <, within the UID will cause the tag to not be
// displayed.
// Even though the MP3s that I have seen with UID tags have the tags
// near the beginning of the file and only one UID tag per file, this
// searches the entire (possibly long) file and will display multiple
// UIDs if found. Though this is probably not a bug, it does cause a
// perceptible delay.

%%

%standalone

%unicode
%int

openAngle  = <
uid        = UID
stuff      = [^<]+
tagEnd     = "</UID"
closeAngle = >
tag        = {openAngle}{uid}{stuff}{tagEnd}{closeAngle}

%%

{tag} { System.out.println(yytext()); return 0; }

.     { return 0; }

\n     { return 0; }

\r     { return 0; }

As mentioned in the comments, this is a JFlex script. JFlex's lineage dates back to the standard Unix lexical analyzer-building tool, lex, which was superseded by flex. JLex has been well-known in the Java community for awhile, but work on it seems to have ceased. JFlex, however, appears to be an active project (and an Ubuntu package). Of course, it works on Windows, too.  See http://jflex.de/

It turns out that Amazon informs the consumer when an MP3 will contain identifying information. I did not notice this before Michael D. pointed it out to me in January. The Amazon notice is in the product details and says "Record Company Required Metadata: Music file contains unique purchase identifier." Then they have a "Learn More" link. This is what Amazon has to say:

Record Company Required Metadata

The record company that supplies this song or album requires all companies that sell its downloadable music to include identifiers with the downloads.  Embedded in the metadata of each purchased MP3 from this record company are a random number Amazon assigns to your order, the Amazon store name, the purchase date and time, codes that identify the album and song (the UPC and ISRC), Amazon's digital signature, and an identifier that can be used to determine whether the audio has been modified.  In addition, Amazon inserts the first part of the email address associated with your Amazon.com account, so that you know these files are unique to you. Songs that include these identifiers are marked on their product detail page on Amazon.com.  These identifiers do not affect the playback experience in any way.
The idea seems to be that the record companies are requiring Amazon to put the information in, and Amazon is being honest about what's in there, though most consumers likely never see this information and never notice the link to it.

A few comments are in order.
  • My script displays the UID tag and contents, but does not modify or remove it. I have no intention of providing such a script.
  • People share MP3s at their own risk. As someone who has made good money developing software, I understand their need to earn a living. I even understand, though am less sympathetic toward, the RIAA's outrageous damage claims in suits. Any individual's decision to share, or not, is between him, his conscience, and the RIAA.
  • The UID is the user's Amazon user ID. On the MP3s containing the UID that I have, my script displays this:  <UID version="1">martensjd</UID>. That's me. 
  • Amazon says there is other identifying information embedded in the MP3. Read the statement above. So stripping this out will not be sufficient to hide the original buyer.
  • I would rather not have this in my media files, but I don't object strongly enough to go through the files stripping it all out.

Saturday, May 21, 2011

4G In Catonsville

I used to be a Xohm customer, and then Xohm switched to Clear. In time I was unhappy enough with Clear's service that it became time to switch myself, to Verizon FiOS. Xohm and Clear offered 802.16 (WiMAX) to home and mobile users at around, optimistically, 4Mb/s. FiOS is faster, typically 15Mb/s at my tier.

Clear (http://www.clear.com/) is now marketing their wireless Internet vaguely as 4G. They are also advertising lower speeds than before, which makes it unclear what technology they are using. 4G is a marketing term, and from an engineering or technical perspective, meaningless. Granted, WiMAX is also a marketing term (IEEE originally referred to 802.16 as Wireless MAN), but at least WiMAX actually means something.

Xohm marketed their service as WiMAX, and reading the fine print it was clearly 802.16. Clear has dummied their web site down to the extent that there is nary a clue what technology they are using. Actually, a bit more digging leads to a release at http://corporate.clearwire.com/releasedetail.cfm?ReleaseID=570046 that mentions legacy and mobile WiMAX, but also mentions partners using other technologies. Perhaps Clear is still predominantly 802.16, but advertised at a lower rate, which is consistent with what I was seeing when I canceled my Clear service. It may be that they are simply provisioning their towers at a lower rate per customer. The dumbing down of their web site is unfortunate.

Of course, Verizon is vague at their web site about what FiOS is, and I think there is an intentional effort on the parts of corporations in general to make it difficult for consumers to compare what different vendors are actually providing.

Why do I care? I just got my latest Verizon FiOS bill. It was $55, which is a lot for Internet service. Clear is $35, which is high for the poor performance they offer. So it was time to look around. Also time to reevaluate whether I really need Internet access at home.

One of the appealing things about Xohm when they came to Baltimore was the promise of $35 per month  for Internet access for life. But then Clear came in and reduce the service level. So it goes.

Of course, Judgment Day is today so maybe this is the beginning of my five months of torment.

Monday, May 16, 2011

Catonsville Nine Commemoration

Some of the real heroes of the Vietnam era anti-war movement are being commemorated Saturday 5/21. From the Indypendent Reader at   http://www.indyreader.org/content/catonsville-nine-commemoration:


CATONSVILLE NINE COMMEMORATION


May 21, 2011 - 12:00 - 14:00
CATONSVILLE NINE COMMEMORATION SATURDAY 21 MAY, 12N



The Baltimore Phil Berrigan Memorial Chapter of Veterans For Peace on Saturday 21 May
at 12 noon will commemorate the Catonsville Nine Viet Nam draft file burning action taken
by the chapter's namesake Phil Berrigan and 8 others.  Forty three years ago on May 17th
9 peace activists took draft files from the Catonsville Draft Board office and burned them
with homemade napalm in a Catonsville parking lot, and were eventually sentenced to jail
for their action.


At noon Baltimore VFP will gather at the Catonsville Post Office at Frederick Road and
Beaumont across from the Catonsville Public Library to vigil and hand out flyers, and will
later adjourn to the Knights of Columbus parking lot across the street for recollections
and fellowship. Please join us. Bring banners and posters. For information call Ellen
Barfield at 410-243-5876, or e-mail ellene4pj@yahoo.com.


Location


Catonsville Post Office
Frederick Road and
Baltimore, MD
United States
39° 36' 32.3712" N, 77° 42' 18.1764" W

Monday, May 2, 2011

How to get Personal Information from Morons, Part II

Saturday I spent a few minutes messing with a phishing site that was trying to mess with me, webspyapp.com. I stopped at the point that it wanted a cell number, and rejected made-up ones. I didn't have a number I was willing to give them in order to receive their texts. This morning a colleague donated his recently-disused number, so I gave it another shot.

I ended up at http://gtoffers.com/coreg/entry.php?p=bg266533g6&sid=p1&limit=2&phone=7178914944&redirect=http%3A%2F%2Fofferlabs.com%2Fc.php%3Fa%3D119%26o%3D183%26sid%3Dp1&head=http://d18j1d26sau8be.cloudfront.net/user_images/13016043631131154035370.png, which tried to install a browser extension.

At this point I stopped.

Saturday, April 30, 2011

How to get Personal Information from Morons

I block ads when I can, and here's a reason why: webspyapp.com. This is essentially a phishing site, designed to get people to give up person information. Here's the scam: offer a mark the ability to see who is searching for him. The mark clicks on the webspyapp link, and is taken to a page that asks him for his name and ZIP. I claimed to be Fred Snerdling with a UMBC ZIP:



When the mark enters his information, webspyapp claims to have found some people searching for the mark, but wants the mark's cell number:

I especially like the fuzzy images of people searching for Fred Snerdling at 21250--nice touch. I entered a fake cell number, but unfortunately they wanted a real one:


I considered using the cell number of a wrong number who rang me a couple times last week, but that would be bad--even if the phishers have the wrong name and ZIP, they would have some poor sucker's cell number, and she doesn't deserve that.

Sunday, April 10, 2011

Epsilon, No Delta

A number of organizations with which I have (or had) financial relations have recently sent e-mails saying they have lost some of my personal information. At first I was unconcerned, because the impression I got was that it was just my e-mail address, and it was just Best Buy, or just Best Buy and Verizon, or just Best Buy, Verizon, and TIAA-CREF, or, well, around the time I got the TIAA-CREF mail I started to get concerned. This is a major financial institution, and, one might hope, one not cavalier about my personal information.

Here is the list of companies that have notified me to date:
  • Best Buy, 4/4
  • Verizon, 4/5
  • TIAA-CREF, 4/6
  • Chase, 4/6
  • M&T Bank, 4/8
All of these organizations, and I'm sure others, are informing their customers that an apparently inept contractor called Epsilon has lost their e-mail addresses. The first thing to note is that the financial institutions were the slowest to inform me. This may be just coincidence, but it is easy to believe that Best Buy was more responsive than M&T Bank. Kudos of a wry sort to Best Buy.

So the bad guys have many e-mail addresses, and can connect individuals to accounts. So what? Well apparently some people are getting phishing mails claiming to be from organizations that have lost data through Epsilon. So what? Well, this will make it easier to tailor and target phishing attacks more precisely.

Clearly data leaks all the time. Excerpted from a recent posting by Martin McKeay: I’m no longer surprised when I go into an assessment and somewhere halfway through a conversation a manager says, “Wait a minute, why haven’t I haven’t heard of this data repository/network connection/export to sales before now?” But this is a shallower problem, not an inadvertent leak to marketing or sales, but an intentional transfer of data to an outside organization unable to protect the data.

The situation is exacerbated for Verizon customers since Verizon encourages users to log in to its site without SSL/TLS. So, if users think that a picture of a padlock and the word "secure" next to the login text boxes actually indicates anything they will be more vulnerable to phishing. Surprisingly, Verizon is the only organization from this list training users to ignore TLS. A few years ago this seemed more common, though I have just a very small sample here.

IMHO the Chase leak is the most egregious, since I have had no dealings with them since canceling my card in March 2008. I guess they consider me a potential future customer, but since I do not have a current relationship with them, it would be nice if they would delete my info. I managed to log in to my dormant Chase account, but cannot send them a "secure message" because every attempt results in "Error 500:", which looks like there should be a description after the error number. Yes, I remain unimpressed with the competence of Chase.