Amazon MP3 Downloader

I get the feeling that
(a) Amazon cares little about Linux, and
(b) the Amazon MP3 downloader was done by very inexperienced or very poor developers.

Linux is a very small sliver of the market, so (a) is unsurprising.

My reason for casting stones at their developer is that the downloader does not work with 64b CPUs and now when I try to install it on a 32b Ubuntu 10.10 I get the message Dependency is not satisfiable: libboost-filesystem1.34.1. After installing version 1.42.0 of the libboost filesystem, I still get the error message. This strongly suggests that someone coded the dependency checks for only one version of the library, or wrote the code not considering the possibility that newer versions would be backward compatible.

I like Amazon, though I am done dealing with Amazon Sellers. Tonight Amazon had me thinking I might have to go elsewhere for MP3 downloads. However, a little googling and then a moment in the Ubuntu Software Center led to clamz. It appears there are a few other tools to do this, but clamz is the only one I see as an officially-supported Ubuntu package. And it works (or at least on the one album I pointed it at tonight).

I prefer using clamz over the Amazon downloader, because it's less closed software on my machine. Clamz likely does it's job, and nothing more. The Amazon downloader, for those lucky enough to have a system it works on, has always been an unknown factor--it downloads MP3s, but does it do something else? Probably not, but one never knows.

As an aside, the MP3s that I downloaded tonight do not have the same identifying information as the ones I wrote about last week. It may be obfuscated, encrypted, or just not present.

Personal Information in Amazon MP3 Files

A few days ago I wrote about Amazon placing personally-identifiable information within MP3 files. Here is an example, from near the beginning of an MP3 downloaded recently.

<?xml version="1.0" encoding="UTF-8"?>
<uits:UITS xmlns:uits="http://www.udirector.net/schemas/2009/uits/1.1" 
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <metadata>
    <nonce>Yvjd12Il</nonce>
    <Distributor>Amazon.com</Distributor>
    <Time>2010-10-24T04:41:17Z</Time>
    <ProductID 
       type="UPC" 
       completed="true">
      10731458698620
    </ProductID>
    <AssetID 
       type="ISRC">GBAAN0200016
    </AssetID>
    <TID version="1">
      plaIo2V1UdVjRvVYo2vBICme1kF4PYav
    </TID>
    <UID version="1"> MY USERID HERE </UID>
    <Media algorithm="SHA256">
      4fda5179408e867619d5321b804fd1d16cb1ffd4f3d3485b48c241f803444897
    </Media>
  </metadata>
  <signature 
     algorithm="DSA2048" 
     canonicalization="none" 
     keyID="9b3a698acfcfea37b486aba46bdfb50c92b8f7fe">MC4CFQCLUjy5GJIaXROMGuef/iTBI3ADngIVAI1ZVWo9+IA6FAVXQ5feBVbi3yH6
  </signature>
</uits:UITS>

I've done a little reformatting, replaced my user I.D. with a placeholder, and modified some hashes and keys, but you can easily get the basic idea. My advice is to be reluctant to share these files, or to strip the XML at the beginning.

This is a fairly recent change for Amazon. This information is not present in a song I downloaded from Amazon in August.

Migrating UMBC E-mail to Gmail

Some months ago UMBC began migrating e-mail to the Google cloud. This migration has been voluntary, but everyone will be moved over in January. I like Gmail, and considered moving some months ago, but decided not to because it was unclear whether there would be a solid wall (psychologically as well as logically) between my personal Gmail account and my UMBC Gmail account. This will not be an issue for a number of reasons:

(1) The accounts are separate, one reached via mail.google.com and the other via gmail.umbc.edu. I can reach both via the traditional mail.google.com URL, but with two different user names. I plan to explicitly go via (and link to) the gmail.umbc.edu address.

(2) I usually use Chrome for Gmail, but use Firefox for UMBC (myUMBC) services. Firefox add-ons allow me to selectively turn off undesired scripting within myUMBC and Chrome does not display PeopleSoft slop properly (I suspect it really does, however, and that PeopleSoft is simply not following web standards, but this is something for future investigation). So I will continue to use Chrome for personal Gmail, and will use Firefox for UMBC mail.

(3) I use different themes for the two Gmail services, and so my work and my personal screens look very different.

(4) The UMBC Gmail has "myUMBC" prominently displayed in the upper left.

(5) If all of that is not enough, I can simply return to an IMAP client for UMBC e-mail and continue to use the browser for personal Gmail.

The one drawback I have seen in my initial look is that Google says it may take several days for my old e-mail to migrate to Google. Since I have switched, I can no longer access UMBC Squirrel mail, and so none of my old e-mail folders are currently available via the web. Since grades are due in a couple weeks, this could become sufficient motivation to temporarily configure an IMAP client on my laptop. However, I do not foresee much inconvenience here except possibly delaying my grading of assignments submitted via e-mail.

I do suspect there is still a way into squirrel mail, but do not plan to spend any time finding the way.

Need to Write My Own

MP3 files purchased from Amazon have identifying information within them, likely to catch, if not to actually deter, file sharing. At the beginning of the file is some XML including time and date downloaded, the Amazon user ID, a nonce, the distributer (Amazon.com in this case), and a digital signature (presumably so modification will be detected). Easytag does not display any of this XML data.

My intention was to place an excerpt here, but formatting XML within Blogger is more trouble than it's worth. Just view an MP3 from Amazon within an editor, e.g., emacs.

The upshot is that, since easytag doesn't display these tags, I'll have to write my own filter to do such.

Alta Vista to Shut Down, but Apparently not Babel Fish

PC World has a brief article announcing the end of Alta Vista, the best search engine before Google, and in the author's opinion (and mine) the second best search engine to date. I would let this pass without comment, as one of the last vestiges of DEC going away, but I read a (likely false) report that Yahoo will also be shutting down Babel Fish, which is a fairly good, convenient, translation service. I guess would be partly to blame here: just as I stopped using Alta Vista when Google came along, I've been gravitating toward Google Language Tools rather than Babel Fish lately.

However, the second page a Google news search led me to as I tried to ascertain the fate of Babel Fish says it has been spared for now.

Google Web History: Beware

I deleted and paused my Google Web History some time back, thinking that meant Google would stop collecting "my" web history. This morning I was changing some Google account settings and clicked on Web History. They had started maintaining web history for me again. So I again had to delete everything and "pause" my web history. Apparently pause does mean pause, and Google pops the account off pause willy-nilly, or by some algorithm known to them, but not to their users.

The thing to do is to remove the web history. From Google Account Help:

Using Web History: Deleting
You can delete Web History from your Google Account at any time. Just follow these steps:

Click the My Account link from the Google homepage.
Click Edit next to 'My products.'
Click Delete Web History. Make sure you're signed in to your Google Account to see the My Account link.
Note: Deleting Web History from your Google Account will erase all items from your Web History and stop your Web History from being recorded in the future. You can also remove individual items without deleting all of your Web History.

Xfce? No, I don't Think So

I just checked the xfce site to see if their documentation situation has improved. They seem to be preparing the 4.8 release, with 4.6 in use, but the documentation is 4.2,. No way I'm going back to that--it appears to be run by a bunch of coders with no interest in the user. Thus, xfce developers, IMHO, are developing for themselves, but not for the wider Linux community. There's nothing wrong with that, but I think things like Xubuntu should be discontinued until someone thinks xfce is worth documenting.

Quick Note on Address Bar Auto-Completion

Firefox and Opera, by default, have a search field (it's a text field but Firefox calls it the search bar) to the right of the address bar. I've removed mine--it's redundant and cumbersome (or so I thought, but see point 3 below), and an information leak.

I often have students in my office for advising and typically go over their online records. This means they look at my web browser. This also means they can read titles of tabs (fine, so be it) and contents of the search bar. I'd hate to have a student read too much into the fact that I've recently searched for Shaun Cassidy. So in my office I removed the search bar and just open a new tab (^t) and hit the g key. This takes me immediately to Google.

(1) Most of my searches are Google searches. I played with Bing when it first came out, but Bing's results don't seems as good, and Bing seems to use a fair amount of client-side scripting, which I'd rather avoid. Google does too, but they already know everything about me.

(2) I may sometimes prefer a Wikipedia search or some such, but very often the appropriate Wikipedia page is near the top of the search results, so Wikipedia search is redundant.

(3) Doing a quick lookup for this posting led me to http://www.mozilla.com/en-US/firefox/search.html, which points out that one can select text and drag it to the search bar, which seems to work well. So my search bar is, at least temporarily, back in my Firefox window on most of my machines--just not the one in my office.

Arvind Goes to Washington

Arvind Narayanan (no, not that Arvind) just served on a 'Do Not Track' panel in DC, and writes intelligently about his experiences, e.g., on how the system in DC is not as effective as one might hope. Rather than paraphrase or summarize, I'll just point to the original article.

Blackboard 9 Usability and Security

It turns out that Firefox users can improve their browsing experiences within Blackboard and keep their local data a bit safer through the use of the AdBlock Plus extension.

A problem I've had for awhile--predating Blackboard 9--is that when editing content within a Blackboard text area, Blackboard pops up a requester asking me to give some piece of Java code complete access to my PC. Of course I always say no. However, Firefox and Chrome seem unable to remember this, though Opera can be instructed to always block such a request from a particular site. Firefox is happy to allow one to always trust signed content from a provider, but not to always distrust. Strange.

Anyhow, these two AdBlock Plus rules block the annoying content from UMBC's Blackboard installation:

|http://blackboard.umbc.edu/webapps/blackboard/content/webeq3.editor.InputControl
|http://blackboard.umbc.edu/webapps/blackboard/execute/webeq3.editor.InputControl

It appears that Blackboard wants access to all the data and applications on my PC on the off chance that I might want to run an equation editor. I'll go out on a limb, having never tried webeq3, and say I have better equation editing tools on my machine.

Avoiding the Worst of myUMBC

I was in a meeting a couple weeks ago, and the person doing a presentation made an offhand comment about having to click through "the useless myUMBC crap." A man after my own heart. He was talking about the media-heavy, irrelevancy-filled page at my.umbc.edu.

I avoid that page most days. Firefox, Chrome, and Opera begin showing possibly-relevant pages as soon as the user begins typing in the address bar (a much more useful use of auto-completion than one can find in office applications). IE probably does this as well. If I need access to web-based functionality hidden behind the dysfunctionality of myUMBC, I just start typing the word 'faculty' into the address bar. Usually the 'f' is sufficient to get me to the myUMBC faculty center, bypassing most of the garbage. Speaking of garbage, though, PeopleSoft is directly accessible from the faculty center, but that's another issue.

Ubuntu 10.10 Day 0

Yesterday I installed Ubuntu 10.10 on my laptop, and have a couple quick encryption-related comments.

I installed from the alternate install image. The standard image does not include encrypted LVM. It does, however, allow one to encrypt user home directories. Is this good enough? No.

(1) In Ubuntu, encrypting a user's home directory fails to protect users who lose their passwords. This could happen a number of ways. It happened to me once via shoulder surfing. Many people use the same password for multiple services--a bad idea. The user password and encryption pass phrase should be distinct.

(2) Users tend to use weak passwords. Hopefully they choose better pass phrases.

(3) With just the home directory encrypted, swap is in the clear. This is a well-known leak and part of why secure software generally overwrites passwords and keys in memory as soon as they are no longer needed. Garbage collection is not good enough for keys. In general any data could show up in swap, and so swap should be encrypted.

The WikiLeaks Furor

There has been an uproar about WikiLeaks in the press lately, and until recently I've felt that Wikileaks has done more good than bad, pointing out cases where the US (and other) governments have lied to their populaces, condoned torture, etc. I won't go into the ethics of the current batch of releases because there is simply too much to review, but I would like to make a few comments.

1) http://news.netcraft.com/ has been doing a great job of covering the back-and-forth of WikiLeaks availability, changes in their hosting and DNS services, etc.

2) Tonight I decided to spend a few minutes looking at the site. Among other things, I was interested in whether it would be difficult to get to. Two things worked right away. (a) Googling WikiLeaks led directly to 213.251.145.96 (registered to wikileaks.org in a block owned by OVH ISP in Paris), so the DNS is not necessarily needed. (b) Verizon's DNS service redirected me to http://mirror.wikileaks.info/, but some of the links at that site, e.g., the one to obtain a secure connection, did not work.

3) Some of the calls for the US government to launch web attacks against WikiLeaks are largely over the top and naively stupid. I wouldn't be surprised to discover attempts to hack into their database or their servers, but the idea of launching DDoS attacks against ISPs and hosting services in the US, Europe, and elsewhere is just silly. The US launching cyber attacks against France and Russia? Not a good idea.

4) I read one leaked dispatch, http://213.251.145.96/cable/2009/08/09BRASILIA1017.html. This is tagged "UNCLASSIFIED//FOR OFFICIAL USE ONLY." One phrase I really like is advice to the USG (US Government, I suspect), "speak softly and carry no stick." The article talks about attempts to keep the Brazilian government from authorizing pharmaceuticals in Brazil to produce generic versions of AIDS drugs, in other words the bureaucratese seems to suggest that the US government is more interested in corporate profits than in dying Brazilians. Not a big surprise.

This is exactly the sort of thing US (and Brazilian) voters should be aware of, and also not the type of leak causing much of the uproar.

Guilty Until Proven Innocent

CCBC-Catonsville has barred a veteran from campus for a piece he wrote for an English class, received an A on, and was encouraged by his instructor to seek publication. In it, he talks about the appeal of killing. This is very different from saying he will kill in the future.

Many of these veterans have gone through hell and many are having trouble re-integrating with life stateside, especially with the economy in its current state. Now it appears that community colleges also require them to be dishonest in their writings or face threat of losing access to campus, education, and perhaps a future career.

The Baltimore Sun article: http://www.baltimoresun.com/news/bs-md-veteran-suspension-20101121,0,1268392,full.story

Verizon Violates DNS Standards

Verizon is in violation of DNS standards. When I type the address www.foo.bar.baz.no, assuming there is no such server in Norway, I am redirected to http://searchassist.teoma.com/. Interestingly, I see correct behavior if I leave out the www, "Server not found".

LinkedIn, Maybe Worth it Again

Some time back I said that LinkedIn was no longer worthwhile since every visit required a log in, which made every visit take longer than it was worth. Sometime in recent months this situation was remedied, and so a quick visit to LinkedIn in again a quick visit.

XKCD #800 Features The Game

According to Wikipedia, the rules of the game are

1. Everyone in the world is playing The Game. (Sometimes narrowed to: "Everybody in the world who knows about The Game is playing The Game", or alternatively, "You are always playing The Game.") You cannot not play The Game; it does not require consent to play and you can never stop playing.
2. Whenever one thinks about The Game, one loses.
3. Losses must be announced to at least one person (either by using a statement such as "I Lost The Game" or by alternative means).

These rules were written by someone with rather weak logic. I'm in the world (more-or-less), I know about the game, and I have never played the game nor do I think I ever will. I'm thinking about the game right now, but I do not acknowledge any loss, other than the time to type this. I will likely think of the game again at some point, but I won't tell anyone I lost the game, so I won't be playing the game at that point, either.

I imagine that as I type this, some twit is twitting "I lost the game."

OpenOffice Inserting Page Breaks

I've been using OpenOffice more than usual lately (and still greatly prefer emacs/LaTeX for speed and accuracy). One annoyance has been inserting page breaks: Insert|Manual Break|Page Break. Very clumsy and slow. There's no hint regarding an equivalent shortcut adjacent to the menu item, so I tried ^L--it is the standard ASCII page break character--but no joy. Googling led to http://www.oooforum.org/forum/viewtopic.phtml?t=35045, where Bhikkhu Pesala suggests ^enter (or control enter for newbs). Thanks Bhikku.

Why can't we have a finance minister like the Swiss?

Or directly from youtube: http://www.youtube.com/watch?v=lylgA7DWBXU

Alert! Alert!

UMBC police are using a false alarm as an argument that we should sign up for text alerts. I guess the argument is "See, we sent out another useless alert. Don't you want to be sure you don't miss any of this irrelevant information?"

This country has been running scared since 9/11/01, and the situation a couple years ago in Blacksburg didn't help. But enough is enough, and "e2campus" is too much. We're expected to sign up to be alerted for events of near-zero probability, so almost any e2campus alert will be a waste of time.

> September 23, 2010
>
> To: The UMBC Community
>
> Fr: Mark Sparks, Chief of Police
>
> Re: False Report of a Shooting on Campus
>
> This morning, Baltimore County Police responded to a 911
> call of a possible shooting in front of the Retriever
> Activities Center (RAC) within about two minutes of
> receiving the call. Both police agencies did a thorough
> search of the RAC and surrounding area and found no evidence
> of a shooting through the search or citizen interviews on
> the scene. The call was apparently unfounded, and is being
> treated as a False Report call by the Baltimore County
> Police Department.
>
> An e2Campus text alert was sent out once the UMBC officers
> developed enough information about the call, to tell the
> campus the nature of the call and that it was unfounded.
>
> Members of the campus community are encouraged to sign up
> for e2campus, an emergency alert text-messaging system that
> will permit the University to notify subscribers to any
> campus-related emergency (such as potential campus safety
> hazards or campus closures due to weather). It is compatible
> with mobile phones, Blackberries, "smart phones," satellite
> phones, e-mail, wireless PDAs and pagers. Normal
> text-messaging rates apply. There are no additional
> charges. Sign up for this important service today at
> http://my.umbc.edu/go/alerts.

UMBC Students Pay $802 Annually to Support Athletics?

So is it worth it?

Maryland	394.00	8,416.00	4.7%
Maryland-Baltimore County	802.00	9,171.00	8.7%
Maryland-Eastern Shore	550.00	6,305.00	8.7%

Links:

• 
  
  http://www.usatoday.com/sports/college/2010-09-21-athletic-fees-chart_N.htm
  
• 
  
  http://www.usatoday.com/sports/college/2010-09-21-fee-disclosure-virginia-tennessee_N.htm
  
• 
  
  http://www.usatoday.com/sports/college/2010-09-21-student-fees-boost-college-sports_N.htm
  
• 
  http://www.usatoday.com/sports/college/2010-09-21-students-usage-fees_N.htm
  

Human-Readable Dired in Emacs

In emacs, dired defaults to

ls -al

format, but I would prefer

ls -alh

For example, I'd rather see this:

total 200M
drwx------ 2 jdm jdm 20K Mar 24 22:00 .
drwxr-xr-x 9 jdm jdm 52K Mar 21 03:04 ..
-rw------- 1 jdm jdm 520K Mar 24 21:03 252.jpg
-rw------- 1 jdm jdm 1.4M Mar 24 21:04 253.jpg
-rw------- 1 jdm jdm 1.3M Mar 24 21:04 254.jpg
-rw------- 1 jdm jdm 1.3M Mar 24 21:05 255.jpg
-rw------- 1 jdm jdm 1.3M Mar 24 21:05 256.jpg
-rw------- 1 jdm jdm 1.1M Mar 24 21:05 257.jpg
-rw------- 1 jdm jdm 1.1M Mar 24 21:06 258.jpg

as opposed to this:

total 204060
drwx------ 2 jdm jdm 20480 Mar 24 22:00 .
drwxr-xr-x 9 jdm jdm 53248 Mar 21 03:04 ..
-rw------- 1 jdm jdm 532078 Mar 24 21:03 252.jpg
-rw------- 1 jdm jdm 1369711 Mar 24 21:04 253.jpg
-rw------- 1 jdm jdm 1285739 Mar 24 21:04 254.jpg
-rw------- 1 jdm jdm 1320355 Mar 24 21:05 255.jpg
-rw------- 1 jdm jdm 1328517 Mar 24 21:05 256.jpg
-rw------- 1 jdm jdm 1101028 Mar 24 21:05 257.jpg
-rw------- 1 jdm jdm 1077152 Mar 24 21:06 258.jpg

The fix was this line of Lisp added to the end of my .emacs file:

(setq dired-listing-switches "-alh")

Security on the Client Side

Common--and good--advice is to not trust the client. If an organization has no control over the client, as is the case in web-based client-server applications, the client is not trustworthy. The Milwaukee Journal-Sentinel's Packer Insider is a very good low-stakes example of a site that has gotten this wrong. The Packer Insider is intended to be a subscription-only service, but I was reading it for a while, perhaps a long while, before I realized I was reading for-pay content.

If I visit http://www.jsonline.com/sports/packers/ in Firefox I get full access. If I visit it with Opera or Chrome, and click one of the Insider links, I get a login screen. What's the difference?

The difference is NoScript, an indispensable Firefox tool. NoScript is not intended to circumvent security, but rather to enhance client-side security. The idea is that if I let any given web site execute any script it wants on my machine, my personal data and the integrity of my machine are at risk. NoScript also helps me limit more obnoxious advertising by selectively shutting off Flash, JavaScript, Java, etc. NoScript uses a default-deny model, meaning that sites are not allowed to run client-side scripts unless I assent. NoScript is not for everyone because it does cause problems with some sites and it does require some effort on the part of the user, but it does provide a much safer browsing environment.

So, if I disable scripting, I get a much cleaner, more pleasurable view of the Journal Sentinel's Packer pages. As a side effect, I also get access to the Packer Insider materials. This is due entirely to poor security architecture at the Journal Sentinel's site, and, IMHO, strong evidence that the design was not done by an experienced professional. OTOH, there may have been other constraints making this desirable, and they may not actually care. If I were to lose access to these pages, I wouldn't really care because the Green Bay Press Gazette has comparable content that's openly-available.

As an aside, there are those that think it is bad to disable advertisements that support web sites. I have sympathy for this view, but I don't want their scripts running on my machine, eating cycles, providing animations which make it difficult to concentrate on the actual content, and, in extreme cases, making noise or damaging my system. I will aggressively block Flash, animated GIFs, etc., that damage the user experience.

This shows a general advantage of server-side over client-side scripting. Providers have a better idea of what their pages look like on the client side if they use server-side scripting--which is controlled by the provider--rather than client-side scripting, which is controlled by the end user, the browser, malware, etc.

Summary: security must be on the server side.

BOINC, Social Good, and Energy Consumption

Apropos of nothing, do you have BOINC running on any of your machines? I installed it a day or two ago on my HP and on my work laptop. Already I've made a material contribution to some important projects that can't afford supercomputer time; something to do with a disease I think. Anyway, I'm a member of the World Community Grid and Einstein@Home, but I'm thinking about dropping the space stuff in favor of the terrestrial problems [ ... ].

The real question is, what's your take on this stuff. Am I contributing more to the energy companies than to the advancement of human knowledge?

I used to run SETI@Home on a few systems. I noticed that my laptop was always hot when I ran it, so I stopped using it there and then gradually stopped using it altogether. That may be BOINC-based now. I also tried to donate cycles to some Brit climate project a while back, but they didn't have Linux support.

Even on a non-laptop it does cost you power. Most current CPUs have frequency scaling, and use much less power when running at lower frequencies. Gnome has applets that let you monitor CPU frequency and temperature if your hardware supports it.

I don't know how to weigh energy use vs. benefit to mankind. It will cost more when run in an air-conditioned room since you pay the electric company to heat the machine and then pay the electric company to cool the room containing the machine. OTOH it could save you a tad on heating in the winter (at OSU we had an Intel hypercube that could easily heat a couple rooms). If your machines suspend after a couple hours of no keyboard or mouse activity, then the impact may not be very large. I'd be leery of running it on a laptop, especially if it keeps the machine from suspending (as SETI@Home did a decade ago).

Soundtrack: "Danger" by the Motels

Cousin Done Good

Tracy Hamlin has been elected by judges and the SQL Server community as the Exceptional DBA of 2010. See http://www.exceptionaldba.com/hall-of-fame/

Sent from my iTouch

It seems pretty common nowadays to get e-mails with statements such as Sent from my iTouch and the like appended. This is analogous to the advertisements that HotMail used to stick on e-mail messages. Why do people want to send advertising copy with their e-mail? Didn't you pay for your iTouch? If so, why provide Apple (or whoever) with free advertising? My advice would be to remove such tripe from e-mails, or, if you can't, then be very ware that you are not in control of the image you project when using such tools.

Soundtrack: "I Robot" by The Alan Parsons Project.

Free Slater!

When people are repeatedly placed in untenable positions, outcomes are not always positive. Blame the airlines and the TSA if passengers and flight attendants snap. The airlines and the TSA have been steadily making air travel less pleasant, to the point that, even if one looks forward to a trip, very few of us look forward to the flight any more. In fact, when traveling, the flight is the major stressor, as the most likely place that a trip can be derailed.

http://www.usatoday.com/travel/flights/2010-08-11-1Aattendants11_CV_N.htm

Where I've Been, Domestic Edition

This application is created by interactive maps.
You can also have your visited states map on your site.

If you see this message, you need to upgrade your flash player.

Make your visited states map

Flex charts

Where I've Been

This application is created by interactive maps.
You can also have your visited countries map on your site.

If you see this message, you need to upgrade your flash player.

Make your visited countries map

Flash charts

Man, I Knew It

From the USA Today site:

Scariest airports

Four U.S. airports made SmarterTravel's list of the world's scariest airports for takeoff and landing:

[ ... ]

Also making the list: Gibraltar Airport in Gibraltar; Toncontin International Airport in Tegucigalpa, Honduras; Paro Airport in Paro, Bhutan; Barra Airport in Barra, Scotland; La Aurora International in Guatemala City; and Wellington International in Wellington, New Zealand.

La Aurora requires an unusual maneuver in which a landing plane banks steeply and then thuds down. The jet I arrived in from Ft. Lauderdale did this, and a few days after my arrival, I was walking north of the airport and saw a Cessna perform the same maneuver. I think La Aurora is scariest, though, due to the lack of facilities in the international terminal. Probably the least pleasant airport I've ever had to fly from. And as I'm wont to say, Vasco da Gama never had to put up with airlines and airports when he traveled the world.

Surprising Bogosity from PearsonHigherEd.com

Pearson usually supplies instructor supplements to texts in Zip archives. Fine. But the PowerPoint slides for Sebesta's Programming the Web 5th ed are in an archive with an extension .sitx. A little searching says this is a StuffIt archive, a proprietary format. Why? Are they going out of their way to make sure some of their customers can't access the materials? StuffIt's free unroller isn't even available in a Linux version, making the 10MB archive useless wasted space on my hard drive.

Important New Privacy Development from the EFF

The EFF now has a privacy tool called HTTPS Everywhere available as a Firefox add-on at https://www.eff.org/https-everywhere

This causes many pages that support https access to use https. Examples include Google, Wikipedia, and Amazon, as well as others I haven't tried, e.g., Twitter and Facebook. This seems a valiant attempt to make it harder to eavesdrop on traffic and simply like a good idea. It's in the spirit of "encrypt everything," the idea that all traffic should be encrypted simply because some people think encrypted traffic is likely to be more important, more likely to include incriminating informations, etc.

Related post: http://martesmartes.blogspot.com/2010/07/important-privacy-development-from.html

Sound track: Depeche Mode, "Love In Itself"

Web Page Raspberry--Pass the Bromo-Seltzer

The Bromo-Seltzer Tower has been an icon in downtown Baltimore for almost a century. And they have their own web page, http://www.bromoseltzertower.com/ . This is all good. However, it is entirely impossible to navigate the site without flash. There is nothing I've seen at the site that requires flash, so this seems like a case of a web developer who likes flash and uses it whether appropriate or not. The site crashed my browser twice this morning.

Of course, flash is one of the larger technological threats to web security, and works much more slowly than static content or server-side scripts. And there doesn't appear to be any substantial content at the site that isn't static.

There are better alternatives, though:

1. http://en.wikipedia.org/wiki/Emerson_Bromo-Seltzer_Tower
2. http://www.nps.gov/history/nr/travel/baltimore/b17.htm
3. http://www.baltimoresun.com/topic/economy-business-finance/bromo-seltzer-tower-PLTRA000097.topic

The site itself is designed by folks at http://www.missionmedia.net/ , which have a web site that's all flash and no usability themselves.

Soundtrack: The Church, Sometime Anywhere, Disk 2

Important Privacy Development from Google

This isn't new, but I just got around to reading an article recommended by a student a month or so ago: http://news.cnet.com/8301-27080_3-20005636-245.html

https://www.google.com/ now provides encrypted connections for web search. This is excellent for wireless access from public places, probably effective a lot of places that filter Google searches (though they could now just block https access to google.com), and just a good thing to use generally.

Soundtrack: Mellencamp, "Justice and Independence"

Free Wi-Fi at Starbucks

Starbucks now says they'll be offering free Wi-Fi at their stores starting 7/1. Hopefully it really will be free, not requiring registration, etc. For the last couple years I've never gone to Starbucks if there was a Panera nearby since, even if I wasn't interested in Wi-Fi that particular day, I've felt that Panera deserves some support and loyalty due to their free Wi-Fi. Of course, Panera also offers a much better variety of food. I'm not a coffee drinker, so that doesn't enter into my considerations. Interestingly, the USAT article (http://www.usatoday.com/tech/news/2010-06-14-starbucks-wi-fi_N.htm) says that this is to compete with McDonalds. I have gone to McDonalds for free Wi-Fi, but it's typically very loud and not a pleasant place to be, so I've never viewed them as competitors.

Blackboard 9

I think I've figured out how to most effectively use Blackboard 9. I need both a Firefox and a Chrome window open so that when one locks up, I can copy and paste what I was working on into the other and try it from there.

Between Blackboard and Peoplesoft, there seems to be no bottom to the level of quality of software UMBC is willing to pay for.

Baltimore Independent Music and Arts Festival

This looks like a series of events worth attending. It's August 26-28 2010 here in Baltimore.

Different Browsers for Different Purposes, II

I previously commented on how I've started using different browsers for different purposes. I just visited the Weather Underground (wunderground.com) using Chrome, and it wasn't pretty. Right next to the weather map was this obnoxious flash animation. I quickly closed the frame and reopened it in Firefox, where NoScript screens out much of the obnoxious, much of the dangerous, and much of the insipid.

I had a similar experience last week while out of town. I don't have cable TV, and so am usually not subjected to cable news. Cable TV news is terrible, all commercials all the time and almost no news. Give me NPR and BBC any day. I've mostly stopped watching NFL games for the same reason.

Emacs Spontaneously Shifting to DOS Mode. Yuck.

For some reason emacs (GNU Emacs 22.2.1 (i486-pc-linux-gnu, X toolkit, Xaw3d scroll bars) of 2010-03-26 on rothera, modified by Ubuntu) on Ubuntu 9.10 has been spontaneously deciding to use MS-DOS/Windows line endings rather than Unix. This is rather wasteful of space, and sometimes causes issues with other tools. It's also inconvenient, since I was killing the emacs buffer, running dos2unix on the file, and then loading the fixed file back into emacs. Looking for a fix, I stumbled across three blog entries of note:

1) http://www.debianadmin.com/flip-convert-text-file-line-endings-between-unix-and-dos-formats.html recommends a tool called flip. This makes no sense to me whatsoever since it does exactly what dos2unix and unix2dos do. It looks to me like someone's CS1 assignment that somehow got added to the Debian repositories.

2) http://www.sowbug.org/mt/2004/07/emacs-dos-line-endings.html has a good short-term fix, a bit more convenient than what I was doing. Within emacs, type the following key sequence: C-x [ENTER] f unix [ENTER]. This sets the "Coding system for saving file." Good enough.
Also, Sowbug.org has a great tagline: "If all you have is a Bloom filter, everything looks like a set whose membership you wish to test with a possibility of false positives."

3) Barriehie at http://ubuntuforums.org/showthread.php?t=1375454 has the winner, a good, permanent, catch-all type solution. Essentially, modify .emacs to include:

;; Set ALL files to UNIX line endings
(add-hook 'find-file-hook 'find-file-check-line-endings)
(defun dos-file-endings-p ()
(string-match "dos" (symbol-name buffer-file-coding-system)))
(defun find-file-check-line-endings ()
(when (dos-file-endings-p)
(set-buffer-file-coding-system 'iso-latin-1-unix t)
(set-buffer-modified-p nil)))

I've tested it just a bit, and it works beautifully.

Also, my .emacs is all in one file, and I prefer the way he splits it across multiple files. I'm using the .emacs that grad students were given at Ohio State ca. 1992 with many, many modifications. Following Barriehie's lead, I've split my .emacs it into multiple files, thus allowing me to keep my modifications separate from the stuff passed down from Brutus Buckeye.

Dilbert Explains Naming Decisions Regarding Maxwell Smart, Nook

Maxwell Smart Solutions

People apparently really don't think about names. First, the Nooky Reader from Barnes & Noble. And now, Max Smart has his own business. I wonder if 99 works there. If not, they should 86 the whole idea.

Hayabusa Scheduled to Land at Woomera

This will be a definite milestone if the spacecraft is able to land with a soil sample from the asteroid Itokawa. Link

Endocrine Disruptors in the Gulf

The oil will obviously be a huge blow to the fishing industry in the gulf states. A more long-lasting blow may be the use of dispersants containing endocrine disruptors. What will this do to the fish? How long will it be before people feel safe eating fish from an area in which endocrine disruptors have been so heavily used? I know nothing about the dangers or persistence of these chemicals, but as little trust as many of us feel we've been able to place in the FDA and EPA since, say, 2001, it may be a long time after the government says it's safe before people believe it's safe.

Nooky Reader Part II

Searching for Nooky Reader at either Amazon or Barnes & Noble finds the Nook E-Reader or accessories. Whether BN management is aware, and they must be by now, Amazon and BN search mechanisms are.

XKCD Weighs in on Facebook

From http://xkcd.com/743/

Nooky Reader

Last night on All Things Considered there was a brief spot on Barnes and Noble's e-reader, the Nook. That's right, the Nook E-reader. Does anybody think about these names? Or is confusing the name with sexual slang  part of BN's strategy for marketing this thing?

I thought it was a joke, or that ATC had fallen for a prank, but, no: http://www.barnesandnoble.com/nook/index.asp

Yet Another Gem from XKCD

The mouseover text is "100 years later, this story remains terrifying--not because it's the local network block, but because the killer is still on IPv4."

The Pleasures of Blackboard

Blackboard is a course management tool used by many colleges and universities. It's feature rich, but very buggy, exhibits different bugs with different browsers, and has an atrociously bad user interface. I saw a new bug this morning, more amusing than most. When downloading grades from a class, I was presented with this dialog. Sorry, I can't read that file name. I realize this a deficiency on my part, but perhaps Blackboard should use a system-default language or something.

Ninth ACM SIGPLAN Erlang Workshop Baltimore

The Ninth ACM SIGPLAN Erlang Workshop will be held in Baltimore on Thursday 30 September 2010. This is in conjunction with the 15th ACM SIGPLAN International Conference on Functional Programming.

Back to Gnome

I had been using Xfce on one of my desktops for a few months. I like it better than Gnome in some respects, largely because it's less bloated. However, I was repeatedly frustrated by its inability to follow the mouse with the focus. I'm a "focus follows mouse" person, and multiple times a day I would move the mouse from one window to another, passing over an intermediate window, and the focus would stay with the intermediate window. So I'd start typing, thinking the input would go to the window under the mouse. But, alas, no, the focus had remained with a window the mouse had passed over. This sometimes had deleterious effects, and so I've returned to Gnome.

Outhousing E-mail Services

I'm dealing with an organization that has outhoused e-mail to outlook.com. Not surprisingly this site doesn't work with Firefox 3.6 and Ubuntu. I can log in to the account using Opera, but I have to tell Opera to identify itself as IE. There is no e-mail forwarding.

I understand outsourcing, and I understand an organization wanting to move this out of the local IT shop (though forcing people to get an account with Microsoft seems an egregious privacy violation). However, I don't understand why an organization would pick such a piss-poor provider.

HAL: "I'm sorry, Dave. I'm afraid I can't do that."

In a column written, ironically, in 2001, John Rose and Michael Huhns propose an adaptation of Asimov's Three Laws of Robotics for agents sent on a NASA mission. I reproduce the first two here:

• Principle 1: An agent shall not harm the mission through its actions or inactions.
• Principle 2: Except where it conflicts with Principle 1, an agent shall not harm the participants in the mission.

This essentially reproduces HAL, who was justified in killing its crew because it came to the conclusion that the crew jeopardized the mission.

Not a Football Blog

1) I'll bet the Ravens' fans won't be nice to Ben Roethlisberger when the Steelers visit on 12/5.This is assuming, of course, that Roethlisberger is with the Steelers come early December.

2) Reading the discussion at the USA Today, the nation's high school newspaper, it's interesting to see how many people are focused on the fact that Roethlisberger may not have committed a crime, and so should not be treated as a criminal. He's not being treated as a criminal. Athletes in this culture are coddled, and Roethlisberger is a prime example of that. Goodell has been trying to clean up the NFL's image, and letting Roethlisberger play, even though he may not be a rapist, is inconsistent with that. I grew up in a town where NCAA football players were thugs, and I applaud efforts to send signals that, perhaps, thuggery is not good.

3) What Roethlisberger has been accused of is much worse than the drug offenses that other players are being accused of. The NFL has looked into this in much more detail, e.g., Goodell has talked to the Milledgeville DA, and so he has more information than we do. My guess is that Goodell believes Roethlisberger's behavior was reprehensible even if not prosecutable, and Goodell is the person the NFL ownership has chosen to make these decisions.

The Truth about ACTA

Michael Geist speaks on ACTA.

I Sold My Soul to the Online Store

Apparently 7500 customers sold their souls to Gamestation, presumably at least in part because they didn't read the fine print that everyone knows that no one reads. The store says that they've shown that 88% of customers do not read the fine print. This may be about right, but if Amazon or someone like that were to change their terms and conditions, it would probably take me a long, long time to notice.

http://news.cnet.com/8301-17852_3-20002689-71.html

Mein Gott! Frankfurt has Cots!

Seeing these pictures of cots in the Frankfurt airport made me a bit jealous. Cots in an airport? Someone should suggest this to JFK, where many of us were stranded 3/13 - 3/15 last month. http://www.dailymail.co.uk/news/worldnews/article-1266406/Iceland-volcano-Fallout-ash-cloud-felt-world.html

I'll never again say bad things about Frankfurt Airport.

What, Pearson Learning Solutions can't figure out how to make a PDF?

Check out this atrocious user interface from Pearson: http://viewer.zmags.com/publication/8544872e#/8544872e/16

Easter Bunny?

Does anyone know if the Easter Bunny saw it's shadow Sunday? If so, it's another 6 weeks till Memorial Day.

Browsers

More and more I'm starting to use different browsers for different purposes. Opera is nice because it allows fine control over scripting on a per site basis. For example, at NFL.com, I can shut off most of the advertising but still use most of the site's features. I especially like this for Blackboard, however.

Blackboard is a commercial course management system. Essentially, it's bloatware loaded with features that I can't imagine many people use, but they persist because, apparently, someone uses each. One of the unfortunate features of Blackboard is that when entering data in a text area, it starts a Java application. Yes, an application, not an applet. For some inexplicable reason, Blackboard wants to run an application with full user privileges on my PC. This is even harder to understand, since disallowing execution seems to have no effect on Blackboard functionality. It's probably innocuous, but as a matter of policy, why subject all the data on my PC to Blackboard's whims and bugs? Plus, what, if anything, are the software folks at Blackboard thinking?

Firefox generates a warning, but doesn't remember negative decisions. It allows one to always trust a site, but not to always distrust a site. Strange.

Opera, though, now knows to never run Java at blackboard.umbc.edu. So far, this is causing no problems, and so Opera is now my browser of choice for Blackboard.

Private Data, Getters, Setters, and the Like

I'm not sure that I'm getting the rationale for class-level private declarations. Given that public "getters" and "setters" can access and even alter private data, what's the use of the private declaration in the first place?

Making data members private allows us to control access to them. First, most (probably) classes don't have setters and getters. Second, setters and getters can be instrumented so that accesses and changes can be tracked, logged, etc. This instrumentation can be useful for debugging. If a private field is getting set to a bad value, one just has to put debug code in the setter rather than hunting down every line that modifies the field.

Another reason, probably at least as important, is for maintenance, upgrades, etc. If I implement a structure with a private array today but later decide it should be a set or a list, I don't have to worry that the change will ripple through client code, breaking the installed base.

Finally, a class interface should have a specification, or a contract. If private data is being modified outside the class, it's not possible for the class to enforce the contract, and debugging the class spreads out from the class itself to the entire system. This complicates development and maintenance.

[suggested by a colleague an hour after I posted the above]
Setters can validate data, making sure it's in the correct range, consistent with other values, etc., before setting the field.

Matt Curtain Presentation on Open Source

Matt Curtain has an interesting little presentation on open source. He makes a few points concisely that I haven't seen expressed better anywhere. There's a considerable argument by analogy component, but it's stuff worth thinking about. There are also a few abbreviations with alternate definitions that I hadn't seen.

• OSF == Open Software Foundation == Oppose Sun Forever
• PC == Pee Cee
• An entire industry based on FUD.
• Science depends on peer review, and engineering is applied science.
• Gains of open source over closed source are the same as science over dogma.
• Experts can verify claims rather than accepting vendors' "trust us."

The slides.

Marketing Programming Languages

Finally we have excellence in marketing programming languages:



Also, HiPE is not just hype misspelled.

Clear.com Security FAQ

From clear.com: How secure is it?
Your CLEAR connection is very secure. Unlike WiFi, CLEAR technology uses a licensed 2.5 Ghz frequency and OFDM transmission protocol for a very secure connection.
The combination of licensed frequencies and OFDM technology provides a very secure connection.

This is a very strange statement, since neither the frequency nor how it's multiplexed have anything whatsoever to do with security. Their customer support says the link is encrypted, but the web site makes no mention of this.

ASUS CG5275

I recently bought an Asus CG5275 to replace a nonoperative HP Pavilion p6130f which I bought in October. Yet another piece of evidence that HP no longer produces quality electronics. The Asus is a good machine, but uses the new Intel Core i5 with integrated video, and until this week Ubuntu 9.10 didn't support the video, so that was dicey at first. Now that the video works and I've removed the poorly-conceived door covering the front USB ports, I'm happy with it, though the fans hum fairly loudly.

That door: I'm not the only one to remove it. Among other things, there are four USB ports behind the door. The two lower ones are inaccessible with the door in place, and the upper two are very difficult to get long USB sticks in and out of. So my choice was to remove the door or plug in a USB hub. Removing the door doesn't add to my electric bill.

Actually I'm not a fan of the doors in front of the CD/DVD drive and empty bay either, since they hide activity lights. HP does it too, and I think that's the way of the consumer electronics market: style is much more important than functionality.

Management is an 1850s Technology

"Management is an 18050s technology" -- Daniel Pink, WYPR's Midday with Dan Rodricks, 3/3/10.

In the same segment, Pink suggested that we call the bankers' bluff that without large bonuses they'd suffer huge turnover.

Spammers Protecting Selves from Spambots

It's pretty rich that a spammer such as DAMD would attempt to protect their e-mail addresses from spambots attempting to scrape their site, when it seems pretty likely that's how they pick up the e-mail addresses they spam.

DAMD, the International Conference on Data Analysis, Data Quality & Metadata Management, is following an annoying trend of other perhaps legitimate conferences of using mass mailings to publicize their events. DAMD is a bit different in that they don't provide an unsubscribe link, but, really, should one click unsubscribe links and confirm the spammers' success at reaching a victim? Usually not.

Naymz? No Thanks

I just received an invitation to join yet another social networking site, Naymz. I'm clearly facing a deadline here:
Please join my Professional Network on Naymz. Click here to view my invitation, which will expire in 30 days.

What is Naymz? Clearly a site run by people who can't spell. And they also have a weak grasp of English grammar. From their site:

Naymz is a powerful tool for any professional looking to advance their career to the next level. Our innovative professional networking platform allows people to find and discover new connections, opportunities, ideas, and information based on their backgrounds and reputations.

Since they don't even bother to make the description of their site grammatically-correct, I have to wonder how good their quality is throughout. Note for the puzzled: professional is singular; their is plural.

Admittedly I'm being a little hard on them, but is there anything the world needs less than a new social networking site?

Vietnam-Era Heroes

I just saw the new film about Daniel Ellsberg and I'd have to rank him at the top among heroic figures of the Vietnam era. He did, perhaps, more than any other person to end the war. Other heroic figures, IMHO, would include the Catonsville Nine, Noam Chomsky, and Howard Zinn.

Of course, any computer scientist could consider Chomsky a hero "simply" due to his contributions to linguistics. And perhaps I overrate the Catonsville Nine, having never heard of them before I moved to Catonsville. Or maybe I'm just too young.

What's the Buzz? Tell Me What's A-Happening

It turns out I wasn't the only one to have a strong, negative reaction to having Buzz suddenly thrust upon me, following people and having followers with no volition or discretion involved. CNET has a recent article about just this.

This is the first Comcast/Verizon-like lack of respect for users that I've seen from Google, or at least the first blatant case.

Xfce Focus Stealing

I configure the window manager for "focus follows mouse" rather than the Windows-like "click to focus." If the mouse pointer indicates where my attention is, why force an extra click? Ok, the real reason is that this is what I'm used to from SunOS and Solaris in the late '80s through the mid '90s. What I say below may not apply to the click to focus crowd--I just don't know.

Under the focus tab in Xfce 4.6.1's Window Manager Tweaks is an undocumented checkbox labeled "Honor standard ICCCM focus hint." At Xfce.org, the most recent documentation is for version 4.2, and 4.2 did not have this "feature." The ICCCM is a large document, and perhaps by investing considerable time one could figure out what ICCCM focus hints are, but I don't have that time. What I have noticed is that if I select both that and "activate focus stealing prevention," applications steal focus willy-nilly. I think most users who do a lot of typing, like, say, programmers, people who create documents, people who send e-mail, etc., will not want Xfce to honor ICCCM focus hints.

The other thing I noticed recently, being new to Xfce, is that the desktop is very, very sluggish compared to Gnome. This alone was bad enough that I considered going back to Gnome. However, last week, being forced to stay at home because of the snow, I noticed another window manager option, "Delay before window receives focus." I set this to zero, or as close to zero as it would let me, and all of a sudden the performance was fairly snappy. So the Xfce default is to give the illusion of poor performance, but eliminating that delay is a huge improvement.

I like Xfce as a window manager, but the documentation is in such bad shape that I cannot recommend it to others.

Disabling Google Buzz

Those of us who use Gmail recently got a surprise with a new "feature" called Buzz, a Facebook wannabee. A Gmail user can disable Buzz by deleting his or her profile. Unfortunately, the Buzz button still clutters the Gmail interface, so it's necessary to also go into the Labels tab in Gmail settings and hide Buzz.

Removing a menu item in Xfce4.6.1

I recently uninstalled gnumeric, but the menu entry didn't go away. Looking through various menu items, settings, configuration options, etc., didn't yield anything. The online documentation for xfce 4.6 has the helpful statement that there is no documentation, and refers us to the xfce 4.2 documentation. I noticed in the same place that there was a link to 4.4 documentation, but no dice--that also refers us to the 4.2 docs. Clearly documentation has been a continuing issue in xfce. The 4.2 documentation led me to a page of misinformation (maybe it was accurate in 4.2), http://www.xfce.org/documentation/4.2/manuals/xfdesktop. This page shows an image of an "Edit Desktop Menu" button in the desktop settings window. There is no such button in 4.6.

A little googling led me to a lot of people asking how to do it, some suggestions that didn't work, etc. This reminded me of trying to get OpenOffice to stop "helpfully" suggesting word completions and spreadsheet cell contents: many complaints about how stupid the default settings were, many complaints about how difficult it was to disable, but solutions were few and far between.

Finally, fed up with trying to figure out how to do it the right away, I removed /usr/share/applications/gnumeric.desktop (actually I moved it to a safe place just in case) and, voila, the gnumeric menu item was gone.

Xubuntu Glitch

This morning I opened an open office document by clicking on it in Thunar (xfce's file manager), and the formatting was all goofed up. Weird. I started to mess around with it, but quickly realized the save as menu was different as well, and then noticed I was in Abiword, not Open Office.

For some reason, Xubuntu, which is supposed to be stripped to mostly essentials, ships with Abiword, Gnumeric, and some other useless crap. I hadn't gotten around to uninstalling these, because the clutter they were adding to my Office menu was a minor inconvenience. But now they're gone, kind of.

Removing Gnumeric didn't remove it from the office menu, so I'll have to figure out how to remove it manually, which isn't an obviously simple task in xfce.

Palimpsest

I recently upgraded my laptop to Ubuntu 9.10, and tonight I noticed a new tool, palimpsest. In addition to being a great name (though I had to look it up), it's an interesting tool. It's now a default on Ubuntu 9.10, but not in Xubuntu 9.10. Install gnome-disk-utility to get it. Click above or here for a brief description.

Remembering SCO

In the '90s, when an assistant professor at Hood College, I was visited by representatives of SCO trying to convince me that we should be running SCO UNIX in our labs. When I mentioned Linux (we had a couple slackware servers and a number of Ultrix machines at the time) to them, they looked at each other as if encountering a tremendously naive user. They then proceeded to belittle Linux. Later while still at Hood and then in industry I had occasions to talk with SCO representatives, and they consistently dealt with Linux with belittling rather than rational argument, similar to the way Microsoft now spreads FUD when discussing open source, so consistently that I couldn't help but suspect this was how they were told to deal with Linux.

SCO was a fine product at the time, and at the heart of a number of voice servers installed by Microlog in my time with that company, but the sales reps were incapable of delineating advantages or disadvantages of SCO vs. Linux.

Now I have trouble seeing someone who went with Linux rather than SCO in the '90s as viewing that as a mistake. SCO may not be dead, but they're no longer relevant.

tcsh Update

Maybe I don't need to worry about changing shells too soon, if only because tcsh is the default shell for UMBC's Linux cluster, GL.




So it's not just me and the OSU of yesteryear, but also UMBC.

LinkedIn Not Worth it Anymore

LinkedIn has been of some value to me in terms of getting back in touch with former coworkers. But they've changed their authentication so that, instead of a login session lasting for the life of a browser process, it times out every day. So now I have to log in every single time I want to visit their site. It's ok with me that Amazon wants my password every time I place an order, but LinkedIn doesn't have my credit card numbers and so forth.

Am I going to delete my LinkedIn account? Not in the immediate future.

Am I going to bother to look at LinkedIn based on the "LinkedIn Network Updates" they send out every week or so? No--it's no longer worth my time.

Am I going to keep my profile up-to-date? Probably not.

Will I periodically visit LinkedIn when I think of a former colleague and wonder where he or she is? No, it's not worth the time.

tcsh

In my last post I mentioned that I use tcsh. This was a very popular shell on the Ohio State Computer Science Department's Sun 4 and SLC network ca. 1990. It's a supported package under Ubuntu, so it's clearly not dead, at least not entirely. How widely used is it these days? Here's the result from Google Trends:




Clearly the trend is downward. It was about five times as popular as a search term in early 2004 as now. The US ranks eighth in search frequency, and English fifth among languages. I suspect there will come a day when I need to try out a new shell.

sftp "Received message too long 1114795883"

A new semester starts in a few days and it's time to move stuff to the server, but, alas, I couldn't log in to the server. More specifically, ssh worked fine, but sftp failed. And it didn't just fail from my Ubuntu desktop, but from my XP netbook. Clearly it was a problem on the server, but I decided to do a little googling before opening a ticket and suggesting to the IT staff that something was screwed up. Besides, if sftp was broken on a university-wide basis, they probably already knew about it.

Google led here, which had a link to a post from a guy whose last name meshes well with my profile picture.

The problem could be that my .cshrc on the server was generating output that sftp didn't know to deal with. Another blogger somewhere gave a hint regarding what this was, and indeed the decimal 1114795883 in the error message was 0x42726f6b, or, in ASCII: "Brok'. Yes, something was broken, and 4 bytes was all that fit into the integer error message.

So I had to figure out why GL (the server, gl.umbc.edu) was generating extra characters. My default shell is tcsh, so the problem was most likely in the init file, .cshrc. I decided not to look at the system-wide .cshrc initially. I tossed some detritus from my .cshrc, and again failed to log in.

There was still a suspicious line, '/usr/bin/mesg n', at the beginning of the file. Why wasn't this inside the conditional that distinguished between interactive shells and others? I moved it into the conditional, and suddenly I was able to log in.

I had to chuckle. I added that line last semester when a student decided that if we were logged in on GL at the same time, he could chat with me. No. But I was clearly careless when I disabled write.

CyberMaryland Report

This is a Maryland state government report on cyber security, and worth a glance. There's a summary at http://tynt.com/3eQx, which also has a link to download the report as a PDF. Alternatively, one can use the execrable flash-based browsing interface at issu.com.

Rebooting Ubuntu

I miss the old, original behavior of ctrl-alt-del, rebooting the system. Once upon a time, kiddies, computers had front panels. Among the buttons on the front panel was a reset button. With the IBM PC and others of its early '80s ilk, the front panel was gone, and often there was no reset button, but there was the three finger salute.

At some point, Windows behavior was to invoke the task manager on a three finger salute rather than to do a system reset. Slackware and other early Linux distros did a reset, which effectively rebooted the system.

Why do I suddenly care? I'm running Ubuntu 9.10 on a 64-bit HP Pavilion desktop. Multiple times per week the system locks up, and ctrl-alt-del does nothing. The GNOME default is log out, but GNOME is locked up at this point. There's a configuration file, /etc/event.d/control-alt-delete, but so far as I can tell the contents of this file are irrelevant and have no effect on system behavior. So my recourse has been to hold the power button down long enough for an abrupt power down. I've been doing this, on average, multiple times per week, when really all I want to do is reboot.

I want my reset button.

Now it turns out that alt-sysreq-b does a reset. Now I just have to remember to try this the next time my system locks up.

Ubuntu: less impressive with every "upgrade."
Hewlett-Packard: less impressive on a year-by-year basis since the merger with Compaq. I guess I could start telling people I'm old enough to remember when HP sold quality products. I worked for a competitor in the telecom instruments segment, and HP was always considered a very worthy competitor. Their laser printers used to be good. Now it's all cheap junk.