What follows is the merchange review I wrote for the Yahoo store Moleskine US. There has been interest recently in the Weblogging community in the idea of a pocket notebooks as the ideal "analog PDA." I was, and am still, pleased with my traditional pocket Moleskine notebook, but I am now also wondering if there might be other manufacturers out there that build notebooks of a similar form factor but perhaps with different features, such as a place to insert a pen, thicker paper with less show-through, or other features.
I had a vague hope that Moleskine US would read the review, which was CC'ed to them, and decide to send me a set of the Cahier notebooks to replace the Volant line that I was dissatisfied with. Now that would be customer service. I'm not going to demand it from them, though, especially given that a set of the Volant notebooks places them only at about $2.00 each. There's a limit to what I can expect in the low-cost line.
Anyway... original review notes follow. Now all I need is some vacation time so that I can spend some afternoons in cafes or on a beach actually writing something in my Moleskine!
Moleskines are the best handheld notebooks for writers: they are the perfect size for a shirt or coat pocket, and use good paper with a binding that is stitched rather than just glued, so they will stay open as you hold them to write. They also have a built-in cloth bookmark and an elastic band to hold them shut. Theres a little expanding pocket in the back where I can stuff receipts and loose notes. These little touches give a strong impression of time-tested, practical quality.
I really like my traditional Moleskine notebook and will probably buy more of them in the future. I am extremely satisfied with the service, packaging, and shipping speed of Moleskine US. There are a couple of areas where I feel there is some room for improvement:
It would be nice if the web site would allow me to log in as a return customer, and keep my shipping and payment information on hand, so I dont have to re-enter it if I come back to buy something more later.
The paper exhibits a little bit more show-through than Id like, when I write on both sides with a Rapidograph (liquid ink pen). I am guessing a fountain pen would have a similar issue. I should probably try the sketchbook type, but that paper is thicker, which means either a fatter notebook or fewer pages, so there is a tradeoff.
I bought a set of three of the Volant notebooks as well as a Volant address book. Im disappointed to say that the quality doesn't match the traditional Moleskine notebooks. I knew that they would not have the the bookmark and elastic band, but I did not expect the paper to be of lower quality: it has a rougher feel, and absorbs more ink, with more show-through. The last 16 pages are micro-perforated and can be torn out. That feature doesnt really appeal to me. But the big problem is the cover material. My address book had a big crease on the frong cover where the plastic faux-leather material was not flat and properly glued to the backing. One of the others has bubbles.
I like the thinner form, and they are much less expensive per notebook than the traditional Moleskine, but I was just thinking that the Volant line might be better with plain cardboard covers. Lo and behold, today I discovered that Moleskine US is now offering the Cahier line, which seems to be just that, a Volant with a cardboard cover, and which also includes the pocket in back. I will try those next time. If they have the higher-quality paper, I'll declare them the perfect thin-format notebook to go with the traditional Moleskine.
[/root/geeky/life] permanent link
More MoleskinesI earlier wrote:
"I bought a set of three of the Volant notebooks as well as a Volant address book. Im disappointed to say that the quality doesn't match the traditional Moleskine notebooks..."
(In progress)
[/root/geeky/life] permanent link
Wed, 16 Feb 2005 Star Trek: Season OneStar Trek inspires love, ridicule, or a mixture of both, but most people have at least a passing familiarity with the long-running cultural phenomenon. I am certainly familiar with the original series, having watched it in reruns endlessly. I was born in 1967, just when season one was in full swing, but by the time I was old enough to watch them in reruns, the showswere frequently butchered to fit in extra commercials, hacking out key scenes and rendering the story incoherent. While I remember many of the episodes clearly, there are probably several that I simply never saw in reruns. My ten-year-old son has never seen any of the original series episodes.
So, we bought the first season on DVD. I've heard a lot of complaints about this package. Some are justified, in my view, and some are not.
Complaint number one is that the quality is poor and no restoration was done. This is patently false. All you need to do is compare the picture quality of the trailers (covered with scratches) with the quality of the restored episodes. There is a big difference. The episodes, shot on film, show almost no scratching or dirt.
Could the restoration have been better? I am not really qualified to say; I haven't seen the best available negative or print. The colors are vibrant, although they maintain the Star Trek palette, characteristic perhaps of the type of film used, and we can see detail in the costumes and makeup that I've never seen before.
This isn't always a good thing: I can better see the pancake makeup on Spock, and the low budget of the original becomes more apparent when scrutinized more closely -- for example, in "Charlie X," when Spock and Kirk are thrown against a wall, it is now painfully obvious that the wall is painted cardboard or plasterboard, because it develops a visible tear.
In some effects shots there is still graininess, matte lines, and the occasional bit of fiber or dirt on the plate. These things may have been present in the original effects shot, and (I am guessing) were not retouched much because it would be difficult to decide how to proceed and where to stop while still remaining the low-tech, film-grain character of the original. Too much digital tampering would be very expensive and could result in an effect that stood out like a sore thumb against the rest of the images. Fans are complaining about just this sort of tampering in George Lucas's THX-1138, as well as his repeated alterations to the Star Wars films. Star Trek was a product of 1960s-era film technology, and trying to make it look like 2005-era digital effects is to make it into something it is not. And here's a news flash, which should not really be news to anyone: the "look" of 2005 will also look very dated one day. The super-shiny "look" and audio production of the Next Generation already looks dated to me today.
I also have heard complaints about the encoding. To my eye and on my player, it is just fine. It looks much better to me, for example, than the Monk series DVD, where there are frequent image freezes.
Gripes about the packaging are completely justified. While the snap-open tricorder-style plastic case is cute, you have to carefully take out the brochure and remove the paper sleeve from the book-style DVD trays themselves. The DVDs snap very tightly into these trays, and there is the justifiable concern that the force needed to pry them out will tend to cause the holes to crack over time. Most recent DVD packages that I've seen have a central "button" you can press to help release the DVDs, reducing the force needed to remove and replace the disc.
Also, when you are done watching, you have to reassemble the whole thing, unless you decide to throw out the paper sleeve and/or the loose brochure (which does not fit well into the case anyway). Those loose paper parts will certainly get lost or torn with handling, but throwing them out will ruin the look of the case, in which you can see Kirk and Spock through a little window, and leave the top DVD open to dust. A much more robust solution was certainly possible while maintaining the clever plastic case, but Paramount apparently couldn't be bothered.
Is the price too high? I would say that it is too high, given the quality of the interior packaging, but would not be too high for the same same content, better packaged. Consider that you get twenty-nine episodes on eight DVDs. If you pace yourself, that's a lot of evenings of Star Trek. I have not yet watched the DVD extras and so can't really comment on them. Unlike the extras on, say, the Lord of the Rings Extended Editions, I doubt they will really add much appeal; fans are buying this set to watch the episodes, not the extras.
Some people complain about the order of the episodes. Paramount placed them on the DVDs in the order in which they were aired, which was not the order in which they were filmed, which can be deduced by looking at the "stardate." Watching them in this order apparently leads to some inconsistencies in costumes and casting; some think they should be viewed in stardate order. Well, obviously Paramount could not include them in both orders; they had to annoy either the airdate-order or stardate-order camps. They chose to include them in broadcast order, but the episodes are numbered in stardate order, so it is easy enough to rearrange them, if desired.
Some people will find anything to complain about. Is it worth ranting about the fact that the discs don't have a "play all" button? Are we so lazy that we can't even bother to manipulate the remote control in between episodes? Is it really necessary or healthy to watch four episodes back-to-back without interruption? In my day, I had to actually rewind the VCR, eject the casette, and put in a new one! Can you tell I think this is a trivial complaint?
Many people have complained that the complete pilot is not included. I think they overestimate the quality of the original pilot -- there is a reason that it never aired in its original form. It is, however, included on the third season DVD set, for completists. I am curious to see it. I'd love to see more of Captain Christopher Pike and Number One. I have also read the original pilot script, which was full of double entendres, and would like to see whether some of the wilder lines from the script are still present, such as the line in which Spock says "the human body is capable of generating a surprising amount of heat, depending on the skill of the operator." This was an apparently attempt to tweak the network censors, who were ever-present, and a constant challenge to the writers, in those days. Go, Spock!
Finally, there is the question of the original Star Trek episodes themselves. Fans of the modern, big-budget Trek shows should try to keep in mind that these shows were produced almost forty years ago. The ones who start to crow about the quality of Enterprise, or Deep Space Nine, or Voyager, or Next Generation, in comparison to the original series, should try to be a little more objective, and not just fixate on Star Trek as they first got to know and love it.
Star Trek has always had a very wide standard deviation of quality. There are episodes and moments of Next Generation and Voyager that are teeth-grindingly awful. Note also that just what constitutes "teeth-grindingly awful" varies widely from viewer to viewer, but to me it usually consists of having something absolutely ridiculous happen to the crew, such as the Next Generation episode "Genesis" in which the crew members "devolve" into primitive life forms. Then there is the endless reliance on the holodeck, which while it occasionally produced an intriguing episode, most often just enabled the use of an unoriginal story in a science-fiction context.
To my mind, the very best episodes often involve few or no extraneous special effects at all, and just showcase an intriguing and original story. For example, watch "Space Seed," which set up the story line used in the second Star Trek movie. And, usually, the best science fiction is about issues that a contemporary audience can relate to; not many of us today face turning into a walrus or spider monkey, but we may be concerned about the implications of genetic engineering. The wide variance in quality of Star Trek comes in part from the wide variety of writers who worked on the series.
The original series certainly has its moments of cheesiness, and it is easy to mock the overacting of Shatner and Kelley -- a style which, by the way, I think was actually very useful, in that it tended to keep one from looking too closely at the styrofoam rocks and papier-mache gadgets. It is easy to make fun of Kirk's expanding waistline, or his apparently magical ability to seduce women on every planet. But the show was also extremely groundbreaking, in terms of casting, of writing, of politics, and at least occasionally, of storytelling. It is easy to look back at the show with forty years of hindsight and comment on the blatant sexism, but this has to be set against, for example, the show's remarkably enlightened attitude towards race. And it is impossible to overstate the importance of Star Trek's role in inspiring many, many of today's scientists and engineers. I strongly doubt that I would have ever developed an early interest in computers without the influence of Star Trek.
To me, what the original series proves is that a lot of money is never enough to create a story worth watching, that stands the test of time. Did the millions of dollars spent on Next Generation or Voyager buy them a consistently good show? Of course not. Money can buy script doctors and special effects but it can't necessarily buy good ideas. Imagination, good writing, and a committment to storytelling will always triumph, and the original Star Trek is proof.
[/root/geeky/life] permanent link
Tue, 15 Feb 2005 Partitioning ToolsSo, it seems to be a dirty secret of managing mixed-boot configurations that the open-source partition management tools are terrible. I have tried them out periodically over the last ten years or so, and have expected to see improvement, as so many aspects of Linux have improved, but it has not really happened.
Case in point: Knoppix and qtparted. Let's say you have a typical partition-management problem like I did: you have a dual-boot system, and you haven't left enough room in your parititions, but there is a lot of unallocated space available on the drive itself. In my case I wanted to remove an unused FAT partition, and expand the first one, moving everything further down, then remove an unused ext3 partition and expand the existing ext3 partitions to take up that space.
With qtparted, you just can't do this. It doesn't really support the various operations necesssary to do this at all. It just isn't complete.
A die-hard Linux weenie would tell me to get on the ball and write a tool. After all, aren't most open-source projects the result of scratching a personal itch? Well, I suppose that technically I have the skills needed to work on such a project, but I'm aware of what I don't know, and writing code to rearrange partitions and directory structures at that level is something I can happily lead to other people.
In fact, because I have some idea of the difficulty involved, I'd be willinto to pay someone else to write a tool for this purpose. So, what about the commercial tools?
I tried Partition Magic, now owned by Symantec. It did not work at all either. Essentially, while it claims to support ext3 partitions, "support" here means that it will correctly identify and display them. It can't actually do anything with them, such as move or resize them. It also requires a floppy drive, and will crash if one isn't present in your computer. I demanded (and got) a refund for my online purchase, and happily deleted it from my computer. In my view, the marketing materials for this product are completely deceptive, and you should avoid it.
Paragon's Partition Manager, on the other hand, worked nearly flawlessly, and the $50 download also comes with a useful CD-burning tool. It deleted one FAT partition and resized another, deleted one ext3 partition and resized two more, and moved a swap partition. It even resized the whole extended partition, consolidating free space. It even did its resizing on the active partition I was running from, by rebooting and executing a script. Obviously, doing a tricky operation on the partition from which you have booted the computer is a potentially risky operation, but everything worked perfectly afterwards, including my dual boot involving both the NT boot manager and GRUB.
I did see one crash while examining a partition's contents, but this had no lasting effect.
There's the old saying that Linux is free only if your time isn't. I could have reinstalled both Windows 2000 and Linux from scratch, remaking all my partitions and then restoring all my software from backup or from installation disks. Taking into account the time needed to download all the Windows 2000 and Fedora updates, that probably would have taken at least a day. Instead, I have a tool that did all this rearranging in perhaps thirty minutes. Better still, I know that if I need to rearrange some partitions in the future, this tool will do it for me painlessly. I'm very impressed and highly recommend Paragon's Partition Manager for all dual-boot Linux weenies who may need to rearrange partitions.
[/root/geeky/life] permanent link
Wed, 28 Jul 2004 My Calculator and I are Feeling ObsoleteI've been cleaning out my posessions and auctioning them off in preparation for a possible move. Among the things I've gotten rid of: a Radio Shack TRS-80 Model 100, two recent TI calculators (a TI-89 and a TI-83 silver edition), a Chapman Grand Stick, a broken original Newton MessagePad, a lot of miscellaneous audio and DJ gear, several ancient Macintosh computers, years and years of Wired and Mondo 2000 magazines, all my vinyl records including some rarities such as REM's first album Chronic Town, Should Have Been Greatest Hits by the Tourists (Annie Lennox and Dave Stewart with a band before they became Eurythmics), all of Thomas Dolby's vinyl albums and EPs including the European version of The Golden Age of Wireless containing the tracks "Leipzig" and "Urges," singles and albums by some of his friends and collaborators including Lene Lovich and Adele Bertei, Torch Song's Prepare to Energize EP (used in some early Orb tracks), all my commercially-recorded VHS tapes, and hundreds of books.
Today I attempted to fix one of my oldest posessions: a Radio Shack calculator circa approximately 1982, with a green LCD screen, labeled "Radio Shack LCD Scientific." I got this for (approximately) my 15th birthday. It would have been expensive back then; perhaps $40 or more. It was a gift from my mother. I didn't know much about the scientific functions it provided, but I spent a lot of time trying to understand them anyway. I was not able to find much information about this model, save that it seems to be a re-branded Casio fx-80.
I have already repaired this unit once, when a set of leaking batteries ate up the clips in the battery compartment and I had to clean that out and re-solder the wires connecting the battery clips to the circuit board. Today I tried to put new batteries in it but could not get a peep out of it; I re-tinned the wires and soldered them to the clips again, and used a pink eraser to clean the contacts on the on/off switch; nothing. The batteries overheated and began to melt, so something is either shorting completely or acting as a resistor. The chip might be fried. In any case, it needs more help than I can give it.
I'm feeling very reluctant, though, to toss it out. The prospect fills me with a deep sadness. This calculator has never had button problems like the new HP models. The on- off switch operates with a satisfying "click." There's no contrast adjustment for the yellow-green screen; it is always right. The paint and buttons are subtly tinted to look compatible with the screen color. The buttons sit on a very readable aluminum faceplate. The case is slightly wedge-shaped, so that it angles slightly towards you as it sits on your desk. The buttons come in two different sizes, so that the grid of scientific functions don't seem to visually overwhelm the numbers and basic functions, and the scientific functions are laid out with an eye towards relative frequency of use.
I remember being attracted back then (at the age of fifteen) to the subtlety and beauty of the design, although I did not have the language of HCI and the subsequent years of experience evaluating and creating user interfaces. I guess people don't really change that much.
The fx-80, also known as the Radio Shack EC-498, is a non-programmable scientific calculator. It supports the usual transcendental functions. It does degree-minute-second calculations; it handles polar coordinates; it even does basic stats, using a separate mode and an additional set of registers, even though it only has two or three memories. The designers came up with a very clever and subtle scheme to support multiple modes of behavior and hidden functions; it is mnemonic, and so effective that I can remember pretty much how it worked, over twenty years later. I will describe the user interface on my Wiki here.
Even though it is only an 8-digit calculator with a rather limited features set, I have a strong impulse to keep this one and auction off my TI-86. If only I could get it working. The TI can no doubt do degree-minute-second calculations, stats, and polar coordinates too; I just have no idea how to find that function without rummaging in the manual. And I read the manual at one point. When I push "stat" on the TI, it throws me into a bunch of nested sub-menus. The manual is long lost. I have the option of using the PDF manual available on TI's web site, but somehow using a computer to figure out how to use a calculator seems like overkill.
I feel like the TI is an imposter, the Johnny-come-lately trying to humiliate the real calculator with its wads of RAM and menus and graphing abilities. But I'm not fooled. The antique is cool. The TI is just a hunk of rather ugly black plastic. Instead of serving as a useful calculator, it is really a slow and watered-down version of Mathematica. I own a copy of Mathematica; it is a great program, fantastically powerful. But if I wanted Mathematica, I would use Mathematica.
I will probably keep the TI, but I will miss my old calculator. I'd really like to get my hands on a functional fx-80, either marked with the Radio Shack logo or not. A whole pile of fx-82 variants followed the fx-80, but they didn't necessarily get better... just gratuitously different, and uglier. See a gallery here.
Look at Casio's calculators today, such as the FX-260 solar: they've dark gray plastic, and the same yellow and blue colors that TI uses for labeling. Nearly every key has extra labels. The subtle cueing for the inverse functions is gone: for example, the sine key now has "sin" on the key and "sin^-1" directly above it, like the TI. It embraces redundancy. Some of the original is still present, but the larding on of new features has required basic scientific functions to be demoted to shifted number keys. There is extraneous writing under the display, where it will catch your eye every time you move your eyes from the screen to the keys, and also some kind of color-coded legend describing the modes: a built-in cheat-sheet. A good design would render such a thing unnecessary, obviously. It is even uglier than the TI design. I'm sure it is much more powerful than the original, but I will miss the clean brushed-metal design of the original fx-80.
I try not to get attached to my material things. I know it all goes the way of all flesh. But sometimes it is hard. I was unhappy to have to toss out a skipping CD player from 1990 and a VCR from 1993. Ten years of service, or even twenty, doesn't seem quite enough at my age. I understand the economic reasons for planned obsolescence; I just don't like them. The calculator hasn't worn out; it is hardly even scratched. But the innards were not built to last or to repair.
Twenty years goes by pretty quickly. I hear the mechanical Curta calculators still work really well. Some of them were produced in 1947. And don't get me started on slide rules. How many of you have even held one, much less used one?
Now, a computer is obsolete in three, two, or even one year. My PowerBook G4, purchased in 2000, is on its last legs already. I've replaced various parts including the power manager board, power adapter, and built-in backup battery; it hasn't worked right since it went out of warranty. Only adding loads of RAM has kept it able to run recent OSes at all.
After my VCR and another loaner VCR both stopped working (and I did my best to fix them; I got the loaner working again for a while, but something else failed), I went on a search for another VCR. I was looking for one that would last ten years or more, like my last one. It seems that such a thing does not exist anymore: that is, no matter how much you are willing to pay, no one builds a solidly-built VCR that can be repaired.
So, I finally broke down and bought a DVD player. I tried to pick one that received good reviews. It is pretty, but it feels flimsy, and most of the features are only accessible from the remote control. Does anyone believe it will still be operating in ten years?
[/root/geeky/life] permanent link
Fri, 19 Sep 2003 Windows Eats the InternetI came into work today and started checking my e-mail. The MacOS X Mail client began downloading messages. It is still doing so. I had almost 200 new messages (on a typical day, including mailing list traffic, I might normally have 50 brief text-only messages which download quite rapidly). My mailer has been synchronizing for over an hour, and more mail seems to be pouring in, almost faster than it can be downloaded.
But the big fun is that most of them are garbage generated by worms and viruses running on Windows systems. The messages are coming in bursts, but during some of the bursts I'm getting one or more message per minute. And it has been going on around the clock. So far, I've received almost 170 copies of Microsoft worms.
I'm glad to see that Microsoft's Secure Computing Initiative is showing positive results.
This is having real consequences: I've got real content I've got to get at in my mail: some code built by a contractor I'm supervising, messages from another development team which I can't get to, and messages on developer mailing lists that may have solutions to some of the latest difficulties I'm encountering in my coding. I can only imagine how much worse this would be if my machine was a Windows box actually executing the worm while I was trying to get things done.
Now my mail server is being choked alive, and Most of these messages are allegedly from "Security Division," "Inet Email Service," "Net Service," "MS Technical Bulletin," "MS Net Mail Service," "Microsoft Corporation Technical Services," "MS Network Security Section," "Admin," "postmaster," "Security Center," "Microsoft Inet Message Storage System," "Microsoft Corporation Technical Support," "MS Corporation Network Security Division," "Inet Service," "Microsoft," "MS Technical Assistance," "Storage System," "email storage system," "Network Email Storage Service," et cetera.
Subjects include "Current Network Update," "Last Net Security Upgrade," "Failure Notice," "Abort Letter," "Notice," "Critical Pack," "Network Upgrade," "Undelivered Mail," "error letter," "Bug Message," "New Microsoft Critical Patch," and "Report." Some have a blank subject. There are two general themes: fake patches, and fake bounce messages.
They all have attachments. Of course, I'm receiving them on a system with a completely different processor, so they won't run on my machine. My disk usage for e-mail on DreamHost has gone from about ten megabytes to about seventy. The server is wallowing like a water buffalo under the weight of all this spam. (It is not technically spam, given that it is not exactly unsolicited commercial email; it's also harder to figure out who to blame for it, since most messages are likely coming from infected machines whose owners do not realize that they are infected).
I've also got one message that includes at least 300 email addresses and appears to be an advertisement for an anti-virus service written in Italian. A nice effort from a member of the Coalition of the Bullied, but better luck next time, guys.
Anyway, what can we deduce from the attachment? First of all, if you're running on machine and seeing similar mail: DO NOT EXECUTE THESE ATTACHMENTS. If the message contains web page links, DO NOT CLICK ON THEM. Don't try to analyze the attachment like I'm about to; you're likely to wind up installing the worm on your computer. I'm an expert. This is a Mac. Don't try this at home.
So what is this crap?
Running "strings" over the binary executable yields some interesting results: it was written with Microsoft Visual C++. It contains the names of a lot of executables: "anti-trojan," "bootwarn," "findviru," "lockdown2000," "safeweb," and "regedit." It also contains the following:
HEAD %s
RCPT TO: <%s>
QUIT
DATA
MAIL FROM: <%s>
HELO %s
These are the phrases used to communicate with an SMTP mail server. So, this executable is designed to send mail. It also contains a template e-mail message:
Content-Transfer-Encoding: base64
Content-Disposition: attachment
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
Copyright %i Microsoft Corporation.
(Hint: the mail does not come from Microsoft), and a whole bunch of stock phrases presumably assembled at random to generate subjects and "From" lines:
Microsoft
Support
Assistance
Services
Bulletin
Customer
Public
Technical
Center
Department
Section
Division
Security
Network
Internet
Program
Corporation
Microsoft
And here are the strings which will generate some of the "Subject" lines:
Notice
Report
Announcement
Advice
Letter
Failure
Abort
Error
Bug
User unknown
Mailer
Sender
Returned To
Message
Mail
Undelivered
Undeliverable
Returned
System
Service
Delivery
Storage
Mail
Message
Email
Inet
Postmaster
Administrator
Admin
Then there are these strings:
Virus Generator
Magic Mushrooms Growing
Cooking with Cannabis
Hallucinogenic Screensaver
My naked sister
XXX Pictures
Sick Joke
XXX Video
XP update
Emulator PS2
XboX Emulator
HardPorn
Jenna Jameson
10.000 Serials
Hotmail hacker
Yahoo hacker
AOL hacker
(Who is Jenna Jameson? I feel I should know.) It turns out these are used to give filenames to the trojan when it is propagated by file-sharing. There's a lot more in here, but you get the idea.
CERT says:
W32/Swen.A Worm added September 19
The CERT/CC has received reports of a new mass-emailing worm, referred to as "W32/Swen.A" or "W32/Gibe.F". This worm is similar to W32/Gibe.B in function. The worm has been reported to propagate through email, network shares, and file-sharing networks such as KaZaA and IRC. It arrives as an attachment.
The subject, body, and From: address vary, but often claim to be a Microsoft Internet Explorer Update or a delivery failure notice from qmail. Upon opening the attachment, the worm attempts to mail itself to all e-mail addresses it finds on the system. Additionally, this worm attempts to terminate numerous security product processes on the system.
So, what is this all about? It's about poor propagation of security patches, poor code, and what is largely a sotware monoculture. It's about a software monopoly which is complacent even in the face of the beginnings of public outrage over its insecurity.
There are people out there who would like you to believe that all operating
systems are created equal and, thus, equally insecure. Vance Gloster on the
Stickwire mailing list wrote recently:
In the bad old days, about 4 years ago, Microsoft was very irresponsible about security. While the folks at Sun who created Java were thinking hard about security with Java applets, the folks at Microsoft ignored security concerns in creating the ActiveX infrastructure. As they had been trained to evaluate issues, the Microsoft folks said, "security does not increase revenue", and they dismissed it as irrelevant to what they were doing.
Bill Gates, though, saw that poor security could erode their user base like nothing else, and in January of 2002 he sent a memo to all of Microsoft telling them security had become their highest priority. You can read his memo at:
http://news.com.com/2009-1001-817210.html
Since then they have done a much better job at plugging security holes. Virtually every big hacker invasion (that did not depend on email attachments) exploited a hole that Microsoft had already fixed. Microsoft's Windows Update system makes it easy to update your machine.
Let's look at this claim: I have a clean XP Home box from Dell here that had never been patched since purchased (perhaps a year go). I went to patch it. I found that Microsoft's site identified over SEVENTY patches!
Needless to say, it took the better part of a work day to decide which ones to install, download them, install, and reboot three or four times, then navigate back to the site each time. Microsoft throws everything into the "patch" system: documentation updates, adware, spyware, "security" in the form of added DRM.
Vance goes on:
So does Microsoft really just write terrible code, and that is the problem? Maybe, but so does everyone else.
To which I replied:
Well, yes, all code must be assumed to be buggy and security-hole-ridden until proven otherwise. And unfortunately there is no way to "prove" otherwise except to gradually gain confidence in a code base that has been tested "the hard way" over the years. But Microsoft does seem to have an amazing culture of prima donna hacking and premature optimization. Read the war strories of some of Microsoft's programming management (Steve McConnell writes quite openly about Microsoft's programming culture).
Vance continued:
In reality, even very smart programmers make errors that can be exploited. Until we get better at testing for these things, software, whether on a Mac or on Linux or on Windows (or even on your souped-up Commodore 64), will have vulnerabilities. About all you can ask for is for the authors to be responsive in creating updates. The open source community, with a few exceptions, has been very responsive, as has Microsoft over the last year or so. Apple has not been as aggressive about doing updates, but they argue that their users have had few problems. This is what Microsoft was saying several years ago. If you are interested in Apple security updates you can find them at the address below. There is a new one as of about a week ago for OSX.
But this is misleading. Apple has not been "aggressive" about releasing updates, but this is because they have not had as many security holes to fix. As security holes are uncovered in the underlying Darwin OS components, many of which are quite arcane and have never led to exploits, Apple has been quite decent about releasing patches. In my reply I wrote:
Yes, MacOS X is based on BSD UNIX, but this is really a blessing in disguise: BSD has been around a lot longer than Windows 3.X/9X/200X/XX and, being open-source, has had the benefit of decades of hackers competing with each other to find security holes and bugs. When security holes are found in the BSD layer Apple is aggressive about patching them.
...
Apple's culture is not Microsoft's. Apple, being the one with the small market share who must prove themselves and can't resort to monopolistic practices, simply can't afford Microsoft's arrogance and carelessness with its customers. Apple doesn't "argue" that their users have had few security problems. MacOS X, formerly OpenSTEP, formerly NEXTStep, aka BSD UNIX, with a dash of Mach, has a reliability record that no commercial OS except perhaps Solaris (System V) can aspire to.
Apple's core OS is open source; I have the source on my machine. Most of it is BSD (with a 20-year-plus pedigree).
I've seen Windows boxes compromised at every place I've worked; in practice, having a Windows server on a network is generally a security disaster. I've had Linux boxes rooted as well.
Having an OSX box rooted is astonishingly rare. It's like a Sun vulnerability. It happens, but not often. BSD servers have a record for reliability that even Linux boxes can't match. MacOS X comes set up with reasonable security out of the box: no FTP, no Telnet (something Linux distributions are only recently beginning to try). By contrast, an XP box on the network is a promiscuous whore begging to be hacked: services running all over the place, ports open left and right, many which can't even be turned off. (And Lord knows, we're trying; 99% of the disturbing activity we track on our network is coming from our XP boxes. I know this because we've got a consulting investigating strange activities on our network, reading TCP/IP dump files and trying to figure out why our network constantly behaves as if under a denial-of-service attack. What he's found is that it correlates very well with spyware, file-sharing trojans, and Windows XP shenanigans).
Apple's built-in software update also works much better in practice. It notifies you of patches, and there are a small number of them (less than one a month). It's much less onerous. And they don't try to blame all the security flaws in the OS on the end-user's failure to spend half his or her working day trying to keep up with a bewildering array of patches.
It's doubly ironic today that I'm being inundated with fake security patches. Apple has heard and taken to heart the story of the OS Vendor Who Cried Wolf, while Microsoft blames the customer and inundates us with irrelevant patches.
To be fair, there isn't much that Microsoft can do if users download and install trojan horses, or happily bypass warnings to run executables they received in incoming email messages.
Now the worm writers are exploiting the very lassitude, hopelessness, and blind trust that this approach has engendered in its users, and it isn't a pretty picture.
So. Want to fix the security holes in your Microsoft system? Unplug it. Want to make the internet a healthier place? Run another operating system. It doesn't have to be MacOS X, but that would be a good choice. A recent BSD release would do you just fine, or Linux if you wish. And you might find that you learn something and save money at the same time.
UPDATE: The Register has a great piece here that talks about the meme that "if Linux or MacOS was as widely used as Windows, there would be just as many viruses written for those platforms." It just isn't true; Windows has unique qualities that make it inherently insecure, and this isn't just anti-Microsoft propaganda; the design and default configuration of the Windows OS make it so. See http://www.theregister.co.uk/content/56/33226.html.
[/root/geeky/life] permanent link
Mon, 01 Sep 2003 Apple LCD Monitor PricesLet's imagine for a moment that I had the money to order a brand-spanking-new G5 system from Apple and assume that I wanted to get some Apple LCD screens. (Yes, I know 3rd-party LCD screens are much cheaper, but I also notice that the cheap ones don't have digital video input, which somewhat reduces the actual image quality I get out of them). Today the prices on the Apple displays are as follows, at least when I spec them together with a computer:
17" screen: $699
20" screen: $1299
23" screen: $1999
Now, the Apple 23" screen is certainly beautiful. It gives you a lot more real estate. Let's assume for a moment that screen real estate is fungible: that is, that I don't care about the exact dot pitch, that I want as many pixels as possible, and that it does not matter to me if they are all on one screen, or two... or even three. In this scenario, does it make any sense to buy the 23" screen? Or even the 20" screen?
The answer is no. The 17" has a native resolution of 1280 by 1024; the 20", 1680 by 1050; the 23", 1920 by 1200. We can calculate a cost-per-pixel ratio. Rounding the prices to the nearest dollar, the cost per pixel is about 0.053 cents for the 17" screen. It goes up to about 0.087 cents per pixel for the 23" screen. (When you consider that the 23" screen has about 2.3 million pixels, the cost doesn't seem quite so ridiculous).
If pixels cost the same on all three screens, the 20" screen would cost about $940 and the 23" would cost about $1230. If the high-end screen prices come down to or below these points, it would make sense to buy them. (Of course, by the time this happens, one might assume the 17" screen will cost less as well). And of course there is some fixed overhead per unit: the power supply, the backlight, the casing, the cost of packaging and manufacturing.
For now, for my needs, it would make better sense to buy two 17" screens. That would give me about 2.6 million pixels, more than the number of pixels available on the 23" screen, at a cost of $1400, or 70% of the cost of the 23" screen. I don't truly have a need to view large layouts on a single monitor the way a graphic designer or digital photographer might, but as a developer, I like to have multiple source files open at once, along with, perhaps, several terminal windows, a project view, and a source-level debugger. Sticking two monitors next to each other is good enough.
Of course, this does not take into account the minor thrill of watching a DVD on a 23" flat panel. Were money no object, I'd consider two 23" screens. But this is all pretty much a speculative exercise to begin with, and if I speculate more realistically, I'll be a bit less disappointed!
[/root/geeky/life] permanent link
You are here: root :: geeky :: life You are viewing entries 8 to 14 of 18. previous 7 next 4
