November 29, 2002
Nuclear Winter? More Like Global Warming

The goal of a proprietary software company is to increase profit margins. An IT department strives to deliver needed services as inexpensively as possible. Those two goals are diametrically opposed to one another.

November 27, 2002
JavaScript Calendar Date Picker

Date Picker provides a pop-up calendar in a dynamically populated DIV. It combines the original date-picker script by Kedar R. Bhave and the overlib library by Erik Bosrup. This method is an improvement over using a pop-up window, since so many people are installing software to suppress the annoying pop-up windows generating for advertising.

JavaScript Date Menu

This JavaScript uses the Date function to dynamically generate accurate dates for the pull-down menus. Each time the user selects a year or month, JavaScript gets the correct number of days in that month and updates the pull down menu. The script is Y2K compliant and also works for leap years.

Got paper?

The crisis began on a Wednesday afternoon, Nov. 13, and lasted nearly four days. Before it was over, the hospital would revert to the paper systems that governed patient care in the 1970s, in some cases reverting to forms printed ''Beth Israel Hospital,'' from before its 1996 merger. Hundreds of employees, from lab technicians to chief executive officer Paul Levy, would work overtime running a quarter-million sheets of paper from one end of the campus to the other.

And hospitals across the country - not to mention investment banks, insurance companies and every other business that relies on a constantly accessible stream of quickly-changing information - would get a scary reminder of how dependent they are on their networks, and what would happen if they disappeared.

Funniest thing I've seen in a while

Bill is the owner of a powerful software company known for its monopolistic and predatory business practices, not to mention ruthless extermination of competitors. Now Bill has ported his market-dominant operating system to the Mac in an attempt to wipe out the last remaining obstacle between him and COMPLETE WORLD DOMINATION!

Bill will attempt to replace the MacOS system on the world's various Macs with his own twisted derivative. Only YOU and your trusty CHAINSAW can prevent Bill from achieving his megalomaniac goal.

November 26, 2002
Microsoft targets defectors with discounts

Microsoft said it plans to offer smaller companies a more lenient licensing plan intended to stem defections to Linux or other open-source software.

No matter how you slice it... you are always better off not doing what MS wants, when they want.

Those who told them "no" get a deal now... the rest, screwed.

Carpentry and consulting

A couple of years ago, when I decided to strike out on my own and form a product company, rather than the consulting work I'd been doing for more than a decade, I tried to explain it to my father in terms of an analogy.

If you hire a contractor... please read this!

A growing collection of tips for XML developers

Find an XML tip to help you work faster or smarter in this growing dW XML zone collection. Look for a new tip each week on some aspect of XML development, from XSLT to the DOM. All tips include sample code to adapt and reuse.

IT@School Project - choice of software and syllabus

We, the undersigned, have recently come across what the government calls the IT@SCHOOL project. We are extremely happy and fully endorse the objectives and intention behind the scheme, in so far as the government has made it possible to bring IT education to even very poor students in our State, at a nominal cost. We are very much proud of our government in that our government is one of the few governments in the world which has made it possible to bring IT education to the masses at a very nominal cost as envisaged in the IT@SCHOOL scheme.

However, we submit that implementation of the scheme as it is would harm the long term interests of our State, the general public and the Country. There would be very serious violation of our citizens' basic legal and constitutional rights. We understand that the government has made a few changes within the past few weeks to the syllabus and textbooks. But, we submit that the changes do not go far enough to redress the real issues involved in the matter. We wish, by this letter, to bring to your kind attention, the following issues and request you to remedy them without further delay.

This should be required reading for EVERYONE deailing with education.

The spy inside your home computer

Your home computer is a pretty dumb device that usually does what it is told. But with the right help this mute machine can become disturbingly "talkative".

So-called "parasite programs" are logging what you do online and, like a nest of busy gossips, sharing the information with anyone who will pay to listen.


The easiest way to avoid parasite programs, he says, is to stop using Internet Explorer because it is targeted by many of the adware and spyware companies.

November 25, 2002
MySQL on Mac OS X

MySQL has become one of the most popular databases for Web applications. The database is well suited for common Web-related tasks like content management, and for implementing Web features like discussion boards and guestbooks. For a time, some developers avoided MySQL for commercial applications because it did not implement certain features, such as transactions. But this is no longer the case, and MySQL is a great choice for just about any Web-based application.

In this article I'll give you an overview of MySQL's features and drawbacks, show you how to install MySQL on Mac OS X, and introduce you to some of MySQL's notable technical aspects.

RIAA orders US Navy to surrender

In a timely reminder of who's really in charge here, the Recording Industry Association of America (RIAA) has mounted a daring raid on the US Navy.

Acting unilaterally at the behest of the RIAA, Navy officials confiscated 100 computers on suspicion of harboring illegally downloaded MP3s, The Capital, an Annapolis, MD daily reports. A Naval official quoted confirms the raid, adding that punishment ranges from "court martial to loss of leave and other restrictions".

For the RIAA, there are no half measures: you're either with them, or against them. So even if you're risking having your ass blown off for your country, there's no mercy.

And, of course, this is all fine with the commander in chief...

Wired News: Is Microsoft Truly 'Trustworthy'?

Be afraid. Microsoft thinks it knows what's best for you.

Microsoft Senior Vice President Craig Mundie recently suggested that in the name of security, it may be appropriate to force you to install Microsoft patches or updates, and if that breaks your existing applications, well, it's for your own good.

Why you should buy an Apple this Christmas

Both the adders and the switchers I've talked to were actually comfortable with Windows but grew tired of fighting with their computers on a regular basis. Many cited mysterious problems that cropped up on their Windows machines and never seemed to get solved because finding answers was such an ordeal.

Others chose Apple because they fell in love with the apps that come free with the machines. iMovie, iDVD, and iPhoto all have their fans, as does iTunes, which works with the iPod for synchronization and playback of an MP3 collection.

Another big group didn't have any one particular reason for choosing a Mac, but summarized it much as I did at the end of my "Month(s) of a Mac" series. These people, like me, found they spent more time creating on a Mac and less time thinking about the computer itself.

November 23, 2002
The disaster of success

IT'S AMAZING. Businesses work so hard to become the top dog. They become the leaders in their fields. And then the unthinkable happens: In a jealous effort to guard their position, they lock themselves out of new business and technological paradigms, sealing their fate. In their fervor to protect their position, they destroy it. And new, unfettered business models rise into prominence.

November 22, 2002
Coding guidelines

I've been looking at long lists of coding guidelines in other places, and it got me to thinking about my own rules of thumb for coding. I think of them as a list of short thoughts to get me in the right frame of mind to code.

Perl Programming guidelines/rules

I am composing some house rules/guidlines for our CGI programmers. Whilst some may be specific to our shop the idea is to promote good maintainable programming for a team environment. Hopefully this list will set the standards for our code reviews without cramping style to much. I'd appreciate any comments or input from anybody else who has written similar guidlines. I think some security focused rules may make good additions

Encrypted NFS with OpenSSH and Linux

NFS is a widely deployed, mature, and understood protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted, hosts and users cannot be easily authenticated, and its difficulty in firewalling. This article provides a solution to most of these problems for Linux clients and servers. These principles may also be applied to any UNIX server with ssh installed. This article assumes basic knowledge of NFS and firewalling for Linux.

Canada PM: Bush not 'a moron'

"He [Bush] is a friend of mine, he is not a moron at all," Chretien told reporters in Prague, where he was attending a NATO summit to discuss expanding the alliance.

Perhaps the problem is that you are a moron too?

E-mail as a System Console. Part I

Have you ever been sitting around at work and wished you could execute a command on your home Linux system to find some information? I have and I bet you could find lots of reasons why you would want to do this as well. E-mail is simple, yet powerful. But can it be used as a console to your home Linux system? You bet! I use it all the time.

Mac User Finally Just Up And Smacks Someone

In an incident alternately described as "disturbing" and "cathartic", Mac user Tom Saenz, a help desk analyst at San Francisco-based bank, finally up and smacked a co-worker in the midst of an anti-Macintosh screed.

According to witnesses, Saenz calmly leaned across a conference room table and delivered an open-handed slap across the face to desktop support analyst John Wallace.

28-year-old Saenz, said simply "I had heard enough."

"I've kind of made a reputation for myself here as the Mac guy," he said, "and that's made me a target of all these clowns stumbling over each other to see who can be Microsoft's biggest bitch."

A question of trust

So what are we to make of two stories which appeared within hours of each other on Thursday. The first was of a new research project from Microsoft that will - so it claims - create a 'back-up brain' that will store and catalogue all aspects of a person's digital life.

The second warned any and all users of the Windows operating system earlier than Windows XP that a serious security hole in Internet Explorer left their computers open to any hacker or script kiddie who felt like breaking into random PCs over the internet.

A question of trust

So what are we to make of two stories which appeared within hours of each other on Thursday. The first was of a new research project from Microsoft that will - so it claims - create a 'back-up brain' that will store and catalogue all aspects of a person's digital life.

The second warned any and all users of the Windows operating system earlier than Windows XP that a serious security hole in Internet Explorer left their computers open to any hacker or script kiddie who felt like breaking into random PCs over the internet.

The Tanenbaum-Torvalds Debate

What follows in this appendix are what are known in the community as the Tanenbaum/Linus "Linux is obsolete" debates. Andrew Tanenbaum is a well-respected researcher who has made a very good living thinking about operating systems and OS design. In early 1992, noticing the way that the Linux discussion had taken over the discussion in comp.os.minix, he decided it was time to comment on Linux.

November 21, 2002
ACM Classic: Reflections on Trusting Trust

The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.

This is a very good article that should be mandatory reading by everyone!

Even if you can't read code... you should be able to follow the description.

By the way, this is the Ken Thompson, one of the fathers of UNIX.

MS paper touts Unix in Hotmail's Win2k switch

An older MS internal whitepaper from August 2000 on switching Hotmail, which MS acquired in 1997, from front-end servers running FreeBSD and back-end database servers running Solaris to a whole farm running Win2K, reads like a veritable sales brochure for UNIX, but concludes that the company ought to set the right example by ensuring that each division "should eat its own dogfood."

The whitepaper, by MS Windows 2000 Server Product Group member David Brooks, has been posted on the Web by Security Office, which says it discovered the item and numerous other confidential MS documents on a poorly protected server. There are a number of other fascinating documents posted, in which the careful reader will find a veritable treasure map for hacking the citadel, but the one I enjoyed best was the comparison between Win2K and UNIX.

Another Critical Microsoft Hole

"Not was enough that recent vulnerability in IE that can run any program in an unpatched windows system. Now there is another related to an ActiveX control that can make IE and IIS to run any code in the system. The Microsoft solution? kill the related ActiveX control and replace it with a safe one. The Microsoft problem? As this control is Microsoft signed, any site can require it, upload it and replace the "good" one with the vulnerable one. The final recomendation from Microsoft? Don't trust/run ActiveX controls signed by Microsoft." Gimble points to the appropriate locations on Microsoft's website: "Another buffer overrun (that allows arbitrary code to be run) has been admitted to by MS, and it affects IIS and IE on clients (but not on XP), and they have a patch available here Security Hotfix for Q329414. The kicker is that a patched system can be rendered vulnerable again by a hostile web site or HTML email. The 'solution' from MS in Microsoft Security Bulletin MS02-065 recommends that you remove MS from the list of Trusted Publishers."

November 20, 2002
Wired News: Microsoft Spills Customer Data

Microsoft took a public file server offline Tuesday after Internet users discovered that the system contained scores of internal Microsoft documents, including a huge customer database with millions of entries.

Remember... if you run XP, your info could be in their hands.

And anybody else's that wants it.

War with Iraq will mean virus outbreak, hacker says

A Malaysian virus writer who is sympathetic to the cause of the al-Qaeda terrorist group and Iraq and who has been connected to at least five other malicious code outbreaks is threatening to release a megavirus if the U.S. launches a military attack against Iraq.

Bet it is a Windows virus...

Microsoft...More than you ever wanted to know

In my opinion, the net effect of using Microsoft products is reduced productivity (compared to using alternative software). This is no small matter, as the marketing reason to buy any of their products is to increase your productivity. Of course the only way that happens is if the comparison is made to your having no computer at all.

Again, just one example of this is the absolutely PROFOUND Gistics report (which surveyed over 30,000 business professionals) and concluded “Due to a more efficient computing environment, the Macintosh business user gains per year an average of 234 prime time authoring and composing hours than a Windows user... The Mac user generates 7.14 times ROI over three years, while the Windows NT user generates 2.02 ROI... Clearly for profit oriented firms, deployment of Macintosh technology constitutes a fiduciary responsibility.”

Simple math not so simple

So what's the "simple math" I referred to in the subject? Originally, we had a very, very small bid to put data validation in this project. If anything didn't meet our expectations, we would send email to our client and ourselves and nothing would get updated (and risk breaking the Web pages -- better old data than bad data). We were turned down and now the client has spent 10 to 20 times that cost in tracking down bugs, not to mention the damage to their reputation. Their reason for turning us down? "These are computers. Once we get it dialed in, nothing will change."

I don't get it

OK... I don't get it.

This is for production code: MS bug
exposes millions to attack

So... why on earth would anyone mess with this
crap? Windows Longhorn Alpha Leaks to the Web

MP opens windows to Linux

Madhya Pradesh has shut the door on Bill Gates. The state government schemes will use Linux software. Chief minister Digvijay Singh personally conveyed this to Microsoft boss Bill Gates during an interaction last week in New Delhi.

“For us it is not a question of Microsoft versus Linux. It is just a matter of choosing between a free software and a monopoly. We feel that when we are putting public information out in the open, then it should not be through a proprietary software,� Mr Singh told ET.

Nor is it merely a public vs private ideological battle. Germany and Latin American countries, particularly Peru and Brazil, have opted for Linux rather than proprietary software to bring down costs, which keep mounting with successive upgrades in the case of proprietary software.

Cost Savings of Open Source Software in K-12 Education

The commercial replacement cost of the free software that we currently use is obviously very high. However, if I were forced to deploy commercial solutions for all of the above, you could probably guess that I would trim back what we needed to buy significantly. For instance, if it cost me $1000 per web server for the server OS and web server software, you can bet that I wouldn't be running six web servers in my server room like I am now. Rather, I would cut back and only run one or perhaps two web servers. This makes it apparent that not all of the benefit of open source software deployment in is the form of cost savings; much of the benefit is in terms of capabilities gained. In other words, through the use of free software, I am able to do more within my budget than I could if I only had commercial solutions available.

November 19, 2002
New government surveillance powers scrutinized

At the same event, Graglia said without surveillance limits "The World Trade Center towers would still be standing."


Iraqis 'staggered' by exhaustive list of demands from UN inspectors

The UN's chief weapons inspector said it was up to Saddam Hussein's regime to prove his claims that it does not possess any chemical, biological or nuclear weapons.

The new UN team of inspectors has been told by the Iraqis that they have not been seeking material to build a nuclear bomb. Mr Blix said the onus of proving that lay with Baghdad. Mr Blix was meeting other Iraqi ministers yesterday and will fly back to New York to give his initial impressions to the UN before the bulk of inspectors arrive in Baghdad on 25 November.

Remember... you can not prove a negative.

IF Saddam didn't have any WOMD... he is still screwed.

That is the flaw in Bush's agenda... it does not take into account the fact that he could be wrong.

And that is wrong.

The Evil That Is the DMCA

I recently attended a talk by Professor Tarleton Gillespie of Cornell University in which he made a compelling argument for how the Content Cartel is using the legal force of the DMCA to direct us down a path where content cannot exist outside of a "trusted system," which is a set of hardware, software, and file formats that all agree on what the user is allowed to do with a piece of content. (The trust here is between the pieces of the system, because the content owners don't trust their customers at all.) The trusted system's goals are simple - to eliminate all unauthorized uses and create a situation where we pay more for the content we consume.

A trusted system could prevent you not only from copying a CD or DVD, but also from listening to the CD more than a certain number of times in a day or skipping commercials on a DVD or on broadcast television. Along with requiring us to buy new hardware to play such content and buy new protected versions of the content we already own, a trusted system could have another ill effect. That's because it could prevent us from working with content we would create, using tools such as those Apple kindly provides in iMovie, iDVD, iTunes, and iPhoto. In the worst case scenario, Apple could lose not just the Mac's current digital media advantage in the marketplace, but the ability to work with digital media at all.

My Adventures with Mac OS X

I recently decided to make the leap from Yellow Dog Linux to Mac OS X on my Titanium PowerBook. Getting everything to work the way I wanted proved to be a challenge, but well worth it. This document outlines all that I learned, so that neither you nor I will have to experience such pain again. The overall goal was to get Bricolage up and running, figuring that if it worked, then just about any mod_perl based solution would run. I'm happy to say that I was ultimately successful. You can be, too.

November 18, 2002
The worst security problems? We can't tell from the FBI's top 20 list

Again, this sounds like a logical explanation; third parties, the people who have their bandwidth reduced by things like Code Red but have no Microsoft products on site, are inarguably the "innocent victims" here. However, this list appears to equate weaknesses in IIS that affect millions of third parties to Unix RPC buffer vulnerabilities that have yet to victimize their first third party.

If it wasn't one of the above, what basis did they use first for the selection and then for the ranking? I still don't know, but I have two hypotheses:

1. It is possible that the Unix list started out as nothing more than an exercise in political correctness. After all, not all of the Internet's vulnerabilities are due to Microsoft products and processes. Under this guess, I imagine a top-ten list that gets out of control and becomes a top-40 list (most of them Windows-related) until someone decides that fairness requires a comparable Unix list and then edits both lists to produce the false impression of parity presented in the resulting "top-20" announcement.

2. The more cynical alternative is less-credible because it requires the assumption of malice or commercial interest rather than just sloppy thinking. In this interpretation, the apparent pattern is taken as real, and the whole announcement is seen as an attempt to balance the bad press Microsoft gets on its security vulnerabilities. A prestigious FBI announcement seems to be showing that Unix isn't any better.

Personally I'm more inclined to believe in stupidity than malice but, either way, this "top 20" announcement seems to me to have been an extremely misleading and quite possibly disingenuous piece of work that the Institute and the FBI should correct promptly.

Understanding the Windows EAL4 Evaluation

In the case of the CAPP protection profile, there actually isn't much point to doing anything better than a low-confidence evaluation, because the requirements set itself is very weak. In effect, you would be saying "My results are inadequate, but the good news is that I've done a lot of work so that I can be really sure that the results are inadequate.

In the case of CAPP, an EAL4 evaluation tells you everything you need to know. It tells you that Microsoft spent millions of dollars producing documentation that shows that Windows 2000 meets an inadequate set of requirements, and that you can have reasonably strong confidence that this is the case.

November 17, 2002
Israel's arms inspector

In the absence of any international inspection of Israel's nuclear capacity, Vanunu was our unofficial, DIY arms inspector. He is now held in Israel's highest security prison, having spent 12 of his last 16 years in solitary confinement. Neither the UN nor any individual member of the security council has questioned his imprisonment or demanded that Israel's nuclear capacity be opened to international inspection.

His story reads like a tragic thriller. But it's real life. As real as the fact that the Dimona nuclear weapons factory where Vanunu worked, together with the biological and chemical weapons factory in Nes Zion, is still not open to international inspection. In 1994 Jane's Intelligence Review, the world authority on the arms industry, confirmed that Israel has 200 nuclear warheads, making it the world's sixth largest nuclear power. The same politicians who now threaten military invasion of Iraq because of suspected nuclear weapons capacities, have not demanded inspection of Israel's known nuclear weapons.

Switching Offices

IF YOUR ORGANIZATION has a number of older PCs running Microsoft Office, there are now several good reasons to seriously consider switching to the office suite. Most of these reasons have been supplied by none other than Microsoft itself.

November 15, 2002
News: Three-year PC upgrade cycle is history

Traditionally, consumers and businesses have replaced PCs every three years or so. Although the need is still there to upgrade PCs, customers are delaying new PC purchases. Increasingly, PC users are choosing to extend the life of their current machines far past the three-year replacement cycle. Weak incentives to upgrade and concerns about the economy are helping prolong the cycle, said Gartner.

The Peon's Guide To Secure System Development

Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion. The author feels that a step toward washing himself clean of responsibility is by writing this document. Checking your memcpy() and malloc() calls have been lectured to death. It's not working. The approach used by this document is to instead shame developers into producing better systems. Enjoy.

Judge rules cops' hacker went too far

A federal judge has ruled that law enforcement officials went too far when they tried to use evidence gathered by a known hacker to convict someone of possessing child pornography.

The decision, handed down earlier this month, is believed to be the first to say that hacking into an Internet-connected home PC without a warrant violates the Fourth Amendment, which prohibits unreasonable searches and seizures.

This is why Bush wants to be able to do things in secret. Because it is highly illegal, and can not stand up under scrutiny.

November 14, 2002
Use Metadata to Improve Your Pictures

Every time you click the shutter, your digital camera records valuable picture data that describes the image you just captured. Data such as time, shutter speed, aperture, focal length, and ISO are written to the file header in the EXIF format (Exchangeable Image File). This information becomes part of the total image file and can be displayed with applications such as Photoshop 7 and iPhoto 1.1.

In essence, each picture file contains a complete photographic history of the decisive moment that can be analyzed to help you understand why the image was successful, or give you clues as to what went wrong. In this article I'll show you how to retrieve this data and use it to hone your photography skills.

The SSH Cryptosystem

In a previous article (see IP Packets Revealed), I demonstrated that the telnet utility can be used to login to a remote computer from another system. Once logged in, a user can do anything on that remote system as if he were physically sitting in front of it. That is, every keystroke is sent to the remote system and interpreted as if it had come from the keyboard attached to that remote system (even though that keyboard input first had to travel over a network). We also saw in that article that every single keystroke and response was sent in clear text, meaning that a sniffer could watch the entire session.

Related Reading
SSH, The Secure Shell: The Definitive Guide

SSH, The Secure Shell: The Definitive Guide
By Daniel J. Barrett, Ph.D., Richard Silverman
Table of Contents
Sample Chapters
Read Online--Safari

Any SSH cryptosystem will allow a user to login to a remote system and work just as if he were physically there. However, before the user is given a login prompt, a key will be generated to encrypt and decrypt all of the data that will be passed between the two computers. That is, more is happening behind the scenes.

Structured Editing in Emacs

A new-bee to new-bee guide to Docbook and other SGML/XML standards using direct structured editing approach with Emacs.

November 12, 2002
Combining Stylesheets with Include and Import

The xsl:include and xsl:import instructions give you ways to incorporate XSLT stylesheets programmatically. There are two situations where this is useful.

*Large, complex stylesheets, like large complex programs, are easier to maintain when you break them into modules with specific roles to play. In XSLT, the xsl:include and xsl:import instructions let you assemble the pieces. This modular approach also makes it possible to share parts of a stylesheet with other stylesheets that only want certain features and not the whole thing; they can just include or import the parts they need.

*Customizing an existing stylesheet without actually editing that stylesheet is easy, because you incorporate it, and then separately override any template rules that don't do exactly what you want.

Create a Linux boot CD

Although Linux is usually known for its rock solid stability, a Linux server may still sometimes crash and/or become unbootable, often due to hardware issues. On these occasions, one of the best tools to have at your disposal is a bootable Linux CD.

Running Apple's Backup Without a .Mac Account

A short time ago Apple introduced the paid service .Mac as a followup to the free iTools service. .Mac provides nice services like email, web hosting, virus protection software, online WebDAV based disk storage (dubbed iDisk) and backup software. The last two work together, you can make backups to your iDisk. The backup program, called Backup is also capable of backing up to recordable CD or DVD. Backup can be downloaded for free from Apple.

The full functionality of Backup only works if you have a paid .Mac account. You cannot make backups to CD or DVD with a trial account. Also, scheduling of backups only works if you have a paid .Mac account.

November 08, 2002
Scary Backup Stories

Backups. We all know the importance of making a backup of our most important systems. Unfortunately, some of us also know that realizing the importance of performing backups often is a lesson learned the hard way. Everyone has their scary backup stories. Here are mine.

US pulls out new tools, new rules

But it does raise another issue with Admiral Turner: "How do we know who was in that truck or car? How good was our intelligence as to whom we were getting here?" he asks.

In February, for example, the Predator was used to kill three suspected Al Qaeda leaders in eastern Afghanistan, including a very tall man who supposedly looked like Al Qaeda leader Osama bin Laden. It turned out that the three people killed were local peasants trying to salvage scrap metal from the detritus of war.

Bush terrorizes me more than Osama ever will.

Does that mean I could legally take a pre-emptive strike? Perhaps one of those "regime change" things he keeps harping about?

Surely he wouldn't suggest something for another country that wouldn't also be good for America?

Let your patriotism shine: America first!!

When good interfaces go crufty

Naturally, this inconsistency makes people rather confused about exactly what will happen when they drag an item from one place to another. So, rather than fixing the root problem which led to the workaround, Microsoft invented a workaround to the workaround. If you drag an item with the right mouse button, when you drop it you’ll get a menu of possible actions: move, copy, make a shortcut, or cancel. That way, by spending a couple of extra seconds choosing a menu item, you can be sure of what is going to happen. Unfortunately this earns Microsoft another citation in the Interface Hall of Shame for inventing the right-click-drag, “perhaps the least intuitive operation ever conceived in interface design”. Say it with me: Cruft.

November 07, 2002
Understanding Bandwidth and Latency

From the bygone debates over DDR vs. RDRAM to the current controversy over Apple's DDR implementations, one issue is commonly misunderstood in most discussions of memory technology: the nature of the relationship between bandwidth and latency. This article aims to give you a basic grasp of the complex and subtle interaction between bandwidth and latency, so that the next time you see bandwidth numbers quoted for a system you'll be able to better understand how those numbers translate into real-world performance.

Understanding Bandwidth and Latency

From the bygone debates over DDR vs. RDRAM to the current controversy over Apple's DDR implementations, one issue is commonly misunderstood in most discussions of memory technology: the nature of the relationship between bandwidth and latency. This article aims to give you a basic grasp of the complex and subtle interaction between bandwidth and latency, so that the next time you see bandwidth numbers quoted for a system you'll be able to better understand how those numbers translate into real-world performance.

November 05, 2002
Mozilla riddled with security holes

Versions of Mozilla previous to version 1.0.1 contain multiple security vulnerabilities, so users need to update their browser software. The flaws could be used by an attacker to read data off of the local hard drive, gain information which should normally be kept private, and in some cases to execute arbitrary code, an advisory by Red Hat explains.

November 04, 2002
Refactoring with Martin Fowler

Refactoring is about saying, "Let's restructure this system in order to make it easier to change it." The corollary is that it's pointless to refactor a system you will never change, because you'll never get a payback. But if you will be changing the system

The Microsoft ruling

Friday, Judge Kollar-Kotelly released a huge document -- perhaps she is accustomed to getting partial credit for the wrong answer if she shows her work -- in which she ruled that you don't matter.

The ruling has considerable cardiopulmonary effects: It is both heartbreaking and breathtakingly stupid.

g4u - Harddisk Image Cloning for PCs

g4u ("ghost for unix") is a NetBSD-based bootfloppy/CD-ROM that allows easy cloning of PC harddisks to deploy a common setup on a number of PCs using FTP. The floppy/CD offers two functions. First is to upload the compressed image of a local harddisk to a FTP server. Other is to restore that image via FTP, uncompress it and write it back to disk; network configuration is fetched via DHCP. As the harddisk is processed as a image, any filesystem and operating system can be deployed using g4u.

Election Selection: Are we using the worst voting procedure?

In elections with only two candidates, plurality voting works just fine, since the winner is guaranteed to have been the top choice of more than half the voters. But as soon as three or more candidates are on the ballot, the system can run into trouble.

In races with a large slate of candidates, plurality voting dilutes voter preferences, creating the possibility of electing a leader whom the vast majority of voters despise.

Can you say "duh...(bya)"?

November 01, 2002
Judge OKs most of Microsoft settlement

A federal judge Friday largely accepted a proposed settlement in Microsoft's long-running antitrust case with the U.S. Justice Department.

Tell me again... why do they call it a "justice" system?

Proof Win2K is still insecure by design

A day after boasting that Windows 2000 has won Common Criteria security certification, Microsoft was yesterday obliged to warn of two nasty vulnerability affecting, er, Windows 2000.

The timing couldn't be more embarrassing for Redmond but, let's face it, the appearance of more bugs in Win2K (or IE, WinXP etc.) is hardly much of a surprise.

Judge to issue long-awaited rulings Friday in Microsoft trial

The federal judge overseeing the Microsoft Corp. antitrust trial will deliver her long-awaited rulings in the case on Friday after financial markets close, deciding whether to approve a controversial settlement between the software maker and the Justice Department

Namibia wisely spurns M$ 'gift' in favor of Linux

The African nation of Namibia is large in area and small in population with considerable distances between communities. Imagine the challenges of getting its schools wired to the Net. SchoolNet Namibia, a chiefly volunteer organization, struggles to do precisely that with a free ISP and numerous other initiatives to get the nation's schools, many of which lack any library resources at all, on-line.

Imagine the pleasure with which SchoolNet would initially have confronted a charitable overture from Microsoft involving free software. Now imagine the disappointment of learning that accepting the 'gift' would entail outlays of money in the range of fifteen times the value of the M$ Trojan horse.