December 31, 2002
Secure Programming for Linux and Unix HOWTO

This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C , Java, Perl, PHP, Python, TCL, and Ada95 are included.

RTF on the server

Office workers habitually exchange documents encoded in Microsoft Word .DOC format. An abundance of open-source tools make it feasible to automate management of their content.

December 30, 2002
In-Room Chat as a Social Tool

This fall, I hosted a two-day brainstorming session for 30 or so people on the subject of social software. The event, sponsored by Cap-Gemini's Center for Business Innovation and Nokia's Insight and Foresight unit, took place in an open loft, and in addition to the usual "sit around a big table and talk to each other" format, we set up an in-room chat channel accessible over the WiFi network. We hosted the chat using Greg Elin's modifications to Manuel Kiessling's lovely ARSC (A Really Simple Chat) software. (Greg and I had used a similar setup in a somewhat different setting, and we were determined to experiment further at the social software event.)

The in-room chat created a two-channel experience -- a live conversation in the room, and an overlapping real-time text conversation. The experiment was a strong net positive for the group. Most social software is designed as a replacement for face-to-face meetings, but the spread of permanet (connectivity like air) provides opportunities for social software to be used by groups who are already gathered in the same location. For us, the chat served as a kind of social whiteboard. In this note, I want to detail what worked and why, what the limitations and downsides of in-room chat were, and point out possible future avenues for exploration.

December 27, 2002
Using OpenSSH with Authentication Fowarding and keychain

This page collects into one place the essential steps needed to generate a private/public key pair and use ssh to connect to remote hosts without having to enter your password or passphrase more than once per boot of your trusted workstation. The idea is that you can engage in a "multi-machine ssh session" in which all authentication is tunneled back to the first machine from which you started your session. This means you can securely ssh around the net to hosts on which you have accounts without entering your passphrase when you connect, yet all connections and authentication occurs securely. The article by Daniel Robbins on Agent forwarding and keychain provides excellent overall background material. This page merely serves to summarize configuration steps consisely.

December 20, 2002
Free Speech -- Not Quite

The same law that relates to publishing in the offline world, generally speaking, applies to material posted publicly on a Web log, legal and human resources experts said. Posting information or opinions on the Internet is not much different from publishing in a newspaper, and if the information is defamatory, compromises trade secrets, or violates copyright or trademark regulations, the publisher could face legal claims and monetary damages.

December 18, 2002

StreamRipperX is an open source application for Mac OS X that allows you to listen to Internet radio streams and record the songs as individual MP3 files.

December 17, 2002
My Network Administrator's Toolbox

Recently I built some storage shelves in my basement. One step of the process required a chisel. My accomplice suggested that I just use a screw driver since it was more handy at the time. I responded that I wanted to use a chisel since we had one and because I believe in using the right tool for the job if it is available. I have the same philosophy at work. I like to use the right tool for the job if it is available. In ten years of managing networks I have picked up a few favorite tools and techniques that each has its place in my network administrator's toolbox. Another administrator would likely prefer a different set of tools but these are the ones that I like. Likewise, a system administrator would likely not call these tools her favorite because they are not the right tools for that job. The tools described below or ones like them will be useful to any network administrator and they are all open source.

December 16, 2002
PC killer on the loose

Few who look at the PowerBook G4 can believe it's not the latest fashionable toy. After spending quality time with the PowerBook running Mac OS X 10.2.2, we don't care if we ever touch another $3,500-plus top-end PC notebook. Yes, it is that good, and its value has nothing to do with its sleek looks.

Apple packaged the PowerBook G4s so exquisitely that at first we were afraid to get our fingerprints on them. Our reverie lasted about 15 minutes. Then we dragged two systems -- an earlier 867MHz model and the newest 1GHz unit -- through hell for several weeks, both in the lab and on the road. We beat them twice as hard because they're so pretty and because, well, we're not Mac people. When it was over, the PowerBooks owned us utterly. Trust us; that never happens.

Include GUIs in your server programming with Perl/Tk

As a system programmer, you habitually work with command-line interfaces. Perhaps you've lost track of how easy it can be to wrap existing functionality with a lightweight graphical user interface (GUI). New Perl/Tk releases make it timely to remember that sometimes high quality accompanies ease of use.

You can keep your focus on highly productive server-side programming, and still choose to jazz up your interfaces occasionally. What's more, lightweight toolkits such as Perl/Tk make it possible to do this without the costs of higher-profile GUI approaches.

Why civil libertarians are uneasy

Of course, advocates of expanded executive power remind civil libertarians that President Bush is an honorable man who understands that the Constitution is made of more than tissue paper. That argument is simply not persuasive

December 13, 2002
Clone your own MT Journal

I almost forgot that my program for propagating my Movable Type journal to use Perl could be useful for others. So many folks have moved from use Perl to their own MT web log, and going back and forth is frustrating. So, since {KM} asked for it, here's the code. Enjoy.

The Right Term is Copyright Infringement

It follows that interference with copyright does not easily equate with theft, conversion or fraud. The Copyright Act even employs a separate term of art to define one who misappropriates a copyright: "Anyone who violates any of the exclusive rights of the copyright owner," that is, anyone who trespasses into his exclusive domain by using or authorizing the use of the copyrighted work in one of the five ways set forth in the statute, "is an infringer of the copyright."

Coding Standards Using XHTML

It seems these days that every cool new technology has an X in the name somewhere. And for some reason this X inspires fear and dread when combined with the Internet: XML, XSL, XPATH, XFORM and, yes, even XHTML. But Extensible HyperText Markup Language shouldn't cause you to lose any sleep at night, especially when you've got the XHTML capabilities of Dreamweaver MX on your side. With these new features the only thing you'll need to worry about when coding to this new standard is what attributes you can and can't use. I'm going to cover several topics in this article, including how XHTML differs from standard HTML, how Dreamweaver MX handles XHTML coding, the difference between Strict and Transitional Document Type Definitions (DTDs) and finally validating your code inside Dreamweaver.

Coding Standards Using XHTML

It seems these days that every cool new technology has an X in the name somewhere. And for some reason this X inspires fear and dread when combined with the Internet: XML, XSL, XPATH, XFORM and, yes, even XHTML. But Extensible HyperText Markup Language shouldn't cause you to lose any sleep at night, especially when you've got the XHTML capabilities of Dreamweaver MX on your side. With these new features the only thing you'll need to worry about when coding to this new standard is what attributes you can and can't use.

I'm going to cover several topics in this article, including how XHTML differs from standard HTML, how Dreamweaver MX handles XHTML coding, the difference between Strict and Transitional Document Type Definitions (DTDs) and finally validating your code inside Dreamweaver.

The Ways Republicans Talk About Race

Sound bites pitched toward the racist right have been the dirty little secret of the Republican Party for four decades. How have they gotten away with it? Partly by obscuring the evidence. The Bush administration, for example, has essentially closed access to President Reagan's presidential papers for historical researchers, making it that much harder to examine how race remained a secret part of the American conservative discourse.

December 12, 2002
VPNs and IPSec Demystifie

So far in the cryptosystems series, we have taken a look at general cryptographic terminology and the SSH cryptosystem (including configuration). In today's article, I'll start off with how VPNs work and then concentrate on the IPSec standard.

Lott's amnesia

The sample ballot made it clear what was at stake for white Southerners who favored discriminatory treatment of blacks. "A vote for Truman electors is a direct order to our Congressmen and Senators from Mississippi to vote for passage of Truman's so-called civil-rights program in the next Congress," states the official Mississippi State Democratic Party sample ballot, as provided by the Mississippi Department of Archives and History. "This means the vicious FEPC [Fair Employment Practices Commission, created by President Franklin Roosevelt to end discriminatory hiring practices in the defense industry] -- anti-poll tax -- anti-lynching and anti-segregation proposals will become the law of the land and our way of life in the South will be gone forever."


Microsoft misses mark on flaw

For the second time in a week, Microsoft acknowledged on Thursday that its initial estimation of a software flaw underrated the true threat posed by the vulnerability.

Making a home terminal/server network with LTSP

When my wife asked me to remove Windows and install Linux on her computer, I was happy to oblige. She is familiar with Linux from watching me use it and was quite upset that Windows had lost her desktop photograph -- again. This gave me an excuse to try setting up a terminal / server network. Since we each had beefy desktop machines, this also gave me an opportunity to turn her machine to another use. After resurrecting two retired computers from the basement, we each use a lame workstation as clients to my former desktop machine, now acting as a server only.

Big Blue counters Gates' offer for Indian software

After Microsoft chairman Bill Gates' lavish offerings for health, education and proprietary software, his company's biggest competitor IBM has offered to transform India into a software industry hub if it adopts the open source standard.

Thoughts on the Evolution of Online Distribution

The continuing controversy over online file sharing sparks me to offer a few thoughts as an author and publisher. To be sure, I write and publish neither movies nor music, but books. But I think that some of the lessons of my experience still apply.

December 11, 2002
Fugu - A Mac OS X SFTP, SCP and SSH Frontend

Fugu is a graphical frontend to the commandline Secure File Transfer application (SFTP). SFTP is similar to FTP, but unlike FTP, the entire session is encrypted, meaning no passwords are sent in cleartext form, and is thus much less vulnerable to third-party interception.

Fugu allows you to take advantage of SFTP's security without having to sacrifice the ease of use found in a GUI.

Fugu also includes support for SCP files transfers, and the ability to create secure tunnels vi SSH.

Use Of Contract Programmers, Linux Up Sharply

More than 70% of companies surveyed are outsourcing some software-development work, up from 40% in May 2001, the software-development research firm says. It's likely that economic conditions are playing into the trend, as companies look to get more work without the added expense and administration of full-time employees.

December 10, 2002
Fighting Decentralized Terrorist Threats

The criticism I would make of Total Information Awareness (TIA) and the Department of Homeland Security (DHS) in general is that they are agressively centralized solutions to an agressively decentralized problem. I would feel better about our government's efforts to fight terrorism if I heard much more discussion of decentralized solutions, and an economic and organizational plan that blended centralized and decentralized approaches to the problems of terrorism. We need to talk about state and local solutions, not just Federal solutions.

Month with a Mac: Can the Mac replace my PC?

The Challenge: Can the Macintosh, with no training, technical books, or prior knowledge, replace my PC running Windows 2000 and Red Hat's Psyche?
The Background: I am not a standard PC user. I'm a network engineer, proficient in Windows, NetWare, BeOS, and Linux. I have set up complete domains from scratch, I understand networking and the components in a computer. I am a power user, and that makes me different from much of the audience targeted by Apple's Switch campaign.
Fair warning: This is a fairly long, honest review in an untraditional sense. I didn't write it in one sitting, it was written over the course of a few weeks and it includes lots of information is a disorganized but linked fashion.

Your Pension Plan in Danger?

Why did 33% of Fortune 100 companies switch to these new pension plans in relatively short order? Most say because it saves them money (large firms save as much as $100 million). If the cash-balance pension plan saves employers money, where do the savings come from? You got it. You. The employee.

Many argue cash-balance pension plans represent an "anti-worker movement." Do they? Well, they have been lobbied for by big-business interests since the 1999 freeze. And when money is saved, it has to come from somewhere. If your employer is suddenly saving more money, and it didn't cut nonemployee costs, then it's saving money on your back.

As long as men like George Bush have a way to take your money... it isn't safe.


Think Enron... think Ken Lay... think never gonna get prosecuted.


Bush OKs Pensions That Worry Workers

The Bush administration plans to propose new regulations Tuesday that would protect employers from age discrimination liability when a company converts its traditional retirement pension benefit to a different arrangement called a "cash balance plan."

Such conversions typically mean less money for workers closer to retirement age. Currently there is a moratorium on government approval of conversions. But that would be lifted if the regulations are approved after a public comment period and an April meeting of the Internal Revenue Service.

Australian court to hear U.S. Net case

Australia's highest court ruled Tuesday that a defamation case sparked by a story on a U.S Web site could be heard in Australia, opening a legal minefield for Web publishers over which libel laws they must follow.

Thought for the day

Introspection without action is worthless.

December 09, 2002
Largo loves Linux more than ever

Dave says, "About a year ago we had two gentlemen from Microsoft come in who spent two or three hours with us." The Microsoft reps asked the Largo people to be frank with them and explain their needs as clearly as possible, which is what happened.

"Mostly it was an issue of scalability," Dave says. This, not money, is what they told the Microsoft people their biggest barrier was. At any given moment, Largo's network may have over 200 people actively logged in and working, often more, and they are all running from a single main server, plus several servers that run specific applications. Even the Microsoft people couldn't refute the fact that Largo's current setup uses far less hardware and is far easier to administer and physically maintain than an equivalent Windows-based system.

"And that," says Harold, "was Microsoft's last sales push with us."

Microsoft liars to unapproved browsers: Drop dead

As hip people will already be aware, Microsoft’s characteristically outrageous litany of lies took a new form this week when, all of a sudden, certain browsers were deliberately excluded from rendering any “content” at

Blast from the past...

HTML Help by The Web Design Group

The Web Design Group was founded to promote the creation of non-browser specific, non-resolution specific, creative and informative sites that are accessible to all users worldwide. To this end, the WDG offers material on a wide range of HTML related topics. We hope that with this site as a reference, you will be able to create Web sites that can be used by every person on the Internet, regardless of browser, platform, or settings.

December 08, 2002
Donors promised political access

Political party officials and the donors they solicit have routinely linked big contributions to government business, from merger approvals to meetings with top officials, according to previously sealed court documents that offer a window into the business of fund raising in Washington.

Trial told no proof of ebook piracy

Adobe Systems has not been able to find proof that anyone made illegal copies of electronic books using software that could sidestep copyright safeguards in the company's eBook software, an Adobe engineer has testified.

And yet, a Russian company is being publicly flogged for violating a law that can not possibly have any jurisdiction in Russia.

And Americans don't know why terrorist hate us...

December 07, 2002
Microsoft: IE hole worse than reported

"Microsoft has given this vulnerability a maximum severity rating of moderate," Larholm wrote. "Great, so arbitrary command execution, local file reading and complete system compromise is now only moderately severe, according to Microsoft."


"It seems like Microsoft is deliberately downplaying the severity of the vulnerabilities in an attempt to gain less bad press. It sure would look bad to release two critical cumulative updates in just two weeks, but that is exactly what has been done," Larholm wrote.

You don't expect honesty from a company that had to come up with "trustworthy computing" to brainwash customers... do you?

Radioactive patients set off subway alarms

Americans undergoing radioactive medical treatments risk setting off anti-terrorism sensors in public places, and subsequent strip searches by police, warn doctors at the Albert Einstein College of Medicine in New York.

A 34-year-old patient who had been treated with radioactive iodine for Graves disease, a thyroid disorder, returned to their clinic three weeks later complaining he had been strip-searched twice in Manhattan subway stations. Christopher Buettner and Martin Surks report the case in a letter to the Journal of the American Medical Association.

Ah, yes...

The price of "freedom".

Stop your BBS shopping & try FUDforum

FUDforum is a remarkable piece of work, from the installation to the actual quality of code (programmers could learn a lot from browsing the code to see how things are done). I recommend you try FUDforum for yourself if you are even the least bit intrigued by what you're about to read.

December 06, 2002
Internet spammer can't take what he dishes out

West Bloomfield bulk e-mailer Alan Ralsky, who just may be the world's biggest sender of Internet spam, is getting a taste of his own medicine.

Ever since I wrote a story on him a couple of weeks ago (, he says he's been inundated with ads, catalogs and brochures delivered by the U.S. Postal Service to his brand-new $740,000 home.

It's all the result of a well-organized campaign by the anti-spam community, and Ralsky doesn't find it funny.

"They've signed me up for every advertising campaign and mailing list there is," he told me. "These people are out of their minds. They're harassing me."

Too funny... man, this is hilarious!

Feds Label Wi-Fi a Terrorist Tool

"We know that (an attack) could bring down the network of this country very quickly. Once you're on the network, it doesn't matter where you got in,"

That is because the moron in the white house wants to keep everyone using MS tools so the government can have back door access.

Trouble is, that door opens for anyone! All you need is the key...

Protecting fair-use rights in the digital world

Have you ever made a tape of your favorite songs to enjoy in your car stereo? Have you ever bought a CD and ripped it to your portable MP3 player? If so, you should know that recent changes to copyright law have been used to take away your personal use rights to the media you legally acquire. That means that activities like making mixes or copying music to a portable player are quickly being restricted or prevented. is doing something about it. We are advocating a Consumer Technology Bill of Rights that will positively assert a consumer's rights to fair use.

Slashdot | Shocker: Despicable Conduct From Disney

Phil Lelyveld, (email) a Vice President for Disney, has written to the FCC to tell them to ignore Digital Consumer's comments on the Broadcast Flag issue. The Broadcast Flag is an inter-industry conspiracy to turn over the keys to general-purpose computing to Hollywood studio execs -- under this proposal, no one will be able to ship digital television technology (like DVD recorders and FireWire) without Hollywood's permission. Lelyveld wrote to the FCC -- who are taking comments on the proposal -- without mentioning his day-job, to tell them that Digital Consumer, a civil liberties groups with more than 40,000 members, is nothing more than a "two millionaires" working to create a world "where we are all artist/waiters.

I sent my comments to the FCC yesterday.

Bet it doesn't matter...

December 05, 2002
What's So Bad About Microsoft?

The title say's it all...

Wal-Mart: $199 PC sells briskly

Here's the pitch for what could be your next PC: No Microsoft, no Intel — and almost no markup.

By dropping software from Microsoft and avoiding "Intel inside," retailer Wal-Mart Stores is offering a $199 computer it says is a hot seller on its Web site, attracting novices looking for a way onto the Internet as well as high-end users wanting a second box.

Putting TCO Studies In Their Place

Kusnetzky, who spoke at the conference Wednesday, was not surprised that Microsoft released the results, since the study had a positive outcome for the software giant. Kusnetzky joked that most of the work that he and his fellow IDC analysts do is like an iceberg--usually the public does not see 95% of the reports commissioned by IDC's clients. Once in a while, when the numbers are favorable, the client will exercise their right to publish the data.

Let's think about that for just a minute.

If MicroSoft releases five "favorable" studies from IDC... what does that imply?

That there are 95 OTHER studies they did (and paid for) that are NOT favorable!


Warring formats confuse

DVD-RW disks, backed by Apple and Compaq, can be used over and over but must be awkwardly erased each time — users can't just add a file or folder to the contents of a DVD-RW disk, as they would to a DVD-RAM disk.

Apple mostly wants its Mac faithful to use DVD-Rs for creating movie DVDs or data-file DVD-ROMs. Use-once disks, not repeated-use disks, are where the action is, according to Evangelist.

DVD-R movie disks are compatible with the bulk of home DVD players, he says.

Quick Review of 1 GHz PowerBook G4

The 1 GHz PowerBook G4 is a good choice if you want speed and portability.

The PowerBook could be a replacement for a desktop machine. You should investigate the ergonomics of the system before taking the plunge and removing your desktop system. A separate display, a mouse, and an external keyboard may become essential accessories, if you are planning to replace your desktop with a portable.

US states with more gun owners have more murders

Homicides in the United States are more common in states where more households own guns, according to researchers.

The study findings imply "that guns, on balance, lethally imperil rather than protect Americans," lead study author Dr. Matthew Miller of Harvard School of Public Health in Boston, Massachusetts, told Reuters Health.

I won't argue about the harm part... but, where and how did you evaluate the protect part?

Did you look at government abuse of it's citizens? Did you look at the correlation of tax rate vs. gun ownership? Did you compare false arrest rates?

Or... do you only think guns are for "sport" and self protection from other citizens?

Ampheta + Windows + Outlines

It makes me appreciate the OS X environment so much more. OS X is like driving a nice big, fully packed RV that handles like a station wagon down the hacking highway. On the other hand, Windows is a Ford Festiva with a hole in the floorboards and a nagging suspicion that I forgot something back at the house. Okay, so that was a bit contrived. I just wanted to say something smarmy after all this grumbling. :)

Freedom To Tinker: Why Unbreakable Codes Don't Make Unbreakable DRM

It's commonly understood among independent security experts that DRM (i.e., copy prevention) technology is fundamentally insecure, at least based on today's state of the art. Non-experts often misunderstand why this is true. They often ask, "When you say DRM is insecure, isn't that just another way of saying that any code can be broken?" Actually, it's not. Let me explain why.

The Freedom of Imagination: Copyright's Constitutionality

Measured in light of the freedom of imagination, copyright's central prohibition of piracy is fully constitutional, but its prohibition of unauthorized derivative works is not.

US congressmen hide behind their email

A POST AT Politech suggests that US politicians are avoiding the bother of answering the citizens that voted them into power by switching off their email inboxes.

The post to Declan McCullagh, who runs the site, suggests that instead citizens have to find the politicians' websites, and fill out forms to "email" their requests or complaints.

According to the complainant, 391 out 530 representatives with email have hit on the cunning plan which allows them to pick and choose which to ignore and which to answer.

Surprise... not!

"Smart display" may not be so smart

It is basically a remote control for your PC; a touch-sensitive screen linked by Wi-Fi that acts as a mobile window to Windows. Only, when you remove it from its docking station to use it remotely, the PC locks up, just to be absolutely sure that your other half doesn't break the terms of the Windows license by--heaven forbid--using the PC in the study while you're using it from the sofa in the lounge. Just imagine. The civilized world would crumble.

Red Hat Chief: Where is the Rage?

Almost 229 years to the day, a band of overtaxed colonists slipped aboard a British merchant ship under cover of darkness and dumped boxes of tea into the harbor. The Boston Tea Party metaphor, with its themes of resistance and independence, provided an apt pretext for Szulik's address.

The Massachusetts native urged the IT community to challenge legal and legislative manuevers that might stifle innovation, namely, the Digital Millennium Copyright Act (DMCA) and corporate efforts to extend copyright protection.

"These things scare the hell out of me," Szulik said. "What is going to be left? Where is the rage?"

I got the rage... doesn't help.

Administering Windows from Linux

Rdesktop lets a Linux system participate in the remote Windows administration that is available with Terminal Services, allowing for the use of both operating systems simultaneously. This can streamline your administration and development chores, making your job a whole lot easier.

Calling All Yahoos

Worse, I learned, Iran-Contra conspirator Adm. John Poindexter had been made head of a Pentagon division that would compile a vast database of every financial, medical, employment, school, credit, and government record for every American, so that law enforcement and spooks might better spy on us.

December 04, 2002
Total Information Awareness Demonstration for Poindexter

The SF Weekly's column by Matt Smith in the Dec 3 issue points out that there may be some information that

John M. and Linda Poindexter
10 Barrington Fare
Rockville, MD 20850

may be missing in their pursuit of total information awareness.

He suggests that people with information to offer should phone 1 301 424 6613 to speak with that corrupt official and his wife.

Neighbors Thomas E. Maxwell, 67, at 8 Barringon Fare ( 1 301 251 1326), James F. Galvin, 56, at 12 ( 1 301 424 0089), and Sherrill V. Stant (nee Knight) at 6, may also lack some information that would be valuable to them in making
decisions -- decisions that could affect the basic civil rights of every American.

At Justice, Freedom Not to Release Information

Today, at the Justice Department, some laws are more equal than others.

One 36-year-old U.S. law can be broken, it seems. Attorney General John D. Ashcroft, who is sworn to enforce all laws, has told federal employees that they can bend -- perhaps even break -- one law, and he will even defend their actions in court.

That law is known as the Freedom of Information Act.

War on terror game

It would be funnier if it weren't all true...

Building a Linux-based time-shifting box

We don't watch tons of TV, but there are a few programs every week that we do like to see. I could buy a TiVo, but then I'd have to pay US$13 each month for the required service or a couple hundred bucks for a lifetime subscription. It may be worth it for many folks, but that's overkill for me. And I don't like the concept of having my destiny linked with the fortunes of the supplying company. I don't need a US$300 doorstop if the TiVo company should someday fail. Hey, if Enron and Worldcom can end up in the toilet, you have to allow for the fact that no one company will be around forever.

Project Builder

Project Builder is Apple's integrated development environment (IDE) for Mac OS X. It is designed to fully support all of the major platform initiatives of Mac OS X, such as the Carbon and Cocoa frameworks, Java, and the new application packaging mechanisms.

Project Builder provides project editing, search and navigation, file editing, project building, and debugging facilities for all types of Mac OS X software projects, including applications, tools, frameworks, libraries, plug-in bundles, kernel extensions, and device drivers. It supports the use of C, C , Objective C, and Java.

Project Builder leverages numerous other tools available with Mac OS X, such as the Interface Builder user interface construction application, compilers such as gcc, javac, and jikes, and debuggers such as gdb.

Poll Finds World Doubts U.S. Motives in Iraq

Suspicion about U.S. motives in Iraq and the broadly held perception that America ignores the interests of other nations in foreign policy disputes has tarnished the image of the United States around the world, according to a survey of public attitudes in 44 countries by The Pew Research Center for The People & The Press.

I'm an American.

George Bush was voted into office by a bunch of morons that wanted representation from one of their own kind.

In no way, shape, or form does this mean that this idios speaks for ALL of us! Having to live with his political bullshit does not mean condoning it.

Remember that when looking to bomb someone... you'll make less enemies and have a higher impact by hitting targets that actually deserve it.

Campaign finance law opponents go to court

"American politics is more free of corruption than at any point in its history," he told the three-judge panel.

Then we are screwed...

dead end job and a dead end platform

ASP is essentially a dead end technology - there is no upgrade path. If you want to stick with MS technology then you will have to throw away all your vbscript asp pages and rewrite them.

And... you'll be doing that every single time that MicroSoft says to.

The Three Day Rule

This brings me to the Three Day Rule that I have used for a while. Since this posted job seems like an interesting problem right now, I might start hacking a solution. However, will it still be a good idea three days from now? Most of my ideas cannot last the day. Good ideas will still be good ideas after a couple of days and during the interim the idea simmers in my head so that various problems have a chance to present themselves. If I follow the Three Day Rule, so that I do not start serious coding before three days from when I think it is a good idea, I optimize my coding by eliminating most of the bad ideas. I can easily mistake enthusiasm and skill for quality---just because I can do something does not mean it is a good idea and that I should spend my time on it.

CGIProxy-- HTTP/FTP Proxy in a CGI Script

This CGI script acts as an HTTP or FTP proxy. Through it, you can retrieve any resource that is accessible from the server it runs on. This is useful when your own access is limited, but you can reach a server that in turn can reach others that you can't. In addition, the user is kept as anonymous as possible from any servers. Common uses include: anonymous proxies similar to The Anonymizer, other personal uses, VPN-like functionality, and others. It's very simple to install, and very configurable.

December 03, 2002
evolving an OO design

I've been working on a piece of code for a couple of days, and realized that my notes show a nice, clear progression from rough ideas to ordinary, procedural code, to object-oriented design. I figured that some of you might find it useful of look over my shoulder, as t'were, while I shuffle the ideas around.

The Case Against Micropayments

In particular, users want predictable and simple pricing. Micropayments, meanwhile, waste the users' mental effort in order to conserve cheap resources, by creating many tiny, unpredictable transactions. Micropayments thus create in the mind of the user both anxiety and confusion, characteristics that users have not heretofore been known to actively seek out.

The Open Web Application Security Project

The "OWASP Guide to Building Secure Web Applications and Web Services" has been downloaded over 500,000 times in the last 3 months. At 60 pages it not always light reading but is a practical approach to building applications and covers a wealth of content from defining your security needs to avoiding common security problems like Cross Site Scripting and SQL Injection.

OS X 10.2 Server Notes

Please note that the information provided here works for me.I assume no responsibility for any problems you may experience. Also, please understand that I am still learning how to work within NetInfo. Much of what I will explain in the pages to follow will be fairly basic to begin with until I can get a better understanding of things. Please do not do any of this work on production machines until you get a better handle of the process. Use test equipment, since you may be needing to reboot the server often during this testing.

MS study - Windows costs less than Linux. A bit. Sometimes

Windows 2000 servers are cheaper to run than Linux ones, sometimes, says an IDC study which was by strange coincidence sponsored by Microsoft. The study will come as welcome relief to Microsoft salespeople who have been parroting the 'cheaper than Linux' line to general disbelief, but whether anyone else will believe it is another matter.

Mapping the new FUD attack plans

In a move that could be called "classic", the agents of FUD have begun researching ways to attack the open source initiative. The move is classic because it is even being disguised by co-opting the very terms (thought certainly not the spirit) of open source - in a blatant attempt to confuse the public. This move is both suspect and humurous.

What is extremely suspect is the very naming choice and designation of the group - which is truly about eliminating competition from the Open Source movement altogether. They have elected to call it "Inititiative for Software Choice". Indeed, the for-profit members have chosen to use a non-profit organization website to further their aims - something that many of the members would have long been complaining about the open-source movement for doing.

Microsoft's two-edged sword of trust

And, of course, Microsoft will have forced nobody to do this, in the same way as it forced nobody to give up DOS for Windows. Then comes the real fun. One day, your computer will tell you you're running untrusted open-source software and it refuses to export your e-mail data to it. Or you haven't paid your annual license fee, and you have 28 days to cough up or your word processor will expire. Your data will still be on your hard disk, but you'll no longer be authorized to use the only application that can access it. It gets better--it's possible for data to be deleted from your computer without your knowledge or permission. That news story you downloaded detailing misbehavior on behalf of a large organization? Bad luck--it got an injunction and all copies of that document worldwide have been deleted. That sort of global infrastructure is frightening enough: to have a convicted monopolist in ultimate control is beyond Orwellian.

Not much different than having a convicted felon (Poindexter) in charge of all of the country's survellience.

Bush likes working with criminals. They are his friends... his administration is just like the mob used to be... everything has to stay out of the courts because it wouldn't stand the legal review. (Now I'm gonna piss off the mob... great. Sorry guys, don't mean you are anywhere as bad as Bush!)

MS 'Software Choice' scheme a clever fraud

Microsoft's new "Software Choice" campaign is all for your right to choose... as long as you choose Microsoft. It's too bad that Intel and the U.S. Government couldn't see through the rhetoric.

I didn't think it was all that clever...

Model-View-Controller Pattern

Model-View-Controller (MVC) is a classic design pattern often used by applications that need the ability to maintain multiple views of the same data. The MVC pattern hinges on a clean separation of objects into one of three categories

December 02, 2002 >How To Get Hired As An Open-Source Developer

Cranston-Cuebas handles technical staff hiring for a number of major web sites that are part of the Ticketmaster family, including,,, and These sites are heavily vested in a wide variety of open source technologies, including mod, the Linux operating system, the Apache web server and various Java technolgoies.

TheOpenEnterprise caught up with Cranston-Cuebas at Apachecon and got him to "open" up about open source recruiting.

Why security flaws need to come out into the open

Regardless of who's right here--Microsoft or GreyMagic--this is a perfect example of why publicly disclosing software security flaws is important. While announcing vulnerabilities publicly can increase the likelihood of new malicious attacks, the fact that large software companies can't or won't fix flaws that are reported to them is a more serious problem. Sometimes, the only way to make a company respond responsibly is to make the vulnerability information public.

Security firm warns of new Chernobyl

Antivirus company Panda Software has detected a new strain of the devastating W95/CIH10XX virus--commonly known the Chernobyl virus--which can be so damaging to some computers that it will render some BIOS chips, and even entire motherboards, unusable.

It is amazing to me that so many people don't think this is enough to switch away from MS products.

December 01, 2002
Wilton's Word & Phrase Origins

Etymology is the study of word origins. It is not the study of insects; that is entomology. Where words come from is a fascinating subject, full of folklore and historical lessons. Often, popular tales of a word's origin arise. Sometimes these are true; more often they are not. While it often seems disappointing when a neat little tale turns out to be untrue, almost invariably the true origin is just as interesting.

A list of words and phrases can be found here, with links to the definitions and origins. Or, you can also jump to the discussion board to ask a question or put in your two cents.