Where’s maiken?

Still in flux. All is well; never fear.

What have I been up to?

This pretty much sums it up:

Happy Pi Day!

I totally spaced on the fact that today (3.14) was Pi day, until Steven Colbert graciously reminded me of it.

Via Wikipedia, check out this really trippy pi poster in celebration!

More Cool UI Innovation

This is the coolest thing I have seen since BumpTop:

Via Bogle’s Blog.

Gates, surprisingly engaging, on Daily Show

Bill Gates is usually pretty dry, but his appearance on the Daily Show is quite compelling, I think:

Storage is now free

I know, I know, you’re sick of hearing about how computers are free. But seriously:

This is a 1TB drive. It’s $400.

I’m pretty sure that I started seeing “TB” in common use, in advertisements for storage, in just the past month or two. How long until measuring hard drives in GB seems quaint, as it would seem ridiculous now for me to say, for example, that my laptop came with a 40,000MB hard drive?

Is this really the direction we want to go in?

I really like this comment on The Online Photographer, ostensibly about the idea of creating a subscription-based photography website, but really about the current state of affairs on the Web:

We have created a monster and it is us.

Software developers write programs and give the work away for free. Now no one really expects to pay much for programming.

The microstocks make some nice photos available for next to nothing.

WalMart sells shirts and pants for so little that I actually know someone who doesn’t launder her kids clothes but throws them away every 2-3 weeks and buys more. (I am not kidding.)

We expect to have lots of websites at our disposal 24/7 that give us free advice on camera gear and other aspects of photography. But doing that takes time and effort. Do the ads provide enough income?

Trouble is, nobody wants to work for free, do they? Something has to give, it seems to me. You have to spend years acquiring expertise to do what you do. Sharing some of it makes sense. Giving it all away for nothing will cease to make [sense] at some point.
People used to subscribe to magazines but I get the impression that they are reluctant to subscribe to websites? Why is that? These are weird times.

Weird times, indeed.

Computers are now free

I know it’s clichéd to be amazed all the time at how technology becomes ever-cheaper, but seriously, it’s astounding.

I’ve been thinking for a while that I need to build twin file-server machines and locate one offsite as a proper, comprehensive backup solution. For maximum control, these would be full-blown computers. Cost always seemed prohibitive, though.

Well, as it turns out, computers are now free. Check out this bare-bones machine with an Intel-compatible CPU for…

wait for it…


I’ll take five.

In all fairness, you have to supply memory and hard drives. But 128MB of memory is basically free, too. That means that the cost of a full-blown file server with a lot of storage is dominated by the cost of… the hard drives. That’s fantastic.

Something is amiss here…

Google took in $6 Billion in revenue in FY2005.

Suppose 200M people in the US use the Internet (I know, I know. Just suppose). That means Google got an average of $30 of revenue from each Internet user in FY05, or $2.50 a month. From everyone. On average.

Now, suppose that Google gets the great majority of their revenue from ads. I believe this is the case. I found this random survey of AdSense ad costs. I have reason to believe it’s fairly accurate. Let’s be generous and imagine that the average AdSense click-through nets Google $0.20 of revenue.

That means that the average internet user clicked through 150 Google ads in FY05. On average. With generous assumptions. Presumably the real average could easily be close to 200.

Is this consistent with anyone’s experience of using the Internet? Do you ever click through Google ads? I am not aware of ever having consciously clicked through a Google ad. Ever. Maybe I’m just some kind of weirdo?

Maybe there’s a subset of Internet users who click through Google ads a lot for some reason, and account for a disproportionate amount of Google’s revenue?

Bonus question: are all the kids growing up with the Internet today paying any attention to ads? That is, are Google’s ad revenues likely to go up or down as an Internet-savvy generation moves into the prime purchasing years of their lives?

Colbert does not approve of the iPhone

What we need is a filter — a big, big filter

David Brin has an interesting post in which he argues that the current Internet is missing a vitally important piece — robust mechanisms for separating the wheat from the chaff.

There is a lot of fuss going on about Time Magazine’s decision to put a mirror (framed by a computer screen) on its latest cover and announcing tat the 2006 Person of the Year is… “you.” Which translates as Joe and Jane Public — millions of us — who are starting to flex our cyber-empowered wings and express ourselves as never before.

But… David opines that successful human-organization mechanisms like

[...]markets, science, courts and democracy each have “centripetal vs centrifugal” social phases.
In science, markets, courts and democracy, the CENTRIFUGAL PHASE is when each individual participant may disperse, find allies/collaborators, and safely organize with others under some degree of protection, in a zone where product can be refined and readied for competitive testing.
Note that this is the phase that exists now, copiously, in the nascent “fifth arena” of the internet!
What the cybersphere does NOT have is anything even remotely resembling the CENTRIPETAL phase that also empowers the four older, more mature “arenas.”

What is the centripetal phase? This is where in all of the disparate and dispersed participants in an arena are summoned together by a ritual CALL TO COMBAT. What ensues is a battle - competition - that has transformed ancient human bloody-mindedness into something much more like a game. One in which rules have been laid down to ensure that the outcome of competition correlates at least somewhat with quality of product, and much less with power or influence or other means of cheating.

In science the centripetal competition phase compels researchers to publish papers and present them for criticism. In markets the ritual battleground is retail sales - where customers compare goods and services. In democracy the role is filled by elections, and courts have trials.

Phil Bogle has a follow-on post in which he points out that some nascent “centripetal” mechanisms exist already:

Collaborative filtering sites like Digg do provide a way for better ideas to rise to the top, but their algorithms for selection are hidden and can be gamed or subverted from within.

Likewise, Google has a metric for quality based on sifting through the linking behavior of millions of pages, but this metric is opaque and shifting. Google has mixed motives given that they are also trying to increase their own Adsense revenue and deliver value to shareholders.
To attempt to complete Brin’s (David’s, not Sergei’s!) thought: There are clearly mechanisms for finding quality on the internet, in some ways uniquely powerful, but not institutions for doing so.

By institutions, I mean systems that have a degree of underlying stability and trustworthiness based on history, checks and balances, transparency, and so forth. Such institutions take a great deal of time to evolve and are at least as much social as technical in nature, often requiring multiple revolutions and upheavals before being solidly established. Perhaps its unrealistic to expect secure institutions of quality and competition would evolve in internet time, even on the internet.

These are great observations. Many people seem to be coming around to the idea that the next significant step forward on the Internet will need to be improved mechanisms for filtering and managing the tidal wave of content being relentlessly created by the masses.

Transactional Memory explained

Transactional Memory is a Big Deal in current programming-languages research, but from what I can tell, the folks I know working in industry generally haven’t heard of it.

This ACM article provides a good in-depth overview.

Geekiness for Posterity: Removing Vongo Shovelware from an HP Presario v3000 laptop

Please forgive the momentary geek-out; there is a wonderfully supportive emergent knowledge base of tricks, hacks and workarounds on the Internet, woven together by Google, and this is my humble contribution.

I bought a Compaq / HP Presario V3000 laptop recently, and it’s a nice little machine. Even with the AMD Sempron chip I settled for to keep the cost down, it’s pretty lively with 2GB of RAM. However, as is apparently Compaq’s wont, it came loaded down with shovelware (aka bloatware); dozens of preinstalled widgets, trial versions and utilities that are, to put it politely, of limited value.

So, as a first order of business, I went through and uninstalled everything I didn’t want. This was going fine until I ran into the dreaded Vongo software. Vongo is some kind of movie-download service, but as far as I’m concerned, they will live in infamy as the Company Who Wrote the Crappy Bloatware That Would Not Uninstall.

My machine is running Windows XP Home. The Vongo Problem, for me, went like this:

  • From the owner account, I uninstalled Vongo from Add/Remove Programs. This appeared to work fine.
  • However, when I logged into another, non-Guest account, the Windows installer kicked in briefly to “uninstall” Vongo again. This succeeded, though, so I thought little of it.
  • For the Guest, account, however, things were different. When trying to log in, the Windows Installer would kick in to “uninstall” Vongo, but barf complaining that it didn’t have access to “C:\Program Files\Vongo”. This is, of course, because the Guest account isn’t allowed to access the “Program Files” directory.
  • Cancelling the “uninstall” procedure doesn’t work; the process starts over again immediately. It does this every time when logging into the Guest account.

This drove me mildly insane for something like three hours, off and on, yesterday evening. As Laura can testify, I became irritable and grumpy. I started saying “Vongo” a lot and giggling inappropriately. It was a bad scene.

Googling around revealed that removing Vongo from HP laptops is something of a Holy Grail for Shovelware haters like me. I found discussion threads recommending various registry cleaning tools or the use of Windows’ Safe Mode, but these didn’t work for me. One recurring recommendation involves using the msconfig utility to prevent the isuspm process from being started automatically. This is the InstallShield Update Service, which periodically checks for updates for installed software.

Suppressing this service felt like a hack to me; the system throws up a (suppressible) warning when you boot with any startup items suppressed, and I was grumpy that I was forced to work around a busted uninstaller by taking a sledge hammer to an innocent system service.

After a lot of frustration, I finally figured out a way of, aikido-like, using the Vongo uninstaller’s force against itself. By bending to its will, you too can banish it from your machine forever.

The heart of the uninstallation loop is that the system (misguidedly) wants to go through the motions of uninstalling the Vongo software, but can’t from the Guest account, because it doesn’t have the appropriate permissions.

Windows XP home doesn’t provide the usual NT file-permissions controls through the shell UI, because Microsoft figures that people running XP Home aren’t too bright, and might get confused by the extra knobs and switches. Luckily, though, it’s possible to edit file permissions directly on the command line using the amusingly-named cacls utility, which I imagine stands for “change ACLs” (an ACL is an Access Control List).

I logged into the Guest account and let the usual installer complaint come up. I believe the first error is about the “C:\Program Files\Vongo” directory. Then I fast-user-switched to the owner account and used cacls to grant permission to that directory to the Guest account, so the uninstaller could proceed. At first, the ACL for the Vongo directory looked something like this:

C:\Program Files>cacls vongo

C:\Program Files\vongo BUILTIN\Users:R
                       BUILTIN\Users:(OI)(CI)(IO)(special access:)

                       NT AUTHORITY\SYSTEM:F
                       NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
                       CREATOR OWNER:(OI)(CI)(IO)F

Note that chezlarklap is the name of my laptop. I ran:

    C:\Program Files>cacls vongo /e /g chezlarklap\guest:F

And then the ACL looked like this:

C:\Program Files>cacls vongo

C:\Program Files\vongo CHEZLARKLAP\Guest:(OI)(CI)F
                       BUILTIN\Users:(OI)(CI)(IO)(special access:)

                       NT AUTHORITY\SYSTEM:F
                       NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
                       CREATOR OWNER:(OI)(CI)(IO)F

Note that the line in bold says that Guest now has Full Control over this directory.

I fast-user-switched back to the Guest account and clicked “Retry” at the complaint dialog, and the uninstaller got one notch further, and complained about a different directory or file. After maybe half a dozen repetitions, the uninstaller was on to registry keys, which it doesn’t have permissions to alter, either. For some reason, though, there is an option to simply ignore a failure to write to the registry. After what felt like nine hundred “Ignore” clicks, Vongo was officially “uninstalled” from the Guest account.

I hope this helps someone!

Are you a non-profit in need of web hosting?

The hosting provider I run my blogs on, DreamHost, just announced that they will provide free web hosting to any US 501(c)(3) non-profit organization. Pass it on!

Web 2.0 is so last month

We’re already on to Web 3.0.

How well are you backed up?

This is something that’s gnawing at me, so I figured, well, why suffer alone?

Digital photography has taken the world by storm. I now have several thousand images of Ryan’s first year of life (not to mention lots of other, lesser family events and milestones). I’ll bet you have a bunch of important digital images, too.

Take my handy Backup Questionnaire:

1. Do you back up?

  1. Yes, but infrequently. If I lost my main storage, a great deal of recent work would be lost.
  2. Yes, and frequently enough that if I lost my main storage, only a minimal amount of work would be lost.
  3. Backup? What’s that?

2. How stable is your backup?

  1. I back up to CDs or DVDs. The backup will last as long as their shelf life.
  2. I back up to an external hard drive, which stays switched off except when I am making a backup, to minimize the chances that it will be accidentally corrupted.
  3. I back up to a hard drive in a separate computer, but the hard drive is always or often accessible, so if that machine goes haywire, the backup may be lost.
  4. I back up to a second drive in my main computer. Whatever calamity befalls my main data may befall my backup, too.

3. What if you deleted or corrupted a bunch of your files and then, unwittingly, ran a backup?

  1. The previous backup would be overwritten with the new, corrupt, data. This would mean that the corrupt data would be gone forever.
  2. I keep a fixed number of backups, so as long as I noticed the problem in time, I could recover.
  3. I do incremental backups so I can restore to any one of many points in the past. I have a large window in which I could detect the problem and be able to recover.

4. What if your house burned down?

  1. All my backups are in my house. They would all be lost.
  2. I keep my backups offsite. They would survive.

My answers are middling: I have 1b, 2b and c, 3a, 4a.

My main problem is that I have too much data to back up to CDs, and DVDs have a poor shelf life. I really need to invest in an additional external drive and store it offsite, swapping it with the one at home periodically.

Take a moment and think about your own backup strategy!

Your next passport will be wirelessly readable. Will it be secure?

The next US passport you get from the government will contain an RFID chip that lets the passport data be read off wirelessly by border guards. The first wave of “e-passports” is going out to citizens now.

Why is this a big deal? If the State Department had chosen to use a “smartcard” design, which would involve exposing physical contacts to the chip embedded in the passport, then the passport could only be read by someone with physical access to it. Instead, they chose to go with an RFID chip, which can be read wirelessly. The danger of this approach is that people other than border guards could read off the passport data. That would let miscreants collect your passport information simply by being near your passport. The collected data could be useful for identity theft, or for producing forged passports in your name.

Some questions immediately arise:

  • From how far away can the RFID chip in the e-passport be read?
  • Assuming you are close enough to the passport, is there any secondary mechanism to prevent you from reading off its full contents?

From a Wired News article by Bruce Schneier, discussing the State Department’s initial design:

The State Department downplayed these risks by insisting that the RFID chips only work at short distances. In fact, last week’s publication claims: “The proximity chip technology utilized in the electronic passport is designed to be read with chip readers at ports of entry only when the document is placed within inches of such readers.” The issue is that they’re confusing three things: the designed range at which the chip is specified to be read, the maximum range at which the chip could be read and the eavesdropping range or the maximum range the chip could be read with specialized equipment. The first is indeed inches, but the second was demonstrated earlier this year to be 69 feet. The third is significantly longer.

In the State Department’s original design, the RFID data was unencrypted, so if you could get close enough to the passport (say, within 70 feet!), you could read off its entire contents. When the State Department sollicited public comments on this design, it received 2,335 replies, 98.5 percent of which were negative.

In response, two improvements were made:

  • Passports will now contain a thin radio shield in their covers, so (it’s claimed) the RFID chip won’t be readable, from any distance, when the passport is closed. If the shield functions correctly, this obviates most of the concerns about “skimming” data off the passports of passers-by.
  • Data on the RFID chip will be encrypted. Border guards will first physically swipe the passport through an optical reader, as they do today. The information read off the printed ID page supplies the key necessary to decrypt the RFID contents. This should ensure that, even if the RFID chip is reachable, the passport data can’t be acquired without being in physical posession of the passport.

If you don’t trust the radio shield in the passport, you can buy one of these things:

If the radio shield in your passport doesn’t work perfectly, or the passport is left open, a variety of Bad Things can happen:

  • “Black Hat” hackers demonstrated that your passport data can be “cloned” to produce a counterfeit passport that carries your information. They didn’t figure out how to alter the data, though, and the data includes a copy of your picture, so this is only useful if the person using the cloned passport resembles you.
  • It would almost certainly be possible for people with RFID readers to determine that you’re carrying a passport.
  • Bruce Schneier worries that, because each passport RFID chip has a unique serial number, it may be possible to track you individually by your passport’s serial number.
  • The hackers that cloned a passport suggest that RFID passports could, at a minimum, be “fingerprinted” to determine what country they’re from. So, for example, it may be possible to rig a bomb so it detonates when someone carrying a US passport is nearby.

The hackers recommend buying a shielded pouch like the one above. That, or:

Alternatively, Grunwald said, due to some problems with the RFID tag in the German passport, the government decided that the passport will still be valid, even with an inoperative RFID tag. The Chaos Computer Club, a German hacker club, came up with a creative solution, Grunwald said.

The CCC is recommending to just microwave your passport,” he said.

Winning the attention lottery

Seth Godin of Long-Tail fame writes:

Every blog, every site is invisible… until it comes up on shuffle. The shuffle of reddit or digg or a cross-reference in someone else’s rss feed.

The page that Ron and I did was #1 on Digg and Delicious yesterday, at least for a little bit. And the traffic was huge. It really is like winning the attention lottery.

And that’s what has happened to all of us. The local newspaper never had to worry about an attention lottery–everyone in town read the paper. Today, because it’s become molecuralized, our attention flits around, shuffled by one automated (or handbuilt) editor or another.

This is actually bad, I think. The current crop of meta-portals like reddit, digg, del.icio.us et al are mass-popularity contests, and mass-popularity contests seem to always end up emphasizing flashy novelty, curious factoids, inflammatory extremism, or tales of freakish happenings or people.

I admire projects like Findory that aim to build personal lenses through which to filter the Web. I think we will inevitably need something much better than popularity contests to surface material we are each actually interested in reading.

A Series of Tubes jumps the shark

Well, that was fast. I say, Ted Stevens and the Series of Tubes has officially jumped the shark. Here’s an actual television commercial for a CBS affiliate in Denver:

So, time to pack up shop. From the humble beginnings of the Series of Tubes, to stardom on the Daily Show:

It’s been a fun ride. Thank you, Senator Stevens!

Linux still too fiddly for actual humans

I repaved my home Linux box last weekend to upgrade it from Red Hat 9 to Fedora Core 5 after concluding that attempting to upgrade it in place was madness.

Imagine my delight when I set up samba identically on FC5 and found that it didn’t work; I couldn’t mount my shares from my Windows clients; /var/log/messages showed errors like this:

audit(1105232730.949:0): avc: denied { getattr } for pid=Xxx exe=/usr/sbin/smbd path=/samba dev=hdb1 ino=blablabla scontext=root:system_r:smbd_t tcontext=system_u:object_r:default_t tclass=dir

So, what’s the problem? I’ll tell you what the problem is: out of the box, the new Secure Linux (SELinux) features on Fedora Core 5 break samba. As though sharing files with Windows boxes isn’t a primary usage scenario for Linux!

Googling turns up lots of people simply suggesting turning off SELinux either alltogether, or for samba specifically, as a fix. I’m lazy and my box is on an internal network, so that’s what I did. But go read these instructions (or these) for how to get samba to actually work properly and tell me that this is all as it should be. Or this discussion.

My personal conclusion: Linux still has too many sharp edges on it for casual use by mortals.

Frighteningly cheap

It used to be my rule of thumb that a sweet-spot computer could be had for around $1,000. There’s always a tradeoff between getting a shiny-new, super-powerful machine that would “last” for a while, and getting the best “bang for the buck”. $1,000 was generally where it was at, although it was perfectly reasonable to spend closer to $2,000 for a powerful machine.

As far as I can tell, though, computers are rapidly approaching free. I keep an eye on deal-tracking sites for fun, and noticed this Dell offer today. This is a nice deal but far from unheard-of:

Dell Dimension E310 Pentium 4 3.06, 1GB DDR2, 160GB HDD, DVD-ROM + DVDRW, 17″ LCD, Color Printer

Need a translation?

  • Fast, single-processor computer with perfectly reasonable memory and storage. I write software for a living on a machine roughly this powerful
  • Reads and burns DVDs
  • Comes with a 17″ LCD monitor and a color printer

((Infomercial voice)) — How much would you expect to pay for this package? $1,500 ? $2,000?

Dell will sell you this bundle for $398. $419 if you don’t use a Discover card to pay. Not long ago, no LCD monitor could be bought for that little, nevermind a computer. A little longer ago, a color printer cost several times that much money. Now, Dell will give you one free just for fun.

This is a very inexpensive, and very powerful, computer.

With a monitor!

And a printer!

I’m just saying.