e-xpensive

I’ve begun reading more fiction again, after a long hiatus. I used to devour books like crazy as a teenager, but they gradually got replaced by textbooks and technical manuals and games and web surfing and so on, and I just didn’t have time for plain old written stories anymore.

Now that I’ve got my V37 though, it’s made it a lot more convenient to find books, tote them around, and read them in spare moments thanks to the wonders of the e-book formats.

There is the occasional problem though, and it’s best illustrated here.

Why in the world is the e-book version over 40% more expensive than if you were to buy it brand new in paperback??? The physical book’s price includes a lot of overhead costs like distribution, storage, printing, etc. that would be next to nothing for the e-book version, yet they want even more for it. The only reason I can think of is that demand for it is expected to be so low that the production cost of putting it in e-book format has to be a large chunk of each sale (i.e., if it cost $10,000 to convert and you only expect to sell 1000 copies, each copy becomes $10 more expensive), but then the high price deters people from the e-book version anyway.

Another questionable tactic is that of selling off individual short stories. Not that there’s anything theoretically wrong with it, but here it seems like an attempt to squeeze more money out of them. Traditionally you would get a bunch of short stories in a collection, but if you were to add up enough of the stories you’d expect to get in one, the total cost is a lot higher when you have to buy them separately. I don’t want to have to look through the whole list, story-by-story, trying to figure out if it’s worth the 87 cents or not.

Fortunately most e-books *are* cheaper than the paper versions by a buck or two. It’s debatable whether an e-book is really a good replacement for a ‘real’, printed book, but the cheaper they are, the more you can get. I’ll probably just get printed versions of my favourites, which I might still want to reread twenty years down the road, but I don’t need printed versions of *every* so-so story I run across.

The Kernel’s New Recipe

The 2.6 branch of the Linux kernels is fast approaching ‘release’ status — the current version 2.6.0-test8 is essentially a release candidate, even if they don’t call it that specifically. I was curious just what was new in it and the latest version of Slackware I installed is supposed to be 2.6-ready, so I gave it a whirl.

What difference do kernel changes really make though? Well, here is a summary of the major changes between 2.4 and 2.6, and there’s a lot of them. Most are fairly subtle and arcane, so I’m just going to focus on the ones that really matter to me:
Continue reading “The Kernel’s New Recipe”

VeriSign Destroys The Internet

Okay, maybe that’s overstating things a bit. A small bit.

VeriSign, the company responsible for maintaining the top-level domain registry, started causing hostname lookups for non-existent domains to resolve to a site of their own, which would then show you a directory of sites that might help lead you to what you were looking for. ICANN made them stop doing it for a while, but VeriSign has vowed that they will put the service back into operation sometime soon.

What’s the problem?

Well, it’s formally incorrect behaviour and false information, for one. If I try to look up a name that doesn’t exist, I should get an error indicating that it doesn’t exist, not the IP address of some other site which isn’t what I’m looking for.

It’s annoying. An incorrect name error immediately tells me something is wrong, but if I get redirected I don’t know that until the site loads and I see it’s not the one I expected. With a ton of people being redirected to this single site it’ll get busy, so it could take a while just to find that out. And since the browser considers it a valid site, the misspelled name is now in the browser history, mucking up future lookups.

It impacts other programs and protocols; the Internet is more than just the web, after all. If I try to FTP/IRC/ssh/etc. to a site that doesn’t exist, instead of being told that it doesn’t exist my connection will now either be refused, or it will timeout. That doesn’t tell me that the name was wrong, so I remain unaware that the name I tried was incorrect and wind up thinking it’s just down or busy at the moment. Spam filters that try to check whether the originating domain is valid or not can no longer use that check — every domain name will appear to be valid. Misaddressed e-mail will have to pass through VeriSign’s e-mail servers before bouncing, if they even bother handling it, instead of letting the sender know immediately.

It’s unnecessary. Most browsers already give you the option of automatically doing a search engine lookup if the site you tried to reach doesn’t exist. This change by VeriSign overrides that, unnecessarily.

It’s a solution for a problem that doesn’t exist in the first place, that just causes even more problems. It smacks of being driven by advertising revenue behind their directory, which seems a tad unethical. It’s like having the phone company automatically forwarding you to Bob’s Auto Repair whenever you misdial Joe’s Auto Repair by one digit…

The Bug Stops Here

As they tell you, in theory, there is a very simple procedure for tracking down and fixing bugs:
– Get a description of the conditions that cause the bug.
– Reproduce the problem on your own test systems.
– Use debugging tools to find the cause in the code.
– Fix the bug and prepare a new package with the fix.
– Give the fixed package to the customer. Everyone smiles!

They LIE.
Continue reading “The Bug Stops Here”

A Microsoft Miracle

[Tue Sep 30 16:45:59 2003] [error] [client 68.37.128.146] File does not exist:
/var/www/htdocs/scripts/..%2f../winnt/system32/cmd.exe
[Thu Oct 2 09:47:49 2003] [error] [client 68.65.168.115] File does not exist:
/var/www/htdocs/scripts/root.exe

What is the significance of these log entries?

They mean that I actually went for over 24 hours without a single goddamn Windows virus attack. A miracle indeed.

Move Over FTP

FTP has long been a mainstay of transferring files, but it’s been plagued by problems due to its centralized nature, especially for popular files: if the site is down you can’t get it, central or popular sites are often slow, mirrors get out of sync, etc… File sharing a la KaZaA/Gnutella is an alternative, but then you have to search for what you want and hope it turns up, connections aren’t reliable, what you get might have a virus…

Fortunately, these concepts have been merged into newer programs like BitTorrent and eDonkey, where you download chunks of the file from other people who are also downloading it. The bandwidth requirements are thus scattered across a large number of systems, you don’t depend on a single site, and the result is checked against the original package description to ensure integrity.

As an example, the Slackware 9.1 ISO images were released last week, but it was almost impossible to get on the main site or any mirrors and download it at a decent rate. Using the BitTorrent links instead though, I was able to immediately download both ISOs at over 250kB/s. At the same time, my client exported about half of the ISO data, which in turn helped other people who were downloading the files.

They’re certainly not a complete replacement for FTP yet, but hopefully we’ll see the usage of these kinds of programs on the increase. A lot of large data files like movie trailers, game demos, etc. can certainly benefit from this kind of distribution. Otherwise you’re stuck with services like FilePlanet where you wait forever in ‘line’ to download a file at a way too slow rate…

Pain, Thy Name Is Spam

I’m still getting flooded with those stupid Swen virus e-mails, as is half the planet apparently, but now I have a new spam menace to contend with as well.

In an effort to bypass filters and pose as legitimate e-mail, spammers are sending out e-mails with legitimate From: addresses. If you were to connect to the MX record’s mail server for that person and verify the address you would find that it does in fact exist. Unfortunately, it’s not the person who actually sent the spam… The spammers have huge lists of e-mail addresses they can send to, and they can pose as people on that list as well.

My e-mail address appears to have gotten on one of these lists, so now some people are receiving spam messages that appear as though they are being sent by me. Not only that but it’s the address of my private mailbox, which I had set up separate from a public one specifically to avoid spam. It got leaked somewhere along the way, though it’s hard to tell where.

Not only do I get the blame for these spam messages, but the errors regarding full mailboxes (fairly common with this Swen virus filling peoples’ mailboxes), nonexistent users and domains, etc. all get bounced back to me. Now I’m constantly cleaning viruses out of my public mailbox and error messages out of my private one. I really need to set up those filters…

This ought to be illegal, if it isn’t already. At the very least it’s identity theft for them to send e-mail using my address.

Password Hell

You wouldn’t think that changing your password would be a big deal. Enter your old password, enter the new password twice, that’s it. Except if you’re on a Windows domain…

The domain policy is set up to force us to change passwords every 90 days, as a standard security precaution. It never fails though — within hours of changing the password, the Weird Things start happening. Some shares remain accessible, some start giving me vague authentication errors, some claim they don’t exist anymore…

After a quick trip to the admin’s office, it’s discovered that my account is locked out because of too many failed password attempts. Of course there was no explicit warning of this at my own workstation as I had continued to be able to lock and unlock the console without trouble… I had however left myself logged in on my other development system under the previous password, and it was what was causing the failed password attempts.

Fine, I log out and back in on that system, unlock my account, and everything’s back to normal. Until a few hours later when the Weird Things start up again…

After roaming from office to office checking all of our test systems, I finally find one of our rarely-used systems that I had logged into two months ago to test something and forgotten to log out of. After logging out of that one and unlocking the account yet again, things are *finally* normal for good. Or at least until the next password change.

You’d think there would be a better way of handling this…

E-mail Hell

I’ve got to get my e-mail filtering system back in place.

I’m not being overwhelmed by spam as much as a lot of other people — I only get maybe a dozen pieces of spam a day. It’s still the majority of mail that I recieve though, and they’re getting sneaky enough to use subject lines that make you hesitate and think it just might be relevant, especially when you run a web site. You get a piece of e-mail with the subject “I think this link is broken” only to find out it’s for GENERIC VIAGRA CHEAP! when you open it…

Unfortunately spam is getting trickier to filter out no thanks to things like the use of HTML in e-mail. HTML was never meant for e-mails, but some wiseguys got the idea of making it show up in mail readers if it happened to be present, which encouraged people to use it, which made e-mail client explicitly allow composing in it… Unfortunately, HTML allows things like:

1) Obscuring the real text of the message

I wish you could filter our just on specific words like “Viagra”, but that doesn’t work anymore due to embedded HTML comments. Although on your screen it might show up as all one word, within the raw text it actually looks something like

Vi<!--fdsatfrqrf-->a<!--gehjwghk-->gr<!--iouwhjlkh-->a

They specifically try to block matching against words by inserting random HTML comments all over the place.

2) Tracking your usage

Some e-mails are now including ‘invisible’ images which link back to a website run by whoever sent the spam. As soon as you open it, if your mail client automatically loads HTML data, it contacts the web site and presto, the company now knows that you actually opened the e-mail. E-mail addresses that are verified to be valid are considered more valuable than unverified addresses. Expect to get a lot more spam sent your way…

Time to start tuning those filters a bit more…

Scanning For Intruders…

In my insatiable quest for toys, I finally picked up a flatbed scanner. I had been holding out trying to find a 2400 dpi model around here, but after playing around with it a bit, I doubt I’ll even use the full 1600 dpi of this model all that often (those files get huge!).

There is actually a practical reason for it. As part of the process of cleaning up around here, there are a bunch of things that I’d like to keep around, but just don’t have the space for: pictures, segments from magazines, comic strips, etc. So instead I’m going to scan them in and then I can ditch the originals. Second on the list is the comics found in the back of The Gateway student newspaper I picked up when I was a student at the UofA (besides the ones that already have their own scans online, like Space Moose or Bob The Angry Flower).

First though, was a promise I’d made to my mother to try and reproduce a picture from a photographic proof (the tiny little sample pictures you get to choose from for the final picture) of her parents. She’d tried taking it to photographers and getting them to reprint it, but they wouldn’t do it — apparently they don’t work off of other peoples’ proofs on general principle since it may be someone trying to scam the photographer into getting them the free sample proofs and then taking it to another, cheaper photographer for the final work.

Unfortunately in this case we don’t know who the original photographer was, whether he’s even still in business, or whether he’d even still have the negatives after all this time, and we can’t exactly take her parents down and have another picture taken when one of them is dead… So, we’ve had to take matters into our own hands and thus I’m trying to scan and reprint the photo based off this tiny little proof picture. This is the best I have so far:

(Shrunken down for web viewing, of course. The original file is 3403 pixels by 4797!)

Where Does He Get Those Wonderful Toys?

From Microsoft of all places, actually…

MS is apparently trying to encourage us developers to work on PocketPC programs, so as part of a new promotion they sent free Viewsonic V37 PocketPCs out to those of us who filled out all the paperwork and such early enough. (No, I can’t get you one. MSDN members only and they’re probably all long gone now.)

Not my first choice of PDA due to the general crumminess of Windows CE, but it’ll suffice for the few things I’d want it to do. It’s not like I’m looking for a high-reliability server here. And hey, it was free, so I can’t complain too much.

Copy Control Can Blow Me

Having previously easily ripped a supposedly copy-protected disc I felt lucky and tried again with Delerium’s latest, Chimera. My CD-RW drive didn’t even want to recognize the disc at first, giving me the “I-have-no-idea-what-the-hell-you-just-stuck-in-me” flashing light error, but ejecting and reloading it repeatedly eventually got it recognized. My older drive in the other system just locked up any time I tried to access the disc.

Tracks 2 and on were ripped without incident, but track 1 insisted on being a pain in the ass. Each attempt to rip it resulted in a ton of ATAPI errors and a big blank spot in the resulting file. I even tried the marker-around-the-rim trick to no avail. Eventually I decided to try taking the output from multiple attempts and manually merging them into a single file, but miraculously enough after a few more ejects and reloads, on the third try I got a perfectly clean copy. It took way too long to get there though.

Stuff like this is more likely to make a person like me, who does legitimately buy most music, go and pirate even more tracks. I don’t think I’ll be buying any more Copy Controlled discs anymore, at least.

Black Magic

Behold, the first new keyboard I’ve bought in nearly 10 years:

It’s the same design as the older IBM keyboards (it’s made by a company spun off from IBM’s old keyboard/printer group, Lexmark), with the ultra-noisy solid tactile feedback. And no freaking Windows keys.

There isn’t really anything wrong with the old one, it’s just not as cool as this one. It was getting rather filthy anyway.

We’re From Microsoft And We’re Here To Help

Run for the hills! Microsoft is apparently going to fix Usenet. I didn’t even know it was broken…

I can just see their Newgroup Assistance Wizard now:

It looks like you’re writing a Usenet post! Would you like to:

  • Quote 200 lines and say “me too”.
  • Post a blank message
  • Crosspost to five other unrelated groups
  • Attach a 70-line signature
  • Post in broken HTML

it difficult for the casual person to use effectively, but on the plus side that’s acted as a bit of a filter; you had to have at least some minimum amount of smarts to be able to use a newsreader, find the appropriate groups, follow proper posting procedures, etc. When AOL and WebTV provided simplified access to Usenet, posting from those domains quickly became a badge of dishonour because most people posting from them were, well, idiots. Not everyone, certainly, but enough that the trend was difficult to ignore.

It is a bit elitist to resent the arrival of ‘less worthy’ people, I suppose, but I do worry about its effect upon some of the more popular groups. The arrival of spam destroyed many perfectly good groups by making the legitimate conversations difficult to find among all the “MAKE MONEY FAST!” postings, and something similar could happen with a huge influx of clueless newbies. It’s already hard to follow some groups’ hundreds or thousands of new posts a day.

Then again this could all be the ramblings of an old geezer pining for the old “Golden Age” (if there ever was such a thing). :-) Usenet’s ‘death’ has been predicted over and over to the point where it’s become a cliche, and certainly everyone has the right to access it if they want, whether they’re able to contribute anything meaningful or not. About all I can really do is furrow my brow and go “Hmmm…”

And hey, it could mean more kooks for our amusement.

Bailey Must Die

I’ve mentioned before about having troubles with a RAID array in one of my test systems, named ‘bailey.’ (The convention around the office is to name new systems after brands of alcohol.) Well, the fun never stops…

It continues to generate errors from the RAID controller, though there are no apparent failing drives. According to our infrastructure manager, the RAID controller in bailey is known not to work very well with dual CPU systems, and guess what bailey is… So, I’ve had to pull the second CPU out.

It’s also giving me random timeout errors on the external SCSI bus that’s connected to the tape library and drives. It wasn’t doing this up until yesterday, but now it’s decided to be cranky, so now I’m swapping around cables and terminators and such trying to get it to behave.

And the software I’m testing on it, an HSM package for automatic disk/tape data migration, keeps giving me “NetBIOS session number out of range” errors. What does that mean? Damned if I know. All these other errors are potentially corrupting all the data I’m generating, too.

If I ever get these tests successfully completed, I’m going to melt bailey down into scrap metal and use it for a doorstop…

It Lives!

Derzon is now up and running and my stuff should be accessible 24/7 now, rather than bouncing up and down as my gaming needs dictate. Passwords should be the same as before, and FTP is accessible now until I figure out how to get FTP-over-SSH working.

The universe seems to have been conspiring against me to try and keep me from getting it back up. My hub appears to be dead, which forced me to trek halfway across the city just to get a crossover cable; one of my KVM cables was missing; the older CD-ROM drive I have didn’t want to read CD-RW discs…

But those were nothing compared to just trying to copy the data across.
Continue reading “It Lives!”

Can Anyone Spare Some Vacuum Tubes?

I whipped out my calculator recently for something or other, and it only just hit me how old this thing is. I bought it for use in Grade 10 math class, and even then it was at the lower end of the HP line, with the fancy-shmancy calculators with *two* lines of text just coming out. And it would be another few years before graphing calculators would become all the rage among university students.

I’ve only ever had to replace the batteries in it once, too. I wish more things lasted that long…

RAID, Kills Drives Dead

I’m now sitting here waiting on a horrendously slow rebuild of a replacement disk in the RAID array of my test system. And this is after a RAID failure on our secondary DNS server two days ago. And a RAID failure on our primary domain controller last week. And a total disk loss due to two RAID failures on our software library server last month.

I keep meaning to set up a RAID array at home, but with my luck so far it’ll just make the drives blow up faster… :-P