June 2002

« May 2002 | Main Index | Archives | July 2002 »

27
Jun

Quote of the day:

Then there's the Berne Convention, the 1971 document from which most international copyright law proceeds. It is not to be confused with the Geneva Convention, which is from a different bit of Switzerland and proscribes "cruel and unusual punishment" such as torture. As a rule of thumb, the Berne Convention says you shouldn't copy Celine Dion CDs, the Geneva Convention bans them outright.

Matthew J C Powell, Australian Reseller News 26/6/2002

From the OpenBSD homepage CVS:

-Five years without a remote hole in the default install!
+One remote hole in the default install, in nearly 6 years!

Or, as JWZ puts it: "___0___ DAYS WITHOUT AND ON-SITE INJURY!" (sic)

Jumping on the bandwagon, a search for "Charles is" on google returns...

  • Charles is god - he sees all, he knows all
  • Charles is joined in death by another boy
  • Charles is a vibrant community of 3,351 people
  • Charles is a member of the Technologyand Society domain and the WAI domain at W3C
  • Charles is an expert in vacuum deposition of thin film coatings and associated processes
  • Charles is kidnapped and found dead
  • Charles is purported to fit more prophecies for the anti-Christ than any ...
  • Charles is Queen of the Meadow
  • Charles is registered with the Yoga Alliance at the 500 hour level

jenett.radio read "Floodbots" and asks what makes Joe Loser tick?

Like the Force, the Internet has a light and dark side. The Dark Side of the Internet lies in its capacity to bestow power without responsibility. It's very easy to assault someone on the net, either through words or through network attacks, and remain anonymous and unaffected.

I hate to fall into stereotypes, but that sort of thing is really attractive to people who have lacked power in real life, who see themselves as victims, and thus (unconsciously) approach the Internet as a way to turn that around.

From a mature perspective, the power to destroy is the poor cousin of the power to create. And you'll find far more people trying to create things on the Internet than trying to destroy them. Barely a day goes by when I don't write something in my blog, livejournal or wiki. Sometimes, people even pay attention to something I say. It doesn't really matter, because it's knowing I'm building something that's important. But it's far easier to get noticed, far easier to have people pay attention to you if you're tearing something down.

From Jamie Zawinski; nightclub owner, webcaster and hacker.

Burn, Hollywood, Burn.

Wow, check this out, from RAIN (Radio and Internet Newsletter): the author of the Yahoo deal on which the new RIAA webcasting royalty rate was based has come forward to say that the deal was specifically designed to make it impossible for small webcasters to compete!

Mark Cuban says:

Now, no one asked me any of these things prior, during, or after the first or second pricing. I'm not sure that this matters. But if it does, here it is: The Yahoo! deal I worked on, if it resembles the deal the CARP ruling was built on, was designed so that there would be less competition, and so that small webcasters who needed to live off of a "percentage-of-revenue" to survive, couldn't.

Please don't drop dead of non-shock.

So, I was browsing Brunching Shuttlecocks, and found the [blank] Anonymous form...

Do you have a problem with elves? Only you can answer that question for yourself. However, taking the following quiz may help to put your relationship to elves in perspective for you. If you end up answering "yes" to three or more questions, you may want to take a good look how your life is affected by elves.

  1. Have you missed classes or work because of elves?
  2. Do you have trouble refusing elves?
  3. Do you need elves in order to have fun at a party?
  4. Do you use elves to build up your self-confidence?
  5. Do you use elves to help you relax?
  6. Have you tried to give up elves and failed?
  7. Do you crave elves as soon as you wake up?
  8. Do you get into trouble because of elves?
  9. Do you crave elves at a definite time daily?
  10. Do you lie to others about how often you partake in elves?
  11. Have you gotten into financial difficulties because of elves?
  12. Do you often wish people would just mind their own business about you and elves?

Remember, there are people who can help you control elves, instead of elves controlling you.

I was talking to an old friend today. She spends a lot of her time helping run the Undernet IRC network, and is really worried about how many trojanned clients are hanging around.

For those of you who don't IRC, here's a quick description of the problem. Joe Loser writes a trojan or virus, and uses it to backdoor a bunch of people with cable modems. Part of the effect of this trojan is to have all the backdoored clients turn up on an IRC network and sit on a particular channel. This way, the perpetrator need not keep track of who is or is not infected, they all come to see him, and he can command them all at once over IRC.

When these bots are ordered to flood a host, they're almost unstoppable. It used to be that packet storms came from a single host, or in the case of smurfing, a single subnet. With distributed denial of service, there are potentially thousands of different hosts the attacks can be coming from, and they all have to be shut off. To quote what I was told:

Remember [person]? One guy caught him cleaning [disinfecting compromised hosts] and launched what his provider called the most vicious attack they have ever seen. They had to get their uplink - Sprint to filter everything, and Sprint almost couldn't handle the attack. [person] was taken out for almost a week. The oper helping [person] had her access cancelled by her ISP the attack was so bad.

The problem is, these compromised hosts are showing up in the thousands, and these days Undernet is probably the smallest of the "big four" networks. My friend is convinced that something big is on the way, that sooner or later, all these people are going to stop using their floodnets to hack ops on IRC servers, and band together to hit some major network infrastructure.

When it happens, it's not going to be pretty.

For the web-designers.

Mark Pilgrim is in the middle of his 30 days to a more accessible weblog. He starts off with four different biographies of (fictional) people who might want to read your web page, but who may run into problems because of some disability. Then each day he shows how certain web design techniques can make things easier for those people. It's a clever approach - by having these real-sounding people to talk about, Mark makes accessability a personal thing, instead of just an abstract concept.

It's official. It's all my fault.

The Sydney Morning Herald had a somewhat jokey front-page column today explaining the defeat of the English soccer team at the hands of Brazil. The first time I read it, I didn't notice this, my mother had to phone and point it out to me. Emphasis mine.

Mind you, it would be nice to blame England's exit on someone or something. The French blamed their own arrogance. The Saudis blamed the ball.

And, of course, the Italians blamed everyone.

If I blame anybody, it is Charles Miller, an expatriate railway worker who introduced the game to Brazil after returning to Sao Paulo from a holiday in England in 1894 with two soccer balls in his baggage.

As has been posted everywhere, Joel Spolsky wrote Strategy Letter V. I posted this comment to his discussion site to correct one major misconception:

The strategy letter is entirely wrong about IBM's Open Source strategy. It's a lovely theory, but the premise is inaccurate.

Myth: They're doing this because IBM is becoming an IT consulting company. IT consulting is a complement of enterprise software. Thus IBM needs to commoditize enterprise software, and the best way to do this is by supporting open source. Lo and behold, their consulting division is winning big with this strategy.

I work for an IBM business partner, doing consulting. They are NOT commoditizing enterprise software. Have you looked at the prices of Websphere or DB2? The new version of Websphere Commerce Suite is apparently going to cost US$150,000 for a single license. A lot of our revenue, and a lot of IBM's revenue comes from selling software. We count on this.

Of course, JBoss have other ideas. They _do_ want to commoditize the application server, and live off the consulting fees. But they're also (or at least their spokesman/head coder is) madly passionate about the ideals of Free Software.

IBM's Open Source strategy comes from making use of things that have /already/ been commoditized to some extent, like Unix-on-Intel, and web-servers. They're also capitalizing on the buzz, which has done a lot to defeat the view in many hacker circles that IBM is evil.

The Register: Microsoft Restores Java to XP. Here's the anatomy of Microsoft's decision-making.

  1. In an effort to cut off Java's client-side air-supply, Microsoft removes their JVM from XP.
  2. Sun milks every drop of publicity out of this. Anyone who finds an applet they can't use is able to download Sun's JRE1.4 Java plugin, which supports all the latest APIs, and has nifty (but as yet unrealized) features like Java Web-Start
  3. With this, plus Netscape/Mozilla's out of the box support for the modern Java plugin, Applet technology starts looking like it might finally be able to escape the doldrums caused by the fact the major browsers never upgraded to Java2.
  4. Microsoft realises they made a mistake, and re-packages their ancient not-quite-JDK1.1 plugin, making it look like they've capitulated to Sun's whining, but actually restoring the old nightmare, and creating new inertia against modern Java applications.

Found on Boing Boing Blog, something nearly too horrific for words...

Power-nerd slashfic. Slash (homoerotic fan fiction) has started to surface starring Steve Jobs and Bill Gates:

"(Jobs) nuzzles my neck, bites my earlobe," Slade writes. "I watch him go to his desk and rummage in one of the top drawers. When he comes back, he's holding a bottle of hand lotion.... He hooks his hand on the waistband of my chinos and briefs, sliding them both down at once.... He runs his hand up my back and leans down to whisper, 'Bill, are you a virgin?'"

"Yes." Sort of.

"I'll be gentle."

Link Discuss (Thanks, Julian!)

Rupert Murdoch on Bill Gates: [link stolen from rebelutionary]

"I don't dislike Bill," he says, when the subject of Microsoft comes up, "but Warren Buffett says that Bill Gates is the kind of man who, if he saw a competitor drowning, would push a hose down his throat to be sure."

Found in radio.html.viewNewsItems:

  • (local flSkip = true)
  • if adritem^.url == xmlUrl
    • flskip = false
  • if flskip
    • continue

flskip isn't used anywhere else. I am now officially afraid of reading Userland code. :)

Matthew Thomas indirectly poses a question.

Assume most "tech bloggers" are employed. This puts them in a position to have detailed knowledge of the field in which they work, including the goings-on within their employer, and the exact position of the competition in their market. This also puts them in a position to be in really big trouble if they disclose that information. If part of the definition of a journalist lies in the editorial freedom to criticise one's employer, can bloggers be journalists?

For example, you work for vendor X. Your employer has published benchmarks, but you know the truth, your product does X and Y better than anyone else (and you're proud of that), but people probably shouldn't use it for W and Z. This is information that really should be given to the Real World. And devotees of the Cluetrain Manifesto (or at least that subset of it that I agree with wholeheartedly) would tell you that making the knowledge public would only increase peoples' confidence in your product, because they finally had some obviously honest advice.

But if you say so in your weblog, marketing is going to nail your ass to the wall.

Bloggers' employers are generally not media companies, and so are not at all pre-disposed to grant employees any leeway for public criticism. A journalist may get away with writing that their boss lost a few million dollars in a stupid deal, a programmer wouldn't.

On top of that, I've lost count of the number of NDA's I'm subject to at the moment. Every project I go on, I'm under some kind of non-disclosure agreement, so if I were to start blogging about things that were happening at work, I might be open to serious liability.

There's a reason I don't name my employer in my blog. I'll disclose that we're a small IBM business partner doing Java development in Sydney, and that we're home to a large number of Davids. You may work out who we are from that, but if you do, you probably know me already.

A point stolen from somewhere on Brunching Shuttlecocks, that sort of justifies my opinion on what should be done with the next Star Wars movie:

The majority of people I know consider "Empire Strikes Back" to be the best of the Star Wars movies.

The Empire Strikes Back:
Directed By: Irvin Kershner
Written by: Leigh Brackett and Lawrence Kasdan
Story by: George Lucas

Suddenly all makes sense, doesn't it?

I bought a copy of The Beatles' Revolver yesterday. I used to have this on vinyl when I was young, but hadn't heard it for almost fifteen years. Listening to the last track of the album, Tomorrow Never Knows, I was amazed at (a) just how far ahead of its time the song was, and (b) how much, thirty years later, the Chemical Brothers ripped it off for Setting Sun.

When you compare today's sequencing and sampling technology with what George Martin and The Beatles accomplished using analog equipment and tape loops, it's pretty amazing.

Quote of the Day: "Failure is not an option. It comes bundled with the software."

Two things from Brunching Shuttlecocks' Lore Fitzgerald Sjöberg.

Brunching Shuttlecocks: The Weblog FAQK

Gosh Jesus no! Weblogs cover a wide range of topics, such as other weblogs, what the mainstream media are saying about weblogging, new weblogs, advances in weblog publishing, books about weblogging, the future of weblogging, and that one naked guy painted up like Spider-Man.

Slumbering Lungfish: Hate Mail

Anyhow, based on an unreliable and unscientific sample, I'd say that religious folks, taken as a whole, are maybe the fourth most thin-skinned group on the Web. The most thin-skinned? Furries. Absolutely, no question.

I can't remember, but who described the Navy as "Rum, sodomy and the lash"?

(I ask because the TV just reported that "It's acknowledged that a culture of alcohol abuse exists amongst some sailors", as if that was news.)

Update: I'm informed that an aide of Winston Churchill said "the only traditions of the Navy are rum, sodomy and the lash", and that Churchill always wished he said it.

A quick note for anyone writing documentation, or filling in default values in the configuration file for an application.

The domains example.com, example.net and example.org are reserved for use in documentation. Thus, if you use bob@example.com in your default configuration file, you can be guaranteed that the address will never exist, and thus there will never be a "Bob" who is annoyed at your stupid choice of example domain names.

Addendum: The authority for this comes from RFC 2606, which also reserves the following top-level domains for the various, obvious uses: .test, .example, .invalid and .localhost.

A post by David Hyatt about web standards reminded me of this rant that's been circling in my head for a while.

Last year, I ranted on mozilla.general about web standards and the W3C.

I mean, what's with the W3C? CSS2 was released in 1998 as a standard, and I can count on the toes of one hand how many compliant browsers have been released, three years later. So what are the W3C doing about it? Yes, they're off working on CSS3. Their own HTML showcase, Amaya, doesn't even support CSS1 properly.

Wahey!

The closest we have to an implementation of this three year old standard is Mozilla. So it's not really "W3C CSS2", it's Mozilla CSS2, because nobody else has bothered with more than a third of it. It may be W3C DOM, but it's an incompatible subset of what people are really _using_ out there.

A follow-up replied to mention that Mozilla is closely involved with the W3C, and you could consider it to be the reference implementation if you want.

However, my sentiment stands. A standard should not be given the name "standard" until there exists a real-world implementation. Until something concrete exists that demonstrates the standard, it's just a good idea that might some day work.

Without an implementation, a standard is unproven. There may be significant, vague edge-cases. There may be outright self-contradictions. There may be things missing that people really want to be able to do (text flowing between columns, anyone?). There may be things that nobody really wants to do, but that catering for adds 10% to the running time. Until there's an implementation, nobody knows.

Publish a standard without an implementation, and you leave those vague edge-cases and self-contradictions to be worked out by the implementors. You'll have competing implementations of the same standard that don't behave the same way. Have a reference implementation, and you can say "It has to look like this"

Anyway, enough ranting for now.

Davezilla: These are the Daves of our Lives. "Everyone knows a Dave or three. Daves are always dependable, competent, rather silly and the jack-of-all trades in most offices. Dave is always the guy who can fix the copier, jumpstart your engine or make that noisy dog calm down."  [Scripting News]

When I started working for my current employer, the company had five Davids (including two of the three company directors). Which wouldn't be too surprising, except that there were only around ten people in the company.

A pretty well-written Salon article on eXtreme Programming. As an aside, I've been on a couple of projects that used (or tried to use) XP. When you can get the buy-in of customer and programmers, and you're not scared to fix the bits of it that don't work for you personally, XP works really well. Just, whatever you do, don't try to do XP without the full involvement of the customer. If you do that, you're doomed.

As another aside, Salon is the one website I've actually paid to subscribe to, purely because I believe it deserves to exist.

The second law of thermodynamics states that any attempt to increase the amount of order in the universe must result in an even greater amount of disorder being produced as a by-product.

Thus, organised people are hastening the death of the universe, whereas us disorganised people are really protecting the environment.

I hate keeping bookmarks. Often, I'll find myself having visited a site a lot through links from other sites, but never remember its URL because each individual time I visited, the site wasn't important enough to remember. I want the web browser to keep track of what sites I visit frequently, and put them in a list for me. And I want the feature to be smart enough to work without me having to perform any configuration, or maintain any lists manually.

The bookmark paradigm hasn't really changed substantially since Mosaic was the Cool New Thing. Considering how central the concept of "remembering where we've been" is to the whole web experience, you'd think the bookmark/history tools would have evolved a little more than they have.

In the very persuasive article Is Tomcat Crap?, Mike Cannon-Brookes makes the following statement about IDEA

Using Orion (or Resin) is just like using IDEA - the developer productivity increase from Orion is just like the personal performance boost you get from using IDEA over NetBeans or JBuilder. (If you're not using IDEA, you really aren't a good server-side Java developer - are you?)

I'd like to plug IDEA as being really cool. I use it at home, and am very impressed. However, I'd just also like to mention that at work I use the Eclipse-based Websphere Studio Application Developer, and so far, it's impressive. I cant wait for WSAD to move to Eclipse 2.0, which would mean compatibility with the Eclipse AspectJ plugin. (full disclosure: my employer is an IBM business partner)

I miss the hot-code-swapping in VisualAge for Java, though. Being able to change code while you were at a breakpoint in the debugger, hit save, and then have the new code running as soon as you start stepping forward again was magical. Maybe when the Java spec settles down and IDEs no longer have to rush to keep up with it, we'll see features like that start to reappear.

I got a whole bunch of hits (ten so far, anyway) from Rebelutionary's list of Java bloggers, so I figure I'd better wave and say Hi. :)

I'd say more but I'm snowed under with work at the moment. I seem to have just been turned into a "defacto project manager", which really means all the work and none of the authority. And on top of that, I suck at delegating. Feh...