The Caffeinated Penguin

musings of a crackpot hacker

Aaah. Weekend

| October 31, 2003

So it's the weekend. Yayyy! 🙂


Apple is not so bad. They've changed their mind and are releasing patches.

But iDVD is still broken.

Bill G. talks about security.

Specifically: …there are two other techniques [to increase security]: one is called firewalling and the other is called keeping the software up to date. None of these problems (viruses and worms) happened to people who did either one of those things. If you had your firewall set up the right way — and when I say firewall I include scanning e-mail and scanning file transfer — you wouldn't have had a problem.

(emphasis mine)

Now, I agree with the “patch your system” idea, but firewalling? Not just firewalling, but one that actually scans and filters email and file transfers? So, basically what he's saying is that you shouldn't connect a Windows machine to the internet, right? Or, no, wait, you can – just make sure to put it through a firewall and mail/web/ftp proxy and virus scanner. Well, wait – you can do this fairly cheaply with a Linux box. That's ironic – the only secure way to connect your Windows box to the internet is to go through a Linux box. You know, maybe if your email reader didn't let an email destroy your computer, Windows wouldn't have these problems. I mean, to mess up a Linux machine, you have to save the executable, chmod u+x filename, then run it, and even then, it only runs as you, not root, and therefore you can't destroy your system. Pah, the hell with it. Here's how you secure a Windows system:

Secure Windows

And, SCO is now blatantly violating the GPL. Don't you love it? They sell Linux, make money off it, then decide they don't like the terms that people wrote the software under, so they just steal it and make it their own. Time for Linux developers to sue them for violation of license agreements. Hell, can't the FSF sue them? They've been called “Linux's Hit Men” so why not live up to it?

On the “I need to write some more letters” department: RIAA has filed 80 more lawsuits Now, I don't have a problem with them suing people for copyright infringement, but here is the deal:

  • If you settle immediately, it will only cost you a couple thousand dollars
  • If you fight them and lose, you have to pay the settlement (which, it has been threatened, will be many thousands more), plus their court costs.
  • If you fight them and win, you still have to pay your lawyers fees, which will probably be more than the cost of the settlement
  • Unless you countersue and get them to pay your fees for frivolous lawsuits.

Now, if copyright infringement is criminally illegal, why don't they arrest you? Well, because suing works better – if they criminally charge you, the state is involved and they are subject to oversight. Additionally, you can get a public defender. In a civil suit, you don't have any of this; they can do whatever they can get away with.

Corporations were created to protect the owners from losing everything if they get sued.

Shouldn't there be a similar protection for average citizens getting sued by corportations? Otherwise, deep-pocketed corportations can do whatever they want.


| October 31, 2003

Been a busy couple of days.

So, let's see. is apparently involved in a new student group that I'm going to be an associate member in. It's called “QRI for the straight guy” or something akin to that. Basically, it's a bunch of eclectic sex stuff without being full of drama queens. For example, there will be roundtable discussions on legalizing homosexual marriages and such. Of course, I may have to play the “straight man” (pun intended) and argue against them, since a group of people who all agree is kind of boring.

And Simon scored some digits tonight. He was happy. I got to do a little matchmakerish stuff.

Then we went back to his dorm and laughed at the drunken freshmen on his floor.

And I had ginger beer for the first time. I liked it.

In the news:

Apple is not my favorite group of people, considering that when they released the new version of their OS, they basically said “yeah, there were some major security holes in the old one, but we're not going to fix them, buy the new one”. Not even MS does that. (link) Note that the “major hole” is major in the Unix sense of “if you enable this thing that's enabled by default, and do this other thing, you might be able to exploit this bug which allows you to become the user that the thing runs as, which is usually someone with no permissions on your computer”, as opposed to the standard Windows flaws of “don't open any email or surf the web because people can destroy your computer”.

Oh, and iDVD is crippled to only let you record 1.5 hour DVD's. To record more, you need to buy their $400 pro tools thing. Or, just download some free software tools that work properly.

Vietnam says: stop piracy, eliminate Microsoft and are moving their whole government and (and this is the kicker) all PC's made in Vietnam, to Free/Open Source Software.

SCO is more nuts than we all thought. Best quote: “From the outside, it appears so bizarre and so ridiculous that I fear their argument is being misstated”. The sad thing is, I don't think it has. I think they really are serious, at least serious enough to drive stock prices up.

In the blogging is dangerous dept: MS Fires temp for what he said in his blog and Blogger threatened with a libel suit”.

I can see the second one, maybe, but the first one? He basically said “look, MS buys G5's too”. People KNOW THIS. They make Office for OS X. Doesn't it make sense that they have Macs to test it on?

And, it looks like I'm going to give Debian a shot again, as a candidate for the file server. I've always preferred the Debian layout to RedHat's, as it's more classic Unix, like Solaris. However, 3.0r0 had nasty installer issues. Liz used 3.0r1 at work and had no problems, so I guess they must have fixed it. So, I'm going to grab her cd's and give it a whirl.

At URI, 2 students have been kicked out of the dorms for anti-semitic graffiti under the school's “hate crime” rules (they're not called that. They have a nicer name, I forget what).

This brings up the whole idea of hate crimes again. I think hate crime laws are stupid. What's the difference if I spray paint “die whitey” on your door vs. if I splay paint “die fatty” on your door? Oh, the first is a hate crime because it's racial in nature, but the second isn't? Come on, they should both be equally serious. Race/sexual orientation/religion/etc. are all arbitrary conditions that should have as little effect on penalties for crimes as hair color/eye color/weight/etc. They are all equally serious crimes.

The above said, I have no problem with them being kicked out for graffiti, I have a problem that it was because of what they wrote, not that they wrote it.

But, what do you expect, it's URI. They're a bunch of touchey-feelies, make you feel good, enforce diversity, etc. anyway.

I need to repost my criticism of the College of Engineering's Acceptable Use Policy. It was great. I basically objected to the wording because it said “don't do anything that might offend anyone”. Well, I have no idea what might offend anyone, so I asked. I basically got told “You're a white male. You therefore cannot be offended, your opinions of decency don't matter.” Malcom J. Spaulding, who was representing the COE's diversity committee. (And don't even think about suing me for libel- I have witnesses who were in that meeting.)

And just remember folks, we have the Society of Women Engineers, the National Society of Black Engineers, and the Society of Hispanic Professional Engineers, but is there a Society of White Engineers? Of course not; that would be racist and you would get called a Nazi.

Toys toys toys TOYS!!!!

| October 27, 2003

(For the uninitiated, RAID-5 basically means: several hard drives grouped together to provide the appearance of a large drive, with a little bit of space withheld for backup purposes. So, even if 1 drive dies, you can replace it and your data is safe. If 2 die, you're kind of screwed.)

Okay, so last night (conveniently enough) I formulated my long term computer plan. In it, this included 2 high speed RAID-5 arrays – 1 for long term file storage, and 1 for high speed access for use when recording VHS to convert old tapes into DVD's – in order to take the whole 8 hour tape in 1 gulp, I need about 100GB. I then need about that much over again for temp space while editing and rendering.

So, it included 2 arrays of this spec:

3Ware 8506-4LP RAID controller

  • $367.99 @ Seagate Barracuda 7200.7 ST3160023AS 160GB Serial ATA 7200RPM Hard Drive
  • $149.50 @ x 4 = $598

Okay, so it's basically $1000, right? For – 4 x 160 space, but it's RAID-5, so you lose 1 drive for backup info – so 3 x 160 = 480 GB of space.

1 raid array goes in a system I have already, all it needs is a beefier power supply. The other machine need to be built, probably out of spare parts, or cheap stuff on ebay.

Then I see that some company appears to be dumping large amounts of servers through a liquidator on ebay.

I see a 3U rackmount case, with a PIII 866MHz CPU, 1GB of RAM, and TWELVE 80GB Hard Disks, on 2 3Ware RAID controllers and two gigabit cards.

Now, what does this tell us, boys and girls? 1.) 866MHz P3 is a fine file server 2.) 1GB of RAM makes for good caching for a file server 3.) I've yet to see anything that 3ware makes that isn't good 4.) It comes with a case and power supply to drive all this stuff.

Now, originally I thought the drives were in 2 6 channel controllers. However, 3ware never made 6 channel controllers. However, to get 12 drives, you can use a 4 channel and an 8 channel. This means that:

(8 – 1) 80 = 560GB (4 – 1) 80 = 240GB

Hmmmmm…. looks like the top one would make a good file server, and the bottom would make a good workstation array, don't you think?

Now all I need is the aforementioned power supply for the workstation, and I'll be set.

Total cost – less than the cost of one of the arrays.

And I think I like this setup better – the fileserver is heavier on the storage than the workstation, which makes sense.

Laptop Rant

| October 24, 2003

And then I'm off to bed.

People need to stop making sucky, overpriced laptops. What we need is a laptop with:

  • 15″ TFT LCD doing 1400×1050 or greater
  • a proper keyboard (function keys along the top, not up the side)
  • Athlon – M processor (the real mobile one, not a desktop CPU shoehorned in)
  • ATI Radeon graphics
  • Sturdy hinges that don't snap off and crap

What I originally got a hosting service for

| October 24, 2003

These are the images for which I originally got a hosting service. This is a Battletech Miniature – a WarHammer IIC. I shot it with sunlight at my back and the flash off to try and give it a more natural, less harsh look.

WarHammer IIC Front WarHammer IIC Side

Long, Long day

| October 24, 2003

So, my day was long. Just exhausting. I ended up getting the customer squared away, and I think it made points for the company that we were willing to sit there and work through it with them and when we got to the end of the day, they were all set and ready to go. But, it was hard getting there.

In other news, I may have people to play paintball with again. Simon said he had some friends who played on private land around here, which is nice, because I don't have to deal with stupid people. It will be like being back in Burrillville, playing with my uncle and his friends, I hope.

Of course, that means I need to find a place to get air and paint. I used to buy them at the field, so I don't really know where to buy them around here.

Of course, if these people play, then they must know.

In the news: Today is national take back your time day. Basically, Americans are overworked and we need to have things like minimum 4 weeks paid vacations, shorter work weeks, all that. Now, I can't say that I completely disagree. However, we can't do this without compromising productivity, and we can't do this unless everyone does it. Otherwise, the companies that do this will be less profitable and get eaten by the ones with the guys putting in 60-80 hour weeks. As it is, I usually work about 45-50 per week (technically it's an 8 hour day + 1 for lunch, and I usually end up eating at my desk, plus I often end up staying late a couple nights a week, and there have been a few weekends). Do I mind? Not really – it pays well for being fresh out of college, it's a small company so I get a lot of responsibility early in my career, and I also get a feeling of control and direction – I'm personally involved with this company's continued success.

A bunch of guys developing with a proprietary toolkit are SOL when the company goes out of business.

AOL is disabling services on customers' computers in order to stop popup spam. This is that Windows Messenger/WinPopUp/Net Send service that spammers are using to send annoying messages to people. Yet another Windows “feature” that was nifty in Win 3.1, but no one ever really used and is retained for 10 years for some stupid reason.

Tridge is wicked smot. I want to write software that's used by like every major company on the planet, too.

More on the MPAA's anti-copyright infringement campaign: they plan to indoctrinate our children in exchage for financial support of schools.

I suppose that's it for now.

Today's news brief

| October 22, 2003

Lots of news today:

Diebold maker of e-voting systems has come under scrutiny for things like miscounts and other “glitches” that affect the output of elections. Some of their internal memos were leaked to the press (it ends up being like 5 years of mailing list archives), and of course, then came the cease and decist messages. But, Swarthmore Students are mirroring it, along with other people. This is important folks; they are up for use in something like 37 states. Here are Slashdot's articles on them. Read.

AT&T is switching to an all-whitelist email setup. (Link) This means that any ISP who doesn't email them and say “hey, this is my mailserver and it's real” and gets approved by AT&T won't be able to send email to people at AT&T email addresses. So, AT&T will be added to the “ISP's are trying to break the internet in the guise of stopping spam, which is arguably a free speech right anyway” email.

Speaking of spam – I get an email (on my Linux box) that says “we've detected your computer is vulnerable – buy Norton Antivirus for Windows”.

SCO sez: I owe them $699 because of some code in the Linux kernel, but they don't want my money now, because I'm not a Fortune 1000 company. They'll get to me later.

And, on the Microsoft front, Windows is more secure than Linux, but old versions of MS Office sucked, so people should upgrade. (Link)

OpenOffice. Yes, it is free. Yes, it makes pdf's. Yes, they have it for Windows.

So, it was just kind of a screwed up day.

I'm sleepy now. Night.

Cingular sucks

| October 21, 2003

Okay, so I was going to take my free evening and write Cingular a letter. See, Liz and I went to their store in Warwick, because the website says that they do equipment upgrades there and I want them to look at my phone. The man behind the counter says that they do not deal with equipment there, and hands me this photocopied flyer that says that there is a new location open in Providence, in this two story metal building. Oh, and there's no cash drawer, so you'll have to pay by check or exact. This location is not listed on Cingular's website.

This struck me as: 1.) VERY shady 2.) Misinformation on Cingular's website (I'm assuming this is innocent – these things have a way of getting out of date).

So, I was going to send them a nice friendly email and say “hey, you guys might want to look into this.” But, on their website, no Customer Service email address. Okay, fine, how about a form submission? Nope. Okay, they don't like email. How about a paper letter? Customer service mailing address? Anyone? Beuller? Nope, no customer service address. General address? Well, I have the ones that I send the checks to. I also have the one for their corporate headquarters (both on their website and on the FCC's provider lookup site).

So, I am now pretty pissed off. On the back of your bill, and in the “Customer Service” section of their website should be published contact information of an address to which to send paper feedback. Period.

So, I emailed the FCC asking if this is illegal. If it is, I will file a complaint with the FCC. If it is not, it should be. This information is provided on all my other bills.

While I was at it, I asked about the Cox thing. I found some stuff that suggests that the FCC doesn't do ISP's, the FTC does. But, then I found other stuff that suggests that they do do broadband providers, because they are like telecom companies, not just service companies.


| October 21, 2003

Back online, and backordered for 2 months. It looks like they sold something like 10,000 units in a week.

This guy is going to make a fortune.

Oh, and for the record: 1.) I think this is absolutely hilarious. 2.) I want the Redneckopoly when it comes out. 3.) I applaud this guy for standing up and telling people to shove it. 4.) I would love to see a Yuppieopoly/rich white man opoly – oh, wait; It's called Monopoly.

No gaming tonight

| October 21, 2003

So, Dennis is ill, therefore there is no gaming (he's the GM, makes it kind of hard). It's okay by Simon, since he has a mid-term tomorrow. Mike is here playing video games, which is fine – I don't mind the company.

I took the unexpected time to get another thing done on my projects list – swapping the soundcards between to boxes. It's really odd. In the Windows box, I have an SB Live. In the Linux box, I have a Hoontech Digital XG. I put that one in the Linux box because it was supposed to be good for recording. Well, it looks like I won't be using the soundcard anyway, because I'm going to do it all through DV using one of those high quality RCA/S-Video/Component -> DV converter boxes, which grabs the audio and sends it down as part of the DV stream. So, the cards are kind of arbitrary.

Meanwhile, I have a video game that I haven't played yet and got for last Christmas. It's a space game called Terminus. This needs a joystick. So, I dig out my joystick and try to get it to work on the Hoontech card. No dice. Maybe the port is bad? So, I swap it into the Windows machine. Works there. Okay, then maybe it's an ALSA problem. So, I email the Alsa guys. They give me some pointers, but I can never get it to work quite right, even though it's supposed to.

Which brings us to today – I needed to take an hour or so to swap the cards and get it to work. So, swap the two, a kernel recompile to compile the driver for the SB Live gameport; set up a couple dependancies so that everything loads automagically; done. Joysticks on both boxes now. Cross another thing off my list.

My boss reads my livejournal. He told me so at work. Of course, the number one question the people who overheard had was if I said anything interesting about work, like stuff that might get me in trouble or something. I thought the whole thing was rather silly – after all, it's a simple axiom: don't say anything, anywhere, that you don't want getting back to the wrong people. It's just a general way to keep yourself out of trouble. Play things close to the vest, you know? Apparently some people have issues with this concept or something.

In the news: Microsoft says that Apple's iTunes software is bad because it restricts user choice. While they may have a point, it's Microsoft saying this. Of course, I think it's limiting because there isn't a Linux version.

Linux Zealots are terrorists. At face value, this is annoying, but when you read the article, you realize that I fall somewhere between this guy's definition of “Pro” and “Priest”. What he calls Zealots seem to be the Linux equivalent of Jeff K.