Utah Open Source Planet

While I am working on a post-fudcon report.  Its kind of hard to work when the network continues to drop packets.  Currently, I’m on-site in Los Angeles, teaching a course.  Why, oh why does this happen?

Cheers,

Herlo

The following two articles were published in the past couple days.  When they were published and made known to me, I was saddened:

Report: OLPC may eventually switch from Linux to Windows XP
Nicholas Negroponte on Sugar and One Laptop Per Child

It appears, that Greg DeKoenigsberg responded (it appears) to these two articles with a great rebuttal in this article:

OLPC Developers are *not* fundamentalists

Thank you Greg, thank you for saying what I feel inside.  As an open source advocate, I see the value and benefit of free software and its power.  I feel good inside when I contribute and don’t feel anything like a fundamentalist.

Again, thank you Greg.

Cheers,

Herlo

As I usually do while teaching class, I installed a Fedora 8 machine, and ran yum update.  Today I noticed a strange amount of time for one particular download:

While this is hilarious, its shouldn’t happen.  Any ideas?  I know it didn’t take 28927 seconds (or about 1/3 of a day) to download that foomatic package.

Cheers,

Herlo

Let me get this out first, I’m a avid fan of all things Mozilla. Even with the limitations they cause, the problems I’ve heard about Firefox and Thunderbird and all that Jazz, I’m still a big fan, current and future consumer of these wonderful applications.

BUT!

Why is it that a bug that has been logged for some time can go so long without being fixed. It sure seems like a very simple fix, but no, its still broken.

What, you ask, am I talking about? Well, its this bug on mozilla’s bugzilla that’s bugging me. While its not a major bug, its annoying and causes me heartache every time I look into my /tmp directory.

The problem is that as Thunderbird creates and moves data around when using a filter rule. It creates temporary files which is all fine and good, but the problem is the code is broken that removes the temporary files. My /tmp directory just fills and fills with these useless little files. It’s driving me insane. Every time I go into the directory to look at something, I’m bombarded with files that are named tmprules-##.dat , where the ## is a number.

Have a look into the directory:

$ ls /tmp/tmprules*.dat | wc -l
492


Why do we need to have 492 files in there? I don’t even have 492 messages I read each day. Come on Mozilla Foundation, take a few minutes and fix this annoying little bug that’s been hanging around since this March!

Cheers,

Herlo

As some of you may know, I am the founder of the Utah Open Source Foundation.  On November 10, we’ll be holding the Multi-Distro Release Party, and I planned on sharing Fedora (of course), OpenSUSE and Ubuntu.  Its the only Multi-Distro Release Party going on that I know of, but I could be wrong.  If you live in Utah, you should come, it’ll be a blast!

The point of this post is to ask a simple question, however.  During the promotion of this event, I’ve received suggestions beyond the three big versions of Linux that are being released close to one month from each other.  For example, OpenBSD will be release soon, and Apple released Leopard for Mac OSX, among others.  And while every operating system is welcome to participate in the MDRP, I can’t help but wonder about certain definitions.

My question is what counts as a distro?.  I mean how do you classify yourself as a distro?  Is it a Linux only thing?  Or, is it just Open Source OSes?  Maybe its nothing, and I’m just bringing this up for no good reason.

Your comments are appreciated and encouraged.

Cheers,

Herlo

You’ve done it, you’ve gone to your email and clicked a link. The link will happily load into your preferred browser, in my case, Firefox. If you are using gnome-terminal, its a ctrl+click on the link and it works great. I use irssi with gnome-terminal and when someone pastes a link, I ctrl+click and up comes the website in my Firefox. GNOME even will switch me to my own workspace, which is pretty nice!

Except when the link starts with https!

Why is this!

I’ve hunted high and low, searched google for terms like “GNOME click https” with no luck. Frustration has really set in for me, because its not something that majorly affects me but its just enough of a bother. I’ve waited to see if someone else got frustrated enough and wanted to fix this problem as well. So far, no dice.

So, I’m looking for answers to this eternal question. When I click (or ctrl+click) an https link in any application, why doesn’t it automatically load into my browser? Is there a solution to this? Please comment, they are much appreciated.

UPDATE: It seems that from the suggestions I was given, things are working much better now.  Originally, I had the custom option chosen in my preferred applications, and that was pointing to Firefox.  At a whim, I changed it to actually be Firefox, and all is well.

Thanks to everyone who commented on this.

Cheers,

Herlo

Okay, okay, I didn’t get in, but it was sure fun to take a train trip down to the World Series to see the vibe. I’ve never been quite so close to a World Series game. The closest thing for me was when I got to go to watch the Utah Jazz get beaten by the Bulls in 1997 and 1998 in Salt Lake City. The World Series is much better to me since I’m a huge baseball fan.

For your entertainment, I took some interesting, pics:

I also took some pretty pictures of fall in New England. Not being from here, its amazing how beautiful the leaves can be.

Cheers,

Herlo

Some of you may have seen my mailing list posts to SLLUG, PLUG and Ubuntu Utah. If so, you are welcome to participate here and flame me for asking this question as you may have already answered it there.

BUT

I’m curious as to the history, a farce or truth as to why blootbot is considered a female in Utah? Is there some long truthful story that can be told, or is it that someone just decided? Is it like naming a boat? a hurricane? Call it a fascination, a fanaticism, crazy or whatever, I just want to know the history.

In a recent interview with TimRiker, the maintainer of blootbot, I asked him some tough, hard questions:

16:37 <@herlo> TimRiker: so do you know the history of why ibot/infobot/jbot is a girl?  I'd like to learn it...
16:46 < TimRiker> herlo: infobot is not a girl. well, not all the time.
16:46 < goozbach> don't let Charity hear that
16:46  * maquis sends an email to charity....
16:46 < TimRiker> is Charity a girl all the time? 
16:46 < TimRiker> ~gender
16:46 < infobot> I'm hermaphroditic
16:46 < TimRiker> ~gender
16:46 < infobot> I'm hermaphroditic
16:46 < TimRiker> ~gender
16:46 < infobot> I'm female
16:46 < TimRiker> ~gender
16:46 < infobot> I'm pregnant
16:46 < TimRiker> ~gender
16:46 < infobot> I'm pregnant
16:46 < TimRiker> ~gender
16:46 < infobot> I'm gay
16:47 < TimRiker> etc.
16:47 < TimRiker> depends on her mood.

I’d like to hear your opinions, or share your fantastic story of how she became the woman she is today. We love our bot, we do, tell the infobot story…

Cheers,

Herlo

Hi everybody,

I am so happy today. So extremely happy. Excited that the Utah Open Source Conference (UTOSC) was such a success! Flattered by the response. Amazed with the presentations and knowledge floating around all weekend long.

But….

Most of all, I am so happy that you loved the conference so much, and want to have another one next year. So we will!

I personally wanted to thank you all for coming to the conference. Thank you for participating and proving what I already believed. That Utah Open Source is alive and well. Its truly amazing to see how many people came and how many enjoyed themselves. I felt so honored to have organized the event.

In addition to the thank you, I just wanted to share one experience with all of you. This experience happened on Saturday during the morning keynotes (before Tim Riker was to speak). Jayce^ asked who would like to come to the conference next year, every hand was raised! At that moment, I knew, absolutely knew, this was what I wanted to accomplish. I had chills for over 5 minutes after that moment. Thank you Utah for this opportunity.

I hope that others share their thoughts and feelings about the conference. We’d like to hear what we did well and what we didn’t do so well. We think there is much to improve upon and are already planning for next year’s conference. We realize we set the bar pretty high, so we’ll have to double our efforts!

Watch this blog or join our mailing list for announcements and news about what Utah Open Source will be doing in the very near future.

Cheers,

Clint Savage
Founder, Utah Open Source

Yup. I just said it: Windows is a perfect platform.

Obvious counter argument: go out there and search for "windows virus scanner" and check that out: 1.38 million results on Google. 53,000 if you include the quotes.

Either I'm wrong, or Google is lying to me. That's a lot of results for a virus scanner. "Windows virus" turns up 134 million. Clearly, Windows is anything but the perfect platform. My reasons as to why it is regarded as an imperfect, shoddy, spyware-ridden platform are very clearly written in a packet I got ahold of recently, concerning a website which is used extensively at work. The website in question will be launching with a new version soon, and to inform their customers of the upcoming changes and needed alterations to your OS (read: Windows and Internet Explorer) in order for this website to work.

Quoted directly from this thirty page packet: ... "you will need to download a new control from the [XX] site, this requires that you be administrator of your machines for that 1st export only. Unless it is a big company with an IT department, you are likely administrator already."

Let's put this in linux terms. "You are required to run as root in order to get this piece of software to work. You are already running as root, so don't worry about it."
The problem with Windows isn't Windows. The problem with Windows is the absurd number of poorly written software packages, all of which require administrator rights. This is a website, not a system reconfiguration utility. "I know! And, so, I only require administrator rights the first round!" One of these days, I'm going to go find out why it requires administrator rights at all.

This packet then proceeds to outline all of the needed steps to get this new website up and running on the individual computers. This process must be repeated for every user on every computer. For me, this means driving between three buildings, located in Sandy, Salt Lake, and Bountiful. For the curious, that's a half-hour drive. The total machine count is 37. Total miles driven will be just over 50. Time spent in transit will be roughly an hour and a half, all things considered. Once I hit the first building, however, the real work begins. This packet outlines that the following changes need to be made:

1. Adjust the settings of the popup blocker to whitelist said website.
2. Ensure that the cache settings are set to check for new versions of pages automatically (and then clean the cache out).
3. Add the website to the "Trusted Sites" security zone.
4. Adjust the security settings for the "Trusted Sites" zone to allow/do the following: Enable automatic prompting of ActiveX controls, enable binary and script behaviors, download signed ActiveX controls, download unsigned ActiveX controls, initialize and script ActiveX controls not marked as safe, run ActiveX controls and plugins, script ActiveX controls marked safe for scripting, enable automatic prompting for file downloads, enable file downloads, and enable font downloads. (These are the instructions for IE6. IE7 also includes enabling Loose XAML, XAML browser applications, XPS documents, allowing previously unused ActiveX controls to run without prompting, and oddly, disabling video and animation on a webpage that does not use them.)
5. Go ahead and re-read point number four there. I even put the relevant points in bold for you, so by all means, have at it.
6. Check the computer for any of the following toolbars, and if they are found, reconfigure them all individually to also allow popups from the website in question: Google, Yahoo, AOL, MSN, "or anything besides Standard Buttons, Address Bar or Links."
7. The remaining pages are dedicated to disabling or reconfiguring any other possible popup blockers.

It should be noted that not one of those steps included instructions that told me how to download and install said unsigned, marked not safe for scripting, "I need admin rights to continue" ActiveX control.

So, come the Monday morning that this launches, I get to drive around more than I care to, tweaking more settings that need tweaked, decreasing the default system security, installing ActiveX controls as administrator.

There is nothing wrong with Windows; there is everything wrong with the average software package (and/or website, as is this case). Because of this, Windows doesn't even have a fighting chance. If a website you loaded up suddenly popped up a box stating that it wanted your root password to continue, what would you do?

Why don't you do the same thing on Windows though?

Oh, right, the software requires it.

The operating system isn't broken, just all of the third-party software is.

Ah, digg. You came around some time ago, right as "Web 2.0" was getting really big. Throw in the "show/hide" comment javascript magic and you were a perfect fit for web 2.0 and AJAX (which you really are not, despite the fancy "show/hode" comment javascript... oh right, 2001 tricks).

Let's review a recent "digg": "World of Warcraft scans player's Internet Explorer browsing history".

GASP! A GAME! SCANNING MY HISTORY! INVASION OF PRIVACY AND I'M GOING TO BOYCOTT AND SUE!

For the linked picture, aka "proof" to all of you digg users, go here. For those of you who don't care to click (I'd be one of them in your shoes, I am rather boring), it's a screenshot of one of the best windows programs of all times: Process Explorer. In this screenshot, it shows a running copy of World of Warcraft (WoW.exe), and then it lists every file opened by WoW.exe. Semi-surprisingly, listed, is the poster's Internet Explorer history. C:\Document and Settings\Greg\Local Settings\Temporary Internet Files\Content.IE5\index.dat. Yup, that's the history all right.

For those of you who don't know, and I'd assume that number to be many, World of Warcraft employs a nice little thing called "The Warden." The Warden is WoW's anti-cheat. But, not really. That's yet another misconception. The Warden runs every 10 or 15 seconds, searches out every running process, takes a hash of the process name, and compares it against a list of "known bad" (read: botting, hacking, etc.) programs. Yup, that's it. Compared to things like PunkBuster, the Warden is amazingly tame. It does basically nothing.

But never underestimate the power of stupidity, especially when it numbers in the seven million users range. Their anti-cheat has been accused of sending Social Security numbers, bank account numbers and PINs, e-mail addresses, and other "private information that I don't want Blizzard to have." None of this is true, of course, but again: stupidity comes with numbers. Will said anti-cheat read your Quicken title bar and grab your bank account number? Sure will. Will it send it off to Blizzard? Nope. Remember: it hashes the process name and then compares that hash to a list of known botting programs.

Average digg.com user: "So why in the world," (no pun intended) "is this game reading my history? I know you have an anti-cheat, and I know that it's rather invasive: BLIZZARD IS SCANNING MY WEB BROWSING ACTIVITY AND SENDING IT ALL BACK TO THE MOTHERSHIP!" Word for word? No. But do read the comments to the above link, and you'll find several people stating that.

The screenshot proves that WoW.exe can read your history. Nothing more. It does not prove anything more than that, period. "But the screenshot..! The open files!" In the words of the digg.com post:

"The linked screenshot provides proof that WoW developer Blizzard is actively scanning players' browsing history and cookies. Early speculation is that this is a countermeasure against cheaters, but players are arguing that Blizzard has no right to access this highly private data."

Hate to disappoint you, diggers: WoW uses Internet Explorer as part of the in-game engine. No wonder it has access to the history, it's using the browser! No joke? No joke, and no kidding. Want some proof? Here you go. Some more? More proof for you! One last bit? Sure! Even more proof? Here's the HTTP header that the launcher sends: "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)". Check that stuff out. Blizzard has a reason to be in your history! Even though they aren't. Shock.

"But the second link you gave there is just the launcher which runs before you start the game, and the last one is just a blank page!" Yeah, you got me there. That's because there aren't any alerts at the time of posting. And further, it's the "alerts" that are displayed in game when you login. Seriously. You know - that box you see sometimes when you login, that reads: "These realms are down/will be down! Enjoy your stay in WoW, and we're deeply sorry." Yup, that's a webpage, and yup, WoW.exe uses Internet Explorer to render it.

Which brings me to my (*ahem*) point. Digg users are lemmings. Here I thought the the slashdot moderation system encouraged "group think", but that's capped from -1 to +5. Digg is probably capped to 2^32, allowing for stupidity and group think to the scale of 4294967296. Because one person posted a screenshot and said, "here, proof that they WATCH ALL OF YOUR BROWSING HABITS," several hundred people hopped on the bandwagon of "lemming," walked on over to the World of Warcraft forums, and began spamming. They don't know any better: they're just another lemming.

Digg, while "cool," "popular," "web 2.0-ie," and "high traffic," has also become a synonym for "sheer and utter stupidity on a grand scale." It has one or two cool or funny links every so often, but the huge majority of anything on there is just sheer stupidity. Do I care about some guy's experience at a Taco Bell? Or a list of proxies? Maybe a really annoying, incredibly simple game? An idiot suing Amazon?

I believe a very good (not) description of the site is the one found if you google "digg": "Technology focused news site where the stories are chosen by community members rather than editors."

Lemmings, I tell you.

It's pretty much every day that I run across a program on windows that wasn't coded correctly to function in a multi-user enviroment as a good program should. It's not every day, however, that I come across a program that is so horribly coded I decide to create a "Hall of Shame" consisting JUST of that ONE application.

I'm not talking just "bad", I'm talking HORRIBLE. There's a line, and this single application crosses that line in multiple ways at once.

I work for a small law firm, and we recieve massive PDFs of legal documents all day, in any one of a good ten different file viewers and file formats with different file extensions (although I have yet to find a single format that wasn't either a PDF or PCL doc with just that: a different extension and a differently branded viewer). I just had to help a user get their document package to print, and let me tell you, it was a doozy.
First off, I present you with DesertDocs. This is the offender's website, but the website is half the problem. More on that later.

The e-mail in question had nothing more than a document number and a link to this website. If you click on the "WebPost General Inbox" on the side, it'll bring you to a rather confusing page. The nature of the documents include personal information (likely SSIDs, names, addresses, etc.). Nothing that we would knowingly spread around, in other words. So, we picked the "Private Inbox Login" button. Username and password? Not in the e-mail. So, we go back, and pick the "Download Docs" button.

... to be presented with an EULA. Scroll down, click agree... hmm. Now it wants me to install a document viewer for this. Why I need a seperate viewer to view these docs is beyond me, but I've also grown used to it over time (refer to the previous paragraphs). So, I install it (the user in question has guest priviliges, I had to install it personally as the administrator), and try the website again.

Only to be prompted to download the viewer again.

*twitch*

At this point, the user I'm helping has to get this done now, and further, has a migraine. She also had the winning idea: call them. So, we find the toll free number, and call them up.

After explaining the problem to the person who answered, I could tell instantly that they had encountered this problem before. Their solution? "Delete your temporary internet files and cookies, that is what is preventing you from getting the docs you need."

"Okay, done, and it's still not working."

Upon hearing this news, he directed me to the application's Program Files directory, and instructed me to start the "wpcookie.exe" application. (Side note: he directed me to the directory in question by having me right-click the doc viewer shortcut, hit properties, and then 'Find Target'. This is actually ingenious, and probably the only correct thing that I got out of the entire call.) I ran it and it seemingly did nothing. He then told me to open the website up and try again. Tada, it worked.

"So, what did that just do?"

"Place a cookie in Internet Explorer."

Problem one: when enough users call in and whine that it doesn't work, causing you to package a seperate program just to set a cookie on the computer, you have issues.

As pissed off as I was then at how horribly broken their program was, I continued on with the guy, because plain and simple, we needed it to work. I was able to then get to the link to download the documents. I click the link, and naturally, it opens in a popup (which is blocked).

Problem two: when your tech support takes it in stride to tell you to allow the popup that was just blocked, take a clue yourself, 'developers': stop using popup windows.

"Hey! That's what I need!" the user exclaims. "Good," I'm thinking to myself, "I'm almost done." (Hint: I wasn't.)

I was then told to click on 'Print', 'All', and then 'Okay', and I would then be asked a printer to print the docs on. Sure enough, I was, only instead of printing, a 500kb file downloaded, and the viewer program that I had downloaded launched. Only to error out in a horrible way: "Permission denied." I then read the error message.

Problem three: the %TEMP% dir exists for a reason. Quit thinking you can write to Program Files\Your Stupid App\temp, because you can't. Copying the downloaded file from the Temporary Internet Files directory to a temporary directory in Program Files is just plain stupid. Use the %TEMP% dir, that's what it exists for. By doing this, not only are you assuming that the user is running on Windows 95/98, or that they have Administrator rights (which they don't, not on my grounds!), but you're adding multiple security holes into your application and breaking all forms of file system quotas automatically. Oops.

At this point in time, I was laughing to myself, and just blindly following the guy's instructions. Two more attempts were made to fix this. One of these included copying the file from the Temporary Internet Files directory to somewhere else, and then opening the utility to click File --> Open ("Double clicking on the file will not work."). I forget the other.

At this point in time, he said something that was honestly quite amazing: "Huh. Well that's weird."

Someone has never used a windows computer as a guest, have they?

At this point in time, I just told the guy to hang on while I tried something of my own. That something involved giving the user permission to write to the application's own temporary directory. Guess what? It worked.

Guess what else? That little 500kb file? Was an archive. In the archive, was a .pdf and a .html.

Problem four: quit re-inventing the wheel with applications that don't work. I just spent the last 15 minutes on the phone with you trying to fix this, only to find out that you just as likely could have given me a link to the .pdf (the .html wasn't really needed in this case), or, thought of all thoughts, a link to a .zip.

Luckily, this can easily be rectified.

1. Stop pretending that the user WILL had Administrator rights.
2. Stop breaking file system quotas by thinking you're better off using your own personal %TEMP% dir.
3. Stop making up your own file types, and
4. Start using existing ones (no, your way is NOT better in ANY fashion).
5. You could make me eternally grateful by firing your programmers and just giving me a link to the .pdf on the website. Really.

I generally don’t recommend or (as in this case) tell people to avoid a particular vendor. Generally, my comments are kept to tutorials and simple to complex configurations, or stories about my failures so that others might learn from me.In this case, I pretty much want to rip APlus.net a new one!

So here’s the story.

A year ago, I wanted to register utos.org as a domain which is currently used for Utah Open Source and its non-profit website. Anyway, I couldn’t find my current registrar Total Online Solutions interweb address anywhere and I needed to register this site. I’d just had the epiphany about how to help Open Source grow in Utah.

Problem was, I needed to register it now, so I hastily went down the list of possible registrars and didn’t want to go with the big guys, GoDaddy.com or NetworkSolutions, etc. After perusing the list for a short time, I came upon APlus.net. I’d heard of them before, and had thought that they might be a good fit, and of course, the price was right. So I signed up for the account and registered my domain, along with an alternate I ended up not using.

This is where my trouble began…

One week or so after I registered the site all was well. The dns was resolving and everything was working well. It could have been faster, but I wasn’t in the biggest of hurries to be honest. APlus.net did a fine job letting me delegate my domain. A few days later, I received a phone call:

“Hello”, I said.
“Hello, Mr. Savage?”, in broken English, “I am calling from APlus.net”.
“Yes?”
“Well Mr. Savage, I am calling to check with you on your new domain purchases and want to make sure everything is to your satisfaction”
“Yes”, I said, a bit annoyed, “its fine”.

At this point I obviously wondered why I’d answered the phone, but since I thought they might give me a free year of registration or something, I stayed on the line.

“That’s great to hear Mr. Savage, is there anything we here at APlus.net can do for you?”
“No, I’m fine. Things are working well”
“Thank you Mr. Savage, have a nice day then”
“Goodbye”

I thought it odd, who’s ever heard of a salesman calling about a domain registration? I mean, how hard is it to delegate your domain and familiarize yourself with their tools. Everything was pretty straightforward. I brushed it off as no big deal, thinking that was just part of their service.

Two weeks later, I received a similar phone call. I won’t repeat it to you. I kindly thanked them and asked how many calls I was going to get. The man didn’t know.

A month went by before the next call came. Like I said, who calls to see if you are satisfied with your domain? I mean really? I was annoyed and asked the gentleman to have his office make sure not to call me again unless there was an emergency. He said he would and indeed, I’ve not received another call since.

But this is not why I am recommending you avoid APlus.net

My real problems started May 15, 2007. The day after I got the notice to renew my domain.

(more…)