Utah Open Source Planet

Image by windley via Flickr

Todd Ogasawara has some good advice for Mac Switchers that might keep you from lamenting your move. I switched in 2002 but had never really been a Windows user (Sun mostly) and I knew Unix cold, so switching wasn't such a big deal for me. But if you've been a long time Windows user and think a Mac might be fun, read Todd's advice first. I love number two:

2. If you do go cold turkey, don't drag your wife, girlfriend, significant other, parents, child, best friend along for the ride until you begin get comfortable with Mac OS X yourself.

From A Brief Guide for Mac Switchers/Try-ers
Referenced Wed Jan 07 2009 07:32:21 GMT-0700 (MST)

Wait until they ask. That's the best way. And they will ask if they see you having fun on your new Mac.

Tags: osx windows switching

Image via Wikipedia

If you do Web design, and who doesn't these days, then you might be interested in seeing how your site operates in multiple browsers. You could, of course, create a virtual machine for each version of Internet Explorer that you want to test against. But there's a better way.

There is a repository of standalone IE versions all the way back to 3.0. Tredsoft has an installer that will install any or all of these in one convenient package. A few minutes after starting the download, I had IE6 up and running in all it's, ahem, glory. IE7 runs right along side without a hiccup.

Tags: internet+explorer web+design windows

The other day I wrote a post about Mac OS and it quietly suggesting that people install anti-virus software. I want to bring up this link shown to me by my friend JC. In short, Apple has removed the knowledge-base article suggesting Mac OS users install anti-virus software. The reason that they removed this is that "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box.”

Joseph brought up a great question, why are Operating Systems built on a *nix kernel more secure against malicious software than Windows. I think there are some fundamental reasons why this is true. First, Unix/Linux OS are actually multi user. Yep, I would contend that even though Windows can have 'multiple' users, it is not actually a multi user operating system. Let me explain. Unless you actually have a SysAdmin that is going to change it, Windows by default will let anyone look at, write to, and execute any file regardless of who's file it is (Windows files don't actually have 'owners'). So, who cares that it isn't a multi user system? Well, instead of having programs that are restricted to specific services based on which user it is actually running under any program can do anything and has access to any service.

With any file having access to anything it brings up the second point. Unix style systems keep the operating system separate from the other programs. Windows does not protect itself in any way. It will let any program install and even change vital system dll's within the Windows32 folder. Further more it will do this with no verification that this is actually being run by someone with proper authority.

Now any system could be compromised depending on what software is run. It is important to know and trust where software is coming from. Most Linux/Unix software comes from online repositories that are verified by GPG key. If someone has changed the repository the package management system will throw up a warning. Furthermore the majority of software that is not received from an online repository will give an md5 sum to verify that the package hasn't been tampered with. By way of contrast Windows updates, and software for windows received off the internet has no verification method whatsoever.

I'm sure that more experience will lend to more reasons for greater system strength. If anyone has further thoughts on this I would love to hear it.

Words of advice from the multi-platform add-on session at AddOnCon:

1. Start from the beginning to support multiple browsers by not using features that are specific to one or the other.
2. Keep things like XPath expression standard
3. Test IE add-ons on Vista and IE8 first--especially if you're going to use an external process.
4. Using an external process in IE can greatly increase testability
5. Modularity and code portability
6. The learning curve for IE add-on development is steep. Once you're on top, it flattens out and gets easier.
7. Crashing the browser is easy in IE and the opportunity for conflicts is high
8. Make sure your code can generate debug reports and give the user the opportunity to forward them (debughelp.dll is your friend)

Tags: addoncon addons programming windows internet+explorer firefox

Image via Wikipedia

Windows Vista (oops, can I still call it that?) has "Windows Genuine Advantage" and so when it's moved to new hardware have having been installed somewhere else, it needs to be "reactivated."

Parallels Desktop was recently updated to version 4.0. This apparently involved some changes to the virtualized hardware presented to the OS since machines created with older versions of Parallels have to be upgraded.

You can see where this is going. The conversion process "fails" with a message that something has to be done manually. When you get into the machine, Vista is asking to reactivated. Here's the kicker. The reactivation process wants to use the network. But you haven't installed the drivers for the virtualized hardware yet, so it isn't available.

You've got a Catch-22. To reactivate you need the network, but you can't install the drivers until you reactivate. What to do?

Microsoft thought of this scenario. There are folks (2 somewhere in Iowa) who don't have Internet connections. So Microsoft provides an automated phone activation system. It works like this:

After you enter in your product activation key, and click "phone activation" you see this screen:

Call the number and the automated system asks you to read or type in the numbers from each of the 9 groups--54 numbers. Then the system reads back 56 numbers to you, which you type in the boxes in 9 groups. Click next and if you didn't make any mistakes, you're done. Vista comes up, birds sing, and the sun shines. Well, Vista comes up anyway.

So, the advantage clearly wasn't to me since WGA cost me 30 minutes of my life. Sigh.

Tags: parallels microsoft windows vista virtualization drm

So, I had an interesting IT issue. It seems that one of my windows users was having some real problems with internet explorer. I showed her firefox but it doesn't seem to do it for her. So, after much digging I decide the best thing is to download IE and do a good old R&R. Well, that broke things nearly beyond repair. Now there is no internet. So I go to do a windows update and it won't load the site in IE, because it is broken. And windows update doesn't work in FF . . . just because. So, I manually update to IE7 and I still can't update the machine and only half the web will pull up. So, here are my two gripes.

1. With an integrated browser if you do have some big meltdown you can't do a simple remove and replace, you must reinstall the whole OS.
2. When you only can use your integrated browser for OS updates if you have a browser problem you have to install the OS to fix the browser so you can fix the OS. It is a crappy catch 22.

So I’ve become a huge fan of Linux Haters blog because he makes some very valid points about Linux and the open source community in general and it got me thinking of why I moved from Windows to Linux in the first place.

Picture this, you just bought built a brand new computer and want to install the brand spankin’ new Windows Vista Ultimate, you plop down $300, and away you go! What does $300 get you? A bare minimum operating system with nothing but MS Paint and Media Player.

So you spend the next 45 minutes installing your bare minimum operating system, it takes 45 minutes because the initial install is 15gb, so by bare minimum I mean feature set, not file size. So after you get installed you try to use the Internet and realize that it didn’t detect any of your hardware (video, audio, network), so you spend the next 2 hours spidering through multiple vendor’s websites who all have their downloads/driver section in different areas.

Now you have all your drivers downloaded, you go to install them to find out that the majority of the installers only extracted the files to your disk, they didn’t install them, the installer did not tell you they were only extracting, nor did they tell you where they were extracting them to. So after searching your disk and finding the extracted files you go into the folder to figure out what needs to be done to install them, but that is a waste of time since the vendor didn’t feel the need to write a README file. Being the genius that you are, you right click on My Computer -> Hardware -> Device Manager (because that was an intuitive place to look, thats the first place I thought of going to install drivers!) and now you are prompted with a dialog with a list of “Unkown Device” with little exclamation point next them. What to do? Easy! You right click on it, go to properties -> details and look at the very intuitive and easy to read string “PCI/VEN_1002&DEV_AA08&SUBSYS_AA081545&REV_00\4&1245FE7B&0&0108″ and go to http://pciids.sf.net and search for each device so you can figure out what driver to install for it.

After you have all your device drivers installed and can utilize all your hardware, you’ll want to go to Windows Update to make sure your computer is completely secure. You run the first batch of updates and it asks you to reboot, when it comes back up it doesn’t tell you all your updates weren’t finished, but using your spidey sense, you know that couldn’t have been all! So you go back to windows update to find a whole mess of updates waiting for you, these ones will also ask you to reboot (and so will the next 3 or 4 groups of updates). Rebooting is good for your new system, gets it warmed up.

4 reboots and 230 updates later you decide you would like to edit some family photos for your Christmas postcards–no problem-Vista comes with the all powerful MS Paint, which can do everything you’d ever want to do, just check out what this guy did with it: MS Paint Skills!.

Editing family photos was fun but now you would like to add everyones birthday to your calendar and setup some re-occurring tasks to remind you to take out the trash and pay bills on time, but you’ll soon have shut off notices and piled high garbage because there is no default calendaring program in Windows! But your boss will save the day, he just called and needs your latest TPS Report so you need go to open up your spreadsheet but you find out there is no spreadsheet program either, so you hike down to your local computer shop and plop down $300 for the office suite with the added benefit of having outlook (yay a Calendar for $300!!).

Spend the next 30 minutes to install Office (yes, office takes about as long to install as your whole operating system, but office is more powerful than your OS, so its O.K), after office is installed and you update your TPS report and send it to your boss you decide you’d like to create a vlog (Video Log) and post it on youtube, but as you’ll soon find out, Movie Maker isn’t going to be the easiest thing to locate.Bill Gates can’t even find it.

Six hundred dollars and 7 hours later you have an almost usable computer, you still can’t watch DIVX or DVDs, burn Audio CD’s, Balance your checkbook, Sync your phone to your calendar and e-mail, or entertain your children with any games but minesweeper or solitaire. You don’t even have a virus scan program yet!

I probably went around the block just to get next door, but my point is that after a simple 20 minute install of any popular Linux distribution I can do all of the things I’ve listed above. They come with the majority of hardware supported out of the box, an office suite (open office, abiword, gnumeric, evolution, etc), multiple graphic tools (gimp, inkscape), easy package manager that handles updates without multiple reboots (rpm, yum, yast, zypper, apt-get, package kit), video recording program (cheese), cd burner (Brasero, Wodim), lots of fun games, and the ability to balance your checkbook with GNU Cash.

Sadly, my wifes computer has to have windows on it.  However, it has tons of open source software.  This way eventually I can ripe Windows out and replace it with something useful like Linux :).  Now that we got the disclaimer out of the way…

I was using Internet Explorer to check something and came across an interesting limitation.  Only a picture can describe this one.

 As it states at the bottom…  Don’t mind if I do

Trying to download it anyways just causes a melt down.

Yup. I just said it: Windows is a perfect platform.

Obvious counter argument: go out there and search for "windows virus scanner" and check that out: 1.38 million results on Google. 53,000 if you include the quotes.

Either I'm wrong, or Google is lying to me. That's a lot of results for a virus scanner. "Windows virus" turns up 134 million. Clearly, Windows is anything but the perfect platform. My reasons as to why it is regarded as an imperfect, shoddy, spyware-ridden platform are very clearly written in a packet I got ahold of recently, concerning a website which is used extensively at work. The website in question will be launching with a new version soon, and to inform their customers of the upcoming changes and needed alterations to your OS (read: Windows and Internet Explorer) in order for this website to work.

Quoted directly from this thirty page packet: ... "you will need to download a new control from the [XX] site, this requires that you be administrator of your machines for that 1st export only. Unless it is a big company with an IT department, you are likely administrator already."

Let's put this in linux terms. "You are required to run as root in order to get this piece of software to work. You are already running as root, so don't worry about it."
The problem with Windows isn't Windows. The problem with Windows is the absurd number of poorly written software packages, all of which require administrator rights. This is a website, not a system reconfiguration utility. "I know! And, so, I only require administrator rights the first round!" One of these days, I'm going to go find out why it requires administrator rights at all.

This packet then proceeds to outline all of the needed steps to get this new website up and running on the individual computers. This process must be repeated for every user on every computer. For me, this means driving between three buildings, located in Sandy, Salt Lake, and Bountiful. For the curious, that's a half-hour drive. The total machine count is 37. Total miles driven will be just over 50. Time spent in transit will be roughly an hour and a half, all things considered. Once I hit the first building, however, the real work begins. This packet outlines that the following changes need to be made:

1. Adjust the settings of the popup blocker to whitelist said website.
2. Ensure that the cache settings are set to check for new versions of pages automatically (and then clean the cache out).
3. Add the website to the "Trusted Sites" security zone.
4. Adjust the security settings for the "Trusted Sites" zone to allow/do the following: Enable automatic prompting of ActiveX controls, enable binary and script behaviors, download signed ActiveX controls, download unsigned ActiveX controls, initialize and script ActiveX controls not marked as safe, run ActiveX controls and plugins, script ActiveX controls marked safe for scripting, enable automatic prompting for file downloads, enable file downloads, and enable font downloads. (These are the instructions for IE6. IE7 also includes enabling Loose XAML, XAML browser applications, XPS documents, allowing previously unused ActiveX controls to run without prompting, and oddly, disabling video and animation on a webpage that does not use them.)
5. Go ahead and re-read point number four there. I even put the relevant points in bold for you, so by all means, have at it.
6. Check the computer for any of the following toolbars, and if they are found, reconfigure them all individually to also allow popups from the website in question: Google, Yahoo, AOL, MSN, "or anything besides Standard Buttons, Address Bar or Links."
7. The remaining pages are dedicated to disabling or reconfiguring any other possible popup blockers.

It should be noted that not one of those steps included instructions that told me how to download and install said unsigned, marked not safe for scripting, "I need admin rights to continue" ActiveX control.

So, come the Monday morning that this launches, I get to drive around more than I care to, tweaking more settings that need tweaked, decreasing the default system security, installing ActiveX controls as administrator.

There is nothing wrong with Windows; there is everything wrong with the average software package (and/or website, as is this case). Because of this, Windows doesn't even have a fighting chance. If a website you loaded up suddenly popped up a box stating that it wanted your root password to continue, what would you do?

Why don't you do the same thing on Windows though?

Oh, right, the software requires it.

The operating system isn't broken, just all of the third-party software is.

Microsoft Windows Vista was recently released. To be honest, I'm excited for it. It brings countless good things to the windows world, and to be blunt, XP is beginning to show it's age. (Windows 2000 is timeless though, in my opinion. Maybe I'll post my thoughts of Win2k vs WinXP vs Vista eventually, we'll see.) Let me say that one more time:

I am glad that Vista was released. It is an upgrade. It is worth purchasing. There are too many advantages, both in terms of the technical side of Vista, and user interface side of Vista, to think otherwise. Once again: Vista is good.

I run a network for small business. It's a Windows network, through and through. Pair of Win2k3 servers in two locations, a copy of MSSQL, and two point to point T1 lines linking three buildings together. It's all built on Windows Server technology, and I'll be dead honest here: I haven't found a better, easier to use, scalable server system than that of Windows Server. Let's do this in bold too: Windows Server is good. Windows Server makes me happy, and it makes all of the employees happy (even though they could care less, they just want to work.).

So what did I do the day Vista was released to the public?

Blow away my last copy of WinXP. Destroy it. That was also my last copy of anything Microsoft that I use for my own personal computing. Hear that? No more WinXP in my blood. No more XP on anything that I personally use, be it at home or at school. Bye WinXP. Vista is out, and I don't care what the critics and journalists say: Vista is worth purchasing.
So, I replaced my copy of XP with Linux.

And it feels good. So very good.

My number one complaint about Vista is two-fold: versions, and limited features/too many features. I run networks, I build networks. My primary computer has five different NICs in it, three of them are 1000mbit and two of them are 100mbit. Further, I have a PCI wifi card in there, and my router is a soekris box with a hand-rolled distro running on a CompactFlash card. I like my networks, and I like them a lot.

Know what I like MOST about networks? Networking. You know, intra-device communication. The flexibility that networking provides. File is on another computer? So what, just click click, bam, your file is in front of you, even if you're on the opposing side of the globe. Networking is fun.

Networking with Vista is not. Now, don't get me wrong: new TCP/IP stack? Re-worked IPSEC support? Hate to break it to you people, but with about seven clicks (with Vista) I can literally move three buildings from open TCP/IP to straight IPSEC communications between ALL computers, using SSL certificates. Seven clicks, and I have a network that runs IPSEC flawlessly, and effortlessly. And no, the IPSEC implementation isn't broken: it works, and it works well. I'm not trying to say that Vista has horrible networking with that earlier line. The network stack, the possibilities... I love.

What I hate is the arbitrary limitations imposed upon the different versions of Vista. For example, lower end versions of Vista cap the number of connections you can have to any specific computer at five. Let's count.. my desktop, my other desktop, my laptop, my brother's computer, the family computer, my sister's computer, and my xbox. Oops, seven. Vista Home Basic is out of the running.

Also, Remote Desktop (aka 'RDP') has been essentially removed from Vista Home editions. I can't bring up the computer's display at will anymore, I have to install VNC or something similar.
It's these little things that get at me. Want feature X? Gotta spend more money. More connections to a computer than Y? Yeah, spend more money, but note that you're capped at 10 period unless you drop several thousand on a copy of Windows Server, and oh, we don't have Vista Server out yet, it'll be another year or so.

This is the biggest reason I switched to Linux: there are no arbitrary limitations imposed. Anywhere. I can connect thousands of machines to this one, and I can type a single line to bring a window from a desktop to my laptop, in a secure fashion, from anywhere in the world.

Let me give you a scenario here, from my everyday work. At school, I use my laptop for everything. Notes, research, papers, reading, the works. All of my work is kept in a subversion repository. Because of this, I can access my up to date notes from pretty much any computer and any OS anywhere.

I get home, and turn my laptop on. It boots up, and I place it in the dock. The laptop automatically detects that it has been docked, and brings up the wired ethernet interface. As a part of this process, it also registers with my LAN DNS server as it obtains an IP, and then commits my most recent set of school notes to the subversion repository. At this point in time, I can type a line into my desktop, and update my desktop's copy of my notes with the most recent version.

Further, because it has registered with my LAN DNS server, I don't need to worry about assigning static IPs. This can be taken one step further: whenever anyone brings over their laptop, they get the same treatment (I should mention that I run an iTunes server on my desktop also. Not apple software, but linux software providing the same functions).

Because I run linux on my laptop and desktops, I can type one more line and bring up windows from my laptop on to my desktop. If I have a bookmark I want to grab, I just run firefox on my laptop and watch the window appear on my desktop.

Earlier up, I mentioned I have an xbox connected to my network, and counted it as a computer connecting to my other computers. Why? It's a modded xbox, running a copy of XBMC. XBMC uses libsmb from samba to give it networking with other windows computers, in addition to having UPnP support, and the ability to browse for iTunes shares on the network.

You know those mockups that Microsoft and Apple have every so often, where it shows the "house of the future"? Where someone walks in with a laptop and wirelessly collaborates with the people in the home? How the music is there to be listened to, the videos to be watched, and work just "gets done" because of the transparent technology powering it?

Hate to break it to you, Microsoft and Apple, but I've already got all of that and then some. It didn't cost me a dime, it works flawlessly, and I can bring as many networked devices I please into the fold without paying more to get around an arbitrary limitation. I've got an xbox that can play any assortment of video and audio at 1080i resolutions in 5.1 surround, laptops plug in (or wifi in) and mystically "just work," and then "just work" with the desktops in a beautiful unison.
I should also note that the Windows Server network I run has its bits moved around by linux routers. Sure, Windows Server powers the desktops, but the bits don't move from site A to B to C on their own, and quite frankly, I wouldn't want anything Microsoft doing that for me.

I love open networking. As a direct result of networking with open technologies, I already have the home of the future. Plus, all of my private networking is encrypted, transparently. Anything that's "open to the public" is, well, just that: open. It's a beautiful thing.

Sorry Vista, you don't fit that bill at all.

About two weeks ago, my sister was hit by an IM worm. "hey - i've got pictures of the group" from a good friend. Clickey clickey, bam, trojan'd. This happened relatively late at night, so the following evening she came down and asked me to fix it. A recap of what I found:

• Eight programs that phone home, download binaries, and run them
• Seven trojans/backdoors
• Eleven random viruses
• One spambot
  

Note the italics.

As I was cleaning the system out (before I knew of the spambot), I noticed the wireless connection was in heavy use. I didn't think too much about it, as it had several viruses on it then, but I also needed the networking in order to properly clean the system. It wasn't until I tried Trend Micro's Housecall service that I really looked into the networking problem, and noticed four packets sent for every one recieved.

Oops.

I grabbed a laptop, fired up an SSH session to my router, and then started the tcpdump. I must admit, while I hate spam, it was sending a seriously impressive volume of spam per minute. I reset tcpdump to only output data headed to :25/tcp remote, and it was connecting to a good fifty different servers per minute. Fifty different servers per minute. That's a ton of spam, and it was all going over my home cable connection.

I decided I had better fix that little problem quickly, and that meant an iptables rule. Behold the results:

pkts bytes target     prot opt in     out     source               destination>

5488  263K DROP       tcp  --  *      eth0    0.0.0.0/0            0.0.0.0/0           tcp dpt:25

5488 different connection attempts in a matter of minutes. That's a lot of spam.

What scares me is that this was just one computer on a home residential computer. If my sister was hit with this worm, that means her friend also has it. And due to the nature of the IM networks, that likely means everyone my sister knows, and everyone of them and all of their contacts, also have this spambot churning out e-mail to the public as a whole.

Did I mention that's a lot of spam?

So, internet, sorry for not selectively blocking :25/tcp outbound in the first place. Sorry for sending out more spam in minutes than I get legit e-mail in three weeks. Oh, and sorry for having family members that don't know *nix. On the flip side, I have yet to see a good MSN client for *nix that features audio and video chat too, so until you can get me (or rather, my sister) that...

I recently installed a jabber server for my small office(s). We recently expanded to three separate buildings, one in Sandy, one in Salt Lake City, and another in Bountiful. Likewise, suddenly the ability to communicate was limited by phones and e-mail, and for the large majority (80%) of the needed communication, both of those options were either overkill (one-line e-mail?) or impractical (staying on hold for 30 minutes, tieing up a phone line, to ask a single six-word question).

It's funny how little we value the ability to easily communicate until it's suddenly not so easy.

I started out trying to install ejabberd, but failed miserably. In both the Sandy and Salt Lake offices, I have a modest linux router installed, doing all routing/firewalling/networking in general. Likewise, throw in the DNS SRV records on a per-site basis, in theory I would have been able to point all clients to the same host, but end result have them all wind up connecting to their local instance of ejabberd.

For those of you who don't know, ejabberd is famous for it's ability to cluster and fail/fault-over abilities. It uses a database that is essentially distributed by default. Further, it has a very nice web interface for management, along with a shared roster (list of people on the service) built-in. Sadly, I never was able to get the distributed part of it (the reason to use it) working. I would add a user on one side, and magically, that user would never appear on the other. Huh, oh well.

I wound up reverting back to the tried and true method (for me, anyways) of getting a jabber server up and running: jabberd2. Jabberd2 is not distributed like ejabberd, but it also typically uses MySQL as the backend (granted, ejabberd can also, and I've never tried to do so either, but I also know how to make jabberd2 work, and that's what I wanted here), which I'm rather familiar with.

So, about twenty minutes after I gave up on ejabberd, I had a functional jabberd2 server, up and ready to go. (For those of you curious, I have a 1.2TB RAID5 array, on which the database server is running. Overkill, yes, but I don't want to burden the router down with a database server.) Now for the fun part: the client, the program that everyone will actually be using.

All of the clients are running Windows XP, along with two or three Windows 2000 boxes. jabber.org has an impressive list of jabber clients, for pretty much any OS under the sun. In the end, I chose Miranda IM, for several reasons:

• Final distributed file size: I wound up with a 556kb .msi installer that I built for it (more on that later).
• Runtime size: I'm pretty sure that everyone lost maybe a megabyte of RAM from running this, if that. Small, light, and fast are all words that I'd use to describe this.
• Ability to customize: at it's core, it's a small executable with a large army of plugins (DLLs), providing additional functions. Likewise, I just cut out everything except the jabber components, and hey, I have a perfect IM client for jabber and jabber only.
• mirandaboot.ini: A little-known feature of Miranda. Drop this file into the install directory, and you can change program defaults. In this case, it's set to automatically create a user profile in their own user's directory, named after their domain logon name.
• Looks for DNS SRV records and uses them (Hey, gaim, where are you? Oh, right, you're STILL LACKING THIS HORRIBLY SIMPLE FEATURE. What's so hard about a DNS lookup, really?).
• Easy to use, simplistic.

All in all, this is pretty much a perfect client for people. It's simple enough to use, effective, small, and to top it all off, free. The only thing it was missing was a .msi installer package (it is being installed on a windows domain after all), and the official stance from the Miranda devs consists of, "you have a .zip and a .exe installer, and what we provide works. If you want a .msi package, feel free to build it yourself." As a result, I did, and I used Wix to do it. Yay for open source and free Microsoft programs that get the job done, and get it done well. The posts I saw on the Miranda forums included a lot of users wanting a .msi installer, so once I polish it off, I'll post both the Wix .xml file, along with the final .msi for people to abuse. For now, I'll link to the .msi which I'm using here. This includes jabber components only, and installs without prompting to Program Files. This file is suitable for usage anywhere, as it saves all settings in places where anyone can write to, and it is multi-user sane (in the sense that user A can't see user B's settings and contacts).

Earlier, I mentioned that ejabberd has shared rosters, where basically everyone can see the same group of people. Sadly, jabberd2 lacks this feature, but makes up for it in another way: it has MySQL as it's backend. This makes is horribly easy to write a small script which clears the existing roster table, and re-populates it with everyone else who is registered with the service. This makes it pretty easy to accomplish a similar "shared roster", and it bypasses the semi-complicated process to add a user, consisting of:

• Finding the person to talk to,
• Adding the person to talk to,
• Waiting for the the person on the other end to both sign in, and click allow,
• Waiting for the person on the other end to add you themselves,
• Finally allowing that user access to talk to you.

For people who only know how to use computers as far as clicking File, Print goes, the automatic addition of new users to their lists saves time and effort all the way around. Not to mention the new person doesn't have to go and add thirty other people, and then wait for all thirty people to add and authorize the new person.

In the end, I wound up with a setup that's as close to perfect as it can get. Shared rosters, easy to use client, and a client that works perfectly and easily.

I'm rather liking this whole "run your own IM server" idea now that I'm using it on a scale larger than two users. And hey, so are all of the employees.
Links:

• miranda-0.5.1-1st.msi (.msi installer, jabber components only)
• miranda-1st.xml (Wix .xml file, used to create your own .msi, jabber components only)
• miranda.xml (Wix .xml file used to create your own .msi, all Miranda IM components)

Once again, these files do not include a GUI installer of any sort, but rather will install the program automatically without prompting. There's your warning.

It's pretty much every day that I run across a program on windows that wasn't coded correctly to function in a multi-user enviroment as a good program should. It's not every day, however, that I come across a program that is so horribly coded I decide to create a "Hall of Shame" consisting JUST of that ONE application.

I'm not talking just "bad", I'm talking HORRIBLE. There's a line, and this single application crosses that line in multiple ways at once.

I work for a small law firm, and we recieve massive PDFs of legal documents all day, in any one of a good ten different file viewers and file formats with different file extensions (although I have yet to find a single format that wasn't either a PDF or PCL doc with just that: a different extension and a differently branded viewer). I just had to help a user get their document package to print, and let me tell you, it was a doozy.
First off, I present you with DesertDocs. This is the offender's website, but the website is half the problem. More on that later.

The e-mail in question had nothing more than a document number and a link to this website. If you click on the "WebPost General Inbox" on the side, it'll bring you to a rather confusing page. The nature of the documents include personal information (likely SSIDs, names, addresses, etc.). Nothing that we would knowingly spread around, in other words. So, we picked the "Private Inbox Login" button. Username and password? Not in the e-mail. So, we go back, and pick the "Download Docs" button.

... to be presented with an EULA. Scroll down, click agree... hmm. Now it wants me to install a document viewer for this. Why I need a seperate viewer to view these docs is beyond me, but I've also grown used to it over time (refer to the previous paragraphs). So, I install it (the user in question has guest priviliges, I had to install it personally as the administrator), and try the website again.

Only to be prompted to download the viewer again.

*twitch*

At this point, the user I'm helping has to get this done now, and further, has a migraine. She also had the winning idea: call them. So, we find the toll free number, and call them up.

After explaining the problem to the person who answered, I could tell instantly that they had encountered this problem before. Their solution? "Delete your temporary internet files and cookies, that is what is preventing you from getting the docs you need."

"Okay, done, and it's still not working."

Upon hearing this news, he directed me to the application's Program Files directory, and instructed me to start the "wpcookie.exe" application. (Side note: he directed me to the directory in question by having me right-click the doc viewer shortcut, hit properties, and then 'Find Target'. This is actually ingenious, and probably the only correct thing that I got out of the entire call.) I ran it and it seemingly did nothing. He then told me to open the website up and try again. Tada, it worked.

"So, what did that just do?"

"Place a cookie in Internet Explorer."

Problem one: when enough users call in and whine that it doesn't work, causing you to package a seperate program just to set a cookie on the computer, you have issues.

As pissed off as I was then at how horribly broken their program was, I continued on with the guy, because plain and simple, we needed it to work. I was able to then get to the link to download the documents. I click the link, and naturally, it opens in a popup (which is blocked).

Problem two: when your tech support takes it in stride to tell you to allow the popup that was just blocked, take a clue yourself, 'developers': stop using popup windows.

"Hey! That's what I need!" the user exclaims. "Good," I'm thinking to myself, "I'm almost done." (Hint: I wasn't.)

I was then told to click on 'Print', 'All', and then 'Okay', and I would then be asked a printer to print the docs on. Sure enough, I was, only instead of printing, a 500kb file downloaded, and the viewer program that I had downloaded launched. Only to error out in a horrible way: "Permission denied." I then read the error message.

Problem three: the %TEMP% dir exists for a reason. Quit thinking you can write to Program Files\Your Stupid App\temp, because you can't. Copying the downloaded file from the Temporary Internet Files directory to a temporary directory in Program Files is just plain stupid. Use the %TEMP% dir, that's what it exists for. By doing this, not only are you assuming that the user is running on Windows 95/98, or that they have Administrator rights (which they don't, not on my grounds!), but you're adding multiple security holes into your application and breaking all forms of file system quotas automatically. Oops.

At this point in time, I was laughing to myself, and just blindly following the guy's instructions. Two more attempts were made to fix this. One of these included copying the file from the Temporary Internet Files directory to somewhere else, and then opening the utility to click File --> Open ("Double clicking on the file will not work."). I forget the other.

At this point in time, he said something that was honestly quite amazing: "Huh. Well that's weird."

Someone has never used a windows computer as a guest, have they?

At this point in time, I just told the guy to hang on while I tried something of my own. That something involved giving the user permission to write to the application's own temporary directory. Guess what? It worked.

Guess what else? That little 500kb file? Was an archive. In the archive, was a .pdf and a .html.

Problem four: quit re-inventing the wheel with applications that don't work. I just spent the last 15 minutes on the phone with you trying to fix this, only to find out that you just as likely could have given me a link to the .pdf (the .html wasn't really needed in this case), or, thought of all thoughts, a link to a .zip.

Luckily, this can easily be rectified.

1. Stop pretending that the user WILL had Administrator rights.
2. Stop breaking file system quotas by thinking you're better off using your own personal %TEMP% dir.
3. Stop making up your own file types, and
4. Start using existing ones (no, your way is NOT better in ANY fashion).
5. You could make me eternally grateful by firing your programmers and just giving me a link to the .pdf on the website. Really.

For the past week I have been pretty silent, no posts at all. That's because I have been embarked on a very ambitious goal: To redesign a lab to support Windows, Mac, Linux, CCNA, etc., but use only one set of hardware. Because of the requirements, there is only one computer system that we could use: the Mac. But in order to use it properly, we would need to have it tri-boot Windows, Mac, and Linux.

This process was very time consuming, taking a week to work out the problems. Finally, at 1:00 PM Mountain Time today, I can claim success. Here is the situation, the problems I ran into, and the final solution.

The Problem
I wanted to set up a lab that can use Windows, Linux, and Macintosh all on one machine (ideally on a MacBook Pro for portability). This also includes having an easy navigation system between the operating systems without holding a key down.

The Solution
Because the Mac can run these operating systems, it should just be a matter of installing each operating system on a partition, and go! Right?

What Went Wrong
I started with partitioning the system with Disk Utility. It was easy, having Mac, then Windows, then Linux. That was my first mistake, but I wouldn't figure it out until after the first day. I formatted each partition accordingly, and began the Mac install. It installed without a problem, and I was ready to start the next step.

Next, I installed Windows XP. The install went very cleanly, and installed on the second partition without a problem. I could even boot off the partition when holding down the Option key, and selecting the Windows partition. This seemed to be running a lot smoother than I thought it would be. Linux couldn't be that big of a problem, could it?

Next I tried Linux. Ultimately I wanted to install Fedora for a linux lab, but I started with Ubuntu. This was mainly to test the actual install version. You see, the Mac has a 64 bit processor, but I didn't know if the 64 bit processor install would work. So I burned two versions of Ubuntu (because CD's are cheaper than DVD's), and found out that the 64 bit version worked much better than the traditional i386 version. That was good, because now I knew which version of Fedora to burn.

So, I started burning Fedora Core 6. Then, in the middle of the DVD burn, I found out that Fedora 7 was released, and it wasn't part of the Core releases. After a few choice words, I downloaded and burned Fedora 7 for the 64 bit architecture. By now, I was getting a little anxious, but still excited about this process.

I then started the install. It worked like a charm, and continued the installation without a hitch. Until I tried to reboot: It killed the Linux partition. I couldn't see it at all, even with the Option key. Well, thinking that it was just a problem with the Mac EFI bootloader, I followed some recommendations of a colleague and installed rEFIt.

REFIt is a tool that makes navigating between bootable devices on a Mac very easy. It detects all bootable images, and let's you select them. This includes CDs, DVDs, and even Firewire drives. The problem is, it didn't see the Linux partition either.

So, I started the process again, this time paying attention to the volumes that I could install it on. This was day 2, and I was getting a little anxious. The process seemed to run just fine, but now Windows wouldn't install, at all. So, I started cursing Windows as usual, and started working hard to get the blasted thing to install.

After a few good hours, I realized that the problem was with the partition order. It seems that Windows needs to be the last partition on the drive when you have multiple bootable partitions. So, I set it up that way. Windows finally installed, and I could boot off of it again.

Now, LInux wouldn't work. By day 3, I was cursing and really frustrated. Why wouldn't Fedora work? I didn't know, and my patience was wearing thin. I finally decided that Ubuntu looked good on the Live CD, I might as well give it a try. Besides, I know several people that have gotten it to install without a problem.

Installing Ubuntu
THis took a couple of installs, but I finally got it to work by the end of the 4th day. Now, I had all three installed, and both Ubuntu and Mac ran just fine. Everything couldn't be better! Except for the fact that Grub wouldn't let me get to the Windows partition. Argh!

Well, because it was a long week already, I left the problem until this morning. When I came in, I reinstalled Windows (to have a nice clean install), and then I went back to the boards.

Ubuntu Boards
One thing I don't like about bulletin boards is the difficulty to find exactly what I was looking for. No one had instructions on installing Fiesty (Ubuntu 7.04) in a tri-boot setup, though several people were referred to installing Dapper (6.06). So, I looked at the Dapper install information, and found a section that I think might help me: backing up and restoring the Master Boot Record. I thought I would give it a try.

At first, it didn't work. So I went back to the boards, and found a completely different section about losing the Linux bootable drive in rEFIt. There, they recommended installing the boot loader for Linux on the 3rd partition, or HD0,2. My heart was beating fast, could this be the answer?

I tried it. Before I started the install, I set the location of the boot loader to (hd0,2). While it finished the installation process, I also replaced the MBR with the backed up copy. I rebooted, and it worked! I was finally able to select the boot location for Mac, Windows, or Ubuntu, and have the system boot that OS without going to Grub. The final process is here:

Install Process for Tri-boot MacBook Pro
1. Make 3 partitions (use Disk Utility)
- Mac OS X (EFI with Mac OS X Extended, Journaled partition).
- Linux partition - Unix partition type (will be reformatted by Ubuntu)
- Windows Partition - FAT32 (reformatted as NTFS later)
*NOTE: a fourth partition is created for the EFI partition, this shows up as the first partition while installing your other operating systems.

2. Install Mac

3. Install eRFIt

4. Install Windows XP SP2
- Format drive as NTFS
- Make sure it is the last partition (in this case, 4th).
- When you reboot, be sure to select the Windows drive, instead of the CD.
- Once done, install the Boot Camp drivers.

5. Install Ubuntu
- Boot off of the Live CD
- Opt to use a manual partition scheme. Select the 3rd partition, set to format it and have it mount at root.
- Before you continue, back up your MBR.
- alt-F2 will open a command line then type: dd if=dev/sda of=/tmp/sda.mbr bs=512 count=1
- Continue with the install process, Until step 7.
- Here, click on the "Advanced" button, and enter (hd0,2) for the boot loader install. This will install the boot loader only in the Linux partition.
- Start the install.
- When finished, restore the backed up MBR with this command: dd if=/tmp/sda.mbr of=/dev/sda

That process will let you tri-boot your Mac. My references for each new information can be found below:

Partition order
Dapper install with info on MBR backup
Final information on the Grub issue from which I found out how to reference the Linux partition for the boot loader install.

I hope this will be helpful to many of you looking to utilize all these operating systems on the same machine, if only one at a time. ^_^