Just Blogging Archives

August 27, 2003

Changing Software

Yes, it has happened: I've finally thrown away the self-brewn perl code which used to power this weblog for over a year, and have changed over to movable type. Old links and permalinks should continue to work; if anything stops working, please let me know.

August 28, 2003

Computerworld: SCO's shell game?

Computerworld has a theory that attempts to explain SCO's threats against anything Linux: Driving up the stock price.

RSS feed change

The change of software also brings some change with respect to the feeds provided by this site: There's an RSS 0.91 feed, an RSS 1.0 feed, and a dedicated ICANN items RSS 1.0 feed. Please update your subscriptions accordingly.

August 29, 2003

DoJ announces Blaster Press Conference.

The United States Attorney's Office for the Western District of Washington has announced a press conference regarding Blaster for 1:30 p.m. PST.

German Federal Court on "Kinder" trademark case. (updated)

Reports AFP (through Yahoo): Ferrero (known in domain name circles for the case and known to the general public for Kinderschokolade and chocolate surprise eggs) attempted to keep competitor Haribo from using the word "Kinder" (children) in the product designation "Kinder Kram" (kids' stuff) for sweeties, and failed in Germany's highest civil court. The court decision is not yet available online.

Continue reading "German Federal Court on "Kinder" trademark case. (updated)" »

Competition good. Monopoly bad.

Luxembourg is a good example when it comes to the consequences of an Internet market that isn't sufficiently competitive.

Suppose you want to set up a small business, with a .lu domain name, a little web site and some e-mail addresses. You can purchase an "all-inclusive" Internet access and hosting package for small businesses with the leading (almost monopoly) provider, the national P&T. The domain name is registered directly with dns-lu, though, by faxing or snail-mailing a form to them. (Change requests are to be submitted in writing as well.)

Fortunately, dns-lu is relatively quick when compared to P&T. After you have set up your web hosting and initial set of e-mail addresses (by, again, faxing a form), customer service degrades: You can call an always-busy hotline. You can send e-mail which is ignored. To successfully get an additional e-mail address, though, you have to resort to fax and postal mail again. They may even react to that -- after four months.

It's nonsense day.

Ross Rader seems to be bored and points to a Wired article that explores the background of time-travelling spam. Also via Wired: A watch powered by snake oil that allegedly protects against "electronic pollution", by creating a frequency that neutralizes the electromagnetic fields emanating from devices like cell phones, computers, and radios. As an appropriate countermeasure, I'd recommend the hi-fi garden chair.

In other breaking news (from the BBC), UK police from Blackpool is helping Greek police on Rhodes deal with British tourists. Says one of the officers: I must stress that Blackpool should not be directly compared to Faliraki, although there are obviously some common issues such as people drinking excessively and engaging in criminal behaviour.

Funny (but not outright mad) is the shock and awe expressed in this Associated Press item about RIAA's investigation techniques. Writes AP: The RIAA's latest court papers describe in unprecedented detail some sophisticated forensic techniques used by its investigators. For example, the industry disclosed its use of a library of digital fingerprints, called "hashes," that it said can uniquely identify MP3 music files that had been traded on the Napster service as far back as May 2000. The FBI and other computer investigators commonly examine hashes in hacker cases. Now, that must mean that the RIAA is technically more advanced than file sharers...

Oh well. Time for the week-end.

Nonsense: It's getting worse.

Reuters: Clinton narrates Wolf-Friendly Peter and the Wolf. (And Gorbachev provides introduction and epilogue.)

How not to use a public resource.

Through Dave Farber's IP List: Flawed Routers Flood University of Wisconsin Internet Time Server. Netgear had deployed DSL routers that sent requests to a hard-coded time server at a high rate, causing operational problems to the University. The article details how the University of Wisconsin has been dealing with this, how they plan to proceed, and what kinds of lessons to learn from this.

August 31, 2003

Virus writing as a hate crime.

SatireWire , via GrepLaw: 41 U.S. states and six European countries today announced that the act of creating an attachment-based computer virus will now be considered a hate crime because it intentionally targets stupid people. Objections are allegedly coming from the ACLU, though: "Hate crime statutes are specifically designed to protect minority groups," said ACLU President Nadine Strossen. "I'm not sure the number of stupid computer users meets that criterion."

September 1, 2003

Hulk failed because of movie pirates?

The Hulk wasn't as successful as anticipated due to illegal copies of an early version that made it to the Internet -- at least that's what a report on German TV tonight wanted to make viewers believe, in the context of some IP-perspective reporting about our localized version of the DMCA. I don't buy that propaganda, though: The cinema trailer I saw earlier this year was certainly enough to keep me from watching that film.

Worldwide Press Freedom Index Published.

Via Dave Farber's IP list: Reporters sans frontières has published a worldwide press freedom index that attempts to assess the actual freedom of the press throughout the globe. Surprisingly, the US is only on place 17 -- behind much of the EU, Canada, and even Costa Rica.

EU/US passenger data transfer talks deadlocked.

Via European commissioner with responsibility for data protection Frits Bolkestein will tell colleagues that the EU has failed to obtain key safeguards on information European air carriers are compelled to give to the US authorities.

September 2, 2003

Wiretapping-related documents leaked.

A large collection of documents related to communications interception (and its implementation), air line passenger data transfer, and related topics has made it to the web.

Ian Clarke (Freenet) to leave US.

Ian Clarke -- founder of the Freenet project -- is planning to leave the US. GrepLaw serial interviewer Mikael Pawlo has talked to him.

(void *)

(void *) (it's pronounced "elsewhere") is where I'm going to post those short little links without much of a comment. The main purpose of that blog is to make an RSS feed available which can be syndicated into the side bar of this one.


Writes Dave Wiener: After the recent email meltdown, I didn't send today's DaveNet out via email. He might have given up on e-mail -- but why force others who are able to cope with its problems to give up on it, too? RSS might be a good additional offer for making content available. But for many things, it can't replace e-mail.

September 3, 2003

Today's most popular story: "Can't access MSN"

A brief remark I wrote two years ago -- I can't access any more; MSN displayed a stupid IE advertising page for users of Mozilla and similar browsers back then -- is gaining unexpected popularity thanks to Google. I can't access MSN seems to be a common query there today -- kind of comical, given MSN's ambitions to compete with Google.

(Maybe these people are looking for this information.)

Howto: Create daily "CVS repository changes" messages.

Here are the scripts that I use to send out daily "CVS repository changes" messages to the mutt-dev mailing list. Terse documentation inside.

September 8, 2003

Despamming the mutt bug tracking system.

Here are the tools I used to de-spam mutt's bug-tracking system over the week-end. The underlying software is debbugs, the Debian Bug Tracking System.

Don't create?

dont-write.png Is it just me, or does the Copyright Office's favicon (the small version, in red) look amazingly like a "don't write" sign?

September 12, 2003

Sobig.F is no more.

Sobig.F has recently deactivated itself. The impact on e-mail bandwidth is amazing -- green for spam + virus bandwidth, blue for legitimate e-mail bandwidth.

DMCA day in Germany.

Germany's new copyright law has been published in the official journal today, and becomes applicable tomorrow.

September 13, 2003

Updated debbugs tools available.

Here's an updated version of my debbugs tools. is now able to interactively spamassassinate bug logs; also, there is a script named that will adjust log files' modification times according to the date of the last message received with respect to a specific bug report. (This is important to prevent done bugs from staying in the system forever just because of spam.)

September 25, 2003

A Bad Time for the Net?

Seems like we're living in bad times for the open, end-to-end Internet.

First, Verisign believes it is a smart idea to move error handling away from the network's edges towards its center, and to limit it to a single application-level protocol. Now David Isenberg and Cory Doctorow point to a company named CloudShield. This company believes that the notion that the network should remain "dumb" and simply perform transport is outdated, and develops the tools to make that notion enforceable.

September 29, 2003

More End-to-End Pessimism.

Escapable Logic has a piece named "Publicize the Internet" that looks at the Internet as an important tool for democracy, and hopes that a president named Dean might help rescue it from losing its end-to-end character even further.

Elliot Noss is more optimistic and suggests that it's all, in fact, quite easy: Just make sure that you get most of your services from "competitive service providers," i.e., from those who innovate and offer services at the net's edges -- and have a natural incentive to defend the net's end-to-end character, as it enables their business models.

October 8, 2003

It's all just a bad movie.

This AFP story (in German) reassures readers that Gov. Schwarzenegger at least won't be able to become POTUS, under the current US constitution.

The story's category at Yahoo: Cinema News.

November 3, 2003

Nigeria taking over Deutsche Bank?

You know your economy is in bad regard when standard Nigeria-style spam claims it comes from an auditor with Deutsche Bank.

November 17, 2003

"This is just a notice, it is not a virus!"

This must be the most stupid outgoing anti-virus filter software feature I have seen so far: Instead of a virus, the "intended" recipient gets a notification that someone tried to send a virus to them, but that this virus was caught by a filtering service. Basically, this replaces outgoing viruses by outgoing spam.

A close second (and long-time favorite) is e-mail scanning software that adds "certified virus-free" notices to outgoing messages. These notices are, of course, about as trustworthy as the words "I love you" in an e-mail's subject line.

November 19, 2003

Fedora Core Notes.

I've been playing around quite a bit with Fedora Core recently, the successor to the non-enterprise versions of RedHat Linux -- RedHat 9.1, if you want.

Continue reading "Fedora Core Notes." »

November 21, 2003

Memo to self: GPRS with T-Mobile, Germany.

Phone: *99***1#
Username: any
Password: t-d1

December 3, 2003

Movie industry to customers: Ash Nazg.

The Lord of the RingsGermany's movie industry has started an awareness campaign about our localized version of the DMCA; the message is that movie "pirates" are criminals. The campaign's strategy is to insinuate that casual, non-commercial users of file sharing networks may face the maximum penalties available for commercial movie pirates.

Out of the three main motives of the campaign, one is tellingly similar to the EFF's Let the Music Play campaign (and, ultimately, backfires); one is obscene, alluding to music pirates possibly being raped by fellow prison inmates (and, ultimately, backfires); and one puts the Lord of the Rings into a wholly new perspective (and, ultimately, backfires too).

One Ring Law to rule them all, One Ring Law to find them,
One Ring Law to bring them all and in the darkness bind them.

December 4, 2003

Cultural Commons in the Wild: Books Outdoor.

A recent project by a local foundation has installed a simple, yet amazing form of cultural commons in Bonn: A public bookshelf, in a public place. Anyone is free to take any book from the shelf; the organizers ask that books either be returned when read, or replaced by a different book.

It will be interesting to observe whether this project succeeds in creating a place for freely exchanging books (and, also, ideas), or whether it becomes a victim of either vandalism or egoism.

December 15, 2003

Lessig on WSIS and Europe

Writes Lawrence Lessig: The Europeans have traditionally been committed to deploying the internet in the least convenient and most expensive way possible.

Sounds like a description of the official WiFi available at the latest CeBIT in Hannover. Expensive, over-organized, and unusable.

(Then again, the GPRS service I'm using when on the road, domestically, is reasonably affordable, easy to use, and stable.)

Luxembourg Wall Calendar, anyone?

So I was searching the net for a 2004 wall calendar featuring the old quarters and fortifications of Luxembourg city (UNESCO world heritage list entry here).

Unfortunately, that doesn't seem to be the mainstream taste in wall calendars, which appears to consist in Terriers, swimsuits, cats, more Terriers, even more Terriers, still more Terriers, yet more Terriers, and occasionally Spaniels, Pomeranians, other kinds of Terriers, Dachshunds, more swimsuits -- and FDNY Firefighters.

Any help in finding a non-swimsuit, non-firefighter, and non-cute-animal calendar featuring old Luxembourg would be welcome.

December 21, 2003

Hemingway, virally licensed.

oldmansea.jpgFrom the Arrow Books edition of Hemingway's The Old Man and the Sea:

This book is sold subject to the condition that it shall not, by way of trade or otherwise, be lent, resold, hired out, or otherwise circulated without the publisher's prior consent in any form of binding or cover other than that in which it is published and without a similar condition including this condition being imposed on the subsequent purchaser.

December 31, 2003

Happy New Year!

sekt.png(Almost) from IP: I wish you a fiscally successful, personally fulfilling, and medically uncomplicated recognition of the onset of the generally accepted calendar year 2004, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make Europe great (not to imply that Europe is necessarily greater than any other continent or economic entity), and without regard to the race, creed, color, age, physical ability, religious faith, or sexual preference of the wishes.

January 5, 2004

Sender Permitted From.

SMTP SPF: Senders Permitted From is a spam-avoiding proposal that looks like it might be adopted widely; it gives senders of e-mail a way to describe through DNS records what their messages look like and where they come from. E-Mails that don't match the description can then be discarded.

The proposal is likely to be adopted widely because it creates interesting incentives: If significant e-mail receivers apply SPF checks where available (and don't require senders to use SPF), and require existing sender domain names, this creates incentives for spammers to abuse non-SPF-enabled domain names. This will be painful for the holders and users of these domains, who in turn have strong incentives to publish SPF records. The same incentives apply for SPF records that are so loose that they are ineffective, or almost ineffective.

Later: Steve Bellovin (on IP) has a number of problems with the scheme.

January 11, 2004

A photo blog.

So I finally couldn't resist: Keine Photos bitte ("no photos please") is where I'm posting the occasional picture. The text that comes with the photos will be in German.

January 16, 2004

Please remove these games.

At work, I share my office with our systems administrator. Enters a colleague, puts on her sweetest "I neeed computer support" smile. "Hi, you've got this 'my computer does something I don't want it to do' expression in your face." -- "Errm, well, couldn't you remove the games from my computer? They are, well, preventing me from getting my work done. I mean, it would be nice if you could remove them, but it's not that urgent. Oh, by the way, the games that come with Fedora are not as good as the ones with the previous Redhat."

February 5, 2004

Why people share music instead of buying it.

As Kris Köhntopp points out over and over again, file sharing can give consumers a level of comfort and value that money, unfortunately, can't buy these days.

A friend points me to a great recording of Brahms' German Requiem (Leinsdorf with the Boston Symphony). I want to buy that recording as a christmas gift for my father -- it's not available on this side of the Atlantic, I'm told.

I order the sound track for Chicago (dozed through the movie on a trans-Atlantc flight some time ago, still want to get the sound track) from Amazon -- it's three weeks and counting now, and I was just told that it may take some more weeks.

Add to this Kris' observation that CDs often come with copy protection mechanisms these days which aren't effective against determined attackers, but can break players; that digital music is either unavailable legally, or DRMed to the extent that it's not portable across player platforms (and technology generations); add to this that MP3s are not so encumbered.

Then, why on earth, should people pay money to be allowed to wait a month for a product that may quite well be inferior to what's available almost freely and almost immediately, can be used across platforms, and is available in formats that are suitable for long-time archival?

February 13, 2004

Flight 223: Flawed logic alert?

The Washington Post reports that Sunday's British Airways flight 223 from London to Dulles has been canceled again; the Department for Homeland Security says that cancellations for security reasons are going to be routine activities.

The article has two quotes, though, that sound like BA believes their flights are being cancelled because of false positives: (1) The airline was able to accommodate all of the 184 passengers scheduled for Sunday's flight to Washington on its two other daily flights from London to Dulles or at later dates. (2) British Airways officials, concerned that the focus on the flight has something to do with its number, are discussing whether to change the number or slightly alter the departure time, an aviation source said.

Assume there's really a terrorist that wants to board that flight. Then that terrorist isn't a danger on one of the other flights the same day? And that terrorist isn't a danger when the flight is given a different number, or the departure time is slightly altered?

March 15, 2004

What Laptop should I buy?

I've started looking for a new laptop -- that trusty old Dell is asking ever louder questions about retirement benefits and less travel.

There are three key criteria: The machine must be robust. It must have a good and extremely robust keyboard, since I'm typing much and fast. And Linux must run on it. By "Linux must run on it", I don't just mean "Linux boots", but rather "can be used as a daily Linux workhorse." That includes well-working networking and Wi-Fi equipment (though continued use of the good old PCMCIA cards I use with the Dell is an option), and that also includes that the graphics adapter must be supported by X11 -- including that external VGA plug I need to plug in a beamer now and then! (Bad past experience with the Dell.) I don't care much about Megahertz numbers and the like -- in terms of processing power, about anything that's availabe now would do.

I don't think a new Dell is an option -- I've made some bad experiences in terms of hardware robustness (including a mouse button breaking off just because it's being used), and the keyboard is so worn off it's torturing me daily (after two years of not being used by the original owner, and one and a half years of heavy use under my hands). Right now, an IBM Thinkpad looks tempting; maybe one of the R40 or R50 devices.

Thoughts, experiences, recommendations?

March 21, 2004

Running Linux on a Thinkpad R40

So the new Laptop is an IBM Thinkpad R40, and I'm pleasantly surprised how smoothly Fedora Core 1 works with this machine. While some stumbling blocks remain in getting Linux to run smoothly, solutions for most are readily available -- and the rest just works.

Some lessons: In order to actually use the entire mouse assembly (touchpad with two mouse buttons, trackpoint with three (!) mouse buttons), it's best to use a patched version of GPM in repeater mode. For the internal modem, the only thing that works so far is a recent SmartLink driver. Note that the Agere drivers recommended by IBM don't seem to work. The final and surprising problem was getting the laptop's infrared to work: An old-style IRQ collision between te IRDA chipset and a PCMCIA card was the problem; to solve this, I just made sure that PCMCIA isn't started before IRDA.

The one thing that isn't working, yet, is the built-in Centrino Wi-Fi. But there is hope.

March 22, 2004

Centrino under Linux, part II

Turns out that Linux on the R40 isn't entirely without problems: I finally got bitten by some pretty bad interactions between USB, suspend/resume, and my PCMCIA WLAN card (from SMC, with an Atmel chipset; there's an open-source Linux driver for this card). It helps greatly to use the built-in Wi-Fi instead. And, yes, that's indeed possible if you are willing to use a Windows XP driver under Linux. Just install ndiswrapper, and the driver you got with Windows XP. And it just works.

(Additionally it's a good idea to disable USB before suspending the machine. /etc/sysconfig/apm-scripts/apmcontinue-pre here. That way, one can upload Photos without rebooting...)

Later: Turns out that ndiswrapper is sticky the ugly way -- removing the module leads to various kinds of crashes. And the Intel driver isn't mature enough, either... Bad luck with wireless for the moment.

March 24, 2004

R40: X freezing after suspend/resume?

The R40 is still a pleasure to use, with one exception: Seems that the freezes I have observed before (and blamed on shaky wireless drivers) are related to the X server -- or at least, that's my culprit of the day. Freezes usually occur some time after a suspend/resume cycle, and I changed the pattern somewhat by removing gpm from the system and installing a new touchpad driver directly into X: Now, applications will be unresponsive, and the keyboard won't react (no switching to a different console, but it's still possible to turn on the keyboard light with Fn-F12); the mouse pointer can still be moved.

On the positive side, the new synaptics driver is extremely nice -- moving the finger along the right side of the touchpad, for instance, can be used for scrolling inside windows.

I'm also playing around more with wireless drivers for the Centrino. There's progress in fixing the ndiswrapper rmmod issue; also, the Intel driver works amazingly well -- when I grumbled about it the other day, I had just experienced another frozen X server, and that pattern has now turned out to be independent of the wireless driver.

March 25, 2004

Centrino, the neverending story.

The random freezes after suspend/resume are still there, but Wi-Fi is getting better: The ndiswrapper problems have been fixed in the latest code revision of that module, so the Windows driver has become quite usable. (Although you can't use it for any kind of serious wardriving activity.)

April 26, 2004

Classical ear-openers.

Susan Crawford has -- in late February -- blogged what must have been an ear-opener concerto: Slatkin conducted Mahler's retouche of Beethoven's 9th, and before that gave a lecture explaining the various versions of the symphony. I have now finally got hold of a recording of this particular variant of the 9th: Gerhard Samuel conducting the Cincinnati Philharmonia Orchestra; the recording is available from Centaur Records.

It's quite an interesting recording that demands more time and concentration -- in particular since my mental image of the 9th is dominated by a 1963 Karajan recording of the symphony. But, as usual, the more versions of the music one has listened to, the more interesting it becomes to listen to any and all of them.

Speaking of ear-opening interpretations, here are some more (almost random) recommendations: The excellent Rubinstein-Reiner interpretation of Brahms' first piano concerto (available on CD); Edwin Fischer's dark cadenzas in Mozart's D minor piano concerto K 466 (I have not been able to track down a CD version of the HMV record with the Philharmonia orchestra that I have in mind); Furtwängler's version of Schumann's 4th with the Berlin Philharmonics (in particular the extremely slow beginning of the final movement is fascinating; this recording may be available on CD).

April 28, 2004

A CD player that can't play "copy-protected" CDs is not defective.

Kristian Köhntopp points to an interesting decision of a court in Aachen, Germany.

Plaintiff has bought a new car, including CD player, in 2002. The car's CD player is unable to play copy-protected CDs. Plaintiff sues for abatement of purchase price, claiming that the CD player is defective, and for damages, claiming that he should have been notified about the player's inability to play copy-protected CDs.

The court finds that the CD player is not defective.

Buyers of a new CD player can assume that a CD player is able to play Compact Discs that comply with the Philipps and Sony specifications. Buyers can't assume that a CD player is able to play "any medium that resembles a Compact Disc." The court doubts that copy-protected CDs can even be legitimately called "CD".

A different conclusion could be possible if the actual market for CDs consisted mostly of non-standard media. This is not the case: Less than 10% of all CDs sold in Germany between 2001 and 2003 were copy protected.

Plaintiff also doesn't get damages for lack of notice: Given the small portion of non-compliant CDs in the marketplace, playing copy-protected CDs can't be considered the usual purpose of a CD player. Hence, vendors are not held to notify buyers that their compliant devices are unable to play certain (or all) non-compliant CD media.

May 3, 2004

Buxtehude: Book Booth.

I had earlier blogged the Bonn Books Outdoor project. The public bookshelf is alive and well, after some mechanical problems with the doors were fixed.

In Buxtehude, there's a similar, but slightly different project (photo here): Instead of setting up a dedicated bookshelf, they are reusing abandoned phone booths, with bookshelves installed inside.

May 24, 2004

Fedora Core 2

So I couldn't resist, and upgraded my laptop to Fedora Core 2 -- welcome to the better world of Linux 2.6, or so. (This is all on a Thinkpad R40, no dual-boot.)

First of all, ACPI seems to work -- until you attempt to suspend the laptop, which just doesn't work (or, when done through the /proc interface, requires removal of the battery to restart the computer).

So add "acpi=off" to the kernel's command line, and reboot. APM works better than with FC1 in some areas -- X11 doesn't seem to crash the entire machine any more after suspend/resume! -- and worse in others -- IRDA doesn't work after suspend/resume; I'm now trying to fix this by moving the serial driver to a separate module. As usual, USB drivers need to be removed from the kernel before putting the laptop to sleep.

Overall, Fedora Core 2 by no means feels like a revolutionary improvement -- some of the changes I had to make to FC1 to make it work smoothly are in this version; some other changes are needed.

Later: The machine has crashed once, with symptoms that were quite similar to the X11 afterresume crash. So back to 16bpp for now. IrDA works nicely once the serial driver is moved out of the way.

JPilot and character sets.

Memo to self: jpilot is not particularly smart about recognizing character sets when running on modern Linux systems, such as Fedora. This note points to the configuration option that's needed.

June 14, 2004

FC2 on Thinkpad: New kernel, less problems.

There's a new kernel for Fedora Core 2, and it seems to take care of the IRDA problems I had previously.

No more kernel re-building to move the serial driver into a module: Just make sure you do

setserial /dev/ttyS1 uart none
before attempting to load the FIR driver, and everything should work fine.

With the new kernel, the only remaining driver that needs to be taken care of separately is the one for the built-in Centrino Wi-Fi.

June 28, 2004

Read this.

Read these blogs: Michael Froomkins'; Goldstein Howe's SCOTUS blog (this item in particular).

... and this dissent: Stevens in Rumsfeld v. Padilla.

Executive detention of subversive citizens, like detention of enemy soldiers to keep them off the battlefield, may sometimes be justified to prevent persons from launching or becoming missiles of destruction. It may not, however, be justified by the naked interest in using unlawful procedures to extract information. Incommunicado detention for months on end is such a procedure. Whether the information so procured is more or less reliable than that acquired by more extreme forms of torture is of no conse-quence. For if this Nation is to remain true to the ideals symbolized by its flag, it must not wield the tools of tyrants even to resist an assault by the forces of tyranny.

June 30, 2004

Gmail invite, anyone?

I'm told that current Gmail users occasionally have an opportunity to send out invites to others. Lacking an invite so far, I haven't tried Gmail, yet, and would be interested in having a look at it.

(Although, of course, I won't quit using mutt. ;-)

Later: Whow, that was fast. Thanks! (You know who you are.)

August 4, 2004

Security Theater at the Constitution

USS ConstitutionWhile in Boston two weeks ago, I walked along the "Freedom Trail" and also visited the USS Constitution -- a strange superposition of a commissioned warship, a national park, and a well-guarded national symbol. While Freedom Trail's red trace runs straight to the ship, visitors have to pass by blocks of concrete, an armed soldier standing by a camouflage colored Hummer, and finally through security screening: Empty all pockets, remove the belts, and have some Navy soldiers hand-search all bags -- while here is a metal detector gate in place, no x-ray device is available.

These hand-searches are, on the one hand, intimidating, and ineffective on the other hand: The soldier who searched my laptop bag (used for tourist equipment that day), for instance, would play around with my mobile phone -- apparently, he hadn't seen a Siemens SL55 before --, but would both miss the front compartment of the bag, and the Palm in the main compartment, which -- in a consistent security control -- should have warranted the same kind of inspection as the mobile phone.

Ultimately, one has to wonder what the actual point of this kind of control is, and what kind of attack model is behind it. Terrorists hijacking the Constitution and using it to attack the Fleet Center?

Looks a lot like security theater to me.

September 1, 2004

The Perfect Laptop/Gadget Bag?

I've been lugging my laptops and assorted gadgets around half the globe in a variety of bags -- from too heavy backpacks and Dell bags (providing good protection, but almost heavier than the laptop itself) to flimsy conference give-away bags, nothing seemed right.

The ideal laptop bag to me must be within the limits for cabin luggage, spacious inside, lightweight, robust, and provide some reasonable protection to the electronics stored in it. Where do I get it?

September 8, 2004

If your aggregator lacks iso-8859-15.enc....

..., then this bug report was made for you.

(I finally fixed some standards compliance issues with this blog. This exercise included correctly tagging all content here as iso-8859-15 -- after all, I'm occasionally writing ¤ signs. As a result, mt-rssfeed stopped being able to read my own RSS feeds. Generating iso-8859-15.enc according to the instructions above and copying it to the appropriate place on the system fixed that problem.)

September 15, 2004

MIME security, and security "specialists"

NISCC Vulnerability Advisory 380375 talks about vulnerabilities caused by ambiguous MIME messages -- basically, a single e-mail body part may claim to be of two different types, or encoded according to two different mechanisms, at the same time. Implementations then just pick one interpretation, and, of course, they differ in which one they pick. Thus, a virus scanning e-mail gateway may see a message that's never displayed to the user, and the user may see one that was never inspected. Likewise, a message may be signed with PGP/MIME or S/MIME, but may still look quite differently to users relying on different implementations.

Corsaire is trumpeting this as an example for their "specialist approach" (press release); in the context of digital signatures, however, you may also have read about it here (November 2001).

(And that was just an obvious application of this January 1998 paper by Ptacek and Newsham to e-mail.)

September 19, 2004

Dear customer, please go away!

Here's how one Internet dial-in provider here in Luxembourg greets its customers' modems:

Access to this device or the attached networks is prohibited without express written permission. Violators will be prosecuted to the fullest extent of both civil and criminal law. We don't like you. Go away. Visual Online S.A.

What an interesting attitude in customer relations.

September 23, 2004

How to avoid bogus bounces.

In January, I mentioned that bounce messages that were not generated in response to messages I sent are discarded automatically.

The technique for doing this goes as follows: My mutt installation is configured to use envelope sender addresses (MAIL FROM, that is) different from my normal e-mail address for anything but list mail. Bounces sent to my normal e-mail address are discarded by my mail filter configuration -- these are the fake ones. Bounces directed to the specific MAIL FROM address I use, however, pass the filter, and end up in my inbox.

The sytem works fairly well for me, but of course requires rather fine-grained control over the different addresses to go into MAIL FROM (for machine answers) and the From header (for human answers).

(Maybe I should attempt to patent this?)

Configuring the irssi IRC client.

I haven't been using IRC "seriously" for quite some time; back then, ircII was the dominant client.

I now had a look at irssi, a perl-extensible client. The features and usability are really nice, but it takes some time to actually customize the program -- the documentation is not very good.

Continue reading "Configuring the irssi IRC client." »

Ad targeting gone wrong.

One has to wonder what Google AdSense was "thinking" when it put an ad for next to this blog entry...

October 5, 2004

Hyperlinking Case in Stuttgart

On Thursday, a court in Stuttgart (Germany) will hear a hyperlinking case: Alvar Freude is an online activist who has been fighting against controversial web blocking attempts by the Düsseldorf district authority. The authority had attempted to block access to some hate speech content (Lauck, Stormfront) by ordering ISPs to modify DNS records on their name servers. In the context of an (excellent!) documentation of these activities, Freude had linked to the incriminated material.

He is now accused to have contributed to the further distribution of the incriminated material, despite the fact that the links in question were in the context of protected political speech.

In short, the court ought to throw this case out. More on Thursday.

October 7, 2004

Stuttgart: Documentation considered Hate Speech

Joerg-Olaf Schaefers reports that Alvar Freude has been found guilty of spreading hate speech by linking to it. His documentation was not considered as such by the court; the satirical offer to read banned content over the phone was not considered satirical by the court.

October 12, 2004

DRM hearings in Brussels

This in today from EDRI's Andreas Dietl: Yesterday's Commission Contact Committee Consultation on DRM went badly for civil society participants, most of whom had been scheduled to speak in the last segment of the consultation. At the time at which the earlier slots were done, time for the meeting was up, and the last segment was dropped.

In short: No time for civil society, after the other participants had exceeded their allotted speaking time.

Palm Tungsten E

My old Palm Vx was about to give up, so I recently started looking for a replacement. I settled for a Tungsten E, the "entry" model of PalmOne's business series of PDAs.

I'm quite happy with the new toy so far: Migration from the Vx was smooth, it properly interoperates with Linux, and it's working well as an MP3 player.

Elements I don't like: Graffiti 2, and some aspects of the Palm version of RealPlayer. I have been using Palm's old Graffiti short-hand for years. Learning Graffiti 2 now is cumbersome, and in some cases definitely a step back. (Two strokes where one was enough with the old short-hand -- the character e comes to mind. Also, old-style Graffiti for E is often mis-read as a Q. Ugh.)

Realplayer (I use that as the software MP3 player; it's the one that was included) is rather bad at building playlists on the Palm -- but that's what you do when you don't use the Windows version of the software to transfer MP3s to the handheld. It's also lacking a "just play mp3s" version of the keyboard lock mode -- after all, the five-way navigation thing on the Palm is rather susceptible to being triggered by pocket fluff.

October 14, 2004

Unpaid advertising: HRS

HRS is an excellent hotel reservation service I've been relying on often in the past. Recently, I complained that I'd rather be able to include availability of Wi-Fi in hotel rooms with my room search, or at least see it prominently in the listings.

They just sent mail to let me know that they will have this feature, that it's in testing, and will be available soon.

That's what I call customer service. Thanks, guys!

November 10, 2004

More on DSL in Luxembourg

In my quest to get reasonable home connectivity in Luxembourg, I played with the idea of re-using the modem/router/wi-fi combo device I had been using in Germany. (A Draytek Vigor 2500We, with "Annex B" printed on the back side in large, friendly letters.)

Not so: Turns out that Deutsche Telekom's UR2 standard for DSL connectivity means ITU-T G.992.1 annex B everywhere (even on analogous lines), while Luxembourg P&T is using G.992.1 annex A for POTS, and annex B for ISDN. The local computer store goes even further and warns to only use Zyxel DSL modems in the Grand-Duchy -- everything else, they say, inevitably comes back because it won't interoperate.

Interesting times ahead before Internet access will actually work here...

November 14, 2004

Sony-Ericsson T630, Linux, and IRDA

Alessandro Dalvit has a nice page on the Sony Ericsson T630 and Linux.

In particular, he points out that in order to work around a bug in the T630, one has to do this:

echo 1 > /proc/sys/net/irda/max_tx_window

Now, that thing finally works as a modem with my laptop. Nice.

November 26, 2004


Finally, back online. But, of course, not without a final bit of absurdity.

We called P&T around noon, asking for the state of affairs. The technical department told us that, well, maybe they were going to do their work this afternoon, maybe not, and we couldn't do activation today. We were further told that the commercial branch was evil, and promising unrealistic time lines out of the blue. We called the commercial branch, and asked what this was supposed to mean -- after all, we had been promised "no later than Friday afternoon." Well, they told us, call at 4pm.

We did, and -- surprise! -- the technical branch's hotline was indeed able to find an engineer who could then perform the final steps.

December 7, 2004


I'm back from a week in Boston. Last time, I made some bad experiences with KLM/NWA. This time, I took Luxair for the short haul part of the trip and Lufthansa for the transatlantic flight.

What should I say -- they were roughly on time (apart from that ugly two hour delay in Frankfurt), and (as usual) more organized than KLM and NWA, but I'm far less satisfied than I have been with Lufthansa flights to other destinations in the past.

Annoyances started with the fact that Lufthansa is operating its US flights from a part of Frankfurt Airport which is accessible to transferring passengers from incoming flights. So, once you get close to your gate (way past passport control and usual security checkpoints), you have to go through another security control: A "routine" pat-down search, since they just don't have the usual metal detector gates there. Queues before this security checkpoint at times counted some 200 people waiting. Once through this check, there were close to no eating or shopping opportunities.

On the flight itself, service was rather slow. On the daytime flight to Boston, the annoying part was sitting in front of that empty tray for half an hour; on the flight back, the annoying part was that they would keep Economy class passengers awake for more than half of the flight. The meal served on the flight back was a little problematic as well: First, garlic was one of the main vegetables; second, they were serving joghurt pre-packaged at normal air pressure -- you can probably imagine the effect of opening this on an airplane.

Finally, mileage: Lufthansa has reduced the number of miles they give on Economy class tickets significantly; I'm getting some 1800 miles for each trans-atlantic segment. In practical terms, this means that frequent flier benefits and upgrades have moved far enough away to make the Miles & More program mostly uninteresting -- unlike KLM's Flying Dutchman, where benefits are granted at lower mileage, and reasonable mileage is granted for Economy class flights.

For the moment, I find myself not having a preferred airline any more. Probably, I'll try Swiss next.

(On the positive side, I should add that the classical music audio program was, unlike the movies, exquisite, including a rare recording of a Schumann symphony with Furtwängler conducting the Berlin Philharmonic Orchestra; also, the service provided in Frankfurt to a colleague who sits in a wheelchair was stellar.)

December 26, 2004

Why don't iPods enable us to share music?

On a train ride the day before christmas, I observed a group of four people sitting around a table: A mother with her two teenage sons, and a not-too-geeky twentysomething. The teenagers had an MP3 player, one of the cheap USB-stick-like things; the twentysomething had a laptop and a bunch of CDs. Within relatively short time, the twentysomething and the boys had connected, and started talking about music, and started sharing it -- or, attempted to share it, going through various technical problems. The story these four people tell is about the social dimension of music and culture, and more specifically, about the social dimension of sharing it.

This dimension is not about positioning some product as a cultural movement, marketing-wise: Rather, it is at the very basis of the culture we live in.

If anyone was to design a truly cool (as in, cooler than iPod) portable music player, that gadget wouldn't just be a player that is made a "cultural movement" by marketing. Instead, it would be desinged to connect people by letting them share the music stored on it. It would be designed to strengthen the social fabric that sharing of culture can be. It would be easy to extract stored music. It would be easy to share music between devices, wirelessly. It would be easy to share whatever you listen to currently, by broadcasting (podcasting?) a stream over a local wireless network. It would be easy to tune in to whatever music the others at the table (in the room, on the train, on the plane, ...) listen to, if they want to let you in.

Obviously, the iPod isn't that kind of device today, and the social fabric that culture provides is alien to its "cultural movement" of cool, white-headphone-wearing solitude. Apple doesn't even want you to extract the music stored on it, and the headphones won't make it easy for you to share whatever you listen to with your seat neighbour. (Nevertheless, iPods are rather nice and quite addictive gadgets.)

The technology you need to build the music-sharing gadget I'm dreaming of is there today. But, unfortunately, culture's social dimension is thoughtlessly denounced as "piracy" these days, so I don't expect to see that cool device I imagine in the marketplace any time soon.

In particular not if the studios get what they want next year.

February 12, 2005

.local under Linux

This is extremely cool: nss-mdns 0.3 finally provides decent client-side support for mdns; for RPM-based distributions, a spec file is available.

In simple terms, this means that you (1) build a package from this, (2) add "mdns4" to the line in /etc/nsswitch.conf that starts with "hosts", and (3) enjoy the .local zone as if you were using a Macintosh.

(Major linux distributions have been shipping with mDNSResponder enabled for some time. That's the server side on the equation, and it made the linux box visible to nearby Macs. A usable client-side implementation was missing so far.)

March 8, 2005

Revisiting ACPI

I have been ranting a lot about Linux' support for my thinkpad: APM suspend (and, more importantly, resume) has been broken for quite some time, and is getting constantly worse. With the latest Fedora kernel, the machine won't even suspend any more when the wired ethernet driver is loaded; when that driver is removed, the machine still goes nuts upon resume.

Time to revisit ACPI, which was poorly supported when I originally set up the laptop, and swsusp, which still isn't included with Fedora's kernels. Turns out that, these days, ACPI suspend and resume is far more stable than APM suspend, and that swsusp2 just works when installed according to Matthias Hensler's useful instructions.

March 27, 2005

Crossing Borders

One of the nice things about living at the German-Luxembourg border is that you mostly don't notice when you leave one country and enter another. It's quite normal to go on a bicycle tour and cross the border multiple times without even stopping.

Border control facilities have mostly been shut down, and are being repurposed for more reasonable things. For instance, in Rosport near Echternach, for an art gallery.

May 18, 2005

Luxembourg Lawyers Mustn't Link (Nor Be Linked)

For the first time, the Reglement Interieur of the Luxembourg bar association has been published: These rules used to be a well-kept secret of the kind of fraternity that the bar association was. The publication now is the result of the original rules being struck down in court, and of a law that for the first time ever actually gives the kind of rulemaking authority needed to the bar associations' councils. Also, the bar is now barred from putting tabs on third parties' money.

While the transparency inflicted on the bar association has without doubt helped to throw out some of the more outrageous rules that were rumored to be contained in the old reglement, it also makes some recent silliness visible.

The good news first: Luxembourg lawyers are allowed to set up web sites.

The bad news: They musn't link to non-lawyers, and they also must be vigilant that their sites not be linked to by non-lawyers. (Now, how's that rule going to be enforced?)

If you're as curious as I am as to how this plays out, updates are going to be here.

June 3, 2005

They shouldn't have called it a "constitution"

Over at Crooked Timber, Maria Farrell has a brilliant rant on France's EU constitution referendum, with an entertaining and extensive flame war on economic policy, EU-US relations, and the (de)merits of the constitution in the comments.

A question, though: Has anyone actually read that thing they call a constitution?

Being German and living in Luxembourg, hence not entitled to any vote on this beast, I hadn't even tried (and hadn't paid that much attention), until last week-end. When I tried, I was disappointed. Human rights, which are by definition universal, come with irritating qualifications added to them -- "human rights, in particular those of minorities" here, "human rights, in particular those of children" there. There's a "right to security" to give the security guys bargaining material against genuine human rights. Elections are a lot of things, but not equal. The preamble isn't even understandable in either English or German -- you have to resort to the French version of the text if you want to understand what's meant. And there's, of course, much more on the hundreds of pages.

But what is the reason for my disappointment? I expected to read a constitution. Something crisp, with a brilliantly-worded catalogue of human and citizens' rights, with a separation of powers, with checks and balances, with proper democratic institutions (ok, strike that, I already knew that the new treaty would keep the last word with the Council). Less than 50 pages, please. What I read was an international treaty with some constitution-like elements glued to it, and badly.

Would anyone in their right mind give this thing the legitimacy and weight a constitution needs to bear? I'd hope not. Would much of the substance be a good treaty to enter into for the EU's member states, in particular when compared to the status quo? That might quite well be.

July 4, 2005

Airline invents matter transport by telefax

On the phone with my preferred airlines' frequent flyer program, complaining about a bunch of missing flights: "If you could please make a copy of your boarding passes and passenger receipts to keep for yourself, and fax us the originals." -- "yes, ma'am"

August 11, 2005

T43 under Fedora Core 4

I'm now running a Thinkpad T43 under Fedora Core 4.

The entire installation process was painless; the machine seems well-supported by FC4. Some non-obvious notes, though:

  • Bluetooth is recognized as a built-in USB device. To make this work after suspend/resume, remove the modules uhci_hcd, ehci_hcd, and hci_usb before putting the machine to sleep, and re-add them after wakeup.
  • The built-in Intel i915 graphics adapter is supported either by the Vesa driver, or by the i810 driver. The latter will only work if you install some recent DRI drivers.
  • To make Xorg work after suspend/resume, make sure you add acpi_sleep=s3_bios to your kernel command line.

I haven't tried the built-in modem

That said, the machine makes generally a very good impression. It's slimmer and lighter than my old Thinkpad R40, while at the same time making a much more robust impression.

The only negative observations so far: The T43 heats up much quicker than the R40, hence the fan ends up running most of the time; I wonder if this is related to the driver that I'm using for the graphics adapter. Also, probably due to the reduced height of the laptop, the keyboard has a different and, I think, more flimsy touch than the one on the R40 -- that machine has probably the best keyboards (laptop or desktop) I have ever used.

August 13, 2005

T 43 fan control daemon

As I mentioned earlier, one of the more annoying properties of the Thinkpad T43 is that its fan is running almost constantly, even whe the device is basically cold.

This daemon controls the fan: When a certain temperature is exceeded, the fan is turned on. When fan speed drops below a certain threshold, it's turned off. The daemon tries to be safe by turning on the fan when it is killed or otherwise encounters an error. If that doesn't happen, there's an emergency broadcast through syslog.

WARNING: Turning off the fan might lead to overheating of your machine. Use at your own risk. This daemon may have bugs that could lead to this situation.

August 30, 2005

ID puzzle

Coming from a country where it's mandatory for me to have an ID with myself (Germany), but where I'm pretty much never asked to show it (often, not even when crossing borders, and certainly not when just taking some long-distance train), it's a remarkable contrast to be in the US: Here, the national ID card seems to be a major political scarecrow -- yet, I've never seen as many demands for "showing ID" as in the past 10 days in New England. Want to buy alcohol or tobacco? "Take it as a compliment -- we ask for ID on every purchase of age controlled goods," says a sign in the shop. Want to pay a relatively minor purchase by credit card? "Could I see your ID?"

I find the discrepancy puzzling between, on the one hand, ubiquitous use of ID, and on the other hand, massive fears of the adverse effects that a national ID might have on privacy.

September 18, 2005

Skype in Luxembourg

The takeover of Skype by Ebay is all the hype in the local Luxembourg press -- after all, Skype's corporate umbrella and payment processing sit in Luxembourg. Local press (e.g., the "Wort") boasts about the commitment of the company to the Luxembourg business place. Further down the same contribution, we learn what this commitment really means: 200 people total work for Skype. 12 of these work in Luxembourg. All the development is done in Estonia, and the firm is actually lead from London.

But, of course, all this speaks well of Luxembourg as a place for advanced technology, and makes us expect that Ebay will also be interested in doing more of its future busines from here.

September 23, 2005


I decided that I, finally, can't avoid learning a bit about JavaScript, and hence got myself a copy of The O'Reilly Book -- this time, JavaScript. The Definitive Guide.. The book -- at 916 pages and 1.3kg, and it's a paperback! -- begins with the words:

JavaScript is a lightweight, interpreted programming language

Makes me long for the times of Kernighan and Ritchie -- 272 pages, and 650g, in the bound version.

Seems like the definition of "lighweight" has changed quite a bit.

The Internet Directory has arrived!

In the mail today: The national telephone and Internet directories. The directories are updated annually.

This year's stack of directories

September 26, 2005

Installing Windows on a Thinkpad

... required a FreeDOS boot in between: I had that Thinkpad R40 sitting in a corner, with Windows XP installation media hidden in that protected IBM recovery partition, and with no particular reason to preserve the Linux installation that sits on that machine. So I decided to push the blue "Access IBM" button and tell the machine to re-install itself to factory settings.

Interestingly, that left me with a system that still had remains of GRUB sitting in its MBR, and wouldn't boot. Amazingly, the IBM startup menu seems to offer no way to do a simple FDISK /MBR. (It also doesn't seem to offer the option to erase any existing data partitions -- such as my Linux installation.) I ended up typing that command into a FreeDOS command line interpreter; after that, Windows would boot like a charm.

Yes, the recovery mechanism is nice. But it wouldn't have been very useful in, say, a hotel room without Internet connectivity and another machine to burn that boot CD.

November 13, 2005

When do they compete on value?

This quote from the IHT hits the point: One angry "customer reviewer" of Van Zant's album put it another way on "Boycott Sony!" he wrote. "It looks like it's now safer to download pirated copies than to buy CDs!!"

The music labels are on an expensive quest to reduce the value that they offer for the money they are paid. Music that you can't copy on (or off) your ipod. CDs that don't work in your car. Costly mobile content that expires together with this year's mobile device. CDs that hack or damage your computer.

The competition between labels and black market downloads is no longer just about price: It's about the value offered. When downloads are universally useful (by just being MP3s), safer than CDs bought in the shop, and less of a hassle than walking to a shop or using a legal download service -- where's the value proposition that should drive customers to get music through legal channels?

November 14, 2005

"Promoting Public Confidence"

Some call it security theater. Others talk about "promoting public confidence."

From a Scientific American article about an eventual flu pandemic: Screening incoming travelers for flu symptoms, for instance, "lacks proven health benefit," the group concluded, although they acknowledged that countries might do it anyway to promote public confidence. Similarly, they were skeptical that public fever screening, fever hotlines or fever clinics would do much to slow the spread of the disease.

December 20, 2005

Open Standards

The FLOSSpols project deals with policy aspects of free / open source software.

The project has recently published a new deliverable, An Economic Basis for Open Standards, in which they define the openness of a standard relative to the market in which implementors of that standard compete: Open standards: a natural monopoly arises (de facto) or a monopoly is defined and agreed upon (de jure) in a technology, but the monopoly in the technology is accompanied by full competition in the market for products and services based on the technology, with no a priori advantage based the ownership of the rights for the rights holder.

This notion is then applied to the GSM market (with high costs of market entry) and the word processing market (where a proprietary product is dominant, and the most relevant competitor is open source). These differences between the two markets then lead to different notions of what "openness" means for a standard in either of these markets.

In another part of the document, some immensely useful and reasonable requirements for public procurement are derived from this economic analysis.

Overall, this deliverable is a good example for the power of economic thinking, and well worth reading.

March 15, 2006

Security Usability Workshop

I'm in New York, co-chairing the W3C Workshop on Transparency and Usability of Web Authentication. Quite a lot of interesting discussion so far; we'll have minutes and a report shortly after the workshop. Phill Hallam-Baker is sitting across the aisle, and blogging in more detail than I can.

Incidentally, the sight from the workshop location is marvellous.

August 11, 2006

Fedora Core 5: 8/10 points

I just did an upgrade of my laptop (a Thinkpad T43) from Fedora Core 4 to Fedora Core 5, using the yum package manager. Instructions here.

This has been the most hassle-free upgrade since Debian. Points to consider:

  • Remove the jpackage repositories, if you were using them. The relevant packages seem to have become part of Fedora.
  • You can upgrade Fedora Core (core) and packages from the Livna repositories in one pass.
  • Yes, it does take a bit too much time.

In terms of after-upgrade pain, in typical RedHat fashion, suspend/resume is broken with the latest kernels, so I'm running on the same old Fedora Core 4 kernel that I've been using in a while. Overall, FC5 feels snappier than FC4; it seems like some major memory hogs might have been removed. NetworkManager now supports Wireless Protected Access (and the necessary infrastructure is installed by default); that's a very welcome addition, and I've reconfigured my access point.

My favorite text editor (jed) is included in a version that deals with utf-8, so I've finally switched to a native utf-8 environment for all I do. This particular update required a one-line change to a custom SLang script that I use for editing e-mail, but that's not to blame on the distribution. Overall, the switch from iso-8859-15 to utf-8 was limited to putting a different system default locale into /etc/sysconfig/i18n, and removing some iso-latin specific stuff from my .jedrc and my .Xresources.

Overall rating: 8/10 points; I don't get why Redhat isn't able to consistently support suspend/resume on one of the more common laptop platforms around.

August 19, 2006

On the search for a usable RSS reader

I've been looking for a decent RSS reader for a long time, without success. Most of the time, I'm using Sage, a firefox extension, but I'm not really happy: I'd like to read blogs as quickly as possible, scan through them without much hassle, and I certainly don't want to be bothered by feeds that have no news. Just give me the bare essentials.

I guess what I'm ultimately looking for is an RSS reader that -- finally -- gets me back to the user experience that I would get with the good old nn(1) news reader. Amazingly, Google Reader gets closest so far.

December 27, 2006

23C3, day 1

I'm in Berlin, at 23C3. Day 1 is getting late. So far, it's one of the best conferences I've been to this year. Packed lectures with attentive audiences; thought-provoking talks; good hallway chats.

Today, I heard about a probabilistic trust model for PGP (which is apparently based on theories that deal with reasoning in the face of uncertainty; this looks like one of those cases where the really interesting stuff was left out of the talk); about user interface designs (and what geeks might be tempted to do and rather shouldn't; great talk and an even more packed room); about surveillance in hotel rooms (and why not to use big brandname hotels); about voting machines in Netherlands (and making them play chess; my "best talk of the day" award goes to this one). I got to catch up with some old friends whom I haven't seen in a while (and missed some sessions), and I got to talk to the folks at for a bit.

Right now, Caspar Bowden is giving a nice presentation about Cardspace; unfortunately, I've seen some very similar talks a number of times in the past. During the Q&A, Caspar brings up an interesting question: What implications does Data Retention (more about that later tonight) have for Identity Providers in systems like Cardspace?

December 29, 2006

23C3, day 2

Day 2, yesterday, was less exciting than day 1. That might be a function of the talks that I actually attended: The guy who presented an analysis of the Linux kernel-mode PRNG botched his answers to some questions from the audience. Steffen Meschkat gave a nice tutorial about JSON, but ran over his allotted time and skipped the authentication and authorization related part of his talk -- pity.

The best talk that I got to listen to was in the RFID hacking session; Henryk Plötz showed how to replicate an access-control card with home-grown technology and an ipod. Bonus points for hack value.

Now, day 3.

23C3: Lessig

At 23C3, Larry Lessig is speaking on "free, the difference between code and culture". His main point: Different communities need to articulate different freedoms and restrictions in licenses. What the GPL uses as a defense against free riding for code (sharing alike) might not be enough for photos or music or text. The non-commercial restriction that CC licenses are able to express is one tool that might serve as such a defense. Lessig also notes the importance of communities respecting other communities' needs in terms of licenses, instead of imposing their terms and notions on others. Doing otherwise would be "imperialism," says Lessig.

Barlow, from the floor: Civil disobedience will be important to break the current copyright system. Teenage geeks win the technical side of the war, and recording industry will lose battle for their hearts and minds.

Lessig: Don't doubt technical community's ability to crack DRM, but doubt their ability to deal with the politics that are created. Don't lose the opportunity to convince people why we are right. MGM vs. Grokster got thought about as "should people be allowed to steal," and was lost. If there's a perception that community doesn't take on the political side of the argument, but just wants free stuff, then it'll continue to lose.

January 20, 2007

What is it about plastic cutlery?

I'm in Cambridge Massachusetts for a bit more than a week, attending a bunch of meetings. Occasionally on these trips, there are moments when you encounter an element of a different culture that you just don't get. This time, it's the apparent preference of US folks for plastic cutlery, plates, etc.

Strangeness 1, from this European's pespective: The breakfast buffet at the Residence Inn actually offers both the throw-away plastic stuff, and the real china and metalware variant. Strangeness 2: Many of the US guests actually chose the plastic stuff. Why on earth?

February 3, 2007

Meet the Pandemic Glue

Courtesy of Google News:

google news typo

February 4, 2007

Bristol graffitti petition

The petitioner requests that Bristol City Council rejects calls from Conservative Cllr Spud Murphy to remove the Banksy painting on Park Street at significant expense, and instead keeps it as a popular and amusing asset to the city for so long as Bristol residents continue to support it.

The art in question.

Some architecture photos

I spent a splendidly sunny Saturday morning on Kirchberg -- not just Luxembourg's quartier Européen, but also the site of a huge amount of public spending into some rather fine modern architecture: Christian de Portzamparc's Philharmonie and IM Pei's Musée d'Art Moderne.

Fortunately for me, the Philharmonie was actually open for a group of fashion photographers (or so it seemed). I did get to take some nice shots of the entrance hall before I was very politely shown the door by a security guard.

At MUDAM, I wasn't surprised to once again find the architecture more impressive than the art shown, this time, a number of works by the late Michel Majerus. Fortunately, MUDAM has an enlightened photo policy: As long as you don't use the flash, they'll leave you alone.

My photos here; MUDAM photos on flickr.

February 9, 2007

Aqua Teen Hunger Force Remixed: The Luxembourg Infernal Coffin Scare.

Scare CoffinPush the Brand was quick to remix last week's Aqua Teen Hunger Force Witch Hunt: Fifty open infernal chests with garlic, rosaries, and a crucifix had been distributed across Luxembourg city this Tuesday, deposited in front of posters showing a glamorously photographed beauty that had obviously been the victim of vampirism, with the slogan "préparez-vous." The public reaction included traffic chaos and bomb experts who were quick to realize that the coffins were quite harmless. The police collected all boxes.

It's unknown what this advertising is all about, but the campaign was clearly successful. Push the Brand has, of course, apologized.

March 12, 2007

Fedora Core 6

My laptop spent some of its Sunday on upgrading to Fedora Core 6, once again using the yum package manager. The upgrade was extremely uneventful, and there are few (if any) user-visible changes. For a change, suspend/resume continues to work after the upgrade.

April 3, 2007

Presentation styles

I was asked to speak at the Hungarian Web Conference in Budapest last week-end. That conference brings together about 500 Web aficionados at a conference center in Budapest's tenth district. Most of the conference was in Hungarian; talks are given in four tracks throughout all Saturday. Kudos, first of all, to W3C's Hungarian Office which was a co-sponsor of the conference!

For my talk on security and usability on the web, I tried a Lessig-like presentation style. The result was, I dare say, a pretty good talk -- one of the better ones I've given in a while --, and a lesson learned about how I prepare talks.

Usually, what I do is ultimately an academic lecture: I prepare some material, I assume that I'll have slides to serve as a buffer for the audience to hold context (just like we had the blackboard back when I did talks about maths), and then I start explaining things. Of course I rehearse once or twice, readjust some things, make sure there's some kind of flow to what I tell -- but, ultimately, I rely on the written material, and you'll be able to extract much of the talk's content from it.

In Lessig-like mode (similar to Takahashi style or Hardt style), I found myself preparing a speech. The slides served to underline a point, to hold a quote, to emphasize -- but not to hold context. I found myself in story-telling mode much more than I usually am. I found myself forced to break down my argument more simply and more clearly than I'd usually do. I found myself using more rhetorics than I normally do, and I found myself preparing by giving the speech I was going to hold in little pieces, by iteratively changing the slides, by rehearsing this point or that point over and over.

The downside is clear: While the slides are now available for public consumption, you may not easily get some of the points in there; some of the slides really only make sense when they are combined with the spoken word. I hope none of the possible misunderstandings will haunt me later; actually, I was quite reluctant about making these slides public in the first place (though I'd any time make a recording of the speech together with the slides public, if I had one).

I'll try this presentation style again: while it takes more preparation than an off-the-mill "powerpoint" presentation (I'd never dare to prepare a talk like this during the session that leads up to mine, for instance), I find it more fun to prepare and give talks like this.

If you haven't ever tried this style, go try it. It's worth the effort.

May 17, 2007

What blog platform to choose?

I've been a happy user of Movable Type 2.66 for a long time, and along with moving my personal server elsewhere, have upgraded to Movable Type 3.35. Turns out that not just is the license constraining (I thought I was within the constraints, since I only really run a single, personal blog any more), but so is the set of available features. Implement the random pointers part of this blog -- on a purely technical level -- as another blog installation (as I had done back then)? Well, go for Movable Type Enterprise, or buy the appropriate additional plugin to make it all fit together.

Being the "cheap" type who likes extensibility and the ability to play around with the software he uses, I'm now wondering what blogging platform I should choose to run on this Linux machine -- as nice as MT 3 is in terms of UI, I won't stick to it. Wordpress? b2evolution? S9Y, as =F6 recommends? Something else that I haven't heard of, yet?

A smooth migration path from Movable Type is among the most critical criteria for the choice. A decent and simple web interface to post new items and administer comments as well. Oh, and I want to be able to syndicate an external RSS feed into this blog's sidebar, seamlessly. (Now, that's so 2002, as far as feature requests go...)

When security meets reality: AACS

Engadget reports about the next step in the AACS saga (via BoingBoing): During the time window between one cracked AACS key getting all over the place, and industry revoking that key, yet another key has been compromised.

This is not just a glimpse at the sorry state of DRM technology and deployment, but also a study in failure modes of security technology. What has been demonstrated by this particular crack is nothing less than the total collapse of the protection that AACS is supposed to deliver, because the attackers are capable (probably reproducibly) of opening a new hole while the defenders in the system are still in the process of rolling out the countermeasures to the last. We might end up living in a world in which no Blu Ray or HD-DVD disk will hit the market protected.

Meanwhile, it looks as if we're going to see the defenders engage in an exercise of whack-a-mole in which all they do is burn money, without ever achieving their protection goals. The security technology and the organizational measures surrounding it turn around to damage the defenders more than they'll ever damage the attackers.

For some more reading on the design aspects exposed in this particular DRM debacle, have a look at these links:

(In the last one, Ed Felten tries to model an attacker with an economic incentive to break the keys, and predicts certain behaviors. It's interesting to observe how the behavior we're seeing in real life is (a) different, and (b) even more damaging to the defenders.)

May 18, 2007

Some masterful photography: r12a

While there are a number of gifted photographers among my colleagues, Richard Ishida (aka r12a, for being the i18n activity lead) truly stands out.

His latest stunning photography shows us Wazir Khan Mosque, and the Streets of Lahore. But also go see his collection of Bhutan photos, and the pictures he took in Hyderabad.

(To point to just a few of my favorites. The collection of photos that Richard has online is vast, and worth spending time with.)

May 19, 2007

Presentation styles (2)

In Presentation styles, I wrote about my first attempt at using Lessig style for a presentation.

I've done it again since -- once at the German anti-phishing symposion in Bochum (slides in German), where my point was that security technology can't really work if it ignores the constraints and possibilities of an underlying platform (and where I talked about some of the work of the Web Security Context Working Group) --, and at a panel at W3C's AC meeting in Banff, where our theme was what the failure modes are that keep security technology from getting deployed.

For that last talk, I'll admit that I was about to do a "normal" powerpoint-like presentation (but using slidy, Dave Raggett's XHTML + Javascript based presentation tool for once; authoring Lessig-style with that one is actually an uphill battle). After a while, I gave up in frustration: Turns out that, once you've done that other presentation style for a short while, you don't go back to standard powerpoints that easily. The talk actually went reasonably well.

I still expect to go back to usual powerpoint style for the next two or three talks that I'll need to prepare, though -- simply because they'll be much more like lectures in character than the recent talks have been.

Trying Firefox 2

I've been a firefox user for a long while, and normally stuck with the version of the browser that came with my Linux distribution of choice (currently: Fedora Core 6). Recently, however, the Firefox 1.5 builds that are distributed by Fedora seemed to suck up all the memory on my machine, and for good measure started crashing when they encountered complex web applications.

I figured I could try Firefox 2 as well, so I finally installed the thing.

Overall, I'm not noticing huge feature changes. However, some effects are worth it for me:

  • The RSS feed auto-detection is now able to redirect to web based feed readers' subscription interfaces; I can subscribe to a feed in Google reader by clicking on the feed icon in the address bar. That's a huge plus.
  • The tabbing UI has improved significantly. I'm finally able to manage my tabs reasonably (as opposed to just accumulating them until Firefox crashes, or until I close the window).
  • The entire thing feels faster and leaner. That might be related to my previous point above about tabs, though.

Overall, I'm still amazed how a graphical UI that lets me run a terminal, a graphical web browser, an HTML editor, (recently Skype, some other instant messaging software), and an office suite seems to consistently eat all of a PC's memory, at any given point in the curve of PC and software development history.

(Off to order a memory extension. ;-)

May 20, 2007

From WWW 2007: Mashing up the Mobile

One of the sessions at WWW 2007 that I'd really have loved to attend (but couldn't) was Mashing up the Mobile, by Paul Downey and Uros Rapajic of British Telecom.

Fortunately, their slides are now available online, and I got a quick intro to much of the content while playing booth babe at the W3C booth on another day of the conference. The work that Paul and Uros are doing essentially explores what happens when you connect mash-ups, RSS feeds, and mobile phones with each other in all kinds of ways, and then just let the ideas flow. The results are both playful and powerful.

While talking to Paul, I also learned about Twittervision, Dapper, and what happens when you feed geotagged RSS into Google Maps (try it). Good stuff!

May 25, 2007

Towel day

May 25 is pangalactic Towel day. In memory of the late Douglas Adams, please carry a towel around all day, and put it to some appropriate use. The flickerati also mark the day by posting photos of themselves and their towel. The tag is, obviously, towelday.

For technorati:

May 26, 2007

What's that silver thing again?

I'll confess that, when I'm wearing my "just a user" hat, I've (mostly) made my peace with Flash -- usually, these sites tend to redner as intended, and plugin support in Firefox 2 was good enough to take care of my installation needs without me thinking much. Which means that flash sites are mostly noticeable for being annoyingly noisy (so much fun when you skype into a telephone conference), or maybe unusable -- as my bank's pretty new login form. (I'm back to paper when they make that thing mandatory for online banking customers.)

In Silly season, Mark Pilgrim gives a fine rant, and a survey of the latest attempts to rebuild the Web by breaking its core design principles. Seems like the system I use is non-mainstream enough again to simply show me those "plugin not supported" errors for a while, as a reminder that some sites use proprietary technology at their own peril.

Thanks to Microsoft and Adobe for the nice demonstration (again) of why proprietary just doesn't work on the Web!

(Found via Silverfish and Appallingo by Paul Downey.)

June 8, 2007

Fedora 7: GUI ignorance?

Fedora 7 is out, and I've upgraded. The upgrade was mostly unspectacular.

I use KDE as my desktop environment these days, but a number of critical applications (Firefox, Amaya, OpenOffice, gaim^Wpidgin) use gtk. It took a bit of magical fiddling with font settings to get GTK applications to use the right fonts again. When all seemed well, OpenOffice had a nasty surprise ( bug #4650; fedora bug report #232159) for me: The interaction with gtk-qt-engine is broken enough that the software becomes essentially unusable. I'm somewhat bewildered that this seems not to be treated as a priority by the Fedora folks: OpenOffice is, for all intents and purposes, an absolutely critical piece of application software that simply must run flawlessly on any Linux system today that claims it's targeting the desktop.

I'm now back to using GTK applications with a native GTK theme that looks similar enough to the KDE environment I'm in. Still, these two bugs alone may very well be enough to make ordinary desktop users switch to other distributions, or systems.

Meanwhile, gaim is now Pidgin; with the change in name comes a change to an amazingly ugly icon theme -- yes, even geeks like their desktop pretty!

Edited, later: They've done it again -- suspend/resume needs more manual fixing. This time, the bluetooth subsystem leads the kernel to lock up upon suspend. Fortunately, this is fixed by a simple /sbin/service bluetooth stop in the suspend script. Still...

June 11, 2007

Bias in reputation systems

A while ago, I ordered a memory extension at Amazon -- or, rather, through Amazon. The first merchant took a while to not deliver; I called them, they tried to feed me some cheap excuses (which were rather obviously wrong). I cancelled my order, but that cancellation was only confirmed by the merchant once I tried to invoke Amazon's guarantee.

Overall, a pretty bad experience -- this particular merchant didn't do what they were supposed to do, they communicated badly, and they didn't react in a timely way. Yet, I can't give a rating in Amazon's reputation system: After all, the order was cancelled... This suggests that some of the really bad merchants might have higher reputations there than they deserve, simply for the reason that the customers who were disappointed most heavily don't get to rate them.

(The memory extension has meanwhile arrived from a different merchant who got 5 out of 5 points for professionalism.)

July 9, 2007

The Roots of Lisp

I had put down a number of LISP books before, simply not getting it. Then, on a too long plane ride, I read Paul Graham's The Roots of Lisp -- and there it was, a brief piece that demonstrated the sheer elegance and beauty that is to be found there.

If, like me, you've always wondered about LISP, but never got it, this might be the paper to read.

Architectures of Control: Heathrow.

Tim Bray recommends to Avoid Heathrow At All Costs -- indeed a good idea, and there's also a lot of amusing commentary to be read there.

One of the more interesting comments points to Architectures of Control, which discusses how designs of buildings or objects aim to control and manipulate their users.

Case in point? Heathrow, as reported by the Guardian:

Flying from the new Heathrow Terminal 5 and facing a lengthy delay? No worries. Take a seat and enjoy the spectacular views through the glass walls: Windsor castle in one direction; the Wembley Arch, the London Eye and the Gherkin visible on the horizon in the other.

But you had better be quick, because the vast Richard Rogers-designed terminal, due to open at 4am on March 27 next year, has only 700 seats. That's much less than two jumbo loads, in an airport designed to handle up to 30 million passengers a year.

There will be more chairs available but they will be inside cafes, bars and restaurants. Taking the weight off your feet will cost at least a cup of coffee.

More here.

(And, in case you're wondering, my luggage typically gets lost at Charles de Gaulle or Schiphol...)

August 22, 2007

Creative Commons Luxembourg: Launch on 15 October

The Creative Commons licenses come to Luxembourg: There will be a launch event on 15 October, at the Public Research Center Henri Tudor on Kirchberg.

Speakers will include Patrick Peiffer (the driving force behind Luxcommons, and also involved with the CC-licensed Luxembourgensia collection at the National Library), John Buckmann (Magnatune founder), and Laurent Kratz (Jamendo founder).

And for the Web 2.0 crowd: It's on upcoming as well.

August 23, 2007

From the anti-spam toolbox: Greylisting.

Greylisting is the idea to reject incoming messages with an SMTP error code that indicates failure, unless the source of the message has sent e-mail to the given recipient before (or some other heuristic for "we've seen that source before"). The observation underlying this scheme is that e-mail has traditionally been a store-and-forward medium able to deal extremely well with all kinds of temporary glitches. Ordinary mail servers will just queue up a message when they get "greylisted", and try again after a while (and again), at which point the message will be accepted. The SMTP implementations used by spammers, however, seem to commonly just fail when they encounter any kind of SMTP error.

spam statistics

The statistics show that greylisting (I'm using postgrey) has been removing a significant part of my incoming spam burden; the green curve represents the spam and other junk detected on my personal mail server, the blue curve represents the messages that get through (still including a significant amount of spam, most of which is caught by a bogofilter installation on my laptop).

Of course, greylisting has one significant weakness: It will only work as long as it makes an insignificant dent into spammers' output (as opposed to just some sites' input). As soon as the technique becomes widespread enough to become noticeable for spammers' returns, we'll start to see SMTP implementations for spammers that implement some kind of retry mechanism. Until that happens, however, greylisting is a truly useful tool.


Over at IGP Blog, Milton Mueller has posted a WHOIS timeline, which indeed makes for a nice presentation of the institutional drama that ICANN has seen over the years, and that I spent more time on that I'd ever want to be reminded of.

The timeline gets a bit fuzzy on the facts, however, when it comes to the 2003 and 2004 events.

Continue reading "The ICANN WHOIS Saga" »

September 4, 2007

Transparently insane?

Via flyertalk, this story about a transparent bag mandate outside an airport context: Wissahickon Students Face Strict Backpack Rules

High School students in the Ambler, Pennsylvania, headed back to school Tuesday facing new security measures limiting their choice of backpacks. Effective Tuesday, all students in the Wissahickon School District are required to carry clear bags. Students are currently permitted to bring mesh backpacks to school, but once inside the building, they must change to a clear backpack. ... Wissahickon is the third high school in Montgomery County to adopt clear backpacks.

September 22, 2007

Online work styles: Low latency required?

Agia PelagiaI spent the last week-end touring Crete, and the subsequent week in meetings in beautiful Agia Pelagia. While everybody was longing for the breaks and evenings (you just can't not go for a swim there), a lot of us were fighting with Internet access: While nominally high-speed access was available in a number of places, the latency often turned out to be a killer. Using skype for a telephone conference (which I do pretty regularly while traveling) turned into a disaster, both concerning sound quality and latency; I did more than one conference call from my mobile, which I normally avoid like the plague for these things. Doing work on CVS was annoying and made focusing hard, since any update or commit would take ages. Going through list archives was almost impossible.

In the end of the day, I was much less effective getting my usual work done than I normally am while traveling. Without me having noticed before, my work style had become dependent not just upon having some Internet access, but upon having low-latency Internet access. I was surprised myself how badly I function in asynchronous mode these days.

I wonder if that's just how my personal work style evolved, or whether it's a more general effect? How do others deal with work in high-latency environments with spotty Internet access?

September 23, 2007

Picture recognition, social networks, mistakes, and privacy-enhancing technology

One of the most fascinating side conversations last week was about picture and face recognition in social networks: The basic argument was that, even if people might have the good sense to use a pseudonym for some social network activity, they'll often associate photos with their profiles, and that these photos might lend themselves to easy recognition and linking of online profiles to real-life identities, undoing the privacy effect of having chosen a pseudonym in the first place. It might be a good idea, that particular argument continues, to include features with social networking sites that might obfuscate photos to the point that they aren't easily recognized by machines. As an example, a somewhat embarrassing questionnaire scraped off some social networking site was shown. ("Have you been involved in a fist-fight? Have you been arrested? ...") It featured a photo of what was presumably the young lady that had filled it in. The implication was that, some time soon, a would-be employer might find that entry based on a photo search, with all that follows.

The "let's obfuscate photos" approach is a particularly illustrative example for a deeper conflict: The one between self-expression online (which is enabled by sharing real data, real photos, real stories -- and real lies!), and privacy online (which is endangered by sharing real data, real photos, real stories -- and real lies!). The question in this conflict is no longer about collecting (or publishing) data (as the obfuscators seem to suggest). The solution is no longer about pseudonyms or hard controls: The question is ultimately how we deal with the societal and personal cost that comes with the Net's vast opportunities for self-expression, and the solution must be in the same sphere. Technology can help us find a solution, though, and Creative Commons is an important example for this approach in the copyright space: It helps people to do the right thing. And sometimes it helps people to make errors that need to be settled in court.

The critical observation here is that technology takes an helping role, not an enforcement role, not a decision-making role. The decisions and the enforcement are kept on the social and societal level.

And to some extent, we might be starting to see societal change: When youthful (or later) mistakes are made part of a permanent record by the information sphere that we live in, when 20 year old traffic tickets show up in the reports that would-be employers ask to be prepared about candidates, we might find that the answer is actually to just cope with these mistakes, and to accept that to be human means to err.

October 20, 2007 Breaking and Securing Web Applications

At, the best talk so far is Nitesh Dhanjani's talk Breaking and Securing Web applications.

Random notes below the fold.

Continue reading " Breaking and Securing Web Applications" » MITMing a room full of security people

In Pwned @, Didier Stevens has a nice screenshot of what a lot of people saw at the conference yesterday. Not trusting the crowd in the room, I had configured my Web browser to go through an SSH tunnel elsewhere, so the software that was affected for me was fetchmail -- which I had fortunately configured paranoid enough that it noticed the wacky certificate that was "shown" by my personal server on port 995, pop3-s, and simply died with a nice error message.

So, what happened? As I said in a spontaneous lightning talk after that session, my diagnosis was that somebody was running a man-in-the-middle attack on a room full of security people. The tool they were using rewrote the TLS certificates that were shown by servers, but tried to keep the human-readable information in the certificate intact. (As Benny K notes in a comment, "the certificate seemed fine".)

The tool used was most likely ettercap.

Incidentally, I don't mind that this prank was played on all of us. Attending a hacking conference means you're fair game to some extent -- there will be packet sniffing, and there will be active attacks. As long as no lasting damage is caused, and as long as the attacks don't interfere with the conference talks, that's fine. What I found disappointing, though, is that the responsible party didn't have the stomach to give a lightning talk about the results gathered. For instance, I'd love to know how many of the (security-minded!) people in the room actually clicked past the errors that their browsers and mail clients showed. That would be first-class input for the Web Security Context Working Group. (Anecdotal evidence suggests that a few people got rather nervous after they heard the lightning talk...)

Now, for the details...

Continue reading " MITMing a room full of security people" »

October 21, 2007 slides

I guess a conference counts as good fun when you go there to listen and end up giving two lightning talks and a not really lightning talk. So, for the record, here we go:

The slides should be linked from the conference program sooner or later.

October 24, 2007

Shanghai taxis

My long haul travel habit began five years minus a week ago, with the ICANN meetings in Shanghai, and a visit to the Shanghai Museum. Particularly memorable from that trip, the taxis: Plexiglas barriers between drivers (in white gloves) and passengers, spotless white fabric covering the back seat, and recorded messages that would welcome you to Dazhong Taxis when entering the cab, and remind you to not forget your "receipt and belongings" when you left it. To tell the driver where you wanted to go, you'd keep a stack of little pieces of paper, with various destinations for the day written out in Chinese, prepared by the hotel front desk. Very reassuring, then, the English-language signs posted at the highway (right next to a crashed cab), reminding people to drive carefully. Overall, like many ICANN meetings, that week had a strong feeling of life in a bubble. (Lost in Translation only came out later, but, yes, that's the theme movie for these kinds of conferences.) I haven't had an opportunity to get back to China since.

In Ups and Downs, Tim Bray has a hilarious account of his first-time-in-Shanghai experience, and it's good to see that not everything has changed over the last five years. In particular, the taxis seem to be still the same. Including the white cloth that covers these ugly seat belts on the back seat...

November 24, 2007

Fedora 8 and the T43 paperweight

It's major upgrade season again. As usual, I used yum to upgrade to the next major release (8, ever so tastefully codenamed "Werewolf") of Fedora. As usual, things went mostly smoothly, with a few glitches:

  • During the upgrade process, yum stalled. After I killed it, the next iteration would fail during the "transaction check": My system had both the fc7 and fc8 versions of certain packages installed, and yum somehow was not able to figure out how to deal with the obvious conflicts between these. So I had to go through things by hand, throwing out all versions of the packages in question (rpm -e --nodeps), and then using yum to explicitly install them. That should have been automatic.
  • Of course, the UI theme has changed a bit again. Fortunately not too much.
  • My Thinkpad's hotkeys (Fn-F4 for suspend, Fn-F5 to turn bluetooth on or off) are suddenly routed through ACPI, so I had to make sure Fn-F4 is treated like a lid closure, and I had to drop in a trivial script to toggle bluetooth when Fn-F5 is detected. That, too, should just work out of the box, without me having to mess around with scripts. (Then again, being in full control of my ACPI setup also means that my machine doesn't suspend when the plug is pulled...)

Most remarkably, it appears as though the ever-flaky Suspend/Resume survived the upgrade. We'll see how reliably.

Later: The fun didn't last long. For whatever reason, the T43 decided to become a rather expensive paperweight shortly after it was all done, by not showing any useful signs of life after a reboot. I ripped out the power cord and the battery, I removed the hard drive, I removed the memory extension -- no change; I couldn't even get the startup message to display. I'm now back to my more than 4 years old R40 and Fedora Core 4 (which happened to still sit around on that machine, in an abandoned version of my home directory). Meanwhile, I'm contemplating the quality of IBM's warranty services (which I'll exercise again this Monday), and possible successors to the T43. Top candidates right now: T61, X61t (or X60t), or the black MacBook.

(I'm fortunate enough to have made a full backup of my home directory earlier today, so at least that's no reason for worries.)

November 27, 2007

Excellent (and DRM-free) news from Deutsche Grammophon

Via TechCrunch: Deutsche Grammophon will open an MP3-based online music store this week.

The store will offer 24,000 albums and box sets encoded in a delectable 320 kbps (over the more standard 128-192 kbps). Six hundred of these albums are no longer available on CDs.

That's truly excellent news, in particular if you consider that Deutsche Grammophon is a label that has many brilliant "historic" recordings in its portfolio -- some Furtwängler, anyone? It will be interesting to see what unavailable albums this Web shop will make available again, legally.

Later: The Shop indeed looks promising. Unfortunately, while Costa Rica and the Philippines are covered, customers from the smaller EU country that I live in have no chance to buy any music there. The joys of living in a smalltiny country.

December 11, 2007

Copyright takes down the "Bubble"

The Richter Scales' here comes another bubble was a fun video and an excellent mash-up -- while it lasted: What was the video's page on Youtube is now a notice that "This video is no longer available due to a copyright claim by a third party." On the Richter Scales' Blog, there are some musings about mash-ups and credit; no word about the takedown, yet.


It'll be interesting to see what happened, and what will happen next -- at 690,575 views in some 10 days, this must be the highest-profile takedown in quite a while; for a change, it's a piece of art, and a parody.

January 5, 2008

From Schengen to Berlin

High water marksMy colleagues Ivan Hermann and Richard Ishida are sharing some experiences from the "old time", when traveling into (and out of) Hungary meant crossing borders and facing guard dogs and Kalashnikovs. Hungary is now a Schengen state, which means that crossing its border toward Austria is as easy as crossing the borders between Luxembourg and Germany, or Luxembourg and France, or France and Germany -- in short, the borders that meet around the little village of Schengen that has given its name to the contract, just a few dozen kilometers south of where I now live. I often tell of the marks that remind of past floodings in nearby Sierck-les-Bains, and how they change languages, testimony to just often war ravaged this area, how often borders moved here, and how absurd they are to the people who live on them.

While I never crossed the Hungarian part of the iron curtain when it was still up, the most lasting memory of my first time in Berlin - a school trip, in the last week of August in 1989, just weeks before the DDR started collapsing - was our one-day visit to the eastern part of the city. I believe that we took the subway from somewhere in Western Berlin (not the S train from Zoo as we did last week, coming back from chestnuts and Glühwein and a look at Kurfürstendamm). I remember our passing (in 1989) through badly-lit, machine gun and camera infested, but otherwise abandoned, stations on the Eastern side (without even slowing down); finally, the train stopped at Friedrichstrasse, which I once again remember as a fairly colorless affair. What I remember of the border controls that followed are grey and somewhat claustrophobic corridors, and a distinctive sense of fear; the details have all become fuzzy. We were all glad when we finally emerged from Bahnhof Friedrichstrasse. Back then, it was known as the palace of tears: This was where Eastern and Western relatives would kiss good-bye, and where following across the border was suicidal for those from the East. (Needless to say, we were rather happy when we made it back to the West that night.)

This New Year's eve, we passed through Bahnhof Friedrichstrasse many times, by subway, S train, and walking. Going from Friedrichstrasse toward the Reichstag (and further along what's now known as the street of 17 June), we walked across what was once the deadly strip around the Berlin wall. That night, the Brandenburg gate was off limits only because there were too many people there.Berlin 1989 It's normal like that now, and it has always been like that for those who will first attend an election this year.

The accession to Schengen of Hungary and other countries that used to be on the eastern side of the iron curtain means that, soon, not having to show one's papers when one crosses a border will be normal for them, too. And that's really great.

Yet, it's important to remember that the world hasn't always been like this. That there were times when borders were insurmountable, when moving from one country into another meant risking one's life, for those who had ended up on the wrong side of that border; and that there are indeed borders in this world of which that's still true.

That's why stories like Richard's and Ivan's are so important, and why I dug out that almost 20 year old photo of the Brandenburg gate from a pile of old pictures.

January 17, 2008

Waiting for the Treo replacement

I've been a happy user of my Palm Treo 650 for quite a while, but -- let's face it -- it's starting to be old. Too bad that there doesn't seem to be a device out there that has quite the edge over that old brick that would make me buy it.

Here are the requirements that I'd like to see combined in one device, but can't seem to find combined:

  • Decent full keyboard -- anything that uses T9 and similar predictive technologies seems to deal badly with mixing languages. And yes, I type both German and English into my mobile.
  • 3G, please. I want to be able to use a single device in Europe, the US, and Japan. That's not possible with either the Treo or the iPhone.
  • GPS and maps, please. I regularly use Google Maps for the Treo; a phone with a built-in GPS receiver would be great.
  • Decent web browser -- neither Blazer nor Opera Mini really cuts it on the Teo.
  • Wi-Fi and Bluetooth, of course.
  • Third party applications.
  • Not bound to a particular carrier, and certainly not bound to a particular carrier's more expensive contracts.
  • Smaller form factor. The Treo is quite heavy; I wouldn't want the next one to be as heavy or thick.

Anybody know a device that fits the description?

February 17, 2008

Time Machine desiderata

Apart of the wireless and case problems, I'm actually a reasonably happy Mac user -- which is, indeed, somewhat surprising after 10 years of Linux on the desktop.

Among the things I like a lot with MacOS 10.5 (Leopard) is the TimeMachine backup program. It follows Kristian's law: Nobody wants backup, everybody wants restore. And the user interface for restoring data is cheesy enough to actually work. Kudos for that.

Well, almost: To be compliant with Norm's law, there need to be at least two backups, on two different hard drives. And while Time Machine is indeed totally capable of doing that, it involves manually switching backup disks, and a lengthy first pass while the "new" disk is first used. Both of these seem unnecessary -- Time Machine should be able to recognize a backup drive, and it should be able to keep track locally of where it's putting backups, and what has happened since the last one to any given medium.

The other surprising gap is a lack of encrypted backups: On the one hand there's FileVault for encrypted home directories, and ample support for mounting encrypted volumes. There's even dynamically growing encrypted volumes, and support for easily creating them hidden in the hdiutil command line tool.

I'm seriously puzzled why TimeMachine doesn't make that kind of support available automatically.

Let's hope that things will improve soon, both from the wireless perspective, and in TimeMachine.

Later: It appears as though multiple disk mode works reasonably well; in particular, the additional pass through the entire disk stopped occurring after a while. However, there's still the dance through the preferences whenever the backup disk is changed.

February 23, 2008

Enough with the Mac Blogging already...

... but before we return topics here to more productive things, let's note that Apple's support has so far been rather more impressive than IBM's: After exchanging some e-mails with their service provider here in Luxembourg and a phone call on Wednesday, spare parts (a new top case assembly, for the case crack, and a new airport card) were waiting there when I brought the laptop on Friday. They were exchanged on the spot, and I took a repaired machine home an hour later. Also, quite mundanely, the service provider is, for once, a 10 minute bus ride from Luxembourg's central station -- instead of hiding in the countryside near Belgium, and even then only acting as a glorified post office.

I'm not quite ready to declare victory, but so far, things look well.

September 1, 2008

Building an IPv6 bridgehead

For no good reason in particular, I started looking into IPv6 this week-end. The quick summary first: It works. It's not really difficult to set up. But it's not easy enough, either.

The first realization was that the Macintoshs on the network here had been hapiily chatting IPv6 among themselves while I wasn't looking; link-local addresses had configured themselves, and multicast DNS had glued things together seamlessly. Kudos to Apple for that.

Now, the first thing to try was of course telling the MacBook to open a 6to4 tunnel. That's supposedly all that's needed to connect a host to the ipv6 Internet, and it's really easy. Except, well, you need a publicly routed IPv4 address, static if you want to get routed ipv6 addresses from one of the tunnel brokers out there. Bummer.

Next thing to look at, the NAT box. It's actually in a reasonably good position to set up these things, but, alas! -- there's a plethora of firmware options out there, some without IPv6 support, some with broken IPv6 support, some with outdated documentation. The firmware that's installed doesn't support IPv6, and I wasn't in a device-bricking mood.

The solution that I went for was two-tiered: First, IPv6-enabling the server that runs this Web site. Second, setting up Debian on a spare machine here and connecting it to that server through OpenVPN.

Continue reading "Building an IPv6 bridgehead" »

September 21, 2008

iPhone 3G: I'm not buying it.

Every once in a while, I'm at risk of falling for the iPhone -- it's a really nice device after all, and from day one, the user interface had something going for it. The first generation of the device was just too expensive for my taste, and it didn't have either 3G or GPS. It was also a closed platform, but presumably, that was going away at some point, so I guess I was willing to compromise on that point.

The 3G variant pretty much looks like the phone I'd take; the price range (including the one of the subscription that I'd need to change into) works for me, and the feature set (except for the camera's resolution, but hey, it's rare that any cell phone camera leads to great photos, so that's not a big deal at all) is what I'm looking for; the UI looks like they have taken care of many of the subtleties that I heard others complain about (e.g., you can now navigate the address book by initials).

But what really keeps me away from that phone is Apple's attitude of keeping applications off the device for competing with Apple, or for having an interpreter built in, or for whatever other reason they come up with, depending on the phase of the moon.

What we're seeing in action here is an environment that's tightly controlled, and in which innovators indeed need to ask for permission from some company that thinks it's competing with them. So I'll stick to Nokia for now, where I can run applications like Joikuspot to my heart's content. (Now, if Nokia would just finally get its act together and release decent desktop software for any platform other than Windows...)

October 29, 2008

Election transparency good. Vote transparency bad.

Google is encouraging people to video their vote. That sounds like a good idea, in particular where difficulties with voting machines are to be expected.

Just one caveat: I'd rather that voters don't video who they vote for.

Classical paper ballots are a fairly sophisticated security system with many important properties, and one of them turns out to be the inability of the voter to prove their choice to a third party: If a voter can prove to a third party how they voted, then selling one's vote turns into a viable business model. That's one of the reasons why absentee voting is problematic from a big picture perspective, and why it's sometimes only permissible under exceptional circumstances. It's also why people shouldn't even be allowed to video their vote.

If you think that videoing one's vote is necessary to expose trouble with voting machines, think again, and look at the Chaos Computer Club's excellent work in Germany: They're sending volunteer observers to any computerized election that's going on, they document problems as they occur (and failures to follow business processes critical to the voting system's security), and they take their work to court where they need to.

April 18, 2009

dopplr v tripit: Use both!

I've been on dopplr for quite a while and found it fun and useful. After some raving notes on Twitter, I decided to give TripIt a spin.

Where dopplr's claim to fame is the social networking aspect, TripIt's is that it's a really nice tool to manage information: Take an itinerary (or a hotel booking confirmation), send it to TripIt, and all that important information will be extracted. You can then subscribe your calendar to it, or access your account through a relatively nifty iPhone application. No more searching for that hotel address when you arrive at an airport -- quite useful indeed, information at one's fingertips. It appears like you can also manage your entire meeting schedule during a trip through the application, though I haven't tried that.

Interestingly, TripIt's strengths don't really seem to be on the social networking side. Case in point, dopplr (like facebook) actively encourages finding friends and colleagues to share one's data with. TripIt lets its users walk their social network, and it lets them invite others by e-mail address -- but nothing in between (like a search by name).

Want to manage your flight data and hotel stays, and have a backup of all that travel information in the cloud? Go for TripIt.

Want restaurant recommendations or city guide pages that are built by the users? Better stay with Dopplr.

Fortunately, though, it's possible to combine TripIt's information management with Dopplr's social networking strengths: You can subscribe your dopplr account to the calendar feed made available by TripIt. The result: Dopplr gets the page views, TripIt does some of the grunt work till Dopplr catches up on that.

I'm having a hunch whose business model is going to survive better.

PS: I won't spend time expanding my network on tripit -- the one on dopplr is larger, I don't want to rebuild it, and it isn't too useful for the things I'll use TripIt for.

About Just Blogging

This page contains an archive of all entries posted to No Such Weblog in the Just Blogging category. They are listed from oldest to newest.

ICANN is the previous category.

Movies is the next category.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.35