inside out

Nat‘s right, the TCPA’s agenda sucks. I wonder if his position as an executive at a company that holds membership in the TCPA will let him do some good. That would be pretty awesome.

swinging both ways

Havoc posts some interesting thoughts about dependency evolution in Linux distributions, but I think he misrepresents the state of Mozilla installation:

The big previously-proprietary apps such as OpenOffice.org and Mozilla have a very different attitude and tend to assume end users will install the app themselves. Which is both true and untrue on Linux; some will try the app themselves, and some will get it with their distribution.

Mozilla (and Firefox and Thunderbird, even in their pre-1.0 states) will work just fine if you just untar it in your home directory to test a new version, and it’ll work just fine if you have your admin install an RPM of it. We even now support adding most kinds of extensions and browser plugins on either a per-user or system-wide basis, if you find — as many do — that you want to add something beyond what’s in the usual packages.

Installing a new version of GNOME to test it is much, much harder — or to develop against it, should you want to listen to people crying for better GNOME integration in your multi-million-user desktop app, just to pick an example at random. Harder than I can often manage, and I have a bit of a reputation in these parts for knowing my way around software.

I guess that’s

correct for a desktop platform

though. *wink*

In almost-unrelated news, bryner is waging a hero’s battle against broken GTK theming implementations (in both themes and the GTK core, as I understand it) to deliver pixel-perfect native control rendering for GTK in upcoming Firefox releases. In your honour, my good man, I raise a glass.

(I’ll leave the “previously-proprietary” comment, mostly, but there is virtually nothing about the Mozilla build or install system that’s left over from its life as a closed-source app, so I’m not sure how he intends that to relate to this issue.)

not so fast

ITNews and MacDailyNews seem quite enthused about the prospects opened up by Apple shipping the Safari WebKit as part of iTunes on Windows. Just one problem: it’s not true.

As Hyatt comments in the MacDailyNews, iTunes just ships QuickTime, and there’s no WebKit in it at all. Nice thought, though!

(Also, Safari, while nice, is definitely not the most standards-compliant browser out there. If it’s not Mozilla, it’s Opera.)

connecting (housekeeping)

There’s a kind gentleman here right now setting me up with one of his spare TiVos, along with a small pile of software so that I can pretend to be the TiVo guide service, and use the zap2it channel data as my back-end. It’s been an adventure, but it’ll be all worth it

Especially tomorrow, when I have an ultimate game that will bump into Game 5. Sweet, sweet buffer.

a knife at a tank battle

Seth Nickell‘s a decent guy, and I think his insights on the design process are often deserving of careful consideration.

But when it comes to analysis of patent risks for various technologies, he is very much out of his league.

I have lots of thoughts about the Mono patent issue, and I will share them here in more detail once I finish up with my responsibilities for this week. I think that Nat highlights the most common failing of critical thinking in this debate, though: there is no “safe” choice, and I have not heard any compelling arguments to make me believe that any of the proposed alternatives are any safer. Certainly, the oft-trumpted Java — into which Red Hat is piling quite a bit of money — is not free of patent concerns, and the key patent issues in the next 5 years are going to be application-level ones, IMO.

I am not, of course, speaking for Oracle or the Mozilla Foundation. I mean, honestly now.

it glows like beauty, on my desk

The monitor that I coveted so has arrived, on the wings of my own personal cross-border monitor angel. It is, truly, a thing of beauty. Even Tyla thinks so.

The ZDNet review review — you will have to scroll down past the acre of ad-garbage, likely — claims that it has “mediocre image quality”, in which case I don’t think I’m emotionally equipped to deal with superior image quality.

(I just caught myself admiring the brightness and rich colours in a banner ad. I’m so damaged.)

Update: *swoon*

moire-coloured glasses

The monitor at home is starting to make these periodic colour-and-brightness shifts that lead me to believe that it’s on its way out. I’d like to buy one of these little babiesZach, Phil and the boys at AnandTech really like theirs — but Tyla says I have to find a new job before I can do that.

She’s no fun at all.

calling all cars

If someone out there can tell me how to display JS errors in Konqueror, preferably the version that comes with Fedora Core 1[1], I would appreciate it. Otherwise, I think I have to buy a Mac, or something.

Other than that, though, I’m getting quite a bit done with the web management tool, and for a web UI I think it’s really quite pleasant to use. And with the schedule I’m on for this thing, I will totally settle for being the tallest pygmy. Even “gd”:http://www.boutell.com/gd/’s little problem switching line colours with antialiasing turned on — or so the problem seems to be, to me — can’t get me down.

fn1. @kdebase-3.1.4-6@

chain of causality

I’ve learned some more about the events that led to the “impromptu system reinstall”:http://off.net/~shaver/diary/archives/001820.html, and they’re not entirely amusing, or entirely surprising. Let me lay out a scenario for you.

Let us define E and N as two computer systems, not equal to bitchcake ([B]).

E was compromised, and a “trojan ssh”:http://www.emsi.it.pl/ssh/ was installed on their system. Via one or more users shared between E and N, N was eventually compromised. (I suspect, though have no evidence to support, that one of the recent flurry of “privilege”:http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt “escalation”:http://isec.pl/vulnerabilities/isec-0013-mremap.txt bugs in the Linux kernel let the intruder up the ante on E, N and eventually B.)

N and B also share at least one (likely precisely one) user, and it’s not at all unlikely that this was the vector through which B (and, transitively, one additional machine) was compromised.

This wouldn’t be all that bad, as These Things Do Happen, and I could have certainly done a better job of keeping B‘s update, well, up-to-date, but it turns out that E‘s administrators knew quite some time before the N {->} B attack that they had this problem, and didn’t bother to tell people. A-frigging-hem. Given that the N {->} B user is conscientious about such things to a fault, and generally the sort of responsible user that every system administrator would like to clone throughout his or her @shadow@ file, it seems not unlikely that we’d have at least discovered the intrusion on B earlier, and quite possibly avoided it in the first place. Alas.

B is pretty sad about the whole thing, apparently, because it just killed another drive in its angst:

@hdc: dma_intr: error=0×40 { UncorrectableError }, LBAsect=120582, high=0, low=120582, sector=120582@

Yay! More drive shopping!

(Further: the “User In Question”:http://neon.polkaroo.net/~mhoye/blarg/ should not be “beating himself up”:http://neon.polkaroo.net/~mhoye/blarg/archives/001863.html about this at all. Stop it right now.)

utility infielding

I’ve been hard, hard at work on the Lustre Management Tools again for the last few weeks, and it’s really been a pretty interesting experience. More than most of my other software work, these tools really do cover a pretty tremendous range of software domains, and it’s been a lot of fun pulling them all together. (more…)

« previous pagenext page »