Firefox 2 RC3 & Vista RC2 UAC - "launch Firefox when install finishes" runs in administrator's context

Small problem with Firefox vs. Vista's User Account Control. This is not really a bug but I still think Firefox could design around it. Firefox is probably not the only application that might have to worry about this.

So - you're running Vista as a regular, non-admin user.

You go to install Firefox. You're prompted to provide an administrator's credentials. You do.

Now the Firefox installation process is executing in the admin account's context. All good so far. Then the installation finishes, the dialog boxays "installation complete!" and presents a "Finish" button to click. But there's that little checkbox - launch Firefox. If that checkbox is checked, and you click Finish, Firefox will indeed launch and run just fine - as a process in the admin account's context. Which means that everything you do that gets stored in your Firefox user profile - or if you download files to the default location of the desktop - it is actually going into the admin account's profile, or the files are going onto the admin account's desktop - not your desktop!

So, just don't launch Firefox right away after installing it as an admin user. Just close out the installer, then launch Firefox the old-fashioned way: by clicking on its icon.

If I had the time, I'd make this a clearer explanation. If this doesn't make any sense to you, don't worry about it.

So - if Firefox wanted to design around it (really we're talking about modifying the installer, not the underlying app) maybe work out how to have the installer not launch the first run of Firefox using the admin account context but rather go back to the original user account.

Or - hey, wait, why does Firefox need admin rights to install in the first place? Shouldn't it just be able to install as a user-land app? (Or do I have Vista confused with *nix again?)

If I wasn't so lazy, I'd uninstall Firefox then try reinstalling it again without providing admin rights, just to see what would happen. Or I'd google for it.

But nah, I'm done now. Elbow and send....

Laszlo gets some

Some good news in Laszlo-land from CNET.

Laszlo lands $8 million to expand applications

Laszlo Systems on Wednesday is expected to announce that it has raised a series C round of $8 million, led by WI Harper. Altogether, it has raised over $26 million. The San Mateo, Calif.-based company, which makes tools for building interactive Web applications, said it intends to use the funding to invest in marketing, expand its partnership program, and develop Web applications.

Congrats!

Testing before updating corporate client software

How many more times do we have to read one of these "virus definition update breaks things" stories without saying to ourselves "pshew, it wasn't [our brand of AV]."

I'm increasingly wary of simply trusting vendor QA to ensure that we won't have problems caused by automated AV definition updates. And as we have more components of the system (firewall, antispyware, who knows what's next) that follow similar auto-updating, that particular problem will only become worse.

(The same issue applies with system, application, and middleware patches and updates.)

Now, what we should NOT do is stop updating virus definitions (or stop patching & updating systems, applications, and middleware). That's foolhardy: the risk of remaining unpatched against known security exploits, or unable to detect the latest viruses, or living with bugs that have already been fixed is a known Very Bad Thing.

What we need to do is make it safe to update definitions (and patch, and update) frequently.

At a minimum, we should with every definition set install it and do a full scan of a baseline machine and verify that nothing was detected as a virus. The definitions do not go out until that test is passed. (This rule may be bypassed if there is a current SIRT event that the updated defs would mitigate.)

It should be achievable to have a test suite of basic functionality for the desktop image. We already have many of the necessary pieces throughout the broader ECC group, and elsewhere in IS. Assembling them into a manual test plan (v1) is quite achievable. Automating some parts of the test plan (v2) should also be achievable - especially if we assign the task of executing the manual test plan every time there is an environment change to someone with scripting skills (or teach someone who knows how to code in general how to use a scripting tool); you can bet they'll be scripting away by the 3rd runthrough of the manual test plan. However complete automation seems improbable for v2, focus on automating the most annoying parts to execute manually, and add in any easy timesaving automation too.

In a utopic world we would be able to install the defs onto a fleet of vm's, all loaded with those applications that have sufficient business criticality to justify packaging them and setting up an automated test script, run the vm's through the script, and again stop the updates from going out to production if we get failures.

(That utopic capability would of course be used EVERY time we had a baseline change, not just for virus definitions.)

You preach it, brother Keith

Keith Olbermann speaks truth to power.

Bruce Schneier Facts is an homage to both the original Chuck Norris Facts and my favorite thinker on security.

Sample Chuck Norris facts:

• When the Boogeyman goes to sleep every night, he checks his closet for Chuck Norris.
• Chuck Norris can lead a horse to water AND make it drink.
• Outer space exists because it's afraid to be on the same planet with Chuck Norris.
• When Chuck Norris does a pushup, he isn’t lifting himself up, he’s pushing the Earth down.
• Chuck Norris' tears cure cancer. Too bad he has never cried.

Sample Bruce Schneier facts:

• When God needs a new secure certificate, he uses Bruce Schneier as the signing authority.
• Bruce Schneier once killed a man using only linear cryptanalysis.
• There is no such thing as security by obscurity, but only because there is no such thing as obscurity. Bruce Schneier can always see you.
• Bruce Schneier can decrypt your PKI message with the public key.
• Bruce Schneier's tears can burn holes through an OpenBSD firewall. Lucky for us, Bruce Schneier never cries.

The only thing we have to fear...

The Cato Institute says something I actually completely agree with.

Anyway, I've got no argument with this: "Terrorists can be defeated simply by not becoming terrified."

Here's a link to the paper (pdf).

Excerpt:

Frantz Fanon, the 20th century revolutionary, contended that “the aim of terrorism is to terrify.” If that is so, terrorists can be defeated simply by not becoming terrified — that is, anything that enhances fear effectively gives in to them.
The shock and tragedy of September 11 does demand a focused and dedicated program to confront international terrorism and to attempt to prevent a repeat.

But it seems sensible to suggest that part of this reaction should include an effort by politicians, officials, and the media to inform the public reasonably and realistically about the terrorist context instead of playing into the hands of terrorists by frightening the public.

What is needed, as one statistician suggests, is some sort of convincing, coherent, informed, and nuanced answer to a central question: “How worried should I be?” Instead, the message the nation has received so far is, as a Homeland Security official put (or caricatured) it, “Be scared; be very, very scared — but go on with your lives.” Such messages have led many people to develop what Leif Wenar of the University of Sheffield has aptly labeled “a false sense of insecurity.”

Tip o' the hat to Bruce Schneier for pointing me to the paper.

PS on the Cato Institute - Normally I sympathize with the libertarian perspective, but Cato puts a bit more faith in the ability of the free market to optimize social outcomes than I can muster. And I don't think libertarian philosophy has a good answer to the tragedy of the commons problem, either.

Why aren't businesses switching from Windows to Macs?

I posted this as a comment elsewhere, but then it seemed to disappear into the ether. Since I took 10 minutes writing it I figured I wasn't going to just let it disappear wihtout a fight - so here it is.

I’m another one of those IT guys. Want to know why my company is not switching from Windows to Mac (or Linux for that matter)?

It’s the applications.

Or as Steve Balmer says, “Developers, developers, developers, developers!”

We have over a thousand applications being used at my company.

If we wanted to switch to Mac OS X, we’d have to find Mac versions of those apps, or software with equivalent functionality, and buy the new versions, and get all our users to switch - when they were working well enough in the first place before IT came along to switch them.

We also have tons of web applications - some our own, some bought from vendors and hosted internally, and some bought/rented from vendors and hosted on their websites. Far too many of those require Active X or are otherwise coded specifically for Internet Explorer on Windows.

Saying “use Virtual PC/VMware/Parallels” doesn’t really work for us, because guess what? Then we still have a copy of Windows to pay for, patch, protect against viruses, and so on.

This isn’t because we don’t like Macs. In fact, I’m writing this on a Mac right now, and Macs have been my platform of choice since I bought a Mac SE and learned how to program on it in 1990.

This isn’t because we don’t understand Macs. In fact, for the first several years of my IT career, I had tons of extra opportunities because I am ‘cross-platform’ - I was an Apple-certified technician (and IBM, and HP, and Toshiba, and MCSE) who did hardware repair as well as Mac support & sysadmin work for various Mac-using businesses.

This isn’t because we don’t get that Macs are easier to manage than PC’s. I personally supported far more Macs & Mac users ’soup to nuts’ - from hardware, to software, to building and updating our “Mac image” - than was possible for one Windows tech to support - even with a bunch of specialized people taking care of the necessary infrastructure on the Windows side that I ran myself on the Mac side.

I’ve heard from colleagues at other companies who also found it much cheaper to support Macs and who know they can provide better support to more people with less $$ for tools and fewer technicians. That’s not really up for debate, in my opinion.

But with all our business apps on Windows, how can we switch? How does that help our company make more money?

It doesn’t. And that’s why businesses aren’t switching to Macs.

Could this change?

Sure.

Green-field companies can now choose to use only software that doesn’t lock them to one particular OS/browser platform; there are now choices out there that weren’t there when most of today’s businesses started making their software decisions.

Some forward-looking businesses are keeping this in mind when selecting new software, and thinking that maybe a decade from now all those “only runs on Windows/IE” apps will finally be retired. (This is why Microsoft is pushing developers so hard to write “Smart Clients” that require the Windows-only .NET Framework. “Developers, developers, developers!”)

And it’s not just me in my IS department who feels this way. TONS of IT people - some long time Mac users, but a surprising number of newcomers - are running Macs at home. And liking it! And I think most of them would agree with everything I’ve written here.

But we’ve got all these Win/IE applications that people at our business need to run….so on Windows we will stay.

Sigh.

TiVo Series 3: coming soon, really

Could it be? TiVo HD in reality? I'll be ordering one as soon as they ship, as long as my cable company will let me use it with a CableCARD.

From Ars Technica:

7/19/2006 3:16:43 PM, by Ken Fisher
The much-anticipated TiVo Series 3 is one step closer towards making it out before the close of this year, as an FCC filing (PDF) reveals that the unit is already being tested in select markets, and that the CableCARD certification process is complete. The company is aiming for a release later this year, but pricing has not yet been announced. Based on the cost of the DirecTV HD TiVo, we estimate a launch price of at least US$600.
[...]
The Series3 marks the first truly significant hardware release from TiVo in years, as it combines the convenience of dual tuners (in practice) with the capability of recording HD (previously, only DirecTV customers could use a dual-tuner HD TiVo). To do this, the unit uses not one but two CableCARDs, although it can be configured to use only one card (with diminished capabilities as a result).

Izzy's first YouTube

Click to play....

Sorry, It Is America's Birthday

Late the other night, Zeb was still awake in his bedroom. He started singing a song to himself. We recorded it over the monitor.

(We won't be hurt if you don't listen to the whole 5 minutes of it.)

Go here to download it.

CT League of Women Voters advocates for Net Neutrality

Yay for CT LWV!

(And thanks to Bruce Schneier for the link.)

Mac OS X 10.4.7 feature: right-click with the trackpad

That last checkbox is a great new feature in OS X 10.4.7. Not sure what models get this feature; it certainly works (and pleases me) on my MacBook Pro. Having immediate access to right-click without needing to use a modifier key (eg, ctrl) is really, really nice.

Technological Freedom enables Political Freedom

Obvious, right?

Well, it's the key thing you have to keep in mind when you're thinking "Does this Net Neutrality or software patent nonsense really matter? Should I call my elected representatives about this?"

Yes, it does really matter. Yes, you really should pick up the phone.

And when you call, tell them it's not about access to free movies and free music. It's about access to free ideas. And free speech. It is literally about open access to a public forum where anyone who lives in technological freedom can speak freely, and the marketplace of ideas can flourish. You know, that whole democracy and liberty thing that is the real core of what is great about America. And it's that intellectual openness that has been the source of some of the best of the entire human experience.

So - go ahead. Call your elected representatives, and let them know that on Independence Day, we are counting on them to preserve our independence now. Starting with ensuing the freedom of the technology that's the plumbing that's created the greatest arena for freedom of ideas in the history of mankind.

You can do it, you just have to call.

Platform Wars: OpenLaszlo Project Blog

If this prediction comes true, that'll be good news for Ben!

Here's a prediction : the two most important GUI standards in the next two years will be the Flash virtual machine and DHTML + Javascript + SVG.
OpenLaszlo is probably set to become the first major tool to develop for them both.

Ultra Fantasy Rhapsody

"Recently, the higher-ups at Real have rewarded me with Ultra-Fantasy Rhapsody. Not only do I get to listen to classic Led Zeppelin and Eagles material, but I also get a sneak peek at the future and am able to listen to albums that have yet to be released or even created. While I'm not permitted to play any snippets for you, I can offer a few reviews so at least you know what to expect."

(Via Pop-Ed | The Rhapsody Editorial Music Blog.)

What’s best for Office 2007: Virtual XP or real Vista?

You know what? Office 2007 is more usable on my MacBook Pro under Windows XP via Parallels Desktop than it is on my Vista Beta 2 test machine with Aero Glass on.

	MacBook (VM environment for XP)	Vista machine
CPU	Intel Core Duo 1.83ghz	Athlon XP 2600+
RAM	1.5 gb (512mb)	1.5gb
Video	ATI X1600?	Nvidia FX5500 64mb

What’s it mean? Well, maybe instead of buying a new PC for your next computer, you should get an Intel-based Mac and just run Windows XP on it. Just a thought.

x

Posting from Word 2007

This is a test blog post from Word 2007 beta 2, which I initially heard about from Joe Friend’s blog. I have Office 2007 beta 2 installed on my MacBook Pro running Windows XP in Parallels Desktop.

He's strong, really strong, man

Zeb:

I'm strong, really strong, man. You better not ask me to punch you as hard as I can. Please don't do that!

You got it Zeb.

Unless you're a bad guy!
And you better not ask me to charge you with my head first. Please don't! I'm very fast, man! You're gonna fall out of your chair and you might even wet your pants.

One long! Lace me! What have you got!

Ryan tells a great Clara story, and ends up visiting KEXP and showing up on their blog.

Dan's favorite Mac OS X apps & utilities

So I recently mentioned two great Mac OS X DVD ripping and encoding apps. I realize there are several other applications and utilities which I immediately install on any Mac I use. Some I've talked about before. Here's the whole list with sporadic commentary. I'll turn these into URLs when I'm not feeling so lazy but you can jfgi using their names and "Mac OS X" in the meantime.

Or use versiontracker. The comments are useful if you ignore the trolls and patheticly uninformed comments.

HandBrake and ffmpegX - see that previous post.

Dasher Daemon - menubar geek system monitor; network bandwidth usage monitor, cpu, disk activity, memory usage, etc.

NetNewsWire Pro. Awesome Mac RSS newsreader. It:

• has just about every feature I could want in a newsreader
• it's architecture is excellent in terms of allowing you to choose what other apps you want to have it call for performing related functions
• it integrates with NewsGator, so I can stay synchronized across:

1. my Macs
2. Windows machines at home and at work
3. my RAZR cell phone
4. whatever Microsoft SmartPhone I end up getting for work so I can start trying it out with our Exchange 2003 upgrade.
5. and whatever other machines I happen to use that aren't one of the above, as long as it has a web browser
   

Speaking of the web and cell phone - I use Opera Mini on my RAZR. Go get Opera Mini right now if you have a cell phone with web access. I guarantee Mini is better than the browser that came on your cell phone.

Bittorrent. Great for getting those iso's.

Firefox of course. Have I blogged about the Firefox extensions I use? These aren't necessarily the very best in the world, but they're the ones I use. Firefox extensions:

1. Sessionsaver
2. Del.icio.us
3. TabColor
4. Logmein.com

iLove iLife but iJust don't iUse iMovie or iDVD or iWeb or iGarageBand that much. iWish iHad more iTime to iDo iThat. Of course iDo iUse iPhoto and iTunes aTon.

Activity Monitor. It's in your Utilities folder and I run it as a startup (login) item.

Google Earth rocks. Everyone who has a computer and is interested in looking at the planet they live on should have it. Very happy there's finally a Mac version. Thanks!

Broken customer service / software systems

Joel on Software:

"One of the hallmarks of a broken system is when there's just no possible way that the programmer who is writing code that talks to customers can ever get feedback from those customers about bugs, because the call center is outsourced to a different company than the software development project is outsourced to. Everyone is trying their hardest to do their job but management has set it up so that it's impossible."

True dat, Joel!

Glad to see they finally fixed THAT in Vista...

Uh, maybe it's not fixed yet.

"We have armies of people whose only job is to handle exceptions..."

Collaboration Consultant [Mike Jones, London] writes:

"I remember a colleague in and consultancy group that I used to work for telling me some enormous percentage of calls to call centres (or is the correct phrase “contact centres” now) are because something has gone wrong. However, they rarely are logged as “complaints” they are just handled. We have armies of people whose only job is to deal with exceptions that if they were captured in a coherent manner could probably be dealt with to stop everyone else suffering the same fate. Of course if you product or company is so dire that it can’t change in response to issues you might as well just give up now!"

Ouch!

Of course this explains why the service desk is no good at providing useful data about the exceptions they encounter - if we were able to identify and fix the exceptions, they would not have anything to do, so we'd pay them less $$$. Yet another reason why outsourcing your support organization can be a non-optimized solution.

Forthcoming: more value creation exercises - (practical thingamy example #2)

Value here - just like the last example - should be an approximate combination of:
- Technology knowledge.
- Client knowledge.
- Constraints knowledge (culture, laws, regulations).
- Practical solutions knowledge.
- Easy matching of the above.
- Seamless execution."

Yeah.

My Guitar Hero 2 wishlist

So the first songs for Guitar Hero 2 are starting to be announced. Here's my wishlist for others:

Stone in Love - Journey
Always With Me, Always With You - Joe Satriani
Back in Black - AC/DC
Owner of a Lonely Heart - Yes
Play Guitar - John Mellencamp
Are You Gonna Go My Way - Lenny Kravitz
Every Day is a Winding Road - Sheryl Crow
Free Fallin' - Tom Petty & The Heartbreakers
Healing Bones - Jules Shear
Walk on the Wild Side - Lou Reed (the bassline, of course)
Where the Streets Have No Name - U2
Gun - Uncle Tupelo

As a bonus, here's the lyrics to Play Guitar.

Z Rocket 4

The Z rocket 4 has twice as much power as the Z rocket 3, the Z rocket 2, and the the Z rocket 1 has. It can do all the things those Z rockets do but it is the fastest Z rocket ever designed by Zebediah Scott Becker aged four and a half.

Z Rocket 3

Another guest post dictated by Zeb:

It has 42 million thousand million bazillion trillion million billion trillion billion million trillian million trillian hundred I mean hundred hundred forty-two twenty and twenty-four more times than Z Rocket 2 does and Z Rocket 1 does (both together). And it has all the stuff that Z Rocket 1 and Z Rocket 2 does but it has more power than any of the rockets ever designed by Zebediah Scott Becker age four and a half.

Z-Rocket, Mark II

More guest blogging from Zeb:

This is liike a regular z rocket but it has a few changes.

it has 6600, million thousand more times power than the regular z rocket does. and it also has windshield wipers. And it has a kind of material ceramic engine booster rockets that won't get affected forever when that type of z rocket wins a race against teh z rocket because um that z rocket has twice that much power. The other type of z rocket against the z rocket. That sure is a lot of power, papa!

Designed by Zebediah Scott Becker, 4 1/2 years old.

(He dictated the whole thing, including the sign-off line.)

Cloud Cult

I was just listening to "6 Days". Yummy! (Several tracks, including that one, are available for free download on their website.)

Zeb's Z-Rocket idea for exploring the universe

Guest blog entry on rocket design for space exploration, as dictated by Zeb:

There are 4062 engines that are this big (spreads hands wide) and there are big glass tubes where you go to sleep until the journey's over and you also get freezed. And you're going to go into hypersleep until the journey's over. And since it's so powerful it can explore other universes and it looks like a yellow base and a red middle and a nasa sign and a Z on the other side and a yellow top. And there's a a cannon in case the aliens are mean and its also magnetic [the cannon] and it can sort of clip onto the gravity. [q: what do you do when you clip onto gravity?] then it pulls you through onto land and the astronauts can explore the planet. This rocket's so fast it can get to a different solar system. It can shoot past Pluto in just sixty minutes and one second.

And now say "By the person Zeb aged 4 almost 4 and a half"

And now I'm ready for you to put my idea on the Internet and send a copy to NASA.

Ok?

Ok.

Bringing "Web 2.0" Concepts to the "Enterprise"

Good stuff here. Why is it easier for me to blog personally to the whole internet than to have a blog about my job to share with the people I work with?

Jeremy Smith's blog: What I Read Over the Weekend: Bringing "Web 2.0" Concepts to the "Enterprise"

Well, the Internet was a-buzzin' with articles, comments, and opinions on bringing 'Web 2.0' concepts 'inside the firewall' i.e. using them in the 'Enterprise' with emphasis on how it all relates to Knowledge Management Tools/Systems.

HandBrake and ffmpegX are essential Mac OS X DVD & video file tools

HandBrake is all you need to take a movie on DVD and rip it to your OS X Mac, just like you use iTunes to rip a music CD.

I repeat, HandBrake is all you need to take a movie that's on DVD and rip it to your OS X Mac, just like you use iTunes to rip a music CD.

If and only if you need to convert some other random video format (Xvid or some random .avi files for instance) to something your Mac can play, then ffmpegX is what you need. Rather geeky interface but if you just select from the presets menu, things will be easy as 1-2-3.

The ffmpegX installation is a 3-parter, you have to download - from provided URLs - some zip files (open-source conversion source libraries) and then point the installer to the files you downloaded. Just read the install screen and you'll be fine.

You can also trivially use these applications to get your video, whether downloaded or ripped from DVD, into a format suitable for use with a Sony PSP (my portable entertainment center of choice at the moment) or a video-capable iPod, or the like. The documentation/howto links on their respective sites do a good job explaining what to do. And it is easy, really.

Documentation links:
The quickest handbrake walkthrough you could want.

Other HandBrake documentation for more specific topics.

Extensive collection of ffmpegX howtos - anything you want to do with ffmpegX, there's a howto document for it.

Enjoy...

What if Joss Whedon wrote Peanuts?

Secret Agent on Soma FM

Two of my favorite internet radio stations for background listening are on SomaFM: Secret Agent and Indie Pop Rocks. (I should really try out some of their other stations.)

Most often I listen to them on my living room stereo via my Roku early in the morning when the kids are up playing at the crack of dawn - or earlier - and I'm sipping on a cup of coffee.

Will the MacBook Pro support Aero Glass?

Ok, the new Intel CPU Mac laptops have been announced. I'll be buying one.

Digression: the name "MacBook" is terrible! Why kill the PowerBook brand? The only laptop brand with comparable strength is the ThinkPad, and Lenovo just paid a gazillion dollars to buy that name from IBM. Meanwhile Apple tosses "PowerBook" in the trash. Duh.

It's generally accepted that it will be possible to install Vista and other x86 OS's on MacBooks, though driver support will be a question. I'm sure the mac-o-verse will find a way to make them work eventually.

My question: assuming drivers can be found, does the MacBook's hardware
support Aero Glass? The MacBook has an ATI Mobility Radeon X1600. (The slower MacBook has 128MB of GDDR3 SDRAM; the faster one has 256mb.)

ATI's provisional "Vista-ready" list of chipsets says "Mobility™ Radeon® X300 Series or higher" supports LDDM. But the x1600 is not listed in the full list. Is x1600 "higher" than x300?

And if it is, would that support Aero Glass, or just Aero? Generally people say that no existing mobile chipsets would support Aero Glass.

While I'm on the topic - here's the link to Microsoft's hardware guidance for Vista.

Maryamie: In Defense of Geeks or Ten Reasons Why You Should Date a Geek

"So ladies, here are ten best things about being married to a geek."

The Several Habits of Wildly Successful del.icio.us Users » Slacker Manager

If you use del.icio.us (and if not, why don't you?) then you'll want to check this out. Good tips for newbies and power users alike.