Thursday, December 25, 2008

What have you tried?

Matt Gemmell rants:
If you’re a developer and you’re about to ask another developer a technical question (on a forum, via email, on a chat channel, or in person), you’d better be ready to answer the question “What have you tried?”

[...]

This isn’t some trick of software engineering; this is the entire process of learning how to do anything at all.

It’s not a secret handed out at institutions of higher education, it’s just how things work: you begin with a lack of understanding about a topic, and a need to solve a problem in that topic area. The honest, sustainable means to doing so is to improve your understanding. This is achieved by:

1. Formulating a question which, when correctly answered, will improve your understanding in some way; then:
2. Attempting to answer it.

Note the second step above.
Yes. PLEASE note the second step. If you can't or won't do that, it's not worth talking to you.

This is a great essay, and like http://justfuckinggoogleit.com it has a self-explantory URL shortcut: http://whathaveyoutried.com/

Wednesday, December 24, 2008

It's an Ultra-Lounge Christmas

Click to groove on an Ultra-Lounge Christmas Playlist on Rhapsody.

Sunday, November 30, 2008

The (Mostly) True Story of Helvetica and the New York City Subway

The (Mostly) True Story of Helvetica and the New York City Subway: Voice: AIGA Journal of Design: Writing: AIGA
To answer those questions this essay explores several important histories: of the New York City subway system, transportation signage in the 1960s, Unimark International and, of course, Helvetica. These four strands are woven together, over nine pages, to tell a story that ultimately transcends the simple issue of Helvetica and the subway.
I'm really enjoying this (long!) story. It's a great web essay, very good use of the medium. Lots of detail photo examples and tons of links to explore. Excellent writing, too. And of course, it resonates with my background in design, typography, layout, printing and publishing.

What's that? You don't know about my publishing experience?

Excellent - that serves as a more than sufficient excuse to post autobiographical detail that no one was particularly asking about! That's the whole point of a blog, n'est-ce pas?

I worked several summers at my uncle Jon's educational software & publishing company. Some of the things I spent hot summer days doing included:
  • learning PageMaker and QuarkXPress from Steve
  • seeing how Joe operated the printing presses (yes, kids - real printing presses! with ink! and rollers!)
  • learning PC networking - VINES irrc, then AppleTalk - ("See, Dan, this computer is called a SERVER") from Sharon
  • learning how to use the other finishing machinery like the folding machine, paper trimmer (aka hydraulic guillotine - massive slicing power!) etc.
  • becoming a master of manual booklet layout and pagination. (Quick, there's 17 pages of main material, plus a 2 page index, a 1 page table of contents, and a title page. Which two pages from the main material face each other in the center of the 2-up, doublesided booklet? Aren't you glad computers do that for you now?)
  • owning the Xerox machine's control panel (I actually knew what every single option did and how to use each correctly the first time)
  • picking and boxing books for orders (mostly for school libraries and reading classes - 32 copies of Huck Finn. 3 of Red Badge of Courage. 17 of Pride and Prejudice.)
  • using the powered forklift to load the pallets of books we'd wrapped onto the truck. (This forklift/loading dock experience served me well at Future Shop - I always got out of detailing shelves because I'd be on 'truck duty'. As any 6-year-old will tell you, operating the forklift is a lot more fun than putting things away on shelves or hangers.)
  • Listening to some of my uncle's incredibly extensive and high quality jazz CD collection - with occasional commentary from Steve, himself a jazz trumpeter
Once I got to college, after spending some time with the folks from the college paper (This was during the great USENET alt.* ban, which I'll tell you about some other time) I got involved, first as a reporter covering the mundane stuff like student government meetings. Later I became layout editor -- following in the footsteps of someone who ended up being a major force in modern typography: Chank Diesel (website, blogs, fonts, free fonts)

Yes, he did the Taco Bell font! (It's really called Mister Frisky.)

My designs skills were, suffice to say, not even remotely in the same league.



However, I did have some Desktop Publishing skillz. At the time, they'd been using WordPerfect (the DOS version) to print text in columns, and separately print headlines, and then cut them all out and literally paste them up along with the photos. Those boards would be sent off to the printer, who'd do all the production and printing. I spec'd out a new lab full of fresh Macs (ooh, Quadras!) laser printers and even digital cameras. We moved to a computer-based workflow using DTP software and started producing full page printouts in-house. We still used plenty of Xactos, metal rulers and 3M Spray Mount.



Regardless of the tools used, there was always the craft of getting not just the font selection but even the kerning and leading just right. As a decided non-master, I studied it quite a bit. To this day I remain very appreciative of excellent typography.

I don't live in the future, but I like to visit

From yet another story about outsourcing comes this great quote from James Macpherson:

It’s not easy being a visionary, he said: “I have essentially been five years ahead of the world for a long time, and that’s a horrible address at which to live because people look at you, you know, like you’re nuts.”


Here's the source for the quote.

Monday, November 10, 2008

Feature Request for Windows: Paste as Plain Text

Dear Microsoft: please incorporate, as part of Windows core Copy/Paste function, Paste as Plain Text.

Basically, please blatantly copy Steve Miller's PureText, and give the man some props.

Thank you.

That is all.

Sunday, November 09, 2008

Tables Turn

iTunes played this Decibully song for me last night as I was walking to meet Mike and Dori at Barking Dog.

(Listen to Tables Turn on Last.fm or on Rhapsody)

It was still stuck in my head after I got back home, so I went looking for chords or tab since I really like the chord progression and guitar parts. Ended up spending an hour or so last night fumbling towards it.

All I did find online was lyrics, but all the ones I found were garbled, so here they are transcribed correctly, apparently for the first time. (It takes us monkeys a while to get things right, but we get round to it eventually.)

you packed your life up into boxes
and what didn't fit
you carried
and the heavy things, you left

the city loves you it gives you oxygen
and a little space
to be filled
with all the heavy things you make

CHORUS
i'm not wasting
loose change
‘cause i'm changing
falls without wings
i'm not waiting
on tables to turn
‘cause i'm turning
forgive me for all things

the mirror kisses like you once did
at first it's cold
but delicate
then it reflects much more

my focus now is on the closest things
since my glasses broke
someone else should drive
or i might not leave at all

CHORUS

BRIDGE

CHORUS

i'm not disapproving
if you got something to prove
well then prove it

we've got something
nothing else matters now does it
forgive me for all things

Friday, October 31, 2008

TLA's FTW!

RUP SRS SDS UML. POL STD SOP.

XML RSS RPC.

TCP UDP. IBM ISI.

DOC XLS PPT.

TLA's FTW!

LOL L8R

Friday, October 17, 2008

Specifications are hard; seeing things that are not quite right is easy

I've been thinking a lot about client environments as a system integration problem lately. So I'm reading Fowler on Continuous Integration, prompted in no small part by a bookmark from Ben.

There's a ton of great stuff to think about in this article, and this quote isn't the main point by any means - it's an aside, really - but it's SO TRUE! "We've found that it's very hard to specify what you want in advance
and be correct; people find it much easier to see something that's not
quite right and say how it needs to be changed.
"

And here's the thing in context - surrounded by lots of other truth.
One of the most difficult parts of software development is making sure that you build the right software. We've found that it's very hard to specify what you want in advance and be correct; people find it much easier to see something that's not quite right and say how it needs to be changed. Agile development processes explicitly expect and take advantage of this part of human behavior.

To help make this work, anyone involved with a software project should be able to get the latest executable and be able to run it: for demonstrations, exploratory testing, or just to see what changed this week.

Doing this is pretty straightforward: make sure there's a well known place where people can find the latest executable. It may be useful to put several executables in such a store. For the very latest you should put the latest executable to pass the commit tests - such an executable should be pretty stable providing the commit suite is reasonably strong.

If you are following a process with well defined iterations, it's usually wise to also put the end of iteration builds there too. Demonstrations, in particular, need software whose features are familiar, so then it's usually worth sacrificing the very latest for something that the demonstrator knows how to operate.

Wednesday, October 15, 2008

Experiment and Logic: GOOD; Authority, Intimidation, Self-Interest: BAD

Stumbled across Robert Anton Wilson's website, and found this gem:

I believe that everything admirable in the modern world results form the use of Argument by Experiment together with Argument by Logic (without making an Idol of either), whereas everything heinous and terrible results from the persistence of the older habits of Arguments by Authority, Intimidation, Self-Interest and Legal Precedent, or the various forms of calling the other side sons of bitches.

RAW co-wrote the Illuminatus! trilogy.

Before I give you the link to the page that holds that quote, let me point out that it contains an excerpt from RAW's Wilhelm Reich on Trial in Hell which is quite accurately titled, and co-stars the Marquis de Sade. You've been warned.

Fnord

Monday, October 06, 2008

Lord, I'm Discouraged

No, I'm not discouraged. I'm actually happy! Happy about this news, at least: The Hold Steady's magnificent classic rock lament/homage "Lord I'm Discouraged" is available on Rhapsody now! (It wasn't the last time I raved about how good it is.)

Go listen.

(Or if you'd rather YouTube than Rhapsody, I gotcha covered there too.)

That guitar solo completely channels rock. 

As always, the lyrics kill.

And the chorus builds to a crescendo, and the piano, it sounds like a carnival, and the microphone smells like a beer....

Go listen now. These are the disciples of St. Joe Strummer

Tuesday, September 30, 2008

Fix The World: The Power of Goals

Goals: it's been said before, but it bears repeating.

Setting goals - defining exactly what it is that you want to accomplish - is a tremendously powerful tool for getting the job done.

You can get away with a tacit goal-setting excercise in your subconscious when it's just you doing something, but in my experience I've found it's absolutely critical when you need many people to cooperate in the work to make an explicit statement of where you want to end up.

Bill Gates spoke to the UN General Assembly about progress on the Millennium Development Goals a few days ago. I heard some of it on the radio, and just watched his entire talk (only a few minutes long, I recommend it).

Here's a few key excerpts:

It is crucial to evaluate our performance in both areas, but I also think it’s important at this point to evaluate the goals themselves as a force for change. So here’s my evaluation: I love the Millennium Development Goals. I think they the best idea for focusing the world on fighting global poverty that I’ve ever seen. With all the mountains of measures and studies and reports in the world—these Millennium Development Goals have broken through and grabbed broad attention.

Thanks to these goals, not only UN agencies but the world at large knows the key measures of poverty, hunger, health, and education. Some of the numbers are good and some are not. But the fact that the world is focusing on the numbers is excellent.

It means people see where things are going well, and understand how we can spread those successes. They see where we’re falling short, and they see the need to apply more effort and do things differently.

[...]

There is more power in these goals than we ever imagined. Now that we’ve seen it, we want to work with you to intensify it – and push the day when all people, no matter where they’re born, can live a life filled with health and opportunity.


Yes! Define goals! THEN work to achieve them! Like Bill Gates, I've had the experience of being surprised by just how well this works, and how the benefits of goal-setting are far broader than might be expected.

Monday, September 22, 2008

Because it works

Why McCain is going so negative - Jonathan Martin - Politico.com
“Every day not talking about the economy, the war and how to fix a broken system is a victory for McCain,” said John Weaver, a former top strategist to the nominee who left the campaign last year. “They’re going to ride it as long as they can and as long as the mainstream media puts up every ridiculous charge.”

The negative and often exaggerated or misleading claims being made about Obama and Delaware Sen. Joe Biden, especially those playing on Palin’s gender, are just too irresistible for the process-consumed online and cable news media that now drives the campaign conversation, Weaver said.

“Unless there is a hurricane, they’re going to cover it,” he observed.

Talking Stocks: "


Over the years I have written about the stock market several times. I thought given the up and downs of the market, now would be a good time to replay some of those posts


(Via Blog Maverick.)



I like what Mark Cuban has to say about stock markets, and his belief that stock prices are much more about buzz than about any underlying financial reality.

I'm not saying I agree completely, but I do like including that way of looking at stock markets.

Monday, September 08, 2008

Today's links and ideas: "I've been impressed with how thoughtful and competent Obama is. That's why he's got my support. I also think our country is up shit's creek unless we can upgrade our economy, and to do so we need health and education, and that means public spending. It's not as if the Republicans don't believe in public spending, they do -- they just waste the money on destroying communities overseas. I want us to borrow to build strength here at home. I don't see it as a liberal vs conservative thing, rather a smart vs dumb thing. "



(Via Scripting News.)

Everything that Happens Will Happen Today

David Byrne and Brian Eno's new album isn't available on Rhapsody yet, but that's OK because you can stream the whole thing from their website. Heck you can stream it from my website!



I'm enjoying it quite a lot.

Saturday, August 16, 2008

How to never run out of music to listen to

I finally updated my shortcuts page with links to the music sites I've been using. Now I'll surely be using them even more...

Rhapsody •  Last.fm  •  Pandora  •  Muxtape  •  HypeMachine  •  Critical Metrics  •  iLike  •  Internet Archive  •  Wolfgang's Vault  •  KEXP  •  KCRW •  Songbird  •  Paste  •  Rolling Stone •  Monitor Mix

I'm certain there are other great music sites out there I don't know about...what am I missing?

Monday, August 11, 2008

Where do I sign?

I'd put my John Hancock on this in a second. Endorsed!

Declaration4Independence - Lessig Wiki
But nothing will save Congress. Without fundamental change, the institution will remain despised and increasingly irrelevant. Power will continue to shift—as it has for the past fifty years—to the President and the Court. The core institution of the Framers’ democratic design, the institution that many of them were most proud of, will remain essentially bankrupt.

That’s a strong term. But it predicates well of Congress. If the credit of any public institution is trust and respect, then Congress is, as Websters would define it, “discredited, having forfeited all credit.” Not because of any particular decision, or failed vote. Most couldn’t name one thing Congress did or didn’t do that they object to. Not because anyone believes its Members (or most of its Members) are bribed, or evil people. To the contrary, Congress is filled with souls with an extraordinary commitment to the public. These are good, not evil, people.

Rather, Congress’s “credit” is “forfeit” because of a profoundly deep sense among most that the machine that Congress is is simply bent. Like a rigged slot machine at a casino, or a balance sheet by the Enron accounting department, the vast majority of Americans don’t believe that the answers Congress gives are the right answers for the right reasons. Most believe that they track something else entirely: not sense but dollars.

Saturday, August 09, 2008

iPhone Apps I'd like to have

Nice iPhone UI for SeAttle public library.

Wednesday, July 30, 2008

Cool Tools blog and the Golden Book of Chemistry Experiments

I love the Cool Tools blog!

This post is just one reason why. (Normally they review tools, not books, but this book is so great - I am SO happy there's a torrent of the Golden Book of Chemistry Experiments!)

Cool Tool: Best home chemistry lab book
The very best chemistry experiment book for kids is the legendary and long-out-of-print book, the Golden Book of Chemistry Experiments. Published in 1960 during the heyday of home chemistry, it was meant to accompany the millions of chemistry kits that were sold each year to typical American kids. You got real experiments with real chemicals. Not like the so-called chemistry sets today which boldly (and insanely) advertise they contain "No Chemicals!"

Among many other things, the Golden Book of Chemistry Experiments told you how to make chlorine gas from bathroom supplies, hydrogen from flashlight battery parts, and rayon from scrap paper, etc. You can see why it was not reprinted in the decades following because of concerns about safety. I used my copy, which is now worth $200 on eBay, to do all the experiments in the book when I was 12, and went on to build a chem lab in my basement. As many kids did.
chem1-sm.jpg
Golden Book of Chemistry Experiments, 1960.

You can get a decent free PDF version of the Golden Book on BitTrorrent.

Tuesday, July 29, 2008

No, I DIDN'T know that Amazon sold that







Yet somehow, my life went on.

Sunday, July 27, 2008

FCC orders Comcast to stop restricting access to the Internet

Northwest Progressive Institute Advocate: FCC orders Comcast to stop restricting access to the Internet
Yesterday, in a historic decision, the Federal Communications Commission voted 3-2 to order Comcast to stop restricting its customers' access to the Internet, quit blocking BitTorrent traffic, and require public disclosure of its network management practices. Commissioners Jonathan Adelstein, Michael Copps, and Chairman Kevin Martin voted in favor of finding Comcast in violation of FCC rules.

A little surprised to find myself saying it, but, um, yay FCC? Ahem. Yay FCC!

The Hold Steady!

Just got back from seeing The Hold Steady at the Capitol Hill Block Party. Great show! The sound wasn't perfect though - I do wish I could see them at First Avenue next week!

Here's a few selected awesome The Hold Steady songs: Dan's The Hold Steady Sampler on Rhapsody

Sadly, Rhapsody does not have Lord, I'm Discouraged (or as I think of it, "Excuses, and half-truths, and fortified wine") which MUST be listened to for the guitar solo, not to mention the heartbreaker story. So here it is on Last.fm.

Part of the joy of The Hold Steady is in the lyrics. Here's an example:

Slapped Actresses
Don’t drop little hints. I don’t want them to guess.
Don’t mention Tampa, they’ll just know all the rest.
Don’t mention bloodshed, don’t tell them it hurts.
Don’t say we saw angels, they’ll take us straight to the church.
Stuck Between Stations
She was a really cool kisser and she wasn’t all that strict of a Christian.
She was a damn good dancer but she wasn’t all that great of a girlfriend.
He likes the warm feeling but he’s tired of all the dehydration.
Most nights are crystal clear but tonight it’s like he’s stuck between stations --
On the radio.
The video for Stuck Between Stations has a laugh-out-loud funny at the end.

A great turn of phrase

Whether or not you agree, you have to admit this is some cute wordsmithing:
To his supporters Obama isn't just an agent of change - he's the 007 of change!

Well done, Stefan Sirucek!

What a shocker

File this one under "coming as a surprise to absolutely no one..."
It has long been known that Fox Cable News head Roger Ailes (a former Republican Party official) and other high executives routinely sent memos to the newsrooms instructing them to spin stories in particular ways. And one always suspected that the talking points actually came over from Bush's and Cheney's offices. Now McClellan confirms it.

from Informed Comment: Fox News= W. T.V.

Friday, July 25, 2008

In case you didn't realize how Facebook is going to make money....

Dan Farber accurately quotes Om's key point:

Om Malik extrapolates from Facebook Connect that Facebook is building a money machine:



You are essentially telling Facebook's proverbial
brain what topics -- blogs or specific posts -- with which you like to
engage. In other words, you just told the system a little bit about
yourself. Now imagine such information coming from dozens of Facebook
Connect partners.


Each service adds a few more data points about you
inside the Facebook brain, which is quite aware of your activities
inside the Facebook ecosystem. The brain can then crunch all that
information and build a fairly accurate image of who you are, what you
like and what might interest you. With all that information at its
disposal, Facebook can build a fairly large cash register.


The cash register is an advertising platform, a follow on to Beacon,
that leverages the social graph and each member as a potential
marketing engine. With all the data and user permissions, ad targeting
could be more precise.

Tuesday, July 01, 2008

Universe Sandbox!

I got a chance to play with Universe Sandbox "pre-release" and it's awesome! If you're into seeing how galaxies spin, planets collide, and having other fun with gravity, check out the video.



And if you're running XP or Vista, download it! It's free!

Thursday, June 19, 2008

PopArtMachine - free image search, covers Library of Congress collection

This is neato!

"Pop Art Machine is a CGI library that collects, curates and creates works of art. Our focus is the study of digital printmaking using public image sources as inspiration. Here you will find over 1,000,000 source images and countless finished prints side by side with the methodologies used to create."

As they put it over on boing boing:

"I found the photo via Pop Art Machine, which somehow has linked into the Library of Congress image database. The image search function through Pop Art Machine (I’m not sure what it’s really supposed to be for) is often better than the LOC search page."

Monday, June 09, 2008

Post-keynote thoughts on 3G iPhone

Mind y0u, I haven't actually seen the keynote yet, just read the coverage on Engadget and MacRumors.

So Mel & I won't be going to get his & hers iPhones tomorrow. We'll have to think of something else to do on my vacation day. (The boys will both be at their respective schools.) We won't even be getting them on July 11 -- we're going to be on vacation and we fly back to Seattle on the 12th, and arrive at Seatac too late to make it to the Apple store before it closes.

A few things are sticking out in my mind:

It's late! Yeah, I know, how can it be late, no date was announced before today - but why did AT&T put a vacation blackout on their stores from mid-June to mid-July if it wasn't supposed to come out now? Until we find out for sure, I'm going to assume the goal was to get it in stores in mid-June, but the date slipped. Still I wonder - what were all those mysterious brown boxes?

No 32gb option: bummer! I had a 30gb iPod, and it wasn't big enough for me - and that wasn't even a video model! I would've gladly paid $499 for a 32gb iPhone 3G. I have an 8gb Sansa e280r now and it's really not enough room for me. (I will probably keep using the Sansa so I can get 'all I can eat' music on Rhapsody To Go, at least for checking out new stuff)

No online purchases: confusing! When I heard they wouldn't go on sale for a while I figured I'd just order online. But they're not for sale on the Apple Store yet! I don't get this one at all. Unless... umm... they don't have much supply? They want to make people go to a brick & mortar store? I wonder if people buy more accessories from Apple if they go to a store vs. online, or they are more likely to also switch from PC to Mac if they go to a store? That's only wacky conspiracy theory though. I really can't think of a valid reason for this. (Ooh, looks like it might have to do with new rules requiring in-store activation -- intended to cut down on people buying iPhones to use on different carriers.)
No videochat: bummer! This would've been sweet for me to use to say hi to Mel & the boys while on business trips.

Price cuts, 3G, GPS and 3rd party software: sweet, sweet sweet!
No update or price cut for iPod Touch: wierd! Who the heck would buy an iPod Touch when an iPhone 3g with the same capacity costs $100 LESS? Yes, it is no longer possible to buy an iPhone 3G and not activate it, but still, something is seriously wrong here. Look at the prices:
8gb iPhone 3G: $199. 8gb iPod Touch: $299
16gb iPhone 3G: $299. 16gb iPod Touch: $399
Normally I'd guess that Apple ran out of iPhone 1.0 stock before they ran out of iPod Touch 1.0 stock - but why not cut the price to move the rest of the stock? This must be seen as yet more evidence that AT&T (in the US at least) is subsidizing the cost of the iPhone 3G.

Wednesday, June 04, 2008

Neil Gaiman on bipedal animals

Neil (author/creator of a ton of wonderful things, including Sandman, Stardust, and American Gods) wrote this to go along with a picture he snapped from his kitchen window, and it made me laugh in my coffee cup.
I took this yesterday from the kitchen window. As a small child, I was convinced that all animals walked around on their hind legs when we couldn't see them, and spoke fluent English; sometimes they wore clothes and probably drove really tiny, brightly-coloured cars down hidden streets between the bushes. This raccoon did nothing to disabuse me of the idea:

Thursday, May 29, 2008

Stories vs. Statistics: "There may be comfort in numbers, but there is inspiration in story telling"

So true:
It confirmed something I have suspected. People, particularly in business, crave statistics. They need measurement. They like the confirmation of bar graphs and flow charts.

But what they remember are people's stories. People stories stay with them longer than do pie charts. People's stories inspire others to change, to innovate and to disrupt. There may be comfort in numbers, but there is inspiration in story telling.

(From Shel Israel, of Naked Conversations fame.)

Wednesday, April 23, 2008

Fix the World.

I feel so fortunate to live in a town where so many scary-smart people are trying really hard to make the world a better place. They've got lots of good ideas. They believe in what works - prove it! And they believe in the power of working together, sharing ideas and information, and realize what’s important to make sure that power can be used to help make the world a better place.

I’ve started to tag some of these people, places and things: http://del.icio.us/fullerbecker/fixtheworld.

Feel free to subscribe to that tag’s RSS feed and see what I find next.

Tie-dye credit: giina caliente


Friday, April 18, 2008

HP: all mice to be enuchs

No longer will Hewlett-Packard's mice have balls.

Saturday, April 05, 2008

I am not an architecture astronaut!



I'm not.

I just wanted to get that on record.

Thanks, I feel much better now.

Sunday, March 30, 2008

Integration - and why you really ought to subscribe to Kim Cameron's Identity Blog

Found this integration poster by Jeff Bohren on Kim Cameron's Identity blog. Kim's blog is very good stuff, in my "A+ Feeds" folder. If you have some ideas what "identity" means and why its interesting, you should without question be subscribed to Kim's blog. Go read, you'll see.

Thursday, March 27, 2008

Coming soon to Rhapsody, I hope! I can't believe I haven't bought it yet. Saturday Nights & Sunday Mornings - Counting Crows: "Saturday Nights & Sunday Mornings - Counting Crows"



(Via Counting Crows Discography on Rhapsody Online.)

Friday, March 21, 2008

Yay! Time Machine now works on HD's attached to Airport Extreme Base Station!

From MacRumors:
After the release of today's Time Machine and Airport update, several readers report that Time Machine now supports backups to USB drives connected to your Airport Extreme basestation. This configuration essentially reproduces the functionality of Apple's Time Capsule product.

Looks like I can now get off the fence of "should I buy a Time Capsule, or can I get Airport Extreme and buy a third party (bigger) external hard drive?"

I want to do the latter, since I'll get:
- More space for my money
- Failure independence - if the wireless function fails, at least I won't lose the storage function. (In my experience, consumer wireless routers have a much shorter MTBF than consumer hard drives.)

Thursday, March 20, 2008

Subversion checkout

Macintosh:Subversion beckerd$ svn checkout https://danproject.googlecode.com/svn/trunk/ danproject --username dan.becker
Error validating server certificate for 'https://danproject.googlecode.com:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually
!
Certificate information:
- Hostname: *.googlecode.com
- Valid: from Sat, 24 Jun 2006 00:05:41 GMT until Sat, 21 Jun 2008 19:45:36 GMT
- Issuer: Certification Services Division, Thawte Consulting cc, Cape Town, Western Cape, ZA
- Fingerprint: 89:87:5e:ca:0b:03:d2:83:db:7b:3f:20:5d:d0:76:c7:76:6b:cb:b2
(R)eject, accept (t)emporarily or accept (p)ermanently? t
Authentication realm: Google Code Subversion Repository
Password for 'dan.becker':
Checked out revision 4.
Macintosh:Subversion beckerd$

Thursday, March 13, 2008

Subversion!

So, looks like I get to play with Subversion a bit.

I've started reading up on it a bit.

Set up a project on Google Code since that gives me a pre-set-up Subversion repository.

Collected a few subversion bookmarks on del.icio.us. If you know Subversion, take a look; am I missing some really good ones?

Installed Subversion and SvnX on my Mac.

Friday, February 22, 2008

Defeating full-disk encryption with a can of compressed air

I found this absolutely astounding.


 

But upon reflection, it makes sense.


 

From Bruce Schneier's blog


 

Cold Boot Attacks Against Disk Encryption

Nice piece of research:


 

We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.

[...]

The root of the problem lies in an unexpected property of today's DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn't so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.

Interestingly, if you cool the DRAM chips, for example by spraying inverted cans of "canned air" dusting spray on them, the chips will retain their contents for much longer. At these temperatures (around -50 °C) you can remove the chips from the computer and let them sit on the table for ten minutes or more, without appreciable loss of data. Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power. Just put the chips back into a machine and you can read out their contents.

This is deadly for disk encryption products because they rely on keeping master decryption keys in DRAM. This was thought to be safe because the operating system would keep any malicious programs from accessing the keys in memory, and there was no way to get rid of the operating system without cutting power to the machine, which "everybody knew" would cause the keys to be erased.

Our results show that an attacker can cut power to the computer, then power it back up and boot a malicious operating system (from, say, a thumb drive) that copies the contents of memory. Having done that, the attacker can search through the captured memory contents, find any crypto keys that might be there, and use them to start decrypting hard disk contents. We show very effective methods for finding and extracting keys from memory, even if the contents of memory have faded somewhat (i.e., even if some bits of memory were flipped during the power-off interval). If the attacker is worried that memory will fade too quickly, he can chill the DRAM chips before cutting power.

There seems to be no easy fix for these problems. Fundamentally, disk encryption programs now have nowhere safe to store their keys. Today's Trusted Computing hardware does not seem to help; for example, we can defeat BitLocker despite its use of a Trusted Platform Module.

The paper is here; more info is here. Articles
here.

There is a general security problem illustrated here: it is very difficult to secure data when the attacker has physical control of the machine the data is stored on. I talk about the general problem here, and it's a hard problem.


 


 

(By the way, did you know that Bruce Schneier's tears can burn holes through an OpenBSD firewall? Lucky for us, Bruce Schneier never cries.)

Wednesday, February 20, 2008

You can has cheeseburger, too!

Sorry. You're getting a whole pile of LOLcats whether you want 'em or not.

Humorous Pics
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsHumorous Pictures
moar humorous picsfunny pictures
moar humorous picsfunny pictures
moar humorous pics

Thursday, January 24, 2008

So you want to use Excel 2003 and Excel 2007 on the same machine....

I'm blogging this so I can find it next time I need it.

Scenario: You have Excel 2003 installed (maybe as part of Office 2003). You want to install Excel 2007, and leave Excel 2003 installed. You want .xlsx files to open in Excel 2007 when you double-click 'em, and you want .xls files to open in Excel 2003.

Solution:

Install Excel 2007 - customize your installation
Upgrade tab: select keep all previous versions installed
File location tab: change from the default path (c:\program files\microsoft office) to a different path (such as c:\program files\microsoft office 2007) This may not be strictly necessary but it makes me feel safer.

Then, do a repair on Office 2003 using Add/Remove Programs control panel (in W2k or XP) or the Programs control panel in Vista.

Alternately, you can run the following commands (from this usenet conversation):

1. Close Excel
2. Windows Start Button|Run, type
"C:\Program Files\Microsoft Office\OFFICE11\excel.exe" /unregserver 3. Windows Start Button|Run
"C:\Program Files\Microsoft Office\OFFICE11\excel.exe" /regserver
(If you originally installed Office 2003 in a different location you will need to change those commands to reflect the correct path to excel.exe.)

There are some other gotchas to Exchange 2003/2007 coexistence. See my del.icio.us bookmarks for Office 2007 for more.

Saturday, January 12, 2008

Even more Best of 2007 Rhapsody playlists

My friend Ryan is a major music buff, and every year he's put together his favorites as an Advent calendar, with a new song & review each day. 2007 version, 2005 version.

He also Rhapsodized our awesome local radio station's ( KEXP) best of list.

Paste Readers: more best albums of 2007

Inevitably, readers of Paste magazine wrote in to say "I can't believe you left ______ off your list of top albums of 2007!

Here's what they suggested:

Rilo Kiley - Under The Blacklight
Richard Thompson - Sweet Warrior
The Go! Team - Proof Of Youth
Beirut - Flying Club Cup
Romantica - America
Shout Out Louds - Our Ill Wills
Rickie Lee Jones - The Sermon on Exposition Boulevard
John Doe - A Year In The Wilderness

I'm listening now, and I like what I hear!

Rhapsody Playlist: Paste Readers: more best albums of 2007