Wednesday, 28 February 2007

Momentum of Life

In Life, as in Physics, a change in momentum, a change in direction, requires a force; and when a force is applied it can lead to stress.

The good Sir Isaac Newton said it best

An object at rest will remain at rest unless acted upon by an external and unbalanced force. An object in motion will remain in motion unless acted upon by an external and unbalanced force.

In Physics, stress is the application of a force (shear, compression, pressure) on a material (solid, liquid or gas).

These principles are the same in everyday life. To change direction in life requires the application of a force, or stress. The life changing force can come internally or externally.

Want to lose weight? A change in direction (eating less, working out more) must take place, i.e. a force must be applied.

Who hasn't felt the stress (force) of changing careers (quiting the old job, training for the new, interviews, etc)? Or felt the stress of changing financial direction (momentum)?

In life, as in Physics, changes in directions require a force.

Tuesday, 27 February 2007

Cranky Old Men

There is a new twist on the search engine game, cRANKy.com. Now, I have to say up front that I'm not a cranky old man, but the definitive vote is left for my wife to cast and really, that's the only vote that counts. According to cRANKy.com it's the first age-relevant search engine. Apparently you have to be 50+ years old to really appreciate the services provided by cRANKy.com.


The top ten searches on cRANKy.com (today) are:

  1. sex
  2. jobs after retirement
  3. brain builders
  4. work from home
  5. rachel ray
  6. wallpapers
  7. ira rollovers
  8. escorted train tours
  9. helen mirren
  10. retirement planning

If you toss out #2, 7 and 10 I don't see how this differs from google?

Is anyone surprised by number 1, sex?

What an odd mix to see Rachel Ray on the same list with Helen Mirren! Or is it? I think so.

I'm just a bit curios to find out what is involved with an escorted train tour. Is it anything like the escorted train tour Tom Cruise and Rebbecca De Mornay had in Risky Business? I could only hope so... but that gets us back to number 1 again!

Sunday, 25 February 2007

The Blackbox Window Manager

Of all the X11R6 window managers to run (fvwm, gnome, kde) why Blackbox?

It's a matter of size, and yes size matters. However, this time it's a matter of small is beautiful. Normally I like the KDE window manager (for not so obvious reasons), but mostly run gnome on my Ubuntu developer box. However, for my rather old and outdated Dell Inspiron 3500 laptop, the one I'm using to write this blog, It's limited in resources (see previous post). I like this old extremely outdated Inspiron. It may not be the lightest but it's a workhorse and I have had it for close to a decade. That fact alone speaks volumes about the quality of Dell products and the loyalty component in my social DNA (or that I'm just too frugal for my own good).

Back to what started me writing this post...

Blackbox was the smallest, most full featured window manager I could run on FreeBSD. Okay, fvwm will give it a run for the money but I've never liked the fat frames in fvwm. But today, I finally got around to cleaning up the Blackbox menu and removed all the items that don't apply to FreeBSD running in this limited environment (my Dell not Blackbox).

Here's what I did to remove from the Start Menu things like StarOffice or Mozilla Navigator that are not installed on the massive 4Gb hard drive:
  1. copy the default Blackbox menu file to my local directory (e.g. /cpusr/share/blackbox/menu .)
  2. change the write protection (chmod 666 ./menu)
  3. edit the file (e.g. vi ./menu) and remove entries like
    1. [exec] (StarOffice) {soffice}
    2. [exec] (Acroread) {acroread}
  4. save the file
  5. edit the .blackboxrc file and point it to the local menu file
    1. session.menuFile: ./menu
  6. save the file
  7. right click on the desktop and tell Blackbox to Reconfigure
That's it. Now I have a custom start menu for Blackbox.

Saturday, 24 February 2007

R.I.P.

We see the initials R.I.P (Rest In Peace; latin: requiescat in pace) on many grave stones. Perhaps we need to R.I.P long before we are deceased.

However, for me R.I.P has come to mean something else entirely different. Having just gone through an employer/employee goal setting session this week, it put me in a reflective mood. So here's an alternative definition for R.I.P. -- Retrospection, Introspection and Prospection.

There is an old Jewish story that asks the question "Where have you come from and where are you going?" Good questions for today's hustle and bustle lifestyle. I like to use the hour long trip into and out of Chicago each morning/evening to contemplate my place in the universe.

  • Retrospection -- a looking back to what was and how things have changed (hopefully for the good); looking back at what was done (noble or not) and what others have done;
  • Introspection -- a looking inward to insure that thoughts, ideas, motives and desires are properly aligned
  • Prospection -- a looking ahead in anticipation of what might be; hope for tomorrow
I hope all who read this will R.I.P.

Friday, 23 February 2007

Time-Zoned

The old song Working 9 to 5 seems like a life of luxury in today's global world is flat economy. According to the Financial Calendar website the intense pressures of electronic trading is now available in nearly 600 financial centers around the globe.

The ECBOT (Chicago Board of Trade) starts trading here in Chicago at about 18:30 hours (00:30 UTC) and runs overnight. About 07:30 Central European Time (06:30 UTC) the Eurex and other European exchanges start trading. Factor in the Asian markets like the Jasdaq and voil� you now have a near zero window of opportunity for scheduled downtime and we must manage support staff in multiple call centers working accordingly "around the clock".

In order to meet these demands, Blackberries, wireless networks, laptops and all things electronic continue to increase without bound. CEOs, CIOs, CTOs and the like push their staff harder to meet the increasing demands of the traders who want access to these markets. Am I complaining? Not me... I'm laughing all the way to the bank.

An all too familiar example of this lifestyle is found in Time-Zoned: How to Cope With a Round-the-Clock Workday by Sue Shellenbarger of the Wall Street Journal Online.

As a friend said in college "Pressure makes diamonds".

Thursday, 22 February 2007

A Bad Case of Nigeritis

While on a trip to Barbados, for a friend's wedding, my wife and I were eating breakfast at our hotel (The Savannah Hotel). Having just finished breakfast we were sitting back and enjoying the warm ocean breeze and the gorgeous ocean view. We were approached by one of the women working in the outdoor dining room who had come over to take our plates away. We were totally shocked when she said, with her Bajan accent,
"If I didn't know better, I'd say you two have a bad case of nigeritis".
Now let me backtrack a bit. I was raised in the Rocky Mountains of Colorado, and the 'N' word was just not used in public! If it was, it was frowned on! So imagine our surprise when our hostess said what she did. Not sure I heard what I heard I asked,
"Excuse me, what did you say?"
to which she repeated herself a bit louder,
"You two look like you have a bad case of nigeritis".
I paused, hesitated some more and said with a puzzled look,
"I'm not sure I know what you mean."
To which she explained the definition of nigeritis (a sleepy feeling after a meal; contented; satisfied; sweet).

Having spent forty years associating the 'N' word with negative connotations we were jaw dropping shocked, but after the explanation, we had to agree with the diagnosis; we really did have a bad case of nigeritis.

Later, after the wedding, I repeated this story for my friend from Barbados. He laughed and then furthered our education by telling us that in Barbados you can buy "Niger Peppers" -- a sweet pepper.

You're never too old to expand your lexicon and challenge those preconceived ideas!

Wednesday, 21 February 2007

Women in Science

The retired IBM scientist Frances E. Allen whose pioneering work in the field of compilers will receive the Association for Computing Machinery's A.M. Turing Award. Allen is the first woman to receive this honor -- the highest honor in computer science.

Allen worked for
IBM in the late 1950s where she taught a new language, FORTRAN, to IBM scientists.

"There is an image about our profession that doesn't appeal to women, which is a shame because women in our field are just fabulous. They're great researchers. They're great leaders. There just aren't enough of them. This has been an issue for many years.
" -- ACM CEO John White.

Blogger's note: Young women, for many reasons, are turned away from science at the middle school (junior high school) level. To combat this trend I suggest reading 4000 Years of Women in Science and doing what you can to encourage more women into the sciences. It is our culture that is turning these great talents away, not their desire nor their abilities.

Tuesday, 20 February 2007

What are you willing to pay for online security?

According to Trend Micro there are black market al a carte menus available for hackers to buy/sell our personal information. Here's what some are willing to pay for our 'private parts':
  • Trojan program to steal online account info: $980-4900
  • Credit Card number w/ PIN: $490
  • Billing data (SSN, address, birth date, etc): $78-294
  • Drivers license: $147
  • Birth Record: $147
  • SSN card: $98
  • Credit card number w/ security code and expir-date: $6-24
  • PayPal account uname and pwd: $6
What can we do and what are we willing to pay to fight this?

Here's a simple recommendation; If we aren't willing to use a crypto-card, or random password generator when doing online banking or accessing retirement accounts, we're part of the problem, not the solution.

Anything I have to do that absolutely, positively has to be secure involves an RSA secure ID. This little gem of device forces me to use a different, pseudo-random password every time I log on. It also makes it easier for me to remember my password, and not compromise security by writing down on a sticky note some reminder.

If we continue to ignore the price hackers are willing to pay for our private parts, we will continue to be a part of the problem, not a solution. Insist on the best of security when doing online banking. Ask your bank and retirement services to provide the best.

Monday, 19 February 2007

Google Notebook Rocks!

Where was I when Google Notebook came out? Asleep I would imagine. Wow! What a great service. Notebook came out in May of 2006. It has been recently updated to include sharing, drag and drop, trashing and undoing as well as access to it from your Google 'homepage'.

Why do I like Google Notebook? One word... bookmarks.

What's wrong with bookmarks?

I have a set on my laptop (OS: FreeBSD; browser: Firefox). I have another set on my office workstation (OS: WinXP; browser: Firefox). I have yet another set on my home workstation (OS: Ubuntu; browser: Firefox). Now each set of bookmarks are unique to what I am doing on the computer in question. Work: Windows API links. Laptop: BSD Links. Home: Unix programming tips.

So what makes Google Notebook so very cool is that it allows me to share 'bookmarks' across servers. Now I can even share them with friends via my Google homepage.

Sunday, 18 February 2007

Rest in peace Dr. Adler

The Austrian born Dr. Robert Adler (1913-2007), the co-inventor w/ Eugene Polley (both were working for Zenith) of the wireless TV remote control, passed away February 15th. The remote control device, called the Space Command (1956), used ultrasonic waves (remote control devices now use infrared radiation).

If it wasn't for his work, during World War II, on high-frequency magnetostrictive oscillators, we may never have been able to sit on our couch and flip through an ever increasing selection of channels, nor would we be able to control our iBook w/ that pretty white control fob.


IEEE link to Dr. Robert Adler

Saturday, 17 February 2007

Dynamic Code Obfuscation

Yet another way for malicious software to spawn, spread and infect.

According to Finjan, Dynamic Code Obfuscation (DCO) also known as Dynamic Code Mutation is "A method for hackers to place malicious software onto computers, keeping the code hidden from antivirus software. Infected computers contain software with a unique set of functions and parameter names. Since the code exists differently on each infected machine, antivirus vendors cannot issue a single virus signature to disrupt the malicious code."

What does this mean in practical terms? Let's pretend I wanted to write a virus (I don't but play along) I would write something like the following (I'll use C to do this, but it appears that Java Script/Java is the leading language for self obfuscation):



void malicious_function_that_will_delete_files(void)
{
// do something evil...
}

int main(void)
{
malicious_function_that_will_delete_files();
return 0;
}



Now if I wanted to defeat this 'virus' I would need an antivirus (AV) vendor like Symantic - Norton Antivirus or McCafee VirusScan Plus or AVG Anti Virus to create a definition file and have it uploaded, in the latest online update, to my antivirus software database, and tell the AV software to scan files for the character string malicious_function_that_will_delete_files();.

Now, no self respecting virus author (oxymoron?) would write a virus like this because an AV product would be able to easily scan a file for the telltale signature of malicious_function_that_will_delete_files(); and quarantine the program.

What DCO brings to the table is the ability for the software to mutate, like a real virus, in an attempt to avoid detection. Imagine that the same 'virus' written above could mutate into:


void ed83ff2005016de843553f10e65ce617()
{
// do something evil
}

int main(void)
{
ed83ff2005016de843553f10e65ce617()
return 0;
}


and ship this new version, through your infected computer, to another computer on your network.

The AV is now defeated with an outdated definition file because the AV is looking for the character string malicious_function_that_will_delete_files(); and now has to also scan files for ed83ff2005016de843553f10e65ce617();

What is needed, and is available, is behavioural code analysis antivirus software. However, the cost of running this new type of behavioural analysis is speed. It takes CPU cycles and delays packets being sent out over the wire. Will most 'normal' users notice this? Perhaps not. Those of us who make a living writing high performance, low latency networked applications will feel the impact.

Do we need better antivirus software, better desktop operating systems or better hardware (routers, switches, etc)?

Friday, 16 February 2007

Dear Number

I thought it was nice touch to receive an email like the one below that arrived from CIO magazine and addressed to a number. Oops! Someone in the subscription department is looking for work...


Dear 80535,

It�s a time of extraordinary transformation for IT organizations. Is the CIO role changing along with it? This year�s CIO Role survey will probe that question, and the editors of CIO Insight Magazine, a Ziff Davis Media publication, cordially invite you to participate. We�ll focus on CIOs� backgrounds, responsibilities, success factors and compensation, but with a special emphasis on changes taking place now or likely to take place in coming years. As always, your individual responses will remain confidential.


Thursday, 15 February 2007

Drinking from the Well of Nostalgia

The "good ole days" were just old. That's what dad use to say anyway. Then again, he grew up in a western Pennsylvania mining town in the 1930s and 40s. Drinking from the Well of Nostalgia leads to stagnation. It is the death of adventure and discovery. Only drink in small doses to illuminate progress, not to satisfy a thirst. Rest in peace Pappy; can't believe it's been eleven years.

Wednesday, 14 February 2007

Software Suffocation

In an interview with Technology Review titled The Problem with Programming, Bjarne Stroustrup states

A lot of thinking about software development is focused on the group, the team, the company. This is often done to the point where the individual is completely submerged in corporate "culture" with no outlet for unique talents and skills. Corporate practices can be directly hostile to individuals with exceptional skills and initiative in technical matters. I consider such management of technical people cruel and wasteful.


If this is true I wonder how many CIOs and CTOs would agree or disagree with a statement like that?

I have found that the following options help to alleviate the suffocation.
  • find some non-work related software project to do either at home or, with prior approval, on the job. Most good managers realize that 'play' time is important to health and well being.
    • For example, whilst riding the train to/from Chicago, I wrote a Sudoku problem solver in C++ using dancing links. Solving Sudoku puzzles has absolutely nothing to do with electronic trading or does it?
    • Perhaps join an open source project (check w/ your supervisor to avoid breaking that conflict of interest document you signed!)
  • ask to be put on a non-production prototype project where your talents and ideas may be beneficial.
  • wander around the office (sea of cubes?) and find out what others are working on and see if they need help (assuming you are not shackled to your cube and have a few personal CPU cycles to devote).
Agree? Disagree? Let me know how you solve your Software Suffocation problems.

More Holiday Gadgets: Valentine's Day!



Today is Valentine's Day. Traditionally, this day of romance is celebrated with chocolate or flowers, lavish dinners out, or even more lavish dinners in. But what if you're still looking for that special someone, or you're miles away from the one you love? Google Desktop to the rescue: Here are a few desktop gadgets you can use to find or celebrate love.
gadget snapshot Crush
By Lahiru Lakmal Priyadarshana

Let a special Google Talk friend know that you have a crush on him or her.
gadget snapshot Cupid's Gadget
By Teodor Filimon
Are you too shy to ask someone out? Do you want to see if he or she likes you, too? Try "like-marking" with Cupid's Gadget!
gadget snapshot Find My Heart
By Lahiru Lakmal Priyadarshana

Give your heart to a Google Talk friend. Your friend wins if it takes five tries or less to find where you hid the heart.
gadget snapshot Kiss Me!
By Kathy Walrath

Decorate your desktop with a kissable, framed picture of your sweetheart � or anyone else you'd like to kiss. Send your prospective valentine a picture of yourself and a pointer to this gadget, and you're sure to get a kiss! (Virtually, at least.)
gadget snapshot Love is in the Air
By James Yum

Heart-shaped fireworks simulate the graffiti inspired by first love. What could be more romantic?
gadget snapshot Flower Pot
By Google Inc.

If you're too late to order flowers for your honey, try giving virtual flowers instead. You might even try to convince your valentine that electronic flowers are ecologically superior to chemically treated flowers that have been transported hundreds of miles. Good luck with that.

You can find Valentine's Day gadgets and more at our holiday gadgets page. If you feel inspired to create your own holiday gadgets � pi Day, anyone? � visit our Developer Site and be sure to grab the Google Desktop SDK.

Happy Valentine's Day from the Google Desktop Team!

Monday, 12 February 2007

Hackers! What a waste!

I keep seeing errors, in my FreeBSD/Apache webserver log (/var/log/httpd-errors), of the type: POST /_vti_bin/_vti_aut/fp30reg.dll HTTP/1.1" 401 517. According to NSFOCUS these are a Microsoft FrontPage 2000 Server Extensions Buffer Overflow Vulnerability attacks on my webserver. Really? this exploit is nearly six years old. Guess old habits die hard? Thanks again Micro$oft for enabling so many hackers and criminals. Will Vista be any better?

Sunday, 11 February 2007

FreeBSD on Dell Inspiron 3500

When Micro$oft decided to end support for Win98 my old laptop, a Dell Inpirion 3500, seemed destined for the recycle center. It was still in good shape and all the peripherals worked (CD, dual batteries, floppy, etc). So I didn't just want to toss it out. Upgrading to Win2K was not an option because of the limited resources (400Mhz processor and 4Gb hard drive).

Instead I installed FreeBSD 6.1 (later upgraded to 6.2) and added the BlackBox window manager (pkg_add -r blackbox). I'm sitting here editing this blog from my laptop. Admittedly FreeBSD is not a 'normal' choice for an ex-WinDoze system, but having worked with FreeBSD at Fermilab it was not completely unfamiliar either. I can run the command line interface (useful for home network admin tasks) with as little as 20Mb of memory (the laptop only has 64Mb). The 4Gb hard drive is still 75% free after the install.

Running X windows w/ the BlackBox (/usr/ports/x11-wm/blackbox) window manager and Firefox 1.5 requires only 60Mb! Factor in the zero cost for FreeBSD and Firefox and this old laptop will still be in the house for the foreseeable future.

For a 'simple' networked device that gets used on weekends and evenings to browse the web (in an ultra secure OS) I can't complain! Heck I'm so happy with this system I had to tell others.

Where have you gone Aleksey Kamardin?

The Security and Exchange Commission filed a complaint against Florida college student Aleksey Kamardin charging him with fraudulent trading activities, commonly referred to as pump-and-dump. In the complaint it states that Mr. Kamardin made about $83k. The St. Petersburg Times states Kamardin made about $15k in three hours trading St. Petersburg-based Cyber Defense Systems Inc. (CYDF). To pull this off Kamardin, with help from others hacked into online trading accounts and used these accounts to trade illegally. The money transferred into and out of many accounts in the US, Russia and Latvia.

This is not the most recent SEC investigation into pump-and-dump trading. Most recently, in December 2006, the SEC filed a complaint against the Estonian Evgeny Gashichev for activities with his own company Grand Logistic.

Kamardin has since fled (the country?) and some believe he is hiding in Russia.

So what are the online brokerage firms doing to prevent this? How are they making their client accounts more safe?

Friday, 9 February 2007

The Freedom To Doubt

While clearing out a bookshelf, I rediscovered a series of three lectures given by the Physicist Richard P. Feynman. A truly remarkable man indeed. Below is an excerpt from the first of these three lectures (given in April 1963).

Scientists, therefore, are used to dealing with doubt and uncertainty. All scientific knowledge is uncertain. This experience with doubt and uncertainty is important. I believe that it is of very great value, and one that extends beyond the sciences... If we were not able or did not desire to look in any new direction, if we did not have a doubt or recognize ignorance, we would not get any new ideas.
The freedom to doubt is an important matter in the sciences and I believe, in other fields. It was born of a struggle. It was a struggle to be permitted to doubt , to be unsure. If you know that you are not sure, you have a chance to improve the situation. I want to demand this freedom for future generations.

Tuesday, 6 February 2007

Why I hate software

While trying to archive an email message on google (gmail) it generated an error message "Oops... the system was unable to perform your operation (error code 602). Please try again in a few seconds." Now normally I have few complaints w/ google or gmail because by and large "it just works". However after a particularly frustrating day wrestling w/ my own software and software from others at the office I had had it! Yes, true to the error message, I was able to archive the message. Perhaps I should be more forgiving, considering I make a living from software, but I'm not. I believe that software should be infinitely difficult to configure incorrectly. It should be, conversely, "hung over from the Christmas party at 4am" easy to use, configure and install. Have I achieved that with the products I write? Nope. So I should be more forgiving but I refuse to allow my lack of planning, my poor planning to ruin the customer's experience. I'm paid to think of failures and plan for them, all of them. Harsh? Yep. Perhaps it's a calculated behavior serving as a stark contrast to the lackadaisical image some in the industry are fond of displaying.

Monday, 5 February 2007

Copenhagen Top Ten (or not?)

On a recent trip my wife and I took to Copenhagen (her first European trip) we comprised our top ten things we DIDN'T expect to see in Copenhagen (Denmark in general).

10. So many bicycles (Kim). Bikes we expected... but double decker bike racks at the train stations?
9. Witch at the Hovedbaneg�rden (Keith). I swear I saw a witch right out of a Macbeth!
8. Roskilde teenagers (both) -- we 'planned' our trip to Roskilde right before the music festival (oops)
7. Fruit stands on the street (Kim).
6. 7-11s everywhere! (both). When did this happen? Guess there are worse American exports (see #2).
5. Guy wearing a dress on the Str�get (Keith). The combat boots 'made' the dress! I do hope he was wearing a slip but suspect I am wrong.
4. A "Sister" cleaning the rooms in our hotel. (both). She even had an accent from the islands.
3. Two gay guys in Rosenburg Gardens (Keith). "Not that their is anything wrong with THAT"... but come on... get a room! I would say the same if it were a heterosexual couple too. That much 'free love' needs a room.
2. Hummer (both). Even in America an H2 Hummer is large... seeing one in downtown Copenhagen, it's obscenely large!
1. Graduation Caps (both). These caps rock! Graduation caps in America suck compared to these!

What's in the updated SDK



When we published our updated developer doc, we also released a new version of the SDK. Here's why you should download the latest SDK:
New samples!
The SDK has lots more sample gadgets, some of which use new features and APIs such as audio, PNG images, new options methods, and new view methods. You'll also see examples of how to use the Query API and Event API. We've even released several production-worthy samples from which more experienced developers can benefit:

Themeable, LCD-Style Clock

Classic Memory Game

Wi-Fi Network Selector

Fireworks

Rebuilt Gadget Designer
The old Gadget Designer is incompatible with the new API. Get the new Gadget Designer so you can use new features and APIs.

Better organization
We've simplified the directory structure, added a readme file to help you find what you need, and removed some files that were either obsolete or could be easily obtained from the web.
We periodically update the SDK to add samples, improve the documentation, or fix bugs. To see whether you have the latest SDK, look at the date at the top of your SDK's api/readme.html file. (If your SDK has no api/readme.html file or the file has no date, then you definitely have an old copy!) As we write this, the latest SDK date is 24 January 2007. In the future, we'll put the latest SDK date in the News box at the upper right of the Google Desktop developer home page.

Sunday, 4 February 2007

The Danish love affair with twenty...

I'm not sure of the origin, nor are many Danes I suspect, but I noticed that the Danes, like the French(?), have a love affair with the number twenty! It is almost forgotten these days, I suspect, but a quick list of their numbers, with the full name, makes this more evident:

The numbers, after forty, are mutiples of twenty.

20 -- tyve
30 -- tredive
40 -- fyrre
50 -- halvtreds (halvtredsindstyve) lit. half from three times twenty ('sind' means times).
60 -- tres (tresindtyve) lit. three times twenty
70 -- halvfjerds (halvfjerdsindstyve) lit. half from four times twenty
80 -- firs (firsindtyve) lit. four times twenty
90 -- halvfems (halvfemsindtyve) lit. half from five times twenty