Software

Darl\’s getting a blog…

Dave Farquhar Software , , , ,

For those of you who don’t know, SCO is tired of Groklaw and setting up its own blog, prosco.net (not yet active; it goes live Nov. 1) to provide a counterpoint.

SCO, for the uninitiated, is a software company turned litigation company whose lawsuits against the likes of IBM, Novell, Red Hat, Daimler Chrysler and Autozone aren’t doing well.SCO says they’re going to answer questions from the public. I have a few questions they can answer.

Their stock was trading at or around $50 a share during the past year, but the share price is currently near $3. What are they going to do about their dwindling stock price?

Is SCO in danger of being delisted?

What sources of revenue does SCO have?

Is Darl McBride buying or selling SCO stock right now?

When SCO goes out of business next year, what company will Darl McBride and his friends go to? I still owe about $10,000 on my Honda and I’m realizing now that if I had shorted $5,000 worth of SCO stock a year ago, I would have nearly doubled my money by now. Investment opportunities like that don’t come along every day, so I’d like to find the next one.

Can I see a line of the code that IBM stole? One line would suffice. I would prefer it not include the strings “#include” and “stdio.h”.

Why November 1? Why tease us? Why not just start writing and then publicize it? That’s what I did, and I get lots of traffic. Surely not as much as SCO does though. I’m sure the traffic they receive from disgruntled sysadmins redirecting Nimda and similar requests to www.sco.com dwarfs mine. And Yahoo’s.

Ghost won\’t let me use my monster hard drive!

Dave Farquhar Software , , , ,

Here’s a familiar problem, I’m sure.

You need to back up your laptop, so you buy a monster (200+ GB) USB or Firewire hard drive. And then you can’t use it in Symantec/Norton Ghost, for one of two reasons:

1. You can’t format a FAT32 partition bigger than 32 gigabytes.
2. Ghost chokes when it tries to make a file larger than 4 gigabytes.These are limits of the operating system, not Ghost. But there are workarounds.

To format a FAT32 drive bigger than 32 gigs, you need a DOS boot disk. If you don’t have a Windows 95OSR2 or Windows 98 DOS boot disk handy, you might try bootdisk.com, or download the latest version of FreeDOS, which now supports FAT32.

You’ll have to use good old FDISK and FORMAT, which is clunkier than Windows XP’s computer management, but at least it’s possible.

Ghost can choke when the image file exceeds 4 gigabytes in size because FAT32 won’t let you make a file larger than that. It’s a limit of the FAT32 file system. The workaround there is to split up the image. Pass Ghost the -SPAN -SPLIT=4095 parameters when you launch it to get around that problem.

How to get your RSS/RDF feed working with Mozilla Firefox\’s Live Bookmarks

Dave Farquhar Software , ,

As soon as I upgraded to Mozilla Firefox 1.0, I started noticing that when I visited certain sites that had RSS/RDF feeds, a big orange “RSS” icon showed up in the lower right hand portion of the window.

That’s cool. Click on that, and you can instantly see that site’s current headlines, and know if the site has changed, just by looking in your bookmarks.

Except my site has an RSS feed and that icon didn’t show up. Here’s how I fixed it.At first I figured Firefox was looking for the standard “XML” icon everyone uses. So I added that. No go.

So I investigated. A Google search didn’t tell me anything useful. So I went to Slashdot’s page and viewed the source. Four lines down, I found my answer.

In your section, you need to add a line. In my case, since I run GeekLog, it was this:

LINK REL=”alternate” TITLE=”Silicon Underground RSS” HREF=”//dfarq.homeip.net/backend/siliconunderground.rdf” TYPE=”application/rss+xml”

Just substitute the URL for your RSS feed for mine. The two slashes at the beginning are necessary. The whole line has to be enclosed in , of course. (I can’t show them here because my blogging software is trying to protect me from myself.)

But since Geeklog doesn’t have an index.html file, and its index.php file is mostly programming logic, where do you add your code?

In your themes directory, in the file header.thtml, that’s where. I put mine right after the line that indicates the stylesheet.

The location for other blogging systems will vary, of course. But I notice some seem to do it automatically.

Now your readers can keep track of you without constantly refreshing your page (which they probably won’t do) and without having to run a separate RSS aggregator. Pretty cool, huh?

A first look at Inkscape

Dave Farquhar Software

I’ve been playing with the Windows version of Inkscape, which bills itself as an open-source SVG editor. It doesn’t bill itself as an Illustrator/Corel Draw/Freehand killer, but as a simple vector drawing program, it works.

It takes getting used to. But I think I like it.I’ve talked before about free Windows graphics software but I didn’t mention Inkscape because the Windows port did not yet exist.

I don’t try to draw scaleable pictures of people. I draw objects, typically boxy objects. It works for that.

The ability to draw and finely position polygons and curves is there and obvious. The ability to do fills using patterns is there, though its use is a bit less obvious. (I did find an Inkscape pattern tutorial, but haven’t tried it yet.) The ability to group and ungroup objects is there and obvious. As is the ability to change an object’s dimensions using the keyboard, so you can get an object to be exactly 2.5 inches long if need be.

It also has the ability to simplify a shape you select. This is good if you have a shaky hand and couldn’t quite get something straight but came close. It can also bring an artsy feel to something, since simpler objects often appear more pleasing.

My biggest gripe is the grid. I don’t know what it’s measuring or where its origin is. It doesn’t line up with the ruler, so if I want something offset by a quarter-inch relative to another object, it’s difficult to do. I found myself drawing a lot of lines the length of the offset I wanted and using those to position objects, and just using the grid to get me in the right neighborhood.

But it’s a promising piece of software. I’ll use it because the price is right (free) versus the alternatives (hundreds of dollars). And if it’s anything like other pieces of open source software, it’ll steadily improve. It’s only on version 0.39 right now. Mozilla had some rough edges at version 0.3x too.

The key to drawing, which my art-teacher girlfriend told me and I’d never heard anywhere else, is not to look at the whole, but break the object you’re drawing into the simplest shapes you can. Draw and arrange those shapes, and you get a whole drawing.

If you can think like that, you can use Inkscape. If you can’t, it’ll frustrate you. (But most drawing programs probably will.)

How did I miss Symantec buying out PowerQuest?

Dave Farquhar Software

PowerQuest, best known as the makers of PartitionMagic, got bought out by the monolith Symantec–soon to be the only large maker of utility software in the universe–back in December.

This eliminates DriveImage as a competitor to Ghost, gives Symantec a killer consumer app in PartitionMagic, and also gives Symantec the enterprise-class PartitionMagic-like apps.PartitionMagic was a good product. I hope Symantec doesn’t dummy it down too much. But for the past year or so, I’ve been booting Knoppix and running qtparted whenever I need to resize partitions. Long ago I made a boot CD containing the DOS version of a semi-recent copy of PartitionMagic (whatever the last version I bought was), but qtparted handles filesystem types that PartitionMagic won’t touch, so the free alternative is more useful to me. Besides, it’s legal for me to use qtparted on any of my computers or anyone else’s. I don’t think PartitionMagic can be used on more than one PC without additional expense.

If the secret ever gets out about Knoppix and qtparted, PartitionMagic stands to lose a big chunk of its market.

VMWare’s P2V is mildly disappointing but can still save the day

Dave Farquhar Software , , , ,

The order came from higher up: Migrate these seven servers to VMWare. That would be easy if you were running Linux, FreeBSD, OS/2, or basically any operating system not made by Microsoft. Give me an OS/2 hard drive out of a 386 with Microchannel, and I can have it booting on a P4 in a matter of minutes and probably have it operational in half an hour.

But Windows ties itself to the hardware too tightly. So you need a $10,000 software package to migrate it. That package is P2V, which stands for "PC to VMWare." I assume.Actually it’s a $2,000 software package with $8,000 worth of training. Whether you need that training, well, that’s another story.

P2V advertises that it’ll take an image of a server, replace all of its hardware drivers with drivers for the hardware VMWare emulates, and off you go.

It does the most critical part of it just fine. It doesn’t matter if the original server was SCSI, IDE, or something nasty like RLL or ESDI–unlikely, but I’ve seen what desperate times sometimes cause to be put into a production server–and it’ll get it booting on VMWare’s emulated LSI Logic SCSI card.

The biggest thing it doesn’t do is migrate your TCP/IP settings to the new network card. If you happen to have an AMD PCNet-based NIC in the server you’re migrating, you’ll have no problems, but the chances of that are slightly better than my chances of finding an 1897 Carlisle & Finch train set at that estate sale on Itaska Street this weekend. More likely, you’ll have a 3Com or an Intel card in your source server.

That may not be a problem for you. But if you’re migrating a web server that’s hosting twelve dozen sites, each with its own IP address, you’ll be stringing together some curses after paying that kind of money.

Worth it? It is in the sense that a telephone saves you thousands of dollars in travel costs, so you could justify paying $600 for it. If you’ve got a fleet of aging NT4 servers and an expensive maintenance contract to match, and it’s over someone’s dead body that the applications they host will go away, you can save that 10 grand in a fiscal year, get those servers moved to newer, better hardware that’s cheaper and easier to maintain, and get them moved in less than a week. It could take you nearly that long to get NT4 running on brand-new hardware. Once.

So, yes, you can justify it to your accounting department.

As far as the time involved, there’s the time it takes to image and re-image the server. That depends on how fast your network is. There’s the time it takes to build a helper VM that P2V runs on. It’ll take you about 5 minutes per server to set up the VMWare instance. If you’ve got new hardware, it’ll only take a few minutes for P2V to run. Then you have to boot the VM, reconfigure anything that needs reconfiguring, boot it again, and repeat until you fix everything that’s broken. Sometimes that’ll be nothing, and sometimes it might be a lot.

I budgeted 4 hours per server. A couple of them took less than an hour. A couple took 8.

Do I wish it were a better product? You bet your boots I do. Was I glad to have it at my disposal this week? You bet that Carlisle & Finch train set I’m not gonna find this weekend I am.

Thanks to P2V, I get to do something fun this weekend instead of building servers.

What to do when a PC is too bogged down in spyware to run the tools

Dave Farquhar Software , , , ,

Spyware was grinding this PC to a screeching halt. I’d click on an icon, and the program never appeared. Or maybe it would finally appear 15 minutes later. And once I finally got a browser window open, it was so slow, I could pretty much forget about downloading any tools to fix it.

What to do?I hit CTRL-ALT-DEL. There was all sorts of stuff in the task list. (This was a Windows 98 computer.) I followed the same rule that I once heard in a movie. Desperado, I think it was. The crime boss said something like this: “How tough can it be? Go around town. Don’t recognize someone? Shoot him.”

So if I didn’t recognize a task, I closed it. In the end, nothing but Explorer.exe and Systray.exe were left running.

The result? When I clicked on icons, programs ran!

I then ran the usual battery of tools: Bazooka, Spybot Search & Destroy, Ad-Aware, then Bazooka again (I have Bazooka scan to give me a quick overview of how bad it is, since it finishes in seconds, then run the others, then run Bazooka again since Bazooka only assists you in removing stuff, but doesn’t actually do it).

Then for good measure, I ran AVERT Stinger, which removes common trojan horses.

No trojan horses, but he had just over 200 different spyware infections. He asked how he could prevent them in the future. I showed him how to use the tools.

Then I installed Mozilla Firefox. I explained to him that it doesn’t have the hooks into the OS that Internet Explorer has, so if a website tries to maliciously install spyware when he visits, the chances are much lower. And since it blocks the popups, his chances of accidentally visiting those kinds of slimeball places drop. Then I showed him the tabbed browsing feature, and the built-in Google search bar. He dug it. I think Mozilla may have gained a convert.

This job took me a while. I cut him a break on my hourly rate, since he’s referred people to me in the past. And besides, he let me see his old S gauge American Flyer train, still in its original box. Letting me spend five minutes with something cool like that is always good for a discount.

Basic Internet Explorer troubleshooting

Dave Farquhar Software , , ,

I did a little moonlighting this past weekend fixing Internet Explorer for somebody. It’s been several years since I’ve used that web browser regularly, but if someone pays me to fix IE, then I fix IE.

The problem was that after he paid someone else to fix his spyware problems, IE quit displaying SSL (secure) sites. So much for online banking and bill paying.

So here are some simple things to try if IE breaks and switching to an alternative browser like Opera or Mozilla isn’t an option.My guess is he got trigger happy with disabling stuff. IE was about as secure as it was going to get, but it was no longer useful as a web browser either. It was kind of like taking the tires off your car to keep it from getting in a wreck. The "Cannot display this page" page gave some troubleshooting information. It didn’t help. I searched Google for information. There were some suggestions of things to enable. It didn’t help.

So I figured I’d just download IE6 and see if running the installation program would give me an option to do a repair install. No dice. The installation program couldn’t access the Internet to phone home to Microsoft.

Two words: Personal firewall. I went looking. I found two. I uninstalled one. No dice. I uninstalled the second one and enabled Microsoft’s built-in firewall. It still couldn’t call home. This was weird.

As a last resort, I went into Tools, Internet Options, and cleared the browser cache and the history and everything else you could clear. And then I stepped through each tab, resetting the defaults everywhere I could.

In all honesty, I couldn’t see what difference there was between the defaults and the settings he had after I’d followed all those suggestions I found online. But after I reset the defaults, his browser was displaying SSL pages again.

All I can think of was that there may have been some hidden setting or settings in the Registry that got wiped out when I reset the defaults.

Then I went back and tightened things down a bit more–stuff like ActiveX controls and the like.

It’s always best to start with the simplest known configuration that works, then secure it one step at a time. That was definitely the case here.

A super-cool Mozilla extension

Dave Farquhar Software , , , ,

I’m about to get you to dump Internet Explorer for good.

And no, this has nothing to do with the latest security exploits (there were only four revealed this week, right?). This has to do with functionality.

Super Drag & Go is what I call a disruptive technology. It’s like multitasking. You won’t understand what the big deal is when I explain it to you, but once you try it out, you’ll find it impossible to use a computer that doesn’t have it.It’s dead simple. You’re using the Web for research. You’re tooling along, finding lots of information you didn’t know about ancestors, obscure toy train manufacturers, or whatever it is you like to use the Web to research. You hit upon a name or phrase or topic or book title that’s useful, so you highlight it with your mouse, copy the text, then open a new browser window, go to Google or Amazon or Dictionary.com or Wikipedia or whatever the appropriate research tool is, paste it in, and keep on going, right?

Wrong. That’s what you used to do.

What you do is you install Mozilla Firefox, then you click on that Google icon and install the interfaces for whatever search engines besides Google you like (there’s plumbing that hooks you up with Wikipedia, Amazon.com, Dictionary.com, and everything else you can possibly think of). Then you install Super Drag & Go. Then you instantly become about 40 times as productive as you were 20 minutes ago.

How? I tool along the same way I always did. Then, when I find reference to, oh, say, Voltamp, I highlight it like I was going to copy and paste it, but instead of hitting copy, I just drag it with my mouse over to some blank area on my browser window.

Boom-shakalaka, a browser window opens with that phrase punched into Google for me with my results. So then I can read the three–wait, now it’s four!–webpages that make mention of the first company that made an electric toy train that used a transformer plugged into a household AC wall socket.

(You can thank me later for putting that song in your head. Change browsers and I promise I won’t do it again.)

Of course, if you’ve changed your default search engine to something else, then it’ll go to that other page. Now you know why it might be useful to set your default search engine to Wikipedia or Amazon.com. It changes back easily–it’s just a matter of clicking the icon in the browser’s search bar.

Next time I see him, I’ll have to thank Todd, the coworker who showed me how this works. I’d read about it and dismissed it, until he showed it to me. And now?

It’s not a habit, it’s cool. I feel alive. If you don’t have it you’re on the other side. I’m not an addict…. Maybe that’s a lie? –K’s Choice, Not an Addict

If you use Mozilla, you need to read this

Dave Farquhar Software , , ,

No sooner than I presented Mozilla, specifically Mozilla Firefox, as a safe alternative to Internet Explorer did an exploit for Mozilla show up. Argh!

At least the fix came out swiftly and installs painlessly. Visit the page, click another link, wait a minute or so, and then restart the browser. Badda bing, badda boom, you’re patched. No reboot necessary.I still stand by my recommendation of Mozilla, whether it’s the entire bloatware Mozilla suite or the lightweight Mozilla Firefox, over IE. Why? Lessons learned from Linux.

When a vulnerability is discovered in a Microsoft product, an unpredictable length of time passes before the vulnerability is patched. Sometimes it’s a matter of days, but sometimes the length of time is just plain ridiculous. Forgetting for a minute how frequently patches come out–a case can be made that Linux gets more patches than Windows but just as strong of a case can be made that it gets less–the length of time that passes between the instant the vulnerability is discovered and announced and the release of a patch is usually very small. Usually it’s a matter of hours.

The reason is simple. Lots and lots of eyeballs looking at the code. And in Open Source, having your name in the code is a badge of honor. It’s a big, big line on a resume to say you wrote a line of code in the Linux kernel.

Other open-source software gets patched just as quickly, however. Not every open source programmer is comfortable maintaining operating system kernels. And no self-respecting programmer wants his or her system hacked due to a vulnerability in a piece of software she or he was perfectly capable of fixing.

This particular vulnerability stems from a little-known capability in Mozilla. I’m sure there was a legitimate use for it at one time, but were Mozilla being designed and rewritten from scratch today, I can’t see how it would possibly be implemented because the potential for abuse is huge. The code’s gone now. It won’t be in Firefox 0.92 or the next revision of the Mozilla suite.

Will there be other instances of this? Sure. Probably less of it, since Mozilla was a total rewrite of Netscape and the engine is entirely different from the one in Netscape 4.x. The IE codebase goes back to the early 1990s, as it’s based on the old NCSA Mosaic code, which Microsoft licensed from Spyglass. (Go into IE and hit Help, About to see for yourself.) There’s much more potential for harmful dead wood in IE than in Mozilla, but the presence of some in either is inevitable.

But at the end of this year’s storm season, I expect Mozilla to come out a lot stronger because most of the dead wood will be shaken out. I don’t expect the same from IE. The codebase is too old, the teams too disparate, and the motivations behind the changes that have been made were too different from Mozilla.

I’m standing by my browser.