I had an old system open today. I’ll call it Austin Powers because it lost its mobo. But anyway, it had 64 MB of RAM in it that I didn’t realize I had (I thought it had 32, or at most, 48). So I pulled out the four 16-MB SIMMs, opened up my P120, pulled its four 8-MB SIMMs, and replaced them. While Linux is OK in 32 megs if you set it up right (using a lightweight window manager instead of KDE or, worse yet, Enlightenment, pulling out the daemons that provide services you never use, such as BIND and sendmail), it’s a lot happier with 64. I still need to really optimize it, but for a P120 I’m very impressed. If I could get AbiWord to work with O’Reilly’s templates, I could use it to write books.
LoveLetter is just a symptom of worse things to come
The virus parade continues. I saw some really disturbing speculation on BetaNews today. Of course there’s the news of 10 variants on VBS.LoveLetter. Worse yet, there’s speculation of what kind of havoc a trojan horse jumping on ICQ could cause. I don’t know if ICQ is scriptable, but what if someone implemented a program that contacts the ICQ network (possibly by borrowing code from one of the open-source Linux ICQ clones), then sends itself to all of your ICQ contacts? A lot of ICQ users indiscriminately accept and run any file sent to them. Just another conduit. Hopefully it’s beyond most virus writers. (Most virus writers are on my programming level. If I download a real program, you know, like an open-source Linux utility, I’m pretty clueless about four lines in. I can follow virus code, because it’s simple.)
Microsoft really needs to start giving a rip about security. I know it’s fashionable to bash MS, but I was bashing them back in 1990 and never really stopped, so hear me out. There’s just far too much exploitable scripting capability in contemporary MS products. Worse yet, these languages don’t abort on errors anymore, which creates a breeding ground for new viruses. When two viruses merge, the code still executes. The gibberish that in days of old would have stopped the program today gets passed over and the program keeps running. I can see popping up a dialog box that says “Run-time error,” with two buttons (continue and abort). I longed for that years ago when I still aspired to be a programmer. But no, that’s not dummy-proof enough.
Well, guess what? Now our computers are so dummy-proof that they’re time bombs. Thanks Bill. Now we still can’t get any work done. Used to be because it was too hard to figure out. Now it’s because our computers keep getting their system files wiped out.
I saw an Amiga 1200 on eBay for about $75 the other day. Time to throw these MS-infected PCs out the door of a low-flying plane over the Redmond campus, (yes, I know there’s a perfectly good possibility they’ll hit someone) and replace them with real computers that are reliable and not afraid of asking the user a question.
But I know good and well I’ll probably just abandon Windows as a primary OS and just run it in VMWare sessions. At least then, when Windows decides to take a dump all over itself (or let some virus do it), the mess is confined. Not that I have a virus problem because I open things in Notepad before doing anything with them, but we’ve already been through that.
Another observation. This one’s shorter, I promise. Are we so love-starved that we’ll open some attachment called “love letter” without even looking at it? That all of our better judgment gets suspended until it’s too late? (I ask as U2’s “Who’s Gonna Ride Your Wild Horses,” which might as well be about my last serious relationship, comes on over my.mp3.com–very funny.)
Hey, there’s a song in there somewhere. “Love by Outlook.” Hmm. Time to go give the synth a workout.
Oh yeah. That question I asked. I don’t have a good answer for it. An evangelist in Columbia thought he had the ultimate answer. Didn’t work. So I ended up moving to St. Louis to get a new start. New old familiar territory, got a new job, signed a book deal, and life was good again. I doubt that’ll work for everyone else. But it’s a lot better than an e-mail attachment.
Stand up the RIAA and use MP3.com
Saturday, 5/6/00
Stand up to the RIAA. Speaking of fighting the machine… I think I hate the RIAA as much as I hate Microsoft. (Hey, I can hate institutions or organizations–they’re not people.) If you haven’t checked out My MP3.com yet, click the link and try it. If you have a dialup connection its usefulness is limited, but if you have broadband, you can essentially store your CD collection anywhere (alas, a lot of the stuff I own and like is out of print and not in their database). I can’t legally put a good Modern Rock radio station on the air, but I can beam up my collection and create a playlist so I at least have something to listen to.
I don’t see much room for abuse here. Sure, I could borrow some friends’ CDs and beam them, or send them my account info and have them do it, or go on a used CD binge and then sell them all back after beaming, but that’s not likely.
The RIAA just doesn’t get it. Look at the Grateful Dead, for Pete’s sake! Now, I’m not a Dead fan at all. But I can’t deny their success. They were the single most pirated band in history (if you can call it piracy, since they set up sections in their concerts specifically for fans who wanted to tape the shows), and one of the most successful both in terms of record sales and ticket sales. Part of that, I’m sure, is because they had such a huge catalog of songs that you didn’t know what you’d get because every concert was a unique experience (drugs or no drugs). But that’s a lesson to today’s musicians too, isn’t it?
When the RIAA gets its injunction against MP3.com I don’t know how much of my collection will still be available to me, but I’ll take my chances. For the short-term, I’ve managed to recreate an idealistic version of my favorite radio station from about six years ago, without the two songs on their playlist that annoyed me the most (“Trout” by Neneh Cherry and “Connected” by Stereo MCs). Now if I could just figure out why my Best of Elvis Costello and the Attractions won’t beam…
Optimizing Windows climbs the charts in Canada
Optimizing Windows is popular in Canada. I happened to check this morning, and noticed that Amazon lists Optimizing Windows as their second-best selling book in Canada. It must be riding the wave from Sandy McMurray’s recent glowing review. The title that’s outselling mine is a self-help book about sex. There’s a joke there somewhere.
So, thanks again to those of you who’ve bought it, especially those of you who happen to live in Canada–now I’ve got something to talk about at work.
One of my friends tried to set me up with the line, “I know what’s really popular in Canada…” I didn’t take the bait. Popular in Canada…? Well, one of the guys at work was griping about his econoflush toilet the other day as I fixed his Mac (there’s a joke in there somewhere too), and talking about how it’s still legal to make the old-fashioned megaflush toilets for export, so they export them to Canada, then people drive up to Windsor, Ontario, buy them, and carry them back across the border. This is incredibly fuel-efficient, by the way–aren’t environmentalists clever? He was lamenting that he hadn’t done that the last time he was in Detroit. So I said, “What, toilets made in the USA?” That got me a funny look.
[Optimizing Windows did reach #1 a few weeks later, giving me five minutes of fame. It fared reasonably well in Britain as well. It never did sell well in the States.]Dave’s rules for safe e-mail usage
Dave’s rules for safe e-mail usage. Please feel free to copy and paste and save this for future use. Print it out and hang copies next to your users’ monitors if you want. Make a poster out of it, I don’t care.
1. Don’t execute unexpected attachments. There’s a lot of cutesy stuff going around out there. Do you know where it came from? Do you know that the person who sent it to you scanned it for viruses? Five bucks says they didn’t. Happy99.exe is a good example–it shot off nice fireworks, then proceeded to e-mail itself to people for you and replace a critical system file. How nice of it. I don’t care how funny or how cute some attachment is, I don’t run it. Period. I don’t have time to scan it for viruses, so I can’t run it safely, and I certainly don’t have time to recover from a formatted hard drive, so I delete all unexpected attachments. Usually I make time to mail the user who sent it and tell them not to send me that crap.
2. Think twice before double-clicking on attachments, expected or unexpected. Do you know what it is? If you can’t tell a GIF or a JPEG from a Word document or an executable, you have no business double-clicking on attachments. Delete whatever it is. It’s better to miss the joke than to end up with a formatted hard drive (which you don’t have time for–see #1).
3. When in doubt, ask questions. Don’t be afraid to shoot back an e-mail message asking what an unexpected piece of mail is before opening it. You think if my editor sent off an unexpected piece of mail saying O’Reilly’s cancelled my new book, I wouldn’t ask questions? Why should an unexpected attachment from him be any different?
4. Change your stationery. On one of my work computers, where I have to use Outlook (company policy–maybe that’ll change now), I changed my stationery. In addition to my name and title and contact info, I include a line that reads, “This message should have arrived without attachments. If there are attachments, DON’T OPEN THEM!” I have to remember to delete that line manually on the rare occasions when I do send attachments. But if a virus ever hits and I do inadvertently run it, at least its cargo goes out with a warning.
5. Don’t send people executable attachments. Better yet, don’t send them unarchived Word and Excel documents either. Zip them up first. They’ll transfer faster because they’re smaller when they’re zipped, and the person on the receiving end can have better peace of mind, because viruses generally don’t send out zipped copies of themselves, and infecting a zip file is much more difficult than infecting an unarchived file.
6. Avoid using attachments whenever you can. You have network drives at work? Use them. Save it to the network, then send a message telling your coworkers where to find it. Just found a hot new shareware program? Send the world a link to it, rather than the program itself. Involving fewer computers in the file transfer speeds up the transfer and lowers risks.
7. If you must view Word, Excel, and other MS Office attachments, do so with something other than Office. View Word documents in WordPad. Yes, WordPad is slow and dumb. That’s the point. It’s too dumb to let the virus do anything. Microsoft provides Excel and PowerPoint viewers. Download them and use them to view attached e-mail. Those viewers are too dumb to let viruses do anything too.
8. Fight the machine. The more you deviate from the norm (Windows 98, Outlook and the rest of MS Office, Internet Explorer), the less susceptible you are to viruses. Why do virus writers target MS Office on Windows? Well, besides it being the second-best virus toolkit in existence, it’s also extremely common. If I’m a bored loser who wants to hear about my own exploits on the news, I’m going to aim for the largest audience possible. That happens to be Windows/Office/IE. I can’t avoid MS Word, but I’ll take my computers to the pawn shop before I use Outlook and IE exclusively.
Alternative applications and OSs aren’t just trendier, they’re safer. If StarOffice or WordPerfect Office running under Linux will let you get your work done, think about it. You may be in the minority, but you’re a lot safer.
LoveLetter ruins my day
I hate viruses. So. I stumble in to work Thursday. I make the mistake of checking my mail before I’ve had my coffee. Mail from a VIP. “Please kindly check this …” I read no further. I spy an attachment, so I do exactly–in my mind–what it asks. I open the attachment in Notepad and look at it. Hmm. A VBscript program written by someone who doesn’t like school. Hmm. Wait, why’s this thing messing with the registry? Why’s this thing making copies of some files and deleting others? Crap! This is a virus! Who else did she send this to? Meanwhile a neighbor’s jabbering away at me about something or another. “Shuddup!” I tell him as I print it out. I print the code (4 pages I think), grab it, circle a couple of offending lines of code, then rush upstairs. Yep, you’ve got it. We were infected with the now-notorious “Iloveyou” virus.
Yeah, loser. I love you too, but only because Jesus says I have to love my enemies. So, God bless you, whoever you are. You’re gonna need that and more. Bad.
I located two infected computers, then I called the wisest, coolest head in the organization (our Unix ubermeister) for advice on how to proceed. This was a good 2-3 hours before Symantec had a fix posted on its Web site. He said he and one of our ace programmers had dissected the code and determined all of the changes it makes. He had registry entries to fix and files to look for. Armed with that info, I was able to put out the fire pretty quickly (silently reminding myself that using Netscape and Eudora instead of Internet Exploiter and Outlook sometimes really has its advantages), but it turned into a very draining day.
Selecting a mass storage medium
Thursday, 5/4/00
CD-RW vs. Zip vs. Superdisk. Mail from India.
I am writing from New Delhi, India.
I read your comments on the site concerning ‘super floppies’. I would be very grateful if you could help me in this matter.
I have been thinking for some time about whether to buy a CDR drive or a ZIP drive. Recently my computer was hit by the CIH virus. Some of my data was lost.
I am a graphic designer as well. Consequently I need to transfer heavy files of an average of 10-15 MB to the printers or to show to my clients. I have been using file splitting softwares of late — but now I feel the need of alternative means of carrying the data for them.
Also some people say that CDRW cannot be read by some CD ROMs. I primarily need the drives for data back-up and transferring 10-15 MB files b/w printers, clients and my office.
Should I be buying an HP CDR or an Iomega 250 MB zip drive ?
I would be extremely helpful, if you could help me in my decision.
Thanking you,
Anshuman Bhargava.
First off, I’m sorry to hear about CIH getting you. We really need to find other ways to amuse 15-year-olds.
You are correct that some CD-ROM drives won’t read CD-RW discs. It’s a sure bet that any drive more than about three years old (pre-1997) won’t. Drives made since 1997 are supposed to be able to read them, but that doesn’t always happen. But with CD-R discs selling for peanuts, at least in the United States, that’s not too much of a concern. I’m usually willing to spend 75 cents on a CD-R I only use once. (I try to think of it as wasting 75 cents, rather than wasting 600 megs when I use a CD-R to transport a 20-meg file. Somehow that seems less wasteful.)
I had a conversation at work about Zips vs. Superdisk vs. CD-R/CD-RW the other day. I have a Zip drive, and I use it exclusively for installing Windows on computers I can’t easily connect a CD-ROM drive to. That’s it. I don’t trust it with any data I value. I’ve just seen too many of them fail. I know graphic designers swear by Zips when they aren’t swearing at them, but I’ve seen too many disks and drives fail. The Superdisk looks good, and Imation is on more solid financial ground than Iomega so I’m much more confident that Imation will be around in 5 years than I am about Iomega, but the LS-120 superdisk is much less common, and its capacity is lower.
If I were in your position, I’d get a CD-RW drive (I like Yamaha and Plextor, though I’ve also used HP, Sony and Philips drives) along with a spindle of CD-Rs and CD-RWs. Once you have a good idea which of your clients can handle CD-RWs and which ones have to use CD-Rs, you’ll be in good shape.
From an archival standpoint, CD-Rs make me a lot less nervous than either Zip or LS-120, because they’re optical rather than magnetic. I have plenty of 15-year-old floppy disks still floating around, but I’m not very confident many of them are still readable. Longevity varies greatly depending on the quality of the media, but you should be able to expect a couple of decades at least from quality CD-R (Kodak, Taiyo Yuden, and Mitsui discs are the safest; Kodak is the easiest of the three to find), plus they’re cheap, plus they can’t be damaged by viruses or user error. I periodically burn everything that matters to me to CD.
I hope this helps.
Fixing Outlook address book problems
Outlook 97/98 Problems. First, some background. Some of my users at work discovered that groups within contact lists created in Outlook 97 couldn’t be edited after an upgrade to Outlook 98. I searched around for answers and didn’t find anything. At one point, I posted a question on Usenet, but never received an answer. Finally, one of my coworkers called Microsoft. Their suggestion didn’t work, but it led us to something that did. So, here’s the mail.
Hi,
I saw your post from 02/02/2000 concerning Address Book group problems with Outlook 98. We have discovered the same thing and are looking for a fix. All our Outlook 98 installations are upgrades from Outlook 97.
I would be very grateful if you could tell if you have got a fix for this.
With warm regards from Finland,
Kirmo Uusitalo
Yes. Install Internet Explorer 5 and Outlook Express 5. Outlook uses a lot of IE code and even some OE code, and evidently there are bugs in IE/OE4 that prevent Outlook 97->98 upgrades from working properly that were fixed in IE5.
Troubleshooting Windows keyboard shortcuts
Dave,
A friend of mine who uses Win98 has an irksome problem I don’t quite understand. Maybe you can shed some light on the matter.Whenever he boots up, all the launch keyboard shortcuts defined in his desktop icon shortcuts are gone. He can manually select each one and redefine them (O for Outlook, W for Word and so on), but the next time he starts up (reboots), they’re all gone again.
These are stored in registry…?
/ Bo
—
Bo Leuf
Leuf fc3 Consultancy
http://www.leuf.com/
I’ve seen that problem in 95, 98, and NT4. It appears that if Windows Explorer is the currently active application, they’ll work, but if some other app has focus, keyboard shortcuts on desktop icons won’t work. The only workaround I’ve found for this is to store keyboard shortcuts in the start menu. Those seem to work all the time.
I don’t think they’re stored in the registry, but I’m not sure where they’re stored. Win3.x had keyboard shortcuts too. If I had to hazzard a guess, I’d say they’re probably stored in the shortcut files in 9x/NT and in the program group files in Win3.x.
An easy firewall for Linux
Saturday, 4/29/00
PMFirewall. I recommended this firewall-builder for Linux a couple of weeks ago (from www.pointman.org). InfoWorld’s resident Linux guru, Nick Petreley, gives it his seal of approval this week here.
As for making it a standard part of distributions, I e-mailed Jacques Le Marois, president of Mandrakesoft, inquiring just about that possibility. (As an aside, wanna know one reason why I like Linux? Le Marois answers my mail! And sometimes he mails me! Meanwhile, I know neither Gates nor Ballmer give a rat’s behind about anything I think or say.) Le Marois had a team look into it, but informed me that it could be tough to integrate. I’m wondering if maybe it shouldn’t be integrated into the control panel, rather than as part of the setup process (it’s specialized, after all). Hmm. Maybe it’s time to mail him again…
[E-mail him I did. And I have no idea if my lobbying had anything to do with this or not, but Control Panel-based firewalling soon became a standard feature in Mandrake and other Linux distributions. –DF, 5/23/02]