What the press doesn’t want to tell you about Kaycee

Dave Farquhar General , , , , ,

Dan Bowman forwarded me a string of e-mail yesterday that raised a number of questions about the press. Apparently there is at least one reporter trying to find out how many people gave gifts to “Kaycee,” and that’s raising some concerns. Why? And why does the reporter want names and phone numbers? And how do you know if the guy’s legit or if he’s making some kind of sucker list?
Being a former reporter myself, Dan solicited my opinion. Maybe he figured a former reporter would recognize one of his own. And I do.

One concern was the reporter’s apparent use of a free e-mail address. This doesn’t cause me any great concern. Not all newspapers have a mail server because not every newspaper can afford to pay a mail administrator–or maybe they’re just not willing to justify keeping a full-time IT guy on hand who’d make more than the editor in chief. Plus there’s the portability issue–use a free, Web-based mail service, and you can read your mail from anywhere with Web access. No need to mess with VPNs or direct dialins or any of that nastiness.

Another concern is why does the reporter want a phone number. Practicality is one issue; a five-minute phone conversation can glean far more information than a mail conversation that takes all day. And the reporter probably wants to hear your voice; the sound of your voice tells a lot. The reporter can’t print that information, usually, but that gut feeling provides valuable guidance. Plus the reporter needs to verify that you really exist, which is something that anyone who had any contact with “Kaycee” will understand.

But if the reporter were any good, he’d be able to track you down, right? You bet he could. But that’s ruder than establishing contact via e-mail. You want the source to be as comfortable as possible. Plus it takes time to do that. In something like this, you’ll cast a wide net as painlessly as possible. If I were writing this story, my very first step would be to go to Weblogs.com, do a search on “Kaycee,” and when I find sites that mention her name a lot, I’d read the posts to get an idea of whether there was any relationship, and if I find any indication, e-mail that person. I may e-mail 100 people. But it only takes three sources to make a story.

Will the reporter honor your wishes, like not printing your full name, or your real name? Quite possibly. I know MSNBC’s Bob Sullivan knew Julie Fullbright’s identity. (Bob taught one of my journalism classes way back when, back when he was a grad student at the University of Missouri. I e-mailed him after his story hit the Web.) He didn’t publish her name–he said her identity couldn’t be confirmed at press time. A white lie? Kind of. But I know Bob didn’t knock on Julie’s door and confirm it. I don’t know whether he called her on the phone and asked if the pictures were her yet still chose to say her identity was unconfirmed. Bob said he wanted to protect her privacy, and knowing Bob, I take him at his word on that. If this was going to turn into a three-ring circus in the press, Bob didn’t want to be the ringmaster. Once her identity became common knowledge, you started seeing her mentioned by name in the news too, and not just on the Weblogging sites.

Chances are very good that the reporter(s) will talk to dozens of people and probably run the best quotes he gets from some of them. For example, I found a nugget in one of Dan Bowman’s messages: “Shelley would really like to know who ate her cookies.” Yes, on one level that’s funny. But baking cookies for someone is a fairly universal act of love, and just about all of us–even baking-challenged superbachelors–can understand the feeling of betrayal when you bake up a batch of cookies and send them to someone, then find out they never got to that person. And if that person didn’t exist at all, it hurts even more.

If you feel like you should give the reporter a piece of information but don’t want to be quoted, use the phrase “off the record.” Most reporters honor that. If you can give them someone else who’ll corroborate what you say, the reporter is even more likely to honor it. Even if that someone else wants to remain anonymous, once three people say something, a reporter can pretty much count it as fact. And since there is some danger of retribution, a reporter will honor that. Most reporters have a soft spot in their hearts for people in danger.

I know you’re nervous about talking about this with a reporter, because I was a crime reporter. Being taken for money is one thing. People don’t like to talk about that because they don’t like to think of themselves as suckers. I know that. Any reporter you’re likely to talk to knows that. But being taken for love is entirely different. People are far less likely to talk about that. Any reporter you’re likely to talk to knows that too. All too well. He or she isn’t likely to do anything to hack you off when good sources are hard to find.

Why is the press taking this angle? Well, the root word of the word “news” is “new.” This is a very old story by news standards. This is the only angle left to take, and the national media has probably stopped caring. If it turns out that more than $1,000,000 worth of gifts were sent to Kaycee, then it’ll become a national story again. If a few hundred people sent postcards and cookies and trinkets, I doubt you’ll hear about it anywhere but in Kansas and Oklahoma newspapers. But in rural Kansas and Oklahoma, anything new that comes about in this case is news.

Why can’t the reporter just read your Weblog? There’s a decent chance s/he already has. But the reporter will want to know how you feel about this now. (That “new” thing again.) And no one wants to print exactly the same quote some other paper did. If you interview the person yourself, your chances of having verbatim quotes lessen.

Is the reporter in cahoots with the FBI or local law enforcement agencies? Probably not. That would be a conflict of interest. It crosses the boundary between reporting news and creating news.

And how can you tell if a reporter is legit? Do a Web search on the reporter’s name. Chances are it’ll show up somewhere. I did a Google search on the reporter’s name in this case, and the first hit had his name, his employer’s name, his editor’s name, and his newspaper’s phone number. If worse came to worse, I could call that number and ask for him. If he’s not there, you can ask whoever answers the phone if the reporter is working on a story along those lines. There’s no guarantee that person will know, but reporters do talk to one another, and future stories do come up in newsroom meetings.

Hopefully that helps people see this thing from a reporter’s perspective. And I suspect that’s probably the last I’ll talk about Kaycee here–the story seems to be losing momentum and people seem to be moving on. And that’s a good thing.

SPAM from Macromedia regarding Flash; Neatgear NICs; Crash course

Dave Farquhar General , , , , , , , , , , , ,

MAILBAG:
From: “bsprowl”
Subject: Spam ?? from Macromedia regarding Flash

I keep getting offers to down load Macromedia’s Flash. These aren’t e-mail type spam; a window pops up and asks if you want to download it.

I have find it very annoying to get these regularly. I have searched on it and find it will cost $399.00 plus tax and shipping for this web authoring tool after the trail period runs out.

Well duh, that’s expensive and I don’t want to write using it; I use Arachnophia (sp?) which is freeware, saving over $400 for the small bit of web development that I do.

There are also some security issues that I don’t want to deal with (although how a glorified text editor can cause security problems seems insane, the FAQs lead me to believe that it can happen.)

But why do I keep getting offers to download it from so many sites. The latest is weather.com, who you would think would not have ads of this type. And the ad pops up several times as I open the radar map and every time I refresh the map it pops up two or three more times.

I have tried to see if this spam is somehow tied to my computer and have used some of Steve Gibson’s tools ( grc.com ) and updated my virus definitions, etc., to eliminate or reduce it if it is hidden or my system. I found nothing.

Any suggestions?

Bob
~~~~~
I know exactly what’s going on. (My site isn’t bugging you about that, is it? If it is, Vinny and Guido will be knocking on a couple of people’s doors because off the top of my head I can’t think of anything I hate more than Flash and my site’s not *supposed* to be using it….) There’s nothing wrong with your computer. You’re getting that question because so many sites use Flash; and most sites, if they detect you don’t have the free Flash plug-in, offer to let you download it. You’d be downloading the free unlimited-use plug-in rather than some trial version of the $399 package.

But Flash animations are annoying (and mostly used by really blinky and obnoxious ads) so I don’t like installing it. I also don’t like the stupid dialog boxes (or sites that install it without asking permission, as some do). When a site offers to install Flash, I add it to the Restricted Sites zone (Tools, Internet Options, Security, then click Restricted Sites, then click Sites, then add, say, www.weather.com to the list). That shuts ’em up, unless they also use ActiveX, in which case IE will pop up a dialog box saying the page may not render properly. But at least they’ll quit bugging you about Flash.
~~~~~~~~~~
From: “Bob”
Subject: Re[2]: Spam ?? from Macromedia regarding Flash

Hello Dave,

Oh. Now I feel stupid for bothering you.

I never noticed Flash or Macromedia before this. I don’t really want to install it but I would like the weather maps to update automatically and also to show the past several hours.

I guess I’ll do a backup to CDW and then install it. I don’t have a lot on my system, the C: drive only has about 590 MB so it will fit on a single CD. Then if it’s a problem I can just go back to the original system.

I really am wasting that drive but then none of mine are full. I don’t download music, that’s why I have my stereo; I don’t even have a speaker plugged into my computer.

I don’t play DVDs; that’s what the VCR is for (although I haven’t used it more than once since I brought it; I don’t even know were the nearest video rental place is located.)

A year or two ago I tried to install the latest release of the Asteroids game which I though might be fun but after downloading half a dozen files from several sites (I need something called Direct X) it won’t run and neither would anything else. I tried it on several of my systems from an old 486 with DOS 6 and Window 3.11 to a system with a PII 450 and Windows 2K. I’ve never gotten a game more complex that Mahjongg to run on anything besides my old Atari, so it must be me.

I spend a lot of time reading and I like paperbacks so I don’t download books either. I do have a database of all of the books I’ve read in the last five plus years. And that is linked to my Palm so I no longer buy a book I have already read.

I find your sight to be most useful concerning computer technology and read it everyday. While most of the other daynoter’s are interesting, they are not nearly as useful. I really don’t care what they ate, etc.

Thanks again,

Bob
~~~~~
No problem, I’m sure you aren’t the first to have that question, and I’m sure others are asking, “How do I keep this #&%$ website from telling me to download Flash?” If not today, someday someone will want the answer to that question.

Most recent games do require DirectX, which you can download from here. If the DirectX version is too old, games will complain. The safest way to get a game running, if you’re willing to invest the time, is to build up a system, install Windows clean, then install the current version of DirectX, then install the game. That may be more trouble than you’re willing to go to.

I chuckled as I read the rest of your mail. About two years ago, a box of stuff showed up in my boss’s cube. Nobody knows where it came from. There was some ancient computer stuff, and there was some REALLY ancient computer stuff. One of them was a CompuServe manual, and I could tell from the logo and the hairstyles and tie widths that this thing was from 1984 at the very latest. I flipped through it and chuckled at the words that suggested 1200 baud was something new, and when my boss walked in, I held it up and said, “Now this is a relic from a time when computers were computers, and not washing machines and stereos and VCRs and TVs and fax machines and toasters.”

“You sound bitter.”

“No, just practical.”

I remember my Amiga’s simple elegance. Yes, it invented multimedia, but it knew what it was, and that was a computer, and it did a good job of being one. And I miss that.

And thanks for your compliments of the site. I try to be useful, and entertaining, and compelling. I don’t always succeed, but enough people come back that I guess I succeed often enough. I know Pournelle’s a better writer than I am, and both he and Thompson have a much deeper depth of knowledge than I do (they’ve also had more time to accumulate it). So I do the best I can, and try to make it as easy as possible here for people to find the stuff they do like.

Thanks for writing.
~~~~~~~~~~
From: “Steve DeLassus”
Subject: Neatgear NICs

OK, what’s the difference betwen a Netgear FA310 and an FA311? At the price mwave is hawking them, I am ready to pick up 3…
~~~~~
The FA310 uses the classic DEC Tulip chipset near and dear to all Linux
distros’ hearts. The FA311 uses a NatSemi chipset that only very recent
distros know what to do with. The FA311 should be fine with Windows boxes,
and it’s supposed to be fine with Mandrake 8.
~~~~~~~~~~
From: “Gordon Pullar”
Subject: Re Crash Course

Hi, I have just read your article in this months “Computer shopper” I am having trouble re-formatting my hard drive (which previously had WIN98SE on it and worked well!) I used FDISK( Got from WIN98 then WIN98SE.) to create a Primary DOS partition,using the whole disk,6.4 Gig. After that I reformated it, it now freezes at writing the FAT table,that’s if I get that far,4 times out of 5 using a boot disk,(I have tried several from differnet PC’s) It gets as far as “verifying pool data” and then freezes.I have checked the HDD drive out with Seagates own diagnostic software and all is OK.(Funny it always boots OK with the seagate software “Seatools”) Changed the IDE cable to the hard drive.I have flashed the BIOS with the latest version.

Is there anything else I could be missing??

Giga-byte GA 5AX motherboard
AMD K6 2 500 Mhz CPU
256 Mb pc100 Ram
Seagate 6.4 Gig ST36451A
HDD Generic video card

Regards

Gordon Pullar
~~~~~
First thing I’d do would be to try to get it to boot off a floppy, then type FDISK /MBR. Both of the problems you’re describing sound like a corrupted MBR, and I don’t think partitioning the drive will zero that out for you. If that doesn’t work, try zeroing out the entire MBR with the MBRwork utility (www.terabyteunlimited.com).

Failing that, I’d try using SeaTools to either low-level format or zero out the drive. Usually after doing that, a finicky drive will work just fine.

Bringing the Duron forward

Dave Farquhar General , ,

And my Duron is alive. Right now it’s an all-SCSI system, with a Plextor UltraPlex 40max and a 4.3 GB Seagate Medalist SCSI HD. It smokes. Any time I can turn on Show Window Contents While Dragging and play back full-motion video in Media Player while violently moving the window around the screen and the playback remains smooth, I’m impressed.
The floppy drives don’t work right because I somehow managed to mangle the cable, but I’ll replace it. One of these days. I’ve got a few spare floppy cables hanging around somewhere.

It’s running Windows 2000. I wanted a fast, reliable office suite, so I installed Office 95. Yes, five. It’s nice, stays out of my way, loads really fast, doesn’t crash much, and has some semblence of an idea of distinction between an OS and an application.

I dual-booted it with Mandrake 7.2 (I haven’t downloaded 8 yet). It’s nice. It’s quick. I made this post from Konqueror under Mandrake 7.2.

Look out City, Suburban Boy’s coming to visit!

Dave Farquhar General ,

St. Louis makes a huge distinction between St. Louis City and St. Louis County, much like most cities I’ve visited. One thing I’ll say for the City: Being older, it has a whole lot more character. The St. Louis suburbs are, well, for the most part pre-fab, cookie-cutter, chain-infested boroughs. An outsider would have a hard time telling the difference between Mehlville and Oakville. It takes some looking to find a building more than 50 or 60 years old, and chances are few of the buildings you do find will still be standing in 60 years. I live in the county because I work in the county, and the City taxes you if you live in the City but work in the county–the intent of that law is to punish executives who work in the City but live in ritzy suburbs like Clayton or Ladue or Town & Country, but young professionals like me who live in the city because we like it but who happen to be employed in the county take a tax hit. Really, that kind of living should be encouraged–we’re bringing suburban money into the city, and during rush hour we’re driving against traffic, lessening congestion. And young professionals tend to eat out a lot and spend lots of money. If anything, there should be a slight tax incentive to live in the city and work in the county. But, once again, there are obviously issues involved here that are beyond the capacity of my little brain.
So I now live in the suburbs. But I prefer the City because I like character, and St. Louis is an old enough city to have some character (Europeans will scoff at that, but consider our standards–and really, you can develop some character in 150-200 years).

I’m meeting two friends for lunch later today. Both of them live in the City. One asked where to meet and where to go. I didn’t suggest Burger King in Oakville. But, typical of males, none of us could decide where to go, so I piped in. “Well, aren’t we just the bastions of decisiveness. Look, I’m Suburban Boy. There are great places in both of your neighborhoods, but I don’t know what they are. I’ll defer to your better judgment.”

Well, there’s a deli within a mile or two of where one of them lives that’s supposed to be out of this world. So that’s where we’re going. I know, in this day and age Subway has totally homogenized our idea of a deli, so a good local deli, when you can find one, is a delight. Two local chains used to have locations near where I work. There was Ruma’s, in Concord Village, which was good, and there was Amighetti’s in Crestwood, which was to die for. Both locations are now a Quizno’s. Quizno’s isn’t bad but you can’t get a giant pickle there like you could at Ruma’s, and there’s nothing on Earth that compares to Amighetti’s bread–you could cook yourself up a big ol’ hunk o’ tire and put it on Amighetti’s bread and it’d taste good, if not fabulous. And it didn’t hurt that the girls who worked there were all drop-dead gorgeous. Man, I miss that place. St. Louis has a great Italian heritage, and we’re willing to sell it all out to Subway and Quizno’s.

So.. A neighborhood deli where I can eat outside and converse with two really cool people… Sounds great to me.

No, this is still the old server.

Dave Farquhar General , ,

The new server works, but I got sidetracked last night. I had to take care of a weird work problem, and I ran out to a bookstore where the girls who work there seem to have this competition to see who can be the nicest, and then I came back home and had a long phone conversation with an old friend I hadn’t talked to in a couple of years. Between all that and trying to make some sense of Steve Gibson’s latest discoveries and trying to figure out what he wants and whether I agree with him, my server just kept chugging along.
I need to make my homebrew spam filter too. I’m thinking I’ll press a 486 into that duty, at least initially. I’m out of good PCs to experiment on. Once I get it working, if it’s slow, I’ll get some parts and build something better to block the onslaught of spam.

Oh, speaking of spam, for those of you who have Web pages… If you obscure certain characters in your e-mail address–sub in the raw ASCII code for the at sign and the period and one or two letters–most spam bots can’t harvest it. I need to do that for my pages. I’ve also found some cool-sounding traps for spam bots, including one that tries to dynamically figure out the spambot’s IP address, then feeds it accounts like abuse@owner.com and postmaster@owner.com. If they work, I’ll most certainly toss them your way.

We can’t give hackers anything else to work with

Dave Farquhar General , , , , , , , , , , , ,

Thanks to David Huff for pointing this link out to me (the good Dr. Keyboard also passed it along). Steve Gibson was hacked last month, and he wasn’t very happy about it. So he set out to learn everything he could about l337 h4x0rs (elite hacker wannabes–script kiddies). What he found out bothers me a lot.
Kids these days. Let me tell you…

In my day, 13-year-old truants (those who had computers and modems) used their modems to dial 800 numbers over and over again long into the night, looking for internal-use-only numbers. Armed with a list, they then dialed every possible keycode combination looking for PINs. Then they’d use that information to call long-distance on the telco’s dime. They’d call BBSs, where they’d swap the previous night’s findings for more codez, cardz (credit card numbers), warez (pirated software), or porn.

I never did those things but I knew a lot of people who did. They’d drop off the face of the earth on a moment’s notice, and rumors would go around about FBI busts, computer equipment being confiscated, kids being hauled off to juvenile detention center… And some of them never came back. Some of them cleaned up. Others, who knows? I heard a rumor about one of them running away to Las Vegas after he got out. And some just got hold of their old contacts and went right back to business. One of my friends cleaned up–the huge phone bill he got was enough of a reality check that he stopped. Whether it was a moral reason or just fear of getting caught again, I don’t know. I knew another who got busted repeatedly, and he’d call me up and brag about how his line was tapped, throwing in the occasional snide remark to whoever else might have been listening. I remember our last conversation. He sent me some code (all of the guys I knew were at least semi-competent 6502 assembly language programmers) and we talked music. I’d been fascinated by that subculture, though I never did anything myself–I just talked to these guys (partly out of fear of getting caught, partly because I did want to have some semblence of a life, partly because I didn’t want to kiss up to a bunch of losers until I’d managed to prove I was elite enough), but at that point I was 16, I’d published once, and I realized as the conversation ended that my fascination with it was ending also. It was 1991. The scene was dying. No, it was dead and pathetic. These “elites” had become the butt of jokes–they were risking arrest so they could call Finland for free and pirate Grover’s Magic Numbers, for Pete’s sake! I guess I was growing up. And I never talked to him again. (I don’t even remember this guy’s real first name anymore–only his handle.)

I guess if I’m going to be totally honest, the only thing that’s really changed are the stakes. I want to say my generation wasn’t that bad… But I don’t know.

Essentially, some guy going by “Wicked” had zombies running on 474 Windows PCs. Some of “Wicked’s” buddies took issue with Gibson talking about script kiddies–they thought he was talking about them–so they told “Wicked” to take him down. And he did. And he bragged about it.


"we will just keep comin at you, u cant stop us 'script kiddies' because we are
better than you, plain and simple."

Now, when someone annoys me, I find out what I can about the guy. At 26, I do it to try to get some understanding. At 13 I didn’t necessarily have that motivation, but I did at least have some basic respect. And anyone claiming to be better than Steve Gibson… Gimme a break! That’s like walking up to Michael Jordan and saying you’re better on the basketball court, or walking up to Mark McGwire and saying you can hit a baseball further, or walking up to Colin Powell and telling him you can beat him in a war. And anyone who’s ever written a line of assembly language code and read any of Steve Gibson’s stuff knows it. And it’s not like the guy’s exactly living in obscurity.

Well, Gibson was diplomatic with this punk. And his reasoning and his respect softened him. He called the attacks off. Then they suddenly started again, and Gibson got this message:


is there another way i can reach you that is secure, (i just ddosed you, i aint stupid, im betting first chance ud tracert me and call fbi) you seem like an interesting person to talk to

Say what? You want to talk to someone, so you blow away every other line of communication and ask if you can talk? Now I can just picture this punk once he gets up the nerve to go talk to a girl. He knocks on the door, and the first words out of his mouth are, “I just tesla coiled your phone line so you couldn’t call the cops, but…” Then he’d toss some Kmart pickup line every girl’s heard a million times her way, and hopefully she’d smack him and run to the neighbors’ and call the cops.

For some reason people get hacked off when you do something malicious to them.

Well, Gibson reverse-engineered some Windows zombies and followed them into a l33t IRC channel where he had another interesting conversation. I won’t spoil the rest of it.

Now, I admit when I was 13, I was a mess. I was insecure, and I had trouble adjusting. My voice was cracking, my skin was oily, and I was clumsy and gawky. And I didn’t like anyone I knew when I was 13, because I was the class punching bag. Part of it was probably because I was an outsider. This was a small town, and I wasn’t born there, which was a strike against me. If you got all your schooling there you were still OK. I came in the third grade, so strike two. And I didn’t want to be a hick, so strike three. I liked computers, and in 1987 that was anything but cool, especially in a small town. And everyone thought I was gay, because I didn’t hit on girls and I didn’t have a huge porn collection–and there aren’t many worse things to be in southern Missouri, because it’s still a really bigoted place (and since girls made me stammer, it’s not like I could have proven I was straight anyway). And I had goals in life besides getting the two or three prettiest girls in the class in bed. (Yes, this was 7th grade.) So I guess I was oh-for-two with two big strikeouts. And since I was five feet tall and about 90 pounds, if that (I’m 5’9″, 140 now, and I was scrawnier then than I am now) I couldn’t exactly defend myself either. So I was an easy target with nothing to like about me.

I guess “Wicked” sees Steve Gibson as a five-foot, 90-pound outsider with a really big mouth, so he’s gonna go pick on him. Then he’s gonna go hit on the 13-year-old girl who looks 18, and he thinks taking down grc.com is going to make her swoon and tell him to take her to bed and lose her forever. But since she has a life, she doesn’t give a rat’s ass about whether grc.com is up or down, so hopefully she’ll smack him but I doubt it.

Yeah, I want to say the solution is to make things like they were in 1987 but bullies are bullies, whether it’s 2001 or 1987 or 1967. AD or BC, for that matter.

I want to say that accountability to a higher being will solve everything and make kids behave, but I know it won’t. That grade-school experience I just described to you, with 13-year-olds making South Park look tame and trying to get in girls’ pants? You know where that happened? A Lutheran grade school. Introducing the kids to God won’t fix it. Establishing a theocracy won’t fix it. In college I wrote a half-serious editorial, after a pair of 6-year-olds in Chicago murdered a four-year-old by dropping him out of a 20th-story window after he refused to steal candy for them, where I advocated the death penalty for all ages–maybe then parents would keep an eye on their kids, I reasoned. But I know that won’t fix anything either.

Steve Gibson doesn’t offer any answers. He’s not a social engineer. He’s a programmer–probably the best and most socially responsible programmer alive right now. And what Gibson wants is for Microsoft to cripple the TCP/IP code in Windows XP, so the zombies these script kiddies use don’t gain the ability to spoof come October.

Frankly, I wish such a castrated TCP/IP stack, with raw sockets capability removed, were available for Linux. My Linux boxes are a minimal threat, being behind a firewall and only having a single port exposed, but I’d cripple them just to limit their usefulness to a script kiddie just in case.

Why? Screw standards compliance. The standard for mail servers used to be to allow them to be wide open so anyone could use one, just in case their mail server was down. It was all about being a good neighbor. Then spammers trampled that good faith, so open relays are now the exception, not the rule.

Maybe there’s some legitimate use for raw sockets. I don’t know. But I know nothing I use needs them. So why can’t I run a stripped-down TCP/IP on all my boxes, so that in the event that I do get compromised, my PCs’ usefulness is limited?

If software companies want to provide a full, standards-compliant, exploitable TCP/IP stack for esotetic purposes that need them, fine. Do it. But don’t install it by default. Make it a conscious decision on the part of the systems administrator.

Let’s just get one myth out of the way. The Internet isn’t going to change the world. So when the world does stupid things, the Internet’s just going to have to change instead.

More TurboLinux

Dave Farquhar General

Server update: I broke it. That’s the way you learn. I’m thinking I’ll go live with it June 1 anyway.
I found a really cool feature though. TurboPkg is an RPM utility that comes with TurboLinux that queries an FTP server, compares the packages there with the packages you have installed, and highlights the packages that have been updated. Run it after installation (kind of like running Windows Update on W2K), then run it periodically to make sure you’re up to date. I thought Mandrake had something similar but I’m not positive–I have to admit I have Mandrake dual-booting with Windows on a couple of machines, but I don’t use Linux as a workstation much, and when I do use it I don’t pay much attention to the GUI–I open a console and execute just about everything from there because it’s a lot faster to just type an app’s name than it is to dig for its stupid icon. I love it as a server OS but for day-to-day work I use Windows, mostly because that’s what I make money writing about.

Blame Dubya!

Dave Farquhar General

Would someone please explain to me how it’s George W. Bush’s fault that people started buying gas-guzzling cars again in the mid-1990s, driving up the demand of fuel and thus the cost (though when you adjust for inflation, gas costs less today than it did in 1980, and it’s not that much more expensive than bottled water or soda), and how it’s George W. Bush’s fault that California is overpopulated? Please?
My tiny little brain just doesn’t understand, and my Mom taught me that when everyone else seems to have the problem, chances are it’s really you who has the problem. So since everyone else understands this, I must have the problem, so, please, enlighten me.

And, also, would someone please tell whether the disappearance of the Lindbergh baby had anything to do with George W. Bush? I’m starting to wonder.

Memorial Day in St. Louis

Dave Farquhar St. Louis ,

I made a big mistake at work yesterday. I let someone be unreasonable and ruin my day. No, I don’t want to talk about it. I’d rather go back to a happier time… like Monday.
On Monday, Gatermann and I went out shooting. He’s experimenting with high-contrast b&w photography and I wanted some harsh and stark pictures of myself in an urban setting, so we went driving around in the warehouse district. We found a great source of used car parts–drive around the right places, and you’ll find tires, hubs, car batteries, mufflers, and even gas tanks just sitting there, and no one complains if you take them. I even found a couple of tires mounted on hubs. They must make them in some of those old buildings or something.

But that wasn’t what we were looking for. We were looking for good shots. Well, we found a building that they’re tearing down, and one corner that’s still standing has a really big word painted on it, descending down the building: “Fresh.” Gatermann said he’d be coming back when more of the building was gone to get a shot of that. And Gatermann got a shot of a modern train running past the old, abandoned, St. Louis Southwestern Railroad (aka The Cotton Belt Route) freight depot on the riverfront.

And we found some neat-looking doorways for me to stand in while he took some shots.

We drove around some more, and Gatermann said he knew of a really neat-looking trestle nearby, so we went there. It’s been years since the trestle’s been used, but someone still mows under it. We got a few shots, then Gatermann looked over to the left. Next to a building, there were a few coal hoppers just sitting there. “Let’s get a shot of you standing between those two cars,” he said. I walked over there, then Gatermann said, “No, let’s go to the other side. With where the sun is, we’ll get backlighting there.” So we walked to the last car, stepped over a rope that was blocking our way and totally ignored the sign on the rope, and then one of us noticed a sign on the door of the building: Danger. Radioactive. Keep out. I looked at the signs on the fence next to the building: Radioactive contamination. Keep out. Gatermann and I looked at each other. “Maybe it’s not a good idea for us to be here.”

We stepped back over the rope and read the sign: Radiological buffer zone.

I looked at Gatermann. “Well, that was probably the smartest thing we’ll do all day.”

As we drove off, I noticed some more signs on that fence: Guard dog on duty. Guard dog? Isn’t radiation that’s bad for us bad for dogs too?

Chances are one of the sets of signs was lying. Maybe both of them. But that just didn’t seem to be the place to be that afternoon.

We weren’t the only ones to think that. Apparently some people think the thing to do in St. Louis on Memorial Day is to go find a warehouse, preferably with a loading dock that you can use like a porch, pack up the lawnchairs and the grill, and barbecue there with your family or a bunch of your buddies. You’ll have to ask Gatermann why that is, because I’m not a St. Louis native. I just live here. I don’t even like pork steaks.

But no one was BBQing at the House of Radioactivity. I guess no one wanted to know whether the barbecue would cook faster there. Or maybe they just didn’t want to share with the dog.

How to get mod_gzip working on your Linux/Apache server

Dave Farquhar Linux , , , , ,

My research yesterday found that Mandrake, in an effort to get an edge on performance, used a bunch of controversial Apache patches that originated at SGI. The enhancements didn’t work on very many Unixes (presumably they were tested on Linux and Irix) and were rejected by the Apache group. SGI has since axed the project, and it appears that only performance-oriented Mandrake is using them.
I don’t have any problem with that, of course, except that Mod_Gzip seems to be incompatible with these patches. And Mod_Gzip has a lot of appeal to people like me–what it does is intercept Apache requests, check for HTTP 1.1 compliance, then compress content for sending to browsers that can handle compressed data (which includes just about every browser made since 1999). Gzip generally compresses HTML data by about 80 percent, so suddenly a DSL line has a whole lot more bandwidth–three times as much.

Well, trying to make all of this work by recompiling Apache had no appeal to me (I didn’t install any compilers on my server), so I went looking through my pile-o’-CDs for something less exotic. But I couldn’t find a recent non-Mandrake distro, other than TurboLinux 6.0.2. So I dropped it in, and now I remember why I like Turbo. It’s a no-frills server-oriented distro. Want to make an old machine with a smallish drive into a firewall? The firewall installation goes in 98 megs. (Yes, there are single-floppy firewalls but TurboLinux will be more versatile if you’re up to its requirements.)

So I installed Apache and all the other webserver components, along with mtools and Samba for convenience (I’m behind a firewall so only Apache is exposed to the world). Total footprint: 300 megs. So I’ve got tons of room to grow on my $50 20-gig HD.

Even better, I tested Apache with the command lynx http://127.0.0.1 and I saw the Apache demo page, so I knew it was working. Very nice. Installation time: 10 minutes. Then I tarred up my site, transferred it over via HTTP, untarred it, made a couple of changes to the Apache configuration file, and was up and going, sort of.

I still like Mandrake for workstations, but I think Turbo is going to get the nod the next few times I need to make Linux servers. I can much more quickly and easily tailor Turbo to my precise requirements.

Now, speaking of Mod_Gzip… My biggest complaint about Linux is the “you figure it out” attitude of a lot of the documentation out there, and Mod_Gzip may be the worst I’ve ever seen. The program includes no documentation. If you dig on the Web site, you find this.

Sounds easy, right? Well, except that’s not all you have to do. Dig around some more, and you find the directives to turn on Mod_Gzip:

# [ mod_gzip sample configuration ]

mod_gzip_on Yes

mod_gzip_item_include file .htm$
mod_gzip_item_include file .html$
mod_gzip_item_include mime text/.*
mod_gzip_item_include mime httpd/unix-directory

mod_gzip_dechunk yes

mod_gzip_temp_dir /tmp

mod_gzip_keep_workfiles No

# [End of mod_gzip sample config]

Then, according to the documentation, you restart Apache. When you do, Apache bombs out with a nice, pleasant error message–“What’s this mod_gzip_on business? I don’t know what that means!” Now your server’s down for the count.

After a few hours of messing around, I figured out you’ve gotta add another line, at the end of the AddModule section of httpd.conf:

AddModule mod_gzip.c

After adding that line, I restarted Apache, and it didn’t complain. But I still didn’t know if Mod_Gzip was actually doing anything because the status URLs didn’t work. Finally I added the directive mod_gzip_keep_workfiles yes to httpd.conf and watched the contents of /tmp while I accessed the page. Well, now something was dumping files there. The timestamps matched entries in /var/log/httpd/access_log, so I at least had circumstantial evidence that Mod_Gzip was running.

More Like This: “/cgi-bin/search.cgi?terms=linux&case=insensitive&boolean=and”>Linux