macintosh

Barfy.

Dave Farquhar Personal, Servers and Networking, War Stories , , , , , , , , , , , , , ,

I started my professional career doing network administration at the University of Missouri. (I generally don’t count my stint selling low-quality PCs at the last surviving national consumer electronics chain towards my professional experience anymore.)

Read more

Buffer overflows explained

Dave Farquhar security , , , , , , , , , , ,

Buffer overflows are a common topic on a Security+ exam. The textbook explanation of them is confusing, perhaps even wrong. I’ve never seen buffer overflows explained well.

So I’m going to give a simplified example and explanation of a buffer overflow, similar to the one I gave to the instructor, and then to the class.

Read more

My hot water heater: 1984-2008

Dave Farquhar General , , , , , , , , , , ,

I think my hot water heater died today. I thought my shower seemed colder than usual today, and in the late afternoon my wife reported no hot water in the kitchen.

It could be something simple, but even if it is, it’s time.Let’s consider this. In 1984, Ronald Reagan was president. The Kansas City Royals went to the playoffs. The big name in video games was Atari. People were predicting that video game consoles had no future. The big names in personal computers were (alphabetically) Apple, Commodore, IBM, and Radio Shack. Only one is still in that business. It was the year that Chrysler popularized the minivan. It was the year Apple introduced the Macintosh, popularizing the graphical interface and the mouse. Not only did MTV still play videos, but that was all they played. Not every home had a VCR. For that matter, not every home had a microwave. It cost 20 cents to mail a letter, and on average, a gallon of gas cost $1.21. (I remember it being a lot less than that in Missouri.)

The world that built that hot water heater is a lot different from the world we live in today.

About four years ago, a plumber came out to work on it. It was giving me problems then, but under the conditions of my home warranty, he had to bubblegum it back together. I asked how long it had. He said its realistic life expectancy was about 12 years, so it was about 8 years beyond that. It could last another six months, but it could last years.

So now the question is what to replace it with. The stingy Scottish miser in me sees tankless water heaters claiming to save you $150 a year and really likes that. I went to Lowe’s this evening and tried to buy one. There were several reasons why I don’t own one right now.

First, they don’t keep very many in stock. They had exactly one, even though their website said they had two of two different models. The one they had wasn’t the model I really wanted.

Two, they don’t install them. They’ll sell one to you, but then you have to find someone to install it on your own.

Three, they cost more to install than a conventional tank heater. Sometimes as much as the heater itself.

And then I found a controversial column that did the math, and said that a tankless heater might not actually save you any money anyway. I can’t find fault with his logic.

One thing I noticed is that the tankless heaters that the big-box stores sell are 85% efficient. The tank heaters are 76% efficient. The propaganda for the tankless heaters always assumes lower efficiency than that. As best I can tell, the heater I have is 67%, a little lower than the literature assumes.

So it seems to me that if a tankless heater that’s 18% more efficient than what I have now will save me $100-$150 a year, then a conventional heater that’s 76% efficient ought to save me $50-$75 per year, right?

The tank heaters sell for around $320, and installation is about $260. By the time you pay for taxes and the nickel-and-dime extras, it’s $600-$700.

Half the savings for 1/3 the price sounds pretty good. And I can buy one pretty much anywhere and have it installed tomorrow if I make the purchase before noon.

And it will pay for itself in 8-12 years. A tankless heater would pay for itself in about 13, if all the claims are true. If I make a mistake today, either way I go I’ll be likely to be revisiting it in about 12 years anyway. By then, tankless heaters will be more common and probably cost less than they do now (adjusting for inflation of course).

I’ll call the plumber who bubblegummed my old unit back together in the morning. Depending on what he says about the cost of installing a tankless heater, I’ll make a decision. But at this point, I think I’m leaning towards buying the most energy efficient conventional heater I can find.

Make something! Fix something!

Dave Farquhar General , , , , , , , , , , , , , ,

Clive Thompson: I’m sitting on the floor of my apartment, surrounded by electronic parts… It’ll look awesome when it’s done. If it ever gets done — I keep botching the soldering. A well-soldered joint is supposed to look like a small, shiny volcano. My attempts look like mashed insects, and they crack when I try to assemble the device.

Why am I so inept? I used to do projects like this all the time when I was a kid. But in high school, I was carefully diverted from shop class when the administration decided I was college-bound. I stopped working with my hands and have barely touched a tool since.

I can relate a little too well.I think part of the reason I was misunderstood for so much of my career was because I used to do stuff like this. I still remember the day when a new OS arrived for my Amiga 2000. It came on a ROM chip (remember those?) and some floppies to install. I had the Amiga completely disassembled, sitting on Dad’s orange OMT table in the basement. Dad came downstairs, his eyes got big and his jaw dropped, he pointed, and then looked at me. “You going to be able to get that back together?”

I barely looked up. “Yep,” I said, continuing whatever I was doing.

Granted, the Amiga’s design made it look like an onerous task–you had to remove the power supply, the assembly that held all the disk drives, and at least one plug-in card to get at the ROM chip I needed to replace. But at this point, I’d disassembled at least a couple of PC/XTs even further than that. It wasn’t long before I’d replaced all those parts that were strewn about Dad’s table and fitted them back into the case, just as they all belonged. I powered it up, and immediately knew I was successful–all those royal blue screens of Amiga DOS 1.3 were replaced with the gray screens of 2.1.

Dad watched me put it back together, and although he didn’t say much, I think he was impressed.

That wasn’t the only modification I did to that computer. Amigas operated a bit differently in Europe and in North America because of the differing video standards. Software designed for European Amigas didn’t always run right. There was a soldered jumper on the motherboard to switch between PAL and NTSC operation. I bought a small slide switch from Radio Shack, soldered a couple of wires to the motherboard, and ran them to the switch, which I hung out an opening next to the mouse port. Elegant? Not at all. Functional? Totally.

There were tons of homebrew projects for Amigas in the early 1990s. Some worked better than others. But you learned a lot from them. And I think that’s part of the reason I look at things differently than people who grew up with Macintoshes (a closed black box if there ever was one) and PCs. Sure, people have been assembling their own PCs from components for 20 years now (ever since PC Magazine declared on a cover that you could build your own PC/AT clone for $1,000). But there’s a subtle difference between assembling components and modifying them. No two 286 motherboards were the same, while the design of Amiga motherboards tended to change very little, giving lots of time for people to study and learn to tweak them.

So while the PC owners were swapping their motherboards, we Amigans were tweaking ours to give ourselves new capabilities on the cheap. And in the process I think we were learning more.

So I agree with Clive Thompson that I’m a lot less likely to take a salesperson’s claims at face value. And I think that gave me a lot less patience with people who are. With only one exception I can think of, I always worked well with (and for) people who’d taken a soldering gun directly to a motherboard or programmed in assembly language. Thanks to these rites of passage, we had a much better idea of how things worked. And it gave a certain sense of skepticism. Commodore’s own engineers didn’t know the full capability of the machines they built. So if the engineers who design a system can’t know everything about it, then what on earth can a mere sales drone know?

And that’s why I’m reluctant to buy anything that’s just a black box if I can avoid it. What if it breaks and needs to be fixed? What if I need to change something about how it looks or works? And besides that, if it doesn’t do what it’s supposed to do, I don’t want to just throw it out and buy a new one–I paid good money for it!

But I have my limits. A few years ago I checked out some books on repairing Lionel trains from the library. The books suggested using mineral spirits to clean out the old grease and oil from a motor and bring it back to life. That would be good advice, except for one thing: I had no idea what mineral spirits were (a kind of paint thinner), or where to buy them (a paint store or the paint aisle of a hardware or discount store). And have you ever tried to punch it into Google? Trust me, in 2003, there weren’t many answers. The Wikipedia article didn’t exist until 2005.

I’m sure there are lots of people who are laughing at me because I didn’t know what mineral spirits are. But I’ll bet you that if you were to go find my 120 or so high school classmates and separate out the males who lived in the suburbs whose fathers were white-collar workers, the overwhelming majority of them would have no idea what mineral spirits are either. Why not?

Because when we were growing up, we were college-bound. People like us didn’t need to know what mineral spirits are. We needed to know things like the fact that there’s no such thing as the square root of a negative number. (Yes, I know that’s not a correct statement–but those were the exact words of my Algebra II teacher, and those words cost me a lot a couple of years later.)

I even remember one time, a group of us were talking about something, and one classmate’s name came up. “He’s going to end up being a plumber,” someone snickered.

Never mind that the last time I had to call a plumber, my plumber most certainly made more money than I made that year, and he probably got a head start on me because he didn’t have to go to college for four years either.

One of the reasons plumbers make a good living is because so many people don’t even know how to shut off the water valve when their toilet leaks, let alone how to go about fixing that leaky toilet. For the record, I can shut off the water valve, but I don’t know how to fix the toilet. I’m hoping they’ll show me on This Old House sometime.

My gripe with DIY books today is that the authors don’t necessarily realize that there are one or possibly even two or three generations of readers who may very well not know the difference between a wood screw and a machine screw. They don’t learn it in school, and Dad might or might not know, but in an age when fewer couples marry and divorce rates are sky high, is Dad even around to tell them any of this stuff?

Today, I couldn’t care less about imaginary numbers. But I’m reading old DIY books, desperately trying to learn the lost arts of making and fixing things. Thanks to Disney and other useless companies, I can’t use a computer to locate digital copies of anything newer than 1922. That’s a shame, because it condemns all of the DIY books of the 1930s, 1940s, and 1950s to obscurity. They won’t be reprinted because there isn’t enough market for them, they aren’t worth the expense of hiring a lawyer to find out if they somehow slipped into the public domain before the laws started really changing in the 1970s, and they’re scarce enough that you won’t always find them where old books lurk, making them a bit more difficult to borrow or purchase.

That all but eliminates a golden age, limiting me to 1922 and earlier. But admittedly it’s very interesting to read how people made and fixed things in the decades immediately before and after the turn of the previous century. So many books today start out with a list of exotic and expensive tools before they tell you how to do anything. One hundred years ago, people didn’t have as much money to spend on tools, and since things like electricity weren’t necessarily always available, there weren’t nearly as many exotic and expensive tools to buy either.

I found an incredible quote in an 1894 book by Charles Godfrey Leland, a teacher and author from Philadelphia. “It is much better not to have too many implements at first, and to learn to thoroughly master what one has, and to know how to make the utmost of them. This leads to ingenuity and inventiveness, and to developing something which is even better than artistic skill.”

That’s not just good advice for metalworking, which was the subject of this particular book. That’s an excellent philosophy of life.

Unfortunately right now I have more time to read than I have to tinker. But I think once I have a little time to tinker again, I’ll be able to make some nice stuff. And maybe someday when someone says they don’t make ’em like they used to, I’ll be able to smile and say that I do.

Why I generally buy AMD

Dave Farquhar Hardware , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

I was talking to a new coworker today and of course the topic of our first PCs came up. It was Cyrix-based. I didn’t mention my first PC (it seems I’m about four years older–it was an Am486SX2/66).

With only a couple of exceptions, I’ve always bought non-Intel PCs. Most of the Intel PCs I have bought have been used. One boss once went so far as to call me anti-corporate.

I’m not so much anti-corporate as I am pro-competition.

Read more

Why first-generation flash SSDs are a bit disappointing

Dave Farquhar Hardware , ,

I’ve been waiting with anticipation for flash-based SSDs to come out. If you’re unfamiliar with these, they’re hard drives with no moving parts, so their life expectancy is 10 years, and they’re quiet, run cool, and they have virtually no seek time so for some tasks they’re lightning fast.

The best drives on the market, from what limited information is available, seem to be the Samsungs.The problem is that these drives have a sustained read speed of 50 MB/sec and write speed of 27 MB/sec. Under ideal circumstances, a conventional hard drive can exceed those numbers–especially the write speed. So what’s going on?

The main reason is that these drives have no cache on them. Conventional hard drives have a small amount of RAM that acts as a buffer between the computer and the platters. Today a budget drive has 8 megs of RAM. A lot of high-performance drives have 16, and I’ve even seen some that have 32.

The most frequently used data can come off this buffer at high speed. Writes can go to the buffer and the computer can get on with life, and the drive can write the data to the platters when it gets less busy. The other advantages of a solid state disk often can make up the difference when reading data, but if you’re writing a lot of data, the conventional hard drive wins the race most of the time.

SSDs could benefit from cache for one good reason: conventional RAM chips are still much faster than flash memory.

Now for the good news: I’ve read reports that the Samsung drive can boot Windows in 15 seconds and most common applications have single-digit load times. So if you don’t do a lot of writes, these drives can give you a performance boost.

The other complaint is capacity. You can pay $400 for a 32 gig SSD, which is more than you’d pay for a full terrabyte of conventional storage. For some people, this is a problem. Given the work I usually do these days, 32 gigs is plenty for me, and I could probably find ways to get by with 8. I just don’t keep a lot of huge data files around. But if I needed acres of data storage, I could load the operating system and my most critical apps on the SSD, and use the conventional drive for storage.

The old knock on flash memory was its finite lifespan. Put Windows’ swap file on a flash drive and let it run, and theoretically you could wear out the memory in a matter of days. And that’s always one of the first comments that shows up when the topic of flash drives comes up on sites like Digg and Slashdot. But today’s flash memory sustains more writes than the old stuff did, and newer drives use a technique called wear-leveling, where it distributes writes amongst the available chips. This technique makes the chips last a lot longer now, to the point where one respected tech journalist, Dan Rutter, actually recommends putting flash drives in old laptopos with maxed-out memory for the express purpose of holding a swap file. And Macintosh users have been using flash disks to soup up old Mac laptops for several years now. Flash disks give obsolete laptops a boost in both speed and battery life while reducing noise and heat, and it’s pretty safe to say that current technology allows a flash drive to last 3-5 years when used for this purpose, which is about as long as a conventional drive.

My next major system upgrade will probably be a Samsung SSD for at least one of my computers. It’d make a fantastic upgrade for my laptop, at the very least. The laptop will run faster (the hard drive in it is several years old, and I think it runs at 4200 RPM) and the battery life will improve considerably. I also like the idea of having a super quiet, cool-running desktop for the family room. But I definitely hope the second-generation SSDs will include some cache. Otherwise, there’s not much advantage to them over the old trick of buying a large, high-speed Compact Flash card and an IDE-CF adapter (Addonics is one source of these), as long as both the card and the adapter support UltraDMA.

Why your old computer or game system turned yellow

Dave Farquhar Retro Computing , , , , , , , ,

I found an article today telling why plastic cases discolor with age. It explains why your old computer or game system turned yellow.

Executive summary: It’s the nature of the material it’s made of.

Read more

How to get my job (2006 edition)

Dave Farquhar Personal , , , , , , , , , ,

It seems like every year or two, somebody asks me how to get my job. Given the way the last year or so has gone, I can’t believe anyone’s asking me that question, but it’s been coming back up again. I’ve made some mistakes in my career–obviously–but since I’m still in the field, I must have done a few things right too.

I guess it makes sense to trace my career and see what I would do differently.1984: Yes, it all started when I was 10. I’d wanted a computer for as long as I could remember, and that year, Mom and Dad finally bought one. I spent as much time messing with that old Commodore as I could. And when I wasn’t messing with that Commodore, I was reading about it. It was an obsession. It bordered on unhealthy. Or maybe it was unhealthy.

In high school, if you’d offered me a choice between a date with the best-looking girl in the school or a new Amiga 1200 or 3000, I might very well have taken the computer. Sure, I was interested in girls, but the computer wouldn’t break up with me, right?

I bring this up for one reason: If you’re wanting to get into the field for money, find something else to do. Go into sales or something. If you don’t absolutely love this stuff, you won’t last, so there’s no point in wasting your time.

1994: I started my career in sales. When polite company isn’t around, I say I whored myself out for a large consumer electronics chain. That might be a bit more accurate. In a way it was a good move. A lot of IT people my age started their careers the way I did. It’s better than fast food, at least in regards that IT recruiters use it as a scouting ground. Work there and do well, and it’s just a matter of time before recruiters will want to talk to you.

What I did right: I started filling in for the store’s technician, who frequently had problems showing up for work.

What I’d do differently: First, I’d find out who the best salesperson was, and really learn how to sell. I’ve worked with IT management people who couldn’t figure out how to make their computer play solitaire, but they know a little bit about selling, so their jobs are safe, even though they had no qualifications.

The other thing I’d do differently is to get A+ certification. It’s not strictly necessary to get a better job, but it opens more doors. A lot of jobs require A+ certification just because some idiot in HR (and yes, most of them are idiots) decided it’s a good idea.

1995: I caught a break because I knew both Macintosh and IBM hardware, I knew OS/2, and I had connections at the journalism school at the University of Missouri. A professor mentioned the job opening to me and handed me a phone number. After class I called the number. The guy on the other end asked me what I knew how to do. I told him, he told me he’d pay me $7 an hour, and asked when I could start.

It was supposed to be a temporary gig. But it turned out I knew how to do a lot more than just the grunt work that needed to be done, so they found money to keep me. And when I was about to graduate, they offered me a full-time job.

What I did right: I showed up for work, I did everything they asked me to do, and whenever somebody else was sick and they asked me to try to fill in, I filled in and actually managed to do a decent job.

What I’d do differently: It wasn’t a bad gig, until Yoko Ono came along. Actually she was from Pittsburgh and she was Scottish-American. But the relationship interfered with the job and the job interfered with the relationship. And when something went wrong with one, it messed up the other too. I’d have done well to learn how to separate the two. That’s a lot to ask of someone who’s 23. Now I’m 31 and don’t know how now either. Neither does my 40-year-old boss.

1998: I moved to St. Louis to take another job in IT. This was also the year I re-discovered God and religion. This was a dream job, working for my church. I took a demotion and a pay cut to do it. Of course I didn’t know until I’d already quit my other job that it was a demotion.

I’ll get off track if I talk about it much more than that, so let’s just talk about what went right and wrong.

What I did right: I racked up a lot of impressive statistics and I learned how to do everything they asked me to do. I usually wasn’t happy about it, but I always did as well or better than the person who replaced me. The guy I replaced was a legend and I don’t think anyone would have been able to replace him adequately.

What I did wrong: I shouldn’t have taken the demotion. Not at 23. If you’re married and have kids, I can see taking a demotion so you can work better hours to spend more time with your family. When you’re 23 and single, you can’t waste time climbing a ladder you already climbed once. A banker in Columbia offered me a job as a systems administrator when he found out I knew OS/2. I should have taken it and called St. Louis and told them I wasn’t coming.

This job really went downhill as another relationship was coming to an end too. No need to re-hash that.

I made one other mistake. I won’t elaborate on it. But if you see upper management doing something unethical, LEAVE.

2005: Mercenary time. My first contract was with a very large and very nearly bankrupt cable company. The work wasn’t nearly as interesting or challenging as my previous job, and my coworkers were at either extreme: Some were among the very best people I’d ever worked with, and some of them were just overgrown high school bullies. But it was work, and the pay was fair, which was nice after working for seven years at anywhere from $15,000-$20,000 less than I was worth. Making a double mortgage payment and still having more money left over at the end of the month than I’d had a year before was very nice.

What I did right: I came in, learned quickly, took things seriously, was very professional and very effective.

What I did wrong: I didn’t press in. I did what I was asked, and that was it. That’s what a hired gun does. And the result was I was treated like a hired gun. As soon as the money got tough, I was the first one out the door.

I had coworkers who didn’t want me to learn more about the system. Since they didn’t want to show me, I should have found another way to learn it. And I should have loosened up.

2006: I won’t tell you who I’m working for now, other than to say it’s someone you’ve definitely heard of.

This time, I made an effort to go to lunch with my coworkers. I didn’t do that at the cable company because I was trying to save money. I’d gone without enough money for a couple of months and was deathly afraid of having to do it again. I’m still a tightwad and everyone knows it, but I’m willing to spend $7 to bond with my coworkers once a week. The theory is it’s a lot harder to show the door to someone you like than to someone you barely know.

The other thing I did this time was to steal some responsibility. I volunteer for everything. Sometimes they end up giving it to someone else anyway. But I’m always willing. When people give me some of their old responsibilities, I take them, and I figure out how to do them faster and smarter. After about two months, now my boss is surprised when I do something his way.

My path isn’t the only path. There are two previous bosses I wouldn’t hesitate to work for again. One is a retired U.S. Marine. He went into the Marine Corps as a technician, fixing teletype machines. When teletypes became less important, he moved on to computers. When he retired, he kept on working for the military as a contractor.

Most of my coworkers today took a similar path. Some enjoyed very long careers as defense contractors after their military days came to an end.

That seems to me to be a good route to take if you don’t have a lot of connections. And the upside to the military approach is that you know your job won’t be outsourced to India. That’s a real danger and that danger is going to get a lot bigger before it gets any smaller.

The other previous boss has a degree in psychology. He started working with computers because he found them interesting. I don’t know how he got started in the field, but during the time I worked for him, he was the epitome of connections. He knew everybody, and whenever something goofy came up, he knew how to get in touch with them to get the answer. The result? He’s every bit as entrenched as a tenured professor would be. The difference is there’s no question as to whether that’s a good thing.

Microsoft buys and then discontinues Linux/Unix antivirus products

Dave Farquhar Servers and Networking , , , , ,

First GeCAD, now Sybari.

Microsoft has been buying smaller anti-virus firms and discontinuing their Linux and Unix product lines.

Trust, schmust. When your god is Big Business, that means Big Business can do no wrong, so when you’re the U.S. government, you let companies like Microsoft do whatever they want. The problem is that Unix antivirus products are extremely useful, especially in Microsoft shops. Unix viruses are rare, and the heterogenous nature of Unix–never knowing much about the underlying hardware, binary incompatibilities between various dialects even when running on the same hardware, and never knowing for certain which libraries are installed–creates a hostile environment for viruses anyway.

So what good is a Unix server that detects viruses that can’t survive in Unix anyway? It makes a great buffer between the hostile world and the soft and chewy Windows boxes inside corporate firewalls, that’s what.

I love to put Unix boxes in between the world and mail servers that may be running Windows. Just set it up to relay mail to your Exchange or Domino server, but have it scan the mail first. Better yet, have it running on weird hardware. A slightly elderly Macintosh or Alpha or Sun box works great. Since the Intel x86 instruction set is the most common, most buffer overflows use it. While non-x86 processors aren’t immune to buffer overflows, an overflow using x86 instructions will appear to be gibberish and it won’t run. It’s like telling me a lie in Japanese. You won’t fool me with the lie, because I don’t speak Japanese, so I won’t understand a word you’re saying.

Fortunately, there are still antivirus products for Unix and Linux out there. And once Microsoft establishes its antivirus product, it will be more difficult–I hope–for it to simply continue buying antivirus firms and discontinue their products, since now they would be buying off competitors, rather than just attempting to acquire technology that they don’t have the ability to develop internally.

And even if they do buy and discontinue everything, there’s always ClamAV.

The Microsoft Killer

Dave Farquhar Windows , , ,

Yet another story about what’s going to kill Microsoft popped up on Slashdot today. This time it’s cheap solid-state computers running open-source software. I didn’t bother reading it.

Here’s what I think the Microsoft killer will be: Windows.

Say what?Yeah, Windows.

Computers are cheap enough now that the majority of people who want one have one. Even those who can’t afford to buy new can turn to the used market–used 1 GHz systems are now selling in the $100-$150 range without an operating system.

The biggest problem with a computer these days is keeping it running. People throw away VCRs and DVD players because it’s cheaper to buy a new one than to have one repaired. And had I charged fair market value for the last computer repair I did, it probably would have exceeded the cost of a $399 Emachine.

But there’s a problem. When a VCR or DVD player dies, you unplug the old one, plug in the new one, and get on with life. You’re looking at three or four cable connections. It takes most people less than 10 minutes, usually much less. When you go to swap out a computer, you have to worry about all your data and the programs you installed.

Most people don’t know that 99% of their data is in one place, and even fewer people know where that is and how to get to it. These same people are the ones who are most likely to inadvertently end up with their data in weird places.

The result is the cost to replace a computer is much higher, and it’s not necessarily something the majority of people want to undertake themselves.

The result is lost revenue. And an opportunity.

Google, if you’re the one who wants to unseat Microsoft, find a way to help users move their data from one computer to another. Someone else, if you want to beat Google to the punch, find a way to help users move their data and their programs. I know such a program won’t be foolproof, but if it works even 75% of the time, it’ll sell like crazy.

Of course if someone does it and it proves successful, Microsoft will just clone it and assimilate the market.

But if no one does, maybe Steve Jobs will sell a lot more Macs, because this is one task that’s always been easier on a Macintosh.