The UI is definitely slick, but it definitely has some quirks, some annoying. Some random observations:
Wish list items:
This is an intriguing start, but I can see all kinds of ways to build on it, and hope that Google will continue to improve the product now that it is available to the public (as opposed to services like Google News, which is good, but seems to be basically identical to what it was when the beta went live a couple of years ago). Unlike Google News, the unfinished aspects of this tool are obvious enough and annoying enough that I'm not sure I'd yet be willing to make this my primary tool for searching for this kind of information.
So, anecdotally, it looks like Google's anti-blog-spam campaign may be working. A handful of easy changes to my home blog seems to have helped tremendously:
#!/usr/bin/perl -wT
print "Content-type: text/plain\n\n";
1
sub squash_spammers {
my $agent = $ENV{'HTTP_USER_AGENT'} ||= "";
my $referer = $ENV{'HTTP_REFERER'} ||= "";
if ( ( $agent =~ m/NET CLR 1.1.4322/ ) ||
( $referer =~ m@\.info/$@ ) )
{
# print "Content-type: text/plain\n\nsorry\n";
die "Sorry, this is a spam-free zone. $!";
}
return;
}
This is now called in the eval block that does the rest of the work for the comment script, so attempts to spam me automatically fail. If I need to add more criteria, I can hook them in as needed, but these two rules seem to have caught everything so far.
Since making these changes, things have gotten much better. I've had no comment spam this week (usually, a handful makes it past the comment spam plugin), and more strikingly, the amount of referer traffic -- requests for random URLs with referer fields like "http://buy-zanax-online.best-buy-site-4u.info" -- has almost, if not quite entirely, disappeared. This is wonderful.
We'll see how well it's working a month from now though
So, out of curiosity, has anyone seen the guts of a Mini-mac yet ? The pictures I've seen on Apple's site -- particularly one of the motherboard and one with the cover removed -- give you some ideas -- compact motherboard, RAM on one side, skinny optical drive on top, mini-speaker in front -- but I'm curious about the hard drive: did they actually jam a full sized IDE drive in there, or is it a compact laptop model or a super-compact iPod one?
Some of the rumor sites were paying slavish attention to the deals Apple was making for bulk purchases of minature hard drives from Asian manufacturers. All of this speculation centered around the possibilities for new iPod models, but it occurs to me that at least some of those drives are probably going into the new Mac as well.
So -- has anyone had a chance to get pictures of a disassembly of a mini Mac yet ?
My wife's company would like to transfer her to an office in their Swiss office in Lucerne / Luzern, but she's got baggage -- me.
So, they're willing to sponsor her, take care of her visa & other paperwork, help set her/us up with an apartment, and bring her over for a couple of year, while she learns how the European side of her company works and she gradually makes her way up the management ladder.
Meanwhile, I'll have to leave my job and basically start over; there's basically no chance that her company's Swiss office would have any IT work (it's all either in the US or outsourced to India). But that's alright, it's an opportunity strongly to be considered, right? But I haven't the slightest idea what the IT market is like in this little, seemingly rural part of the country, and there's so much that needs to be sorted out before going and once we get there.
Maybe it would be easier to just bus tables at a ski resort and take a few years off from IT...
I need to start working on my resume, or CV I guess. European CVs don't bear much resemblance to American resumes, do they? It seems like they're a lot chattier & biographical than the dry list of titles & skills & credentials that is expected over here. Just one more thing to do in the next handful of months....
So Google has finally offered a form of desktop search, but it only works on localhost. This seems reasonable for the average home user, but an obstacle to setting up something even cooler: a slick Google powered local LAN search engine. Think about it: even on a mostly Mac / Linux network, you can set up one Windows box that has Samba mounted your main network shares with the Google software, and through the magic of HTTP reverse proxying, your whole LAN can have a nice Google search interface into your local documentation.
So. The obvious thing to try then is to set up Apache (or Squid, or similar software) running as a reverse proxy on that machine.
The first thing I did when finding out about this tool was to install it on a spare Windows machine with a couple of Samba mounted network drives (I'm hoping that it will index the content of these drives, but I can't tell yet), then set up Apache as a reverse proxy to provide the indexed material as a URL that would be widely accessible on the local LAN.
So far I can't quite get it to work -- I can connect from another computer (a Mac running Safari), but first I get complaints about running the wrong browser, and then I get errors about invalid URLs that apparently aren't being passed through. Still though, it seems certain that this should be doable, and if it can be done, this would beat the living snot out of the current ht://Dig based search engine we're using.
Google is right to make this tool inaccessible from non-localhost access -- the average home user does not need to have the contents of their hard drive set up with an easy to browse, globally accessible search interface. And I can see where Google wouldn't want this to work on LANs either -- it would cut into their business of selling search appliances. But come on, this is right on the cusp of working as it is, and it's only in beta. If Google doesn't provide a way to turn on access for local (e.g. 192.168.x.x) addresses, I'm sure that Apache or something like it can be configured to do this.
I think I've found a bug. I'm not sure if it's an ARD bug, a Fink bug,
or something else, but I definitely triggered some unwanted results.
I used ARD2 to install Fink (the 0.6.2 installer package) on two remote
machines, neither of which had a currently logged in user.
When installing Fink locally, one of the last steps is to invoke a shell
script that sets up basic environment information for your account -- it
adds
will launch for this. I'm not sure how or why Terminal gets launched
when it seems like it should just be able to run silently & detached,
but no matter; suffice to say that the Fink installer launches Terminal.
The installer was taking a very long time to finish, so I took a walk
around the office to see what was going on with these machines. Here,
roughly, is what I found:
http://devers.homeip.net:8080/images/ard_bug.jpg (204kb)
http://home.comcast.net/~teridon73/ard_bug.pdf (mirror of original, 1.2mb)
The screengrab above was a 1.2mb download from my poor little bandwidth starved computer at home, but then someone offered to mirror it -- thanks! -- and someone else pointed out that a JPEG would be much smaller. Which it is. So the bandwidth issue shouldn't be such a big deal now.
What we have here is a system displaying the normal login screen while
in the background a Terminal instance is running with the root user's
priviliges. Because running Terminal means having a normal menu, I can
also click on the menu items, launch things like Software Update and
System Preferences, and open up new Terminal windows -- with root access
no less -- from which I can run just about anything I please.
For laughs, I launched the Finder & Dock so that I would have something
resembling a normal login session, even though the login window was
still sitting there greedily hogging the middle of the screen.
For more laughs, I used the login window to log in as myself. This
seemed to work, kind of, in that now I had GUI programs running at the
same time, some with my access level (according to the "log out cdevers"
item in the Apple menu) and some with root access (according to the "log
out administrator" item).
If I hadn't manually walked by to see what was going on, I might have
ended up leaving these machines on with unattended root access
overnight. If these machines had been at a remote location, I wouldn't
have necessarily realized what was going on at all -- I didn't even know
it was possible for any user to launch GUI programs from the login
screen, so I'm not sure it would have occurred to me to control the
desktop and see what was going on.
As I say, there are several possible sources of this problem -- ARD,
Fink, something else -- and I'm not sure who to blame. I can't imagine
that this was the intended behavior though, was it ?
This Red vs Blue video is very appropriate.
Why can't I make a simple comment about my probable choice in November and my reasons for making that choice without being insulted by somebody who can't spell? My post is very straightforward. I spell out the choice and the reasons. I don't insult Bush, I don't insult Bush supporters, I don't insult anybody, and still, the debate degenerates into an all-out battle, just like the video.
In fairness, I got a lot of nice responses, too. But still, why can't somebody state his opinion on the internet without being jumped on?
I guess it's just more evidence for how anonymity removes inhibitions.
I just realized today that there is an enormous population of internet-literate people out there who never grew up during the Cold War. An entire collection of slashdot posters who don't remember when the world was divided into East and West. Kids for whom "MAD" and "Nuclear Winter" belong more in the Fantasy section, and who never had to wonder about how these terms might one day apply to their lives.
Of course, that's what happens as time goes on. I was born well after the era of "duck and cover", my favorite memory of the moon landings is The Onion's "coverage", and I don't remember the Soviet invasion of Afghanistan.
Even so, I start to get this feeling that people are forgetting those days. Not that I blame them. There are plenty of things from those times that bear forgetting. It's no coincidence that Charles Stross's "A Colder War", an insane worst-case scenario of the Cold War, is the only short story I've ever read that gave me nightmares.
But there are a lot of good things from that time, too. Among the good things from the Cold War that people are rapidly putting behind them is the whole purpose and reason that we fought a forty-year global struggle and put modern civilization under the constant threat of catastrophic war. Just why were the Russians so reprehensible in the first place? I've known some Russians, even been good friends with some, and they always seemed just fine.
What was the difference between East and West? Of course, this is slashdot, and so you'll never get a simple answer when a complex answer will do. Not that this problem only exists on slashdot. Plenty of people will tell you that it was about ideology, or economic systems, or simply a power struggle between the two great powers of the age. They are probably right, too. But for me, growing up in the 80s, watching movies about people escaping into West Germany and having my Saturday morning cartoons interrupted by live coverage of Tienanmen Square, the difference between East and West always boiled down to freedom.
The word "Freedom" is incredibly vague and flexible. To one person, a slave is free if he willingly made the choice to become a slave. To another person, a person is not free unless he has the right to a telephone. But the Cold War was ultimately a war of freedom, vague or not.
During my childhood, a picture of the East built up in my mind. On that part of the planet, you could be jailed for criticizing the government. Police would break your door down in the night and ransack your house if you were a suspect. The cliched "Papers, please!" The government choosing your job for you. No travel without a permit. No leaving the country at all, unless the government trusted that you would be coming back.
The picture I paint above is probably wrong in many respects. I do not begin to claim that it is accurate, but it is what existed in my mind at the time.
Of course, the West in general and the United States in particular was the exact opposite. The police could not search your home without a warrant. You can feel safe criticizing the government, even the President, in your home, on the street, or even in a nationally-distributed newspaper. If you were stopped by the police, you could refuse to allow them to search you, and they'd have to listen unless they were sure they had a reason that would stand up in court. No permits or papers or anything needed to go from one end of the country to the other. No need to ask anybody's permission before leaving the country. Nobody would follow you around because of your political affiliations. Nobody would tap your phone lines because you liked Russian music. Nobody would rummage through your library records searching for Communist ties. A place where "because I feel like it" was good enough reason to be wandering around somewhere at two in the morning. Innocent until proven guilty.
Just as it happens for everybody, the world became more complicated as I grew older. Black versus white blurs into shades of gray. I learned of McCarthy, of the excesses in Vietnam. I learned that not everybody was an unhappy, oppressed slave in Communist countries. I learned about racial profiling and Big Business, about monopolies and environmental disasters and Syphilis studies.
But even through it all, the US remains a place that strives for freedom. Of course, we don't have perfect freedom, even if such a thing could exist, but we strive for it. It is the entire reason and purpose for this country's existence, even if we do a bad job of it sometimes.
Neal Stephenson puts in nicely in The Diamond Age:
"That we occasionally violate our own stated moral code," Major Napier said, working it through, "does not imply that we are insincere in espousing that code."
"Of course not," Finkle-McGraw said. "It's perfectly obvious, really. No one ever said that it was easy to hew to a strict code of conduct. Really, the difficulties involved-the missteps we make along the way-are what make it interesting. The internal, and eternal, struggle, between our base impulses and the rigorous demands of our own moral system is quintessentially human. It is how we conduct ourselves in that struggle that determines how we may in time be judged by a higher power."
This post is for everybody who's ever questioned the need for anonymity, everybody who's ever stated a preference for catching terrorists over following proper judicial procedure, and everybody who thinks more intrusive airport security is worth it. Many people have forgotten, or never remembered, the fundamentals of what freedom is all about. It's not about being rich, or safe, or cared for. It's not about stifling technology. It's not about prohibiting companies from making their products secure, and it's not about spurning anonymity because it might help child pornographers. It's about being free to speak your mind, run your life, and be without persecution. In the end, it's about not having to justify your own actions just because they're different. In a free society, you don't have to justify your desire not to be identified, your desire to be free from searches, or your desire for privacy.
No one wants other people messing around with their computer when they're away from their desks, but what can you do? It's not practical to log out every time you want to go for a cup of coffee, so many people put a password lock on their screensaver instead.
This is much more convenient, but it has a serious Achilles' heel: if you are in an environment where many people have logins on your computer, such as an office with centralized login (NIS, ActiveDirectory/Kerberos, LDAP, OpenDirectory, NetInfo, etc) where everyone has an account on every computer, then anyone can use their own login to disable your locked session. The only record of this will be an entry in
For a lot of people, this probably defeats the purpose of locking the screen to begin with; until & unless Apple provides a way to change this behavior, it may be wise to avoid the screen saver lock and fully log out of the system whenever you will be away from your computer for a long time (lunch break, overnight, etc).
Addendum:
This may only work for Admin users, which would be a lot less serious than I was thinking at first. I need to test that...
It occurs to me that the recent Safari/Help security issue in OSX could be broader than is being generally portrayed so far.
Consider: the fundamental issue here is that an OSX web browser -- Safari in the original reports, but apparently also Mozilla etc -- is acting as a broker for any URI that the user may come across, delegating the request out to external handler programs. Whether those external programs handle their URIs safely may be an open question.
The problem isn't really that Safari or Help is broken, but that the interaction between them, arising from the URI handling mechanism on OSX, is leading to Unintended Consequences.
OSX can handle many different URI namespaces, some of which seem to be used nowhere other than OSX. I'm having a hard time finding an exhaustive list of the URI protocols that OSX supports, but a partial list includes, in no particular order:
http://
https://
ftp://
mailto://
ssh://
telnet://
aim://
afp://
nfs://
smb://
sherlock://
itms://
daap://
help://
So far, I can think of published vulnerabilities in the telnet:// and now help:// protocols, but is that the end of it, or is the whole framework vulnerable to these sorts of attacks?
I have a hunch that we're just seeing the thin edge of the wedge...
Addendum:
A version of this story was picked up on Slashdot's home page.
GarageBand looks okay and all, but they totally dropped the ball on the name. For one thing, they broke then "clever" iName scheme that the rest of the iLife suite uses. For another thing, they missed a chance to get an oblique 80s punk rock reference, which clearly all software should aim for. How could they have fixed this?
Or if they wanted to go for that trendy leetspeek "we meant to mis-spell that, thankyouverymuch", they could have used...
Is it too late to go put new label stickers on the packaging, and to change out the strings in the software? I hope it's not too late...
Joe - Wow, Pretty good Jim Morrison impersonation there.
Rod - Yeah, I hope those guys have a good sense of humor and don't take us to court.
Joe - Uh, what's the court?
Rod - Never mind that,
Joe - Oh, you mean like the People's Court?
Rod - Well, that's another story; the important thing here is you gotta ask me how I'm gonna get down to the shore.
Joe - Uh, how you gonna get down to the shore?
Rod - Funny you should ask, I've got a car now.
Joe - Oh wow, how'd you get a car?
Rod - Oh my parents drove it up here from the Bahamas.
Joe - You're kidding!
Rod - I must be, the Bahamas are islands, okay, the important thing now, is that you ask me what kind of car I have.
Joe - Uh, what kinda car do ya' got?
Rod - I've got a BITCHIN CAMARO!
++++
Yes, this is a repost, but dammit I think it's funny...
Ooh, good line, must share:
"It's not the voting that's democracy, it's the counting."
--Tom Stoppard
"Gravitation cannot be held responsible for people falling in love." -- Albert Einstein