Hello. Been too busy to keep up with Slashdot lately, but I had to respond to an article linked from a gaming community I belong to.

I've always been proud to call myself a geek, and kinda always assumed that you had to be fairly bright to join the club. Clearly I was wrong.

The goals of Slashdot are noble, but I'm glad I don't have the time to hang around here much, really. There are far too many racist, sexist, and generally idiotic statements made here on a daily basis.

People make fun of Livejournal, but honestly, it makes me squirm much more when I read a huge blithering spiel which treats other groups as cruelly and with as little accurate information as geeks have been in the past, written by someone I would otherwise respect for their 1337 coding skills. It is chilling.

Hearing the same nasty, uninformed treatment of "the other" from, say, a thirteen year old boy who is just learning how to use the internet, is much less apalling.

As geeks, as people who value knowledge and learning, who know what it is like to be on the outside of society - why should we turn around and then make snap judgements of other categories of people, whether those categories are separated by sex, race, nationality, or religion.

It makes me sick.

http://sassamifrass.livejournal.com

The English word virus comes directly from the Latin word Virus. The plural form, in English, is viruses. Here is what Miriam-Webster has for virii , notice that no such word exists in the definitive dictionary of American English. In Latin, there is no plural form. Here is the Wikipedia entry on the subject. Notice that virii isn't even a Latin word, and viri is Latin for men. Unfortunately I don't have access to the Oxford English Dictionary for definitive proof in British English like I do for American English.

With the recent talk about Comcast this and Comcast that, it's probably a pertinent time to remind people that Brian Roberts, CEO of Comcast, controls 33 1/3% of the vote at any shareholders' meeting. This is despite owning less than 1% of shares. From the above link:

In addition to CMCSA and CMCSK, which trade on The NASDAQ Stock Market, Comcast has a Class B Common Stock, which does not trade publicly and is held entirely by BRCC LLC (a limited liability company controlled by Brian L. Roberts, CEO and President of the Company) and two estate planning trusts of Mr. Roberts. The Class B Common Stock constitutes an undilutable 33 1/3% of the voting power of the total voting power of all classes of the Company's Common Stock.

Comcast, by the way, was started by the Roberts family. Just reward for their hard work? Or a flagrant abuse of power?

Why does Comcast needs Disney? They're already as Mickey Mouse a company as you can get.

So we all know Michael rants like a small kid. Par for the course from Slashdot "editors", really. But isn't he the slightest bit embarrassed (given that he wants nothing so much as to be a journalist) by his continued inability to interpret a story correctly or perform elementary fact-checking?
 

Got Tru64 Unix? It's vulnerable (SSH and IPsec) and /. doesn't want you to know about it.

Okay, so we know that complaining about story submissions is just going to get modded down (usually), and, fair enough, it happens, nothing personal. But I'm really curious as to why this one got rejected. Inside of 5 minutes -- that's a pretty quick dismissal.

2004-01-16 19:10:55 Critical HP Tru64 Unix security holes patched (articles,news) (rejected)

If you want to read it, it's here. What's up? HP has had to patch two vulnerabilities -- one in SSH, one in IPsec -- in Tru64 Unix. It's almost refreshing to see a non-Microsoft security nasty, I would've thought -- and it's also rather embarrassing for HP. Oh yeah...and potentially dangerous for anyone running Tru64 Unix.

Maybe someone else submitted it -- we'll see. Or maybe it's just considered not important enough, given the phasing out of Alpha. But given the delight with which any MS security flaws are greeted, I would've hoped this would at least make some sort of ripple. After all, it's not like there's a double standard or anything, is it?

Anyone who feels particularly bored and chooses to ramble through my postings sometime will see that I have a wee problem with MS-bashers without cause. Is NT or W2K perfect? Of course not. But to suggest they're impossible to configure to stay up is just plain ludicrous.

Whenever I read some poster suggesting this, I inevitably react with a biting reply. It really does annoy me, I'm afraid, not because these people should know better (the rather poor quality of most of these posts betrays that notion), but because they inevitably get modded up as +4 Informative or +5 Interesting when it's simply unsustainable nonsense.

There are machine shops who run NT 3.5 controllers that have uptimes counted in the years, not a paltry couple of months or so. But how about some hard figures? I currently have a NT 4.0 file server that is literally accessed 24 x 7 x 365 by several hundred people simultaneously, as well as running a licensing dongle for development software. As I write this morning -- 8 September 2003 -- the uptime is:

656 days, 11 hours, 42 minutes, 49 seconds

No, it's not on the Internet and therefore not vulnerable to attacks. Yes, I've performed some maintenance on it (had to change the IP addressing just a few weeks ago). Guess what -- despite popular opinion to the contrary, there are a number of maintenance operations which don't require reboots.

Now then...who wants to talk?

=================================

UPDATE 16 DECEMBER 2003

Yep, still going. Now at:

755 days, 20 hours, 38 minutes, 20 seconds

Not too terriby shabby, is it?

A week or so ago, there was an article about InTuit'd TurboTax using DRM to write to the Boot Sector of the disk. I wrote their PR contact an email asking for their position on the matter. I've posted their reponse as a reply to the thread, and am posting it here as well.

Hello Mr. Georgeson,

First off I would like to sincerely thank you for coming to us and getting our side of the story instead of just making a decision from the horror stories that are out on the internet. Below I will give you some information that will shed light on said subject and if you feel that you must go else where for your tax software, then by all means do so. At least you will be one of the few who can say, I've heard "argument A" and I've heard "argument B" and my decision is.... You know what I mean? We at Intuit Inc totally believe in that the customer MUST do what he or she feels is right. As everyone knows, this is the first time ever that we have required a Product Activation and from listening to our customers, we are already working on a better way to enforce Product Activation instead of the way that is currently used. So we do listen to everyone and we do what we think is best for Intuit Inc and all of our customers. Please let me know if you have any further questions or comments or even ideas.

Don

Executive Response Team

Intuit, Inc.

Don_Support@intuit.com

The Macrovision SafeCast technology being used this year by TurboTax to enable product activation does write a small amount of data to an area of the first track of the hard disk that is not used by the Windows file system, as do a number of other programs and utilities. This data, which contains no personally identifiable information, provides a way for TurboTax to tell that it has already been successfully activated on a particular computer. It is placed in this area so that if a customer's license data becomes corrupted or is accidentally deleted, reactivation can happen automatically in most cases. SafeCast does not write to or change the hard disk's Master Boot Record or alter the partition table or other important data.

This technology in no way harms your hard drive or computer. Because we take customer concerns seriously, however, Intuit is already working with Macrovision to explore different solutions for future releases of TurboTax.

Here is a website that gave TurboTax a thorough test. http://www.pctest.com/intuit/index.htm

Again please let me know if you have any other questions.

Is it just me, or is 'cd /var/log; less secure' a rather unintuitive command to run when trying to fix up any security issues?

Merry Christmas (or Happy Holidays to those who find such a reference to Christianity offensive). I'm just relaxing at home with my wife. My little sister got me the coolest thing: a bobble-head doll of Ash (Evil Dead and Army of Darkness). If I had a digital camera I'd put a snapshot on my web site. I was going to get a digital camera, but I think I'll get more use out of a new TV. Mine has to be reset every now and then (the picture size gets messed up, probably cuts off a third of the image overall). Hope everyone is having a good time. Peace.

i think i fully explained myself already.

ok. so I can do `netstat -lntp` as root on linux to see all TCP ports in the LISTEN state and the process that owns them. I thought it'd be cool to write w script to just get the PID of the process owning a particular port. The netstat listing give the PID/process name (ie 23918/java). I think this confuses AWT. `netstat -lntp | grep : | awt -F ' ' {'print $7'}` prints nothing. Printing $1-$6 works fine, it's just $7 that doesn't print, and I think it's because of the /. (no pun intendeg there) So I though "what about SED instead of AWT?" Well truth is I don't know SED regexps well enough. I tried s/^.* (\d)+\/.*$/$1/ since I think that's what I'd do in perl. But I don't think it liked the parens. Anyhoo. Anyone care to help me out?

Since I've been steadily increasing how frequently I comment, and even have a couple friends/fans (w00t) I figured I start leaving the occasional journal entry too. You know those CDW commercials shot from Fred's point of view as he walks through the halls and people ask stupid questions? I'm Fred (as I'm sure many other readers are). I work at a virtual company, nearly everyone telecommutes. We have a small office with like 4 people and a DSL line. This one guy keeps moving stuff (including the DSL equipment) and then they all call me when it doesn't work. If I had a nickel for every time he's unplugged the DSL modem from the phone jack, I might be able to afford a phone call. Have a good one. ;)

I already have a blog.

The Celestial Grapefruitfishie's Journal