« July 2003 | Main | September 2003 »

August 29, 2003

Proud Owner of 15G iPod

Just like that. I think I've entered a new era, the With iPod era.

I had actually been considering getting one ever since Apple announced the first generation iPods, but it just was never right until today. I started to place my order online and then thought about the three Apple stores within driving distance and wondered if they'd give me the academic discount. A quick phone call, a 20-minute drive and I've got the 15G beauty in hand.

I must say one thing about it so far, I have fiddled with the 1st and 2nd generation iPods, but hadn't actually seen a 3rd generation one closely until I opened the box. My heart stopped. It really suprised me how small, light and slick it is. I would have gladly accepted something bigger, heavier and less polished, but then it wouldn't be from Apple, would it?

Alas, I've got work to do and it's charging so not much more than thoughts on how well Apple packages things at this point. Very excited to get it up and running. I'm moving from a Iomega HipZip (now listed on eBay), which is a huge pain for someone who listens to as much music as I do. Have to plan a chunk of the day to organize and copy music onto the disks for my run, walk, drive.

Will make a nice companion for a road trip we're taking with Pete to Acadia next week.

Posted by mike at 2:59 PM

eBay is an Addiction

I've long held the position that eBay is two things, an online auction, and a potential addiction. An addiction for both buyers and sellers. Maybe it's just my personality.


During some of the first times I bid on eBay years ago it became more than buying a certain item, it became beating the other person. Like being at a real auction with someone you hate and don't want to see get that certain item that you want. It still happens, when I want that certain item I bid some amount and then step back and say "It's not worth that much to me, I can get a new one for just a little more" and hope that someone outbids me.


As a seller on eBay I find that if I list one thing I get consumed with finding more and more things to auction off. I go through closets. Part of this is that it feels good to clean things up and get rid of clutter, but it becomes more than that. I find myself checking the auctions constantly to see what kind of progress is being made.

After selling my last item I've gathered at least a dozen other things to get up on auction.

Posted by mike at 9:23 AM

Make $60 in 5 Minutes on eBay

A little over a year ago we got DirecTV, the deal was to get free dish/receiver with 1 year contract. After one year I cancelled.

I've been eyeballing the 15G iPod but didn't have quite enough cash so went through some stuff and found the old DirecTV RCA Receiver. Decided I might as well put it up on eBay, not thinking it would be worth much. I listed it, stepped away from the computer for a minute and when I got back I had an email that the auction had ended with "buy it now".

Dang that was easy.

Posted by mike at 9:09 AM

August 26, 2003

How to Be Nice to Users

During any given week I interact with some number of the staff/faculty/students at Tufts, our users. I do my best to not be the stereotypical tech geek who speaks down to the "stupid" users, but I messed up today. I didn't say anything obviously demeaning, but got some feedback that my intonations were such. I feel bad, trying to figure out how to prevent this.

It happened on a phone conversation with a staff user who is on our site very regularly, who was reporting a somewhat critical problem. I was trying to finish up another item when the call came. Before getting too far into the explanation I inferred the cause of the problem, and proceeded to ask questions and propose solutions in a less friendly tone. The kicker after the whole thing was that it was a configuration problem on our server (my responsibility).

It should be noted that I'm not the help-desk, I get far fewer calls/questions than our user-support people, most of the time when a user gets to me there is either no-one else around or it's a deeper technical question.

So I'm asking myself how I can ensure that I'll be nice to users, even if I'm frustrated, busy, swamped, annoyed, not responsible, in a coding groove, etc. Frequently I've got my head down in an issue when the call/IM/visitor comes and I'm faced with switching gears to respond to something else. There is no telling how many other things factor into my state of mind when the user gets to me; the time-sensitive nature of the current problem I'm tackling, the number of interruptions I've experienced in the day, how frustrated I am with other things (myself included).

Regardless, a few ideas to remember in interacting with users:

Probably a lot more to be added here, but I guess the bottom line is to be friendly, even if the circumstances aren't ideal.

Posted by mike at 4:56 PM

Giving Apple's "Mail" a Chance

For years I've used pine as my primary method for reading, sending mail. I recently needed to do a bunch of filing from my inbox which had gotten out of control (it's now down to 7 messages). From my experience, pine sucks for filing messages. I wanted an easy way to sort the mail and grab large sections of sorted messages to move them to a variety of folders.

Enter Apple's Mail. It was installed on my laptop, and having heard Steve go on and on about how good it is I thought I'd give it a shot.

That was a few weeks ago, and I've continued to use it. Nothing terribly fancy about it. We use spamassassin on the kruckenberg server so am not terribly interested in the junk mail filters (rather have them removed on arrival than when the client checks). It is interesting to fiddle with though. I do like the search, and the ability to quickly file messages (although filing single messages in pine is just as fast). The caching feature is nice too, Mail pulls down a copy of the messages for offline viewing.

The one thing I don't like is when junk messages comes through I'm forced to click on them in order to delete, which potentially sends a request for images to a remote site, which potentially includes my email address, meaning more spam will be on it's way shortly.

We'll see how long this lasts. One thing I liked about pine was that I could get to it from anywhere. And why hasn't anyone written a mail client which checks for the .addressbook file on the server and dynamically includes it into the address book when composing messages? I know Mail can see my .addressbook file, but I'm forced to recreate my contact list.

Posted by mike at 8:35 AM

August 25, 2003

RevolutionOS (the movie)

Recently saw RevolutionOS. Not sure where I was when it came out, seems somewhat familiar.

I enjoyed it quite a bit, enough that I tried to buy it, but found that it doesn't get released until September 16th. Most of the information I'd seen or heard before. The collection of interviews and footage brought the Linux (or shall I say GNU/Linux) story together nicely.

Overall the video seems like a good show for non-technical people who need to be convinced that getting onboard with Linux is a good thing. After watching it I was pretty pumped about getting us to Linux.

Posted by mike at 4:59 PM

August 24, 2003

Fiddling with MT Styles

Fiddling with styles on my weblogs tonight. The more I fiddle with MT the more I wish I had more time to fiddle with it.

Tonight I got rid of some unnecessary margins, changed the fonts and sizes, added categories to the byline of each entry.

Now I notice that some of my subpages don't match the style on the front page, will have to fix that tomorrow.

Posted by mike at 9:23 PM

Buying a Good Old Radio Flyer

My son, Ezra, recently turned one year old. We'd been thinking about getting a wagon for some time (both he and older sister Johanna could use) and decided that this was the right time.

I was delighted to find that you can still buy a good quality, metal Radio Flyer wagon. Not only can you purchase the original style "classic model," they produce an "All-Terrain Wagon" with larger, wider wheels. We decided to get the Big Red Classic ATW, which has a deeper bed, real-air tires (as opposed to solid rubber), and side railings.

The wagon rides quite nicely. We took it to Crane beach, which has soft, deep sand and were able to pull the kids and beach supplies without much difficulty. Also took it through town to a nearby pond, a much smoother ride along the city sidewalks than the classic hard-rubber-wheeled model.

Nice to know that you can still get this kind of quality.

Posted by mike at 8:21 PM

August 23, 2003

Converting from MD to Gatorade

A few years ago I worked for a startup in Cambridge, MA which had it's fair share of ups and downs. A few employees and I developed a tradition, "take a walk," where we would get out of the building and walk the few blocks to Central Square where we could openly discuss the latest news out of earshot.

There was a 7-11 in Central Square, and we would often stop and grab a snack (turned a few folks on to Corn Nuts). I started getting Mountain Dew, and got into this habit of having one on my desk to sip on through the afternoon. That habit has continued, three or four times a week, since back then in 2000.

I've often thought I should quit but for somewhat weak reasons (expensive, soda isn't that good for you, don't like addictions, high calories). Not sure exactly when or how, but one day I decided to grab a Gatorade. MD isn't exactly a thirst-quencher, and perhaps I was feeling somewhat parched. In any case, to my amazement, Gatorade actually sounded like a better choice. I have had Gatorade in the past, but it always seemed more like watered down Kool-Aid. It really felt good going down, and ever since I've found that a much healthier Gatorade is actually more satisfying than 20oz of sugary MD.

Oh, I believe there will still be good occasions for MD, but I'm glad it's not something I'm chained to any longer. Maybe someday I'll get back to just having a nice big glass of water.

Posted by mike at 7:59 PM

August 22, 2003

Tripwire Configured and Running

I've recently gotten my act together and brought our machines up to speed with intrusion detection. Tripwire is installed on the our servers by default (some agreement between Sun and Tripwire), and it appears that as a part of the Jumpstart procedure the initial database is generated, but the tripwire check isn't put into cron, and the machine is in such a bare bones state that the initial database is somewhat pointless.

Not having tripwire running causes unnecessary worrying, so I dedicated a few hours to getting up to speed on the Solaris install of tripwire, creating a new databases for each machine, and setting up the nightly check.

Getting the database updated was easy: tripwire -interactive

The interactive mode is a bit tedious because a lot had changed, but I wanted to make sure I was aware of everything being changed in the database since the original build.

Once that is done I reran tripwire to ensure that it would return OK, then stuck an entry in cron:
tripwire -loosedir -q

The loosedir allows a little more flexibility when checking directories and the q supresses anything but actual mismatches in the database.

The most important step came next, detecting changed in the actual database. Tripwire isn't much good if the database is on the machine in a writable format, in the instance of a compromise the attacker can simply regenerate the database. This requires some extra measures to ensure the database isn't changed. Documents I've read suggest burning the database to CD-R and using the read-only media for checks. Our servers are in another physical location so after any updates we'd have to physically go over and replace the media.

Rather than doing that we opted to copy both the database and a md5 hash onto a local machine, burn that to CD-R and run a nightly check out to each machine that compares the md5 of the database on the server to the md5 on the local CD-R. If the md5 is changed we have the read-only database to put back onto the machine to perform further analysis.

Will see if anything comes up with this arrangement, seems pretty good. Definetely better than not having it running at all.

Posted by mike at 11:22 PM

August 21, 2003

Setting up SSH for Password-less Login

I can't count how many times I've thought about setting up RSA based authentication between our servers to make it easier to move around machines.

The final straw came this past week when changed the way we move code between machines. We had been keeping a local copy on our cvs machine which was getting rsynced to the production machines. We stopped that practice, substituting direct checkout/updates from the various machines.

The setup to use SSH for cvs across the network is simple, exporting two variables:
export CVSROOT=:ext:<username>@<machine name>:<cvsroot>
export CVS_RSH=ssh

The setup to do RSA authentication is fairly straightforward as well:
1. Generate a private-public key pair: ssh-keygen -t dsa
2. Copy the id_dsa.pub key into ~/.ssh/authorized_keys on the remote machine.

Having used ssh between machines for so long without RSA authentication it's hard to get used to ssh, cvs, scp or rsync not prompting for passwords. Is quite nice, could the ease make it less secure?

Posted by mike at 9:22 PM

August 15, 2003

Goodbye Andy

Today was Andy's last day at Tufts. He's moving on to do graduate work in security at Johns Hopkins.

Andy was rightfully labelled a cynic and a paranoid by most of the team, and I think he enjoyed that role. I learned a lot from Andy over the past year. Was thinking of a few things.

Never accept things because "that's just the way it works."

In numerous instances we experienced positive changes in our development due to Andy exploring details of behaviors and recommending a better way. One example is an underlying library that gets called in almost every page in our code. Through improper use of eval blocks, this library was quite good at masking problems with other libraries. For the longest time we operated in an environment where if something would break a person would have to manually go through the libraries (perl -M<library>) to determine which library was at fault. Andy put a stop to this by rewriting the eval blocks and now we enjoy clear, and forthcoming messages if there are problems with included modules.

Security is Serious Business

Andy could always spew off the security expert's worse-case-scenario. He cringed at things like people keeping passwords on sticky notes or in Notepad files on their desktop. He refused to use Tufts centralized authentication (within reason), citing that the more things he had behind one password the worse off we'd be if someone sniffed that password. Andy loved to propose hypothetcal situations like some cracker is listening to your keystrokes with a high-powered microphone and using the sounds of fingers hitting the keys to collect sensitiive data.

Homer's Voice Adds Context

Andy would say technical things using Homer Simpson's voice. Either in a drooling-over-something (soooo cheeeap) moment or in a forcefull moment (grrrrrrrrep it). It always gave a little extra context to the situation when Homer would emerge.

In the interviewing process for Andy's replacement we were trying to match a person's skills with our requirements, but what we really wanted was another Andy. I guess that's a good way to leave, with the employer looking for your duplicate.

Posted by mike at 11:20 PM

USB Cable Costs (almost) as Much as Printer

Apparently I'm somewhat out of touch. I recently had my old Epson Color 800 bite the dust (got twice the mileage I expected out of the old boy), so I started looking around for cheap printers. I used to do a lot of high quality, full-color prints, but nowadays I need very little.

Decided I could get some extra use from a multi-function unit (scans, faxes, prints, copies), and after a small amount of poking around I had a short list of printers in the $100-$150 range, including the Lexmark X75. The next day at BJs (wholesale club) I saw they had the Lexmark X75 for $59, so I put it in my cart. I didn't look closely at the box and discovered when I went to set it up that it didn't have the required USB cable. Seems strange, as that's the only connection it supports.

Figured out today when I swung into Circuit City that the USB cable was $29.99, and that's for the least fancy, non-gold-plated, cable. Granted, Circuit City isn't what I would consider bottom-line pricing.

No wonder Lexmark didn't include the USB cable in the box, would have significantly changed what they could charge for the printer.

Posted by mike at 10:38 PM

August 13, 2003

Passing 2000 Messages in Inbox

Have been quite bad about filing messages for my personal email, current inbox message count is 2098. I have a few rules for automatic filing on mailing lists and alerts, but everything else (except spam that slip through spamassassin) stays in my inbox.

Working on this now . . .

Posted by mike at 9:50 AM

August 12, 2003

Welcome Paul

Today Paul started at Tufts. Exciting news for us at Tufts, Paul brings a good set of Perl and Unix skills, and his personality is hard to beat.

I worked with Paul in the past at Jenzabar, and brought him on board as a consultant every now and then to help with specific projects at Tufts. When we found out that two of our developers were leaving we decided to try to lure Paul into coming to work for us, and it worked. Now it's a little easier to feel good about Andy leaving.

Paul has done quite a bit of work on XML-XSLT-FO-FOP-PDF, thinking together we might submit proposal for a "Transforming XML to PDF" tutorial next year at OSCON.

Posted by mike at 11:35 PM

Tuesday's Perl Hack (replacing text in many files)

At work we are in the process of changing our name from HSDB (Health Sciences Database) to TUSK (Tufts University Sciences Knowledgebase). The first wave is to change the logo and all the text references in the static portions of our site. Later we will be redoing the look of the site and possibly making changes to some of the dynamic data in MySQL.

So with a quick grep in our static pages I can get a list of files that have the word HSDB. The grep has to be careful, because we have Perl modules named HSDB:: as well, replacing that would mean bad things all around.

I found several different recommendations for replacing the text in a file using shell commands which piped data through sed, created new files and then overwrote the existing ones, but the simplest I've found is done with perl:

perl -i -pe 's/HSDB\ /TUSK\ /g'

If I was brave I would create a script that traversed the entire CVS trunk, replacing along the way, but I've decided to do it one directory at a time, so I can at least list the handful of files and verify that the replace is getting done correctly.

Posted by mike at 4:35 PM

August 11, 2003

How Often Does Your OS Crash?

I stumbled into this Wall Street Journal (sign-up required) article while poking around at information about the latest MS security flaw.

Mr. Gates acknowledged today that the company's error reporting service indicated that 5 percent of all Windows-based computers now crash more than twice each day.

How many millions of computers is that? And what's the percentage of computers that are crashing just one time each day.

While I'm at it got quite a chuckle out of some photos over at Windows Crash

Posted by mike at 10:47 PM

Manifestation of the MS RPC Worm

A few weeks back I saw the the Microsoft RPC advsory, got a chuckle and moved on. Heard rumors throughout the day that numerous machines at work had been affected, none in the immediate office.

Got home from work to a message from a friend (Holli) saying her machine was acting strange and to please call. The first few words out of her mouth in reading the message contained "RPC." Her machine was being flooded every ~6 minutes with RPC requests, and shortly after the machine would pop up a series of messages about saving all files before the machine was shut down via RPC. She was quite bewildered by the behavior and wanted to know if I could help figure it out. I hadn't heard any of the manifestations of the worm, was interesting to see exactly what it could do to a machine. Her laptop was being rebooted every 6 minutes it was online.

Unplugging the laptop from the cable modem stopped the problem (obviously). We attempted to get back on the network and download the security patches, but within 60 seconds of being online the RPC requests were flooding the machine again. I brought her machine back to my house to run the updates on my local network behind the firewall. Went off withough a hitch.

I must say, Holli has been a Mac user for years, she's using my old PC laptop. So I guess in a way it's my doing that she's using Windows.

Will close with a quote from Microsoft Security Bulletin MS03-026:

Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on a remote system. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft specific extensions.
Really beginning to understand what Microsoft means when they extend standardized technologies.

Posted by mike at 10:34 PM

August 9, 2003

PowerBook Crashes to the Floor (for the 3rd Time)

Three times now my 12" PowerBook has taken a hit falling from 2-4 feet to the floor. In each instance the PB comes up with another dent/bump/mark/warped panel, but continues to function properly. The casing has protected the laptop internals, but has definitely changed with each fall. I have noticable curves where there shouldn't be.

I guess now is a good time for some of my thoughts on this little machine. Overall the laptop has met/exceeded my expectations. A lot of what I like about it has to do with OS X, but that's for another entry. I had wanted a smaller laptop for awhile so I could work on the same machine everywhere I went, just couldn't find anything in the market that really met my needs. Had thought about the 15" PB, but it would have been bigger than I was hoping for, so bided my time until the 12" PowerBook was announced in January, 2003.

A few things I think really stand out:
1) The screen clarity and brightness are excellent. In many cases I have to dim it down to make it comfortable (working at home, on the plane etc).
2) Battery life is excellent. I can get a good 4.5 hours of work done (dimmed screen, no airport).
3) Dual video display and mirroring is wonderful. I operate in dual-display mode most of the time at work, using the laptop screen and an external 19" Viewsonic VX900. The clarity on the Viewsonic is as good as I've seen anywhere. I use the 19" display primarily for Emacs, Safari and iTerm, nothing moving fast or requiring exceptional rendering.
4) I rarely hear the fan come on, making the machine virtually silent. I keep the PowerBook on an iCurve at work, which must keep it cool enough to never need the fan. Even with it on my lap for 2 hours the fan might come on for 1 minute total.
5) L3 cache was a concern. The 12" has none. I was worried I would notice slowness and be unsatisfied with the speed. I have yet to do something where I though the speed was slower than acceptable. Again, I am primarily coding, browsing and working on remote machines.
6) The speakers are in the back of the laptop, where the screen hinges up. I think this is clever design; the screen drops down as it hinges up, making the screen in the right position to reflect the sound from the speakers out to the user. Nothing like headphones or a good set of speakers, but the best idea I've seen for getting sound out of such tiny speakers.

A few things to improve:
1) The little rubber legs which keep the laptop off the desk fell off shortly after I got the laptop. Have to see if Apple has a suggestion/replacement for that.
2) I need a docking station, so far I haven't seen one.
3) It can get a little toasty when working for hours with laptop on lap. I've never had it "burn" me, but have had to move it around a bit as it became warmer than compfortable.
4) The SuperDrive works well, but inserting and ejecting CDs is not up to Apple's standard. Both on the way in and on the way out the SuperDrive jerks and makes sounds like it's eating or barfing up the media. It scared me at first, because most of Apple's mechanics are smooth and quiet. It gets the job done, but not with any grace.

Overall, after having owned this puppy for 4 months (to the day) I would make the same choice I did back then to get it. Until Apple comes up with a newer model, I'll be sticking with this.

12" PowerBook
867 MHz G4
640MB ram
60G drive
Airport Extreme

Posted by mike at 10:12 PM

August 8, 2003

~One Year with Netflix

A little while back we passed our one-year mark having a membership with Netflix. wc indicates that so far we've rented 114 movies (some of them for friends).

We've always liked to watch movies at home, rarely in a theater. Netflix matches our needs quite well. We enjoy foreign, classic, documentary and b flims along with a regular dose of Hollywood formula films. The two reasons we will continue to use Netflix:

1) Much better selection of movies. We most often know what we want to see, and more often than not can't find it at the video store
2) No wait in line (provided you could find the movie on the shelf). Seems like when we're in the mood for a movie, so is everyone else. The lines at our local rental place are regularly stacked 20 or 30 people deep.

With a warehouse in Worchester, MA, our movie turnaround is 2 or 3 days. Many times the return movie gets to the warehouse and a new one is on it's way the day we drop it in the box.

A happy Netflix customer.

Posted by mike at 12:26 PM

August 7, 2003

Being Out of Touch (Feels Good)

Finally made it back to Boston. I can't remember the last time I've been disconnected for such a long period.

In Idaho we stayed with family who live ~15 miles from the nearest small town, about an hour from Boise. In Idaho when you talk about being an hour from a town you aren't talking about time spent waiting for traffic to get out into a suburb, you're quickly into rural communities and racing away from civilization. On Monday we travelled ~2 hours north and were on stretches of gravel road getting to our campground. Except for people in our group, didn't see another soul for the two days we were there.

Cell coverage was spottty, had it only when travelling around larger cities. Dial-up almost as bad. To complicate things there was one phone line being shared by ~10 people, 7 who were visiting and regularly needing the phone to make arrangements to see people etc.

Of the seven days in Idaho I was online a total of 15 minutes, just long enough to rotate some logs and fire off a quick email. I figured I'd have a chance to be more connected during my 18 hours in Portland, but wedding festivitiies didn't end until 1am, my dial-up session was cut short when I fell asleep at ~2am.

In many ways being disconnected makes for a better vacation. I think I enjoyed Idaho quite a bit purely becuase life seemed simpler (knowing I was unreachable and wouldn't be bothered by problems).

Of course, I feared that the day I got back I'd be inundated with problems, but there was really nothing that went wrong, spent the day catching up on email and finishing up some smaller projects.

Posted by mike at 11:56 AM

August 2, 2003

Having Fun in Idaho

Currently on vacation in Idaho. It's been awhile since I've been here (Heidi, my wife, is from Idaho). Very different from Boston, kind of like city mouse coming to visit country mouse.

Have had quite a bit of fun. Floated the Boise River, raced through the fields on ATVs, and took a trip over to Portland to be with most of my brothers and sisters for my youngest brother's wedding.

Going camping in McCall for three days before flying back to Boston.

Posted by mike at 4:14 AM