Dr. Jerry Pournelle

Email Me


Why not subscribe now?

Chaos Manor Subscribe Now



Useful Link(s)...

JerryPournelle.com


Hosting by
  Bluehost


Powered by Apache

Computing At Chaos Manor:
The Mailbag

Jerry Pournelle jerryp@jerrypournelle.com
www.jerrypournelle.com
Copyright 2007 Jerry E. Pournelle, Ph.D.

December 10, 2007

Begin mail with what could have been a disaster if I hadn't had my Advisor network. Back in the glory days when McGraw Hill owned BYTE, we had a staff of thirty technical editors, some of the best in the business, and I would never have got close to disaster, but this one was a close call.

Read ALL of this section before you do anything, and to not visit any web site here until you have finished reading this section.

This began with a letter from a reader:

Subject: Lenovo just announced XP preloaded on it's T60 series

Jerry,

Lenovo is now selling T60 series with XP preloaded. The story is on the front page of Slashdot.

Phil

That was followed by another:

Subject: Vista SP1

Hey Jerry I just installed Vista SP1 beta, it seems to have improved the performance of my computer. Speed wise and especially network transfers.

Tim

At which point I must have taken leave of my senses. I did a Google search for Vista SP1 and found XXX.YYYYYYYY.ZZZ, which looked official. Sort of. Practically almost. Actually, on closer examination, I can see it has some tell tale signs. Warning: Do Not Visit That Site.

What I wrote, though, was:

However, there is a beta Service Pack 1 for Vista at XXX.YYYYYYYY.ZZZ and that may change things. I haven't yet been able to penetrate the security Microsoft has put around registering: I keep getting "access violation" errors, so I haven't been able to download this and fix it. It may be I can't read their security code in which O and 0 and o are all indistinguishable, and I didn't have enough patience to keep trying in the absence of meaningful error messages. One supposes I will eventually be able to download it, and I'll have a report.

Then I sent the draft out to my Advisors group. In the old days it would have gone to the Byte staff in Peterborough. I was fortunate, over the years, to have some of the best technical editors in the world assigned to work with me, which is one of the main reasons I had a reputation for not making mistakes. How could I, when the best in the business were looking out for me?

Fortunately I still have some of the best in the business looking over my shoulder, and they caught this. Here's what they said.

First Peter Glaskowsky:

My major comment is that that YYYYYYYY website is NOT a Microsoft operation. If you do succeed in downloading anything from there, all it's likely to do is turn your PC into a spambot. You should not mention that site here or anywhere else.

. png

Then Captain Morse:

Good catch, Peter.

YYYYYYYY.ZZZ is a subsite of another, ZZZ.YYYYYYYY.XXX and that is a very, very bad place. You do not want to advertise that site.

I would not trust any files I received from that source, either. I doubt they have much relationship to the real SP-1 package.

Ron Morse

And Rick Hellewell, security expert:

Dr. Pournelle:

Warning, Will Robinson! The "Vista SP1" patch site that you mentioned is NOT an official Microsoft site. The registration for that site shows an owner in Sweden, which is not where you'd expect a Microsoft site to be registered. The email address (which could be spoofed) is not at microsoft.com.

A quick look at the page code shows several 'popunder' advertising blocks (served from Google's Adwords), probably to gain some advertising or click-through revenue. The plethora of advertising (Google Adwords or otherwise) is a big warning sign.

The page code also includes some additional javascript code that tries to set some cookies, probably for further advertising click revenue.

In addition, I believe that Vista SP1 is still in beta, although it may be at the "Release Candidate" level.

Rick's Law: only get updates from official vendor sites. Never get updates from any non-vendor site. Be very suspect of any email warnings or advice to 'click here to get your update'. And make sure your anti-virus is current.

Regards,
Rick Hellewell

Of course the moral of this story is that Rick's Law applies. Always.

The second moral of the story is that just because it looks like an official Windows site, and has the Windows Logo, it may not be an official site. As I said earlier, there were warning signs I should have heeded, but I didn't. I can only plead that it was late at night, and I had deadlines, and I temporarily took leave of my senses.

Fortunately God looks after fools, and I didn't manage to make connection with that site, else I would very likely be writing a column on how to remove malware from a Vista system.

Now, regarding Vista and SP-1:

The official information from Microsoft about Vista SP1 RC from the Vista team blog: link.

Right now, available only to Microsoft Technet subscribers. Will be publicly available next week via the Microsoft Download site. Official final release of SP1 will be 1st quarter 2008.

Remember that it's still in beta, although "Release Candidate". Early adopters are reminded that you can tell who the pioneers are by the arrows in their back.

...Rick...

Service Pack 1 Beta is now available to MSDN subscribers. I have an MSDN subscription, and we'll get the new Vista SP, and I'll report on it when we have some experience with it. That will take a little time: I need to set up an expendable Vista system to test it on.

I very much hope it clears up many of the Vista problems, because some of Vista works very well. My very positive experience with Vista and the JVC Everio camcorder will be in the column.


We have more reports on the Amazon Kindle, most of them very favorable. We continue the discussion.

Subject: Kindle

re: There is a certain esthetic -- a "benefit set" -- that is only experienced when physically rummaging through real books. Looking for titles on shelves, in stacks, in boxes, and noticing books you hadn't been looking for -- or, had been looking for earlier but without luck -- and then flipping through a few books, looking for stories, chapters, etc

The same can be said for the 12" LP record album - complete with photo's of the band, printed lyrics in a typeface large enough to actually read. The unintended consequence of the shift to CD was the loss of Album art, posters, etc.

Since CD's have only music (too small for anything else) there is no reason not to go digital (legal or otherwise).

If the only thing an ebook gives me are the words on a page - then I expect the price to be MUCH less than a paperback. If the price is the same as a paperback then I expect to be able to donate, give, sell the used book to someone else.

The book and music industry may need to adopt a licensing system similar to the photographic industry.

- low price for a limited rights version
- higher price as you need more rights.

The problem is that it's insanely complicated - consumers don't like complicated.

Another option would be the Netflix and Rhapsody model. I pay a set fee per month and I can have X number of books at a time on my reader. The author gets a royalty % of my monthly fee. Amazon has the infrastructure to pull this off.

We live in interesting times.

Jim Coffey

I suspect there will be many marketing models for ebooks. Amazon lost money for the first several years of its existing. Persistence pays...

Incidentally, we find that while Burning Tower (Larry Niven and Jerry Pournelle) is available on Kindle, The Burning City (first book in that series) is not, and our agent is talking to Simon and Schuster. It shouldn't be too long.


Another handheld

Jerry,

Thanks for posting the letter and links regarding the HTC Advantage. I'm glad to see that companies are still experimenting with this form factor, and trying to offer handhelds with better keyboards.

Another handheld with keyboard that has just come out is the Nokia N810 (Engadget link). I haven't seen one yet, but Adam Curry (of MTV and podshow fame) has said some good things about it on his podcast. It is maybe 20% bigger than an iphone, with a larger display and a real slide out keyboard. Might be worthy of a look.

CP, Connecticut

Captain Morse comments

It's not a phone. They advertise VOIP via Skype, but it would be better if there was a cellular telephone inside. Is there a reason it's not a phone?

Even if VOIP works (and I'm not convinced of that) it's yet another phone number to deal with.

At least my cellphone bluetooths to the car so I can use the (mandatory, here) hands-free link and not have to drive around with a blinking blue light in my ear.

Frankly, my biggest interest in all of these gizmos is decrapolating my life...reducing the number of things I have to carry around with me. This is not a step in that direction, but I'll bet it works better than my ancient HP iPaq.

Ron Morse


Subject: Regarding the December 3, 2007 Mailbag:

A reader asked "Is there a set of tools for techs like us to be able to install on PC's we are fixing to kill Trojans, malware, viruses etc."

One thing that can be easily done without any external tools is to run RegEdit and inspect these keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
(also RunOnce for each of the above).

By far the majority of malware installs itself there, and one can see what programs load and from where.

John Morales

Another tool set runs under Linux. The Knoppix distribution will boot and run from a DVD so that it leaves no trace on the system hard drive, but allows access to the files there. One of the books of this month for December is Kyle Rankin's Knoppix Hacks from O'Reilly, which contains a Knoppix DVD and a lot of tools.

Our security expert Rick Hellewell adds:

Dr. Pournelle:

Regarding getting rid of malware: the best way is to copy your data files off to an external hard disk, then restore your factory-image (most name-brand systems have a way to do this), then reinstall all your applications. A big pain, agreed, but the safest method.

I have in my lab a malware-infected computer, mostly adware/spyware stuff. As an excercise, I have spent at least 20 hours trying to rid it of everything. That said, you can recover from the problem with a bit of work.

I'd recommend the (updated) steps on my "Security Dawg" site here.

Regards, Rick Hellewell

Save the data and nuke it from orbit has always been my procedure, and is the only really safe procedure.

Note that if you make periodic time machine backups - I use Norton Save and Restore to do this - you can always scrub the disk and return to a time before the infection, saving your having to reinstall applications. You can do that provided that you make the backup on a separate disk. In my case I always put a second hard drive (I generally set that to X:) in any major system, and back up to that. Norton Save and Restore does this twice a week in the small hours of the morning. Even so, I periodically make a Norton S&R backup onto an external disk. I have one Seagate USB drive that has folders for my two major machines and serves a last resort backup. I have, fortunately, never needed to use it. That reminds me. I haven't done that in a month. Time to do that.


This began with an email:

Subject: Western Digital drive is DRM-crippled for your safety,

Jerry

DRM has gone too far:

Link to the Register article

Well, WD swallowed up my previous favorite HD maker, Maxtor. And now this. With no other US-owned HD-maker (all HD's are made abroad), I guess this means buying HD's from a non-US-owned company.

What other HD makers would you recommend?

Ed

When I posted this in the Advisors conference, the first comment was from Managing Editor Brian Bilbrey:

Well, it was Seagate that acquired Maxtor, not WD. And I still use Seagate drives. So...

.brian

Followed a scant two seconds later by Robert Bruce Thompson:

Actually, Seagate bought Maxtor, and I continue to recommend Seagate drives.

RBT

Peter Glaskowsky added:

Just for the record, this drive has no DRM on it, and it does not interfere with the file transfers of any individual user.

The sole limitation-- which I agree is dumb and ineffective-- is that if one user account puts a media file on the drive, other user accounts can't retrieve it.

. png

All of which confirms the frequently made statement that DRM is far more likely to inconvenience the honest buyer than the evil pirates. But clearly it is not yet time to panic.


Finally, I had problems with Outlook and Windows Desktop Search, and reported them on my web site www.jerrypournelle.com. The full story will be in Part Two of the December column.

Subject: Windows Woes -

Jerry,

You said

>>Outlook has worked for me for a long time, but this failure to be seen by the indexer removes its main attraction. And since Microsoft can "update" my OS any time it wants to, I suspect they did something that broke the desktop search, and I have no idea if they are aware of that.<<

Well, and this is probably the main reason that my primary system is Linux. In the end, I just don't like having big brother in control of my computer. Microsoft seems to believe that the OS belongs to them and has a "bureaucratic, nanny" attitude about doing what's best for me. I have no particular gripe with Windows. It mostly works OK, though when it doesn't work, Microsoft seems to do everything in their power to insure I can't figure out why. But that not withstanding, it mostly works OK.

Linux isn't perfect by any means and has it's problems. But it logs just about everything I do and it does and if something breaks, it's usually not too tough to run down the problem by reviewing the logs. Fixing a problem is usually not very hard.

I recently upgraded from Fedora Core 6 to Fedora 8. It was not the smoothest upgrade I've ever had. The installer seemed to get confused by my video card (an nVidia series 9600) and refused to work, even with very low resolution and using a standard VGA driver. All I got was hash on the screen when I tried to run the xserver. So I fell back to using the text rather than graphic install and everything went fine ... until I tried to run the xserver. Again, trashed video. A bit of spelunking in the logs and I found out that the installer had been unable to delete the previous (an proprietary - from nVidia) video card driver which, it said, was not compatible with the new xorg server and new kernel. So I just dumped the old driver out using the original install program (that, thanks heavens, has an uninstall routine) and installed the new Livna nVidia display and kernel drivers and everything worked fine. Even the xorg.conf configuration file was accurately updated (not a usual thing). The whole experience took about a half hour from the initial xserver failure to full operation again. And mostly because finding the problem was easy.

Anyway, my only real point was, I think the biggest problem I have with Windows is not the quality of the OS (which is generally fine), but their apparent desire to control things and prevent me from doing anything with their OS. I don't mind things that break when I mess up, but I hate it when things break because Microsoft thinks they know better than me.

Randy Powell
Port Orchard, WA

All of which is worth thinking about.