Dr. Jerry Pournelle

Email Me

Why not subscribe now?

Chaos Manor Subscribe Now

Useful Link(s)...


Hosting by

Powered by Apache

Computing At Chaos Manor:
May 8, 2007

The User's Column, May 2007
Column 322, part 2
Jerry Pournelle jerryp@jerrypournelle.com
Copyright 2007 Jerry E. Pournelle, Ph.D.

Continued from last week...

Identity Theft

All of my credit card services periodically offer me a credit card protection service, often in the form of what looks like a check only the check can be used only to start the service. I have never been tempted to accept. Lately, though, I hear horror stories about identity theft and the time and effort required to straighten out your life after that happens.

I am bombarded every day with exhortations to subscribe to Identity Theft insurance services, and periodically I am tempted to do that, as making for one less thing to worry about; so I took the opportunity to ask my advisors about it.

The answer I got from Rick Hellewell, security expert, is worth your attention.

Dr. Pournelle:

Regarding your question about identity theft protection or credit card monitoring services: Here's a "do-it-yourself" version:

1. Check your financial (checking, credit) statements when you receive them. Even better, check on-line at least weekly. One indication of impending financial fraud is the appearance of a small transaction you don't recall. The evil credit card thief will put a small charge to make sure the account is active. If that charge is accepted, larger ones will follow. Call your bank (use the number on the printed statement, not on any email you might get) and dispute the charge. Ask for (insist) for a replacement credit card, and change your PIN number.

2. Be very careful about inputting credit card numbers on web pages. Never click on a link in an email or web page that asks you to verify your numbers. Banks already know your PIN number; you don't need to tell them.

3. Get a copy of your credit report. Use the free site here (beware of advertised 'free' sites; they are not free). You can get one free report each year from each of the three credit reporting companies, so do it once every four months. Print it out, and look for suspicious activity. (Other good information on that site, and here.)

4. Invest in a shredder, and then use it. Get a locking mailbox. Remove your name from the bank solicitation lists to reduce those 'free credit card' offers (start here)

5. "Identity Theft Insurance" may not pay for all of your losses, or the time spent fixing things, so check the fine print in the policy.

6. And follow those other 'safe computing practices' I keep harping on. You'll find hints all over the place: Microsoft has a good privacy page, and some hints at my site here.

So, use these tips rather than paying for a service. But if you must spend your money, please email me your checking account information and PIN number.

Regards, Rick Hellewell

All of which is good advice, but there's a problem: I haven't the time or temperament to do all that. I do follow the safe computing practices, and at intervals I get active and have a look at my on line credit; and I do go over every credit card charge because I enter them all into my bookkeeping system when I pay the bills every month. I have a shredder and it gets to eat all the pre-approved credit card letters.

I'm pretty sure that what I do to protect my identity security is a great deal more than most people do, but it falls far short of what is here recommended. I practice fire prevention methods — I used to be a Merit Badge Counselor in Emergency Preparedness as well as a Scoutmaster — but I still have fire insurance on my house. I keep wondering about something similar for identity theft.


Estimates vary on how many computers have been taken over by zombie farmers, but there seem to be millions of them. A zombie computer is one that has been taken over by a virus, and now responds to commands sent from a zombie farmer. These zombies can be used for malicious attacks such as Denial of Services (DOS), in which tens of thousands of the zombies send messages demanding response to the target web site.

We've discussed these before. A typical attack is coupled with a threat to, say, an on-line bookmaking service: pay us or we'll shut you down the morning of the Kentucky Derby.

Security services have quietly developed means of coping with these pests, and that that sort of attack is less common than it used to be, not because the farmers have developed consciences, but because it's getting harder (not impossible, just a bit more difficult) to acquire new zombie, while using one's minions for DOS attacks risks having the zombie detected and thus taken out of your stable.

Meanwhile, spam distribution is profitable, and if the zombie farmer is reasonably careful, there is little risk in using the zombies to do that.

I learn something new every week, this time from Leo Laporte on his radio show Saturday. A caller asked how you might know if your computer has been infected with one or another of the zombification programs. Laporte recommended that you find out just what connections your computer allows.

The command is NETSTAT. Open a command window and type NETSTAT. A list of connections and their port numbers appears. I probably knew that and forgot it.

I also have DU Meter installed on most of my machines. DU Meter creates a small window that shows upload and download traffic on your system. It runs without problems, and if you see traffic you didn't authorize, you can do something about it.


I generally use Firefox rather than Internet Explorer unless I am connecting to Microsoft for updates. Partly that's habit. Firefox had tabbed browsing before Internet Explorer, and once you get used to tabbed browsing it's hard to go back to anything else.

I have lots of memory in all of the machines I use, so I tend to use Firefox as a kind of memo pad: that is, I leave open a lot of Firefox windows. For example, I do most of the work on Inferno on a ThinkPad laptop. It has about 40 tabs open to various information on Sylvia Plath, Albert Camus, Aimee Semple McPherson, and other people who appear in the book, as well as to Dante and some of his contemporaries. There are tabs on Vatican II and the Doctrine of Co-Creation, and other such matters. Every now and then I go through those and eliminate some that have served their purpose. I'd really hate to lose the rest of them.

With Firefox on Windows XP there are settings to restore previous sessions after a crash, or after routine shutdown of the computer. They work. If I have to restart the system, my Firefox tabs are restored.

They're restored in Firefox on XP if the system crashes; but not if I simply shut down Firefox. If I shut down Firefox and restart it, I get the Firefox startup page, and nothing else. Eventually I figured it out. First, the button "Use FireFox's Builtin Restore Function" does nothing so far as I can tell. I leave it checked on, but by itself it does nothing at all. There's a separate box called "Crash Recovery." Turning on that box will in fact restore your tabs after an actual system crash; but if you merely shut down Firefox and restart it, you get only the Firefox Startup Page. However, in that crash recovery box there is a window labeled "When Browser Starts". Set that one to "Show My Windows from last time" and things will finally work. By default that's not set, and since crash recovery does in fact restore the previous windows no matter what that window shows, this isn't obvious, or at least isn't obvious to me.

For reasons I don't understand, managing Firefox in Vista is much more difficult than it is in XP.

Where are all the open source billionaires?

It's an interesting question. In one sense the answer is obvious. Open Source largely gives away what other outfits get rich from selling. A longer discussion is given at this link and I recommend that to everyone.

On Energy in the US

Productivity, energy, and per capita income are directly connected. The United States becomes about 1% more energy efficient per dollar of output per year. I've read those statements in multiple places, but the best presentation I have seen recently is in a slide show done by CalTech chemical engineering prof and nanotube photovoltaics researcher Nathan Lewis:


Start here for his entire and enlightening energy slide show:


Antec Universal Notebook Power Supply

When I carry more than one laptop I generally carry a separate power adapter for each. I'm not sure why, because I seldom use more than one computer at the same time.

I now have the Antec Universal Notebook Power Supply, which will deliver 15, 16, 18, 19, 21, and 24 Volts. There are separate tips for most makes of laptop including Compaq, Dell, HP, IBM, Lenovo, Sony and Toshiba. It doesn't come with a leatherette or other composition bag for the tips, so you'll have to use a Ziploc bag if you want to carry them all. I've decided I will; even if I carry the regular power supply for one of my laptops, it's handy to have a universal power supply that will work for anything I might encounter, and the whole package is no harder to carry than the regular charger.

This works well and is well made.

Porgy and Bess

If you live in Southern California, go see the current LA Opera production of Gershwin's Porgy and Bess. It's worth a trip to LA.

I have seen Porgy and Bess at least five times now, but the first four don't count. Critics have always debated whether this is "really an opera" or a kind of American Musical, and up to now, while I have sided with the "it's opera" school, I have not until now been enthusiastic about it. Now I am. This is opera at its best, a whacking good play, good acting, and great music.

The previous productions I have seen stage Porgy and Bess as a series of set scenes, much like some of the "great music" operas in which the characters move around, strike a pose, and belt out an aria; a sort of concert with scenery and costumes.

No longer. This plays from beginning to end, from the opening lullaby "Summertime" to the ending ensemble, the action never flags. Francesca Zambello has recreated Porgy and Bess, and at last I understand what Gershwin was trying for.

Due to union rules — there are back to back performances — there are two separate casts. We saw the opening night cast with Indira Mahajan and Alfred Walker as the principals and Victor Ryan Robertson as Sportin' Life, and if you have a choice, see that cast. I'll write a full review another time, but for now, I can only say, wow! It's like I never saw this opera before.

Arthur's Knights: Tales of Chivalry

When I went out to Fry's for a Memory Stick for my new Sony pocket camera, I checked over the PC games on sale. I don't usually buy anything, but I had read a good review of Arthur's Knights: Tales of Chivalry from Cyro Interactive Entertainment. I have read a lot of Arthurian and Celtic history, and from the box (as well as the review I read) this seemed well researched, and it was certainly cheap enough.

I wouldn't know. It installed but would not run at all on my Vista machine. It installed and ran but unplayably on one XP system, and wouldn't install at all on another. The game wants Direct X 7; that won't install either. I may one day set up a virtual machine and try to install Direct X 7 on that, and see what happens, but I probably won't.

Has There Been An "Update" for Outlook 2007?

I usually refer to Outlook as "piggy old Outlook" with good reason; when Outlook decides to go out and bring in the mail, it takes over the whole computer. This means everything: if I have a Word document open and I'm typing in it, all action ceases. I see nothing happen on the screen. Then, after from half a second to a several seconds, what I typed appears, and all is well.

Similarly, if I am trying to cut and past, suddenly there is nothing happening. Trying to drag and drop availeth not. It can be maddening, so much so that I generally do my writing on a different machine, one not running Outlook at all.

Lately, though, it seems to have got worse. The delays are more frequent and longer, making me wonder if there has been some hidden automatic revision to Outlook? I don't suppose there has been.

I really do need to take some time to look into alternatives to Outlook. I will still have to keep Outlook itself, because I tend to store a lot of information in Outlook. Microsoft Desktop Search has built a good index of the Outlook files, and that's very fast; but to open stored mail I have to open Outlook.

I've used Outlook for a long time, and for the most part it works well. I'm used to it. But it sure has got piggy lately.