August 2003 Archives
No more postings this week, as we're heading out of town for a bit of vacation before the summer ends. We're off to the Inn of the Seventh Mountain in Bend, Oregon. Haven't been there before, but I'll report back next week.
Mitch Kapor responded in his weblog to an email from me about why he prefers to use POP over IMAP. I responded with some of the reasons IMAP works better for me - so here's my response. The bottom line of course, is that people work differently and have different preferences.
Also of interest on this topic is Terry Gray's 1993 paper (wow, ten years already!) Comparing Two Approaches to Remote Mailbox Access: IMAP vs. POP".
In a speech on Sunday in Edinburgh, Greg Dyke, Director General of BBC, announced that they would make the Beeb's vast archive freely available for digital download for non-commercial purposes, at least for those in the UK. The whole speech is well worth reading for pleasure of seeing a major media figure thoughtfully reflect on the need for the media to act for the social good.
A rare moment of common sense pervailing - A Manhattan judge has thrown out Fox's ridiculous suit against Al Franken for using the phrase "Fair and Balanced" in the title of his book. Newsday has the story here.
About the Blues is reporting here that Sean "Puff Daddy" Combs is going to portray Robert Johnson in an upcoming HBO film. Sheesh...
Not surprisingly, here is Bob Frankston writing about firewalls, with the same opinions as Terry and other Internet thinkers have been opining for a long time now.
After reading this success story about how they switched to using open source software on all their desktops, I may have to start using Ernie Ball strings on my instruments.
Now we've got the sobig-f virus running rampant all over and we're all getting LOTS of email messages from email antivirus scanners complaing "you sent me a virus-infected message." Sheesh... After dealing with the thousand or so email messages in my inbox from yesterday, (and that doesn't include what went into my spam folder or my filtered list folders) I'm about ready to give up on email altogether ... if you really want to talk to me, I'll be glad to give you my instant messenger info...
And now for a total digression - As I've been listening to music lately and spending entirely too much time working, I've been having several bass player fantasies, based on my years of playing music . My current three favorites:
1. Being onstage with the NPG, bass in hand, when Prince says "come on band" in 1+1+1 is three and the spots and color washes hit the stage and the incredible groove starts.
2. Being able to play On Green Dolphin Street with Keith Jarrett and Jack DeJohnette and not totally embarrass myself.
3. Playing You Got to Funkifize with Tower of Power...what more could a bass player ask for?
A couple weeks ago I was wondering whether there were good RSS syndicators that were web-based. Today, while reading comments and following links on Dan Gilmor's article on RSS Hitting Critical Mass, I came across Bloglines, which is a free, and advertising-free, web site that allows users to subscribe to and read RSS feeds. Very cool.
In what sounds like something straight out of a Neal Stephenson or William Gibson book, CNET News reports on a new file-sharing network being run out of the Jenin refugee camp in the West Bank. Some great quotes in the article, like:
"We're in Palestine, in a refugee camp," said Ras Kabir, the service's co-founder. "There aren't too many process servers that are going to be coming into the Jenin refugee camp. We'll welcome them if they do."
and what has got to be one of the most definitive examples of chutzpah seen yet from the RIAA (and that's saying something), Matt Oppenheim, senior vice president of the RIAA, says: [This] is playing on the fears of others, encouraging them to engage in behavior that will get them into a boatload of trouble.
Wow.
Today it is being reported that Microsoft will start to turn on the firewall by default in new systems being shipped with Windows XP.
Jeeze. Finally.
And a relevant quote showing true vision from our leading technology company:
Steve Lipner, Microsoft's director of security strategy, said yesterday that the company had been shipping the software without the full firewall protection turned on because customers had indicated that it was their preferred setting.
"Doing it the way we did was probably the right decision when we shipped XP," he said. "Obviously, times change, and the things we do to protect our customers change."
Hoo-boy.
I found the article When The Glitter Fades by Roz Kaveney to be just a delicious piece of reading. It's a sophisticated, extremely well written and nasty diss of Christopher Hitchens. Check it out.
From the Beeb: People confused by wi-fi jargon. Good quote: If talk of a "wi-fi hotspot" makes you think of someone having trouble with their spouse, then you are not alone.
Thanks to boing-boing for spotting this one.
Well, well, well. With the appearance of the MSBlast worm form of exploit for Microsoft's security compromise (which I've been writing about here for two weeks now) the major news media have finally awoken from their collective slumber and started reporting on the effects this compromise his having. CNET News has a collection of stories, the NY Times reports on it here (requires a login), and the San Jose Mercury News has a story here that is inexplicably bylined from Sweden. Nice to see them catch up.
The CNET coverage includes an piece by Charles Cooper calling Microsoft to task for building insecure software. It's almost a year ago since Terry Gray wrote his 7-Point Plan for Windows Security that, if implemented by Microsoft then, could have alleviated much of this pain.
Lawrence Lessig (Stanford law professor, fearless defender of the people's right to intellectual property, and originator of the Creative Commons) writes an interesting weblog that usually focuses on intellectual property issues. Last month he turned over the weblog for a week to give a guest turn to Democratic presidential candidate Howard Dean, and this week he's done the same with candidate Dennis Kucinich.
No matter what you think of these candidates' particular politics, it's very interesting to see some of the politicos wake up to the use of weblogs as a means of direct two-way communication with a savvy group of the electorate.
The Microsoft RPC security disaster continues to explode all over the net. The latest version of the exploit is a worm that is being labelled the W32/Blaster Worm. It reproduces itself onto machines it finds that are vulnerable and can source a denial-of-service attack against Microsoft's Windows Update site. Sigh. At present this is finally hitting the commercial networks as well as academic sites - all of Comcast (our major cable internet provider) in the Northwest has been down since yesterday, which they attribute to this worm. I saw one estimate that 7% of all the traffic on the Internet 2 backbone yesterday was attributed to this worm - that's HUGE!
When will the madness end?
Thanks to everybody who's posted comments to this weblog! It's cool to know that people are enjoying reading it - I'm certainly finding it interesting to write.
You may or may not know that there's an RSS feed available at http://staff.washington.edu/oren/weblog/index.rdf
If you'd like to be notified by email when new posting are made to the weblog, let me know either by adding a comment to that effect to this post, or directly by email (oren@washington.edu), and I'll put you on the list.
Last week I wrote a little about how the Microsoft Windows RPC-DCOM exploit is a major security event at universities across the US. This event has continued to mushroom, to where it is consuming the efforts of hundreds of computing support staff at our campus alone. We continue to discover hundreds of compromised machines and thousands more remain vulnerable. There is now also beginning to be evidence that there are variants of the exploit that will propagate themselves, in worm fashion, through the net.
I ran into my banjo-playing friend Marcia Peterson at the grocery store on Sunday morning and we had a brief discussion of the relative merits of standard music notation versus tablature, which I got to thinking more about in the few days since.
Tim Bray has yet another interesting article in his ongoing weblog relating how Antacrtica, the company he founded and works at, is abandoning the Flash version of its interface and concentrating instead on dynamic html. Worth a look.
For my librarian colleagues (and for the part of my soul that still identifies as a librarian): This little beauty.
In a past lifetime (1985 - 1994) I worked for a succession of companies that provided online searchable databases, primarily indexes of scientific, medcal, and technical literature. In this pre-web world, professional librarians would use obscure search syntaxes to extract information from these databases on behalf of researchers in their companies or institutions. And they paid a lot of money for the privelege of doing so.
In that time I learned a lot about the workings of full-text search engines and databases, and it's the same basic technology that powers today's internet search powerhouses like Google and Yahoo.
Tim Bray is posting a really good series of articles in his ongoing weblog about how search engines work, some of the problems in the field, etc. I think it would make excellent reading for anyone interested in the topic, better (and easier to read) than any text I've seen to date. If I was teaching in the Information School again this year, I'd definitely assign it.
We here at the UW, and many other major research universities I know of, have been spending massive amounts of time and energy this week dealing with the latest exploits of security holes in Microsoft's Windows operating systems. There have been many computers compromised, and many many more that are still vulnerable. We have been forced to block access to some services at the border of the insititution, breaking access to popular services such as Microsoft Exchange email and calendaring from off campus.
Yet this event has gone virtually unnoticed in the popular press, which has in the past made much bigger deals about much smaller events. Ironically, this is one instance where the press could really help, because the best solution to this problem is for individual computer owners to keep current with the updates and patches coming from Microsoft. If everybody did keep up to date, the magnitude of security problems would be much smaller.
My colleague Dave Dittrich has pointed out that there is finally an AP story on this vulnerability that shows up on the CNN web site.
All About Jazz has an interview with the legendary John Snyder, the founder of Artists House Records and one of the most prolific jazz record producers, who's worked with everyone from Dave Brubeck, to Aretha Franklin, to Sun Ra and Ornette.
It's great to see him thinking soundly about music and file sharing and pricing - it's the first time I've seen someone else talk about how low the prices should actually be for getting songs over the net: "If they had coop[t]ed Napster in the first place and charged ten cents a song, they would be billions of dollars ahead of the game. But instead, they shut it down. So record companies are not rational and they are not too advanced in technology. "
The whole interview is well worth reading.
