November 2003 Archives

After reporting about the iPod's dirty little secret, I'm pointed by Leslie to the Neistat brothers' dirty little lie. In brief, it appears that Apple has an iPod battery replacement program which costs about $106 (US only, I was not able to find the same program in France or in Europe), and that the Neistat brothers knew it but never amended their show. I already linked in my previous post to a third party where you can DIY for about $50.

MySQL AB has an interesting article about their business model, centered around a dual licensing scheme (emphasis is mine):

Our dual licensing is an open scheme where you, the user or customer, is in the driver's seat. You decide which license is best for you, and you are free to switch from one to the other and to mix the two models. If vendor accountability is important to you, you are likely to become a commercial customer of ours. If free software is important to you, and you are happy to follow the terms of the GPL, then you are likely to become a user of MySQL under the GPL license. Technically, you will get the same software in both cases. It is only the legal implications and the assurance of service that differ.

So if you are technically competent and not surrounded by lawyers, la vie est belle.

MySQL AB calls this a quid pro quo:

Here is the quid pro quo of it. Thanks to our commercial customers, we can afford to develop and improve the product at a fast pace. That means better software and more software for the free software community. And thanks to the huge user community, MySQL undergoes rigorous "battle-testing". We deliver more than 35,000 new product copies to our user community every single day. They are some of the smartest developers around, and they make the MySQL software do tricks others didn't think of. As a result, bugs are fixed and improvements made at a very rapid pace. Consequently, our commercial customers get a highly reliable product where most bugs have already been found and fixed. At the end of the day, all groups involved get back more than they put in, i.e. a fair exchange of value.

It sounds to me that symbiosis is a much better term for describing this exchange.

Some other similar (although not necessarily identical) symbioses:

• PostgreSQL Inc. with PostgreSQL
• JBoss Group with JBoss (you may want to read White (PDF), an article about professional open source by Marc Fleury, founder and CEO of JBoss)
• Zend with PHP
• Zope Corporation with Zope
• Covalent with Apache (plus Tomcat and JBoss, recently)
• Six Apart with Movable Type (note that while MT is neither open source, only as far as one can see and hack the code, nor free software, it benefits from a similar symbiosis with its users community)

I have the intuition that not only is this model sustainable, it will snowball for a cultural reason: the "nobody got fired for choosing Microsoft"-type of IT managers (who replaced their "nobody got fired for choosing IBM" ancestors) is fading.

On a side note, this approach makes me think of Dave Pollard's model of New Collaborative Enterprises (look at the second figure titled "3. A World of Ends").

Oh my! I ruined Peter Rukavina's blogroll (update: he's found a fix since). It's probably the saddest side-effect I've had on the blogosphere so far (but I'm confident I can outperform myself again in the future). Peter, I'm sorry. But you should blame the US ASCII monoculture for that. Don't you think that, in 2003, it's an absolute shame that a character as common as ç can still cause such trouble for most information technologies out there? I share your pain, I can't tell you how many times a day I struggle with registration systems, cookies, etc. that cannot properly swallow my first name. François is my second name :(.

We'll talk about that again around 2010. After a decade spent at exporting all IT jobs to Mumbaï, we'll see if that helps us sort this problem out.

Laptop thief traced down via AOL [source: Slashdot].

Ben Trott has posted a note and a fix to the Movable Type spam vulnerability. This should reduce the incentive a lot, however, as Ben points out, all "email this to a friend" programs are vulnerable to being used by spammers, because they allow the user to specify a To: address and a message body. One thing though, even if you are not using this feature on your MT weblog, you should still patch or, better, remove the mt-send-entry.cgi script.

Gummi gives me a heads up on a highly problematic hole in MT, which basically can turn your blog into an open email relay for spammers. To plug the hole, until Six Apart comes with a permanent fix, you need to do the following as soon as possible:

If you do not use the "send this" feature on your MT weblog:

backup and remove the script named mt-send-entry.cgi or, alternatively, rename it.

If you are using the "send this" feature on your MT weblog but do not want to be exposed:

remove all traces of this feature on your MT templates and rebuild as necessary,

backup and remove the script named mt-send-entry.cgi or, alternatively, rename it.

If you are using the "send this" feature on your MT weblog and want to keep it:

rename the script named mt-send-entry.cgi,

find where this script is called (within your MT templates) and rename as above.

I do NOT recommend this! Simply because if you continue to use this feature, the new name of the script will continue to be exposed on your pages, and the script can still be invoked by spammers.

Other reports:

• Check this thread on the MT forum for more information. See update below.
• Zope news. I do not recommend this modification, as limiting the script to only one email address doesn't prevent a spammer to use a robot to invoke the script one address at a time.

Update: Ben Trott has responded on the 24th:

All,

This is a bug in the MT code that sends mail using sendmail. If you're using SMTP, you are not, I don't think (sic), susceptible to this. The problem is that the code is not doing enough input validation on the From and To fields that are used in the mail message.

The fix will be in the next version of MT, but in the meantime, here's a fix.

1) Open mt-send-entry.cgi in a text editor.

2) Before line 40, add these lines:

CODE

   die "Invalid from or to value"
       if $to =~ /[\r\n]/ || $from =~ /[\r\n]/;

But something tells me that a robot can still use the script to trigger the script one email at a time. Another suggestion is to remove the ability to add custom content to the email, which would then remove the incentive for spammers.

From the Longhorn FAQ:

Longhorn will feature a task-based (or "iterative") interface that goes far beyond the task-based interface found today in Windows XP. Microsoft has been working to move beyond the dated desktop metaphor still used by Mac OS X and Linux;

For a point of view of the drawback of task-based interfaces, see this post on MacMegasite.

Q: But Mac OS X already has a lot of these features. What's the big deal?
A: Apple has implemented some basic desktop composition features in Mac OS X "Panther." But the basic problem with Mac OS X isn't going away: It's a classic desktop operating system that doesn't offer anything in the way of usability advancements over previous desktop operating systems. Today, Windows XP and its task-based interface are far superior to anything in Mac OS X. In the future, Longhorn will further distance Windows from OS X. From a graphical standpoint, there won't be any comparison. As Microsoft revealed at the PDC 2003 conference, Longhorn is far more impressive technically than Panther.

With the most user-friendly desktop Unix out there, I don't see how Apple's Mac OS X is classic and even so it's not a revolution in terms of usability (already pretty excellent by the way), it does offer a few novelties, such as Exposé. And from the same FAQ, we learn that "Longhorn is still due in late 2005", which means it will start to take off somewhere after mid 2006. Panther is available today, and by the time Longhorn hits the streets, Apple will have released new systems.

And, last but not least, Palladium, aka NGSCB, is back (emphasis is mine):

Q: What's with this Palladium stuff I keep hearing about?
A: One of the most exciting aspects of Longhorn is its optional integration with Palladium, Microsoft's technology for realizing its Trustworthy Computing vision. Palladium--now called Next Generation Secure Computing Base (NGSCB)--is basically a secure run-time environment for Windows and other operating systems that allows a coming generation of software applications and services to protect the end user from privacy invasion, outside hacking, spam, and other electronic attacks. Palladium requires special hardware security chips and microprocessors (which will be made by Intel and AMD) and doesn't interfere with the normal operation of the PC. That is, Palladium-based PCs will still operate normally, working with legacy operating systems and applications. But specially-made Palladium applications and services will offer a range of features of functionality not found in the non-Palladium world, and if the initiative is successful, we'll one day be running only Palladium-based software.

I'm not looking forward into this at all! What makes me laugh out loud is this desperate salesman blurb:

Palladium stops spam. Spam will be stopped before it even hits your email inbox. Unsolicited mail that you might actually want to receive will be allowed through if it has credentials that meet your user-defined standards.

Let me doubt of that very, very much. One of the strong drivers for Palladium is a matter of pigopolists life and death, as acknowledged by this (emphasis is mine):

Using Digital Rights Management (DRM) technology, Palladium can be used to securely distribute music, movies, and other intellectual property securely over the Internet. Movie studios and the recording industry could use this technology to let their customers exercise their fair use rights to copy audio CDs and movies, for example.

Except that you can count on them to use this technology to prevent us from exercising our fair use rights, provided those rights still exist by 2006.

According to The Register reporting on e-commerce complaints, the Florida Department of Banking and Finance reports that Nigerian 419 scams are the fifth largest industry in Nigeria, accounting for more than $5 billion in illegal income for scammers.

$5 billion!

Money is as well a measure of credibility as it is of gullibility.

iPod's dirty little secret.

Uh? The Neistat brothers surely know better about painting than searching the Internet for iPod's batteries.

Nice movie, though [Source: Adam Greenfield who has a point, anyway, about the afterservice policies].

Verisign is testing Internationalized Domain Names (IDN), which are domain names, or Web addresses, represented by local language characters. IDNs are available in more than 350 languages. IDN requires a browser plugin, named i-Nav™ which is, as one may guess, only available under Windows at this time, leaving the rest of us outside this new territory extension of domain names. I do hope that when IDN will take off, it won't require any plugin at best, or that they realize that Windows does not (yet) compose 100% of the computers' operating systems out there, as I would hate to register françois.xxx then not being able to access it with my computer of choice. Note that this seems to be an early test, I tried the French registrar listed as an accredited IDN provider, and there is no such thing on their web site! [Via The Register].

OK, I've stopped fighting, it's time for a little treat and the old G3 has served its masters well since 1997. I've ordered a PowerMac G5 (dual 1.8GHz) today through the Apple Store. After my previous bad experience with them, I still cross my fingers, as all my colleagues and friends who have done so have waited months before getting their order, and it's apparently not just a French thing, as shown by Andrew in his diary of a switcher: D-2, D-1, D-day!

I settled on the standard graphic card, since it will always be possible to upgrade it later, should the need arise. Oh, and I got an iPod too, and forgot that I could get it engraved for free. Of course, nobody told me that on the phone althought it's all over the place on the store's home page...

Another logical move for Six Apart, licensing TypePad (here to NIFTY, a Japan ISP). I guess that others are in the pipe, as among the plethora of clueless phone operators who are trying to get their clients use their new expensive "exclusive" (understand brick-walled) MMS service, some may finally understand that a user-friendly weblogging platform that also does moblogging, provides a more attractive glue around the camera phones and data networks.

This would perfectly fit into an episode of Six Feet Under [via Gizmodo].

I'm looking again to replace my 6 year-old PowerMac G3 by a G5, now that I can get one in less than 3 months. I'm wondering which graphic card to buy, the Nvidia GeForce FX 5200, or the ATI Radeon 9600 or 9800 Pro? Nvidia does a terrible job in giving any useful information on their web site, beyond marketing gibberish (their PDFs are heavy scanned images of their glossy paper brochures, unreadable). ATI provides much more useful information, notably what interests me: the resolutions and maximum refresh rates (in Hz) for analog monitor display modes. I'm not interested in those beauty contests like how many zillions frames per second a card can spit out in such or such game, what's important to me (until I get a LCD screen) is how stable the image is on my 21' CRT screen for the kind of work I do on the Mac (DTP/web/photo/video). Unfortunately, the best card seems to be the most expensive one (the 9800), and I've been unable to find that simple refresh rate/resolutions info for Nvidia's cards!

I would greatly appreciate some advice here!

A useful list of CSS design tips by Dave Shea.

[Follow-up: this issue has been fixed on Dec. 5]

SecurityFocus reports that Safari 1.1 is vulnerable to an old Mozilla cookie exploit that was reported about a year ago (perform the test to see by yourself).

The Register has a great piece about the electronic voting debacle in the US. Paper bulletins, anyone?

And while we're at it, PostgreSQL 7.4 was released yesterday.

MySQL AB announces a new entrant in their catalog: MaxDB, a rebranded and enhanced version of SAP DB which introduces stored procedures, triggers and automatic failover among other features not present in the regular MySQL server. Too bad there is no Mac OS X version [via MySQL guru Jeremy Zawodny].

When I used the inkjet printers as raw model for my first-sale entrapment post, I didn't think of this: don't buy new expensive cartridges, just buy a new printer!

At the shop, I found that the kind of cartridge I need costs €60. A few metres away from the cartridge rack they were selling new printers, and I ended up seriously considering not buying a cartridge, but a new Epson printer for only €45 (that is including a set of ink cartridges which cost €47 if bought separately).

Next to it they were selling a cheapo Lexmark printer at €30. I checked the price of its printer cartridge — €35. I was so perplexed that I left the shop without an ink cartridge and without a printer.

So next time you need an ink cartridge, don't buy one. Get a new printer instead. I know this generates an unnecessary amount of garbage, but as long as you can buy printers at prices below those of ink cartridges, it makes no sense to buy cartridges. [via Too Much News]

I have done this before with an electric tooth brush, the tool with three new brushes came cheaper than buying a new set of brushes alone. There are probably many other examples of this kind of teasers around. The consumption society is getting crazier and crazier...

Macromedia unveils Flex (code named Royale), another building block of their Rich Internet Applications strategy. Flex is aimed at programmers and architects, using Flash, XML and a multi-tiered model (presentation with Flash client, a "presentation server" using XML and business logic using ActionScript running within a J2EE or .NET container, data). Watch the presentation of Flex for a better overview.

The presentation server model is very similar to what Lazlo Systems introduced some time ago.

Macromedia also announced that they are joining ECMA, the standard body that looks over ECMAScript, which you may know under various other names such as Javascript, JScript or... ActionScript.

P.S. I spotted that "Flex runs on top of a J2EE Application Server such as Macromedia JRun, IBM Websphere, BEA WebLogic, or Apache Tomcat." I've been teasing Macromedia with Tomcat since they acquired Allaire and it was obviously painful to them, but there are things one can't elude forever :-).

YAOSHE! Yet another old school HTML editor. Works on the Mac but not with Safari.

I missed the first one but BlogTalk returns:

BlogTalk 2.0 is designed to initiate a dialog between bloggers, developers, researchers and others who share, enjoy and analyse the benefits of blogging.  The focus is on weblogs as an expression of a culture based on the exchange of information, ideas and knowledge.  In the spirit of the free exchange of opinions, links and thoughts we wish to engage a wide range of participants from the blogosphere in this discourse.

They are calling for papers. Submission deadline is the 03/17/2004. The conference is supposed to take place beginning of July 2004 in Vienna, Austria.

Jay Allen launches Blam, an anti-weblog-spam effort and Mark Pilgrim replies with an absolutely scary post. The scary thing about Mark's post is that he's not pessimistic nor cynical, he's just realistic.

You're the IT support king, a Mac whore and you love Steve Jobs. This job is just for you. Just don't screw up his computer before he goes on demonstrating the next big thing at a keynote, or else... this will be your job.

In Boone County (Indiana), an electronic-vote software spits out 144,000 votes from only 19,000 registered voters. Even on the worst ballot-stuffing, one couldn't dream of such funny figures.

Paper, envelope, ballot box and enough citizen eye balls to monitor, count and verify. That's all a good democracy needs on election day. And it works even without electricity (ever wonder why there is always a pack of candles in every election bureau in France?) Trust us, Old Europe has more experience than the US on this one ;-).

The USPTO will re-examine the EOLAS patent, dubbed the '906 patent:

"A substantial outcry from a widespread segment of the affected industry has essentially raised a question of patentability with respect to the 906 patent claims," Stephen Kunin, the USPTO's deputy commissioner for patent examination policy, wrote in his order for re-examination. "This creates an extraordinary situation for which a director-ordered examination is an appropriate remedy."

About two weeks ago, Tim Bernes-Lee from W3C asked the USPTO to re-examine this patent, presenting prior art to invalidate it.

Coming as an unfortunate consequence of comment spam, and to set some acceptable rules here, I have added a comment policy to this site. I am sorry for the legal tone, however it is my feeling that this is a necessary part in fighting against weblogs spammers and various annoyances.

Feel free to comment it, appropriately of course.

Today I received another comment spam and, after reporting on this tutorial on how to trace a spammer's address, I decided to write a short tutorial on the same subject, for Mac OS X users.

There is a surge in posts about comment spam, and this vitality is a good sign as long as solutions and advices keep coming quicker and stronger than comment spam itself. Here is a focused tabs dump:

• Adam Kalsey, in his Comment Spam Manifesto, declares war: "You’ve picked a fight with us and it’s a fight you cannot win."
• The same Adam, in Cutting comment spammers off at the knees, explains how he shut down a spammer's ISP account. Don't miss his followup Spam Talk!
• Joseph Duemer has sent an invoice for advertising to a spammer. Brilliant! In litigation-happy America, money is the ultimate weapon, let's expect more of the same. Joseph led me to this wonderful post from Otto, where we see that we can have a good laugh at spammers.
• Up in arms at Stentorian, you'll find tools and advices to track down spammers (Windows-centric but Mac OS X provides all those tools as well). Speaking of tracking weapons, check Sam Spade as well.

There are also some discussion growing about blacklists. Kimbro would like to know if there is a central repository of blacklists. Roland Piquepaille explains why, in his view, blacklists are a bad idea. Ditto Ito ;-) who writes "I know I use a blacklist for my comment filtering. It's a stop-gap measure until someone figures out a better solution."

After I caught yet another comment spam on one entry today, I discovered that there was another spam previously left on the same entry. How that old spam escaped my vigilance got me wondered about the reliability of my current comments email alerts. Many things can get wrong there (the MT script may fail just before sending the email, the email doesn't reach my mailbox, etc.). MT-BlackList is on my to-do list, but the padawan is waiting for the Masters to see if they break their laser sabers with it first.

Despite Roland's story, I have the intuition that a central repository of blacklists would be efficient. I would love to see a system -- with safety barriers to prevent stories like his to happen, or at least be fixed in a timely fashion -- where as soon as a spammer hits one of the vigilantes' weblog, all his further attempts are automatically defeated! Wouldn't it be "Hell Frozen Over" for real?

Might the Microsoft vs. Open Source schism be really more of a political choice than a technical one? Doc Searls forays into some American big parties technological choices:

For what it's worth, the Republican National Committee is running Microsoft IIS on Windows 2000, while the Democratic National Committee is running Apache on Linux.

As of this writing, November 5, 2003, the RNC has an uptime of 4.26 days (maximum of 39.04) and a 90-day moving average of 16.91. The DNC has an uptime of 445.02 days (also the maximum) and a 90-day moving average of 395.38 days.

On a side note, Wes Clark is taking the weblog ride and will leverage supporters weblogs on his own site. Clark's official weblog is using MovableType with Apache on Linux. So are Dean and... W! (But Junior has his site served by IIS on Windows 2000.)

As Doc writes, draw your own conclusions.

Testing TrackBack support in Syncato, a weblog application by Kimbro Staken that one should keep a close eye on. Keep it growing Kimbro!

The buggy form auto-fill feature in Safari has put me in trouble in the past as I reported already. But here is another nasty strike that just happened while I was adding a comment on this site:

As you can see, had I not seen the pre-filled URL, I would have spammed my own weblog! It's a chance I caught it before submitting the form, as normally this information is pre-filled using a cookie. I guess that Safari decided that the URL field had to be filled with the information of the last comment-spam I had deleted before.

If you are using the auto-fill feature in Safari, you'd better double check what it decides to fill in itself!

Update: in the AutoFill Web Forms preferences, I unchecked Other Forms to prevent Safari from filling out anything but personal info and authentication forms. It didn't prevent Safari from continuing to autofill "other forms" as usual (like when I delete a comment spam on MT). I really don't like that.

Some marketing people are really going too far. Now Belkin routers are spamming their users (emphasis is mine):

Uh Clem. a former Belkin wireless router user, was perplexed to find machines on his network redirected to an ad for Belkin's new parental control system, following a software update. [...]

The router would grab a random HTTP connection every eight hours and redirect it to Belkin’s (push) advertised web page.

"It seems the router now supports a parental control and the market droids at Belkin got the bright idea of equipping the router with intrusive nagware," writes Uh Clem. "Of course, I have this strange notion that routers should pass data unmolested by marketeers!"

Me too!

I have implemented Mark Pilgrim's recipe to block spambots and various annoyances that hit this site on a regular basis. I will continue to add more counter-measures in the future, including banning offending IP addresses from accessing anything on my whole domain (I even think of banning an entire block from China, namely 202.108.*, from where all the requests are some variant of spam attacks). This will not be the sheer IP banning from comments, but access denied on any request.

It is a very big hammer to crush flies. And to borrow Mark's words, those that resemble flies from a distance shouldn't come too close. If you are banned from this site and think this is an error, you know how to contact me.

Another Nokia phone explodes in Finland. Nokia recommends using only original batteries:

Using inferior quality standards may lead to these types of incidents occurring. The best way to prevent such incidents is to use only original Nokia enhancements and to buy them from an authorized or other reputable dealer.

We enter a mix-bag of ugly things here which touches other industries, notably the car industry where these problems are well known. Supplies mainly come from the following sources:

1. genuine brand / original equipment manufacturer
2. renowned third-party
3. white brand / unknown third-party
4. black market / counterfeit supplies wearing original brand

Defective supplies are a real -- and sometimes deadly -- problem, as the explosive batteries illustrate. Whether the defective batteries came from a known supplier or were counterfeit is not said anywhere I looked -- although the legal tone Nokia uses in the above press release suggests the latter -- nevertheless it gives to Nokia a perfect argument to persuade people to stick with its brand at all times.

This is not necessarily good news for consumers.

In many industries now, business models based on selling quantities of lucrative supplies are multiplying. The trick is to catch you with a product that has a very aggressive price (understand no margin, sold at cost) but which requires you to buy a significant amount of supplies on which the margin is substantial (read 3 to 4 figures). Ink-jet printers are the perfect example where a powerful printer costs less than an average phone and the ink is worth a thousand times more than caviar.

Defective supplies hurt all third-parties but boost the original brands (unless the original brand is selling crap, but we are talking brands here, aren't we?). In the case of Nokia for example, the message that consumers are likely to perceive is "buy Nokia or explode", and even renowned third-parties with good supplies will suffer.

Add to that the efforts that original brands are spending to prevent third-parties from making compatible supplies -- and yet again the ink-jet printer market gives us the perfect example with Lexmark using the DMCA to stop SCC -- and you have too many ingredients for a market without competition.

Counterfeiting must be stopped, there is no doubt about that. Dangerous products must be removed, that's an issue for local authorities. Low quality supplies is a problem for manufacturers. And in a business model based on first-sale entrapment, brands must not be authorized to use whatever trick, like technical locks then the DMCA, to get competitors out of their way. Otherwise, those business models aim at nothing but being small monopolies.

The BBC announces that production is under way on the Tertiary Phase of The Hitchhiker's Guide to the Galaxy, with episodes due to begin airing on Radio 4 in spring 2004.

"Every sci-fi fan wants their old show to be reborn. Fans of Doctor Who have a new series to look forward to, and Thunderbirds fans have a feature film – but Hitchhiker’s Guide fans have both."

Yummy!

More readings:

• Update: The Register's take (I love when I blog something before it appears on El Reg :-)
• The BBC's Hitchhiker's Guide to the Galaxy fan site.
• Douglas Adams "official" site.
• Floor 42, another fan site.
• Google search on Douglas Adams

Note to my friends who tell me (with a slightly jealous voice) that my English writings are too difficult to understand: I have tried to read the Hitchhiker's Guide in English many, many times, and it's frankly too difficult for me to grab all the jokes. I pay my respect to the French translator, who wrote on the back cover of almost every book in the series that he would never do it again and did a terrific job each time! And I mourn Douglas Adams just as every fan.

Apple could move to Intel but is happy with IBM. Where we learn that:

• It's perfectly technically feasible to port Panther to any processor.
• Asked about Microsoft's Windows XP Media Center Edition, Jobs joked that Apple was instead focused on melding the computer with a toaster. "We can do an up-sell for bagels" said Phil Schiller.
• Jobs points to the wide divergence in the way people want to watch television as compared with how they use a computer. "Generally what they want to view on television has to do with turning their mind off," he said. I completely agree with that!
• Don't expect Apple to open the iPod to other music stores, because iTMS is "the Microsoft of music stores".
• "Consumers don't care about 64-bit computing per se," they care about what a computer can do.
• Apple will focus first on existing consumers with older G3 or early G4. Hint: I still have my Desktop G3 (boosted to 315MHz, what a bomb ;-).
• .Mac has seen an 86 to 87% renewal rate (reminder: first year was $49, renewal is $99). To Jobs, that is "unheard of, higher than almost anybody's. We've built ourselves the beginnings of a pretty good Internet services business."
• Before Longhorn (which Jobs compares to Jaguar) hit the streets, Apple will have released several versions of Mac OS.

A tabs dump is when I have so many tabs left open in Safari because I thought I might blog about a page, that I can’t see the new ones opening. Here it is, telegraphic style:

• Wanted! Hackers -- Microsoft to offer $250,000 for the heads of the hackers who released the MSBlast worm and the SoBig viruses.
• Structured Weblogs: first steps by Sébastien Paquet.
• In Why does Open Source suck? Carmeron Purdy explains why he thinks there aren't so many useful projects of any quality.
• Microsoft, still looking to be a major actor in the search engine business, has hired a former CTO of Overture.
• Killing Cancer with a virus.
• G5 cluster secures elite spot for Apple, IBM — "Ironically, [Intel] lost the gigahertz game".
• Beware of silly click-through in Panther.
• California halts E-Vote certification — Meanwhile, Aussies do it right with Open Source! Frankly, some people overseas should try to better understand what republic means (Latin res publica: the public thing.) I would never accept that the slightest thing be hidden during a vote, even if the process has been "certified" outside of my sight. The American Technology Syndrome in its full glory again.
• WPA's Little Secret — "Wi-Fi Protected Access (WPA) has a weakness: poorly chosen short human-readable passphrases can be cracked with a robust dictionary attack offline and without access to the network."
• Is that a small ego war I see here between John and Jon? By the way, John's tag-line makes me think of this one: no sense being pessimistic, we all die anyway.
• Already reported here, but in IBM in, Intel out of Xbox? appears something looking so much as an excuse I was sure it would surface: Microsoft chose the PowerPC to stop people from turning a $200 XBOX into a $600 PC. Ridiculous, now they will be able to turn it into a $1200 PC-equivalent Unix box!
• KDE on 24 — I doubt this particular example is a good one, but the question is nevertheless interesting: if a GPL'd image appears in a video, would it be legal to modify, sell and distribute the episode under the terms of the GPL over the internet?
• Linux Buzz: View from the Trenches: Goodbye SuSE? — Now if Red Hat CEO's father gets a Desktop Linux, he may get it from Novell/IBM ;-)
• The Awkward Conscience of a Nation — "We Americans suffer from an enforced ignorance. We don't know about anything that's happening outside our country. Our stupidity is embarrassing. National Geographic produced a survey which showed that 60 per cent of 18-25 year olds don't know where Great Britain is on a map. And 92 per cent of us don't own a passport." Who needs to be anti-American when we have Michael Moore? ;-)
• Gateway customers' online orders are exposed in public, apparently, as Matt has found out. Not good at all. As rather similar case happened recently at Victoria's secret (although in the latter case, personal details where exposed.)

[Note to self: I hit the limit of my URL scheme with MT, where two entries in the same category can't share the same name.]

At first I thought it was spam and was going to delete it, but this is probably the funniest comment I've received so far on this weblog. Well, Eric, I'm sorry, but do I look like I know anything about pretzels? Ask them instead.

Apache gets a boost in the latest Netcraft survey, now powering 68.60% of the active sites on the Internet.

During 2001 and the first half of 2002 several companies hosting very large numbers of hostnames including Webjump, Namezero, Homestead, register.com and Network Solutions migrated to Microsoft-IIS. Subsequently these businesses have either failed, significantly changed their business model, or reverted to their previous platform, and Microsoft-IIS share is now in line with its long term pre-summer 2001 level of around 20%.

Microsoft's IIS is second with a 23.44% share.

Now would be time to compare the respective amount of junk traffic, currently riddling the Internet on an ongoing basis, generated by attacks trying to exploit, or already exploiting their security holes.

While Red Hat drops its consumer line, Novell buy SuSE Linux for $210M and gets $50M from IBM. Same story, another report from El Reg.

Xbox to Switch to PowerPC:

Microsoft's next-generation Xbox will ditch its Intel chip in favor of the same kind of chip used in Apple's Macs.[...]

For many years, the speculation has been that Apple may migrate to Intel chips to survive. But with the advent of the G5 and a state-of-the-art IBM chip plant in Fishkill, New York, it may be Microsoft that does the migrating.

In a cryptic press release issued on Monday, IBM announced Microsoft's intention to use an IBM chip in the next-generation Xbox, which is expected to debut in early 2005.

Note that no one between IBM and Microsoft is specifically pronouncing the P-word (I can already hear "language!" over at Intel):

The release studiously avoids naming the chip architecture, referring only to "IBM's family of state-of-the-art processors."

However, IBM spokesman Scott Brooks said IBM's "family of processors" are all PowerPCs. He declined to name the architecture specifically, saying IBM had promised Microsoft it would not do so.

Microsoft, switching to a chip co-developed by Apple, IBM and Motorola. That would make them the biggest switcher ever, even before this one. How ironic, indeed!

More reading:
IBM's press release
Microsoft's press release

I received the following email from Red Hat today:

To: xxx
From: Red Hat Network
Subject: Red Hat Linux end-of-life update and transition planning

Dear francois,

Thank you for being a Red Hat Network customer.

This e-mail provides you with important information about the upcoming discontinuation of Red Hat Linux, and resources to assist you with yourmigration to another Red Hat solution.

As previously communicated, Red Hat will discontinue maintenance and errata support for Red Hat Linux 7.1, 7.2, 7.3 and 8.0 as of December 31, 2003. Red Hat will discontinue maintenance and errata support for Red Hat Linux 9 as of April 30, 2004. Red Hat does not plan to release another product in the Red Hat Linux line.

With the recent announcement of Red Hat Enterprise Linux v.3, you'll find migrating to Enterprise Linux appealing. We understand that transitioning to another Red Hat solution requires careful planning and implementation. We have created a migration plan for Red Hat Network customers to help make the transition as simple and seamless as possible. Details: [...]

http://www.redhat.com/solutions/migration/rhl/rhn

Which means that in about 6 months, Red Hat will be out of the consumer (read "Desktop") Linux market, focusing exclusively on the enterprise market, where the money is.

And all that because Red Hat CEO's 90 year-old father doesn't know how to install RH!

Lexmark loses round 2 in DMCA chip case. The Register reports that the US Copyright Office ruled that SCC do not contravene the DMCA.

Previous reports on Lexmark.

As an American living in France, I've been under a lot of pressure the last year. I guess if you listen to all the nay-sayers about France, that makes good sense. The only problem with this is the source of my anxiety. It wasn't the French. No, it was all of the reactionary Americans, both in America and residing in France. All the reactionary fuckers who think that being an American gives them unlimited license to do whatever they chose, whenever they chose, and expect there to be no consequences for their actions. Those are the people that have me stressed.

Glad you feel at home in France, Damelon.

Why understanding who and what’s behind your website can help you to get more out of it

(Note: this article was previously edited and published on Focus, an online magazine by Capgemini, in March 2001, while I was the company corporate webmaster. I'm rescuing it from oblivion as it appears to have been lost after a couple of site redesigns.)

The role of the corporate webmaster is one that did not exist a few years ago, but today most companies have at least one (at last count, one international company supported nearly 200 web positions across its operations). No matter where you are in the world, somewhere near your company website, you should find a webmaster. What he or she does may be a matter of some debate in your organization, but it’s worthwhile trying to find out.

Understanding who and what’s behind your website is the best means you have for ensuring you can get the most out of this vital information economy medium. Quite simply, if you are leading a marketing, sales, or online strategic function in your company and have not yet made a partner of your webmaster, webmonkey, or webster, you are not fully leveraging your web capabilities. And, in the competitive world of the Internet, where companies fight for mind share calculated in clicks per minute, you probably can’t afford not to. Knowing where the webmaster is heading and where he thinks he (and your website) are going can enable you to make the most of the one relationship that keeps you connected to all the partners, prospects, clients, and constituents your business needs.

The evolution of an art form: When the webmaster was the one true Internet king

In the not-so-ancient Internet, it was all about the technology. The webmaster had to know everything from HTML code to network protocols, and belonging to a university or similar institution to get regular access to the network and an account on a server helped. With the propagation of personal computers, some of us can remember having to desperately seek a TCP/IP stack, while others searched for a MacPPP extension that would not crash with that MacTCP one (not speaking of throwing away the old modem in favor of this new 14.4kbps that would do fax too!).

A few forward-thinking designers joined our techie band, but we remained mainly a community of computer geeks – and frankly, we liked it that way. One surely had to have some interest in the nuts and bolts of this stuff to spend an entire year of internship income on a computer (before it was required), and swallow 500-page books on HTML. Designers started to get acquainted to the code while programmers slowly got the point on usability and oddness of yellow and purple text on wooden-textured background.

At some point, the tiny community of webmasters started to realize their potential power. Maybe because technology was key or frightening, or that in most circles only techies were interested in it, but webmasters received full control of this powerful force in most circles. Those who happened to have a few communication skills – like being able to explain what hypertext is to a CEO – became kings in the web realm. Those who were more confident managing a server than talking to a marketing manager, but who knew how to hand-code and properly link two pages together were welcomed too.

So was the old-fashioned webmaster, a technology know-it-all (and the only one who could correct that typo on the home page), the HTML god, the one you would approach for a complete site design, who decided that blinking text, scrolling news tickers, and Java applets were a must. Suddenly everyone had to be on the web and there was only one place to turn.

Falling back to earth with a thud: From owner to operator

A few years later, surrounded by non-technical but more and more web-savvy people, the old-fashioned webmaster had seen enough to know what’s working and what isn’t. But he or she had faded quite a bit into the corporate web fabric.

With the introduction of “drag-n-drop” visual HTML editors, more and more people are able to throw some text and imagery on a page and start a web site. The webmaster (now known in techno circles affectionately as the webmonkey) is scared when he discovers that many of the new webmasters do not have the faintest idea of the underlying code, and have never seen anything else than the latest release of Internet Explorer on Windows.

She feels a bit amused when the newly appointed web marketing manager comes to tell him how cookies, personalization, and one-to-one marketing will change the world. He is bothered becau